Category: Electronic Vulnerability

Hacking Our Voting Machines and The Perils Of Outsourcing

Bev Harris has a new video on UTube showing the Hursti Hack in Florida with Ion Sancho and some testimony in New Hampshire by Hari Hursti and John Silvestro. John Silvestro is President of LHS Associates the Diebold distributor in that programs all our elections in Connecticut in secret in Massachusetts. Apparently in New Hampshire also uses LHS to program their elections. We take a few more precautions here but are subject to the same risks. <video>

Here is the accompanying article from BlackBoxVoting <read>

Update: Read more on Mr. Silvestro’s views of outsourcing <read>

My opinion is yes because I feel very confident that the process itself is better left in the private thing than it is in the public venue when I see the influence that each political party can put on people and make things happen in this country whether right or wrong, I mean if you think about it and I’d ask you the same way. Would you like politically connected people to vote parties, to be in charge of running you know the process of creating voting machines, counting ballots and you know would you like that? I don’t know…

Update: Food for thought from Brad Friedman <read>

NH Primary: Pre-Election Polls Wildly Different Than Results Announced for Clinton/Obama
Other Pre-Election Numbers, For Republicans and Rest of Dems, Nearly Dead on the Money…

the pre-election pollster’s numbers (NOTE: that’s not Exit Polls, but Pre-Election Polls!) were dead-on, for the most part, on the Republican side, as well as on the Democratic side. Except in the do-or-die (for Hillary) Clinton v. Obama race. I’m watching MSNBC right now, and they all seem to agree that the results, for the moment, defy explanation.

While I have no evidence at this time — let me repeat, no evidence at this time — of chicanery, what we do know is that chicanery, with this particular voting system, is not particularly difficult. Particularly when one private company — and a less-than-respectable one at that, as I detailed in the previous post — runs the entire process.

I strongly suggest you go over to the original article at Brad Blog and at least read the graphs. The whole post is well worth reading. There are legitimate questions here which need answers, for instance: Why do journalists accept exit polls as explanations for why people voted a certain way but reject counter conclusions of those same exit polls? I will echo Brad that we don’t have enough data to determine answers here, nobody may ever have access to the necessary data such as original paper ballots under a reliable chain of custody. Let me also echo myself, the Carter-Baker Commission, and the Brennan Center for Justice that it only takes a very small number of people to change an electronic election – not a conspiracy. Yet, perhaps it would take a conspiracy to avoid a convincing analysis of the actual data.

New York Times: Can You Count On Voting Machines?

New York Times Magazine article today, Can You Count On Voting Machines? <read>

This is a large, significant article primarily focused on touch screen voting machines. Hailed by advocates as significant because the New York Times is recognizing problems with voting machines. Yet, also criticized by advocates for selective quotes and statements that do not accurately portray the complete picture. Overall the thrust of the article is scary and accurate, however, there are areas that could provide quotes that would lead to a false impression of security. Full coverage follows below. Continue reading “New York Times: Can You Count On Voting Machines?”

New York Times: Broken Polls

New York Times Editorial, Broken Polls <read>

Election officials hate to admit how vulnerable their voting systems are to errors and vote theft. ..
Election officials across the country should be asking the sort of tough questions Ms. Brunner and Mr. Coffman have. In 2000, the nation only confronted the flaws in its voting technology after a presidential election was irreparably harmed. With just under a year to go before the next presidential election, the time to fix these problems is now.

Brad Friedman Interviews Ohio Secretary Of State — Discusses Concerns With Central Scan Solution

In a follow-up to the Ohio voting machine reports and the dramatic action of Ohio’s Secretary of State, Jennifer Brunner, Brad Friedman interviews her about the report, her critics, and concerns with the solution of central count optical scan. <read>Â

Note:  Connecticut does use central count optical scan, only for absentee ballots.  Perhaps less of an issue here because we do not have election officials in place who have flagrantly violated election laws.  Yet, we would be much more comfortable if the central count optical scanners were included in the post-election audits.

