An independent review of Maryland's proposed touch-screen voting system released yesterday found a "high risk of compromise" by malicious outsiders who might want to tamper with election results.
But state officials believe the flaws can be fixed quickly, and are continuing with plans to distribute the machines statewide for the presidential primary election in March.
Officials unveiled selected portions of an evaluation by California-based Science Applications International Corp. of a new $55.6 million voting system the state will install in the coming months, and said they had begun work on the hundreds of steps identified to ensure the security of voting procedures.
"We believe we are fully prepared to roll out the revised Diebold machines," said Gilles W. Burger, chairman of the Maryland State Board of Elections.
The outside evaluation was ordered by Gov. Robert L. Ehrlich Jr., shortly after a team of researchers at the Johns Hopkins University concluded that the software behind Diebold Election Systems' AccuVote-TS voting machines was vulnerable to tampering that could skew election results.
The review released yesterday paints a less-than-flattering picture of how an election would have been run in Maryland had the Hopkins study not drawn attention to problems. Several risks were deemed serious.
While some changes were required of Diebold, many more are to be made by the State Board of Elections. The study found problems not only with the technology behind the electronic machines, but in policies and procedures used by state and local election boards.
"The system, as implemented in policy, procedure and technology, is at high risk of compromise," the report said. "Any computerized voting system implemented using the present set of policies and procedures would require these same mitigations."
State officials believe that the analysis performed on Maryland's system is the most thorough ever conducted, and it was eagerly anticipated by county and state elections supervisors across the country who have fretted about switching to the electronic voting machines in the aftermath of the widely publicized Hopkins report.
One of the Hopkins researchers, Aviel D. Rubin, technical director of the university's Information Security Institute, expressed astonishment that Maryland would proceed with the purchase of the machines after so many problems were uncovered.
"If you commission SAIC to do a study and write a report, and they come back and say that the system is insecure, it would seem to make sense to suspend the plans to use the system until SAIC writes a report saying that it is safe to use them," Rubin said. "It defies logic that Maryland has these plans [to proceed] given what SAIC says about the Diebold machines."
But state Budget Secretary James C. "Chip" DiPaula Jr., who oversaw the review, said the state has little flexibility. Federal and state law requires an upgrade of voting equipment, he said, and federal funds from the Help America Vote Act are being used for the purchase.
The touch-screen system was used last year in Montgomery, Prince George's, Allegany and Dorchester counties, and will now be rolled out in 19 other counties. Baltimore City uses a different electronic system.
Diebold officials said yesterday that the results confirmed that the electronic systems were safe to use.
"After the completion of the SAIC analysis, it's obvious that the security of our system is very, very sound, and voters should feel comfortable using our terminals," said Mark Radke, voting industry director for Diebold Election Systems. "The current version of the product is very solid and accurate."
Diebold has made changes to address concerns, state elections officials said yesterday, including altering the way pass codes are used to access voting machines and encrypting the results sent electronically from polling places to local election board headquarters. The company will absorb the cost of those changes.
The state elections board has also made changes: It has removed the elections management computer server from the agency's network connections. That's because the elections board internal network also provided Internet access, creating a previously unnoticed potential entry point for hackers.
The state board also plans to hire three new staff members, including security and training officials, as recommended by the review. The salaries for personnel will be covered through federal funds, said Jim Pettit, a spokesman for the state elections board.
The evaluation found that the Hopkins study correctly identified security flaws in the computer programming code used by Diebold, but did not account for other election system checks and balances, such as the function of election judges. Also, the touch-screen machines will not be networked together, eliminating another potential for fraud.
"The state of Maryland's procedural controls and general voting environment reduce or eliminate many of the vulnerabilities identified in the Rubin report," the SAIC study said.
While the SAIC report was released yesterday, the study was completed about three weeks ago, and state officials have been meeting with Diebold representatives and others to discuss the results. About 60 pages of 200 were made public.
"Let's talk about security," DiPaula said. "The best security is not to give a road map to people who would do us harm."
But Rubin, the Hopkins professor, questioned the need for secrecy. "If they are planning on fixing the security problems, then there is no need to redact them," he said.