Election Integrity News - May 30, 2006

This Week's Quote: "There's a broader philosophical question that's been worrying me more and more lately. What are these companies really doing? They don't seem to have embraced the seriousness with which people in this country take their elections. It's been kind of an adversarial thing where companies want to make profits, and they just haven't spent enough time and energy designing secure systems." Michael Shamos, Carnegie Mellon University


Actions to Take Now

Nationwide: Support Emery County UT Clerk Bruce Funk

National: Pass HR 550 As Written!

National: Say No to Prohibited Software in Voting Machines!

Pennsylvania: Support HB 2000 and S 977

In this issue ...

National Stories

Will Your Vote Count in 2006?

ES&S Products Do Not Conform To The 2002 VVSG

Something Old Is Something New in Voting Machine Snafus

Gaping Hole in HAVA Voting System Standards Widened in 2005

News From Around the States

Tabulators Fail in Arkansas on Election Day, Secretary of State Announces Inquiry

Georgia:Voting Rights Activists Call for Secretary of State Cox to Step Down

New Jersey: Update on Rutgers Lawsuit

New Mexico: Court Says That State Should Have Allowed Recount

Advocates File Voting Rights Lawsuit in Washington Challenging Database "Matching" Requirements



Click Here for Previous Issues

Subscribe to Election Integrity News!

Put the Election Integrity News on your Website or Computer with our RSS Newsfeed

NASED Certifies Voting Systems They Know Must Be Modified And No Longer Be Certifiedby John Gideon, VotersUnite.org and VoteTrustUSA.

This open letter was sent to the National Association of State Election directors and the Election Assistance Commission.

It has recently been made public that NASED has been certifying, and continues to certify, electronic voting systems, with the full knowledge that when those systems are used in an election, they will inevitably be running different software than the software NASED certified. Those who certify the systems admit that the ES&S software actually used in an election is unique to that election, and therefore has not been examined by any independent tester, and cannot have been certified either by NASED or by the state.

This information was obtained via Public Records Requests from the Secretary of State of California. The emails that reveal this information can be viewed here.

In an email to Bruce McDannold and Paul Craft dated December 29, 2005,  Steven V. Freeman paraphrases what he has heard from Paul Craft that "...every election gets a new copy [of the ES&S firmware] installed with slight differences in the actual executable code due to the active linking to the election definition tables."

In a response dated December 30, 2005, Paul Craft makes it clear that the problem exists, not just for ES&S optical scanners, but also for the DREs:

"[ES&S products] are annoying because, as with the DRE's, you cannot really directly and easily validate the firmware once it is loaded on the chip with an election definition."

This means that every jurisdiction using ES&S voting equipment is using unique, unexamined, uncertified software to record, count, and tabulate votes. The participants in the email thread are uncertain whether or not this is true for the other vendors' products.

The referenced email conversation was in the context of a discussion on how to word a question to the vendors to determine "if they [vendors other than Diebold] have any kind of executable code on their transport media." That is, they were planning to ask the vendors - ask the vendors - if their systems fail to meet the 2002 Voting System Standards (Section 4.2.2, which bans this type of code.) The three men decided on this wording:

"Please advise us immediately as to whether or not any of your voting systems used in California include on the transport media (floppy, zip disk, pc card, other removable memory and storage devices, etc.) any kind of program code including scripts, that can be loaded, interpreted or executed by your system's vote devices, tabulating equipment or system servers. "

Just who are Steve V. Freeman and Paul Craft? They are two of the Voting Systems Board of NASED who make the ultimate decision as to whether a voting system should be NASED certified or not. They are also two of three principles in Freeman, Craft, McGregor Group, a private consulting company hiring themselves out as voting system examiners to states and local governments such as California, Maryland, and Chicago/Cook County.

Clearly, Mr. Freeman and Mr. Craft have been federally certifying systems, and recommending state approval of those systems, without knowing whether or not the systems meet the 2002 VSSG.



