Meeting - Sep 16 2004
ISOC-NY Public Meeting - September 16, 2004
- Millard Clements
- Lyn Ohira
- Khrisna Picart
- David Solomonoff
1. The initial discussion considered the proposed e-voting conferenceor event.
- At the end of these brief notes you will find a list of items from Lyn's web page that are related to the proposed project. Some illustration of these views are provided.
- Lyn discussed some of these items. Much is left to be done.
- There is yet no site for this event. Millard is checking some possibilities at NYU and at the Museum of Natural History.
2. There was some reading of the minutes of the August Meeting.
3. There was some discussion of possible links to the ISOC-NY Web Page.
4. No decisions were made; there was lots of discussion.
5. Time ran out.
Lyns Web Page: http://www.Eskimo.com/~gnubies/isocny/
Here are some items, links that Lyn suggests we should all read and consider:
- [EFF] Maryland Election Officials Under Fire From Voters
- EFF E-voting
- Verified Voting Foundation
ELECTRONIC MISCOUNTS OF VOTES ARE A FACT - NOT A THEORY
Technologists warn that electronic voting machines are flawed. They say we should "trust but verify." Others disagree. For example Florida's Palm Beach County Supervisor of Elections Theresa LePore counters technologists' analysis of electronic voting machine flaws with her claim: "It's just a bunch of lies." But Broward County is now unable to comply with Florida law because of the flaws technologists, Congressman Robert Wexler (D-FL), and many others have pointed out!
Many people are very troubled by the use of uncertified software in recent California elections. Many are concerned about the backgrounds of some programmers and managers who control the secret voting machine software.
Our primary concern is the threat that unverifiable electronic voting poses to elections in the United States. We have been concerned that without a paper record verified by the voter, there would be no way of knowing whether votes were recorded accurately and no way to do a meaningful recount if one is necessary.
Now we are seeing these predicted problems occurring in real elections. We are seeing election results that will remain forever in dispute because an audit was impossible. We are seeing that electronic miscounts of votes is no longer a theory - it's a fact.
What if the miscounts we know of are only the tip of an undetected iceberg of electronic miscounts? They might be. We have no way of knowing.
Let's solve the problem before November 2004. Let's pass H.R.2239/S.1980.
- David Dill (helped with suggestions, not coming this way
- [VV] NY Positions of Elected Representatives
- New Yorkers for Verified Voting NYVV (Bo Lipari)
- HR 2239: Voter Confidence and Increased Accessibility Act of 2003
(Introduced in House)
Nadler, Jerrold (D) Co-Sponsor 9/4/2003
Sponsor;Rep Holt, Rush D.
- S1980: Voter Confidence and Increased Accessibility Act of 2003
(Introduced in Senate)
February 24, 2004 - Sen. Charles Schumer became the first cosponsor of S1980
Senator Robert Graham introduced S1980 into the Senate.
To amend the Help America Vote Act of 2002 to require a voter-verified permanent record or hardcopy under title III of such Act, and for other purposes.
Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled,
This Act may be cited as the `Voter Confidence and Increased Accessibility Act of 2003'.
SEC. 2. EXTENSION OF TIME PROVIDED FOR STATES TO REQUEST PAYMENTS UNDER TITLE I.
(a) PAYMENTS FOR ACTIVITIES TO IMPROVE ADMINISTRATION OF ELECTIONS- Section 101(a) of the Help America Vote Act of 2002 (42 U.S.C. 15301(a)) is amended by striking `not later than 6 months after the date of the enactment of this Act' and inserting `not later than the Tuesday next after the first Monday in November 2003'.
(b) PAYMENTS FOR REPLACEMENT OF PUNCH CARD OR LEVER VOTING MACHINES- Section 102(b)(1) of such Act (42 U.S.C. 15301(b)(1)) is amended by striking `not later than the date that is 6 months after the date of the enactment of this Act' and inserting `not later than the Tuesday next after the first Monday in November 2003'.
