Forum Navigation
Topics
Log In
Log Out
:
Forum Search
New Today
New This Week
Advanced Search
Tree View
Forum Account
Edit Profile
Register
Forgot Password
Forum Tools
Help/Instructions
Policies
CLICK STATE TO SEE:
"WATCH LIST"
Marked with: 
"OPEN & HONEST"
Marked with: 
...
|
| 2-11-06: Voting machine examiners chi... |
|
| Author |
Message |
    
Bev Harris
Board Administrator
Username: Admin
Post Number: 3657
Registered: 12-2004
Best of Black Box? 
Votes: 10 (A keeper?) | | Posted on Saturday, February 11, 2006 - 5:05 pm: | 
|
Key witnesses have notified the California Senate Elections Committee that they will refuse to show up at the hearing on how certification is being done. They don't want to be questioned.
Shawn Southworth (Ciber) has notified the investigating committee that he will decline to appear. Jim Dearman (Wyle Labs) has notified the committee that he will decline to appear.
No word yet from California voting machine examiner Steve Freeman or California technical advisor David Jefferson, who have accepted at least $150,000 and $50,000, respectively, in Calif. taxpayer money for their roles in testing and certification and recommendation.
The hearing, scheduled for Feb. 16, was called by Calif. Senate Elections Committee chairperson Debra Bowen. Thus far, no subpoenas have been issued. The process for issuing a subpoena takes place in the Senate Rules Committee, which Bowen is also a member of. Without subpoenas, it now seems likely that not a single key witness will show up for questioning.
They won't show up without a fight, and here's why:
Questions need to be asked about the breakdown in voting system testing & certification
It is clear by now that the prospect of having to answer how systems like the defective Diebold GEMS central tabulator were recommended for certification is simply a no-win situation for most of the voting machine examiners.
The Diebold system has been recommended for certification over and over, and according to time sheets obtained for the examiners, many hours have been invested in examining its security. Yet two different hacks in projects conducted by http://www.blackboxvoting.org, one by Dr. Herbert Thompson and a different one by Harri Hursti, quickly penetrated the system, altering election results.
It took Hursti only 24 hours to spot the fatal flaw in Diebold's memory card architecture. Both federal and state certifiers should be asked why they recommended this system for certification. Did they not notice the problem, or did they ignore the problem, or did they think it was not a problem?
It took Dr. Thompson less than five minutes to identify the fatal flaw in the GEMS tabulator. Both federal and state certifiers should be asked why they have repeatedly approved GEMS for certification. Did they not understand that a Visual Basic Script can be used to hack a Microsoft Access application? Did they not know GEMS uses Microsoft Access? Do they believe that using a voting program that is hackable with a simple script is secure?
The Steve Freeman time sheets reveal that he specifically billed the state of California for testing in response to the RABA Technologies report and the CompuWare report. His time sheets show an additional five-hour examination of GEMS security. The August 18, 2004 CompuWare report rates the GEMS risk High, High, High and the RABA report says that GEMS should be rewritten entirely.
Freeman needs to be asked, under oath, why he repeatedly recommended GEMS for certification even after numerous reports detailed its security flaws. As recently as November 2005, Freeman recommended GEMS for certification again, this time admitting that there were defects but saying they were planning to find a way to mitigate them. (However, California has not yet mitigated the defects, but will continue to use GEMS.)
Both federal and state certifiers should also be asked why they approved interpreted code in Diebold machines, contrary to FEC standards. Do they think there is no interpreted code? If so, why is there a program called the "interpreter"? Do they think it is okay to have an interpreter running code in a voting system during an election?
According to documents obtained from the state of California by Black Box Voting, Diebold actually stripped out security measures on its absentee ballot counting machines, removing the only safeguard against GEMS hacking available, short of counting all of the ballots by hand. Both federal and state examiners need to be asked why they approved this. Nearly 40 percent of California votes are mail-in. Given the known risks with GEMS, was it appropriate to remove the voting machine results tapes, leaving mail-in vote security solely up to GEMS? Did the examiners not know this? Did they not consider it to be a problem?
