The results are now in from a thorough, $1.9 million test of the voting machines that Ohio has used in elections over the past few years, and they paint about as awful a picture of the state's electoral apparatus as one would expect given the steady stream of grim news out of counties like Cuyahoga. The two private-sector and three academic research teams that carried out the Evaluation & Validation of Election-Related Equipment, Standards & Testing (EVEREST) study of Ohio's e=voting systems did not mince words in the 86-page Executive report that they released this past Friday (or, if words were minced, then one can imagine that the unminced version wasn't family-friendly):
"The findings of the various scientists engaged by Project EVEREST are disturbing. These findings do not lend themselves to sustained or increased confidence in Ohio's voting systems."
Ohio Secretary of State Jennifer Brunner, a woman whose recent and spectacular bungling of a Cuyahoga County recount gives ample reason to doubt her commitment to fair and accurate elections, didn't even bother trying to sugarcoat this report.
"To put it in every-day terms, the tools needed to compromise an accurate vote count could be as simple as tampering with the paper audit trail connector or using a magnet and a personal digital assistant," Brunner said in a statement. Note that Brunner here is describing machines that have been in use in Ohio since before the 2004 presidential election. This isn't some glimpse of how bad things might be in November 2008. It's a look at how bad they've been all along.
Brunner went on to make the following unintentionally funny remark, which was presumably intended to inject a note of confidence into the release of a report that could almost have been titled, Barn Door Left Open; Whereabouts of Horse In Doubt: "It's a testament to our state's boards of elections officials that elections on the new HAVA mandated voting systems have gone as smoothly as they have in light of these findings."
E-voting in Ohio has gone "smoothly"? Really?!
Speaking of damage control attempts, however feeble, Premier released this press statement in response to Friday's report that contains plenty to chuckle at. I thought this gem was particularly priceless:
"It is important to note that there has not been a single documented case of a successful attack against an electronic voting system, in Ohio or anywhere in the United States."
Given the magnitude of the vulnerabilities that the report details in Premier's systems and the impossibility of conducting a meaningful audit with those systems, this is sort of like a blind and deaf person saying, "Despite my habit of cleaning my first-floor apartment in the nude with all of the street-facing windows open, I have no documented evidence that anyone has ever seen me naked."Almost 1,000 pages of bad news
The voting systems investigated in the study came from ES&S, Hart Intercivic, and Premier Election Systems (formerly Diebold). The researchers evaluated individual components, whole systems, and elections procedures, and the list of detailed reports on each vendor's systems that they produced described technical and procedural problems with almost every aspect of each system. Like so many of their kind that litter my hard drive after years of e-voting coverage, the EVEREST reports list of page after page of flaws, vulnerabilities, and bone-headed design decisions, many of which would boggle my mind were it not already completely boggled out on this topic by said prior coverage.
Ultimately, the voting systems got failing grades in the following main areas tested, according to the "Findings" section of the executive report:
- Insufficient Security: The voting systems uniformly "failed to adequately address important threats against election data and processes," including a "failure to adequately defend an election from insiders, to prevent virally infected software... and to ensure cast votes are appropriately protected and accurately counted."
- Security Technology: The voting systems allow the "pervasive mis-application of security technology," including failure to follow "standard and well-known practices for the use of cryptography, key and password management, and security hardware."
- Auditing: The voting systems exhibit "a visible lack of trustworthy auditing capability," resulting in difficulty discovering when a security attack occurs or how to isolate or recover from an attack when detected.
- Software Maintenance: The voting systems' software maintenance practices are "deeply flawed," leading to "fragile software in which exploitable crashes, lockups, and failures are common in normal use."
The EVEREST executive report's conclusions summarize the findings as follows:
Unfortunately, the findings in this study indicate that the computer-based voting systems in use in Ohio do not meet computer industry security standards and are susceptible to breaches of security that may jeopardize the integrity of the voting process. Such safeguards were neither required by federal regulatory authorities, nor voluntarily applied to their systems by voting machine companies, as these products were certified for use in federal and state elections.
In lieu of my typical bullet list of outrageous report highlights—obvious admin passwords, a complete lack of encryption on critical files, a reliance on easily manipulated "security tape" to prevent tampering, the ease with which anyone can boot some of the machines into admin mode, and other typical problems that were there in spades in this report—I'll just highlight one critical flaw in an optical scan machine of the type that everyone wants to replace the touchscreens with.
The EVEREST researchers described a vulnerability in the ES&S M100 optical scanner in which simply flipping the write-protect switch on the device's CF card to "on" would result in a precinct-wide undercount that's extremely hard to detect.