U.S. e-voting has security, accuracy, and integrity issues according to the report issued by the California Secretary of State, Debra Bowen on July 30th.
From EWeek:
Three systems flunked in the hastily conducted examinations: Diebold's GEMS 1.18.24/AccuVote, Hart Intercivic System 6.2.1 and Sequoia's WinEDS version 3.1.012/Edge/Insight/400-C.
The sad state of e-voting technology in the U.S. was confirmed in seperate statements from Sequoia and Hart Intercivic.
More below on the statements confirming the reports findings and other voting systems
According to the California SOS Report
Each "red team" was to try to compromise the accuracy, security, and integrity of the
voting systems without making assumptions about compensating controls or procedural
mitigation measures that vendors, the Secretary of State, or individual counties may have
adopted.
In a response to the California Secretary of States Top to Bottom Review Sequoia confirms that the Red Team did just that and that the security of their e-voting systems is based upon external security.
The Red Team had no corresponding Blue Team (friendly to the system under study) to emulate traditional and current election security practices In short, the Red Team was able to, using a financial institution as an example, take away the locked front door of the bank branch, remove the security guard, remove the bank tellers, remove the panic alarm that notifies law enforcement, and have only slightly limited resources (particularly time and knowledge) to pick the lock on the bank vault. Such a scenario is implausible.
Again, using the financial instition example, the study report, assumes that one or more of the election controls may be compromised and that the blue team will therefore act like an ATM, outside of the locked door, armed guards, and vault.
The study report states that they intended to test the security of the e-voting system itself and not the external security provisions.
Sequoia then goes on to detail the "implausible" election circumstances that would have to occur to make the test valid.
The methodology used implies that election authority "insiders" have unlimited access to equipment, with no surveillance of their activities through automated methods.
You mean like in Ohio under the watchful eyes of Kenneth Blackwell?
Hart Intercivic confirmed that the security of e-voting using their machines is also based upon external security.
Election security is about People, Processes, Procedures, Policies, and Technology," said Neil McClure, chief technology officer for Hart InterCivic,...
An excellent lead in to a carefully crafted statement that avoids addressing any of the reports technical issues.
"The procedures and processes must be implemented, and followed, along with the system’s technical security features.
...
A better approach, said McClure, would be to define a realistic threat that faces all layers of security in an election.
An excellent confirmation by McClure that the security of their e-voting technology is based upon external measures and not the security features of their products.
Both vendors urged the California Secretary of State not to take any precipitous actions to protect democracy at the expense of their bottom line.
The University of California's approach to the problem of e-voting security was the right approach to take. It successfully highlights to continuing problem areas for e-voting.
First, it points out yet again, that the current e-voting systems being offered are not secure.
Can the systems be secure with the right external security measures? Possibly
Are the systems secure in a stand alone analysis? No.
Second, it points out that e-voting systems will be used in a wide variety of settings and that the external measures needed to secure the current systems cannot be guaranteed.
California has 58 counties with 58 different election procedures. A uniform set of external security measures cannot be provided in California as each county determines its own measures.
The doubt that can be created by a security breach in one county compromises an election for the entire State of California.
Multiply this by 50 states and their counties. A national election can be compromised by a security breach in one county in one state as we have experienced in Ohio and in Florida.
It is unacceptable to compromise State and National elections by using unsecure e-voting systems. It is unreasonable for the e-voting vendors to expect us to use shoddy systems just because that is what they make.
It is even more unacceptable because secure systems do exist and are in use in other countries and in the U.S.
The EWeek article is worth reading in its entirety because covers the variety of e-voting systems, the unique problems the U.S. has, and places that do it right.
"From what I have read, the U.S. systems are primitive compared [with those of] Australia," said Tom Worthington, a visiting fellow at the department of computer science at Australian National University, in Canberra, Australia, and an expert on e-voting technology, in an e-mail exchange with eWEEK
Unfortunately, Worthington notes, many people read about e-voting problems in the USA and assume that such problems apply to the rest of the world. Not so, he says. "Apart from the U.K., which made some poor choices in using Internet voting for local elections, the USA probably has the poorest designed electronic voting systems in the developed world," he said.
The article notes that the barriers to secure voting in the U.S. are political and administrative issues not techinical issues
This is supported by the fact that secure systems do exist in the U.S. as evidenced by ATMs. Virtually everyone has by this point used an ATM sitting alone in a parking lot with out the external security provisions e-voting manufacturers claim are necessary. ATMs report their transactions to central reporting systems and cannot have memory cards swapped by casual users or be hacked by trained chimpanzees.
How is it that banks can afford secure ATMs to protect $50-$100K but e-voting vendors cannot produce a secure e-voting system to protect State and National elections?