At first, I didn’t think the issue of write-in candidates was much of a problem. An approach for write-ins would be to slightly mechanize the process. Voters would not mark pre-printed ballots. Instead, they would use an isolated ballot generating machine that would let them mark the three ballots and, optionally, add a write-in. The machine would print a three-part ballot that has all the write-in names. This machine would also perform the necessary constraint checks.

Now, this would only partially preserve the secrecy of the ballot. To vote for a write-in, one’s receipt would definitely show the candidate’s name. As long as enough voters wrote-in identical candidate names, no one would know with certainty if the voter actually voted for the write-in or not due to the way the ThreeBallot system works. HOWEVER, and this is a big “however,” this approach (having a machine print the write-in on all three ballots) can be used to prove to someone else how a voter cast their ballot. This can lead to voter coercion and vote selling. Here’s how:

1. The voter adds a write-in candidate with a unique, silly name like Phoebe Figalilly
2. The voter marks the three ballots to cast a vote for a candidate (which doesn’t have to be the write-in)
3. The voter leaves with a copy of one of the ballots listing the unique write-in name
4. By showing the receipt to a third party, the third party can review the posted list of ballots and find the three with the unique write-in name allowing them to determine how the vote was cast.

(via Risks-Forum Digest Volume 24 : Issue 44)

Electronic voting machines are basically repackaged personal computers that run election software. The researchers exploited significant flaws in the hardware, software, and the procedures that election officials would use to run an election based on Diebold AccuVote-TS voting machines to develop both election-stealing software as well as a virus that can spread such malicious software.

The security analysis includes a video and a detailed report. (There is a companion posting on the Freedom to Tinker site.) The video includes a demonstration of a mock election with a race between George Washington and Benedict Arnold. The votes are cast 4-1 in favor of Washington but the machine reports a 3-2 win by Arnold. The election-stealing software leaves no trace that the results are fraudulent. Significantly, the malicious software can be installed on a given machine in under a minute. The viral spread of the software can occur in multiple ways. In particular, it can spread when the election machines are initialized before an election with names of the candidates in each race.

In related news, Diebold AccuVote-TS voting machines were used in Montgomery County, Maryland, where election staffers mistakenly left voting cards behind in a warehouse. As reported, Circuit Court Judge Eric M. Johnson issued an order to extend the election by an hour to accommodate voters that were turned away in the morning.