Three distinguished computer scientists ask: 'How did software containing such an outrageous violation come to be certified?' and other difficult-to-answer questions
ALSO: 'Diebold has placed election officials in an awkward position, with no defense against disgruntled candidates or voters questioning the results of an election.'
By Winter Patriot on 7/24/2006, 8:47pm PT  

Guest blogged by Winter Patriot

Yesterday, OpEdNews published an astonishing article by David Dill, Doug Jones and Barbara Simons, an article which blows the lid off the shenanigans that have been going on between Diebold and the State of Maryland.

Wise men say "Consider the source." That's always a good idea. In this case, all three authors have very impressive credentials:

David L. Dill is a Professor of Computer Science at Stanford University and the founder of VerifiedVoting.org.
Doug Jones is an Associate Professor of Computer Science at the University of Iowa.
Barbara Simons is retired from IBM Research and a former ACM [Association for Computing Machinery] President.

Turning to the article itself, here are the first few paragraphs:

Most computer scientists have long viewed Diebold as the poster child for all that is wrong with touch screen voting machines. But we never imagined that Diebold would be as irresponsible and incompetent as they have turned out to be.

Recently, computer security expert Harri Hursti revealed serious security vulnerabilities in Diebold's software. According to Michael Shamos, a computer scientist and voting system examiner in Pennsylvania, "It's the most severe security flaw ever discovered in a voting system."

Even more shockingly, we learned recently that Diebold and the State of Maryland had been aware of these vulnerabilities for at least two years. They were documented in analysis, commissioned by Maryland and conducted by RABA Technologies, published in January 2004. For over two years, Diebold has chosen not to fix the security holes, and Maryland has chosen not to alert other states or national officials about these problems.

Basically, Diebold included a "back door" in its software, allowing anyone to change or modify the software. There are no technical safeguards in place to ensure that only authorized people can make changes.

A malicious individual with access to a voting machine could rig the software without being detected. Worse yet, if the attacker rigged the machine used to compute the totals for some precinct, he or she could alter the results of that precinct. The only fix the RABA authors suggested was to warn people that manipulating an election is against the law.

So manipulating an election is against the law? Who'da thunk it?

Sorry! I couldn't help myself.

The remainder of the article, unaccompanied by smart remarks, follows:

Typically, modern voting machines are delivered several days before an election and stored in people's homes or in insecure polling stations. A wide variety of poll workers, shippers, technicians, and others who have access to these voting machines could rig the software. Such software alterations could be difficult to impossible to detect.

Diebold spokesman David Bear admitted to the New York Times that the back door was inserted intentionally so that election officials would be able to update their systems easily. Bear justified Diebold's actions by saying, "For there to be a problem here, you're basically assuming a premise where you have some evil and nefarious election officials who would sneak in and introduce a piece of software... I don't believe these evil elections people exist."

While Diebold's confidence in election officials is heartwarming, Diebold has placed election officials in an awkward position, with no defense against disgruntled candidates or voters questioning the results of an election. The situation is even worse for those states and localities using Diebold touch-screen machines that have no voter-verified paper records to recount.

Diebold voting machines have been certified to be in compliance with 2002 Voting System Standards, as required by the Help America Vote Act. These standards prohibit software features that raise any doubt "that the software tested during the qualification process remains unchanged and retains its integrity." We must ask, how did software containing
such an outrageous violation come to be certified, and what other flaws, yet to be uncovered, lurk in other certified systems?

There have been many significant problems - some resulting in lost votes - involving paperless voting machines produced by other vendors. Recognizing the intrinsic risks of paperless voting machines, the Association for Computing Machinery issued a statement saying that each voter should be able "to inspect a physical (e.g., paper) record to verify that his or her vote has been accurately cast and to serve as an independent check on the result." Without voter-verified paper records of all the votes, and without routine spot audits of these records, no currently available voting system can be trusted. With such records, even when machines do not function correctly, each voter can make sure that his or her vote has been correctly recorded on paper.

Our democracy depends on our having secure, reliable, and accurate elections.

That's for sure. No smart remarks this time.