Brekend Nieuws | Forum | Brits Nieuws | Het Nieuws van de V.S. | Het Nieuws van de wereld | Politiek Nieuws | Nieuws sc.i-technologie | Het Nieuws van de oorlog & van het Terrorisme | Het Nieuws van sporten | Multimedia | Vastgestelde Homepage

Vrijdag, 22 Augustus, 2008

Met minder dan drie maanden vóór de presidentiële verkiezing, blijft de heet betwiste staat, Ohio, samen met anderen, problemen hebben met e-Stemmende technologie

Door Larry Greenemeier 

In hun stormloop om een herhaling van de controverse te vermijden die de presidentiële verkiezing van 2000 teisterde, en om aan de vereisten van haastig verplicht gesteld Congres te voldoen 2002 het Akte van de Stem van Amerika van de Hulp (HAVA), staten en provincies zijn bijeengekomen die aan elektronische stemmingssystemen zij hoopten zouden elimineren het hangen chads en andere gebreken inherent aan systemen op papier. Zes later jaar, met een andere presidentiële weg verkiezing minder dan drie maanden, zijn de vele e-stemmende systemen beladen met veiligheidsglitches, en de technologie heeft om nog te bewijzen aangezien de oplossingskiezers zochten.

Dergelijke systemen konden kiezers en opiniepeilingsarbeiders toestaan om veelvoudige stemmen te plaatsen, de systemen verpletteren door virussen te laden, en vervalsen stemaantekeningen, volgens studies die door de staten worden opgedragen van Californië en Ohio binnen het afgelopen jaar. De makers van deze systemen hebben zich verzet tegen dat de testmontages onrealistisch waren. Maar dat helpt beter de geen slaap van verkiezingsambtenaren bij nacht.

Één van de redenen e-stemt systemen die zijn gebleken om zulk een mislukking is dat de enige mensen betrokken bij het controleren van deze systemen de verkopers waren, die hun technologie wilden verkopen, en de lokale verkiezingsambtenaren, die slecht uitgerust waren om te begrijpen veiligheids kwesties, zegt David Dill, een professor van de de computerwetenschap van Stanford Universitaire en een stichter van De geverifi�ërde Stichting van de Stemming, een organisatie die zonder winstbejag voor de implementatie van het stemmen van over processen duwt die gemakkelijker worden geverifi�ërd en kunnen worden gecontroleerd. „Er was op zijn plaats een certificatieproces,“ de Dille zegt, „maar het had zeer weinig met veiligheid te doen.“

De dille is de auteur van Attackdog, bedreiging modelleringssoftware die meer dan 9.000 potentiële manieren kan onderzoeken een stemmingssysteem, met inbegrip van computer het binnendringen in een beveiligd computersysteem, stemming het knoeien en kiezersimpersonation kan worden aangevallen. Attackdog maakt deel uit van een grotere inspanning genoemd een Centrum voor Correcte, Bruikbare, Betrouwbare, Controleerbare en Transparante Verkiezingen (NAUWKEURIG), wat in 2005 door de Nationale Stichting van de Wetenschap met $7.5 miljoen in financiering werd gelanceerd. „Niets wij zal nu de verkiezing van November beïnvloeden,“ de Dille zegt. „Wij weten het hoe te om geen veilige paperless stemming te maken.“

Dit gevoel wordt weergalmd in vele plaatsen in heel de V.S., het meest opvallend in de heet betwiste staat van Ohio, waar Secretary of State Jennifer Brunner has commissioned a series of tests over the past year to determine whether e-voting systems are secure enough to be trusted. Based on these tests Brunner has concluded that they are not secure, a decision that Premier Election Solutions, Inc., in Allen, Tex., took exception to. Premier sued Brunner and one Ohio county board of elections in May in a move to get the courts to rule that the company had fulfilled its contractual obligations to the state.

Brunner struck back August 6 by countersuing Premier, formerly Diebold Election Systems, Inc., and maker of the touch-screen voting systems into which Ohio has invested more than $62 million since 2005. Brunner’s suit accuses Premier of, among other things, breach of contract and breach of warranty, and seeks court acknowledgement that Premier did not honor its contract. The countersuit also asks for damages of at least $25,000 against Premier for voting system malfunctions that have caused problems in at least 11 of the 44 counties using Premier’s technology during elections since 2005. “We believe that Premier’s equipment has failed to perform as required by its contracts and according to state law,” Brunner says. “We have taken this action to recover taxpayer funds spent for voting systems used in half of the state’s 88 counties.”

Brunner and Premier have locked horns several times since she took office in January 2007 over whether the company’s DRE (direct recorded election) touch-screen electronic voting technology works properly and is secure. The problem came to a head in April, when election officials in Ohio’s Butler County detected a vote count discrepancy during the primary election. The county board of elections staff determined that the Premier DRE system had malfunctioned and failed to count votes from memory cards uploaded to the system’s vote tabulation computer server, Brunner says, adding, “This is not what we bargained for.”

Suspecting problems with all of the e-voting technology that had so far cost Ohio $112 million, Brunner last year commissioned Project EVEREST, a comprehensive security review of the electronic voting technology used throughout Ohio, to identify any problems that might make elections vulnerable to tampering. During the 10-week project, teams of academic researchers from Pennsylvania State University, the University of Pennsylvania and WebWise Security (a security firm formed in 2005 by faculty and students from the University of California, Santa Barbara’s security research group) examined DRE touch-screen and optical-scan voting systems from Premier, Election Systems and Software (ES&S) in Omaha, Neb., and Austin, Tex.–based Hart InterCivic as well as the software that manages these systems.

