1 Some electronic voting systems did not encrypt cast ballots or system audit logs, thus making it possible to alter them without detection.
2 It is easy to alter a file defining how a ballot appears, making it possible for someone to vote for one candidate and actually be recorded as voting for an entirely different candidate.
3 Falsifying election results without leaving any evidence of such an action by using altered memory cards.
4 Access to the voting network was easily compromised because not all digital recording electronic voting systems (DREs) had supervisory functions password-protected, so access to one machine provided access to the whole network.
5 Supervisory across to the voting network was also compromised by repeated use of the same user IDs combined with easily guessed passwords.
6 The locks protecting access to the system were easily picked and keys were simple to copy.
7 One DRE model was shown to have been networked in such a rudimentary fashion that a power failure on one machine would cause the entire network to fail.
8 GAO identified further problems with the security protocols and background screening practices for vendor personnel.
Overshadowed by indictments and nominations, the GAO unveils an interesting report...
