My friend Gunnar Wolf has been tracking the e-voting machines progress in Mexico (and other countries) for quite a while and recently gave a talk about electronic voting in Peru. I share his concerns about using them and I’m completely against their adoption in this or any country.
Recently we just had a very muddy election process in Mexico that is still in dispute (at the time of this writing), and most of it was done with paper ballots (In the new state I’m living in, there were e-voting machines in some places as a trial to test the system). The revolutionary party has had a hard time covering everything up and dealing with all the evidence that is being published everywhere. I can’t imagine how laughable and easy the election rigging process will be if e-voting machines get adopted in this country.
The problem lies with the way the manufacturers want to build and distribute these machines. They want us, the public, to trust them blindly. There is no way for us to analyze the code of the machines to check for vulnerabilities, backdoors or bugs. The linux kernel and many open source applications have been so successful because everyone can contribute and spot bugs and security issues. Why not have all the eyes we can have tracking these machines and their performance? All the current providers of electronic voting machines state that they don’t release their code for review because of patent issues and because “it is safer not to disclose that”. Well, that reminds me of Microsoft’s failed security strategy named “security through obscurity”. All it takes is a curious mind to start poking here and there and will find a way to hack it sooner than later.
Today I found an interesting news report video about electronic voting machines in the US and why Ireland and other countries are ditching them. They also show a brief clip where they show a reporter how easy it is to hack these machines.