All told, The BRAD BLOG has found the insider sales totaled $665,512 in the week before the value of the company’s stock price would plunge in a massive sell-off triggered by a top financial analyst who had lowered the company’s rating from “buy” to “hold.”
Read the whole story, so far.
On August 1st the Brannan Center released a report Post-Election Audits: Restoring Trust in Elections which has been covered on CTVotersCount.org. Today we will look at the security portion of an earlier report The Machinery Of Democracy: Accessibility, Usability, and Cost and its implications for Connecticut.
The tone of the report is serious. The conclusions are serious. Like all computer voting machines, optical scan voting machines are vulnerable, they are most vulnerable to malicious software, they “pose a real danger to election integrity”, and most jurisdictions have implemented none of the counter measures recommended.
A key finding:
The Brennan Center’s Task Force on Voting System Security reviewed more than 120 potential threats to voting systems…attacks involving the insertion of software attack programs or other corrupt software are the least difficult attacks against all electronic systems currently purchased when the goal is to change the outcome of a close statewide election.
Continue reading “Brennan Center: The Machinery Of Democracy”
Diebold Election Systems, Inc. is now Premier Election Solutions, Inc. The <press release> emphasizes continuity with increased independence from the parent, Diebold. Yet, at the same time the release indicates that Election Systems has always been relatively independent.
Reuters article emphasizes that Diebold had failed to sell the Election Systems unit which has been a drag on the corporation’s earnings and reputation, speculating on a spin-off.
Continue reading “A Rose By Any Other Name Could Be Just As Thorny”
On Tuesday night Dan Rather Reports on HDTV presented “The Trouble With Touch Screens”.
It is well worth watching in its 64 minute entirety. Dan Rather deserves credit for this important and detailed report, however, there are inadequacies in the report that must be acknowledged as well – it is chilling, and devastating, yet mistitled, and incomplete.
Continue reading “Dan Rather Reports – The Trouble With Our Fear Of Facing The Facts”
“Do I seem to be irate? You bet and it has nothing to do with the legitimacy of electronic voting, which I have also questioned.”
– Ken Hajjar, Director of Sales & Marketing, LHS
Brad Friedman, a nationally know election integrity advocate has received an e-mail allegedly from Ken Hajjar, LHS, Director of Sales and Marketing. (LHS is the New England distributor of Dieblod equipment responsible for the sale to Connecticut).
Given the foul and ranting nature of the attack I would hope the letter is a fake. I would question the wisdom of relying on the author to be involved in any way in running our elections. I’ll spare the not so nice parts of the letter, you can read the whole thing and Brad’s response here.
I used to think that all of the looney idealogues(sic) were on the right. There are just as many on the left and you are one of them. … It’s not the machines that are the cause of our problems, it’s the people…Pick a forum and I’d be happy to discuss how we run elections in New England and how difficult, if not impossible it is to game the system. Bring it on.
The author of the letter does not represent the voters of New England and should not be telling anyone how we run elections.
Unfortunately, here in Connecticut we are about to have our 1st election entirely run on Diebold equipment purchased through LHS and to add to our risks the state has contracted with Diebold to program all of our elections. So in that sense Ken Hajjar, LHS, and Diebold will be running our elections, and not letting us in on how they are programmed.
Brad has accepted the challenge. We will keep you updated.
Update: Ken Hajjar responds to Brad
Continue reading “Has LHS Director Challenged Brad To A Debate?”
“Any voting systems subject to manipulation and corruption should be reexamined and decertified,” [Kentucky Attorney General Greg] Stumbo said. “Faulty electronic voting systems jeopardize the public’s confidence in Kentucky’s elections.”Stumbo’s concerns are based on serious security flaws identified by experts in California, which led to emergency decertification of the voting machines by California.
Read the entire Kentucky story
But the state has worries that hackers could breach the security of the optical scanners made by Texas-based Diebold Election Systems and used by 31 Florida counties.
If the Diebold machines are not certified Aug. 17, the only effect would be felt in Sarasota County
Update: Florida says Diebold corrected problem in record time.
Update: The Florida report on the Diebold corrections Not exactly a ringing endorsement:
We conclude by re-stating that this report does not contistitue a comprehensive security analysis. We limited our investigation to four specific flaws. In spite of repairs made, signigicant security vulnerablity continues to exist in the code base.
Update: Media Matters covers distortions in media coverage of CA decertification
Two recent NPR programs clearly explain the issues in easily understandable terms for the general public.
Science Friday, August 4th, Matt Bishop, University of California, Davis – Red Team Leader and Security Expert, Professor Matt Bishop, describes clearly how security can be compromised. Also disputes Diebold response.
Like a bank taking all of its money, putting it in a room, and shutting the door and then saying no one will ever find this room so we’re not going to waste money on a lock…
Companies or customers…entirely by accident leak information…
Keeping the information secret assumes that people can’t figure things out and attackers are incredibly ingenious. There’s a technique known as social engineering where you can often get people to reveal information they didn’t realize they were revealing <Listen>
Morning Edition, August 8th, by Pam Fessler, “Voting Officials Wary About Electronic Ballot” – Short interviews with voting advocates and Debra Bowen summarizing the issues, while other voting officials downplay the risks and emphasize their reluctance to work to protect our votes.
