US jurisdictions using electronic voting systems this November would do well to implement routine post-election auditing and press for open-source software to help ensure fair votes in the future, say e-voting experts at a US conference.
California secretary of state Debra Bowen told the Technology Review EmTech conference that her state's review of touch-screen voting systems, known as DREs (direct-recording electronic), found they all had problems, starting with physical security vulnerabilities. Roughly 30% of voters nationwide are expected to cast their ballots on DREs in November, according to Verified Voting Foundation president Pamela Smith, who joined Bowen and others in a panel discussion. The foundation advocates for paper trails to be used in conjunction with DREs.
Bowen, who has been in the forefront of state officials seeking to ensure that voting machines are secure and accurate, is calling for voting machine vendors to move to open-source software. Currently, the software that runs the systems is proprietary and closely held by the vendors, and nondisclosure agreements prevent the code from being scrutinised for bugs and security flaws more broadly, she says.
Massachusetts Institute of Technology computer science professor Ronald Rivest, however, asked, "Do you have to trust the software?" He suggested that another goal to strive for is software independence, where neither malware nor a bug could change the results of an election. The way to accomplish this is verifiability, and the panelists seemed to agree on the need for election officials to routinely conduct limited but statistically significant post-election audits.