Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

HuffPo - Avi Rubin: The Dirty Little Secrets of Voting System Testing Labs

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread
This topic is archived.
Home » Discuss » Topic Forums » Election Reform Donate to DU
 
Wilms Donating Member (1000+ posts) Send PM | Profile | Ignore Fri Dec-16-05 10:32 PM
Original message
HuffPo - Avi Rubin: The Dirty Little Secrets of Voting System Testing Labs


The Dirty Little Secrets of Voting System Testing Labs

Avi Rubin

12.16.2005

snip

Before election officials can purchase voting systems, those systems need to be certified by a federally accredited lab called an Independent Testing Authority (ITA). There are three such labs in the US: Ciber, Wyle Labs, and Systest. These labs are tasked with testing any proposed voting systems against federal standards, in this case, the 2002 federal standards, soon to be replaced by the 2005 voluntary voting system guidelines (VVSG). You would think that these labs would be very interested in attending a summit such as this, and in fact, they were all invited. Only Systest showed up.

There were several overriding themes that emerged at the voting systems testing summit. Perhaps the most prevalent one was that the ITAs consistently decline to appear at these meetings. Why? Well the main reason is that they are fraught with conflict of interest and incompetence. In fact, had they shown up, they would have been raked over the coals by some of the voting system examiners that attended the summit. For instance, an examiner from Pennsylvania wanted to know how come so many systems that passed the ITA testing still had serious security and even operational flaws. The Systest representative, who had the misfortune of representing his entire industry alone, replied that they were only required to test against the standard. When pressed about whether or not the ITAs would fail a system if a serious flaw was found, the reply was that a memo would be written, but that the system would still pass. I couldn't believe it. The company that was tasked with certifying machines for elections in the United States would still pass them, even if a serious flaw was found, as long as the machine did not violate any aspects of the standard. Unbelievable.

Now, let me talk a bit about the conflict of interest. As a friend of mine put it, the ITAs are not independent and they have no authority. So Independent Testing Authority is a misnomer. Thankfully, NIST is going to change the name next year. Here's where it gets bad. The ITAs are hired by and paid by -- the vendors. That is, when a vendor has a voting machine that they want certified, they find an ITA who is willing to certify the voting machine. Any memos about flaws that are discovered remain confidential. There is no requirement to disclose any problems that are found with the machines. In fact, the entire ITA report is considered proprietary information of the voting machine vendor. After all, they paid for it. This provides an incentive for ITAs to certify machines, to satisfy their clients.

Two years ago, my research team got our hands on the code that runs inside of Diebold's Accuvote machines. We performed a source code analysis and reported all kinds of serious security problems (see http://avirubin.com/vote/analysis/). It was incredible to me that such machines were actually deployed and used in elections. Equally confounding was that a national testing lab, in this case Wyle Labs, actually certified this machine. Either they did not know the first thing about cryptography and security, or they did not look at the source code. In fact, according to the 2002 standards, they were not required to examine the code.

snip

http://www.huffingtonpost.com/avi-rubin/the-dirty-little-secrets-_b_12354.html

Printer Friendly | Permalink |  | Top
babylonsister Donating Member (1000+ posts) Send PM | Profile | Ignore Fri Dec-16-05 10:38 PM
Response to Original message
1. Nom! Why the hell is this being ignored?
This affects every voting American. :grr:
Printer Friendly | Permalink |  | Top
 
bananas Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Dec-17-05 07:55 AM
Response to Reply #1
7. Journalists aren't paid to report on it, so why should they?
Printer Friendly | Permalink |  | Top
 
bananas Donating Member (1000+ posts) Send PM | Profile | Ignore Fri Dec-16-05 11:11 PM
Response to Original message
2. k&r eom
Printer Friendly | Permalink |  | Top
 
