For more than a decade, Aviel "Avi" Rubin, a professor of computer science at Johns Hopkins University in the US and an e-voting activist, has been a vocal critic of e-voting systems. In 2006, Rubin wrote the book, Brave New Ballot: The Battle to Safeguard Democracy in the Age of Electronic Voting, which heavily criticized e-voting machines for security and reliability shortcomings. Rubin talked with Computerworld about the recent US presidential primary election cycle and his thoughts on e-voting going into the November US elections. The following is an edited version of that interview.
Now that we've finished our presidential primaries, how do you think e-voting went this election season?
E-voting is really dangerous and unpopular with security people, not because of how the election is likely to go in what's perceived, but with the problems that might happen that are not perceived.
For example, if the concern is that the electronic voting machines are going to record votes incorrectly, in a way that might not be noticeable, then you can run an election and say that it appears to have gone fine, but we don't really know. And so, given that I have the concern that we have voting machines that we can't audit and we can't have confidence that they got the answer right, then the answer is, "Well we think it went OK, but we don't really know."
The kinds of problems that we worry about are exactly the kind that don't necessarily have a noticeable manifestation. I do think one of the risks of fully electronic voting is that a small mistake can be magnified in scale all over the place because the touch-screen e-voting machines are all the same, they're all electronic, they all require power, and they all use computer code and a particular set of circumstances that could cause something bad to happen everywhere. I don't usually think it's likely to happen, and in this case, it doesn't appear to have happened. But the concerns of security and auditability are not necessarily things that would leave any incriminating evidence of a potential problem.
E-voting advocates and vendors say that such worries are the stuff of disgruntled conspiracy theorists who can't accept the e-voting systems that we use. How do you respond to those allegations?
I would ask those people if they would be willing to allow their bank accounts to be unauditable. And if they would be willing to forgo monthly statements for their bank accounts that show where the money came in and where it came out and if they would give up on getting any confirmation of their ATM transactions.
In my opinion, votes in this country are just as important as money, but we have the anonymity requirement so we can't get a monthly statement about our votes and who we voted for. So we need to have a system that accommodates the ability to audit to be sure that the machines got the right result.
Can you give me your technical analysis of this election season? Did you see any specific problems that screamed out to you about e-voting technologies and the machines?
I've seen some people in various places on some mailing lists that I'm on talk about various voting machines having totals that were off by one or two that didn't match up, but I haven't seen any kind of technical evidence that raised my concerns specifically.
Can technology companies build systems today that are safe, reliable and secure with the votes cast on them?
Definitely. I've seen designs of voting systems that I'd be happy with. I don't think anything is totally secure. Ultimately, I think the goal is to do the best we can and not be perfect. When you're talking about 100 million votes, all cast pretty much on the same day across the country, there's no dress rehearsal.