Election Integrity News - October 3, 2006
This Week's Quote: "The core of our American democracy is the right to vote. Implicit in that right is the notion that that vote be private, that vote be secure, and that vote be counted as it was intended when it was cast by the voter. And I think what we're encountering is a pivotal moment in our democracy where all of that is being called into question." Former California Secretary of State Kevin Shelley, Dec. 16, 2003
In this issue ...
News From Around the States
|EAC Requests Comments on Manual for Voting System Testing & Certification Program
Election Assistance Commission - October 2, 2006
Download the Draft Voting System Testing and Certification Program Manual
The U.S. Election Assistance Commission (EAC) is requesting public comments on a draft procedural manual for the voting system testing and certification program. The Help America Vote Act of 2002 (HAVA) directs the EAC to assume responsibility for the certification, de-certification and re-certification of voting system hardware and software used in conducting federal elections and for the accreditation of testing laboratories. This mandate represents the first time the federal government will provide for the voluntary testing and certification of voting systems, nationwide.
In response to the new HAVA requirement, the EAC is developing a program that requires the submission and retention of information related to voting systems and voting system manufacturers. EAC has released for public comment a draft procedural manual that will be used to obtain the necessary information once the program is in place. This is a voluntary effort by the EAC to gather input from the public on the EAC's administrative procedures for certifying or decertifying voting systems. Please review the manual and submit written or electronic comments according to the instructions contained on the website link below. For further information contact Brian Hancock, Director of Voting System Certification, 1225 New York Avenue, Suite 1100, Washington, D.C., (202) 566-3100, Fax: (202) 566-1392.
Please click on this link to view and comment on the proposed manual.
DEADLINES: Written or electronic comments on this draft procedural manual must be received on or before 5:00 p.m. EDT on October 31, 2006.
|Scanner and DRE Voting Machine Problems Are Not Equal
by Wanda Warren Berry and Bo Lipari, New Yorkers for Verified Voting - October 1, 2006
During the 2006 primary elections, some verified voting advocates were troubled by reports of problems with ballot scanners. The famous “Hursti” hack was carried out on a scanner. In addition, in March 2006, another flurry of concern about scanners was caused by reports of inaccurate grading of Scholastic Aptitude Tests. The testing agencies quickly admitted that the problems were caused by poor quality control rather than an inherent weakness of the system, but this admission receives little notice by those seeking to ‘prove’ the benefits of electronic touch screen voting machines (DREs) over paper.
There is a tendency among election officials to use reported problems as a way to excuse themselves from careful comparisons of paper ballot and DRE systems. Too often we hear them say that both systems have problems. While this is true, it is only a half truth, for not all problems are equal.
Paper ballots and precinct ballot scanners have been used in the US for over 20 years and now by nearly 50% of American voters without significant problems. Today’s increased scrutiny of all voting systems has resulted in an increase in reported errors for all types of voting systems, including electronic touch screen voting machines and paper ballot precinct scanner systems. This underscores the fact that using computers in elections can be problematic and the ability to audit a system independently is of key importance.
A problem encountered with the scanner component of a paper ballot system need not result in lost votes. If the marked ballots are correctly managed, retained and recounted, votes can still be counted in a number of different ways. But a DRE which fails may lose these votes forever. Read the Entire Article
|Contingency Paper Ballot Legislation Introduced in Both The Senate And House
by Warren Stewart, VoteTrustUSA - September 30, 2006
VoteTrustUSA Strongly Endorses S.3943 And HR 6187 - Legislation That Would Provide Voters With The Option Of Casting A Paper Ballot
Text of S. 3943 Text of HR 6187
In response to widespread concern about the reliability of electronic voting systems, legislation was introduced today by Senators Barbara Boxer (D-CA) Chris Dodd (D-CT), and Russ Feingold (D-WI) that would provide funding to jurisdictions for the printing of emergency paper ballots. Rep. Rush Holt introduced a similar mesasure, HR 6187, in the House.
Growing out of an effort initiated by Brad Friedman of BradBlog and Velvet Revolution, and endorsed by Common Cause, VotersUnite.org and numerous other election integrity and public interest groups, this emergency provision offers incentive for counties to provide paper ballots in the case of machine malfunction and for voters that prefer to vote on paper ballots.
VoteTrustUSA strongly endorses this important bill and encourages immediate action in Congress to pass this bill quickly to allow states tiime to prepare for the November general election. All voters are encouraged to contact their Representatives and Senators urging them to support this common sense legislation. Read the Entire Article
|House Committee Hearing Testimony
by Edward W. Felten, Professor, Department of Comouter Science, Princeton University - September 28, 2006
Open the lid of an electronic voting machine and look inside; what you will see is a computer, much like an ordinary desktop PC or Mac. Because they are computers, e-voting machines are susceptible to familiar computer problems such as crashes, bugs, mysterious malfunctions, data tampering, and even computer viruses. The question is not whether we can eliminate these problems – we cannot – but how we will cope with them.
