July 28th 2007
Comments On The Recent Review
An Open Letter to Secretary of State Bowen
by Jim March, Member of the Board of Directors, BBV
Secretary Bowen, your office has as of this date completed a review of certified voting systems. This review was welcome with the obvious exception of ES&S's lack of involvement, which we'll address at our closing.
While the goals of this effort were laudable, our organization is concerned about its execution.
Your agency's review partially the risks of inside manipulation with these systems. Procedural remedies can be circumvented by those with some level of inside access: roving technicians, programmers, and the IT staff of local elections jurisdictions. In fact, we would contend that the most high risk scenario of all is that of inside manipulation, and we would also contend that the systems used in California cannot be secured from inside tampering, leaving the citizenry of California in the inappropriate position of being forced to trust the government to count their votes in secret. This does not secure and protect the rights of The People in the state of California.
The security analysis for all of the products was incomplete. As one glaring example, nobody checked into the area of data theft for any system. Data theft is mainly an issue between the time the mail-in vote scanning begins a week or more pre-election day and the close of polls. Can insiders find out who is winning, long in advance of polls close? Such data is politically and financially valuable and is far more accurate than any Zogby or similar poll. In Pima County AZ, a review of old Diebold audit logs found a pattern of such theft going back through 2004 to present. This illegal activity could have been covered up with ease, but until the Pima County Democratic Party brought me in to check, no review of audit logs was occurring so the thieves didn't bother. Such data theft is possible in the Diebold environment with ease; we strongly recommend checking the others.
A bigger issue involves basic honesty.
In the case of the Diebold overall system, no effort was made to establish whether or not the Federal certification was actually completed in an honest fashion on Diebold's part. Significant evidence exists that Diebold defrauded the Federal oversight process, declaring customized code within the Windows CE (Compact Edition) operating system to be Commercial Off The Shelf. See also:
Your agency had the opportunity to investigate this with access to all of the Federal certification documents, but appears not to have done so. It was imperative to examine the source code for Diebolds customized Windows CE operating system, yet we do not see any evidence that this was done by anyone, or any note taken of that fact.
In your Red Team Attack notes on Sequoia, your own investigators note that Sequoia's statements as to their security processes repeatedly turned out to be inconsistent with reality:
The Sequoia documentation states that the firmware is stored in ROM and that checksum-based mechanisms are used to determine if the firmware has been modified maliciously. However, in reality there is no secure, hardware based mechanism to ensure that no corrupted firmware gets loaded and executed.
This pattern repeats itself throughout your own report.
This points to a systemic problem, national in scope. Fraud throughout the certification process at the Federal and state levels has gone unchecked by any authority. Diebold has been caught brazenly lying since at least 2003 with no consequences from your agency under past elected administrators or any other, so additional fraud in the process by any vendor cannot come as a surprise.
To restore trust in the democratic process, we urge you to take a zero tolerance attitude towards fraud or misleading statements by voting system vendors. You now have enough examples of this regarding Sequoia and Diebold in your own documentation to toss them out of this state forever. Per your own statements previously, ES&S has been acting with equally low regard for basic ethics.
Sadly, the ethical failures don't stop with the vendors.
My organization recently had cause to question the legality of a voting system used in Virginia, Mississippi, Pennsylvania and others. The AVS Winvote was allegedly being shipped by the vendor in unqualified hardware configurations. I went to the EAC offices in DC personally and was informed that since the Winvote was certified under the prior NASED regime, the EAC had no paperwork on that system. No lists of certified components existed outside the vendor's control that could be cross-referenced against hardware less than 20 miles away in Virginia.
If so much as a hint existed that a Boeing 747 was flying in commercial air service with parts uncertified by the FAA, it would be grounded and checked in a matter of moments. Paperwork would be cross-referenced against installed hardware. Yet as a matter of policy, the Election Assistance Commission rendered itself incapable of basic professionalism.
You cannot base the California certification process on a diseased Federal oversight system, one that deliberately cripples itself at every opportunity for fear that something will visibly unravel if made public such as, for example, the entire previous NASED-based certification process which the EAC is scared to support for admittedly good reasons. Nonetheless, bureaucratic fears are not good cause to abandon all oversight for previously certified systems as the EAC is on record as doing.
Secretary Bowen, you must take a stand. You are California's election watchdog. You must blow the whistle and declare the entire current process and systems broken. If that throws the state's election infrastructure into visible chaos, so be it: better to see the madness made visible than to hide corrupt, incompetent and unprofessional processes. Full reform today is hampered by the veneer of legality and professionalism installed inappropriately by the Federal oversight process. We ask you in no uncertain terms to break that veneer, decertifying both the systems and the process that spawned them.
Secretary Bowen, work with the legislature to build something new, in California, from scratch system(s) and certification process. Make this state a model others can turn to, abandoning the morally bankrupt Federal oversight process and black box privately owned systems in their entirety. No other state has the combination of resources and political will necessary to do so. Where you lead, even the Governor must follow on this issue, along with the legislature.
Please consider taking more aggressive action. Decertify everything, citing the obvious failure of Federal oversight as the primary cause.
Member of the Board of Directors, Black Box Voting
email@example.com - 916-370-0347