Presentation is loading. Please wait.

Presentation is loading. Please wait.

Safeguarding the 2008 vote Key inputs for the Senate Rules and Administration Committee Hearings and the Ballot Integrity Act Voting Rights Taskforce Wellstone.

Published byKaylee Johnston Modified over 10 years ago

Similar presentations

Presentation on theme: "Safeguarding the 2008 vote Key inputs for the Senate Rules and Administration Committee Hearings and the Ballot Integrity Act Voting Rights Taskforce Wellstone."— Presentation transcript:

1 Safeguarding the 2008 vote Key inputs for the Senate Rules and Administration Committee Hearings and the Ballot Integrity Act Voting Rights Taskforce Wellstone Democratic Renewal Club March 15, 2007

2 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 20082 Participants Dr. Don Goldmacher, M.D., state delegate AD-14 Ms. Michelle Gabriel, M.S., M.B.A., state delegate AD-16, author of Election Monitoring in California 2006 Mr. Jim Soper, M.A., Senior software consultant, author of www.CountedAsCast.com www.CountedAsCast.com Dr. Judy Bertelsen, M.D., Ph.D. Professor Harold Lecar, Ph.D. Ms. Jackie Riskin, M.Sw. Mr. Lee Munson, M.B.A.

3 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 20083 Our situation Our Voting Machines, System, and Procedures are putting our Democracy at risk!

4 Electronic voting can be corrupted… Accidentally or Intentionally

5 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 20085 DeForest Soaries resigns from Election Assistance Commission (EAC) saying… …that we had made things worse through the passage of the Help America Vote Act. …theres an erosion of voting rights implicit in our inability to trust the technology that we use and if we were another country being analyzed by America, we would conclude that this country is ripe for stealing elections and for fraud.

6 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 20086 Our situation How do we avoid a 2008 re- run of Florida 2000, Ohio 2004, and Florida 2006?

7 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 20087 Federal legislation is required to establish minimum safeguards for the 2008 vote. Dont federalize all election law. States could have more stringent security laws.

8 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 20088 Principal Remedies Handmarked paper ballots ONLY Establish serious audits of machine counts Re-structure the EAC or dump it Enforce the election laws

9 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 20089 Legislation must address these issues: Voting machines are NOT secure. Security mitigations are not enough and not followed. Audits are inadequate and poorly implemented. Machine created paper trails (VVPATs) are virtually useless and give an illusion of security. Election laws are not enforced. The EAC (Election Assistance Commission) is dysfunctional.

10 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200810 Our Vision for 2008 Hand marked paper ballots (HMPB). Ballot marking devices (BMD) with touchscreen and audio interface for disabled voting. Precinct based optiscan (PBOS) or central optiscan if PBOS is not available. Sufficient hand counted manual audits of optiscan and BMD ballots. True audits of election results. Timely, public, and affordable access to voting records. Timely enforcement of all Federal and State election laws.

11 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200811 Our Vision for 2008 All points of the vision must be done together. A piecemeal implementation will leave open security vulnerabilities. Even paper ballots are NOT secure without audit reform. The devil is in the details, and clear definitions will be required. Currently, each Election Official chooses a different interpretation of election laws.

12 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200812 Definitions (Optiscan) Opti-scan - optical ballot scanner

13 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200813 Definitions (Touchscreen)

14 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200814 Definitions (DRE, VVPAT) DRE (Direct Recording Electronic) VVPAT (Voter Verified Paper Audit Trail)

15 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200815 Definitions (Tabulator) Tabulator central vote counting computer Memory cards

16 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200816 Definitions (Memory Card) Memory card used to transfer data, including votes, between the central tabulator and the scanners and voting machines in the precincts.

17 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200817 Definitions (Auditing) Auditing – check vote totals from some % of precincts after the election

18 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200818 The Players Federal EAC – Election Assistance Commission ITA – Independent Testing Authority NIST – National Institute of Standards and Technology State SoS – Secretary of State County Elections Officials – Registrar of Voters, Board of Elections, Clerk/Recorder

19 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200819 Our goals…. We would like to… …help in drafting the Ballot Integrity Act …communicate with staff on key issues PRIOR to the hearings ……to be a resource to Senator Feinsteins office on election integrity issues Our expertise is a combination of academic, technical, business, and first hand election experience. We want to help!

