• silicon.com
• Management
• CIO Insights

By John Borland, 4 August 2004 08:50

NEWS A new set of polls suggests that high-tech security experts have significantly less confidence in the security and accuracy of e-voting tools than does the public at large.

The polls, taken by the Poneman Institute, separately surveyed ordinary people and a much smaller group of researchers at the recent Defcon computer security conference. The public survey was large enough to be scientific, while the Defcon survey was not, but differences in opinion were large enough to draw some broad conclusions, anyway, the researchers said.

A dominant 81 per cent of security professionals at Defcon said they had "no confidence or little confidence" in the "security and reliability" of e-voting machines, but just 25 per cent of the general public said they had similarly strong reservations, and their main concern was voters' reaction to the machines, not the devices' integrity.

Despite the apparent vote of confidence from the public, Poneman Institute Chief Larry Poneman said policymakers should still be very careful before depending on e-voting systems this fall. Even if ordinary voters aren't terribly worried now, the concerns of security professionals could filter down and ultimately undermine the credibility of election results, or even dissuade people from voting, he said.

"The technology may or may not be good," Poneman said. "But to the extent that people might change their voting patterns based on [their perceptions of] this technology, that could change the outcome."

The security of e-voting has been an increasingly contentious issue over the past year, as electoral policymakers seek to avoid the chaos of the 2000 election in Florida.

Proponents say electronic ballot machines are accurate and are more fair to the disabled and to people facing ballots in an unfamiliar language. Opponents say the machines are inherently insecure, are subject to tampering and hacking, and often do not include a paper record of votes that can be used for recounts or audits.

Although this debate has been hotly fought in courts, legislative chambers and editorial pages for months, the Poneman study found that stories of potential problems with e-voting have made little impact on the public at large.

More than 50 per cent of the security professionals said they would be very worried about the potential of system or programming errors, or attempts to influence the results of an election. Ordinary citizens' biggest fear was of declines in voter turnout due to distrust of the machines.

Indeed, 79 per cent of ordinary citizens said they believed that e-voting machines would be as accurate or more accurate than traditional paper balloting.

Despite the seeming confidence of regular citizens, the deep discomfort of some computer professionals was a bad sign for ultimate confidence in the machines, according to at least one e-voting critic. Harvard-affiliated researcher Rebecca Mercuri said professionals' distrust of the machines could filter down to the general public as more attention is paid to the issue.

"The general perception of voters that their votes may not be counting or that something might be wrong with the election equipment is very important," Mercuri said.

At last week's Black Hat USA 2004 Briefings and Training conference in Las Vegas, Mercuri called on would-be hackers to try to find the flaws in e-voting systems. She pointed to the $10,000 reward offered by e-voting proponent Michael Shamos, a Carnegie Mellon University computer scientist, to anyone who can successfully tamper undetectably with a voting machine.

John Borland writes for CNET News.com