National Coalition for Election Integrity

Help VoteTrustUSA Fight For Verifiable Elections Nationwide

On behalf of the I Count Coalition, VoteTrustUSA would like to thank all the citizen patriots that came to Washington D.C. recently to voice their concern in the halls of Congress. Well over 200 people came to the Lobby Days and meetings were held in 117 Congressional offices. During the Spring recess meetings are taking place in in over 80 district offices. A petition in support of HR 550, signed by over 50,000 concerned Americans from every Congressional district in every state, was delivered to the Committee on House Administration. During the lobby days, we added 11 new HR 550 co-sponsors. Meetings will continue during the two-week recess in the home districts of those Representatives that are not yet co-sponsors of this important legislation. Help VoteTrustUSA continue the struggle for fair, transparent, and auditable elections. Click here to help VoteTrustUSA continue the struggle for fair, transparent, and auditable elections.

National Stories

Will Your Vote Count in 2006?
by Steven Levy, Newsweek - May 29, 2006

'When you're using a paperless voting system, there is no security,' says Stanford's David Dill.

This article appeared in the May 29, 2006 issue of Newsweek magazine.

Just when you thought it was safe to go back into the voting booth, here comes more disturbing news about the trustworthiness of electronic touchscreen ballot machines. Earlier this month a report by Finnish security expert Harri Hursti analyzed Diebold voting machines for an organization called Black Box Voting. Hursti found unheralded vulnerabilities in the machines that are currently entrusted to faithfully record the votes of millions of Americans.

How bad are the problems? Experts are calling them the most serious voting-machine flaws ever documented. Basically the trouble stems from the ease with which the machine's software can be altered. It requires only a few minutes of pre-election access to a Diebold machine to open the machine and insert a PC card that, if it contained malicious code, could reprogram the machine to give control to the violator. The machine could go dead on Election Day or throw votes to the wrong candidate. Worse, it's even possible for such ballot-tampering software to trick authorized technicians into thinking that everything is working fine, an illusion you couldn't pull off with pre-electronic systems. "If Diebold had set out to build a system as insecure as they possibly could, this would be it," says Avi Rubin, a Johns Hopkins University computer-science professor and elections-security expert.

Diebold Election Systems spokesperson David Bear says Hursti's findings do not represent a fatal vulnerability in Diebold technology, but simply note the presence of a feature that allows access to authorized technicians to periodically update the software. If it so happens that someone not supposed to use the machine—or an election official who wants to put his or her thumb on the scale of democracy—takes advantage of this fast track to fraud, that's not Diebold's problem. "[Our critics are] throwing out a 'what if' that's premised on a basis of an evil, nefarious person breaking the law," says Bear.

Those familiar with the actual election process—by and large run by honest people but historically subject to partisan politicking, dirty tricks and sloppy practices—are less sanguine. "It gives me a bit of alarm that the voting systems are subject to tampering and errors," says Democratic Rep. William Lacy Clay, who worries that machines in his own St. Louis district might be affected by this vulnerability. (In Maryland and Georgia, all the machines are Diebold's.)

Read the entire article at msnbc.com 

ES&S Products Do Not Conform To The 2002 VVSG
by John Washburn, VoteTrustUSA Voting Technology Task Force - May 26, 2006

This article and the follow-up article (posted here as Part Two, below) appeared on Washburn's World. They are reposted here with permission of the author. 

ES&S Equipment does not conform to the 2002 VVSG. This is the statement of Steven V. Freeman in an email to Bruce McDannold of the State of California on December 29, 2005 at 8:10 PM.

In a related email Paul Craft on December 30, 2005 at 5:38 am states the firmware on ES&S equipment are unique and created as a custom executable for each Election/Jurisdiction combination to which ES&S has sold equipment. Mr. Craft further states that because the system software is customized and intendended for single use in a single jurisdiction, it was not possible for him to determine with certainty if the system delivered to him for inspection was or was not the system tested by the ITA lab.

Who are Bruce McDannold, Paul Craft, Steven V. Freeman and why should you care?

Bruce McDannold is the Interim Director of the Office of Voting Systems Technology Assessment for the state of California.

Steven V Freeman is a member of the Voting Systems Board of the National Association of State Election Directors.

Paul Craft is also a member of the Voting Systems Board of the National Association of State Election Directors.