20 Supporting Detail

21 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200821 Avi Rubin, e-voting expert, Johns Hopkins professor: …when I first studied the Diebold DRE in 2003, I felt that a Voter Verified Paper Audit Trail (VVPAT) provided enough assurance. But, I continued, after 4 years of studying the issue, I now believe that a DRE with a VVPAT is not a reasonable voting system. The only system that I know of that achieves software independence as defined by NIST, is economically viable and readily available is paper ballots with ballot marking machines for accessibility and precinct optical scanners for counting – coupled with random audits. That is how we should be conducting elections in the US, in my opinion. From Avi Rubins BLOG describing his testimony before a House subcommittee hearing on Ensuring the Integrity of Elections, March 7 th, 2007.

22 Electronic voting can be corrupted… Accidentally or Intentionally

23 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200823 Electronic voting system security is inadequate NIST Report, 11/06 Princeton Report, 9/06 NRC Report, 7/06 BBV Report, 7/06 Brennan Report, 6/06 Hursti II Report, 5/06 Berkeley Report, 2/06 Hursti I Report, 5/05 RABA Report, 1/04 Compuware Report, 11/03 SAIC Report, 9/03 Johns Hopkins Report, 7/03 Saltman Paper, 3/78 13 reputable reports ALL say: Electronic voting is vulnerable!

24 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200824 Electronic voting system security is inadequate The risk of an outsider attack by a poll worker, voter or hacker, especially via a virus or similar, is real. Chicago misplaced 400+ memory cards Cleveland misplaced 75+ memory cards. Hackers can gain access if the machines have wireless or internet connections

25 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200825 Electronic voting system security is inadequate Successful simulated attacks on an election Poll workers, possibly voters. VVPAT may be compromised. Attack might not be caught by an audit. Touchscreen to tabulator, Diebold & Sequoia Summary tape and precinct totals incorrect; virus carried to other machines. Princeton Hack 9/2006 Pollworker/Sleepovers. A good audit might catch this Touchscreen to tabulator, Diebold A programmer can take complete control of a DRE, and an election. Undetectable. Hursti II5/2006 Pollworker/Sleepovers. A good audit might catch this Optical Scan to tabulator, Diebold A programmer took control of memory cards, which handle the vote-reporting & counting. Hursti I5/2005, 11/2005 Anyone with access to the known tabulator passwords Tabulator & database, Diebold Central vote totals could be changed with no trace GEMS tabulator 5/2005 AccessEquipmentDescriptionAttackDate

26 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200826 Electronic voting system security is inadequate The risk of an insider (election official, company programmer) attack is real Example: Easter Eggs (hidden code) We do not know what software is inside the machines on election day No amount of testing will detect hidden code Jeffery Dean, 23 embezzlement convictions Clinton Curtis hired to write a program to manipulate an election

27 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200827 Electronic voting system security is inadequate Glitches happen Sarasota county, FL : 18,000 votes disappeared Many more examples of lost votes Software and data are trade secrets Nobody, and no machine, should be counting American votes in secret

28 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200828 Electronic Voting Recommendations Open source software – public inspection Software verification Check that the software used on election day is the software that was inspected, tested and certified. Public testing of systems Security (red team) testing Ban wireless and internet connections

29 Security mitigations Classic Obfuscation #1: There are security problems with DREs and electronic voting but they can be mitigated with proper measures

30 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200830 Security mitigations are inadequate and not followed Tamper evident seals dont work Not all pollworkers trained to look at seals, procedures not defined if seal is torn, Taking a machine out of service not enough if manipulation spreads like a virus Chain of custody of memory cards is nullified by processes inherent to voting machine Machines need to be in place prior to Election Day This allows adequate access for manipulation of memory cards

31 Audits Classic Obfuscation #2: Audits will catch any problems

32 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200832 Audits are inadequate and poorly implemented A fixed %age audit ( i.e..1-2%) will not catch manipulation in a close race Example: San Francisco County has 600 precincts 1% audit = 6 precincts: CA current law If there is a real difference in the audit vs. the machine count in 5% (30) precincts, there is only a 27% chance of noticing it. 2% audit = 12 precincts: Holt Bill proposal If there is a real difference in the audit vs. the machine count in 5% (30) precincts, there is only a 46% chance of noticing it.

