[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20051112001534.87155.qmail@smasher.org>
Date: Fri, 11 Nov 2005 19:15:25 -0500 (EST)
From: Atom Smasher <atom@...sher.org>
To: bugtraq@...urityfocus.com
Subject: GAO report on e-voting
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Federal Efforts to Improve Security and Reliability of Electronic Voting
Systems Are Under Way, but Key Activities Need to Be Completed
...
the complete report is available here -
http://www.gao.gov/new.items/d05956.pdf
included below is the "Results in Brief" section.
...
Results in Brief
While electronic voting systems hold promise for a more accurate and
efficient election process, numerous entities have raised concerns about
their security and reliability, citing instances of weak security
controls, system design flaws, inadequate system version control,
inadequate security testing, incorrect system configuration, poor security
management, and vague or incomplete voting system standards, among other
issues. For example, studies found (1) some electronic voting systems did
not encrypt cast ballots or system audit logs, and it was possible to
alter both without being detected; (2) it was possible to alter the files
that define how a ballot looks and works so that the votes for one
candidate could be recorded for a different candidate; and (3) vendors
installed uncertified versions of voting system software at the local
level. It is important to note that many of the reported concerns were
drawn from specific system makes and models or from a specific
jurisdiction's election, and that there is a lack of consensus among
election officials and other experts on the pervasiveness of the concerns.
Nevertheless, some of these concerns were reported to have caused local
problems in federal elections--resulting in the loss or miscount of
votes--and therefore merit attention.
Federal organizations and nongovernmental groups have issued recommended
practices and guidance for improving the election process, including
electronic voting systems, as well as general practices for the security
and reliability of information systems. For example, in mid-2004, EAC
issued a compendium of practices recommended by election experts,
including state and local election officials. This compendium includes
approaches for making voting processes more secure and reliable through,
for example, risk analysis of the voting process, poll worker security
training, and chain of custody controls for election day operations, along
with practices that are specific to ensuring the security and reliability
of different types of electronic voting systems. As another example, in
July 2004, the California Institute of Technology and the Massachusetts
Institute of Technology issued a report containing recommendations
pertaining to testing equipment, retaining audit logs, and physically
securing voting systems. In addition to such election-specific practices,
numerous recommended practices are available that can be applied to any
information system. For instance, we, NIST, and others have issued
guidance that emphasizes the importance of incorporating security and
reliability into the life cycle of information systems through practices
related to security planning and management, risk management, and
procurement. The recommended practices in these election-specific and
information technology (IT) focused documents provide valuable guidance
that, if implemented effectively, should help improve the security and
reliability of voting systems.
Since the passage of HAVA in 2002, the federal government has begun a
range of actions that are expected to improve the security and reliability
of electronic voting systems. Specifically, after beginning operations in
January 2004, EAC has led efforts to (1) draft changes to the existing
federal voluntary standards for voting systems, including provisions
related to security and reliability, (2) develop a process for certifying,
decertifying, and recertifying voting systems, (3) establish a program to
accredit the national independent testing laboratories that test
electronic voting systems against the federal voluntary standards, and (4)
develop a software library and clearinghouse for information on state and
local elections and systems. However, these actions are unlikely to have a
significant effect in the 2006 federal election cycle because the changes
to the voluntary standards have not yet been completed, the system
certification and laboratory accreditation programs are still in
development, and the software library has not been updated or improved
since the 2004 elections. Further, EAC has not defined tasks, processes,
and time frames for completing these activities. As a result, it is
unclear when the results will be available to assist state and local
election officials. In addition to the federal government's activities,
other organizations have actions under way that are intended to improve
the security and reliability of electronic voting systems. These actions
include developing and obtaining international acceptance for voting
system standards, developing voting system software in an open source
environment (i.e., not proprietary to any particular company), and
cataloging and analyzing reported problems with electronic voting systems.
To improve the security and reliability of electronic voting systems, we
are recommending that EAC establish tasks, processes, and time frames for
improving the federal voluntary voting system standards, testing
capabilities, and management support available to state and local election
officials.
EAC and NIST provided written comments on a draft of this report (see
apps. V and VI). EAC commissioners agreed with our recommendations and
stated that actions on each are either under way or intended. NIST's
director agreed with the report's conclusions. In addition to their
comments on our recommendations, EAC commissioners expressed three
concerns with our use of reports produced by others to identify issues
with the security and reliability of electronic voting systems.
Specifically, EAC sought (1) additional clarification on our sources, (2)
context on the extent to which voting system problems are systemic, and
(3) substantiation of claims in the reports issued by others. To address
these concerns, we provided additional clarification of sources where
applicable. Further, we note throughout our report that many issues
involved specific system makes and models or circumstances in the
elections of specific jurisdictions. We also note that there is a lack of
consensus on the pervasiveness of the problems, due in part to a lack of
comprehensive information on what system makes and models are used in
jurisdictions throughout the country. Additionally, while our work focused
on identifying and grouping problems and vulnerabilities identified in
issued reports and studies, where appropriate and feasible, we sought
additional context, clarification, and corroboration from experts,
including election officials, security experts, and key reports' authors.
EAC commissioners also expressed concern that we focus too much on the
commission, and noted that it is one of many entities with a role in
improving the security and reliability of voting systems. While we agree
that EAC is one of many entities with responsibilities for improving the
security and reliability of voting systems, we believe that our focus on
EAC is appropriate, given its leadership role in defining voting system
standards, in establishing programs both to accredit laboratories and to
certify voting systems, and in acting as a clearinghouse for improvement
efforts across the nation. EAC and NIST officials also provided detailed
technical corrections, which we incorporated throughout the report as
appropriate.
###
- --
...atom
_________________________________________
PGP key - http://atom.smasher.org/pgp.txt
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
-------------------------------------------------
"I tremble for my country when I reflect that God is just."
-- Thomas Jefferson
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)
Comment: What is this gibberish?
Comment: http://atom.smasher.org/links/#digital_signatures
iQEcBAEBCAAGBQJDdTQjAAoJEAx/d+cTpVcifsAH/0doiR7VQ6Pma3kdQ2TrIR2d
dhsSGXbxhBCCxRIrb93k1V6730A0nhX+FnuPK/ibUhFw86+cITMw0ZI8RxrtbJQW
3kq5pgQsR03A1UGgyEvWjTFG+qQIS31171ws/FSIdpiABLL+mXc5OAW+F+FJELKu
7R2kzeR4kc6ILFGSvz5SAoV68amlAD7G0Z7Z6uOaJ5dUPta6ZRSjqWrqM9nRznYW
SC7ykUhqcrS1VqKGGwoTeEsAVE1YLNHQn4gdTCwjvQpvHhPGnQw3yyDsPWzWIzPA
aORnl4fr1qlm6Xa9dyjVANEm7lWMmPo+pNBYrc0T+ajaCbNc8tfaMTPzsxqQxSs=
=oOPC
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists