It is easy to postulate vast and expensive bureaucracies and dismiss criticism. That is a paper tiger argument. These are not nuclear weapons and the security model and attacks possible are entirely different.
The real issue is why even the most basic electronic safeguards have not been implemented.
Everyone knows that 'security by obscurity' is a recipe for failure. In a system where the hardware and software must be distributed to thousands of insecure locations, a closed system is only effective in preventing the discovery of vulnerabilities by the good guys.
The bad guys will just buy or steal the box and find the vulnerabilities that the company will deny exist until elections are swung by fraud.
For those that are not familiar with 'security by obscurity' that is why:
1) You can easily copy 'protected' DVDs.
2) Clipper failed.
3) The original WiFi encryption scheme (WEP) is completely broken.
Personally, I am not all that unhappy about the first two, but my data security and the security of our elections are different matters.
The difference between retail punch card fraud and electronic fraud should be obvious, but I will explain:
Punch card fraud is retail. One card, ten cards, maybe a hundred cards.
Electronic fraud can be wholesale, swinging hundreds or thousands of votes at a time and in fractions of a second (depending on the point of attack.)
Electronic voting fraud does not require expertise the point of attack, so only one programmer is needed.
Once one qualified programmer has created the hack, it is as easy to compromise a voting machine as it is for an amateur to copy a DVD with the software available today. With a hand-held card writer (similar to the hand held mag-stripe readers used in credit card fraud), even grandma can do it, if she has the inclination.
You might also update your buzz words. MD5 has been compromised in recent years. SHA1, Whirlpool or RIPEMD would be preferred for new designs.
It is true that the worst sorts of Democrats are using the issue to their advantage. It is, however, an issue of equal or greater importance to us as the likely victim.
I suspect they would prefer to complain about it and never have it fixed than see a real solution implemented. That allows them to direct attention away from their failures. I urge action to take that opportunity away from the scum.
Punch card fraud is retail. One card, ten cards, maybe a hundred cards.
Electronic fraud can be wholesale, swinging hundreds or thousands of votes at a time and in fractions of a second (depending on the point of attack.)
Electronic voting fraud does not require expertise the point of attack, so only one programmer is needed.
So death by a thousand cuts is more preferable? Yes, an undetected fraud to swing elections by electronic voting machines can be wholesale, but I'm sure the fraud risk is many magnitudes lower than paper ballot fraud.
So what's your solution to possible electronic voter fraud?
OK, I'll take your suggestion and update my buzzwords, and you may want to update yours too. SHA-1 may have been compromised by the same Chinese cryptographer...