JB: I had been concerned because I saw the reaction that Debra Bowen had in California, that she experienced, but we had the benefit in Ohio of seeing some of the things that she faced in looking at what we could do to prevent some of that. And part of what, I think, helped us was that we conducted parallel independent testing. So we not only used the academic researchers but we used corporate scientists and they did the same type of security testing in what we would call a parallel independent method. So we had additional validation.

The way that I analyzed the situation was that I looked at the spectrum of people who were interested in these issues, started from the voting activists, with the voters more in the center who’ve been more concerned about what their election experience and the integrity of the system, and then to Board of Elections officials and voting machine manufacturers. And understanding that, perhaps, the academic scientists would have greater credibility with the activists, while the corporate scientists might have greater credibility with the election officials and the manufacturers, and that if we compared the results of the two and they’re similar and identical that actually we will gain the confidence of the public in what our results were.

BB: And [those results were] largely identical from both the academic and corporate testers?

JB: They were largely identical. The only difference is that the academic researchers were also performing source code review on all three systems. And so there was, there was an additional dimension to the report of the academics. But the interesting thing is, is that the corporate scientists, which was the company from Columbus called MicroSolve, basically looked at this as a computer-based system — industry standards for computer security — and the systems that we have, that have been certified here in Ohio, performed miserably.

BB: And I asked [the critics from Brennan Center and elsewhere] about that yesterday. They had a conference call on some of these issues. And I shared with them, some of your responses. And they said, well, while they understand them, the risks you [refer to] are sort of understandable, if you’re talking to computer scientists, but not to election administrat[ration experts], who understand how it works, and that the risks you take with central-based counting are far outweighed with precinct-based counting because if there is some of the [inappropriate] access and the viruses and so forth that you suggest, it’s far more decentralized.

I did try to hold their feet to the fire on the point that you had made to me. And they said there was still no comparison in [the safety added by] doing precinct-based counting, that most of the chicanery happens when there’s transport of these ballots back to the County. The chain of custody sort of disappears at that point and, as you know, many of the counties — and the bad guys who did some pretty questionable things in ’04 — are still running things in places like Warren County and elsewhere.

Doesn’t that concern you? And their criticism, we’re talking about a lot of well-known election integrity and administration experts, like Larry Norden from Brennan Center, Candice Hoke from CSU and so forth. Are you hearing those complaints about your recommendations?

JB: … but let me focus first on the issue of security. What I think is being missed by a lot of these academic folks, who often times focus on one particular issue in the election process, is that there is the potential to inject malicious software into a system — and I’m talking purely computer security at this point — but these are computer-based systems.

hey operate from a server, there is firmware in machines that are in the polling places, they can be tampered with, they can be penetrated, and if there is malicious software, like a virus put into the system, it can not only affect the machines at the polling places, it can affect the tabulation that occurs at the server and it can also affect future elections if it’s not detected, because we go back to the question of risk. And first of all we need to know if it’s detectable, second of all if it’s recoverable, if it can be recovered from. And I think that they’re not grasping the severity of the risk to the system from a purely computer-based standpoint.

BB: Well, some of the folks I have talked to are, you know, computer experts, and I gotta tell you, Jennifer, that I was the one, remember, who gave the Diebold touch-screen system to Princeton for the study that revealed how easy it was to insert a virus on these systems.

And I gotta tell ya, looking at it — and certainly as a ten-year computer programmer myself — I’m really concerned about the transparency that gets lost when we centralize things as opposed to the decentralized counting. So I do hope you’ll continue to talk with them about it, because these folks who I’ve talked to, I believe do understand the computer-related risks that we’re talking about. But [they] understand that there needs to be, that there is mitigation [of those risks], in the more public precinct-based counting.

Ohio Report: Eliminate Precinct Count Optical Scan

Report recommends votes central count optical scan voting <read>

Update: The Free Press discusses the report and we point out implications for Connecticut. Read after the following update.

