Government Technology - December 2007 - (Page 59)

“Somebody said it was tantamount to giving the inmates the key to the jail and putting the correctional officers on break, and then saying PHOTO COURTESY OF JOSEPH LORENZO HALL the jail is unsafe.” Paul McIntosh, executive director, California State Association of Counties Bowen said. Some still have federal money provided through the Help America Vote Act (HAVA). But a few have depleted both sets of funds. “We’ll have to work with the counties, as Florida had to do, and New Mexico, to figure out the best way to handle the financial impact of the problem.” In addition, provisions in their contracts with voting system vendors, which require the vendors to provide certified election equipment, protect some counties, Bowen said. If the technology is decertified, the vendor must replace it with another voting system that the county is allowed to use. California’s liberal vote-by-mail policies also should soften the impact of the decertifications. “Close to half of our voters are now voting by mail,” Bowen said. “Last November [2006], somewhere between two-thirds and three-quarters of California voters cast their ballots on paper, either in an optical scan system at the polling place, or on an absentee ballot which is mailed in, and which, of necessity, has to be on paper.” At the time the counties bought them, the e-voting systems in question were all certified by California and the federal government. Bowen said she took a new look at the systems because state law requires the secretary of state to periodically review voting systems for defects, obsolescence or other factors that might make them unacceptable. Bowen said her concerns about e-voting stem from ongoing debates — dating back to the 2000 presidential election — about the reliability and security of various voting methods. She highlighted numerous incidents where DRE systems left thousands of votes uncounted. Take the precinct in North Carolina where the voting server was configured to hold up to 3,200 votes, and more than 7,000 people voted there, she said. “That meant 4,000-some people were completely disenfranchised.” “When I certify elections. I want to be able to say to voters, ‘I am certain that these are the results of the election that was just conducted in California.’” Debra Bowen, secretary of state, California Minibar Key Bowen also pointed out documented security flaws in e-voting machines — for example, the use of identical keys to lock the memory card doors on all systems in a product line. “Researchers “Somebody said it was tantamount to giving the inmates the key to the jail and putting the correctional officers on break, and then saying the jail is unsafe,” McIntosh said. “When the secretary did her review, she did it under the worst-case scenario model, without any defenses,” Weir said. “From most registrars’ perspectives, the true test wasn’t given.” Such a test would consider not only safeguards built into the machines, but also safeguards that election officials put around the machines, he said. Bowen termed this sort of criticism “naive,” given the ingenuity of many hackers. And, she said, researchers didn’t always need inside knowledge to violate the systems. “In the Sequoia system, for example, the testers were able to create an exploit that allowed them not only to change the results of an election, but to hide their tracks, without having any access to the source code or any knowledge of the password.” an apparent error, such as unintentionally marking two candidates for the same office. Counties had to meet those requirements with technology that was already on the market. “We’d love second-generation stuff,” Weir said. But given the time it takes to develop new systems, get them through the permitting process and bring them to market, better-designed technology probably won’t become available until 2014, he said. For Bowen, the bottom line is that she’ll have to certify the results of elections in California in 2008. “When I certify elections,” she said, “I want to be able to say to voters, ‘I am certain that these are the results of the election that was just conducted in California.’” GT CONTRIBUTING WRITER MERRILL DOUGLAS IS BASED IN UPSTATE NEW YORK. SHE SPECIALIZES IN APPLICATIONS OF INFORMATION TECHNOLOGY. j 59 at Princeton last fall discovered, using one of the Diebold systems, that a hotel minibar key or an office filing cabinet key would unlock the voting machine. And it’s the same key for every piece of equipment,” she said. Some county officials have questioned the process used to evaluate the DRE machines. “The secretary of state, first of all, never contacted election officials. They were not part of the process,” said Paul McIntosh, executive director of the California State Association of Counties. Moreover, McIntosh said, the secretary’s office gave the researchers information about the machines and their software that real hackers would need to unearth on their own. And researchers had ample time to work with the machines. According to one security expert, California’s effort to pinpoint security flaws and demand that they are fixed is beside the point. Writing in Wired magazine last August, Bruce Schneier said that while the University of California tests represented a laudable effort, no matter how many security flaws one may patch in an IT system, more will inevitably appear. “Insecurity is the norm,” wrote Schneier. The real solution is security assurance, a series of processes that build security in from the ground up and maintain it throughout the life cycle of the system. It’s true, Weir agreed, the best way to provide security in voting systems is to layer it in. “Believe me, we get that.” But HAVA required election officials to provide machines that disabled voters can use and machines that offer “second-chance” voting — the opportunity to correct Millions of U.S. citizens will cast electronic ballots during the 2008 presidential election, but there’s still debate about the machines’ security after a few states had thousands of invalidated votes due to errors in 2000. http://www.govtech.com

Table of Contents Feed for the Digital Edition of Government Technology - December 2007

Government Technology - December 2007 Contents Point of View Big Picture Profile The Last Mile GT Spectrum Well...How Did We Get Here? Dark Spaces A Paler Shade of Green? Decertification Dilemma Game On Two Cents Products Signal:Noise

Government Technology - December 2007

For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.