(c) EXTENSION OF PERIOD OF AUTHORIZATION OF APPROPRIATIONS-
(1) IN GENERAL- Section 104(a) of such Act (42 U.S.C. 15304(a)) is amended by striking `$650,000,000' and inserting `an aggregate amount of $650,000,000 for fiscal years 2003 and 2004'.
(2) DATE FOR TRANSFER TO ELECTION ASSISTANCE COMMISSION OF UNOBLIGATED FUNDS- Section 104(c)(2)(B) of such Act (42 U.S.C. 15304(c)(2)(B)) is amended by striking `September 1, 2003' and inserting `January 1, 2004'.
- NYS State Assembly: A08847a mandating voter verified paper ballots passed
the State Assembly in June 2003 and was renewed on February 23, 2004.
- NYS State Senate: S.6207 requires voter verified paper ballots on any DREs used in New York.
- Avi Rubin
- Avi Rubin E-voting page
- Analysis of an Electronic Voting System
- The National Committee for Voting Integrity (NCVI)
Aviel D. Rubin
Dan S. Wallach
With significant U.S. federal funds now available to replace outdated punch-card and mechanical voting systems, municipalities and states throughout the U.S. are adopting paperless electronic voting systems from a number of different vendors. We present a security analysis of the source code to one such machine used in a significant share of the market. Our analysis shows that this voting system is far below even the most minimal security standards applicable in other contexts. We identify several problems including unauthorized privilege escalation, incorrect use of cryptography, vulnerabilities to network threats, and poor software development processes. We show that voters, without any insider privileges, can cast unlimited votes without being detected by any mechanisms within the voting terminal software. Furthermore, we show that even the most serious of our outsider attacks could have been discovered and executed without access to the source code. In the face of such attacks, the usual worries about insider threats are not the only concerns; outsiders can do the damage. That said, we demonstrate that the insider threat is also quite considerable, showing that not only can an insider, such as a poll worker, modify the votes, but that insiders can also violate voter privacy and match votes with the voters who cast them. We concluded that this voting system is unsuitable for use in a general election. Any paperless electronic voting system might suffer similar flaws, despite any "certification" it could have otherwise received. We suggest that the best solutions are voting systems having a "voter-verifiable audit trail," where a computerized voting system might print a paper ballot that can be read and verified by the voter.
- Rebecca Mercuri
Rebecca Mercuri, Ph.D.
P.O. Box 1166 -- Dept. EV
Philadelphia, PA 19105
mercuri @ acm.org
215/327-7105 or 609/895-1375
10AM-6PM U.S. Eastern Time, Mon.-Fri. (try the 609 number first)
The contents of this webpage and website are Copyright 2000 - 2004 by Rebecca Mercuri. All Rights Reserved. All material is protected by copyright attributed to Rebecca Mercuri where she is the sole author, or the original sources otherwise.
I am available for comment, consultation, expert testimony, and lectures on electronic vote tabulation, and can be contacted via the information at the top of this page. Members of the press and researchers seeking interviews and quotation permissions may find it helpful to look at the guidelines posted here. (Please note that I am no longer affiliated with Bryn Mawr College.) I would appreciate it greatly if calls can be limited to the hours of 10AM - 6PM, U.S. Eastern Time, weekdays.
Follow links to full text of papers and articles. Papers not linked may be available on request. As this website is now getting rather long, I've highlighted certain "must read" papers and articles using red asterisks (*). For a good overview of the subject, search for these first and read the text at their adjacent links.
I am adamantly opposed to the use of fully electronic or Internet-based systems for use in anonymous balloting and vote tabulation applications. The reasons for my opposition are manyfold, and are expressed in my writings as well as those of other well-respected computer security experts. At the present time, it is my strong recommendation that all election officials REFRAIN from procuring ANY system that does not provide an indisputable paper ballot. A detailed explanation, along with my recommendation for appropriately configured voting equipment, is provided in the full text of this statement, available *here*.
Communities are discovering that optically scanned balloting systems, augmented with electronic equipment (that also produce scanable paper ballots) for use by the disabled, can be procured for less than a tenth of the price for a fully-electronic system. Such configurations promise to increase voter confidence by offering the best in terms of reliability, usability and recountability as well as being highly cost-effective.