[an error occurred while processing this directive]
<body>
<p class="blueHeaderLarge">WORKSHOP ON DEVELOPING A RESEARCH AGENDA FOR ELECTRONIC 
  VOTING TECHNOLOGIES<br>
</p>
<p class="blueHeaderMedium">September 17-18, 2004</p>
<p><b>Convened by the <a href="http://www.aaas.org">American Association for the 
  Advancement of Science</a> </b></p>
<p><a href="index.shtml">Main</a> | <a href="program.shtml">Program</a> | <a href="participants.shtml">Participants</a> 
  | Synopses </p>
<p class="blueHeaderMedium"><b>William A. Arbaugh </b></p>
<p class="blueHeaderMedium">POSITION STATEMENT</p>
<p></p>
<p>Electronic voting can be the most accurate of any previous voting technology. 
  However, electronic voting can also enable tampering a scale much larger than 
  previous voting methods. If attention is paid to the security and reliability 
  of the system from the beginning, then the former lofty goal can be achieved. 
  If security is viewed as a nuisance and extra cost (as it is now by current 
  voting vendors and many states), then the latter will eventually occur.</p>
<p>Security is something that is easy to claim, difficult to implement, and impossible 
  to prove. Vendors and governments are claiming their system is &quot;secure&quot; 
  even when formal and informal studies indicate significant security problems. 
  Unfortunately, the current federal standards to &quot;weigh&quot; the security 
  of a voting system are vague, and meaning less. As a result, vendors and governments 
  can claim anything since there is no requirement to meet standards of any value. 
  Compounding this problem is the fact that the compliance and certification process 
  is flawed beyond belief. Currently, an &quot;independent&quot; lab funded by 
  the vendor performs the federal compliance testing. The actual tests, and results, 
  conducted are considered proprietary. There is absolutely no public oversight 
  of this process.</p>
<p>Current regulations call for the use of only certified software (even though 
  at least one vendor has admitted to violating the law and using uncertified 
  software in several different jurisdictions). However, there is a major loophole. 
  Commercial software is exempt from testing and certification. This means the 
  vast majority of the software of an electronic voting terminal is uncertified, 
  and likely just like the software you run on your laptop. Except, the voting 
  terminals are running without, in most cases, software updates and any of the 
  basic security protections you use on your computer such as a firewall and anti-virus 
  protection. This significantly reduces the work factor of a potential adversary 
  wishing to manipulate an election.</p>
<p>Effective security requires risk management throughout the life-cycle of a 
  system, and requires robust technology as well as polices. Unfortunately, current 
  electronic voting technology has neither. The technology used is basic and without 
  concern for security, and the policies either flat out wrong, or non-existent. 
  As a result, governments have spent millions of dollars on systems where the 
  soundness can not be determined, and individual voters have no assurances their 
  vote was counted as intended. Joseph Stalin once said &quot;It's not the people 
  who vote that count. It's the people who count the votes&quot;. Unfortunately, 
  right now we MUST trust the electronic voting machines that count the votes 
  to operate correctly even though basic protections are not utilized, and current 
  policies ignore security. Furthermore, there is no independent capability to 
  audit that the electronic voting terminals have been tampered, and no means 
  to perform a recount outside of the potentially corrupt or tampered software 
  and hardware.<br>
</p>
</body>
[an error occurred while processing this directive]