Jim March

EDA Opens Sequoia Voting System Source Code to Public Exam

10.20.09

Election Defense Alliance Opens Public Review of Sequoia Voting System Source Code

By Jim March

Election Defense Alliance, a nonprofit organized to review and improve voting system technology and operations, has come into possession of thousands of lines of software written by Sequoia Voting Systems as part of a public records response from Riverside County, California. (Sequoia is the third-largest E-voting vendor in the nation, whose secret proprietary software counts the votes for approximately 17% of the U.S. electorate).

Because the files were obtained from a government agency in an above-board fashion, for the first time the analysis process and actual code can be released to the public and studied in a public and transparent fashion.

The entire analysis project and associated files to study are available at a new wiki:
http://studysequoia.wikispaces.com/

How You Can Help Shine Light on Sequoia

Previous voting system software analysis has been in secret, either due to non-disclosure agreements, court ordered secrecy or the review of code from legally questionable sources.

In this case, no such restrictions exist and the analysis process will be open, online and public as is proper when looking at the engine of our democratic process. “What was done in the dark will be brought to the light” as Johnny Cash put it.

The software was buried inside of data files used to store the tabulation of votes from the November 2008 general election. This practice of blending data and software has been long suspected and even alluded to in documents from Sequoia; however, the details had been obscured under “trade secrets” claims. Sequoia asserted and exercised an alleged “right” to strip the data files of anything proprietary before Riverside County turned the files over to EDA.

Although Sequoia attempted to redact their proprietary code from the election database files, they failed to strip out thousands of lines of software buried in the electon data.

The software appears to control the logical flow of the election, and is detailed enough to name the authors and dates of modifications along with what the code is actually doing to our votes. Some of it might actually have been stripped out, but we strongly suspect not due to the volume of code present.

EDA is expressing concern that such human-readable and “field modifiable” software has been banned by the federal rulebook on voting system design and testing.

Pending a detailed review, we expect to do a legal analysis of the structure of the Sequoia system thus revealed and file complaints with the proper state and federal authorities.

EDA is concerned about other known cases of failure in the certification of voting systems in which legally flawed products were allowed into the market, a trend noticed recently by NIST (National Institute of Science and Technology) in a formal letter throwing one of the authorized test labs out of the voting system test business.

Of the four labs ever credentialed for voting system testing, three have at various times been thrown out for misconduct or incompetence, only to be let back in under “restrictions.”

We believe that the source code analysis from Sequoia will document yet another such case of test lab failure along with a failure at Sequoia.

================

Shine Light on Sequoia


This Sequoia code review is one part of a larger EDA Public Record Election Project (PREP), based on public records freedom of information law. We have convened an expert group of investigators and are filing public records requests for voting system database records in a number of counties.

If you can lend your software programming skills to the Sequoia code analysis, we invite your participation at the SequoiaStudy wiki.

Syndicate content