by Rachel Konrad, Associated Press
Oct. 26, 2004
SAN JOSE, Calif. (AP) - The nation's largest voting machine companies are submitting millions of lines of code to the National Software Reference Library to address sharp criticism from computer scientists about the secret software used in elections.
But executives at the voting machine makers said Tuesday they would not submit their most valuable data - their proprietary source code. And they might not provide the library with copies of software patches, updates and upgrades.
Computer scientists said the conciliatory gesture wouldn't help ensure the integrity of next week's presidential election, when as many as 29 million Americans will cast electronic ballots. Some researchers worry that hackers, software bugs, ill-trained poll workers or power outages could intentionally or accidentally erase or alter voting data.
"This is a step in the right direction," said Doug Jones, associate professor at the University of Iowa's computer science department. "I just wish these steps had been taken earlier. I say hooray, but it's a long-term benefit with some pretty glaring caveats."
Executives from the largest equipment makers in the United States - Election Systems & Software, Sequoia Voting Systems, Diebold Election Systems and Hart InterCivic - announced Tuesday that they had already submitted many versions of the software that will be used to tally votes next week. The library, run by the National Institute of Standards and Technology, also holds proprietary code from Microsoft Corp., Oracle Corp. and other technology giants.
Executives acted at the request of the U.S. Election Assistance Commission, a year-old federal agency created through the Help America Vote Act.
EAC Chairman DeForest Soaries Jr. acknowledged that the data was far from complete. But he said the companies' ongoing submissions could eventually make election software more transparent to computer scientists, who want "open source" voting software that can be independently inspected.
Scientists were pessimistic, noting that hackers could delete ballots on a particular machine without any worries that the library archives would foil them. No technology on the market today allows an election official to check software code that's already been installed and used on an individual voting machine and compare it to the software code stored in the library, noted library director Barbara Guttman.
Avi Rubin, technical director of the Information Security Institute of Johns Hopkins University, called the program "meaningless."
"At a high level, this plan sounds good," Rubin said. "It reminds me of when people take security measures simply for appearance's sake - to make you feel better. But it's not adding any real security."
The big vendors and a smaller company, Avante International Technology, said the archive now contains significant parts of the code to be used Nov. 2 in Florida, California, Georgia, Maryland, Delaware, New Mexico and Nevada. They also submitted vote-tallying software and other "election management" programs.
All the software in the library has been certified by independent testing authorities. Many states require such certification before running the programs in actual elections.
Mark Radke, a marketing director at Diebold, said data storage "should provide substantial assurance to the voting public that their vote is accurately and securely tabulated."
Companies submit data to the library on CD-ROMs, but the public cannot view the actual code. Instead, library technicians convert data into a mathematical algorithm known as a "hash" - the digital equivalent of a fingerprint.
Election supervisors can compare the hash on software they're about to install to the hash in the library. If the fingerprints don't match, they know the software is not the same one certified by an independent testing authority.
Published by
Associated Press
What do you think?
This material is copyrighted by its original publisher.
It is reprinted by Unknown News without permission, solely for purposes of criticism, comment, and news reporting, in accordance with the Fair Use Guidelines of copyright material under § 107 of U.S.C. Title 17.
There's much more than this at Unknown News.
|
Excerpt: The nation's largest voting machine companies are submitting millions of lines of code to the National Software Reference Library to address sharp criticism from computer scientists about the secret software used in elections.
But executives at the voting machine makers said Tuesday they would not submit their most valuable data -- their proprietary source code. And they might not provide the library with copies of software patches, updates and upgrades.
|
|
Commentary:
Looks like a half-assed gesture to placate the screaming hordes... a ploy cooked up by Bush puppets and the Republican-owned vote fraud companies, just enough for the Associated Propagasma to write a phony headline ("E-voting companies reveal software to feds") making it sound like REAL transparency was about to break out all over... =CactusPat= |
|
Related reports from our archives:
Oct. 26, 2004:
New Florida vote scandal feared
by Greg Palast, BBC News
Oct. 22, 2004:
Some early voters say
machines mark incorrect choices
Oct. 20, 2004:
Republican-backed group allegedly involved
in Pennsylvania vote registration fraud
# with comments by CactusPat and H&HH
Oct. 16, 2004:
Florida's Bush ignored advice to
'pull the plug' on flawed felon voter list
Oct. 12, 2004:
Republican-backed group allegedly involved
in vote registration fraud in Nevada and OregonRepublicans phone voters to discourage Democrats' voting
Oct. 9, 2004:
Republican
dirty tricks in Ohio
Sept. 8, 2004:
November surprise: Electronic voting machines add uncertainty to close election race
Aug. 30, 2004:
Florida fixed again? Absentee ballots go AWOL
Excerpt: Although 37,000 citizens have requested absentee ballots, Supervisor of Elections Theresa LePore says she'd only received 22,000 when she began the count. Where are the others? Don't ask: though she posts the names of requesters, she won't release the list of those who have voted, an eyebrow-raising deviation from standard procedure.
Aug. 26, 2004:
Diebold central tabulator
contains stunning security holeExcerpt: By entering a 2-digit code in a hidden location, a second set of votes is created. This set of votes can be changed, so that it no longer matches the correct votes. The voting system will then read the totals from the bogus vote set. It takes only seconds to change the votes, and to date not a single location in the U.S. has implemented security measures to fully mitigate the risks.
This program is not "stupidity" or sloppiness. It was designed and tested over a series of a dozen version adjustments.
Public officials: If you are in a county that uses GEMS 1.18.18, GEMS 1.18.19, or GEMS 1.18.23, your secretary or state may not have told you about this. You're the one who'll be blamed if your election is tampered with.
Aug. 23, 2004:
Vote count at mercy of clandestine testing
Aug. 16, 2004:
Is Florida facing a new electoral crisis?
by Linda McQuaig, The Toronto StarExcerpt: Concerns about the lack of a paper trail have prompted some states to ban the machines in the November election. But Jeb Bush has brushed aside such concerns, refusing to even allow independent audits of the machines in Florida.
Aug. 6, 2004:
Government makes sure soldiers' votes count (the rest of us are on our own)
# with comments by Madeline Zane
Aug. 4, 2004:
Computerized voting systems proven insecure
Aug. 3, 2004:
A new variation on voter fraudExcerpt: Today, around lunchtime, I went with my parents to the polls to vote in our primary election. When I got there, I found that I had somehow been removed from the books, and hence could not vote.
More related reports from our archives:
|
|
|
