[wilhelmtux-discussion] e-government und seine risiken -- [comp.risks] Risks Digest 22.36

[Alex Schroeder]

An dieser Stelle möchte zuerst Werbung für die Newsgroup comp.risks
machen -- es geht zwar selten um Freie Software oder Offene Standards,
aber es geht um Computer und Sicherheit im weitesten Sinne.  Dies ist
sicherlich für alle interessant, sie bei eCH mitarbeiten oder in
Zukunft dazustossen werden.  An der Sitzung, an der ich teilnahm, war
ich zumindest der einzige Vertreter einer nicht-kommerziellen
Organisation, und empfand es als meine Verantwortung, etwas
Bürgerrechte einzubringen (einfaches Verständnis, Datenschutz, etc.).

Zudem möchte ich an dieser Stelle nun zwei Ausschnitte aus der
Newsletter in comp.risks bringen, welche zum einen die Erfahrungen mit
eVoting widerspiegeln, und zum anderen die Probleme mit dem unheiligen
Zusammenspiel von Sicherheitevaluation und Digital Millennium
Copyright Act (DMCA).  Insbesondere weil solche Copyright Probleme ja
über die USA und die EU sicher auch bei uns mal aktuel werden...

Alex.



RISKS-LIST: Risks-Forum Digest  Thursday 7 November 2002  Volume 22 : Issue 36

   FORUM ON RISKS TO THE PUBLIC IN COMPUTERS AND RELATED SYSTEMS (comp.risks)
   ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Date: Wed, 6 Nov 2002 08:59:29 -0500
From: "Rebecca Mercuri" <notable at mindspring.com>
Subject: CNN needs some fact-checkers on electronic-election article 

The 5 Nov 2002 article "Electronic elections: What about security?"
(www.cnn.com/2002/TECH/ptech/11/05/touch.screen/index.html) on CNN.com by
Jeordan Legon contains a number of factual errors and misrepresentations. To
CNN's credit, they did attempt to contact me for an interview on 11/4 for
that article, but their tight deadline should be no excuse for not getting
the facts straight.

The article states: "the voting software and hardware has to pass strict
security standards imposed by the Federal Election Commission and the
National Association of State Election Directors."  This is untrue.  ALL
voting systems newly deployed for the 2002 election were inspected to the
OBSOLETE 1990 FEC recommendations.  Even these were only adopted by 2/3 of
of the States.  The 2002 standards must be adopted prior to use and it is
unclear when (or in some States if) this will happen.

Mark Beckstrand, a Sequoia Voting Systems VP, was quoted in the CNN article
as saying: "Show me somebody who has gotten into our software. We haven't
lost or misplaced or ever been accused of not having 100 percent accuracy."
Well, first of all, experts, such as myself, are prevented from looking at
Sequoia's equipment because it is sold under restrictive trade-secret
agreements making it a felony if a purchaser (such as a County Board of
Elections) provides it for internal inspection, except under court order.
For a court case in Palm Beach County, we have tried for months to obtain a
Sequoia machine (for which we have numerous affidavits from voters
indicating problems) in order to perform an internal inspection, and have
even offered to purchase a machine from the County outright, but so far have
been barred from doing so.  It makes it really hard to show if their product
has been tampered with, if it's a felony to inspect it.

In addition to our case in Boca Raton, where there was an 8% "undervote"
(votes missing compared with number of voters who signed in at the
election), there are other instances of problems involving Sequoia
equipment.  Susan Bernicker videotaped numerous Sequoia machines used in a
Louisiana election that showed different names on the confirmation screen
than the candidate buttons that were pressed.  Over in New Jersey in 2000, a
brand new Sequoia machine turned up zeros for some candidates in a local
election.  Elsewhere in Palm Beach Co. in March 2002, Sequoia systems
registered a 3% undervote in an election where only 2 candidates were
running in only 1 race.  It was conjectured (by Election Supervisor Theresa
LePore) that people came to the polls and deliberately did not vote for one
of the candidates, but this seems rather unlikely.

Sequoia seems to have a short memory when it comes to court cases and
missing votes.  There might be a good reason for this.  According to the San
Francisco Business Times (11/19/2001), their Southern Regional Sales
Manager, Phil Foster, was indicted in Louisiana for "conspiracy to commit
money laundering and malfeasance" involving kickbacks to Jerry Fowler, the
Louisiana state commissioner of elections, now serving a prison term for his
involvement in a decade-long kickback scheme with Sequoia. Foster sold
machines in Lousiana and Florida, and testified as a technical expert
against Bernicker in her Baton Rouge case.

I hope CNN can be encouraged to run a correction or follow-up on their
article.  The public needs to know the rest of this story.

------------------------------

Date: Wed, 6 Nov 2002 9:38:58 PST
From: "Peter G. Neumann" <neumann at csl.sri.com>
Subject: The 2002 general election

In yesterday's voting, there were numerous irregularities, as usual --
although perhaps fewer visible ones than had been anticipated.

* Palm Beach and Broward in FL had reports of voters touching the screen for
McBride and having the vote showing up for Bush.  The vendors and voting
officials claim that that error was quickly "fixed".  Remember that "fix"
has two meanings.  For example, check out the Matt Drudge report at
  http://www.drudgereport.com/
  http://www.drudgereport.com/vote1.htm

* In Broward County, a programming error left out 34,000 votes, because the
combination of early votes exceeded a preprogrammed maximum.  Also, 70,000
absentee and Spanish-language ballots were missing from the reported
turnout, although they were included in the vote totals.  These were later
corrected.

* In Houston, where the all-electronic voting machines have rotary dials
instead of touch-screens, voters in five precincts had their attempts to
vote a straight party ticket rejected.  (It happens to have been the
Democratic ticket that was not accepted.)

* In Georgia, newly using touch-screens, some voters reported their votes
being recorded for other candidates.

* In Pulaski County, Arkansas, half of the voters had not been assigned
precincts after redistricting and were denied being able to vote despite
having legitimate registration cards.

* San Francisco failed to deliver enough ballots to several precincts, where
voting continued until midnight.

* In Nebraska, Charlie Matulka (a long-shot Democratic candidate) reports
having been given a paper ballot already premarked for his Republican
opponent.

* In South Carolina, there were some reports of long waits in line.
Elsewhere, people turned away from the polls in various places even with
valid identification.  Also, reports of lever machines dropping votes.

NOTE: Andrew Klossner sent in a correction on Andrew Morton's item in
RISKS-22.35 on absentee voting in Oregon: the ballot he gets is just an
unlabeled punch-card in which he has to punch out the chad for the desired
holes.  (Same for me in Santa Clara County, California.  PGN)

The general consensus among election officials and voters seems to be that
the all-electronic machines are a great improvement, relatively easy to use,
and inherently able to prevent overvotes.  The general consensus among
knowledgeable computer security experts seems to be that almost all of the
existing all-electronic systems could relatively easily be rigged by
internal fraud in the software and external manipulation of the local
polling-place configurations and could also be subject to undetected
internal errors, because of an almost complete absence of meaningful audit
trails and independent verification of the consistency of votes tabulated
with votes cast.  Just because an all-electronic machine looks like it might
be working, how do you *KNOW* it is doing the right thing?  From a RISKS
perspective, a perceived potential lack of integrity is a serious obstacle
to democracy.

_______________________________________________
wilhelmtux-discussion mailing list
wilhelmtux-discussion at wilhelmtux.ch
http://wilhelmtux.ch/mailman/listinfo/wilhelmtux-discussion