(See also: Mail-in ballot risk )
Taxpayer funds paying for what?
Here are some of the time logs and payment records for the voting examiners who examined security on GEMS and the optical scan machine, but recommended for certification anyway, saying nothing publicly about the defects:
http://www.bbvforums.org/forums/messages/2197/19300.html
These important documents and many more were obtained by a California citizen, Joan Quinn, as part of an effort to safeguard the 2006 Election by shedding sunlight on the certification and testing process. If you think the documents obtained by Joan Quinn are important, and you'd like to get involved in gathering evidence to protect Election 2006, please write privately to crew (at) blackboxvoting.org - include your location and we'll send you individualized instructions to obtain strategic documents.
Nondisclosure agreements?
While voting machine examiners like Southworth, who examined the GEMS software, and Jim Dearman, who has run the Wyle testing that examined the Diebold optical scan firmware, will be hard-pressed to explain themselves to the California Senate Elections Committee, the other examiners -- Steve Freeman and David Jefferson -- might be able to explain their silence by pointing to nondisclosure agreements.
http://www.bbvforums.org/forums/messages/1954/17717.html
Black Box Voting has received reports that the nondisclosure agreements (NDAs) signed by state voting system examiners prohibit them from telling what they know.
These NDAs are apparently being executed directly between the state voting system examiner and vendors like Diebold. A response from the Calif. Secretary of State to a BBV records request states that the secretary of state does not have a copy of the NDAs between voting system examiners (paid by the Sec. State's office) and the voting system vendors.
But there's another problem: Nondisclosure agreements do not explain why California examiners recommended GEMS and the interpreter and the Diebold memory card design for certification. Even if they withheld what they knew from the public (a questionable practice, when being paid by public funds), they didn't have to recommend certification.
Where is R & G and did they take any documents when they folded up shop?
To add to the murkiness, the contractor the secretary of state's office paid for some of Jefferson's work, R & G Associates LLC, has now vacated its offices, disconnected its phones, and shut down its Web site. The documents obtained by Joan Quinn show invoices to the state of California from R & G for over $1 million. When Black Box Voting investigator Jim March showed up at the R&G office on their most recent corporate filing, they'd vacated the premises. Yet R&G work agreements obtained by Joan Quinn seem to indicate they were contracted with the state of California through 2006.
Next questions: Did R & G have any documents, contracts, invoices, reports, computer files, or anything else related to work done by the voting machine examiners? If so, where are those documents now?
Another no-show for the hearings
Documents related to certification, requested by Bowen's office of Secretary of State Bruce McPherson. As of Friday, she reportedly had not received any response McPherson, and the delay in production of these records violates the time limits in California public records law.
The list of people who need to receive subpoenas:
- Shawn Southworth (Ciber)
- Jim Dearman (Wyle)
- Steve Freeman (California voting system examiner)
- David Jefferson (California voting system technical advisor)
- Talbot Iredale (Diebold Election Systems chief engineer)
- Ken Clark (Diebold Election Systems GEMS designer)
- Guy Lancaster (Co-Designer of the Diebold optical scan system)
- Jeffrey Dean (worked on the GEMS system and the mail-in voting systems which interface with GEMS)
- Tom Wilkie (NASED voting systems certification, has moved up to EAC)
- R. Doug Lewis (The Election Center, involved with selecting the ITAs, ran interference for the ITAs for 10 years)
PERMISSION GRANTED TO COPY, REPRINT, CITE AND DISTRIBUTE. (REQUIRES LINK TO http://www.blackboxvoting.org). |
Bev Harris
Board Administrator
Username: Admin
Post Number: 3658
Registered: 12-2004
Best of Black Box?
