Is Your Vote Your Vote?
A perspective on optical scan voting machines

By BRUCE SIMS
Voice Guest Columnist
Friday, July 22, 2005

On June 1, 2005, I received a consumer alert from www.Blackboxvoting.org. It indicated that when the Diebold optical scan voting machines in Leon County, Fla., were tested, they were "hacked" (altered) in three different ways. The complete report is at http://www.blackboxvoting.org/BBVreport.pdf.

I had been aware of the hacking problem, as well as other problems, with the touch-screen voting systems from Diebold and that the state of California had decertified such machines. San Diego County has spent about $31 million on such touch-screen systems, which still have yet to be certified. The contract specified a printer be associated with the touch-screen systems and that hasn't occurred either.

My opinion is that all of these machines should be subject to a product return because the system design could lead to vote manipulation, which means that votes would not be counted accurately. But I had thought that the optical scan voting machines were secure. What really disturbed me in reading the report was that the machines could be hacked by one person and that such vulnerabilities had not been caught by those entrusted with certifying such machines. So I decided to investigate what occurs with getting a voting machine certified.

When Congress passed the Help America Vote Act, it didn't provide funds for testing the electronic voting machines. Instead, there are three private companies whose main business is with the defense industry that are paid by the vendors of this equipment to test them. Those companies will not divulge what steps or procedures are used for the testing, and they indicate that all inquires are to be directed to the Election Assistance Commission via the National Association of State Election Directors.

Even though their testing and certification processes are unable to be known, the laws in most states require electronic voting machines be certified before use in an election. California is one of those states. And both the Secretary of State's office and the San Diego County Registrar of Voters are also supposed to be ascertaining the capabilities and functioning of these electronic voting machines.

Yet, despite all of the bureaucracy, these Diebold machines could be hacked by one person.

So what does HAVA say about this? Well, nothing. The only "standards" are those issued by the Federal Election Commission or the state's election laws. It's worth pointing out that the entire standards program is voluntary and nothing binds the Secretaries of State.

Well, what does HAVA say? The facts are that:
HAVA does not require the use of Direct Recording Electronic machines, or DREs (touch-screens);
HAVA does not prohibit punch card and lever systems;
HAVA preserves states' rights to use paper ballots;
HAVA's "audit" requirement does not provide for a comprehensive recount;
HAVA allows partial replacement of old systems; and
HAVA preserves states' rights to establish voting equipment standards.

So, given the obvious failing of the Independent Testing Authority and NASED to catch this computer security issue with the Diebold optical scanning machines used in San Diego County, whose responsibility is it?

According to NASED, "certification" of a voting system is done at the state level and is a process between the vendor and the specific state where the system is to be sold. Obviously, both the Secretary of State's office and the County Registrar of Voters office missed this system vulnerability.
See http://www.nased.org/ITA%20Information/NASEDITAProcess.pdf.

Which leads to the question: Who is doing the certification at the state and county level? A task force was convened by Secretary of State Kevin Shelley when he was in office who recommended that the state create a Technical Oversight Committee. See http://www.ss.ca.gov/elections/taskforce_report_4.htm.

However, there is just one individual, Steve Freeman, doing such work at this time. Regarding the AccuVote-OS v.1.96.4 system used in San Diego County, the Secretary of State's office documentation indicates that "certification testing" was done at the Diebold office in Coppell, Texas.
See http://www.ss.ca.gov/elections/consultant_report_item_5c.pdf.

The testing, which was done from July 19 to July 22, 2004, noted system errors with specific .abo files. (An .abo file is the file format used to communicate between system components.) Wyle Laboratories was the only independent testing authority used. But the NASED indicates that the only companies approved to do software testing are Ciber and Systest, not Wyle.

NASED and ITA released their report on May 30, 2003 more than a year before the California evaluation. The report indicated that multiple security issues existed, including the serial port used for uploading of "official" results.

The California evaluator, Steve Freeman, indicated that for this system:

1. The .abo files that are obsolete or inappropriate must be physically d by Diebold.
2.  That Diebold is to specify which .abo files may be used in the California AccuVote-OS Procedures.
3. That Diebold catalog and report on what it is that each of the retained .abo files does.
4. That Diebold provide the source code for the catalogued .abo files for review to confirm that the features described are complete, accurate and only do what is defined.
5.  That only the 194 US and 195/196 US files should be used until the other steps are completed.

The Secretary of State's record of the actual certification indicates that only number five on the above list of the evaluator's recommendations was addressed.

I was unable to determine whom, if anyone, at the Registrar of Voters is tasked with testing or certifying the voting machines.

Additionally, the state's procedures report indicates that the memory cards the component that can be hacked by one person without any trace do not come within the purview of Elections Code 17301-17306. This means that the results tabulated on the memory cards do not have to be retained for the 22-month period associated with other voting records. This is contrary to the U.S. Department of Justice findings.

Moreover, the above referenced system is certified to the FEC standards of 1990, not the 2002 FEC standards.

Because San Diego is having an election on July 26, and elected officials have fiduciary responsibilities to the voters who entrust them with running the government efficiently, I provided all county supervisors and all candidates for mayor with the report showing how the machines can be hacked. The County Registrar's office was aware of the report and refused my request to examine the systems here in San Diego even though election officials are fiduciaries of the citizens, and should exercise their duties in such a manner as to increase voter understanding of and confidence in the election process. Only Jim Bell and Donna Frye responded to my provisioning of the report.

So, on July 26, unless you use a paper ballot, you can't be sure that your vote will be your vote.

Bruce Sims is a 25-year computer professional, a consumer/community activist and member of Blackboxvoting.org and Votersunite.org.