Utah's OK with voting machines

A report detailing numerous security flaws in the electronic voting machines that will be used in this year's Utah elections has been met with a yawn from state elections officials, despite increasing national attention to the problems.

"Yeah, and ... ?" said Joe Demma, the chief of staff for Lt. Gov. Gary Herbert, whose office supervises elections in Utah, when asked for his response to the report from nonprofit voting accuracy organization Black Box Voting. The report was released in May and stems from voting machine tests the group did in Emery County earlier this year.

"It's like learning that if you put a match to paper, the paper will burn. It's not new information," Demma said.

The security flaws Black Box Voting found in Diebold voting equipment range from physical, such as plugs that can be easily kicked out of sockets, to technical, such as the boot loader that "seems to enable a malicious person to compromise the equipment." Other vulnerabilities include:

• The embedded versions of Windows CE could allow individual files, and possibly the operating system, to be altered.

• The machine casings can be removed with a Phillips screwdriver, allowing access to PC card slots and memory cards.

• Memory card slots might be usable to install wireless networking capabilities, potentially allowing hacking of the machine without physical access.

• An unmarked button that is "completely accessible for all voters in the standard voting booth" could allow a manual reset of the machine.

While some of the reported flaws, such as the wireless access capability, are "simply wrong," according to Demma, there are some potential holes that the state knew existed. To manipulate the machines, however, would require access that "you could never get unless you were a county official or Diebold worker." And because of the paper trails the machines generate, it would take corruption from officials on both ends of the election process to actually rig an election.

In other words, the potential for a stolen election is in the hands of elected county clerks, just as it would be with any type of ballot. The only difference, Demma said, is that the redundancies built into the machines "have raised the bar" for election security.

"These county clerks, if they were nefarious, could potentially corrupt the election," he said. "But that's assuming there are bad county clerks, and we don't think that's the case."