Presentation is loading. Please wait.

Presentation is loading. Please wait.

Safeguarding the 2008 vote Key inputs for the Senate Rules and Administration Committee Hearings and the Ballot Integrity Act Voting Rights Taskforce Wellstone.

Similar presentations


Presentation on theme: "Safeguarding the 2008 vote Key inputs for the Senate Rules and Administration Committee Hearings and the Ballot Integrity Act Voting Rights Taskforce Wellstone."— Presentation transcript:

1 Safeguarding the 2008 vote Key inputs for the Senate Rules and Administration Committee Hearings and the Ballot Integrity Act Voting Rights Taskforce Wellstone Democratic Renewal Club March 15, 2007

2 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Participants Dr. Don Goldmacher, M.D., state delegate AD-14 Ms. Michelle Gabriel, M.S., M.B.A., state delegate AD-16, author of Election Monitoring in California 2006 Mr. Jim Soper, M.A., Senior software consultant, author of Dr. Judy Bertelsen, M.D., Ph.D. Professor Harold Lecar, Ph.D. Ms. Jackie Riskin, M.Sw. Mr. Lee Munson, M.B.A.

3 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Our situation Our Voting Machines, System, and Procedures are putting our Democracy at risk!

4 Electronic voting can be corrupted… Accidentally or Intentionally

5 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in DeForest Soaries resigns from Election Assistance Commission (EAC) saying… …that we had made things worse through the passage of the Help America Vote Act. …theres an erosion of voting rights implicit in our inability to trust the technology that we use and if we were another country being analyzed by America, we would conclude that this country is ripe for stealing elections and for fraud.

6 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Our situation How do we avoid a 2008 re- run of Florida 2000, Ohio 2004, and Florida 2006?

7 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Federal legislation is required to establish minimum safeguards for the 2008 vote. Dont federalize all election law. States could have more stringent security laws.

8 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Principal Remedies Handmarked paper ballots ONLY Establish serious audits of machine counts Re-structure the EAC or dump it Enforce the election laws

9 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Legislation must address these issues: Voting machines are NOT secure. Security mitigations are not enough and not followed. Audits are inadequate and poorly implemented. Machine created paper trails (VVPATs) are virtually useless and give an illusion of security. Election laws are not enforced. The EAC (Election Assistance Commission) is dysfunctional.

10 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Our Vision for 2008 Hand marked paper ballots (HMPB). Ballot marking devices (BMD) with touchscreen and audio interface for disabled voting. Precinct based optiscan (PBOS) or central optiscan if PBOS is not available. Sufficient hand counted manual audits of optiscan and BMD ballots. True audits of election results. Timely, public, and affordable access to voting records. Timely enforcement of all Federal and State election laws.

11 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Our Vision for 2008 All points of the vision must be done together. A piecemeal implementation will leave open security vulnerabilities. Even paper ballots are NOT secure without audit reform. The devil is in the details, and clear definitions will be required. Currently, each Election Official chooses a different interpretation of election laws.

12 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Definitions (Optiscan) Opti-scan - optical ballot scanner

13 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Definitions (Touchscreen)

14 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Definitions (DRE, VVPAT) DRE (Direct Recording Electronic) VVPAT (Voter Verified Paper Audit Trail)

15 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Definitions (Tabulator) Tabulator central vote counting computer Memory cards

16 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Definitions (Memory Card) Memory card used to transfer data, including votes, between the central tabulator and the scanners and voting machines in the precincts.

17 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Definitions (Auditing) Auditing – check vote totals from some % of precincts after the election

18 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in The Players Federal EAC – Election Assistance Commission ITA – Independent Testing Authority NIST – National Institute of Standards and Technology State SoS – Secretary of State County Elections Officials – Registrar of Voters, Board of Elections, Clerk/Recorder

19 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Our goals…. We would like to… …help in drafting the Ballot Integrity Act …communicate with staff on key issues PRIOR to the hearings ……to be a resource to Senator Feinsteins office on election integrity issues Our expertise is a combination of academic, technical, business, and first hand election experience. We want to help!

20 Supporting Detail

21 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Avi Rubin, e-voting expert, Johns Hopkins professor: …when I first studied the Diebold DRE in 2003, I felt that a Voter Verified Paper Audit Trail (VVPAT) provided enough assurance. But, I continued, after 4 years of studying the issue, I now believe that a DRE with a VVPAT is not a reasonable voting system. The only system that I know of that achieves software independence as defined by NIST, is economically viable and readily available is paper ballots with ballot marking machines for accessibility and precinct optical scanners for counting – coupled with random audits. That is how we should be conducting elections in the US, in my opinion. From Avi Rubins BLOG describing his testimony before a House subcommittee hearing on Ensuring the Integrity of Elections, March 7 th, 2007.