Together, Paul Craft, Steven V. Freeman along, and Brit Williams, are the 3 members of the Technical Sub-Committee of the NASED VSB. The technical sub-committee of the NASED VSB is responsible for reviewing ALL reports generated by the ITA test labs and for oversight concerning the work performed by the ITA labs. As a matter of fact Sandy Steinbach, states: “Brit Williams, Paul Craft and Steve Freeman are my heroes. These three men are the heart and soul of the voting system testing program and they do this work for free. None of them has a salaried position. They work as consultants and their time is valuable. Brit Williams, Paul Craft and Steve Freeman do the lion’s share of the work and make a big sacrifice to do it.” This is from page 3 of Ms. Steinbach’s statement of February 6, 2006. Read the Entire Article

Something Old Is Something New in Voting Machine Snafus
by Vince Lipsio, Rebecca Mercuri, and Beth Feehan for VoteTrustUSA - May 19, 2006

While innuendo and rumors swirl around the “new” revelations regarding Diebold’s commercial-off-the-shelf (COTS) security flaws, a bright light is shining on information that had been posted on the Internet well over a year ago, by Vince Lipsio, a computer scientist from Florida.

Vince's involvement with voting system standards began by answering a call by the Institute for Electrical and Electronics Engineers (IEEE) for volunteers to establish an international standard for voting equipment. As a native of Florida active in local politics, a member of the IEEE's Standards Association, and a software engineer with experience in life-critical systems, Mr. Lipsio took on the job with enthusiasm.

But while reviewing components of the 2002 Federal Election Commission (FEC) standard used in the drafting of the IEEE standard, Vince noticed a blanket exemption for COTS products. His reaction to the exemption was simply that this meant these standards could not be taken seriously for their stated purpose; rather, they could only be some sort of bureaucratic cynical pacifier (aka, "smoke and mirrors") so that the FEC could claim to be doing something while, in fact, it was not doing anything useful. Vince's prior experience with medical electronics, aviation and other standards, was that COTS is given no exemption, but it may be unit tested only once before being used in multiple products.

Because of the COTS exemption and other concerns, Vince Lipsio formally issued the following statement (and an additional statement) to the U.S. Election Assistance Commission (EAC) in December of 2004.

Back in the IEEE standards committee, Vince Lipsio and Rebecca Mercuri had been appointed as co-chairs of a Special Task Group (STG) to resolve COTS-related issues in the draft being prepared to be sent to the EAC as input to the Help America Vote Act (HAVA) guidelines that were concurrently being composed. It was the intention of the COTS sub-committee to replace the blanket exemption from review of COTS hardware and software with a more stringent review. The sub-committee spent considerable time and developed a policy that more appropriately handled COTS, such that situations like the one recently described involving Diebold, and their examining authority, CIBER, would nearly certainly not have occurred. As the IEEE did not deem it necessary to post the results from the COTS STG on the Standards Association website, Mr. Lipsio put the group's information on his own server. Read the Entire Article

Gaping Hole in HAVA Voting System Standards Widened in 2005
by Howard Stanislevic, VoteTrustUSA E-Voting Education Project - May 21, 2006

What's all this talk about banned interpreted code, high hardware failure rates, Hursti Hacks, RABA Revelations and typos in our Voting System Standards?

Critics of electronic voting may want to take a break from their hacking chores, remove their white hats, kick back with a cup of java and read the current version of the EAC's Voting System Standards/Guidelines (VSS/G) just one more time to see what's really been going on since HAVA became the law of the land. If they do so, they'll find that not only does the current (2002) VSS/G adopted under Section 222 (e) of the Help America Vote Act:

· allow an unacceptably high failure rate of one in every 11 electronic voting systems in the country on every Election Day;

· not require any means of independent verification of voting system tallies such as a voter-verified paper audit trail (VVPAT);

· exempt from inspection any commercial off-the-shelf software used in e-voting systems (such as Microsoft's operating systems and Access database);

it also contains a loophole big enough to shove a lever machine through.

According to Volume II, Appendix B.5, Qualification Test Results and Recommendation,

"[A]ny uncorrected deficiency that does not involve the loss or corruption of voting data shall not necessarily be cause for rejection. Deficiencies of this type may include failure to fully achieve the levels of performance specified in Volume I, Sections 3 and 4 of the Standards [those are the Hardware and Software Performance specs], or failure to fully implement formal programs for qualify [sic] assurance and configuration management described in Volume I, Sections 7 and 8."

