Like hundreds of thousands of other Virginians, I’ve been casting ballots for over a decade using Winvote voting machines. I now have physical proof of how catastrophically insecure those machines are. It’s a tiny key that opens the plastic door hiding the USB port on every Winvote terminal. This keepsake came my way at an eye-opening presentation about voting-machine security at this past Tuesday’s Usenix Security Symposium in Washington. Jeremy Epstein, a security scientist with SRI International, has spent years investigating the weaknesses of these and other electronic voting systems. But even he didn’t know how bad Winvote terminals were untilthis past April. That’s when the Virginia Information Technologies Agency condemned the security of these machines and banned them from the commonwealth. Their only remaining use was, literally, as a lesson to others.
Epstein led off his his talk by asking the audience if any of us would like a Winvote key. (“All the keys are the same for every Winvote that’s ever been made, because that way it’s easier,” he pointed out.) How about one of the smart cards that poll workers used to administer these machines?
I took one of each. He also offered us one of the spare Winvote terminals he had stashed in his car, but I passed on that.