EVEREST researchers found exploitable security weaknesses in all three vendors’ systems, Brunner said in a statement when the project concluded in December. “Many of these vulnerabilities represent practical threats to the integrity of elections as they are conducted in Ohio,” she said. “We found vulnerabilities in different vendor systems that would, for example, allow voters and poll workers to place multiple votes, to infect the precinct with virus software or to corrupt previously cast votes—sometimes irrevocably.”

“None of the systems out there are even remotely adequate given the importance of the data they handle,” says Patrick McDaniel, a Penn State professor of information security who led the EVEREST testing. A lot of the attacks that McDaniel and his team tested could be carried out at a polling place or county elections office in a matter of seconds. An example: when researchers placed a piece of white tape over part of an e-voting system’s scanner, they were able to effectively block it from reading the entire ballot. In other words, a person could put the tape in a place that kept the system from counting votes for a particular candidate. The team also found that the keys to unlock Hart’s ballot box could also be used to open the ballot boxes on the Premier systems.

In a more serious attack, McDaniel found that his researchers could replace the memory card in some of the e-voting systems. “Any software you put on your card would uploaded into the system’s computer,” he says.

Premier had already responded to EVEREST’s findings as well as a similar project commissioned by California Secretary of State Debra Bowen called Top-to-Bottom Review in March by issuing a report that emphasized that the EVEREST researchers did their work with “no physical or operational security controls” and did not simulate realistic election day conditions. Premier could not be reached for comment.

The EVEREST researchers don’t dispute that. Sandy Clark, an EVEREST researcher and the computing systems manager of Princeton University’s Atmospheric and Oceanic Sciences Program, said at the Last HOPE hacker’s conference held last month in New York City that she and her EVEREST colleagues “treated the project as a hack.”

At the Last HOPE conference, University of Pennsylvania researchers who led EVEREST’s analysis of ES&S e-voting technology described exploitable security vulnerabilities in almost every hardware and software component of ES&S’s touch-screen and optical-scan systems. Some of these flaws, Clark said, could allow a single voter or poll worker with bad intentions to alter countywide election results, possibly without election officials ever knowing that the results had been tampered with. “There wasn’t an attack that we tried that we weren’t able to carry out,” she added. “We learned that every current e-voting system has serious exploitable vulnerabilities.”

In addition to investing in Premier systems, Ohio has spent more than $41 million on ES&S e-voting technology and is one of 43 states that are ES&S customers.

When contacted for this story ES&S pointed to statements made earlier this year regarding EVEREST. Like Premier, ES&S’s conclusion is that anyone attempting to replicate many of EVEREST tests would need “unfettered access to the DRE unit” as well as detailed knowledge of how the system works (to wit, its communications protocol with its audit log).

Despite their differences, Ohio and Premier are stuck with each other for the 2008 presidential election. “With the election being less than three months away, the counties will be using the technology they have,” Brunner says. To head off any potential problems, Ohio counties using touch-screen voting systems are being required to print a hard copy of at least a portion of electronically cast votes, which will provide an audit trail. Voters will also be offered the option of filling out paper ballots that can be read by optical scanners and registered in a database.

E-voting systems have to be completely redesigned with security in mind, McDaniel says. In the short term, this means adding more thorough vote-auditing capabilities so that discrepancies can be investigated. “The elections systems should have the same quality, the same reliability, the same testing and the same certification requirements as financial systems,” he says. “If the systems used by banks, which have to report to the SEC [Securities and Exchange Commission], had this level of quality, no one would put their money in the bank.”

Looking beyond November, Brunner says that she wants Ohio to rely more on optical-scan technology. “Later on,” she adds, “there may be a place for touch-screen (systems).”

Have Your Say: Planning to E-Vote? Read This First
Please read our posting guidelines before posting.
Alternatively you can discuss this report here.

RSS TrackBack URL

Name (required)

Mail (will not be published) (required)

Website

This entry was posted on Friday, August 22nd, 2008 at 2:28 pm and is filed under Contributions & Guests . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

ADVERTISEMENTS

SITE MAPS

7/7 Afghanistan Alternative-Energy Art BBC Big-Brother Bilderberg Biometrics Bush Censorship CIA Climate-Change Cover-Up Cults Culture Database-State David-Hicks David-Ray-Griffin Debt Democrats Demos Drugs Education Entertainment Environmental News EU False-Flag FBI Fraud Free-Speech Freemasons G8 Globalization Guantanamo Health-News History ID-Cards Internet Iran Iraq Israel Law Marches MI5 MI6 Microsoft Military MoD Money Music NASA Neocons New World Order NSA Oil Pakistan Podcast Police-State Propaganda RFID RINF Rumsfeld Science Science & Technology News Secrecy Security Slavery Space Sports Spying Stephen-Lendman Technology Terrorism Tony-Blair Torture TV UK-News UN USA- USA-News Video Voting war War & Terrorism News Warfare White-House Wolfowitz World-News Yahoo
2003 - 2005 Archives | 2005 - 2007 Archives | 2007 - 2008 Archives | Current Archives | Past Version