A University of Iowa computer-science professor says high-tech new voting machines won’t solve all the nation’s problems with election. In fact, associate professor Douglas Jones says touch-screen computerized voting comes with its own built-in bugs, some of them huge security holes. Jones has been on the board of security examiners for a decade, looking over voting machines and systems, and says often the makers haven’t thought much about security.The security “key”, like a bankcard’s PIN, was the same for every machine one company made, which he says is like having the same PIN number for every card issued by some bank. He’s also seen software programs that have flaws that would let some hacker “sneak into the system” and tamper with vote counting. Jones says machines should be built with extra safeguards to prevent errors and deliberate tampering. If security really matters, you should have “defense in depth,” assuming a layer will fail or a hacker get through and having another layer of defense there. Jones says with any computer program or computerized machine there should be a series of protective steps to keep it running right. Filter out dishonest people, lock doors, use passwords, and make a system you can trust even if people break through layers of security, the way he says people should make voting machines. Failing to close computer loopholes offers Jones a vision of “wholesale” vote fraud. If you try to “solve everything inside the computer,” you trust all its operations to the people who program it, and experts don’t suggest putting all your eggs in one basket, but having places in the process where outside people can check, and audit the computer. In July, Jones’ team of computer experts published a 24-page report titled “Analysis of an Electronic Voting System.”
