One of the largest concerns of the Oregon Voter’s Rights Coalition is the lack of independent testing and review of the state’s voting systems. When trying to raise their concerns with John Lindback, Oregon’s Director of Elections, he assured the group that he is confident in the voting systems used.
But last Fall, Ohio did something different. Their Secretary of State Jennifer Brunner commissioned Project EVEREST: a comprehensive security review of the electronic voting technology used in her state.
The project contracted several academic teams to examine the election procedures, equipment, and source code used in that state. The aim was to identify any problems that could make elections vulnerable to tampering.
The ten-week project examined in detail the touch-screen, optical scan, and election management technology from e-voting vendors ES&S, Hart InterCivic, and Premier Election Systems (formerly Diebold). Penn led the analysis of the ES&S system source code, which is also used by voters in 42 other U.S. states besides Ohio.
Matt Blaze and Sandy Clark outlined the team's findings at the Hackers on Planet Earth conference earlier this year, where they discovered exploitable security vulnerabilities in almost every hardware and software component of the ES&S systems. Some of these flaws could allow a single malicious voter or poll worker to alter countywide election results, possibly without detection.