Votes: 3 (A keeper?) | | Posted on Saturday, February 11, 2006 - 5:37 pm: |
|
The true scariness of the GEMS hack performed by Dr. Herbert Thompson
CLARIFICATION: This is written by Bev, regarding the type of hack done by Dr. Thompson. Original title "hack by Dr. Thompson" was unclear, someone might have thought he wrote this. Also, the complex examples of a formula were not used in Leon County. He did two different configurations, one of which had the script do intelligent guessing, as described below; there are an unlimited number of ways to configure the math formulas the script can do)
Of compelling interest, when asking why examiners repeatedly recommended GEMS for certification, is what Dr. Herbert Thompson did when he hacked the GEMS tabulator in the Black Box Voting project with Leon County on Feb. 14 and May 2 last year. Now that was scary, for these reasons:
1) It took less than 60 seconds
2) You don't need a GEMS password. You never need to even open GEMS! You just slip a small script onto the hard drive, where it sits quietly waiting for the trigger to do its hidden work.
3) It could be set up by anyone with 60-second access to the tabulator IN ADVANCE. In fact, you could rig the 2008 election right now, and even if they upgraded the software in the mean time, as long as your trojan horse is still buried in the hard drive and as long as they didn't fundamentally rewrite the architecture of the tables themselves, you're in.
4) With Dr. Thompson's trojan horse, he created a program that makes intelligent guesses at the ballot choices. In his May 2, 2005 hack of the Leon County tabulator, his trojan horse program guessed at a "similar to" for a candidate name. Dr. Thompson said he can equally easily create a program that searches for a race -- for example, sounds like "pres", and/or a choice within the race that sounds like like "rep", and/or look for the these totals in the vote category that sounds like "abs" [absentee]"
In other words, you can own the election in advance, even if you don't know the candidate's name or even the exact spelling of the race or party on the ballot!
5) With Dr. Thompson's trojan horse, you can create elaborate math if you want, including IF-THEN statements and triggers. Example:
- IF at 11:59 p.m. on Nov. 4 2008 a race that sounds like "pres"
- has totals such that a choice that sounds like "rep" is less than the choice that sounds like "dem,"
- THEN calculate the percentage of the spread
- THEN for vote category that sounds like "abs"
- select totals for the post-Nov. 4 absentee batches
- apply the formula to the following absentee ballot batches "1st, 9th, 10th, 12th, 15rd, 24th, 29th, 36th"
- alter the input for each of those absentee ballot batches by using random variations between 18 and 26 percent of the amount of the spread as of 11:59 p.m. Nov 4 .
In other words, with 60 seconds of pre-work you can do any damn thing you want, any formula, with any trigger, implemented at any specific time, for any race, major party choices, precincts and vote category. You can do it years in advance on a federal election. And if your manipulation gets caught? Call it a "glitch."
Mail-in votes are especially vulnerable to GEMS central tabulator tampering
You could also run such a formula only on absentee ballots entered BEFORE election day. Note San Diego July 26, 2005 mayoral, which had a vast difference between absentee and poll votes, which they attributed to mailings.
Note that the absentee votes do NOT have a poll tape, a protective feature that Diebold removed fairly recently. Why? Why is no one asking about this, especially now that so many places are increasing the mail-in voting? And why did California examiners approve this change for certification?
The poll tapes aren't being used properly to audit GEMS either
Even assuming the poll tapes aren't falsified (Hursti hack), field work by Black Box Voting has revealed that they aren't being used except to "spot check." In Alameda County, they spot check one percent of the poll tapes against GEMS.
When you are told that poll tapes are compared against GEMS, ask very detailed follow up questions, preferably on videotape. Ask if 100% of the ballot choices are compared against 100% of the GEMS results. Most places, you'll find out that is not the case. Not only do they not do a meaningful hand count of the ballots, they don't even do a meaningful canvass comparing the results reports from voting machines against GEMS.
PERMISSION GRANTED TO COPY, CITE (MUST PROVIDE LINK TO http://www.blackboxvoting.org ) |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 1722
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, February 11, 2006 - 9:11 am: |
|
This is a bombshell, Bev. I have never realized the implications of the Thompson hack were so far-reaching. This should be a story in itself. Or the subject of a NASED conference. Something is needed.