33 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200833 Audit Recommendations 99% confidence level in results. Include ALL votes – absentee and provisional. Random, public choice of precincts to count and a preliminary statement of vote to count against. Implement a tiered audit system that adjusts for the closeness of the race. Require discrepancy procedures and results reporting. Look at effects of discrepancies in larger context. Would such a small difference affect results of state or federal elections.

34 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200834 Audits on VVPATs are problematic VVPATs were an afterthought, never tested for voters catching errors. Votes were not educated to look at VVPATs Poll workers didnt understand their purpose and sometimes told voters to NOT look at them. Paper jams were frequent and votes not recorded Rolls were very difficult to read at audits. If the VVPAT was unreadable, the roll was re-printed from the memory card-which was NOT voter verified

35 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200835 VVPAT Recommendations Federal law banning VVPATs and DREs Florida, New Mexico, and Maryland are all moving in that direction Only Voter Marked Paper Ballots should be allowed Systems already purchased are sunk costs Ballot marking devices should be certified for HAVA compliance

36 Enforcement Too little, too late

37 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200837 Election laws are not enforced No checks and balances on Elections Officials On Election Day it is nearly impossible to get any legal action done. Deadline to certify the vote allows officials to delay providing information, etc. until too late Officials are not being held accountable for not following election code. District Attorneys and Attorney Generals are not acting on these issues.

38 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200838 Enforcement recommendations Timely !!! Enforcement must be immediate and allow revote. Need to cover pollworkers and elections officials Consequences spelled out explicitly

39 Election Assistance Commission (EAC) Past, present, and future

40 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200840 EAC – Quick history Mandated by HAVA (Help America Vote Act) in 2002. Voluntary System Guidelines > 1 year late but HAVA requirements not extended, thus forcing purchase of expensive, poorly designed, inadequately tested electronic equipment. DeForest Soaries resigns in 2005. ITA (Independent Testing Authority) testing shown to be a failure in 2006.

41 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200841 EAC Current Structure Issues No enforcement power – only makes recommendations. Sets up privatization /corporate secrets fraught with conflict of interest in testing – should set up public, transparent, highly professional testing process. Leadership is bipartisan but is political – should be professional, technical and legal. Election administration should be nonpartisan.

42 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200842 EAC Proposed structural changes Re-structure in a way to help in 2008 or else sunset the organization Turn all testing over to NIST (National Institute of Standards and Technology) Make testing results public Actually test for security vulnerability, including insider and outsider attacks. Actual attacks should be attempted on the equipment. If a fix is made, that fix should be tested by an actual attack attempt. Sunshine provisions

43 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200843 References Link to this presentation www.countedascast.com/alameda/march-15-2007mollinari.ppt Links to security reports www.countedascast.com/issues/security.php#reports www.countedascast.com/issues/security.php#reports Procedures are inadequate www.countedascast.com/issues/procedures.php Why we know (before 06) that the ITA testing has failed www.countedascast.com/issues/testing.php#ita www.countedascast.com/issues/procedures.php www.countedascast.com/issues/testing.php#ita Easter egg definition and picture www.countedascast.com/issues/testing.php#easteregg www.countedascast.com/issues/testing.php#easteregg

44 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200844 Senator Feinstein: Report Highlights Need for New Legislation to Reform Electronic Voting December 1, 2006 The Ballot Integrity Act P1:Paper Records, Voter Verification and Audit: Requires that voting machines produce a paper record that voters can verify, and correct if necessary, after casting their vote. Also requires that the paper record be preserved and used in a mandatory, random audit. P2: Electronic Voting System Security: Takes measures to prevent technological manipulation of electronic voting systems and requires that all voting system software be disclosed to and certified by the Election Assistance Commission. P4: Official Election Observers: Grants all official, legitimate domestic and international election observers unrestricted access to the election process, provided that they accept election rules, do not interfere with the election process, respect the secrecy of the ballot and are accredited by the Election Assistance Commission. P6: Enforcement of HAVA Provisions: Clarifies that individuals can pursue legal resolution of violations of the Help America Vote Act. Permanently extends the authorization of the Election Assistance Committee. Requires that contractors hired by the Commission go through a public bidding process.

