California’s secretary of state has mandated tough new security standards for the state’s e-voting systems and curtailed their use, following an independent review of the technology.
“Citizens do not have confidence that elections have been fairly decided because they don’t have faith in the integrity of the tools,” said Secretary of State Debra Bowen during a midnight conference call, late Friday night.
Polling stations will not be allowed to have more than one of the Diebold AccuVote-TSx and Sequoia Edge Model systems in place. County registrars must also take measures such as reinstalling the devices’ software and firmware, resetting the machines’ encryption keys, and prevent physical access to the systems.
Similar security measures are now mandated for Hart InterCivic Inc.’s voting systems, but without the single-machine limitation.
Systems from a fourth e-voting system maker, Election Systems & Software Inc., were decertified after the company was late in providing access to its products. The vendor’s InkaVote Plus systems, used in Los Angeles county, were now being evaluated and may yet be approved for use in the February 2008 election, Bowen said.
California’s review of e-voting has been a rushed affair, since it was kicked off in early May. That’s because the state subsequently moved its upcoming presidential primary vote ahead by four months, to February 5, 2008.
State law requires that county registrars be given six months’ notice on any decertification of voting systems, forcing Bowen to come up with decisions by last Friday, earlier than she had first anticipated.
E-voting systems were used by between a quarter and a third of California’s 8.9 million voters in last November’s election, the secretary of state said.
The order came just days after the release of a state-sponsored review of California’s e-voting machines. Led by the University of California, several teams of researchers evaluated the security, accessibility and usability of voting machines. Part of the review was an unprecedented study of the source code of the software.
The researchers’ findings were not encouraging for backers of the current electronic voting systems. A “red team” of penetration testers found 15 security problems in the devices.
For example, researchers were able to exploit bugs in the Windows operating system used by the Diebold GEMS election management system to circumvent the system’s audit logs and directly access data on the machine. They were able to get a similar level of access to Sequoia WinEDS data as well.
Testers were also able to overwrite firmware, bypass locks on the systems, forge voter cards, and even secretly install a wireless device on the back of a GEMS server.
A source-code review, released earlier last week, found problems in all three e-voting systems it evaluated, saying that Diebold’s systems were subject to a virus attack.
Meanwhile, a study by Florida State University researchers, released last week by Secretary of State Kurt Browning, concludes that Diebold’s voting machines are seriously flawed and could compromise the balloting.
The study concludes that the Accuvote OS optical scan machine, slated to be used in the presidential primary election in Florida next year, is vulnerable to vote manipulation by people who illicitly insert preprogrammed memory cards into a voting terminal.
A Diebold spokesman says the company plans to fix the flaws in time to meet the state’s August 17 deadline.
The researchers are now evaluating machines from Election Systems & Software Inc.
– with files from Marc Songini Computerworld (U.S.)