Maybe you should offer a vote-rigging seminar and that would get lots of publicity. (You could offer one seminar to each party. Just imagine. Or offer it to all of them all at once.)
I feel a little nervous that you've spelled this out so clearly here on the website.
What is it going to take for election officials to realize that they may potentially have a problem? Surely there is no election official, no matter how careful, who would be able to guarantee that NO ONE has ever had 60-second unauthorized access to their GEMS server. Similarly, no election official would be able to give any assurance that NO ONE would be able to obtain 60-second unauthorized access in the future. Think about it--all you'd need would be one fire drill.
From what you've said, it's possible that instructions have already been loaded for 2006, 2008, 2010, etc. How would anyone ever know?
What is the likelihood of something like this being caught by a 1% or 5% hand audit?
I guess there would be zero chance of catching it, if it was done with the absentee ballots which never had a poll tape to provide a basis of comparison.
Think of all the well-meaning voting activists out there trying to change their laws to require a paper ballot, who at best are getting concessions for hand audits for a small percentage, or--more commonly--with no guaranteed manual counts, or under very limited circumstances. All their efforts could be worth ZILCH with a hack like this going around.
Elections could become nothing more than a hacking competition, and whichever party or candidate has the best or most recent hack wins the election. In some places this may already be the case.
Can you do something to highlight this? Your spelling it out so explicitly here is crucial to getting the message across.
You are so aware of this yourself that you don't appreciate it needs to be spelled out in order for the rest of us to fully "get it." |
Jim March
Frequent Voting Rights Forum Participant
Username: Jimmarch
Post Number: 117
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, February 11, 2006 - 11:50 pm: |
|
We don't know just when R&G vanished. We do know that a company inhabiting half of their offices now only moved in a week ago, so that suggests R&G leaving may be recent.
I'll pin that down Monday at the latest. It's an important point...a question arises, did they bug out timed to the California Senate Election Committee's recent inquiries? Or if not, did their timing match anything else interesting?
Oh, here's a good one: the California SecState's office says they don't have non-disclosure agreements for Freeman and Jefferson. If such agreements exist but the SecState's office doesn't have them, that's a SERIOUS problem if the NDAs restrict info coming into the SecState agency and said agency doesn't know about (or the details) of the restrictions. So who DOES have the NDAs? Well Diebold for one, but we know Jefferson was paid through R&G - did R&G have the NDAs?
What other documents was R&G sitting on, that are now who knows where?
* * * * * *
* * * * * *
* * * * * *
* * * * * *
TRIPLE PROTECTION FOR ELECTION 2006 - STARTING NOW:
(1) Use Freedom of Information, public records requests ("All American Paper Chase")
(2) Try Dumpster Diving for Democracy
(3) Candid America Project - Don't leave home without your camcorder
HOW TO DO IT: http://www.bbvforums.org/forums/messages/6/6.html
|
Bruce Sims
Frequent Voting Rights Forum Participant
Username: Ubetchaiam
Post Number: 680
Registered: 06-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, February 12, 2006 - 12:14 pm: |
|
R+G was also the firm who conducted an inventory of voting systems used in CA and the report indicated that many counties were not using certified software but more importantly, very few of the County Election Officials knew what software they were using. Notice the date on the documents.
http://www.ss.ca.gov/elections/ks_dre_papers/randgsummary.pdf
http://www.ss.ca.gov/elections/ks_dre_papers/DIEbold_voting_syst_rev_fv6final1.p df
http://www.ss.ca.gov/elections/ks_dre_papers/rg_phase_II_revised_report.pdf |
Bev Harris
Board Administrator
Username: Admin
Post Number: 3670
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, February 12, 2006 - 12:59 pm: |
|
moved to private area III |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 1734
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, February 12, 2006 - 1:15 pm: |
|
More on the Hursti attack
This description by Susan Pynchon (FL) of everything that transpired at the Hursti hack was recently posted by Arlene at BB. I had not seen this before, so I post the link here:
http://www.bradblog.com/archives/00002408.htm#2
I found the remarks of "TJ" (a Leon County technician) particularly revealing. They indicate some degree of prior conversation with Diebold reps about the "printer template" question. This issue was mentioned on one of the BBV videos that anwar adi has just posted to google. Until I read Susan's full account at BradBlog I didn't appreciate what this referred to.