45 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200845 Ballot Integrity Act (BIA) BIA proposal Paper Records, Voter Verification and Audit: Requires that voting machines produce a paper record that voters can verify and correct if necessary, after casting their vote. Also requires that the paper record be preserved and used in a mandatory, random audit Concerns include: Still allows DREs Needs to define random Needs to define that audits are hand counted Does not require that system notify voter of under and over votes Good points include Mandatory, random audits

46 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200846 Ballot Integrity Act BIA proposal Electronic Voting System security: Takes measures to prevent technological manipulation of electronic voting systems and requires that all voting system software be disclosed to and certified by the EAC Concerns include EAC has been so far ineffective. Would this catch Hurst I and II attacks? What will catch insider attack hidden code? Software verification – how do you know the software disclosed to the EAC is what is on the machines. Does not specifically ban wireless or internet connections Good points include: Recognition that more security measures are needed.

47 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200847 Ballot Integrity Act BIA proposal Official Election Observers: Grants all official, legitimate domestic and international election observers unrestricted access to the election process, provided that they accept election rules, do not interfere with the election process, respect the secrecy of the ballot and are accredited by the EAC. Concerns include: Less than current CA law. All citizens should be allowed to observe. Definitions required.e.g. Elections Officials vs. monitors definition of interfering. EAC accreditation creates hurdles and bureaucracy. What is gained by this? What are enforcement provisions at the time and after the election? Good Points include : Unrestricted access to the election process

48 03/15/07 Voting Rights Taskforce - Safeguarding our Elections in 200848 Ballot Integrity Act BIA proposal Enforcement of HAVA provisions: Clarifies that individuals can pursue legal resolution of violations of HAVA. Permanently extends the authorization of the EAC. Concerns include: EAC has been ineffective. HAVA has been very difficult to interpret. Good points include: Some enforcement strengthening

Download ppt "Safeguarding the 2008 vote Key inputs for the Senate Rules and Administration Committee Hearings and the Ballot Integrity Act Voting Rights Taskforce Wellstone."

Similar presentations

VOLUNTARY PRINCIPLES ON SECURITY & HUMAN RIGHTS. What are the Voluntary Principles? Tripartite, multi-stakeholder initiative Initiated in 2000 by UK Foreign.

VOLUNTARY PRINCIPLES ON SECURITY & HUMAN RIGHTS. What are the Voluntary Principles? Tripartite, multi-stakeholder initiative Initiated in 2000 by UK Foreign.
Safeguarding the 2008 Vote For Speaker Nancy Pelosi Voting Rights Taskforce Wellstone Democratic Renewal Club June 26, 2007.

Safeguarding the 2008 Vote For Speaker Nancy Pelosi Voting Rights Taskforce Wellstone Democratic Renewal Club June 26, 2007.
I Think I Voted. E-voting vs. Democracy Prof. David L. Dill Department of Computer Science Stanford University

I Think I Voted. E-voting vs. Democracy Prof. David L. Dill Department of Computer Science Stanford University
10/04/20081 TWG of ESF Committee 10 April 2008 Franck Sébert Head of unit DG EMPL/I/1 Relations with Control Authorities Action plan to strengthen the.

10/04/20081 TWG of ESF Committee 10 April 2008 Franck Sébert Head of unit DG EMPL/I/1 Relations with Control Authorities Action plan to strengthen the.
Voting System in the November 4, 2008 General Election Produced by the Iowa State Association of County Auditors.

Voting System in the November 4, 2008 General Election Produced by the Iowa State Association of County Auditors.
Making Sure Every Vote Counts in the Digital Era: The Need for Standards Mandating Voter-Verified Paper Ballots Sarah Rovito 2007 WISE Intern August 3,

Making Sure Every Vote Counts in the Digital Era: The Need for Standards Mandating Voter-Verified Paper Ballots Sarah Rovito 2007 WISE Intern August 3,
Will Your Vote Count? Will your vote count? Voting machine choices N.C. Coalition for Verified Voting www.ncvoter.net Joyce McCloy Pros and Cons of voting.

