|
NewsPapers
- -08-16-07 E-Voting a Non-Starter (BBC News)
"A group of researchers at Johns Hopkins and Rice universities in the US got their hands on the source code of one of the most widely-used electronic voting systems, from Diebold Election Systems, and did a security audit on it."
"The system they look at is called a 'direct election recording', or DRE, system. It runs on specially adapted touch screen systems in voting booths, but it is the software that would form the basis of an online voting system too."
"DRE systems were available to over a fifth of people voting in the 2002 US congressional elections."
"The researchers found dozens of security holes in the voting system. In order to vote, each person had to insert a special card, but the system did not check that the same person was not voting many times."
"It was also possible to change the order that candidates were presented on the screen without changing the internal codes assigned to each one, so that voters could be tricked into voting for the wrong person." 08-07
- -06-30-05 Hearings on Concerns on Elections Processes (ElectionAssessment.org)
Presents hearings presentations. 6-05
- -Editorial: No-Confidence Vote Earned by Machines (Atlanta-Journal Constitution - Bob Barr)
"A recent, 150-page report by the nonpartisan Brennan Center for Justice at New York University Law School concluded that because there are no comprehensive standards for electronic voting machines, and given the demonstrated potential problems inherent in such devices, all states ought to take certain steps to enhance security and minimize opportunity for fraud , including:
• Automatic and routine audits, with voter-verified paper records, in every election.
• Random selection of voting machines on election days for testing and examination for possible software attacks or viruses.
• Banning of wireless components in all voting machines." 08-06
- Analysis of the Security Threat Posed by Electronic Voting (IEEE)
"With significant U.S. federal funds now available to replace outdated punch-card and mechanical voting systems, municipalities and states throughout the U.S. are adopting paperless electronic voting systems from a number of different vendors. We present a security analysis of the source code to one such machine used in a significant share of the market. Our analysis shows that this voting system is far below even the most minimal security standards applicable in other contexts. We identify several problems including unauthorized privilege escalation, incorrect use of cryptography, vulnerabilities to network threats, and poor software development processes. We show that voters, without any insider privileges, can cast unlimited votes without being detected by any mechanisms within the voting terminal software. Furthermore, we show that even the most serious of our outsider attacks could have been discovered and executed without access to the source code. In the face of such attacks, the usual worries about insider threats are not the only concerns; outsiders can do the damage. That said, we demonstrate that the insider threat is also quite considerable, showing that not only can an insider, such as a poll worker, modify the votes, but that insiders can also violate voter privacy and match votes with the voters who cast them. We conclude that this voting system is unsuitable for use in a general election. Any paperlesselectronic voting system might suffer similar flaws, despite any 'certification' it could have otherwise received. We suggest that the best solutions are voting systems having a 'voter-verifiable audit trail,' where a computerized voting system might print a paper ballot that can be read and verified by the voter." 12-04
- California Bans Paperless Voting (MSNBC News)
"Gov. Arnold Schwarzenegger signed a law requiring that all electronic voting machines produce paper records of every ballot cast, beginning in 2006."
"Under the bill, signed Monday, voters will not be able to touch or keep the records; instead, election officials will put them in lock boxes in case a recount becomes necessary."
"Computer scientists and voter advocates have warned that touchscreens and other electronic voting machinery are vulnerable to hackers, software bugs and hardware failures, and that a paper trail is needed in case something goes wrong." 10-04
- Computer-Security Experts Warn of Stolen Elections (MSNBC News)
"The best minds in the computer-security world contend that the voting terminals can’t be trusted. Listen, for example, to Avi Rubin, a computer-security expert and professor at Johns Hopkins University who was slipped a copy of Diebold’s source code earlier this year. After he and his students examined it, he concluded that the protections against fraud and tampering were strictly amateur hour."
"(The biggest buzz focuses on the 2002 Georgia gubernatorial election, won by a Republican underdog whose win confounded pollsters.) Suspicions run even higher when people learn that some of those in charge of voting technology are themselves partisan. Walden O’Dell, the CEO of Diebold, is a major fund-raiser for the Bush re-election campaign who recently wrote to contributors that he was 'committed to helping Ohio deliver its electoral votes for the president next year.' "
"To remedy the problem, technologists and allies are rallying around a scheme called verifiable voting. This supplements electronic voting systems with a print-out that affirms the voter’s choices. The printout goes immediately into a secure lockbox. If there’s a need for a recount, the paper ballots are tallied." 11-04
- Democracy at Risk (CommonDreams.org)
"Fortune magazine rightly declared paperless voting the worst technology of 2003, but it's not just a bad technology — it's a threat to the republic."
