[IP] Federal Court Upholds Calif. E-voting Ban
Begin forwarded message:
From: gep2@xxxxxxxxxxxxx
Date: July 7, 2004 11:07:01 PM EDT
To: ElectionProtection@xxxxxxxxxxxxxxx,
ElectionProtectionTech@xxxxxxxxxxxxxxx,
DigitalDemocrats@xxxxxxxxxxxxxxx, dfarber@xxxxxxxxxx,
dallasdemocrats@xxxxxxxxxxx
Subject: Federal Court Upholds Calif. E-voting Ban
<---- Begin Forwarded Message ---->
Subject: Federal Court Upholds Calif. E-voting Ban
Date: Wed, 7 Jul 2004 20:27:07 -0500
From: "Harry Nass" <harryn@xxxxxxxxxxxxxxxxxxxxxx>
To: <gep2@xxxxxxxxxxxxx>
Gordon:
From ComputerWorld today. Harry
Federal Court Upholds Calif. E-voting Ban
A federal judge today upheld a directive from the California secretary
of state that decertified touch-screen voting machines and withheld
future certification until the systems meet specific security
requirements, such as offering voter-verifiable paper audit trails.
http://www.computerworld.com/newsletter/0,4902,94372,00.html?nlid=PM
<http://www.computerworld.com/newsletter/0,4902,94372,00.html?nlid=PM>
Federal court upholds Calif. e-voting ban
The decision could have a nationwide impact
News Story by Dan Verton
JULY 07, 2004 (COMPUTERWORLD) - A federal judge today upheld California
Secretary of State Kevin Shelley's April 30 directive that decertified
touch-screen voting machines and withheld future certification until
vendors of
those systems could meet specific security requirements, including
voter-verifiable paper audit trails (VVPAT).
The decision arose from a lawsuit, Benavidez v. Shelley, brought by
disability
rights advocates and four California counties -- Riverside, San
Bernardino, Kern
and Plumas -- that oppose Shelley's VVPAT requirement and
decertification orders
for direct-recording equipment (DRE) voting systems.
The plaintiffs argued that banning the systems would disenfranchise
visually or
physically impaired voters.
In an order issued today by the U.S. District Court for the Central
District of
California (download PDF), Judge Florence-Marie Cooper wrote that "the
evidence
does not support the conclusion that the elimination of the DREs would
have a
discriminatory effect on the visually or manually impaired."
Cooper also said that the secretary of state's "decision to suspend the
use of
DREs pending improvement in their reliability is certainly a rational
one,
designed to protect the voting rights of the state's citizens." Cooper
also
characterized Shelley's paper audit trail requirement as consistent
with his
obligation to ensure the accuracy of election votes.
Cindy Cohn, legal director for the Electronic Frontier Foundation,
called the
court's decision a "landmark" ruling.
"The court said in clear, unambiguous terms that requiring a paper
trail for
e-voting machines is consistent with the obligation to assure the
accuracy of
election results," Cohn said. "That's an enormous victory for secure
elections."
"This is great news for voters in California and for the rest of the
country,"
said Kim Alexander, president of the California Voter Foundation.
Specifically, the judge's ruling with regard to the Americans With
Disabilities
Act "has national ramifications" for e-voting, said Alexander. "This
landmark
ruling, which takes into account California laws as well as federal
laws such as
the ADA and the Help America Vote Act of 2002, will have a
reverberating impact
on states across the country."
The decision comes at a time when state and local elections officials
are
scrambling to ensure that e-voting systems in different states are
reliable,
accurate and can be secured from tampering in time for the November
election.
Two weeks ago, the Brennan Center for Justice at the New York
University School
of Law and the Leadership Conference on Civil Rights released a report
by an IT
security panel that outlined a strategy for certifying the security and
reliability of touch-screen DRE voting systems (see story 1 below). The
systems
will be used in jurisdictions representing about 30% of registered
voters in the
upcoming presidential election.