22 Electronic voting can be corrupted… Accidentally or Intentionally

23 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Electronic voting system security is inadequate NIST Report, 11/06 Princeton Report, 9/06 NRC Report, 7/06 BBV Report, 7/06 Brennan Report, 6/06 Hursti II Report, 5/06 Berkeley Report, 2/06 Hursti I Report, 5/05 RABA Report, 1/04 Compuware Report, 11/03 SAIC Report, 9/03 Johns Hopkins Report, 7/03 Saltman Paper, 3/78 13 reputable reports ALL say: Electronic voting is vulnerable!

24 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Electronic voting system security is inadequate The risk of an outsider attack by a poll worker, voter or hacker, especially via a virus or similar, is real. Chicago misplaced 400+ memory cards Cleveland misplaced 75+ memory cards. Hackers can gain access if the machines have wireless or internet connections

25 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Electronic voting system security is inadequate Successful simulated attacks on an election Poll workers, possibly voters. VVPAT may be compromised. Attack might not be caught by an audit. Touchscreen to tabulator, Diebold & Sequoia Summary tape and precinct totals incorrect; virus carried to other machines. Princeton Hack 9/2006 Pollworker/Sleepovers. A good audit might catch this Touchscreen to tabulator, Diebold A programmer can take complete control of a DRE, and an election. Undetectable. Hursti II5/2006 Pollworker/Sleepovers. A good audit might catch this Optical Scan to tabulator, Diebold A programmer took control of memory cards, which handle the vote-reporting & counting. Hursti I5/2005, 11/2005 Anyone with access to the known tabulator passwords Tabulator & database, Diebold Central vote totals could be changed with no trace GEMS tabulator 5/2005 AccessEquipmentDescriptionAttackDate

26 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Electronic voting system security is inadequate The risk of an insider (election official, company programmer) attack is real Example: Easter Eggs (hidden code) We do not know what software is inside the machines on election day No amount of testing will detect hidden code Jeffery Dean, 23 embezzlement convictions Clinton Curtis hired to write a program to manipulate an election

27 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Electronic voting system security is inadequate Glitches happen Sarasota county, FL : 18,000 votes disappeared Many more examples of lost votes Software and data are trade secrets Nobody, and no machine, should be counting American votes in secret

28 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Electronic Voting Recommendations Open source software – public inspection Software verification Check that the software used on election day is the software that was inspected, tested and certified. Public testing of systems Security (red team) testing Ban wireless and internet connections

29 Security mitigations Classic Obfuscation #1: There are security problems with DREs and electronic voting but they can be mitigated with proper measures

30 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Security mitigations are inadequate and not followed Tamper evident seals dont work Not all pollworkers trained to look at seals, procedures not defined if seal is torn, Taking a machine out of service not enough if manipulation spreads like a virus Chain of custody of memory cards is nullified by processes inherent to voting machine Machines need to be in place prior to Election Day This allows adequate access for manipulation of memory cards

31 Audits Classic Obfuscation #2: Audits will catch any problems

32 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Audits are inadequate and poorly implemented A fixed %age audit ( i.e..1-2%) will not catch manipulation in a close race Example: San Francisco County has 600 precincts 1% audit = 6 precincts: CA current law If there is a real difference in the audit vs. the machine count in 5% (30) precincts, there is only a 27% chance of noticing it. 2% audit = 12 precincts: Holt Bill proposal If there is a real difference in the audit vs. the machine count in 5% (30) precincts, there is only a 46% chance of noticing it.

33 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Audit Recommendations 99% confidence level in results. Include ALL votes – absentee and provisional. Random, public choice of precincts to count and a preliminary statement of vote to count against. Implement a tiered audit system that adjusts for the closeness of the race. Require discrepancy procedures and results reporting. Look at effects of discrepancies in larger context. Would such a small difference affect results of state or federal elections.

34 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Audits on VVPATs are problematic VVPATs were an afterthought, never tested for voters catching errors. Votes were not educated to look at VVPATs Poll workers didnt understand their purpose and sometimes told voters to NOT look at them. Paper jams were frequent and votes not recorded Rolls were very difficult to read at audits. If the VVPAT was unreadable, the roll was re-printed from the memory card-which was NOT voter verified

35 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in VVPAT Recommendations Federal law banning VVPATs and DREs Florida, New Mexico, and Maryland are all moving in that direction Only Voter Marked Paper Ballots should be allowed Systems already purchased are sunk costs Ballot marking devices should be certified for HAVA compliance

36 Enforcement Too little, too late

37 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Election laws are not enforced No checks and balances on Elections Officials On Election Day it is nearly impossible to get any legal action done. Deadline to certify the vote allows officials to delay providing information, etc. until too late Officials are not being held accountable for not following election code. District Attorneys and Attorney Generals are not acting on these issues.

