“University researchers delivered a serious blow to the current crop of electronic voting systems in an analysis of one such system’s source code in which they concluded that a voter could cast unlimited ballots without detection.” Yes, security is hard to get right and easy to get wrong. That is why all presumed secure systems should be tested by people who were outside of the design and creation of the system.
The full story is here: Voting machine fails inspection