Category: Electronic Vulnerability

In a late night, 11:45pm, press conference Debra Bowen decertifies e-voting machines. Will allow one DRE per polling place, which must have paper ballot hand counted.

BradBlog reports on the press conference.

The CA Official site.

Secretary of State Debra Bowen began her top-to-bottom review of the voting machines certified for use in California in March 2007. The review was designed to restore the public’s confidence in the integrity of the electoral process and to ensure that California voters are being asked to cast their ballots on machines that are secure, accurate, reliable, and accessible. On August 3, 2007, Secretary Bowen announced her decisions regarding which systems in the review will be permitted to be used in the 2008 elections and beyond.

The CA Decertification of Diebold equipment.

Diebold…AccuVote-OS[to be used in CT]…which was previously approved. is found and determined to be defective or unacceptable and its certification and approval for use in subsequent elections in California is immediately withdrawn except as specifically provided below.

1. In order to provide accessibe voting to voters with disabilities in compliance with HAVA, juristictions may use no more than one AccuVote-TSx per polling place..

The document goes on with stiff re-certification requirements which include various restrictions and procedures for use and stiff requirements on Diebold for plans and actions to make the systems secure. At first reading they seem appropriate, yet unlikely to be met.

Updates..

Continue reading “CA Secretary of the State Decertifies E-Voting Machines”

Update: Talk of the Nation Interview – Red Team Leader    ” [relying on procedures] indicates a very high belief in human infalibility.”

Executive Summary:

Vulnerability to malicious software

The Diebold software contains vulnerabilities that could allow an attacker to install malicious software on voting machines or on the election management system. Malicious software could cause votes to be recorded incorrectly or to be miscounted, possibly altering election results. It could also prevent voting machines from accepting votes, potentially causing long lines or disenfranchising voters.

Susceptibility to viruses

The Diebold system is susceptible to computer viruses that propagate from voting machine to voting machine and between voting machines and the election management system. A virus could allow an attacker who only had access to a few machines or memory cards, or possibly to only one, to spread malicious software to most, if not all, of a county’s voting machines.
Thus, large-scale election fraud in the Diebold system does not necessarily require physical access to a large number of voting machines.

Vulnerability to malicious insiders

The Diebold system lacks adequate controls to ensure that county workers with access to the GEMS central election management system do not exceed their authority. Anyone with access to a county’s GEMS server could tamper with ballot definitions or election results and could also introduce malicious software into the GEMS server itself or into the county’s voting machines.

Continue reading “CA Software Reports Released – Diebold subtracts from democracy”

Memo to Governor Spitzer:

New York State Law Prohibits State from Entering into Contract with Any of the Vendors under Consideration

New York State is enjoined from doing business with vendors who lack business integrity or whose past performance is wanting…none of the voting machine vendors New York is presently considering doing business with are eligible for contracts.

Not that the laws or lack thereof in Connecticut should preclude us from concern that each of our individual races, and precincts are programmed for each election in secret by Diebold employees.

Read the report