A group of Texas voters seeking to stop the use of paperless electronic voting machines reached a dead end on Friday; the Texas Supreme Court ruled that their suits could not proceed without evidence that they have been personally harmed.
Texas has been using direct-recording electronic (DRE) voting machines for more than a decade. In 2006, a coalition of voters led by the Austin NAACP sued to stop Travis County from using the eSlate, a DRE machine made by Austin-based Hart InterCivic. (Hart does offer a printer as an optional component of its system.) The voters claimed the machines were insecure and did not allow meaningful recounts.
Travis County disagreed. In a FAQ on the county’s voting website, officials answered questions about paper trails and security.
Q: Some computer experts claim that there is no way to audit the vote without a paper trail. Does this system have paper backup?
A: This system provides voters with confidence that their vote will be counted as they intended. First, the voting device provides each voter with a summary of all votes, alerting the voter of any skipped races, and allowing the voter to make changes. The voter has visual confirmation that the vote was cast exactly as intended. To ensure the votes are recorded correctly, the system is publicly tested and validated before, during, after each election to ensure that votes are counted and reported as they are cast. There are many security features designed to test procedures, equipment and software. Finally, the system can print out all Cast Vote Records should that be required for a recount.
In other words, the county has foregone a real paper trail, but it can simply print all the vote records in the machine’s memory on slips of paper at a later date. Since the concern in most such cases would be about whether the recorded votes are accurate—not, say, whether the computer was adding them up properly—this feature is largely meaningless. (A real paper trail prints a “receipt” under glass that voters can see before leaving the voting station.)
A lower court rejected the Texas Secretary of State’s request to dismiss the case before trial. But the state’s highest court overturned that ruling. “We cannot say the Secretary’s decision to certify this device violated the voters’ equal protection rights or that the voters can pursue generalized grievances about the lawfulness of her acts,” the Supreme Court wrote.
“Derelict in her duty”
Ars talked to Dan Wallach, a Rice University professor of computer science who served as the plaintiffs’ expert witness. He expressed exasperation at the result. In essence, Wallach said, the Supreme Court has deferred to the judgement of the state legislature and the Secretary of State.
However, he said, “The whole point of the lawsuit is that the Secretary of State has been derelict in her duties.” The ruling leaves Texas voters with limited meaningful remedies when election officials fail to comply with state law. The ruling suggests that the courts will only get involved if voting machine flaws actually disrupt an election and the losing candidate is prepared to challenge the result in court.
That bothers Joseph Lorenzo Hall, a University of California-Berkeley e-voting scholar, who pointed out that the Travis County machines lack a voter-verified paper trail. That means they “don’t keep the type of evidence you’d need to prove these types of harms.” So if a DRE machine did alter the outcome of an election, there might be no way to prove it after the fact.
Wallach is an expert on Travis County’s eSlate machines because he participated in one of the nation’s onlycomprehensive DRE machine security audits in California back in 2007. Wallach says the most serious flaws with the machines arise from their networking capabilities. To tally the votes at the end of the election, the Hart InterCivic’s voting machines are taken to a distribution center where they are connected to an ordinary PC running special vote-counting software.
Wallach said that the PC software had a buffer overflow vulnerability, which meant that a single malicious voting machine could take control of the vote-counting PC. And the PC, in turn, had the power to directly modify the memory of the other voting machines which would later be connected to it. Hence, a malicious party with access to a single voting machine could trigger a viral attack on the voting machines used in dozens of precincts.
Hall pointed to another security flaw. “There’s a port on the back of the machine that will authorize a large number of 4-digit PINs,” he said. Each PIN allows the casting of one vote. So if poll workers weren’t paying close attention, an unscrupulous voter with a small portable device could use this vulnerability to cast a large number of votes.
Friday’s ruling means Wallach won’t get to point these flaws out at trial. “DREs are not perfect. No voting system is,” the high court wrote. It was satisfied that the Texas Secretary of State “made a reasonable, nondiscriminatory choice to certify the eSlate, a decision justified by the State’s important regulatory interests.”
Full Article: Texas Supreme Court: no e-voting paper trail required.