EC Donating Member (1000+ posts) Send PM | Profile | Ignore Fri Dec-16-05 11:28 PM
Response to Original message
3. Creating the reality they want seems to continue
for this administration. See, the machines are tested and certified, so their alright, that's all we need to know....they live in an alternate paper reality and think we'll just go along with the disallusionment...Creeps.
Printer Friendly | Permalink |  | Top
 
rumpel Donating Member (1000+ posts) Send PM | Profile | Ignore Fri Dec-16-05 11:31 PM
Response to Original message
4. Thanks for Avi Rubin.
Printer Friendly | Permalink |  | Top
 
kster Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Dec-17-05 02:23 AM
Response to Original message
5. kick.nt
Printer Friendly | Permalink |  | Top
 
bananas Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Dec-17-05 04:28 AM
Response to Original message
6. Is Kucinich still hosting the source code? eom
Printer Friendly | Permalink |  | Top
 
Neil B Forzod Donating Member (64 posts) Send PM | Profile | Ignore Sat Dec-17-05 12:24 PM
Response to Reply #6
11. kucinich never hosted any source code (nt)
Printer Friendly | Permalink |  | Top
 
bananas Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Dec-17-05 07:21 PM
Response to Reply #11
18. oops - you're right
apparently he only put some memos and a manual.
Printer Friendly | Permalink |  | Top
 
farmbo Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Dec-17-05 08:56 AM
Response to Original message
8. If HuffPo keeps running these articles, they'll be right up there with DU!
Election Fraud...the elephant in the room.
Printer Friendly | Permalink |  | Top
 
Joanne98 Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Dec-17-05 12:13 PM
Response to Original message
9. Is he saying Shawn Southwood is a crook?
Where is Shawn Southwood anyway?
Printer Friendly | Permalink |  | Top
 
Neil B Forzod Donating Member (64 posts) Send PM | Profile | Ignore Sat Dec-17-05 12:23 PM
Response to Reply #9
10. shawn southworth
He oversees election software review and certification at Ciber Labs.

Rubin's not saying he's a crook, he's saying he's incompetent.

Neil
Printer Friendly | Permalink |  | Top
 
Joanne98 Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Dec-17-05 12:30 PM
Response to Reply #10
12. Have you ever seen his picture? He looks incompetent.
Printer Friendly | Permalink |  | Top
 
Helga Scow Stern Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Dec-17-05 05:05 PM
Response to Original message
13. The extent of McPherson's cooperation and openness may be overrepresented
Edited on Sat Dec-17-05 05:16 PM by Ojai Person
in these last lines of Rubin's post:
"I learned a lot at the voting system testing summit, and I applaud Secretary McPherson for the dialogue that he opened up. I sincerely hope that in such events in the future, there will be no stakeholders who are afraid or ashamed to show their faces."


What is not mentioned is how some of the people most concerned with the integrity of voting systems in California were not allowed to "show their faces", i.e., to attend this summit.:

California voting summit shuts out voting reform advocates; Panels appear stacked with electronic voting proponents
http://rawstory.com/news/2005/California_voting_summit_shuts_out_voting_1201.html
Printer Friendly | Permalink |  | Top
 
freedomfries Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Dec-17-05 05:29 PM
Response to Original message
14. Thanks for posting this
Printer Friendly | Permalink |  | Top
 
FogerRox Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Dec-17-05 05:46 PM
Response to Reply #14
15. funny how the ITA labs never
test a voting machine to see if it actually works.

But they will certify that it meets the 2002 VVSS. Which doesnt mean it actually works.

HOw does the ITA testing scenarios simulate an election.

Do Voters pick up voting machines and drop them from height of 6 inches?
Do voters carry around a bag of dust to sling onto the voting machines?
Do Voters carry a vibrating dildo to vinrate the voting machine?

DO ITA labs simulate the oil from voters skin, on the touchscreen DRE?

These are voting machines-- how are they used? They are used on electionday----

Maybe the ITAs could have a simulated election day? Might that actually show this crap really works, on election day.

end of Rant
#####
Printer Friendly | Permalink |  | Top
 
bonito Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Dec-17-05 06:35 PM
Response to Original message
16. Thanks, kick for wider viewing. n/t
Printer Friendly | Permalink |  | Top
 
katinmn Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Dec-17-05 07:08 PM
Response to Original message
17. Good article and great work!
Printer Friendly | Permalink |  | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view 
this author's profile Click to add 
this author to your buddy list Click to add 
this author to your Ignore list Sat Oct 05th 2024, 01:29 AM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » Topic Forums » Election Reform Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators


Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC