In letter to federal Election Assistance Commission, investigators from CA's unprecedented e-vote review blast the approval of flawed protocols in certification tests for new Diebold e-voting system...

Brad Friedman Byon 10/15/2009, 4:25pm PT

A group of computer scientists and security experts from California's 2007 landmark "Top-to-Bottom Review" (TTBR) of electronic voting systems have sent a two-page letter [PDF] of condemnation to the U.S. Election Assistance Commission (EAC), taking the federal body to task for their approval of misused security findings from the TTBR in recent certification testing for a new e-voting system made by Diebold/Premier.

The voting system, Premier's Assure 1.2 --- made by Premier Election Solutions, Inc. (formerly named Diebold Election System, Inc. and recently purchased by Election System and Software, Inc.) --- was granted federal certification by the EAC last August under new test protocols which "should not have received the EAC's approval," according to the letter penned by Aaron Burstein and Joseph Lorenzo Hall, and signed by twelve other investigators and participants in the TTBR project.

The letter was addressed to the EAC's Director of Testing and Certification Brian Hancock, a longtime official at the commission with a disturbing background of helping to hedge test results for other electronic voting systems...

'Completely Inadequate'

The test plan approved by the EAC's Hancock for the Assure system, the scientists argue in their letter, allowed iBeta Laboratories to test the Premiere/Diebold combination optical-scan and Direct Recording Electronic (DRE, touch-screen) voting system based on a fundamentally misunderstood interpretation of an important finding from the TTBR study.

"iBeta interpreted the TTBR studies of the Premier system's predecessor [the older systems made by Diebold] to have 'concluded that the vulnerabilities within the system depend almost entirely on the effectiveness of the election procedures,'" write Burstein and Hall. "On the basis of this interpretation, iBeta developed a test plan that called for 'no additional testing' of the Premier system's security properties. The EAC approved this plan."

The EAC's new testing regime was recently implemented in light of years of disastrous testing in which systems had been tested in secret by labs selected and paid for by the voting system manufacturers themselves. The result was the failed e-voting systems which now litter the nation's electoral landscape. Those systems, almost every single one of them, have now been found in independent scientific study after study, including CA's TTBR, "an unprecedented, in-depth evaluation of California's voting systems, which allowed investigators to gain a better understanding of their vulnerabilities," according to the letter, to be extraordinarily insecure on virtually every level, frequently unreliable and often inaccurate in their results.

The TTBR resulted in California's decertification of a number of systems previously approved under the old EAC-overseen testing procedures. It would appear that the new testing system may be as riddled with problems and possible failure as the old one, at least if the EAC's questionable certification of the Premier Assurance system, as described in the letter from the CA investigators, is any indication.

More from the Burstein/Hall letter:

iBeta's misunderstanding of the significance of the TTBR findings and the EAC's approval of a test plan that was designed around this misunderstanding, represent a missed opportunity to use the testing and certification process to improve voting system integrity and reliability. iBeta misunderstands the results of the TTBR. The TTBR concluded that the number, extent, and severity of these vulnerabilities were so substantial that the technological security mechanisms were completely inadequate to protect the integrity and security of both the systems and of the election.[1] This directly contradicts the statement that "the vulnerabilities within the system depend almost entirely upon the effectiveness of the election procedures." The vulnerabilities are present, regardless of the election procedures. The team concluded that these flaws were so severe as to render the system's technological security measures essentially without value; these vulnerabilities could only be mitigated by the strictest of procedures. The California Secretary of State's response to the TTBR was to decertify two systems until their respective vendors, one of which was Diebold,[2] fixed many problems with their security mechanisms. Even now, these machines are subject to strict new procedural rules designed to mitigate the vulnerabilities which remain. Such drastic measures were necessary precisely because the underlying vulnerabilities were not detected and analyzed during conformance testing. iBeta's light treatment of the TTBR results, therefore, should not have received the EAC's approval.

_________________________

The 101-page iBeta test plan [PDF] was approved earlier this year by the EAC's Director of Testing and Certification, Brian Hancock, who notified [PDF] iBeta on April 7, 2009 "that the tests proposed, if performed properly, appear to be sufficient to fully test the system."

The Assure 1.2 voting system was then officially certified by the EAC [PDF] on August 6th of this year, as the third "to achieve federal certification" under the EAC's new "Voting System Testing and Certification Program."

Hancock's Dubious History at the EAC

It should be noted here that Hancock played a key role at the EAC in 2004, by improperly giving a "qualification number" (the phrase the EAC now uses to describe successful federal certification testing under the previous test regime) to the Sequoia Edge with Verivote Printer touch-screen voting system. The number was officially granted for the system even though testing had not been fully completed by the test labs --- where the system had been failing miserable --- in violation of the EAC's own "qualification" procedures at the time.

The sleight-of-"qualification"-hand was essentially carried out in apparent hopes of legitimizing Nevada's illegal use of that particular voting system in 2004, for the first time, where it had been used without a "qualification number," in violation of state law, in the September primary. That, even though then-SoS, now U.S. Congressman Dean Heller (R) had lied to the press and public by telling them, in July of that year, that the system "has passed federal certification with flying colors."

Between the September Primary and the November Presidential General Election, Hancock issued the "qualification number," commonly known as "federal certification" back then, to the Sequoia Edge with Verivote system. The completion of the paperwork by the test lab, allowing for the qualification to be issued, would not officially be completed until December 21, 2004. The system would not be officially certified in the state of Nevada until January 12, 2005, as documents obtained by The BRAD BLOG's long efforts at public records requests has revealed.

The entire EAC/Nevada/Sequoia scam described above is documented at length in "The Selling of the Touch-Screen 'Paper Trail': From Nevada to the EAC," an investigative report we contributed with Michael Richardson and John Gideon as a chapter for Mark Crispin Miller's 2008 book Loser Take All: Election Fraud and The Subversion of Democracy, 2000-2008 .

In requesting a comment from Hancock and EAC spokesperson Jeannie Layson in regard to the letter from the CA investigators, we were told that the commission is preparing a formal reply to the authors. We will update this item appropriately when we receive a copy of that reply.

UPDATE 10/22/09: The EAC has finally responded today, with a letter in reply [PDF]. The reply from Hancock seems to attempt to rebut Hall/Burstein's assertion that iBeta's tests did "'no additional testing' of the Premier system's security properties." The scientists tell us they're reviewing the letter and may be preparing their own response in turn. If they do, we'll update again.



