The image “” cannot be displayed, because it contains errors.


National Issues

Something Old Is Something New in Voting Machine Snafus PDF  | Print |  Email
By Vince Lipsio, Rebecca Mercuri, and Beth Feehan for VoteTrustUSA   
May 19, 2006
While innuendo and rumors swirl around the “new” revelations regarding Diebold’s commercial-off-the-shelf (COTS) security flaws, a bright light is shining on information that had been posted on the Internet well over a year ago, by Vince Lipsio, a computer scientist from Florida.

Vince's involvement with voting system standards began by answering a call by the Institute for Electrical and Electronics Engineers (IEEE) for volunteers to establish an international standard for voting equipment. As a native of Florida active in local politics, a member of the IEEE's Standards Association, and a software engineer with experience in life-critical systems, Mr. Lipsio took on the job with enthusiasm.

But while reviewing components of the 2002 Federal Election Commission (FEC) standard used in the drafting of the IEEE standard, Vince noticed a blanket exemption for COTS products. His reaction to the exemption was simply that this meant these standards could not be taken seriously for their stated purpose; rather, they could only be some sort of bureaucratic cynical pacifier (aka, "smoke and mirrors") so that the FEC could claim to be doing something while, in fact, it was not doing anything useful. Vince's prior experience with medical electronics, aviation and other standards, was that COTS is given no exemption, but it may be unit tested only once before being used in multiple products.

Because of the COTS exemption and other concerns, Vince Lipsio formally issued the following statement (and an additional statement) to the U.S. Election Assistance Commission (EAC) in December of 2004.

Back in the IEEE standards committee, Vince Lipsio and Rebecca Mercuri had been appointed as co-chairs of a Special Task Group (STG) to resolve COTS-related issues in the draft being prepared to be sent to the EAC as input to the Help America Vote Act (HAVA) guidelines that were concurrently being composed. It was the intention of the COTS sub-committee to replace the blanket exemption from review of COTS hardware and software with a more stringent review. The sub-committee spent considerable time and developed a policy that more appropriately handled COTS, such that situations like the one recently described involving Diebold, and their examining authority, CIBER, would nearly certainly not have occurred. As the IEEE did not deem it necessary to post the results from the COTS STG on the Standards Association website, Mr. Lipsio put the group's information on his own server.

Of special interest are the COTS STG's resolutions that were stonewalled by never being edited into the IEEE's draft standard despite having obtained proper consensus from the larger working group (that included representatives from NIST, the FEC, and most of the major voting system manufacturers). These omitted materials were also posted on Vince's website at:

So the policy of not inspecting COTS materials, which could intentionally or accidentally be exploited to conceal voting system backdoors, continues to be perpetuated in the HAVA guidelines, despite numerous submitted comments to the EAC that have raised concerns in this regard. It therefore should not surprise anyone that actual evidence of such a COTS shell game having been played has now been discovered.

A perusal of the content at Vince's links adds to the expanding body of knowledge that proves there has been cohesive resistance to security measures being written into numerous voting system standards and also ignored in election equipment enforcement procedures used by the FEC, EAC and other governing bodies. This sin of omission has allowed voting companies to make false claims about their equipment's security, by hiding under the shroud of the lax certification process with regard to COTS and many other well-known backdoors that have been deliberately and repeatedly left open in the standards.

It is now time for the folks who finalized these guidelines, and who kept out the language submitted by computer experts like Mr. Lipsio and Dr. Mercuri, to be held accountable for their actions, and made to answer for the train wreck the United States (and a growing number of other democratic nations) now finds itself in, regarding inappropriately tested voting systems.
Comment on This Article
You must login to leave comments...
Other Visitors Comments
You must login to see comments...
< Prev   Next >
National Pages
Federal Government
Federal Legislation
Help America Vote Act (HAVA)
Election Assistance Commission (EAC)
Federal Election Commission
Department of Justice - Voting Section
Non-Government Institutions
Independent Testing Authority
The Election Center
Carter Baker Commission
Voting System Standards
Electoral College
Open Source Voting System Software
Proposed Legislation
Voting Rights
Campaign Finance
Overseas/Military Voting
Electronic Verification
: mosShowVIMenu( $params ); break; } ?>