"So what should be done? Representative Rush Holt has introduced a bill calling for each machine to produce a paper record that the voter verifies. The paper record would then be secured for any future audit. The bill requires that such verified voting be ready in time for the 2004 election — and that districts that can't meet the deadline use paper ballots instead. And it also requires surprise audits in each state." 11-04
- Editorial - Electronic Voting Machines Are Not Secure (USA Today)
Suggests that a paper trail should be required for auditing puposes. Also makes a second suggestion:
"Make the machines' software available to anyone to see. Far from being a security risk, by allowing thousands of people to view the code, any potential problems could be found and the systems made more secure. This is the same way open-source software works, and the same way encryption technology does — the way it works should not be a secret. In fact, the more people who look at it, the more secure it becomes; 10 thousand people looking for holes are more likely to find them than a small group of programmers."
"Face facts: Today's electronic voting machines are unreliable and unsecure." 11-04
- Editorial: Dangers of Computerized Voting (VoteFraud.org - Dugger)
Provides a history on why and how computerized voting, without paper verification, poses a danger to democracy. Article written in 1988. 12-04
- Florida to Sue Against Paperless Voting (MSNBC News)
"Just five weeks before Election Day, a federal appeals court Monday revived a lawsuit demanding that all Florida voters who use touchscreen machines receive a paper receipt, in case a recount becomes necessary." 10-04
- Fraud Alleged With Voting Machines (BlackBoxVoting.org)
"Black Box Voting has taken the position that fraud took place in the 2004 election through electronic voting machines. We base this on hard evidence, documents obtained in public records requests, inside information, and other data indicative of manipulation of electronic voting systems. What we do not know is the specific scope of the fraud. We are working now to compile the proof, based not on soft evidence -- red flags, exit polls -- but core documents obtained by Black Box Voting in the most massive Freedom of Information action in history." 11-04
- Group Challenges E-Voting (PCWorld.com)
"Members of Black Box Voting outlined what they call serious flaws in Diebold's voting machines during a presentation in Washington, D.C. this week. Black Box Voting contends that Diebold's Global Elections Management System election management and tabulation computer software contain security flaws that would allow a hacker to change vote totals through a hole in the Microsoft Access database."
"So what should be done? Representative Rush Holt has introduced a bill calling for each machine to produce a paper record that the voter verifies. The paper record would then be secured for any future audit. The bill requires that such verified voting be ready in time for the 2004 election — and that districts that can't meet the deadline use paper ballots instead. And it also requires surprise audits in each state." 11-04
- Key Component of Elections Software Not Reviewed (VotersUnite.org)
"Every voting system includes a key component, called the ballot definition file (BDF), that is never subjected to an outside review. Given that BDFs determine the way votes are recorded and counted, the lack of independent oversight of these files is a major security vulnerability. If BDFs are incorrectly prepared, the wrong candidate could be elected. Furthermore, although BDFs are primarily data, they could contain software that could change the outcome of an election." 3-05
- Paperless Voting Means No Recounts Are Possible (Forbes.com)
"Last week in Florida's 13th Congressional district, the victory margin was only 386 votes out of 153,000. There'll be a mandatory lawyered-up recount, but it won't include the almost 18,000 votes that seem to have disappeared. The electronic voting machines didn't include them in their final tallies, and there's no backup to use for the recount. The district will pick a winner to send to Washington, but it won't be because they are sure the majority voted for him. Maybe the majority did, and maybe it didn't." 11-06
- Proposed Federal Paper Verification Legislation (Thomas.LOC.gov)
Provides a description, including the current status, of The Voter Confidence and Increased Accessibility Act of 2003 proposed by Rep Rush Holt. The purpose of the proposed federal law is to require paper verification of votes so that if a recount is needed, it will be possible. Includes several other provisions, such as:
"Bans the use of undisclosed software and wireless communications devices in voting systems."
"All software and hardware used in any electronic voting system shall be certified by laboratories accredited by the Commission...."
"Requires mandatory surprise recounts in 0.5% of domestic jurisdictions and 0.5% of overseas jurisdictions."
The legislation has not yet been passed. 11-04
|