Continue reading “NPR Programs Explain Issues and Vulnerabilities”
Yesterday was the USENIX/ACCURATE Electronic Voting Technology Workshop held in Boston. Today I will give some overall impressions and highlight just one of the relevant papers.
UPDATE: Avi Rubin blogs on session with Debra Bowen
(inappropriate certification processes for electonic voting)
For me it was a highly educational and engaging day. My experience at conferences with highly academic papers, was in the mid 1980’s when for several years I participated in annual Artificial Intelligence conferences. At those conferences I found the general sessions very useful but the academic papers were very detailed, seemingly crossing the t’s and dotting the i’s on previous papers, those sessions went well beyond my tolerance for detail. The papers presented at the workshop yesterday were all clear and interesting, timely, and most were relevant to voting in Connecticut.
Seeing and meeting the other attendees was also a highlight of the day – researchers whose papers and blogs I’ve read, talked to previously, and who have made huge contributions to raise awareness of the risks of electronic voting. It was also hopeful to see a considerable group of researchers who work with state election officials and three election officials. Alex Shvartsman of Uconn and several of his students were there presenting one of their recent papers. Clearly the most appreciated attendee was Debra Bowen, Secretary of the State of California.
Sixteen of forty-two submitted papers were presented. A huge increase from the eighteen papers submitted last year. Doug Jones from Iowa, who testified to the CT Legislature a year lor two ago, was one of the organizers. He expressed the hope that next year more papers would be available that point the way to improved, reliable voting methods. Most of the papers this year demonstrated the lack of security and reliability in existing e-voting equipment. Several pointed the way for more effective post election paper audits. The final three papers presented five innovative ways that might enhance the voter attractive touch screen voting to make it private and auditable — unfortunately, for the most part, they accomplished the security by requiring a lot of sophistication on the part of the average voter.
I have covered the Uconn paper previously I will cover a paper relevant to Connecticut, from Princeton, here and perhaps more papers on other days.
The Princeton University paper:
Continue reading “EVT07 Electronic Voting Technology Workshop”
On August 1st, The Brennan Center for Justice released: Post-Election Audits: Restoring Trust in Elections. The entire report is quite readable without requiring knowledge of statistics, voting laws, or computers. I recommend it as a compurehensive introduction to the issues of auditing elections.
This post will discuss the report’s relation to and implications for Connecticut’s new election
audit law.
First, let me thank all of those involved in creating and contributing to this report. The Brennan Center, The Samuelson Law Clinic, and the members of the ‘Audit Panel’. The audit panel included several individuals from Verified Voting and staff from the Office of the Secretary of State of Connecticut. The Connecticut panelists alone were four of the entire panel of seventeen. As the report states, “Opinions, findings, and conclusions or recommendations … are soley of the authors and the Brennan Center”.
While we seldom agree on everything, the the staff of the Office of the Secretary of the State have always been responsive and available. The Secretary has also always been responsive and I have no doubt that she is committed to fair elections with integrity. When the Secretary changed course to specify optical scan machines in early 2006, she demonstrated the kind of flexibility and openness that will be necessary to apply the conclusions contained in this report and the reports from California to the benefit of Connecticut voters.
Perhaps the most basic findings of the report and the most challenging to recently enacted Connecticut law are:
Of the few states that currently require and conduct post-election audits, none has adopted audit models that will maximize the likelihood of finding clever and targeted software-based attacks, non-systemic programming errors, and software bugs that could change the outcome of an election…
Based upon our review of state laws and interviews with state election officials, we have concluded that the vast majority of states conducting audits are not using them in a way that will maximize their ability to improve elections in the future.(emphasis added)
Strickingly, these finding were based on an earlier version of Connecticut’s law that was proposed by the Secretary but later watered down considerably. From the Brennan report: “Connecticut, California, and Illinois check all races on the ballot during a post-election audit”.
Continue reading “Brennan Audit Report and Connecticut – a Discussion”
In a late night, 11:45pm, press conference Debra Bowen decertifies e-voting machines. Will allow one DRE per polling place, which must have paper ballot hand counted.
BradBlog reports on the press conference.
The CA Official site.
Secretary of State Debra Bowen began her top-to-bottom review of the voting machines certified for use in California in March 2007. The review was designed to restore the public’s confidence in the integrity of the electoral process and to ensure that California voters are being asked to cast their ballots on machines that are secure, accurate, reliable, and accessible. On August 3, 2007, Secretary Bowen announced her decisions regarding which systems in the review will be permitted to be used in the 2008 elections and beyond.
The CA Decertification of Diebold equipment.
Diebold…AccuVote-OS[to be used in CT]…which was previously approved. is found and determined to be defective or unacceptable and its certification and approval for use in subsequent elections in California is immediately withdrawn except as specifically provided below.
1. In order to provide accessibe voting to voters with disabilities in compliance with HAVA, juristictions may use no more than one AccuVote-TSx per polling place..
The document goes on with stiff re-certification requirements which include various restrictions and procedures for use and stiff requirements on Diebold for plans and actions to make the systems secure. At first reading they seem appropriate, yet unlikely to be met.
Updates..
Continue reading “CA Secretary of the State Decertifies E-Voting Machines”