Writing in Forbes, security expert Bruce Schneier says electronic voting machines are flat-out "a grave threat to fair and accurate elections."
Much of our election security is based on "security by competing interests." Every step, with the exception of voters completing their single anonymous ballots, is witnessed by someone from each major party; this ensures that any partisan shenanigans--or even honest mistakes--will be caught by the other observers. This system isn't perfect, but it's worked pretty well for a couple hundred years.
But, Schneier says, with e-voting there's nothing for the partisan observers to observe.
Electronic voting is like an iceberg; the real threats are below the waterline where you can't see them. Paperless electronic voting machines bypass that security process, allowing a small group of people--or even a single hacker--to affect an election. The problem is software--programs that are hidden from view and cannot be verified by a team of Republican and Democrat election judges, programs that can drastically change the final tallies. And because all that's left at the end of the day are those electronic tallies, there's no way to verify the results or to perform a recount. Recounts are important.
As CTO of Counterpane, Schneier knows his security risks and e-voting, he says, is off the charts risky.
This is both new and terrifying. For the most part, and throughout most of history, election fraud on a massive scale has been hard; it requires very public actions or a highly corrupt government--or both. But electronic voting is different: a lone hacker can affect an election. He can do his work secretly before the machines are shipped to the polling stations. He can affect an entire area's voting machines. And he can cover his tracks completely, writing code that deletes itself after the election.
And that assumes well-designed voting machines. The actual machines being sold by companies like Diebold, Sequoia Voting Systems and Election Systems & Software are much worse. The software is badly designed. Machines are "protected" by hotel minibar keys. Vote tallies are stored in easily changeable files. Machines can be infected with viruses. Some voting software runs on Microsoft Windows, with all the bugs and crashes and security vulnerabilities that introduces. The list of inadequate security practices goes on and on.
His solution: paper.
Paper? Yes, paper. A stack of paper is harder to tamper with than a number in a computer's memory. Voters can see their vote on paper, regardless of what goes on inside the computer. And most important, everyone understands paper. We get into hassles over our cellphone bills and credit card mischarges, but when was the last time you had a problem with a $20 bill? We know how to count paper. Banks count it all the time. Both Canada and the U.K. count paper ballots with no problems, as do the Swiss. We can do it, too. In today's world of computer crashes, worms and hackers, a low-tech solution is the most secure.