This has been another week of "Train Wrecks" across the country. Three states had major primaries with mixed success and failure, a few states had local elections with failures, and some states are preparing for May primaries and they are meeting the "oncoming locomotive" as they can't get machines or software for the machines and are having to revert to paper ballots or lever machines.
Elections Systems and Software (ES&S) is now facing investigations, lawsuits, or just plain pissed-off elections officials in West Virginia, Arkansas, Missouri, Indiana, Texas, Pennsylvania, California, and other jurisdictions. And now we learn that Diebold has a huge security vulnerability that all voting systems experts who know the details are very concerned about.
Next Tuesday, May 9, finds the train barreling down on primary elections in West Virginia and Nebraska. May 16 brings potentially hazardous primary election whistle-stops in Kentucky, Oregon and, the grand central station that is Pennsylvania.
Let's take a look at some of the continuing derailments from the past week, about which prompted Brad Friedman of The BRAD BLOG to ask of D.C. politicians and, more notably, the National Mainstream Media: "Is anybody there? Does anybody care?" ...
...BREAK HERE ...
DIEBOLD 'REVEALS' MAJOR SECURITY PROBLEM
According to an
article in The Morning Call Diebold has found a 'glitch' that represents a 'potential security vulnerability'. After a bit of research it became evident that, in fact, Diebold had not found this problem and it is not a 'glitch' as they would have the voters believe. It's far worse than a mere 'glitch' as so many in the media (and at the voting machine companies) like to portray these things.
As later reported by The BRAD BLOG this problem a huge one -- was, in fact, discovered by Harri Hursti and Security Innovation in the inspection of Diebold TSx DREs in Emery County, Utah as organized recently by Black Box Voting. An act for which the 23-year elected county elections clerk, Bruce Funk has been pushed out of his job. Or so the state is still fighting to accomplish.
It appears at this early date that Diebold probably would have kept this vulnerability, -- reportedly a gaping security flaw -- quiet and not taken any action except that they were asked about it by people in Pennsylvania. They finally were forced to admit its existence and that it's, incredibly, a "feature" of all Diebold touch-screen systems! Administrative steps are being taken by the state, which has sequestered all of the machines, to mitigate, as much as possible, the impact of the problem.
What no one at Diebold has told anyone yet is why they allowed the voters in Ohio to vote on these insecure machines. It is apparent that Diebold had no intention of telling anyone but they got caught. Again.
One top state election official was quoted in The BRAD BLOG article as saying that this security vulnerability "relates to potential misuse of the procedure by which Diebold does field updates to the machines. It's not a bug -- it's a deliberate but unwise 'feature'. Every jurisdiction that uses the machines should be notified. Now that the story is out, I suspect they will be."
Unfortunately, the Election Assistance Commission (EAC) has still not set-up a Help America Vote Act (HAVA) mandated "clearinghouse of information" that would ensure every jurisdiction that uses Diebold AccuVote TS or TSx Direct Recording Electronic voting machines would be notified of this issue. When contacted, the EAC's spokesperson questioned the source of the information until a well-known computer scientist was named as a person to be contacted. It is still to be seen whether the EAC will do their job.
Black Box Voting says they will be releasing redacted versions of the reports, to mitigate the security threat, from both Security Innovation and Harri Hursti this week. Complete, un-redacted versions will be sent to all states.
LAST WEEK'S PRIMARY SUCCESS: NORTH CAROLINA
Even though North Carolina is served entirely by ES&S and even though 1,000 memory cards had to be replaced by the vendor last month after crack state officials bothered to test them, this week's North Carolina primary was nearly trouble free. The successful primary is said to be attributable, in no small part, to the new legislation recently passed by the state and to the diligence of elections officials on the state and local level.
Also important to note is that North Carolina has an extensive network of activists who are well known by state and local elections officials and who work closely, in most cases, with those officials. As much credit needs to go to those activists as to the officials.
There is talk about the legislature changing some of the laws they just put on the books because they are too restrictive or, more likely, because some special interests don't want them or would prefer to see them changed. This would be a travesty. Why would they want to go from verifiable optical scan ballots and a voter verified paper audit trail requirement to unverifiable Direct Recording Electronic (DRE, touch-screen) elections that cannot be recounted or audited? Why would they want less transparency in the election process instead of what they now have? Let's hope common sense and verifiable elections prevail in the Tarheel state!