If anyone hasn't already seen this account, it is worth a read. |
Bev Harris
Board Administrator
Username: Admin
Post Number: 3675
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, February 12, 2006 - 2:10 pm: |
|
(from Bev) Reprinted from a friend of mine at a different forum. He's someone who deserves thundering truckloads of appeciation for his expertise, by the way, but has chosen not to be in the limelight.
==================
"What will Diebold say"
"They’ll say it was so that they didn’t need to distribute updates to thousands of pieces of hardware but rather send updates just a few GEMS installations.
"I followed the first Diebold hack, the so-called “GEMS Tabulator Hack” quite closely and I see quite a few parallels:
1.) Both hacks involve design decisions most professional programmers wouldn’t make.
2.) Both hacks open the system to fraud while providing a fig leaf of plausible deniability.
3.) Both hacks go out of their way to hide nefarious activity from elections officials.
4.) Both hacks rely on the fact that the paper ballots, IF ANY, would never be hand counted.
5.) Both hacks are done from the center-out and thus may be accomplished by just a few co-conspirators."
==================
(Bev again) But neither one could have been put there without the incompetence or complicity of the examiners. |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 107
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, February 14, 2006 - 1:13 pm: |
|
There are other critical issues that I intend to raise at this hearing. See below.
-R
------------
1. The test labs seriously test only function and hardware integrity. They do not seriously test security, and, in particular, do not test the systems for vendor-installed cheats. Even the new VVSG do not require meaningful security testing.
2. Even if the test labs did try to test for vendor-installed cheats, crooked vendors could dodge the testing by:
a. Using un-resettable realtime clocks to determine that the testing does not fall during an election;
b. Using information from ballots, keycards, or other data-transfer tokens to determine when to cheat. For example, vendors could supply the test labs with smart cards that contain data telling the machines to refrain from cheating, while supplying jurisdictions with other cards. [Diebold executes code from smart cards (“Hursi Hack” in Leon County).]
c. Using information broadcast via wireless (e.g., WiMax, Wifi, proprietary radio), broadband-over-powerline (“BPL”), or a network connection to notify the machines when to cheat and when to refrain from cheating;
d. Using OS-based or firmware-based malware loaders to dynamically replace an “honest” voting application with one that cheats.
3. If we’re going to use e-voting machines, we need public source, firmware, and hardware with citizen verification of the proper code being loaded on election day, properly-conducted parallel testing, and Nevada Gaming Control Board-style inspections. These aren’t enough, but they’re some defense against crooked vendors. Now we have next to no defenses, but must simply trust the vendors: trust, but not verify.
4. 163 hour minimum MTBF (VVSG Vol I, s.4.3.3)
a. Almost 28% of machines having the minimum MTBF will fail during a typical election (assuming an exponential distribution of failures as is typically used to analyze equipment failures and 45 hours’ use per election per VVSG s.4.3.3; failure rate is t / MTBF).
b. Creates wonderful opportunities for “directed use of failure”, where the cheater causes more-reliable machines to be used in jurisdictions favoring her candidate, and less-reliable machines to be used in jurisdictions not favoring her candidate. The ratio of failure rates is inversely proportional to MTBF, so a 2:1 ratio of MTBF means that the favored jurisdictions will experience half the failure rate of the disfavored jurisdictions. It’s easy to create a far larger ratio, skewing results even more.
c. Pitiful considering that standard commercial single-board computers with touchscreens have MTBFs in the 80,000 hour range.
