Election Defense Alliance Blog

Click for a great discussion between Jim Lampley and Mark Crispin Miller broadcast from San Diego's Air America Affiliate on 6/30/06. Lampley covered for Ed Schultz and spent a large part of the program discussing the electoral crisis, the illegal election in San Diego, the media blackout on this issue, and other aspects of the crisis. The show opened with readings from the Declaration of Independence and the Constitution which Jim skillfully connected to our urgent need today for government of people and by the people, as declared during our Revolution.

The report, The Machinery of Democracy: Protecting Elections in an Electronic World, is the first-ever systematic analysis of security vulnerabilities in each of these systems. The report’s findings include:

* All of the most commonly purchased electronic voting systems have significant security and reliability vulnerabilities. All three systems are equally vulnerable to an attack involving the insertion of corrupt software or other software attack programs designed to take over a voting machine.

* Automatic audits, done randomly and transparently, are necessary if paper records are to enhance security. The report called into question basic assumptions of many election officials by finding that the systems in 14 states using voter-verified paper records but doing so without requiring automatic audits are of “questionable security value.”

* Wireless components on voting machines are particularly vulnerable to attack. The report finds that machines with wireless components could be attacked by “virtually any member of the public with some knowledge of software and a simple device with wireless capabilities, such as a PDA.”

* The vast majority of states have not implemented election procedures or countermeasures to detect a software attack even though the most troubling vulnerabilities of each system can be substantially remedied.

WASHINGTON, DC - The Brennan Center Task Force on Voting System Security, an initiative of the Brennan Center for Justice at NYU School of Law, today released a report and policy proposals concluding that all three of the nation’s most commonly purchased electronic voting systems are vulnerable to software attacks that could threaten the integrity of a state or national election.

“As electronic voting machines become the norm on Election Day, voters are more and more concerned that these machines are susceptible to fraud,” said Michael Waldman, the Brennan Center’s Executive Director. “In fact, we’ve learned a lot from our study. These machines are vulnerable to attack. That’s the bad news. The good news is that we know how to reduce the risks and the solutions are within reach.”

“I hope that election officials and lawmakers around the country read this report and take a hard look at adopting these policies in time for the 2006 elections,” said Howard A. Schmidt, former White House Cyber Security Advisor and former Chief Security Officer of Microsoft and eBay.

The government and private sector scientists, voting machine experts, and security professionals on the Task Force worked together for more than a year. The members of the non-partisan panel were drawn from the National Institute of Standards and Technology (“NIST”), the Election Assistance Commission (“EAC”), the Lawrence Livermore National Laboratories, leading research universities, and include many of the nation’s foremost security experts.

Steve Rosenfeld / RadioNation / June 22, 2006

Steve Rosenfeld is executive producer of RadioNation with Laura Flanders, heard on Air America Radio and community public radio stations. He is co-author, with Robert Fitrakis and Harvey Wasserman, of What happened in Ohio: A Documentary Record of Theft and Fraud in the 2004 Election, to be published by The New Press this fall.

What's a bigger problem with American elections: disenfranchisment of minority voters or new electronic voting machines stealing votes?

Most people on the political left will answer electronic machines. But on Wednesday, House Republicans showed America exactly why old-school election thuggery is a far more pressing problem. In fact, it was Jim Crow tactics, not computer hacking, which gave George W. Bush his Ohio victory in 2004. And such tactics are exactly what a handful of southern GOP congressmen defended on Wednesday when they derailed renewing the National Voting Rights Act, complaining it does not end federal oversight of elections in their states and requires multilingual ballots.

Robert F. Kennedy Jr. and Mike Papantonio, two of the nation's most dynamic legal warriors, bring their battle for justice to the airwaves each weekend on Air America Radio. Recently, they announced their extreme concern about the concerted efforts by the handful of election machine vendors, all with close ties to the Republican Party, to undermine democracy by supplying hackable, unsafe equipment which may lead to electronic election manipulation across the country.