Unlike ordinary desktop computers, e-voting systems are entrusted with the most important process of our democracy – collecting and counting votes – and must perform that process accurately, reliably, accessibly, and securely. Trust in election outcomes is necessary for our electoral system to work, but the political system often does not lend itself easily to trusting relationships. Voting technologies must help to build this trust. Today’s e-voting infrastructure is not up to the task, but tomorrow’s can be.
Two weeks ago Ariel J. Feldman, J. Alex Halderman, and I released a paper analyzing in detail the security of the Diebold AccuVote-TS, one of the most widely used e-voting systems.
The main findings of our study were as follows:
1. Malicious software running on a single voting machine can steal votes with little if any risk of detection. The malicious software can modify all of the records, audit logs, and counters kept by the voting machine, so that even careful forensic examination of these records will find nothing amiss. We have constructed demonstration software that carries out this vote-stealing attack.
2. Anyone who has physical access to a voting machine, or to a memory card that will later be inserted into a machine, can install said malicious software using a simple method that takes as little as one minute. In practice, poll workers and others often have unsupervised access to the machines.
3. AccuVote-TS machines are susceptible to voting-machine viruses — computer viruses that can spread malicious software automatically and invisibly from machine to machine during normal pre- and post-election activity. We have constructed a demonstration virus that spreads in this way, installing our demonstration vote-stealing program on every machine it infects.
4. While some of these problems can be eliminated by improving Diebold's software, others cannot be remedied without replacing the machines' hardware. Changes to election procedures would also be required to ensure security.
Read the Entire Response
|We Must Make Our Elections
More Secure, Reliable, Accessible, and Verifiable
by Barbara Simons, Association for Computing Machinery - September 28, 2006
Statement for the Committee on House Administration Hearing on Electronic Voting
We all want elections that are reliable, secure, accessible, and trusted by the public. Given known security risks, the possibility that software bugs could generate incorrect election results, or that computerized voting machines may fail during an election, we cannot trust that the results recorded in a paperless voting machine accurately reflect the will of the voters. Providing a voter verified paper trail is a significant step toward mitigating these risks, restoring transparency to the election, and ensuring the public’s trust.
Because paperless Direct Recording Electronic (DRE) devices cannot be audited, many states have mandated that DREs produce a voter verified paper audit trail (VVPAT) or voter verified paper ballot (VVPB). We have seen that careful and well engineered implementation of this requirement is critical. Some of the most widely used DREs have retrofitted their machines by adding reel-to-reel thermal printers. Unfortunately, there have been a number of problems with these continuous roll printers, including jamming, privacy concerns, and difficulties conducting a manual count of the paper.
There are high quality printers that are much more reliable, that produce easy to read text, and that could print VVPBs that are easy to count manually. Our voting systems should not depend on mediocre equipment.
Precinct based optical scan voting systems also produce VVPBs, since by definition the optical scan ballot is verified by the voter when he or she marks the ballot. Accessible optical scan ballots can be produced using tactile ballots or electronic ballot marking systems. Optical scan ballots can be manually counted and used to audit elections. Read the Entire Article
From Around the States
|California: Governor Signs Four Election Reform Bills Into Law
by California State Senator Debra Bowen Press Release - September 22, 2006
Despite Vetoing Initiative Reform Measure & Bill to Make it Easier for Students to Work at the Polls, Governor Signs Four Measures to Improve Transparency of the Electoral Process
Beginning next year, elections in California will be subjected to more stringent
auditing requirements and the electoral process as a whole will be significantly
more open and transparent thanks to four measures by Senator Debra Bowen (D-Redondo
Beach), the chairwoman of the Senate Elections, Reapportionment & Constitutional
Amendments Committee that the Governor signed into law shortly before the September
30th deadline to act on bills.
"By improving the auditing requirements and opening up the process, these measures should begin to restore voters’ faith in the electoral process," said Bowen.
The measures signed into law by the Governor include:
• SB 1235, which requires:
1. Elections officials to include absentee and all other ballots cast before Election Day or at satellite voting centers in the 1% post-election manual audit required by law;"Nearly half of California’s voters use an absentee ballot to vote and thousands of others take advantage of in-person early voting opportunities before every election, so the fact that some of these votes aren’t included in the auditing process undermines the integrity of the audit and the election itself," said Bowen. "The 1% manual audit is designed to ensure that that electronic voting machines and ballot counters tallied the results correctly, but there’s no way to conduct a meaningful review if nearly half of the ballots cast aren’t subject to the 1% audit requirement."