38 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Enforcement recommendations Timely !!! Enforcement must be immediate and allow revote. Need to cover pollworkers and elections officials Consequences spelled out explicitly

39 Election Assistance Commission (EAC) Past, present, and future

40 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in EAC – Quick history Mandated by HAVA (Help America Vote Act) in Voluntary System Guidelines > 1 year late but HAVA requirements not extended, thus forcing purchase of expensive, poorly designed, inadequately tested electronic equipment. DeForest Soaries resigns in ITA (Independent Testing Authority) testing shown to be a failure in 2006.

41 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in EAC Current Structure Issues No enforcement power – only makes recommendations. Sets up privatization /corporate secrets fraught with conflict of interest in testing – should set up public, transparent, highly professional testing process. Leadership is bipartisan but is political – should be professional, technical and legal. Election administration should be nonpartisan.

42 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in EAC Proposed structural changes Re-structure in a way to help in 2008 or else sunset the organization Turn all testing over to NIST (National Institute of Standards and Technology) Make testing results public Actually test for security vulnerability, including insider and outsider attacks. Actual attacks should be attempted on the equipment. If a fix is made, that fix should be tested by an actual attack attempt. Sunshine provisions

43 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in References Link to this presentation Links to security reports Procedures are inadequate Why we know (before 06) that the ITA testing has failed Easter egg definition and picture

44 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Senator Feinstein: Report Highlights Need for New Legislation to Reform Electronic Voting December 1, 2006 The Ballot Integrity Act P1:Paper Records, Voter Verification and Audit: Requires that voting machines produce a paper record that voters can verify, and correct if necessary, after casting their vote. Also requires that the paper record be preserved and used in a mandatory, random audit. P2: Electronic Voting System Security: Takes measures to prevent technological manipulation of electronic voting systems and requires that all voting system software be disclosed to and certified by the Election Assistance Commission. P4: Official Election Observers: Grants all official, legitimate domestic and international election observers unrestricted access to the election process, provided that they accept election rules, do not interfere with the election process, respect the secrecy of the ballot and are accredited by the Election Assistance Commission. P6: Enforcement of HAVA Provisions: Clarifies that individuals can pursue legal resolution of violations of the Help America Vote Act. Permanently extends the authorization of the Election Assistance Committee. Requires that contractors hired by the Commission go through a public bidding process.

45 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Ballot Integrity Act (BIA) BIA proposal Paper Records, Voter Verification and Audit: Requires that voting machines produce a paper record that voters can verify and correct if necessary, after casting their vote. Also requires that the paper record be preserved and used in a mandatory, random audit Concerns include: Still allows DREs Needs to define random Needs to define that audits are hand counted Does not require that system notify voter of under and over votes Good points include Mandatory, random audits

46 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Ballot Integrity Act BIA proposal Electronic Voting System security: Takes measures to prevent technological manipulation of electronic voting systems and requires that all voting system software be disclosed to and certified by the EAC Concerns include EAC has been so far ineffective. Would this catch Hurst I and II attacks? What will catch insider attack hidden code? Software verification – how do you know the software disclosed to the EAC is what is on the machines. Does not specifically ban wireless or internet connections Good points include: Recognition that more security measures are needed.

47 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Ballot Integrity Act BIA proposal Official Election Observers: Grants all official, legitimate domestic and international election observers unrestricted access to the election process, provided that they accept election rules, do not interfere with the election process, respect the secrecy of the ballot and are accredited by the EAC. Concerns include: Less than current CA law. All citizens should be allowed to observe. Definitions required.e.g. Elections Officials vs. monitors definition of interfering. EAC accreditation creates hurdles and bureaucracy. What is gained by this? What are enforcement provisions at the time and after the election? Good Points include : Unrestricted access to the election process

48 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in Ballot Integrity Act BIA proposal Enforcement of HAVA provisions: Clarifies that individuals can pursue legal resolution of violations of HAVA. Permanently extends the authorization of the EAC. Concerns include: EAC has been ineffective. HAVA has been very difficult to interpret. Good points include: Some enforcement strengthening


Download ppt "Safeguarding the 2008 vote Key inputs for the Senate Rules and Administration Committee Hearings and the Ballot Integrity Act Voting Rights Taskforce Wellstone."

Similar presentations


Ads by Google