The upcoming US presidential elections could be stolen by one person -- not Democratic candidate Barack Obama or Republican candidate John McCain -- but by a rogue programmer writing code for one of the many electronic voting machines used, experts say.
After the 2000 election dispute in Florida forever ingrained the term "hanging chad" in the public consciousness, the US began funding user-friendly e-voting systems.
Many researchers now say Al Gore should have won that election by a wide margin over George W. Bush, and blame a confusing ballot system for the error.
But the solution may leave the country no better off, according to experts with A Center for Correct, Usable, Reliable, Auditable and Transparent Elections (ACCURATE). The center was created in 2005 with a US$7.5 million grant from the National Science Foundation as part of a program to bolster the nation's computers against attack.
"One programmer could make a change in the software that would affect 100,000 votes," says David Dill, an investigator with ACCURATE. "That's a one-attacker team."
E-voting systems in States such as Georgia and Maryland have been used since the 2006 House and Senate elections. A 2002 federal act titled "Help America Vote" provided funding to replace traditional voting methods with direct-recording electronic systems.
The aim was to make voting easier. In a country where voters choose everyone from the president to the postman, ballots can become confusing quickly, and it is not always clear how many names a voter should be checking.
Al Gore lost 2,000 voters to Pat Buchanan because of the butterfly ballot format used in Florida, researcher J.N. Wand says. That alone would have been enough to win the election, but another researcher estimates Gore would have won by 30,000 votes if voters had been warned about the possibility of voiding their ballots by selecting too many names in certain sections.
"When the entire country is voting on a single day, it's a challenge," says Avi Rubin, director of ACCURATE and professor of computer at Johns Hopkins University. "I don't think we should go back to punch cards."
But Rubin does want to steer away from direct-recording machines. The main problem is that they can't be audited, he explains. "The concern I have is that the machines might produce the wrong results without us even knowing it. If they were rigged, we'd never know it."
Also working as a poll clerk in the upcoming Fall elections, Rubin writes on his blog about his training session. Ironically, he says, the anonymous paper survey he used to evaluate the training session was a more secure system than the Diebold Accuvote machines that will be used to register votes in Maryland for the next US President.
"I've looked at the Diebold system, and there's been several studies done on them that's shown viruses could be put in them to change votes," he says. "My survey was done on paper, so you'd have to put in a lot more effort to change the vote."