5. The existing testing process and results are closed to public view.
6. The existing testing process is financed by vendors, who also get to choose the lab that tests their systems.
-R |
John Washburn
Voting Rights Forum Participant
Username: Johnwashburn
Post Number: 10
Registered: 02-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, February 14, 2006 - 1:49 pm: |
|
7. The Vendor provides the cherry-picked machine/system to be subjected what pitiful testing there is.
(Message edited by johnwashburn on February 14, 2006) |
Joseph Hall
Voting Rights Forum Participant
Username: Joehall
Post Number: 51
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, February 14, 2006 - 2:03 pm: |
|
Maybe this is too obvious... but the fact that the State has had to increase the requirements and state testing procedures (e.g., volume testing, AccuBasic, etc.) is proof-positive that poor tech. makes it through the obscure federal process. |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 108
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, February 14, 2006 - 2:10 pm: |
|
quote:7. The Vendor provides the cherry-picked machine/system to be subjected what pitiful testing there is.
Yes. A crooked vendor can submit "honest" systems for testing while shipping cheating systems to the field. I will raise this too.
-R |
John Washburn
Voting Rights Forum Participant
Username: Johnwashburn
Post Number: 12
Registered: 02-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, February 14, 2006 - 3:31 pm: |
|
The corker on the substitution question is the 2002 VVSG at least recognizes this as a possibility to be guarded against.
Volume I section 8.71 of the 2002 VVSG requires a physical configuration audit (PCA) of the system to be tested, Volume II section B.3 requires system identification be included in the final ITA lab report and Volume II section 6.2.2 requires the ITA to witness a reference build from the examined source components.
These 3 requirements serve but one purpose: to identify the precise system under test and demonstrate the source code examined has some connection to the executable system which tested.
Since there is no published PCA, there is no evidence to either suport or refute the claim the system delivered to a state examination board or a system sold to a local election adminstrator has any connection what so ever to the system tested by the ITA lab(s).
Even the pathetically weak 2002 VVSG calls for system identification. But, no one (EAC NASED, Shamos, Paul Craft, Brit Williams, et. al.) actually require the standard be followed.
(Message edited by johnwashburn on February 15, 2006) |
John Washburn
Voting Rights Forum Participant
Username: Johnwashburn
Post Number: 14
Registered: 02-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, February 15, 2006 - 10:46 am: |
|
A cross link to bolster Ron Crane's point about using side channel communication to activate and deactivate cheating code so as to minimize detection.
http://www.bbvforums.org/forums/messages/72/19328.html?1140025174 |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 109
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, February 15, 2006 - 10:47 am: |
|
quote:The corker on the substitution question is the 2002 VVSG at least recognizes this as a possibility to be guarded against.
I don't think the intent ever was to guard against crooked vendors. The 2005 VVSG contain a similar PCA procedure, but it was either (a) designed by someone lacking a full understanding of computer security; (b) designed only to make non-vendor-based hacking more difficult; and/or (c) designed to give the impression of thoroughness without the substance.
From the point of view of preventing vendor fraud, the procedure has many flaws. For example, nothing prevents a crooked vendor from using build tools to inject malicious code into the voting application a la _Reflections on Trusting Trust_, and the PCA easily could (and no doubt will) be read to impose no requirements at all on non-voting-related firmware (e.g., BIOS). And the procedures for verifying the integrity of the installed software implicitly rely on the use of vendor-provided verification firmware (e.g., Vol.I s.7.4.6(e) - 12/05 version). It should go without saying that this does nothing to constrain crooked vendors.
-R
(Message edited by ron_crane on February 15, 2006) |
John Washburn
Voting Rights Forum Participant
Username: Johnwashburn
Post Number: 15
Registered: 02-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, February 15, 2006 - 12:28 pm: |
|
Substitution of a tested, honest system with an untested system is a problem from either mistake or malice. The PCA is at least one small way such a substitution could be detected.
Even an incomplete PCA (lacking bios info, lacking COTS identification, lacking inventory of "helper" files al la .ABO files, etc.), could be used to detect some substitutions in some situations.
No published PCA though thwarts any possibility of detecting a substitution because there is no published description (incomplete or not) of the system tested by the ITA lab.
But the plain language of the 8.7.1 and B.3 requires what PCA there is (incomplete or not) to be part o the final ITA lab report. No such PCA's (partial or whole) appear in any ITA report I have seen.
