There were two fresh articles this week in the media on the Riverside Hack Challenge as initially reported by The BRAD BLOG after the throw-down by Riverside County Supervisor Jeff Stone to Election Integrity Advocates just before the holidays in early December.
You'll recall he bet "a thousand to one" that the county's touch-screen Sequoia voting system could not be hacked. He did so during a public meeting on video tape. If you don't recall, we'll summarize as briefly as we can. He challenged and the Election Integrity Advocates accepted, as noted voting machine hacker and computer security expert Harri Hursti agreed to take the challenge, and then Stone and the rest of the Riverside Supervisors began to go wobbly. Stone even went so far as to invent ridiculous, unrealistic, unilateral conditions for the hack test in a desperate letter sent to then-outgoing Secretary of State Bruce McPherson, in an apparent hope for a life line from the county's old, but now out-of-power, state ally up in Sacramento. He doesn't appear to have gotten one. The new SoS Debra Bowen's office has informally told The BRAD BLOG they see no legal hurdles to such an independent test of voting machine security.
But with internationally respected computer security experts such as Hursti and Dr. Herbert F. Thompson of Security Innovation (the author of some 12 books on the topic including How to Break Software Security: Effective Techniques for Security Testing and The Software Vulnerability Guide) and others having pointed out that Stone's unilaterally created conditions meant to simulate an attempted hack by a voter on election day were silly, unrealistic, and not the way such a penetration test would ever be carried out in the real world, Stone continues to cower behind them as reported by both media reports this week.
In doing so, Stone is tacitly admitting, of course, that his county's electronic voting systems --- which the Board of Supervisors and Riverside Registrar of Voters Barbara Dunmore have devoutly declared to be "secure" --- are, in fact, anything but.
They know damned well they are not. And their evidence-free claims to the contrary over the last 10 years or so are revealed as little more than unsubstantiated hot air now that their true lack of confidence in their own voting systems has been put on display for the world.
As they well know --- as do the Election Integrity advocates on the ground in Riverside --- the real threat to unsecured, hackable Electronic Voting Machines comes from insiders. That much has been written about time and again by computer security experts and in any number of reports on the topic. Even the biased and partisan and pro-electronic voting machine Baker/Carter Commission admitted as much when their final report on National Election Reform said, "Software can be modified maliciously before being installed into individual voting machines. There is no reason to trust insiders in the election industry any more than in other industries."
Revealed along with Stone's disingenuous "condition" in his letter to McPherson, that the hack tester may not "reach around the back of the machine" --- (Stone may have forgotten when he made his challenge initially that The BRAD BLOG had long ago reported that voters could vote as many times as they wanted on Sequoia touch-screen systems by merely pressing a yellow button on the back of the machine) --- the folks in Riverside have exposed themselves as knowing full well about the unreliability of their crappy, unsecured voting system.
Unless Stone allows a legitimate security penetration test to be held on his systems, as would occur in the commercial world for any such mission-critical, secure system, he is signaling to his constituents, the state of California, and America that even he has no confidence in the security of the equipment supplied to his voters to exercise their precious democratic franchise.
Two more reporters picked up the shameful tale this week in local media.
The Desert Sun's Nicole C. Brambila filed a short piece on Sunday headlined "Hacking debate gains traction" in which Stone and his pusillanimous peeps once again re-iterate the phony conditions for "no tools and no dismantling the machine. And, the hacker has to infiltrate the system in 15 minutes, the estimated time it takes a voter to do his or her civic duty."
We laugh knowingly in Stone's general direction. Even as he likely cries inside.
Of fresh note in Brambila's piece are these final grafs...