SoS: 'Unresolved significant security concerns', 'Source Code Never Ever Reviewed'
State 'Punts' Issue Back to Feds for Further Testing, State Senator Objects --- Complete Letter from SoS, Senator Bowen's Full Statement...
By Brad Friedman on 12/20/2005, 7:16pm PT  

Late this afternoon, Sec. of State Bruce McPherson's office sent a letter to Diebold Election Systems, Inc. Vice President David Bryd, informing him that the state is declining --- for the time being --- to re-certify Diebold AccuVote touch-screen machines in the state of California pending further testing and certification by Federal authorities.

In the letter, on McPherson's letterhead (complete letter at bottom of this article), Caren Daniels-Meade, chief of the Elections Division writes that "Unresolved significant security concerns exist with respect to the memory card used to program and configure" the Accu-Vote operating system and touch-screen equipment.

In a statement reported by AP, SoS spokeswoman Jennifer Kerns announced problems "discovered during routine testing...by state employees and independent consultants":

She said each system approved for use in California must meet 10 security requirements, and the Diebold machines did not meet one of those standards.

"This is a unique case in which we discovered that the source code had never, ever been reviewed," said Kerns. "There were potential security risks with it."

Some of those "potential security risks" may have been revealed in a test last week using similar Diebold equipment in Leon County, FL, where the results of a test election were reversed by a hacked program inserted onto one of the AccuVote memory cards. The hacked election was completed without a trace of the manipulation left behind.

In 2004 Diebold machines were de-certified by California's then Democratic Sec. of State Kevin Shelley after it was revealed that the company had used uncertified software in voting machines in the state. That matter was resolved in a $2.6 million settlement by Diebold with the state. A recent Securities Fraud Class Action complaint has alleged the settlement was meant to shield the public from a litany of flaws in Diebold voting systems. Additional complaints are now pending against the Ohio-based company whose former CEO had promised to "deliver the state of Ohio" to George W. Bush in an infamous fundraising letter sent to Republicans prior to the 2004 Presidential Election. The CEO, Walden O'Dell, was forced to resign early last week just prior to the filed litigation.

Republican McPherson, who later replaced Shelley, carried out a massive mock election test over the summer revealing that 20% of Diebold's AccuVote touch screen machines failed to operate as promised, with many of the touch-screens freezing and printers jamming.

Several weeks ago, McPherson's staff, however, suddenly announced that they were recommending the re-certification of Diebold machines again (under specific conditions) after a secret test, using machines specially prepared by Diebold, found this time that only 3% of the machines failed.

Then came the protests, the Securities Fraud Litigations, and last week's devasting Leon County hack test which resulted in the county announcing they would never use Diebold in another election. Another county in Florida, Volusia, quickly followed suit in deciding to dump their Diebold machines.

McPherson's office, rather than simply decertifying Diebold once and for all in California, has today decided instead to pass the buck back to the the so-called Federal "Indepenent Testing Authority" (ITA). The ITA is a group of several companies chosen and paid for by the voting machine companies such as Diebold themselves, to test their equipment and software on behalf of the Federal Government. Those ITA labs then either certify the software and/or hardware or send it back to the company with the results of the failed tests kept confidential.

State Senator Debra Bowen (D-Redondo Beach) has been an outspoken critic of McPherson's process for considering recertification of Diebold and has otherwise been a watchdog on issues related to the quickly changing Electoral landscape in the Golden State. She released a statement to The BRAD BLOG late this evening (complete statement posted at end of this article). Bowen is critical of McPherson's plan to "punt" the issue back to the Feds and says in her statement:

“The Secretary of State shouldn't punt the decision about whether Diebold machines should be used to count ballots in California to the federal government and an ‘independent' testing authority that's financed by the voting machine vendors. That decision needs to be made in the open, right here in California.”

Bowen, the author of the so-called "Bowen Amendment" (SB 370) recently signed by Governor Arnold Schwarzenegger. That legislation mandates, among other things, paper records created for all votes cast in California, as well as mandatory audits of ballots. She has also recently announced her intention to run for Secretary of State in 2006. Her website is here.

Bowen is highly critical of the secretive processes of the ITA, and various electronic voting machinery being deployed around the state using secret software to count Californians votes:

“The federal testing process is notoriously weak and it's done in secret,” continued Bowen. “Plus, these supposedly ‘independent testing authorities' the Secretary of State wants to rely on are financed by the voting machine industry and conduct their tests in secret as well. That's why California shouldn't be relying on proprietary software that uses secret code to count ballots. If we want to ensure we have voting systems that are reliable and secure – and that voters have confidence in – we need to be moving toward an open source software structure.”

Computer security expert, Avi Rubin, who originally discovered some of the astounding security flaws in Diebold's GEMS central tabulator, recently wrote at Huffington Post about the "Dirty Little Secrets of Voting System Testing Labs". We highly recommend his insightful and revealing article on both that and his recent experience at a summit held on Electronic Voting Security issues in California.

In a report just filed by Contra Costa Times Rubin says that review of the source code will determine little, since the source code has little do to with whether or not a hacker is able to introduce a malicious program. It's "definitely not something that's going to give a definitive answer," said Rubin.

McPherson's decision is surely a setback for Diebold who, like several other Voting Machine Companies, are currently scrambling for contracts in the wake of the impending Jan. 1, 2006 Help America Vote Act (HAVA) deadline. If States and Counties wish to receive Federal money to pay for voting systems upgrades, they must make their final decision on which companies to use by that date. Many of those States and Counties had been watching and waiting to see what California would do, given their previous history with Diebold. And of course, as Diebold --- one of several private companies vying to control the country's public voting system --- has described the state: it is America's "largest voting market."

