Saturday, October 22, 2005

NON-PARTISAN GAO REPORT CONFIRMS CONCERNS ABOUT SECURITY OF ELECTRONIC VOTING MACHINES

 NON-PARTISAN GAO REPORT CONFIRMS CONCERNS ABOUT SECURITY OF ELECTRONIC VOTING MACHINES!
REPORT: 'Loss and Miscount of Votes in Recent Elections'!
House issues BI-PARTISAN Press Release: Report 'A Wake Up Call', 'Foundation of Democracy Rests Upon Security, Integrity of our Voting System'

"[C]oncerns about electronic voting machines have been realized and have caused problems with recent elections, resulting in the loss and miscount of votes."

That's just one of the chilling revelations from the non-partisan Government Accountability Office's (GAO) 107-page report on the security of Election Voting Machines in America as just released moments ago. The report confirms many of the greatest concerns expressed by those who have called for Election Reform since the deeply flawed 2004 Presidential Election.

The report "analyzed over 80 recent and relevant reports related to the security and reliability of electronic voting systems." The results confirm a range of security vulnerabilities and violations in Electronic Voting Machines in recent elections and the accompanying systems used to administer elections in the United States of America. It goes on to say that the issues brought to the attention of the GAO by elected representatives, activists and other concerned citizens, "merit the focused attention of federal state and local authorities responsible for election administration."

The GAO report (download the complete report here [PDF]) was created in response to a request by several members of the U.S. House Judiciary Committee.

A joint bi-partisan press release touting the findings of the report has just been issued by three Republican and three Democratic Congressmen including Government Reform Committee Chairman Tom Davis (R-VA) and Ranking Member Henry A. Waxman (D-CA), Judiciary Committee Chair F. James Sensenbrenner (R-WI) and Ranking Member John Conyers (D-MI), and Science Committee Chair Sherwood Boehlert (R-NY) and Ranking Member Bart Gordon (D-TN).

While The BRAD BLOG is still perusing the details of the extensive report, some of the key findings are listed right on the front page:

Examples of Voting System Problems and Vulnerabilities.

  • Cast ballots, ballot definition files, and audit logs could be modified.

  • Supervisor functions were protected with weak or easily-guessed passwords.

  • Systems had easily picked locks and power switches that were exposed and unprotected.

  • Local jurisdictions misconfigured their electronic voting systems, leading to election day problems.

  • Voting systems experienced operational failures during elections.

  • Vendors installed uncertified electronic voting systems.

  • Speaking about the GAO report in the joint press release, one congressman described it as "a wake up call."

    Republican Rep. Boehlert said, "I wholeheartedly endorse the GAO recommendations, which underscore the need for the Election Assistance Commission and the National Institute of Standards and Technology to continue their work to establish standards and testing procedures for voting equipment. This work must move ahead on an ambitious schedule."

    Democratic Rep. Gordon added, "The foundation of democracy rests upon the accuracy, integrity and security of our voting system"

    Rep. John Conyers (D-MI), ranking minority member of the House Judiciary Committee, a tireless champion for election reform and leading force behind the landmark report "Preserving Democracy: What Went Wrong in Ohio 2004", has just blogged about the report.

    He says the report "lends important credibility to the cause of election reform generally, and more specifically to requiring that every machine have a voter verified paper ballot that is used in election days audits and, if discrepancies are found in those audits, becomes the official record for the election."

    "Despite the many official assurances that the problems of the past elections were isolated and few," Conyers writes, "the election system is indeed riddled with problems and flaws."

    The "bottom line," says Conyers, is that until these matters are seriously addressed, and "significant security and controls" are put in place with our voting machines, "American citizens have no reason to have complete confidence in our democracy."

    Conyers further enumerate a list of notable and troubling security shorcomings identified by the GAO:

    1. Some electronic voting systems did not encrypt cast ballots or system audit logs, thus making it possible to alter them without detection.

    2. It is easy to alter a file defining how a ballot appears, making it possible for someone to vote for one candidate and actually be recorded as voting for an entirely different candidate.

    3. Falsifying election results without leaving any evidence of such an action by using altered memory cards.

    4. Access to the voting network was easily compromised because not all digital recording electronic voting systems (DREs) had supervisory functions password-protected, so access to one machine provided access to the whole network.

    5. Supervisory across to the voting network was also compromised by repeated use of the same user IDs combined with easily guessed passwords.

    6. The locks protecting access to the system were easily picked and keys were simple to copy.

    7. One DRE model was shown to have been networked in such a rudimentary fashion that a power failure on one machine would cause the entire network to fail.

    8. GAO identified further problems with the security protocols and background screening practices for vendor personnel.


    The complete joint bi-partisan press release, issued by six U.S. House of Representative members, follows...

    U.S. House of Representatives

    N E W S R E L E A S E

    For Immediate Release: October 21, 2005

    Davis, Waxman, Sensenbrenner, Conyers, Boehlert, and Gordon React
    To GAO Report on Security Problems With Electronic Voting Systems


    Washington, D.C. - Government Reform Committee Chairman Tom Davis (R-VA) and Ranking Member Henry A. Waxman (D-CA), Judiciary Committee Chair F. James Sensenbrenner (R-WI) and Ranking Member John Conyers (D-MI), and Science Committee Chair Sherwood Boehlert (R-NY) and Ranking Member Bart Gordon (D-TN), issued the following statements upon today's release of the Government Accountability Office's report, "Federal Efforts to Improve Security and Reliability of Electronic Voting Systems Are Under Way, but Key Activities Need to Be Completed" (GAO-05-956):

    "It is certainly disappointing that, despite the recommendations from federal organizations and non-governmental groups, many states still have not made progress to make sure their electronic voting systems are safe from fraud and can be relied on to accurately count votes," Chairman Davis said. "However, I am pleased that the EAC is continuing to push states to improve their voting systems and comply with the requirements of the Help Americans Vote Act (HAVA). American's voting system must be made to be world class, everywhere in the country, as soon as possible."