PAP: "Bobby, what's happened since your Rolling Stone Article is you now have people that have been working with these companies they, I mean way way up in the management structure of the companies, that are coming forth, they're calling us, they're saying, I was afraid to say anything. I was afraid to do anything. Now they feel they can come forward. And I gotta promise you, if you do come forward.."

RFK: "You call Mike or me, and we're gonna sue these companies, and we are gonna stop them from stealing our elections..."

PAP: "I, I can Prom.."

RFK: "If you work for either one of these companies, you give us a call and we'll protect your confidentiality. And we are gonna sue these companies. And we're gonna put them out of business. And we're gonna stop them from stealing our democracy."

PAP: "It's the only way that we're gonna accomplish anything. So, Look. This thing has just started. For all those Talking Heads who say why did we wait so long, they-ain't seen nothing, yet."

CALL THEM AT: 866-389-FIRE

What took place in California on June 6 is exactly the kind of thing Election Defense Alliance is working to eliminate. There should be no doubt in the minds of Americans about the validity of our election outcomes. The very possibility that our electoral processes are open to wholesale electronic corruption is a violation of our system of democracy.

Sally Castleman, co-founder, Election Defense Alliance.

Coalition of Opponents Says Computers Are Not Secure; Backers Contend the Threat Is Low.
By DAVE HELLING / The Kansas City Star / June 15, 2006

In just eight weeks, most Kansas City voters will cast their first ballots on electronic machines, assuming they are accurate, convenient and safe. But a loose coalition of computer scientists, political activists, and election experts says electronic voting is none of those things. In the media and the courts, the opponents insist electronic ballots are “inherently untrustworthy” and should be scrapped.

“It’s faith-based voting,” said Christi Clemons Hoffman, who has fought electronic voting here for at least a year. “You just have to trust that everybody’s doing their job.” State and local election officials — Democrats and Republicans — have heard those criticisms for months, but say they’re misguided. “It’s fear of the unknown,” said Kansas City’s Democratic election director, Sharon Turner Buie.

This month technicians began training Kansas City workers to use the electronic booths that voters will use in August. More than 400 machines already have been delivered to the election board, and election programming is under way. As that work continues, opponents of electronic balloting are turning up the pressure.

Two weeks ago voters in Colorado sued to stop touch-screen electronic balloting. Lawsuits have been filed this spring in Arizona, California and Pennsylvania, seeking to either ban or restrict the machines. In March, after activists’ pressure, New Mexico Gov. Bill Richardson signed a law banning touch-screen voting there.

Holly Jacobson is co-director of Voter Action, a national organization providing legal advice to voters who oppose electronic balloting. She said her group is “studying” Missouri to see if a lawsuit is possible.

Congresswoman Jan Schakowsky (D-IL), in her remarks to the Take Back America Conference on June 14, 2006, said:

"I apologize for not taking seriously enough the allegations that the 2004 election was stolen. After reading Bobby Kennedy's article in Rolling Stone, "Was the 2004 Election Stolen?", I am convinced that the only answer is yes. He documents how 357,000 Ohio voters, the vast majority Democrats, "were prevented from casting ballots or did not have their votes counted…more than enough to shift the results." Watch for the DCCC to take some very public steps in the near future to ward off a repeat performance. In the meantime, there needs to be a citizens' effort starting now to assess the machines, the ballots, the registration process within each and every election jurisdiction in each and every swing district and state, in the case of Senate races. Where the situation looks perilous, go to the media, raise a stink, demand changes. This is a great project for the many of you who have been diligently working to guarantee fair and accurate elections."

By Michael Collins / “Scoop” Independent News / June 14, 2006
For embedded links:
Go to the original.
See also: www.electionfraudnews.com

The prevailing silence on election fraud 2004 was interrupted June 1 by Robert F. Kennedy Jr. in his article Was the 2004 Election Stolen? [1] He argues clearly and forcefully that the 2004 election was stolen, basing his analysis and evidence on events and outcomes in the state of Ohio. Had Kerry won the Ohio race, he would be president today. Hence, the theft of Ohio was the theft of the election.