The complete letter from Sec. of State McPherson's office to Diebold, along with Bowen's complete statement follow...

Letter from Election Chief Caren Daniels-Meade to Diebold Vice President, David Byrd:

December 20, 2005

David Byrd, Vice President
Diebold Election Systems, Inc.
P.O. Box 1019
Allen, Texas 75013

Dear Mr. Byrd:

As you know, Diebold's application for voting system certification in California is currently under review with the Secretary of State's Office (see chart below for components currently under review).

Unresolved significant security concerns exist with respect to the memory card used to program and configure the AccuVote-OS and the AccuVote-TSX components of this system because this component was not subjected to federal source code review and evaluation by the Independent Testing Authorities (ITA) who examined your system for federal qualification. It is the Secretary of State's position that the source code for the AccuBasic code on these cards, as well as for the AccuBasic interpreter that interprets this code, should have been federally reviewed.

Furthermore, we strongly believe it is the duty and responsibility of the Secretary of State and you to make certain that the ultimate users of your products – the voters of California – have a voting system that has been thoroughly and rigorously evaluated. Therefore, we are requesting that you submit the source code relating to the AccuBasic code on the memory cards and the AccuBasic interpreter to the ITA for immediate evaluation.

We require this additional review before proceeding with further consideration of your application for certification in California. Once we have received a report from the federal ITA adequately analyzing this source code, in addition to the technical and operational specifications relating to the memory card and interpreter, we will expeditiously proceed with our comprehensive review of your application.

If you have any questions, feel free to contact me at (###) ###-#### or via email at cdaniels@ss.ca.gov.

Sincerely,

Caren Daniels-Meade
Chief, Elections Division

Application under review relates to the following components:
GEMS Software version 1.18.24
AccuVote-TSX with AccuView Printer Module hardware
AccuVote-TSX Ballot Station firmware version 4.6.4
AccuVote-OS (model D) with firmware version 1.96.6
AccuVote-OS Central Count firmware version 2.0.12
Voter Card Encoder version 1.3.2
Key Card Tool software version 4.6.1
VC Programmer software version 1.3.2
AccuFeed

Complete statement from Sen. Debra Bowen:

FOR IMMEDIATE RELEASE
December 20, 2005

SECRETARY OF STATE PUNTS QUESTION OF RE-CERTIFYING DIEBOLD MACHINES FOR USE IN CALIFORNIA TO FEDERAL GOVERNMENT & VOTING MACHINE VENDORS

SACRAMENTO – “The Secretary of State shouldn't punt the decision about whether Diebold machines should be used to count ballots in California to the federal government and an ‘independent' testing authority that's financed by the voting machine vendors. That decision needs to be made in the open, right here in California.”

That's how Senator Debra Bowen (D-Redondo Beach), the chairwoman of the Senate Elections, Reapportionment, & Constitutional Amendments Committee, reacted to today's decision by the Secretary of State to send Diebold to the federal government and the Independent Testing Authorities for more information before deciding whether to re-certify the company's touch-screen machines for use here in California.

“The federal testing process is notoriously weak and it's done in secret,” continued Bowen. “Plus, these supposedly ‘independent testing authorities' the Secretary of State wants to rely on are financed by the voting machine industry and conduct their tests in secret as well. That's why California shouldn't be relying on proprietary software that uses secret code to count ballots. If we want to ensure we have voting systems that are reliable and secure – and that voters have confidence in – we need to be moving toward an open source software structure.”

Earlier this week, two Florida counties decided to remove all Diebold voting machines from their polling places due to concerns the machine's election results could be manipulated. Here in California, a number of counties bought Diebold touch-screen voting machines in 2003 and 2004 only to have them decertified after the March 2004 election when the machines prevented thousands of voters from casting their ballots, and Diebold was discovered to have violated state law by installing uncertified software on the machines before the election.

“Given what's happened in Florida this week, the charges in the class action lawsuit, and Diebold's history of installing uncertified software on its voting machines in California, it really makes me wonder why the Secretary of State is still considering allowing Diebold machines to be used here,” continued Bowen. “Given Diebold's history in this state, the bar for certification has to be higher. Simply punting the decision to the federal government and the vendor community lowers that bar, it doesn't raise it.

“The Help American Vote Act was intended to make it easier for people to vote and to improve the accuracy of the vote count,” continued Bowen. “If Diebold and the Secretary of State make it easier for people to vote, yet there's no guarantee those votes will be counted accurately, California will have wasted millions of taxpayer dollars and pulled the rug out from under our democracy in the process.”

Diebold's first attempt to have its touch-screen TSx re-certified this summer failed when 20% of the machines crashed or froze and 10% of them couldn't print the voter-verified paper trail required by state law. According to a staff report from the California Secretary of State, which recommends that the TSx be certified for use in California, those problems didn't recur during a follow-up test of the machines in September 2005.

“Basically, the Secretary of State decided not to make a decision, which is certainly better than opting to re-certify the Diebold machines, but at some point, he's going to have to decide whether he wants to make Californians vote on these error-prone touch-screens,” concluded Bowen.

For more information on the Independent Testing Authorities and electronic voting security issues, you may wish to visit http://avirubin.com/vote/, the web page of Avi Rubin, a professor of computer science at Johns Hopkins University. Attached is the Secretary of State's letter regarding today's decision, in case you haven't seen it.

###