And in testimony before the U.S. Election Assistance Commission in May,
security
researchers said that without paper audit trails, the 50 million
Americans who
will use electronic voting machines this fall will have no way of
knowing
whether their votes were recorded properly. The security researchers
also
testified that the code base powering the systems is so complex that
election
officials can't be sure it's free of malicious code designed to
manipulate
election results (see story 2 below).
===================================
http://www.computerworld.com/securitytopics/security/story/
0,10801,94311,00.html
Time Running Out for E-voting Security Plan
Panel calls for independent oversight of voting systems, but it may be
too late
News Story by Dan Verton
JULY 05, 2004 (COMPUTERWORLD) - State and local jurisdictions must act
immediately to ensure the security of the electronic voting systems
that are to
be used in the November presidential election, according to an IT
security
panel. But the panel's recommendations may well have come too late.
In a report released last week by the Brennan Center for Justice at the
New York
University School of Law and the Leadership Conference on Civil Rights,
the
panel outlined a strategy for certifying the security and reliability of
touch-screen direct recording electronic (DRE) voting systems. The
systems will
be used in jurisdictions representing about 30% of registered voters in
the
upcoming presidential election.
While analysts in the security and elections communities praised the
report,
most agreed that it may have come too late for states and local
jurisdictions to
act upon.
Chief among the panel's eight recommendations is a call for elections
officials
to hire a well-qualified, independent security team to examine the
potential for
operational failures and malicious attacks against DRE voting systems.
According
to the report, such a team "must be free of any business relationships
with any
voting system vendors or designers" and must be granted unfettered
access to all
software code and configuration data.
The panel also recommended that all jurisdictions contract for
independent "red
team" exercises to uncover any hidden physical or electronic
vulnerabilities in
DRE systems. And it urged election officials to make public information
about
the level of cooperation received from DRE system vendors.
Site-specific security procedures and physical security also weighed
heavily in
the panel's report. For example, the experts urged jurisdictions to use
"tamper
tape" on all vulnerable hardware devices and to document strict
procedures for
system repairs.
Jim Adler, CEO of VoteHere Inc., a Bellevue, Wash.-based developer of
electronic
voting security technologies, said the recommendations are an accurate
reflection of what must be done.
But many of the systems and procedures for the November election are
either
already in place or are now being deployed. "It's late," said Adler,
who was
interviewed by the panel for the report. "Where was this a year ago?"
Jeremy Epstein, senior director for product security at Fairfax,
Va.-based
WebMethods Inc., characterized the panel's report as a set of short-term
recommendations that are "exactly on the mark."
Epstein said he believes the recommendations can be implemented in time
for the
election. But "over the longer term," he added, "the need is clearly
there for
voter-verified paper audit trails or perhaps some form of
cryptographically
protected voting."
Election officials should:
Hire an independent team of security experts to examine the potential
for
failures and attack, and implement the team's recommendations.
------------------------------------------------------------------------
--------
Provide thorough training for all election officials and workers on
security
procedures.
------------------------------------------------------------------------
--------
Develop procedures for random parallel testing of the voting systems in
use to
detect malicious code or bugs in the software.
------------------------------------------------------------------------
--------
Create a permanent independent technology panel to monitor the process.
------------------------------------------------------------------------
--------
Establish procedures for regular reviews of audit facilities and
operating logs
for voting terminals and canvassing systems.
------------------------------------------------------------------------
--------
Prepare and follow standardized procedures for response to alleged or
actual
security incidents.
===================================================
http://www.computerworld.com/governmenttopics/government/policy/story/
0,10801,92
950,00.html
E-voting system security, integrity under fire
Researchers, IT vendors square off over the security of electronic
voting
News Story by Dan Verton
MAY 06, 2004 (COMPUTERWORLD) - WASHINGTON -- IT security researchers
have
uncovered significant vulnerabilities in the electronic voting systems
that
nearly 30% of all registered voters will use in the upcoming
presidential
election, raising concerns about what already looks to be one of the
most
divisive elections in U.S. history.
In testimony before the U.S. Election Assistance Commission yesterday,
security
researchers said that without voter-verifiable paper receipts, the 50
million
Americans who will use electronic voting machines this fall will have
no way of
knowing if their votes were recorded properly. Even worse, the code base
powering the systems is so large and complex that there's little way for
election officials to be sure it is free of malicious code designed to
manipulate election results.
