1) Given the demo of a) how election results can be rigged by "malicious code" and b) how such code can spread "like a virus" from one e-vote machine to many more...in the 9/13/06-released Princeton Hack demonstration video (see: 09.13.06
Security Analysis of the Diebold AccuVote-TS Voting Machine—Abstract and Links "We've demonstrated that malicious code can spread like a virus from one voting machine to another," said Felten in an
exclusive interview, "which means that a bad guy who can get access to a few machines — or only one — can infect one machine, which could infect another, stealing a few votes on each in order to steal an entire election."
2) Given verification of the usability of modified memory cards to alter election results (as demo-ed above and as per VSTAAB re the original
Harri Hursti Hack)...and this additional finding by the VSTAAB regarding the
SOLE MEANS of DETECTING INCORRECT COUNTS BY E-VOTING MACHINES (see 02.14.06
Security Analysis of the Diebold AccuBasic Interpreter p.2):
We determined that anyone who has access to a memory card of the AV-OS , and can tamper it (i.e. modify its contents), and can have the modified cards used in a voting machine during election, can indeed modify the election results from that machine in a number of ways. The fact that the results are incorrect cannot be detected except by a recount of the original paper ballots.
3) Given a particular new law in 2005 in Florida that
"changed over a half-century of Florida law relative to how you count ballots in a recount"...and referred to by RFK Jr in his new Rolling Stone article (see: 09.21.06
Will The Next Election Be Hacked?):
"In Florida, an astonishing new law actually makes it illegal to count paper ballots by hand after they've already been tallied by machine."
Given the above facts and findings, and the seeming absurdity of Kathryn Harris beating the incumbent
in a fair election, wouldn't forces supportive of such an "extreme underdog" in a state central to election controversies in 2000 and 2004 be tempted to resort (or continue to resort) to the fraud tactics demo-ed above ("takes less than a minute per machine") given, too, for these upcoming elections, the
extra protection from exposure that Jeb Bush administration election law changes in Florida affords by making it
illegal to utilize the
only technique (manual recounts of
original paper ballots, as per VSTAAB) for detecting "incorrect count results" by electronic voting machines?
A DU poster asks today:
"Is it illegal to have a paper trail in Florida?" I am pretty enraged about this. Who sponsored this bill? How was it made into law? This is the most disgusting news I have read this year!
Why isn't it being challenged?
Does anyone in the Florida forum know any of the answers to the above DU'ers questions? I transcribed Ion Sancho's description of how the Florida law affirms manual counts
only for overvotes, undervotes and provisional ballots -- i.e. just those ballot types which
cannot be read by e-vote machines -- implicitly leaving disallowed the recounting of those original paper ballots which
can be successfully read and counted by e-vote machines.
Is the Florida law being challenged by any groups?
Is "Parallel Testing" in the works for detecting suspicious vote results, lacking the legality in Florida of recounting original paper ballots previously tallied by vote machines?
Brennan Center for Justice Security Recommendations: See 06.27.06
THE MACHINERY OF DEMOCRACY: PROTECTING ELECTIONS IN AN ELECTRONIC WORLD -- Executive Summary, pp 3,14 -- Full Report, p3,87
SECURITY RECOMMENDATIONS
There is a substantial likelihood that the election procedures and countermeasures currently in place in the vast majority of states would not detect a cleverly designed Software Attack Program. The regimens for Parallel Testing and Automatic Routine Audits proposed in the Security Report are important tools for defending voting systems from many types of attack, including Software Attack Programs. For the reasons discussed, infra at pp. 6–7, we also believe that these measures would reduce the likelihood that votes would be lost as a result of human error.
Most jurisdictions have not implemented these security measures. Of the 26 states that require a voter-verified paper record, only 12 states require automatic audits of those records after every election, and only two of these states – California and Washington – conduct Parallel Testing. <190> Moreover, even those states that have implemented these countermeasures have not developed the best practices and protocols that are necessary to ensure their effectiveness in preventing or revealing attacks or failures in the voting systems. There is a substantial likelihood that the election procedures and countermeasures currently in place in the vast majority of states would not detect a cleverly designed Software Attack Program.
Recommendation #1...
Recommendation #2...For paperless DRE voting machines, Parallel Testing is probably the best way to detect most software-based attacks, as well as subtle software bugs that may not be discovered during inspection and other testing...
Recommendation #3...