    "The GAO report indicates that we need to get serious and act quickly to improve the security of electronic voting machines," said Rep. Waxman. "The report makes clear that there is a lack of transparency and accountability in electronic voting systems - from the day that contracts are signed with manufacturers to the counting of electronic votes on Election Day. State and local officials are spending a great deal of money on machines without concrete proof that they are secure and reliable. American voters deserve better."

    Chairman Sensenbrenner said, "The Founders established the states as the entity primarily responsible for the administration of both federal and state elections. While Congress has provided direction through HAVA and federal grants to modernize state election systems, some states continue to drag their feet in preventing voting compilation errors and eliminating questionable voter registration and poll day procedures. In my home state of Wisconsin, the current Governor has done his best to block the legislature's efforts to implement voting reforms conforming with HAVA guidelines, despite evidence of widespread voter fraud in Milwaukee in recent elections. The EAC will have to push hard to overcome the resistance of those who rely on outmoded and unreliable voting practices to keep themselves in power."

    "I am shocked at the extent and nature of problems GAO has identified in our electronic voting systems, and I fear that this may just be the tip of the iceberg," said Rep. Conyers. "It is totally unacceptable that in 21st century American we would allow faulty machines and systems to rob citizens of their voting rights. While GAO offers some modest recommendations for improvement, it is incumbent upon Congress to respond to this problem and to enact much-needed reforms such as a voter verified paper audit trail that protects all Americans' right to vote."

    Chairman Boehlert said, "I wholeheartedly endorse the GAO recommendations, which underscore the need for the Election Assistance Commission and the National Institute of Standards and Technology to continue their work to establish standards and testing procedures for voting equipment. This work must move ahead on an ambitious schedule, and the Science Committee will continue to monitor its progress."

    "The foundation of democracy rests upon the accuracy, integrity and security of our voting system," Rep. Gordon said. "The Science Committee gave the National Institute of Standards and Technology a pivotal role to ensure that our voting systems are trustworthy. However - as the GAO report highlights - much remains to be done before the next election cycle. Their report is a wake-up call for adequate funding for NIST's activities and makes clear that closer oversight by Congress is warranted."

    Background / GAO Results Summary

    All levels of government share responsibility in the U.S. election process. At the federal level, Congress has authority under the Constitution to regulate presidential and congressional elections. The Help America Vote Act of 2002 increased the federal role in state and local elections, in part by giving states the resources to improve the accessibility, security, and reliability of their voting systems. Under HAVA, nearly $39 billion has been allocated to states to purchase electronic voting systems and improve the voting process.

    Voting System Vulnerabilities Identified by GAO:

    · Cast ballots, ballot definition files, memory cards, and audit logs could be modified.

    · Supervisor functions were protected with weak or easily guessed passwords, and memory cards that allowed individuals access to voting machines were inadequately protected.

    · Systems had easily picked locks and power switches that were exposed and unprotected.

    · Voting machine vendors had weak security practices, including the failure to conduct background checks on programmers and system developers, and the failure to establish clear chain of custody procedures for handling software.

    Voting System Failures Have Already Occurred During Elections

    In addition to identifying potential vulnerabilities, GAO identified a number of cases of operational failures in real elections. These examples included:

    · In California, a county presented voters with an incorrect electronic ballot, meaning they could not vote in certain races.

    · In Pennsylvania, a county made a ballot error on an electronic voting system that resulted in the county's undervote percentage reaching 80% in some precincts.

    · In North Carolina, electronic voting machines continued to accept votes after their memories were full, causing over 4,000 votes to be lost.

    · In Florida, a county reported that touch screens took up to an hour to activate and had to be activated sequentially, resulting in long delays.

    Problems With Implementation of Voluntary Standards, Testing, and Federal Efforts to Improve Voting System Security

    GAO reported that voluntary standards for electronic voting adopted in 2002 by the Federal Election Commission contain vague and incomplete security provisions, inadequate provisions for commercial products and networks, and inadequate documentation requirements. GAO also found that tests currently performed by independent testing authorities and state and local election officials do not adequately assess electronic voting system security and reliability

    The GAO report indicated that national initiatives to improve voting system security and reliability of electronic voting systems either lack specific plans for implementation or are not expected to be completed until after the 2006 election. According to GAO, "Until these efforts are completed, there is a risk that many state and local jurisdictions will rely on voting systems that were not developed, acquired, testing, operated, or managed in accordance with rigorous security and reliability standards - potentially affecting the reliability of future elections and voter confidence in the accuracy of the vote count"

    The Election Assistance Commission, which was created as part of the "Help American Vote Act" began operations in January 2004. To improve the security and reliability of electronic voting systems, GAO recommends that EAC establish tasks, processes, and time frames for improving the federal voluntary voting system standards, testing capabilities, and management support available to state and local election officials. EAC commissioners agreed with GAO recommendations and stated that actions on each are either under way or intended. The National Institute of Standards' (NIST) director also agreed with the report's conclusions.

    0 Comments:

    Post a Comment

    << Home