Update: Microsolve Executive Summary Report <read>

To summarize, if you are concerned about the safety of your medical records or credit card information – the threat to your right to choose your own government is much, much, much more vulnerable and real.

These vulnerabilities demonstrate the capability for attackers who gain access to specific components of the system to influ- ence and tamper with the confidentiality, integrity and availability of the elections process. Generally speaking, the vulnerabilities identified in the study stem largely from the lack of adoption of industry standard best practices that have been developed for the IT industry over the last several years…

MSI did not have access to the source code of the applications nor to any specific “insider information” other than data that was publicly available from the vendor and from the Interet. MSI was provided with access to the systems in an unrestricted manner for the purposes of testing. This access to he systems was used to identify the vulnerabilities of the system. Obviously, attackers would not be given such wide access to the systems in question, thus we take this intoconsideration when we discuss the identified issues. However, it should be noted that access could likely be obtained by determined and/or well-resourced attackers through a variety of means ranging from bribery and breaking-and-entering to social engineering and outright coercion. Histoy has shown that determined attackers often find powerful ways to gain access to their targets.

All three vendor systems reviewed have serious gaps in compliance with even the most basic set of in- formation security guidelines used by systems in industries such as finance, insurance, medical care, manufacturing, logistics and other global commerce. Given the extremely valuable data that these systems process and the fact that our very democracy and nation depend on the security of that data, much work remains to be done by all three vendors. Adoption of best practices and implementation of additional controls to create a defense-in-depth security posture are critical to enhance the security of these systems.


Continue reading “Ohio Report: Eliminate Precinct Count Optical Scan”

Comparing Voting Computers To Electric Meters

We often hear voting computers compared to ATMs. We have debunked< the notion that Voting Computers can be trusted like ATMs. Today an article by the Courant's consumer watchdog, George Gombossy, Once Again Meter Madness, has me considering how Connecticut’s Voting Computers and Electric Meters are the same and different.

Update:  Courant Editorial calls for Independent Audit <read>

We often hear voting computers compared to ATMs. We have debunked the notion that Voting Computers can be trusted like ATMs. Today an article by the Courant’s consumer watchdog, George Gombossy, Once Again Meter Madness, has me considering how Connecticut’s Voting Computers and Electric Meters are the same and different.

I suggest reading Gombossy’s article 1st and then returning here for the comparison: <read>
Same: Voting computers and electric meters are complex pieces of equipment that the ordinary citizen and voting official do not understand.

Different: The case of an electric meter is often transparent with a counter you can read that records usage by the customer. Voting computers have internal meters controlled by software that nobody can see or read as votes are accumulated.

Same: Both are sealed with tamper evident seals.

Different: Meter seals are there to keep the customer from stealing electricity. Voting Computer seals are there to keep insiders from stealing democracy.

Same: Meters are read and audited by employees of the electric company that is charged (no pun intended) with charging customers accurately. Voting computers are read and audited by election officials charged with running elections with integrity.

Same: When their electric meters are audited, the customer may be restricted to standing at a distance which precludes the actual observation of the function of the meter. When voting computers are audited the public may be restricted to standing at a distance which precludes the actual observation of the marks on the ballots being counted and the results being tabulated.

Different: The Courant’s watchdog has spent several columns investing and bringing the important issue of electric meter accuracy to the attention of the public. The Courant’s editorial page has, in the face of contrary evidence, touted the accuracy of our voting computers.

Different: The Attorney General is calling for independent testing of a suspect electric meter that has passed two tests by the electric utility. The Secretary of the State, some registrars, and at least one State Representative are considering calling for the elimination of manual recounts of our voting computers, even as some of those recounts and audits show differences in the voting computer results and the manual hand count of the voters intent.

Same: Just because many electric meters are tested and work, it does not mean that all electric meters will work correctly all the time. Just because many voting computers are tested and work, it does not mean that all voting computers will work correctly all the time.

