As Elections Near, Officials Challenge Balloting Security

A touch-screen voting machine is demonstrated. State and county election officials are demanding that electronic balloting systems leave a paper trail that can be audited when results are disputed.
A touch-screen voting machine is demonstrated. State and county election officials are demanding that electronic balloting systems leave a paper trail that can be audited when results are disputed. (By Kiichiro Sato -- Associated Press)

Network News

X Profile
View More Activity
By Zachary Goldfarb
Special to The Washington Post
Sunday, January 22, 2006

As the Leon County supervisor of elections, Ion Sancho's job is to make sure voting is free of fraud. But the most brazen effort lately to manipulate election results in this Florida locality was carried out by Sancho himself.

Four times over the past year Sancho told computer specialists to break in to his voting system. And on all four occasions they did, changing results with what the specialists described as relatively unsophisticated hacking techniques. To Sancho, the results showed the vulnerability of voting equipment manufactured by Ohio-based Diebold Election Systems, which is used by Leon County and many other jurisdictions around the country.

Sancho's most recent demonstration was last month. Harri Hursti, a computer security expert from Finland, manipulated the "memory card" that records the votes of ballots run through an optical scanning machine.

Then, in a warehouse a few blocks from his office in downtown Tallahassee, Sancho and seven other people held a referendum. The question on the ballot:

"Can the votes of this Diebold system be hacked using the memory card?"

Two people marked yes on their ballots, and six no. The optical scan machine read the ballots, and the data were transmitted to a final tabulator. The result? Seven yes, one no.

"Was it possible for a disgruntled employee to do this and not have the elections administrator find out?" Sancho asked. "The answer was yes."

Diebold and some officials have criticized Sancho's experiments and said his conclusions about the vulnerability of electronic voting systems are unfounded.

What Sancho did "is analogous to if I gave you the keys to my house and told you when I was gone," said David Bear, a Diebold spokesman. As Bear sees it, Sancho's experiment involved giving hackers "complete unfettered access" to the equipment, something a responsible elections administrator would never allow.

Questions about the security of electronic voting machines have been circulating widely in recent years. But many of the concerns have been dismissed as the fantasies of Internet conspiracy theorists or sore-loser partisans who could not accept that their candidates simply got fewer votes. Critics have not demonstrated that any real elections have had returns altered by the manipulation of electronic voting systems.

But the questions raised by Sancho, who has held his post since 1989, show how the concerns are being taken more seriously among elections professionals.

"While electronic voting systems hold promise for improving the election process," the Government Accountability Office said in a report to Congress last year, there are still pressing concerns about "security and reliability . . . design flaws" and other issues.


CONTINUED     1        >

© 2006 The Washington Post Company

Network News

X My Profile
View More Activity