In other words, vendors don't even have to meet the standards in the VSS/G if the testing authority labs (which they fund) or the EAC says they don't have to. So much for banning things such as interpreted code or trying to achieve an acceptable hardware failure rate or improved e-voting security. If the EAC gives a vendor a pass, there are almost no voting system hardware or software performance requirements that actually have to be met. Nearly all are subject to re-interpretation by the EAC.

(And yes, the authors of the above loophole spelled the word "quality" incorrectly too - you can't make this stuff up!) Read the Entire Article

From Around the States

Tabulators Fail in Arkansas on Election Day, Secretary of State Announces Inquiry
by Brad Friedman, The Brad Blog - May 23, 2006

This article appeared on The Brad Blog. It is reposted here with permission of the author.

Another Primary Election Day. Another E-Voting Mess. This time in Arkansas.

Mind you, this comes on the heels of earlier announcements that several major counties in Arkansas would be forced to use paper ballots instead of electronic machines after ES&S failed to deliver ballots and programming on time for the start of elections (something like the 10th state in which this has happened with ES&S so far this year, as regular BRAD BLOG readers know. But shhh...don't tell anyone!)

On Monday, the day before the election, at least one county election director in Arkansas pleaded with voters to choose paper on Election Day. "Grab a paper ballot, vote it and put it in the ballot box. It will go smoother," Benton County's election coordinator told voters on Monday.

Well, now it looks like ES&S has failed even further (we're shocked, shocked!) as tabulators in some counties failed to work at all, so ballots can't be counted until tomorrow at the earliest. And now the AR Secretary of State wants some answers about all of it. Read the Entire Article

Georgia:Voting Rights Activists Call for Secretary of State Cox to Step Down
by Defenders of Democracy - May 26, 2006

Citing concerns over conflict of interest, voting rights activists today called upon Secretary of State Cathy Cox (pictured at right) to step down from her position as chief overseer of elections during her run for Governor.

"This is no ordinary conflict of interest," stated Mark Sawyer, co-founder of Defenders of Democracy, a state voting rights group. "We have an unprecedented situation in, where a sitting Secretary of State will be counting votes in her race for Governor on electronic voting machines she has personally fought hard to keep insecure. This is a conflict of interest of colossal proportions."

Georgia’s current, paperless electronic voting system was implemented by Secretary of State Cox in 2002, a system she continues to insist is secure because it is tested at both the national and state levels.

However, a longstanding, nationwide consensus of computer scientists, engineers and auditing experts disagree with her. To cite but one example, William Arbaugh, computer scientist with the RABA Technologies team that inspected  the same Diebold voting machines in Maryland, says in the New York Times, "I can say with confidence that nobody looked at the system with an eye to security who understands security."

In fact, since 2003 - when Fortune magazine dubbed electronic voting "Worst Technology of the Year - continuing disclosures of voting machine insecurity have spawned a nationwide movement for voter-verified paper ballots, a movement that Cox has attempted to insulate herself from in Georgia.  Read the Entire Article

New Jersey: Update on Rutgers Lawsuit
by Beth Feehan, VoteTrustUSA - May 26, 2006

Once again, Attorney Penny Venetis (pictured at right), from the Rutgers Constitutional Law Clinic in Newark, New Jersey, did a spectacular job in her argument “Supporting the Immediate De-Commissioning of all Electronic Voting Machines in NJ that cannot produce Voter Verified Paper Ballot” case to the Appeals Court.

Judges Fall, Stern, and Parker were all engaged, interested, and seemingly sympathetic to our case. Their focus was on the feasibility of the technology to retrofit the Sequoia Advantage machines, and the cost, but Ms. Venetis broadened the argument as to the constitutionality of voting on insecure machines in all elections up to Jan. 1, 2008 when the 2005 New Jersey law becomes effective. They wanted to know if there was a precedent for a court to enter an injunction against the use of the machines, but they seemed reluctant to act on what would seem to be a legislative or executive issue, due to the separation of powers.

However, Ms. Venetis concluded with a stirring argument that it is the duty of the judiciary to protect our constitutional rights. The issue of certification arose and they were amazed that a year had elapsed since the legislation passed and the AG still has not published criteria for meeting the legislative mandate of law. They seemed surprised at the inadequacy of the certification process and at the bidding process.   