Kennedy relied on far more than his own record of activism and a name representing decades of political prominence. The well written and thoroughly documented article in Rolling Stone Magazine makes a number of assertions, each backed up with references to evidence linked within the body the article. Kennedy is unambiguous in his claim that the 2004 election was stolen by the Republicans.

This is a remarkable political event. The legitimacy of a sitting president is being challenged by a socially and politically active member of America’s best known political family. In addition, the challenger, Robert F. Kennedy, Jr., is a consistent advocate for a wide variety of liberal causes. From promoting greater economic justice to protection of the global environment, Kennedy has been there for liberals. Just eleven days after the article appeared, Associated Press [2] ran a major story with an even handed discussion of the 2004 election in Ohio and New York Times Op-Ed Columnist Bob Herbert ran a strongly worded column [3] supporting Kennedy. How odd it is that Kennedy’s bold assertion and well documented case met with a carping attack from Salon Magazine, a self styled journal for open minded progressives.

By Bruce O'Dell

What does "auditability" really mean for an election?

How can we know that the output of computerized voting devices can be trusted?
Whenever computers are used to cast or tally votes, there are inherent risks that must be mitigated:

• Computer software is written to perform as specified, but errors still may occur.
• Whenever computer systems process transactions of high value to society, there is temptation for a malicious programmer to include covert functionality that causes software to deliberately perform other than intended, for personal or financial gain.

Limitations of testing computers

It is well known in the information technology profession that computers are ultimately "black boxes" - you cannot actually see what bits are really present and executing; and all methods to attempt to do so require other software that itself has the same problem, in an infinite regress. There is no workaround.

The only way to know what is running in a computer at any given moment is to observe its behavior: give all possible inputs, measure its corresponding outputs, and then check to see if the inputs and outputs you observe match the specification.

If computer software is always tested before use, why bother to produce an “audit trail”?

Unfortunately, you really have no guarantee that a given computer program's behavior as measured, say, at 10:00 AM will have any relationship to the same program's execution at noon. Computers have clocks and can tell time, and can easily be programmed to behave differently at different times, on different dates – or under an endless variety of different circumstances.

When it comes to systems processing high-value transactions of interest to potential criminal embezzlers - like money or votes - the inherent limitations of point-in-time behavioral testing make it unacceptably risky. Some kind of computer behavioral monitoring system is required that can record a vulnerable system's inputs and corresponding outputs while it is processing critical transactions. This would provide all the information needed to enable a human auditor or another automated auditing system to spot processing errors or manipulation of the transactions.

How are computerized financial transactions protected?

One reason why electronic financial transactions are as secure as they are (by which I only mean that embezzlement is the exception and not the rule) is that while financial transactions are private, they are hardly anonymous; you need to prove your identity to all the other counterparties involved. Each counterparty gets and keeps their own independent records of the transaction, all counterparties are strongly motivated to spot discrepancies and compare their records with others, while procedures relating to resolution of financial disputes are mature.

Why are voting systems so difficult to protect?

Unfortunately voting is a private and anonymous transaction, so conventional counterparty-based financial auditing mechanisms are simply impossible. Although some computer scientists feel they've identified some all-electronic means of auditing the accuracy of electronic vote totals, ultimately there is no reliable means to do so for the end-to-end voting process. Essentially, every all-electronic auditing scheme records just the voting software's assertion that Voter X voted for "Smith for Governor". At the moment of creating the electronic audit record, the computer could be programmed to electronically assert you input “Smith for Governor" even though you actually input "Jones for Governor". Every all-electronic auditing scheme, no matter how elaborate, would from that point on then simply record that lie with every appearance of the truth.

The only way you can dispute that kind of an electronic lie is with some kind of independent, tangible, write-one-time-only receipt that could be used as a proof you really voted for Jones. But this last step in the verification chain is prohibited - for a host of good reasons, including voter intimidation/extortion and vote-selling. So the best we can do is create an anonymous receipt that says the equivalent of "Someone Voted for Jones", to have the voter verify the accuracy of that assertion, and then deposit it with the electoral authorities, who must retain that record in support of possible auditing or recounting.