Supposedly, Paul Craft, Brit Williams and others on the NASED Voting Systems Board inspected these final reports for conformance to the requirements of Volume II B.3. Clearly, this has not been the case.
(Message edited by johnwashburn on February 15, 2006) |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 110
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, February 15, 2006 - 12:50 pm: |
|
quote:Substitution of a tested, honest system with an untested system is a problem from either mistake or malice. The PCA is at least one small way such a substitution could be detected.
Even an incomplete PCA (lacking bios info, lacking COTS identification, lacking inventory of "helper" files al la .ABO files, etc.), could be used to detect some substitutions in some situations.
Sure. But we need to be careful not to overdraw what these procedures might accomplish were they ever executed correctly. The vendors will, of course, claim that these procedures are burdensome overkill that detect all "reasonable" threats, and that those who have shown otherwise need to adjust their "tinfoil hats". And many of the regulators will nod and wink in agreement. We need to show not only that the procedures routinely are being violated, but that they have Titanic-sized holes even when executed perfectly.
quote:No published PCA though thwarts any possibility of detecting a substitution because there is no published description (incomplete or not) of the system tested by the ITA lab.
But the plain language of the 8.7.1 and B.3 requires what PCA there is (incomplete or not) to be part o the final ITA lab report. No such PCA's (partial or whole) appear in any ITA report I have seen.
Supposedly, Paul Craft, Brit Williams and others on the NASED Voting Systems Board inspected these final reports for conformance to the requirements of Volume II B.3. Clearly, this has not been the case.
This is hardly a surprise. Will you attend this meeting to give them the what for on this issue?
-R |
John Washburn
Voting Rights Forum Participant
Username: Johnwashburn
Post Number: 16
Registered: 02-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, February 16, 2006 - 9:01 am: |
|
I have contractual obligations which prevent me from being in either Sacramento, California or Annopolis, Maryland today. I have been extended an invitation to appear before both state senates for today.
I will work on a way to call the NASED Voting Systems Board to task which does not interfere with my software testing commitments to my clients.
Even if I could be in CA or MD today, my understanding is noone from the ITA's, EAC, or NASED will be in attendance at either locale. Unless you count Linda Lamone of the MD Board of Elections as NASED. True, she is an influential member of NASED but she will be in Annopolis representing the MD BOE not NASED. |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 111
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, February 17, 2006 - 1:25 pm: |
|
None of the vendors, ITAs, or SoS reps showed, and Sen. Bowen again raised the possibility of subpoenas. |
John Washburn
Voting Rights Forum Participant
Username: Johnwashburn
Post Number: 19
Registered: 02-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, February 17, 2006 - 4:12 pm: |
|
Good for her. |
Joseph Hall
Voting Rights Forum Participant
Username: Joehall
Post Number: 52
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, February 18, 2006 - 9:49 am: |
|
It's important to note, as far as I've been able to tell, that the SoS representatives were not asked to attend or testify at any of these hearings. |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 1760
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, February 18, 2006 - 11:31 am: |
|
Any thoughts as to why the SoS representatives weren't asked to attend or testify? |
Jim Eldon
Voting Rights Forum Participant
Username: Vegsledman
Post Number: 5
Registered: 12-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, February 18, 2006 - 11:48 am: |
|
Judging by Debra Bowen's blog, McPherson was invited and the invitation was quite public, including an email blast to generate some public pressure for him to attend.
http://www.debrabowen.com/blog/
(scroll to second item) |
Ron Crane
Frequent Voting Rights Forum Participant
Username: Ron_crane
Post Number: 114
Registered: 08-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, February 18, 2006 - 1:27 pm: |
|
In Thursday's meeting, Sen. Bowen specifically said that she had asked the Secretary of State's office to attend, as well as the major vendors and ITAs, and that all either had refused or simply had failed to show.
I would also note that, even had Sen. Bowen not invited these parties, they were free to attend and speak like any member of the public. None chose to do this, either.
Why not? |
|
|
