For the first time, California is demanding the right to try hacking every voting machine with red teams of computer experts and to study the software inside the machines, line-by-line, for security holes.
The proposals are the first step toward fulfilling a promise that Secretary of State Debra Bowen made during her 2006 election campaign to perform a top-to-bottom review of all voting machinery used in California.
County elections officials balked at the proposed standards in a letter Monday to Bowen and hinted broadly at the same conclusion reached by several computer scientists: If enforced rigidly, the standards could send many voting machines, especially touch-screens, back for major upgrades. Local elections officials argued that there isnt enough time to fix any deficiencies before the February presidential primary.
When they moved that election up 119 days, I think the door closed on any significant changes to election systems for the presidential cycle in 2008, said Steve Weir, president of theCalifornia Association of Clerks and Elections Officials, and chief elections officer in Contra Costa County.
Advocates for stronger security in voting machinery applauded Bowens standards and said it marked a refreshing change from regulating voting systems based heavily on what manufacturers were willing to sell.
Debra Bowen is holding up voting machines to the standards they deserve, said Avi Rubin, a computer science professor at Johns Hopkins University who published one of the first technical critiques of e-voting software. I dont know of any other state in the country that requires red team testing of voting machines, and Ive long maintained that this is the only reasonable way to test security.
Stanford computer science professor David Dill, the founder of VerifiedVoting.org, endorsed Bowens standards as quite good.
I think its much to be preferred over our current see-no-evil approach, Dill said. In every other case of red team attacks on voting machines and examination of their software code, experts have found major security problems, he noted.
It will be interesting to see what happens once the problems are found out, Dill said. That could be tricky depending on what disruptions there might be.
One of Bowens proposed standards for California voting machines echoes a state law that has been in place three years and never been enforced.
The law requires every electronic voting machine to offer a paper record that blind voters can verify through an audio playback. Many computer scientists say most ATM-like touch-screen voting machines sold today and used in almost three-fourths of California counties cannot meet the law nor the standard.
Two other standards require voting machines to be effectively or reasonably secured against untraceable vote tampering and cruder denial of service attacks intended to make a machine inoperable on Election Day. Thats hard to guarantee for any computer, including electronic touch-screen voting machines that both record and count electronic ballots, technically called DREs for direct recording electronic machines.
Rubin called those requirements very rigid, but rigid requirements are appropriate for voting.
The criteria are clearly designed to eliminate DRE voting in California, said Michael Shamos, a computer science professor at Carnegie Mellon University and a voting system examiner, in an e-mail.
An army of computer scientists will come forward to testify that computer programs cannot be verified to be secure against undetectable vote tampering and therefore they all will have to be decertified.
If so, California would be headed back to all paper ballot elections as governors have ordered in New Mexico and proposed in Florida.
Thats partly what worries county election officials. Bowens proposed standards frequently mention decertification or withdrawal of state approval, if the systems dont pass muster.
You cant miss the gist of that, said Weir of the local elections officials organization. Thats giving public notice of a process thats starting whose outcome could be between dire and draconian, depending if its your neighbor or you.
Officials at Diebold Election Systems Inc. and Oakland-based Sequoia Voting Systems, the two largest suppliers of electronic voting machines in California and the nation, said they were still evaluating the proposed standards.
Bowens office published the proposed standards late last week and is taking comments until Friday. Weirs group wants more time, partly to argue for a broader set of criteria to cover more mundane matters such as the reliability of all voting systems.
In Contra Costa County, for example, Weir doesnt use DREs but rather a computerized ballot-marking machine to provide accessibility for handicapped voters. If traditional touchscreens or DREs dont pass the new state standards, local elections officials are likely to look to those machines, called AutoMarks. Yet in the last major election, Weir had problems with 31 of the machines out of 340 polling places.
Thats not acceptable, he said. This seems to be the chosen system and its not ready.
Contact Ian Hoffman at firstname.lastname@example.org or (510) 208-6458.