In the comments of my last post, bkwatch reminds me that paper ballots are from from perfect.

I totally agree.

I’m also not against e-voting just on principle. Or against all e-voting. I’m just against insecure electronic voting. Which, based on what I’ve seen, is true of many, if not most, current implementations.

Here’s what I said:

Here”s why I don’t think the risk is overblown. First of all there are only a few manufacturers of voting machines. The problems we see are systemic to those manufacturers and systems. Thus the potential exits for a single attack to potentially work on a massive scale- maybe a number of states. Second, the attacks can be much harder to detect and not require as much collusion as attacks on paper systems. A single technician, programmer, or hacker (for networked systems) can succeed. The normal physical controls we have to reduce election fraud are less effective, or even worthless. There are also availability issues- paper is much more resilient to power outages and system crashes. It’s a lot easier to lose a single memore chip with thousands (or more) votes than a big ballot box with equivalent numbers (which, on occasion, also happens). Thus the scope and scale of the problems is dramatically different. I actually think smart e-voting can improve the electoral process and reduce voter fraud. I”m not against e-voting itself, just many of the current implementations.

Electronic voting can be improved by:

  1. Requiring independent security lab certification. Not a weak certification like Common Criteria, but something more akin to the testing done on gambling machines.
  2. A voter verified paper trail- not something a voter takes home, but something they can visually certify and drop in a ballot box before walking out the door.
  3. Eliminating network connectivity. Except for maybe local networking over physical cabling, but even that might be too risky.

These won’t eliminate fraud, but they’ll reduce it. The potential is even there to build a system more secure than paper.