The most troubling vulnerabilities of each system can be substantially remedied if proper countermeasures are implemented at the state and local level.
Few jurisdictions have implemented any of the key countermeasures that could make the least difficult attacks against voting systems much more difficult to execute successfully.
For all three types of voting systems:
1. When the goal is to change the outcome of a close statewide election, attacks that involve the insertion of Software Attack Programs or other corrupt software are the least difficult attacks.
2. Voting machines that have wireless components are significantly more vulnerable to a wide array of attacks.
DREs without voter-verified paper trails do not have available to them a powerful countermeasure to software attacks: post-election Automatic Routine Audits that compare paper records to electronic records.
For DREs w/VVPT and PCOS:
1. The voter-verified paper record, by itself, is of questionable security value. The paper record has significant value only if an Automatic Routine Audit is performed (and a well-designed chain of custody and physical security procedures is followed).
2. Even if jurisdictions routinely conduct audits of voter-verified paper records, DREs w/VVPT and PCOS are vulnerable to certain software attacks or errors.
COMPUWARE CORP. DRE Technical Security Assessment Report for Ohio, November 2003. Confidential report prepared for Ohio Secretary of State Ken Blackwell, and later published on the web. High risks include:
With access to the supervisor card, someone could guess the four digit PIN. The four digit PIN is a factory default from Diebold and cannot be changed. In our test it was guessed in less than two minutes of testing.
Smart Card Writer - with access to the small handheld writer, someone could use a voting card more than once while at the voting booth.
Diebold's voting system uses MS Access as the database to store the Ballot definition, Audit logs and Tally results. The Database has no password protection. The audit logs and the tally results can be changed.
CONGRESSIONAL RESEARCH SERVICE, Election Reform and Electronic Voting Systems (DREs): Analysis of Security Issues. (Order Code RL32139) November 4, 2003. click here
This is a comprehensive report on several expert studies of electronic voting systems. Problems noted include:
There appears to be an emerging consensus that in general, current DREs do not adhere sufficiently to currently accepted security principles for computer systems, especially given the central importance of voting systems to the functioning of democratic government.
In 2004, Rady Ananda began contributing to the Web, as part of the growing community of citizen journalists. Focusing mainly on elections, her blogs also address religious, gender, sexual and racial equality, as well as environmental issues; and are sprinkled with book and film reviews on various topics. She spent most of her working life as a legal investigator for lawfirms, and about 5 years as an editor. She currently serves as a senior editor at OpEdNews.
All material offered here is the property of Rady Ananda, copyright 2006, 2007, 2008. Permission is granted to repost, with proper attribution including the original link.
In a time of universal deceit, telling the truth is a revolutionary act. Tell the truth anyway. Sign this petition: http://www.electiondefensealliance.org/ny_levers_petition
This is an excellent list of resources. Your solution about precinct hand-counting of paper ballots with public observation is, in fact, the only way we will be able to regain honest elections in this technological age. Thanks much for this good work you have done.
by
Michael Richardson (76 articles, 15 quicklinks, 0 diaries, 27 comments)
on Thursday, January 18, 2007 at 3:56:08 PM
Any active or passive involvement in the intentional disenfranchisement of a U.S. Citizen should be a Class A felony FOR EACH INSTANCE.
If this crime is committed by anyone holding ANY government position, they should lose all their estate and they and their progeny should be denied ANY government funds in perpetuity.
If more than 100 counts are involved, the death penalty should be an option.
I think THAT would get a few Republican Secretaries of State or Electoral Commissioner's attention. I'm thinking of people like Ken Blackwell or the Republicans in Warren County or in the FL-13 or just about ANYWHERE where Republicans are allowed anywhere near the registration or voting process.
Most of the corrupt LOCAL, REGIONAL and NATIONAL Republicans who have conspired (and acted solely) to cheat and steal votes have done so believing that they were "fighting a moral battle against evil." But I wonder how many would do it again if they thought they could go to jail, lose everything, sentence their children to destruction, or even DIE for it. Sure, some would, but many would wimp out if they thought it wasn't going to be as easy as we've made it.
Time to change the rules of the game and make cheating a LOT harder.
CharlieL
Portland, OR
by
Charlie L (2 articles, 2 quicklinks, 1 diaries, 638 comments)
on Thursday, January 18, 2007 at 6:20:23 PM