"My biggest concern is that in a very large trusted computing base, the
threat
of somebody with access to the development environment of the code base,
particularly the vendor, basically is in position to make the outcome
of the
election come out how they would like, and it's virtually
undetectable," said
Avi Rubin, a professor at the Johns Hopkins University Information
Security
Institute. "The trusted computing base is approximately 50,000 lines of
computer
code sitting on top of tens of millions of lines of [operating system]
code. It
is impossible to secure such a large trusted computing base," said
Rubin.
Commission members also expressed concern about the potential for
vendors to
influence elections, especially since some have taken active roles in
operating
polling stations and, in the case of Diebold Election Systems' CEO
Walden
O'Dell, stated publicly the intent to deliver election results to
President
George W. Bush.
Rubin recently had 40 Ph.D. candidates design Trojan horse programs to
assess
the security of the systems. "I was astounded to see the cleverness and
ease
with which the malicious code was hidden and how difficult it was to
find,"
Rubin told the commission. "In the short term, meaning November 2004, a
voter-verifiable paper ballot is necessary. It's the only way to get
around all
of the security problems in the machines" and, if necessary, to conduct
meaningful recounts.
Rubin, who has come under fire from IT vendors and their Washington
lobby, the
Information Technology Association of America, recently worked as a
polling
official to observe the process firsthand. While that experience forced
him to
rethink some of his early concerns about the security of the system, he
came
away with new concerns about the risk of manipulation and fraud.
"At the end of the day, the memory cards were taken out of all of the
machines
and put into one machine ... and then they were [transmitted via modem]
to
back-end servers," said Rubin, noting that the polling station used a
broken
cipher for encryption and a key that was hard-wired to all of the
machines.
He called that "a single point of vulnerability" and pointed out that
there is
no encryption to protect the transmission.
Ted Selker, a professor at MIT and a former IBM fellow, said there are
ways to
counter such vulnerabilities. But encryption would be too difficult to
deploy in
time for the November vote, he said. And in some cases, registration
databases
remain full of errors -- a problem that led to between 1.5 million and
3 million
votes being lost during the 2000 election.
The IT vendors that make the systems in question, sought to discredit
Rubin's
research by characterizing it as laboratory work that has little
relevance to a
real-world voting environment. Some also complained that until last
year,
election officials were more interested in usability improvements than
better
security.
"What's been missing from these laboratory-originated critiques has
been the
real-world experience of the voting booth," said Mark Radke, director of
marketing at McKinney, Texas-based Diebold Election Systems Inc., which
made the
system tested by Rubin and his students. The questions and doubts
raised are
"theoretical in nature," he said.
Neil McClure, general manager of Hart Intercivic Inc. in Austin, said
product
changes should be based on risk assessments, not solely on the
existence of
vulnerabilities. He discounted the threat of electronic tampering,
saying it
would require a long-term commitment by a motivated attacker.
Unfortunately, both the IT vendors and the researchers agreed that
properly
securing the existing systems would take equally as long. "For 2004, we
have the
equipment we have," said Selker.
[picture]
IT vendors of electronic voting systems said the threat of manipulation
is
overblown. (L to R) Alfie Charles, vice president of business
development for
Sequoia Voting Systems; William F. Welsh, board member of Election
Systems &
Software Inc.; Kevin Chung, founder and CEO of Avante International
Technology
Inc.; Mark Radke, director of marketing at Diebold Election Systems;
and Neil
McClure, general manager of Hart Intercivic Inc. (Image Credit: Dan
Verton)
<---- End Forwarded Message ---->
Gordon Peterson http://personal.terabites.com/
1977-2002 Twenty-fifth anniversary year of Local Area Networking!
Support free and fair US elections!
http://stickers.defend-democracy.org
12/19/98: Partisan Republicans scornfully ignore the voters they
"represent".
12/09/00: the date the Republican Party took down democracy in America.
-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/