Fwd: Re: [E-voting] BlackBoxVoting Finds Voting Scan Machines Hackable

Marian Beddill beddill at nas.com
Fri Jun 10 17:13:16 IST 2005


Any election system needs to be checked and doublechecked and audited for 
"No Leaky Buckets" anywhere in the system.  I've been saying this for years.

Our (the US)  e-voting systems software "certification" is a joke or worse, 
since the fact that a process "exists" and gets regularly cited by vendors 
and authorities, is grossly misleading.  Many states do not even require a 
certificate from them to allow a system to be used.

And worse yet, local authorities (and local vendors' reps) may circumvent 
any such supposed quality-checks by swapping software modules just before 
the election.  What action, and how long does it take, for YOU to "upgrade" 
one of your programs on a home computer?  One floppy or CD or memory stick 
inserted, a few keystrokes, and the machine through that agent's action, 
has walked around every prior verification.  This actually happened in 
Snohomish County two years ago, and the responsible chief of elections 
admitted it publicly on a radio interview. He just thought that the 
"improvements" were good ones.

Get a voter verifiable paper ballot, and USE those ballots in every 
election with at least a substantial percentage - randomly selected at the 
best moment - hand recounted as an audit of the machine count.

Marian Beddill
"If you cannot trust the way your votes are counted, nothing much else in 
politics matters."
http://NoLeakyBuckets.org


>Date: Fri, 10 Jun 2005 16:35:14 +0100
>From: Adrian Colley <aecolley at spamcop.net>
>To: Irish Citizens for Trustworthy Evoting <e-voting at lists.stdlib.net>
>Subject: Re: [E-voting] BlackBoxVoting Finds Voting Scan Machines Hackable
>Mail-Followup-To: Irish Citizens for Trustworthy Evoting 
><e-voting at lists.stdlib.net>
>List-Id: Irish Citizens for Trustworthy Evoting <e-voting.lists.stdlib.net>
>List-Subscribe: <http://lists.stdlib.net/mailman/listinfo/e-voting>,
>         <mailto:e-voting-request at lists.stdlib.net?subject=subscribe>
>
>
>On Mon, Jun 06, 2005 at 05:32:04PM +0100, Catherine Ansbro wrote:
> > The canvassing procedure with optical scan machines has three elements,
> > Harris explains. First, there are the Scantron-like ballots which are
> > locked in a box. Second, there are the polling tapes, or receipts, that
> > come out of each voting machine, which give results for each machine.
> > And third, there is the Central Tabulator, or one machine that polls all
> > results and prints.
> > "And they check the [latter] two and call it good," Harris said.
>
>I find it almost unbelievable that election officials would go to the
>trouble of collecting and securing scanned ballots and then refuse to
>examine them when challenged.  It goes to show that the whole system
>(including the detailed regulations for procedures surrounding the use
>of the equipment) must be examined closely, not just the technical part
>of the system.
>
> > "We proved it by going down there," she said. On May 26, 2005, "We made
> > bogus memory cards. We put them on the machines. And the cards told the
> > voting machines how to come out. It proved the memory card was
> > controlling the machine and not the other way around," Harris said.
>
>This is really incredible.  The US is supposed to have a process to
>certify software in e-voting systems, and here's a system which actually
>makes use of a non-certified runtime element -- effectively a patch --
>which could do anything with the votes.  I'm suddenly very interested in
>the format of the Nedap vote module.
>
>  --Adrian.


-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.323 / Virus Database: 267.6.4 - Release Date: 6/6/2005





More information about the E-voting mailing list