E-Voting Made Scary
UCSB’s Giovanni Vigna Gives Timely Talk on Why Electronic Voting Is Frighteningly Insecure
By Matt Kettmann, The Santa Barbara Independent
Thursday, October 23, 2008
For full story see…
With the big ballot showdown on November 4 looming, a few dozen people on the UC Santa Barbara campus spent their
Thursday, October 23, lunch hour digesting some pretty frightening news: Electronic voting machines — the officially
appointed wave of our democratic future, being touted as safe, sane, and secure — are entirely vulnerable to
election-altering attacks, ranging from the highly technical to the surprisingly simple.
The messenger of doom was Giovanni Vigna, the golden-locked, Italian-born professor who runs UCSB’s Computer Security
Group, which is considered one of the best places on the planet to learn about programming and hacking. Vigna, along
with his mentor Dick Kemmerer and a team of sharp students, were hired in 2007 by the states of California and Ohio to test the security of electronic voting machines. In both cases, the machines — specifically, made by Sequoia Voting
Systems in California and ES in Ohio — failed to stand up to even the most basic physical breaches, such as the unlocking of supposedly secure doors
by using a screwdriver and a finger. The vulnerabilities witnessed from the computer hacking side were even more
startling, showing that just one corrupt voting official or poll worker could, with the right amount of motivation,
infect a state’s entire voting system within seconds by introducing a specially crafted computer virus to entirely
change an election’s result.
Though the results of 2007’s tests came out last year, Vigna’s work has received a recent boost in buzz, certainly
because of the upcoming election, but also due to YouTube videos of the simulated attack methods that went viral. (See
those videos here, or just watch them on this page below.) And with reports this week of election machines in two states
flipping early voters’ choices for president — Barack Obama votes were being cast for John McCain in West Virginia, with
the opposite happening in Tennessee — Vigna’s talk on Thursday was right on time.
“Outsourcing the people who count your votes is not, in my opinion, a good idea,” Vigna told the crowd. “At this point,
all bets are off.”
Vigna’s research has not uncovered any record of bias for one party or the other, just negligence. He believes that the
machines were made hastily to get under a deadline imposed by the Help America Vote Act of 2002, which sought to improve
voting machine reliability after thousands of electronic votes were discounted in the 2000 election. But because they
were made so fast, not enough care was taken to ensure complete security, which is why there are so many ways to
physically attack the system. “It’s really a problem keeping these things physically secure,” said Vigna, adding that
the most important data-holding devices have to pass through many hands, thereby multiplying the chances for someone to
act maliciously. As well, Vigna said, oftentimes these machines are housed overnight in the garages of poll workers,
which aren’t necessarily the safest places to be.
For full story see…