Any all-electronic means of auditing electronic voting is a waste of money, and all-electronic auditing methods that are claimed to be reliable are actually unpatched security vulnerabilities.

How can paper vote records be auditable in practice?

But once you turn to paper vote records - either VVPAT scrolls or optical scan ballots - "auditability" takes on a whole new set of dimensions and must be assessed in terms of its purpose: to detect or deter both vote tallying errors and outright manipulation.

The risks of error and covert manipulation are inherent to the use of computer software. Human nature being what it is, those risks are ever-present in all systems that process high-value transactions - especially those involving money or voting. So for "auditability" to have any meaning in such systems, auditing must always be performed.

To be usable as an audit mechanism, both the accuracy and integrity of any paper record must also be assured.

Accuracy of paper vote records

Accuracy means that every voter has actually checked that the paper record accurately records their intent. Needless to say, this does not always occur; regardless of anything else we do with the ballot paper, the tally can never be known to a greater accuracy than the rate at which a voter accurately verifies their intent. I would expect paper ballots to have much higher accuracy than VVPATS since in that case the audit record is the same thing as the actual vote-casting "device"; ballots inherently require a lot of scrutiny by the voter, almost certainly more than is typically expended in checking a VVPAT.

Integrity of paper vote records

To ensure integrity, no one must be able to alter, delete, or substitute paper ballot records after they are verified by the voter. Immediately after the election, traditional paper-based audit and control concerns take precedence. In general, the more time passes since creation and the further it travels from point of origin, the more risk there is of manipulation or destruction of paper records. The key consideration becomes the integrity of the chain of custody of paper records - who has had access to the ballots, and under what conditions?

How can you prove your belief about the integrity of your paper records, given that paper technology is also vulnerable to manipulation, and there are also very high potential rewards for undetected alteration of paper vote records?

Best practices and practical limitations

Unfortunately, there is no such thing as perfect security; the best we can do is mitigate the risks as best we can.

In recognition of this inherent problem, the Canadian system of counting paper ballots in-precinct on election night - in concert with their absentee/early voting procedure - is highly secure. The paper flow is always under observation, and ballots are immediately counted in front of multiple adversarial counterparties - the political party representatives.

Admittedly, even rigorous paper-handling processes are not perfectly secure - but on the other hand, in the last 600 years of general use of paper records, we have figured out some pretty good paper-based audit procedures. Yet I doubt that many jurisdictions in America handle paper election records with the level of custodial care that we find, say, in handling real estate collateral in the mortgage-backed securities market, much less in Canadian elections.

So as a practical matter, I'd have to conclude that simply having a VVPAT offers ultimately no assurance of practical "auditability" - the records in the field are only as accurate as the rate at which people actually verify them, and with the passage of time are increasingly unlikely to have a clear, secure chain of custody. The same applies to optical scan ballots.

Practical barriers to effective auditing

Worse yet, there major impediments to "auditability" even when VVPATs or optical scan ballots are recounted or audited after the fact - wherever recounts are still allowed, that is. Since paper records are typically not recounted unless margins are very close, brazen theft would be rewarded in practice. No candidate losing by a healthy margin wants to challenge an election and force a recount. Political culture being what it is in America, those candidates would quickly get labeled as "sore losers" who "waste the public's money and the government's time" on pointless recounts, who use "conspiracy theories" to compensate for their inability to admit they lost.

Even when they do occur, recent experiences in Ohio and Washington state clearly reveal fundamental flaws in the both the approach and execution of present-day recounts. Recounts as currently legally chartered are "broken" and existing spot-audit protocols are subject to the same limitations, as well. So what can we do?

Mandatory in-precinct auditing of vote records

If paper vote records are only effectively "auditable" to the extent they are accurate and intact and actually audited, I believe the best approach, short of fully hand-counted paper ballots, is mandatory in-precinct auditing of the paper records with corresponding protocols to secure absentee and early voting.

Recent research shows that an audit of a small percent of the ballots in all precincts is far superior to auditing all of the ballots in a small percentage of precincts.