2. Audited precincts to be selected at random;
3. A five-day public notice to be given before the precincts to be audited are selected and before the audit itself will be done, and requires both events to be open to the public; and
4. The results of the audit to be made public, complete with an explanation of how discrepancies between the machine count and the hand count were resolved.
|Court Upholds Colorado Voters Challenge to Electronic Voting System
by VoterAction - September 27, 2006
Court-Ordered Emergency Security Procedures Follow On Court Decision Calling Colorado Machines’ Security ‘Abysmal’
On September 27, the Colorado Attorney General’s office and the legal team that successfully challenged Dennis’ certification of DRE computerized voting machines in Colorado, Wheeler Trigg Kennedy and Voter Action, today completed negotiations regarding enhanced security procedures to be used in the November election. The negotiations began following Judge Lawrence Manzanares’s order last Friday that Secretary of State Gigi Dennis implement emergency statewide electronic voting security procedures for the November 7th election. The current agreement provides short-term measures to carry the state through November; following this election, the state will have to make further efforts to guarantee vote security. The enhanced security procedures were filed in court last week.
"The length and complexity of the security procedures that will be put in place for the November election, including the complicated chain of custody measures, demonstrate how badly the system is broken and that Judge Manzanares understood the critical need for additional security to mitigate the risks of the dubious DRE computerized voting machines," said Paul Hultin, lead counsel for the plaintiffs, who headed a team of lawyers from the firm of Wheeler Trigg Kennedy LLP, in Denver, which is providing pro bono legal services in the case. Read the Entire Article
|Illinois: State Commission Cites DuPage County Board of Elections for Destruction of Records
by Illinois Ballot Integrity Project - October 2, 2006
The DuPage County Election Commission has been allegedly illegally destroying election and other public records by failing to apply for permission from the Illinois Local Records Commission according to recent letters to Illinois State Attorney General Lisa Madigan and to DuPage State's Attorney Joe Birkett, from John Curtain, Chairman of the Illinois Local Records Commission.
The letters bring to the Attorney General’s and State's Attorney's attention that the executive director of the DuPage County Election Commission, Robert T. Saar, has admitted that the Election Commission destroyed poll tapes from the November 2004 presidential election as early as 20 months prior the date permitted under Federal law. In addition, Saar has stated in response to a Freedom of Information Act (FOIA) request that memory cards and other electronic records of ballots cast in the November 2004 election were no longer available as “ . . . no such document exists for this period because the document is subject to continuous modification from imputing of new data.”
The letters also cite information from the Dec. 7, 2005 minutes of the DuPage County Election Commission that state the Commission was planning to destroy voter registration documents; the Commission has never filed for a disposal certificate for these materials as required by law. In addition, the Local Records Commission wrote to the Illinois Attorney General’s office on June 6, 2006, requesting a formal confirmation opinion that the DuPage County Election Commission is subject to the provisions of the Illinois Local Records Act (50 ILCS 205). The Illinois Attorney General already resolved a similar issue in 1999 on the applicability of the State Local Records Act with the DuPage County Public Safety Communications Office in opinion 99-021. Read the Entire Article
|Is Diebold Really OK In Pennsylvania (And The Rest Of the Country)?
by Warren Stewart, VoteTrustUSA - October 3, 2006
I appeared on CNBC’s “On the Money” yesterday with Michael
Shamos, Carnegie Mellon University computer scientist and voting systems consultant
to the Commonwealth of Pennsylvania. The segment took as its point of departure
the recent Princeton University study, which demonstrated once again that with
minimal access, election results could be altered undetectably on a Diebold
When asked by the host, Dylan Ratigan, if there was any cause for concern with the security of electronic voting machines, Mr. Shamos (pictured at left) quickly admitted that “There are very severe security drawbacks to current electronic voting machines.” He went on to recommend a reactive strategy of fixing flaws in the machines as they’re discovered.
Ratigan countered, “How do we know when its fixed? Anyone who’s worked with a computer knows how bugs perpetuate themselves seemingly indefinitely.” Mr. Shamos agreed, admitting that it was pointless to attempt to get voting machines into a “perfect” state. He went on to say that “there’s never been a verified instance of tampering with a voting machine.” Of course, one of the revelations of the Princeton Report and many studies that preceded it was that vote totals can be altered undetectably. Exactly how could anyone verify something that is undetectable?
When asked if, in light of the security vulnerability revealed in the recent Princeton report, he had confidence in the Diebold machines being used in November, Mr. Shamos replied “they certainly aren’t unless that vulnerability is corrected.” He then referred to a Directive (see below) issued by the Commonwealth of Pennsylvania in Pennsylvania in response to an earlier report of security vulnerabilities in Diebold’s equipment released last March, suggesting that everything was under control, at least in Pennsylvania. Of course, there was no mention of the fact that Diebold equipment is being used across the country and few of those states have addressed the concerns as Mr. Shamos claims Pennsylvania has.
And just what were the ‘remediating’ actions taken in Pennsylvania? Should voters feel confident that everything is under control and we should simply “move on” and trust the security and reliability of unverifiable elctronic voting machines”? And what about all the other electronic voting machines that will count Pennsylvania’s votes? Read the Entire Article