Electronic Voting Causing Concern

As the curtain opens on this presidential election year, more Americans than ever will cast their votes electronically, CBS News Correspondent Russ Mitchell reports.

"Everybody who tried it thought it was terrific," said Margaret Luca, who supervises elections in Fairfax County, Virginia, where voters make their selections by simply touching a screen.

It turns out that not everybody thought it was terrific. Rita Thompson believes the machines cost her a second term on the County School Board, which she lost by just 1% of the vote.

Several people had started to complain about the fact that either they didn't see my name on the ballot, or it would take three or four times for the touch screen to light up my name," Thompson said.

Officials confirm that improper stacking of their machines may have damaged the touch screens in a way that cost Thompson votes on at least one machine, Mitchell reports. They can't be sure about all the other polling places because the machines, made by Advanced Voting Solutions, do not create a paper record of every vote.

"We have nothing to validate this election – except they say, 'We believe the machines worked well,'" Thompson said.

States like Virginia had hoped the machines would help prevent the chad fiasco that made Florida a punch line, but there's a growing number of experts who question the accuracy and security of electronic voting.

Avi Rubin and a team of researchers examined software code developed by Diebold Election Systems, the largest manufacturer of electronic voting machines.

"There are many things that we teach in Security 101 that were not understood by the developers of these machines," Rubin said. "Within an hour of looking at the source code in the Diebold machines, we knew were looking at very bad code."

That code, Rubin says, was vulnerable to tampering that could manipulate vote totals. The researchers are especially critical of the so-called smart cards that control each machine - the card's PIN number was simply: 1-1-1-1.

"A 15-year-old in a garage could manufacture smart cards and sell them on the Internet that would allow for multiple votes," Rubin said.

Diebold Marketing Director Mark Radke says Rubin's team examined code that is not currently used in his company's machines. However, Mitchell reports, he admits that independent reviews by Ohio and Maryland have helped Diebold remedy potential weaknesses - like the PIN number.

"I wouldn't call them holes. I would say we enhanced the security of the system with some of the changes that were made," Radke said. "The touch screen machine and all electronic voting we offer is very secure."

Still, Diebold will not guarantee tamper-proof technology.

That's not good enough for California, which now requires their electronic machines to provide a ballot-by-ballot paper trail by 2006. Members of Congress are proposing similar legislation to expand such a requirement nationwide.

"That piece of paper would be kept by the voting machine and used in a recount," Rubin said.

But opponents argue that a record would require storing and securing thousands of pounds of paper.

"We are trying to get away from that kind of thing," Luca said.

The upcoming presidential primaries could make or break electronic voting's reputation, Mitchell reports. After the controversial election of 2000, voters may have little tolerance for being bitten by technical bugs.

"I'm afraid that they will sweep this under the rug and not look at the problem that happened in my instance, and not improve," Thompson said. "I don't want this to happen again."

Last week, a Washington-based software company that makes security software for electronic voting machines admitted that hackers broke into its computers and stole internal documents. The company, VoteHere, described the documents as "unsensitive."