They said that they would give the case a “thorough review as expeditiously as possible” and did not fix a date for the verdict. The best outcome would be for them to agree with us and order that all voters have a voter verified paper ballot immediately (and let the counties figure out how to implement this, be it with an Avante machine or paper ballots and optical scan). Or they could remand it to the Superior Court once again, this time asking for a hearing on the constitutional issues.  

Venetis tried to persuade them to exercise original jurisdiction and make a ruling on the issues in the case on the basis of the voluminous record. Once again, an exciting day in court!

New Mexico: Court Says That State Should Have Allowed Recount
by Warren Stewart, VoteTrustUSA - May 28, 2006

Belated Victory for Greens and Libertarians Leaves Flawed Election Results Unexamined 

Election integrity activists in New Mexcio were justifiably heartened by a state court decision this month that invalidated a clause in a 2005 omnibus election reform bill that allowed the state canvassing board to require candidates to pay the estimated full cost of a recount up front as a deposit. The decision was a victory for all those involved in the effort to recount the 2004 New Mexico presidential election results. Analysis of the certified results revealed troubling anomalies including 2,087 phantom votes and an alarmingly high undervote rate (2.78% statewide, 21,084 in all), particularly from polling places using Sequoia Advantage and Shouptronic 1242 direct record electronic (DRE) voting machines.

Shortly after the state certified the results of the November 2004 election, presidential candidates from the Green Party (David Cobb) and Libertarian Party (Michael Badnarik) requested a recount. The candidates had submitted a deposit of $114,400 and argued that was the proper amount for a recount based on a formula in state election law. Help America Recount coordinated the recruitment and training of hundreds of citizen observers. But the state canvassing board, which consisted of Governor Bill Richardson, Secretary of State Rebecca Vigil-Giron, and Supreme Court Chief Justice Petra Maes decided in mid-December 2004 that the candidates could have a recount only if they paid a security deposit of $1.4 million, which was an estimate of the full cost of a statewide recount.

Attorneys for the candidates argued at the time that the convassing board’s demands were in violation of state law but their complaint was dismissed by state courts and the recount never took place. Subsequently the Governor had a provision inserted in an omnibus election bill passed in the 2005 legislative session that allowed the canvassing board to require a deposit of either part or the full estimated cost of a recount. While an agreement to strike the provision was reached with the legislative sponsors of the bill, in the hectic final days of the legislative session, it remained in the bill that was passed and signed into law in May of 2005. Read the Entire Article


Advocates File Voting Rights Lawsuit in Washington Challenging Database "Matching" Requirements
by Project Vote - May 26, 2006

Washington Breaks From National Standards For Voter Registration

Download the Complaint (PDF) 

Project Vote's continuing work to eliminate barriers to voter registration took another step forward when community organizations and advocates filed suit today challenging a 4-month old Washington law that improperly implements the federal Help America Vote Act (HAVA) of 2002.

The lawsuit, the product of an on-going collaboration between Project Vote and the Brennan Center for Justice at New York University, takes aim at a law, RCW 29A.08.107 which requires the Secretary of State to match identifying information on a voter registration application--usually a drivers' license number, state ID card number, or Social Security number--to the corresponding government database. If a match cannot be made, and an applicant doesn't correct the situation within 45 days, the applicant is not registered.

Matching records between two large databases is an inherently flawed operation for a number of reasons, including:

* human error by government election workers, including misspelling of names, omitting or adding letters in a name, and transposing numbers in a Social Security or driver's license ID.
* Asian-Americans, American Indians, and Alaska Natives with names that are especially prone to multiple English spellings, or flipping of first and last names;
* married women who have taken hyphenated names or their husbands' inconsistent punctuation of names containing apostrophes or hyphens;

* computer errors caused by file corruption from computer viruses; and absence of uniformity in maintaining, storing, and transferring computer data.

Several reliable studies have found database matching error rates of approximately 20-32%. Read the Entire Article

Election Integrity News Editor: Warren Stewart
VoteTrustUSA Statement of Principles
Please forward Election Integrity News to your friends!