Different: When your electric meter does not work, you get an odd, suspect, transparent bill that can be a trigger to you or the electric company to look for an explanation. When your voting computer flips votes, unless it is audited carefully, nobody will ever know.

Different: All electric meters of the same model are the same unless there is a mechanical flaw in one meter. Voting computers are programmed separately for each election, each district, and each race – each is a unique opportunity for error or fraud involving many voting computers.

Secretary of State Questions Electronic Voting

Electronic voting systems …still aren’t good enough to be trusted with the state’s elections, … she admitted having doubts as to whether the electronic voting systems will ever meet the standards she believes are needed … “I don’t rule out the ingenuity of some computer science student now in the eighth grade,” but what’s available now isn’t as transparent or auditable as the paper ballot systems they replaced…“When the government finds a car is unsafe, it orders a recall,” she said. “Here we’re talking about systems used to cast and tally votes, the most basic tool of democracy.”

Read the entire story highlighting California Secretary of State Debra Bowen <read>.

Continue reading “Secretary of State Questions Electronic Voting”

TalkNationRadio: Memory Card Junk Data and LHS Replacement – Integrity of Testing Procedures in Doubt

UConn is charged with testing a random sample of memory cards sent to registrars to be used in the election. If the actual cards used are replacements sent by LHS after the random card is sent to UConn, then there is no guarantee that the cards tested by Dr. Shvartsman were the same as those used in the election.

Once again Dori Smith presents significant information. Memory card failures are not just a Florida phenomenon. <listen>

Alex Shvartsman of the University of Connecticut’s Voting Research Team joins us to discuss his findings of “junk data” on memory cards delivered to the polls for the November 6, 2007 State and Municipal Election. The team will release their report on the memory card failures shortly.

Perhaps even more disturbing is instances uncovered in Dori’s work that indicate widespread failures during pre-election testing. Although its a small sample it indicates that problems may be much higher than those in Florida:

Continue reading “TalkNationRadio: Memory Card Junk Data and LHS Replacement – Integrity of Testing Procedures in Doubt”

FAQ: Framing The Issue: Did the Machine Perform Flawlessly?

(Note: I have benefited from reading and contemplating the concept of framing issues from the linguist George ‘Don’t Think of an Elephant’ Lakoff founder of Rockridge Institute and cultural anthropologist Jeffrey Feldman, founder of the frameshop. While contemplating press reports on the recent election in a moment of sudden inspiration, I realized everyone has been asking and answering the wrong question – incorrectly framing the issues and our concerns with electronic voting. Here is my meager attempt changing the frame and starting toward more accurate understanding.)

We are asking the wrong questions when we ask if the audits proved that the “Machines Performed Flawlessly” or if the “Machines Incorrectly Counted The Votes”. We are using a misleading frame.

Continue reading “FAQ: Framing The Issue: Did the Machine Perform Flawlessly?”

Voting Machine Mess Can’t Just Be Fixed by Congressional Bills

Excellent article by Norman Ornstein of the American Enterprise Institute.  It is not just progressives that understand the problems with electronic voting.

In addition to outlining some of the problems, Mr. Ornstein also articulates very well the business reasons why voting machines and ATM’s are different, not just in their function but in the market limitations and economics.  As a former software product manager and buyer, I can vouch for the accuracy of that aspect of his analysis.

He suggests that Apple or Google solve the problem while others often propose open source solutions.  I don’t expect Apple or Google to do anything so significant without a profit motive, any more than I expect Walmart or the Hartford Courant to do so either.   My longstanding belief is that some things are best done by private enterprise, others by government and that either can be screwed up (with us being the ones at the wrong end of the screw).  Obviously the current method is not working for the benefit of Democracy.

Read his article <read>. Some excerpts below: Continue reading “Voting Machine Mess Can’t Just Be Fixed by Congressional Bills”