IT security experts do not share the general public's faith in electronic voting systems and are far more worried by system and programming errors than hacker attacks, according to a survey.
A study by the Ponemon Institute asked the public and 100 IT security experts what they thought about e-voting systems. Six out of 10 of the experts were not in favour of e-voting compared with only 17% of the public.
"The degree of difference was just startling," said Larry Ponemon, director of the US-based institute. He had expected the experts to be more concerned about e-voting problems than the public, but on nothing like this scale.
System and programming errors were cited by 20% of the experts as their top concern, followed by attempts to influence the outcome of an election (17%). Attacks by hackers and cybercriminals ranked third (15%).
Among the public, the top worry was declining voter turnout through fear or distrust of e-voting (18%), followed by human errors and privacy violations (15% each).
Civil liberties groups and security experts have criticised e-voting systems as unreliable and insecure. Many have called for a paper trail to allow vote recounts from hard-copy backups. But system suppliers insist their machines are reliable and argue that critics are touting worst-case scenarios as probabilities.
Harris Miller, president of the Information Technology Association of America, said some of the criticism was less about e-voting machines than "a religious war about open-source versus proprietary software".
In the survey, 83% of the experts said e-voting was not as tamper-proof as traditional paper ballots, compared with just 19% of the public. Almost half the experts (49%) said e-voting systems were less likely to record and report votes accurately, compared with 21% of the public.
Ponemon said that although most people were fairly trusting of the technology, experts thought it was flaky.
The survey collected 2,933 usable responses nationwide from the public and drew its 100 security experts from attendees at the Black Hat and Defcon hacking and security conferences.
Sharon Machlis writes for Computerworld
This was first published in August 2004