Will Your Vote Count? Will your vote count? Voting machine choices N.C. Coalition for Verified Voting Joyce McCloy Pros and Cons of voting.
2012 CIRCUIT COURT CLERK’S ASSOCIATION FALL MEETING BALLOT SPECIFICATIONS BALLOT ERRORS Dale R. Simmons, Co-General Counsel Indiana Election Division.

2012 CIRCUIT COURT CLERK’S ASSOCIATION FALL MEETING BALLOT SPECIFICATIONS BALLOT ERRORS Dale R. Simmons, Co-General Counsel Indiana Election Division.
Electronic Voting: Danger and Opportunity J. Alex Halderman Department of Computer Science Center for Information Technology Policy Princeton University.

Electronic Voting: Danger and Opportunity J. Alex Halderman Department of Computer Science Center for Information Technology Policy Princeton University.
VOTING SYSTEMS TESTING SUMMIT NOV. 29, 2005 COPYRIGHT © 2005 MICHAEL I. SHAMOS Security, Paper Trails, Accountability Michael I. Shamos, Ph.D., J.D. Institute.

VOTING SYSTEMS TESTING SUMMIT NOV. 29, 2005 COPYRIGHT © 2005 MICHAEL I. SHAMOS Security, Paper Trails, Accountability Michael I. Shamos, Ph.D., J.D. Institute.
TGDC Meeting, Jan 2011 Evaluating risk within the context of the voting process Ann McGeehan Director of Elections Office of the Texas Secretary of State.

TGDC Meeting, Jan 2011 Evaluating risk within the context of the voting process Ann McGeehan Director of Elections Office of the Texas Secretary of State.
Charlie Daniels Arkansas Secretary of State HAVA Compliant Voting Systems Security Considerations General Recommendations to Enhance Security and Integrity.

Charlie Daniels Arkansas Secretary of State HAVA Compliant Voting Systems Security Considerations General Recommendations to Enhance Security and Integrity.
1 J. Alex Halderman Security Failures in Electronic Voting Machines Ariel Feldman Alex Halderman Edward Felten Center for Information Technology Policy.

1 J. Alex Halderman Security Failures in Electronic Voting Machines Ariel Feldman Alex Halderman Edward Felten Center for Information Technology Policy.
Election Observer Training 2008 Elections Certification & Training Program 360.902.4180.

Election Observer Training 2008 Elections Certification & Training Program
Observation of e-enabled elections Jonathan Stonestreet Council of Europe Workshop Oslo, 18-19 March 2010.

Observation of e-enabled elections Jonathan Stonestreet Council of Europe Workshop Oslo, March 2010.
Voting Machines Failing the World *Voting machines around the world are failing in Colorado as well as 34 other states. *This could be crucial in the upcoming.

Voting Machines Failing the World *Voting machines around the world are failing in Colorado as well as 34 other states. *This could be crucial in the upcoming.
1. 2 CVM’s OBJECTIVES u to stimulate the creation of savings and their investment in securities; u to promote the expansion and regular and efficient.

1. 2 CVM’s OBJECTIVES u to stimulate the creation of savings and their investment in securities; u to promote the expansion and regular and efficient.
Voting Machines Failing the World The true issue for these electronic voting machines is that the government has not been a full out supporter of this.

Voting Machines Failing the World The true issue for these electronic voting machines is that the government has not been a full out supporter of this.
United States Election Assistance Commission Pilot Program Testing and Certification Manual & UOCAVA Pilot Program Testing and Certification Manual & UOCAVA.

United States Election Assistance Commission Pilot Program Testing and Certification Manual & UOCAVA Pilot Program Testing and Certification Manual & UOCAVA.
Resources Needed for Post-Election Audits: People, Time, and Money Robert Kibrick, Legislative Analyst Verified Voting Foundation Gail Pellerin, County.

Resources Needed for Post-Election Audits: People, Time, and Money Robert Kibrick, Legislative Analyst Verified Voting Foundation Gail Pellerin, County.

Similar presentations

Ads by Google