[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FW: Documents: voting system test lab omitted test for tamperability

To: "Citizens for Verifiable Voting" <cvv-discuss@xxxxxxxxxxxxxxxxx>, "CFVI" <AlKolwicz@xxxxxxxxx>
Subject: FW: Documents: voting system test lab omitted test for tamperability
From: "alkolwicz" <alkolwicz@xxxxxxxxx>
Date: Sun, 7 Nov 2004 07:34:43 -0700
Delivered-to: mailing list cvv-discuss@coloradovoter.net
List-help: <mailto:cvv-discuss-help@coloradovoter.net>
List-post: <mailto:cvv-discuss@coloradovoter.net>
List-subscribe: <mailto:cvv-discuss-subscribe@coloradovoter.net>
List-unsubscribe: <mailto:cvv-discuss-unsubscribe@coloradovoter.net>
Mailing-list: contact cvv-discuss-help@coloradovoter.net; run by ezmlm
Organization: KOLWICZ-GROUP
Reply-to: <AlKolwicz@xxxxxxxxx>
Thread-index: AcTEvapnAdR7Gm5ARIWgGrH6bjKfAgAGOL8w

As you may know, CAMBER has challenged th3e certification of the HART
system.  Perhaps the following report clarifies why we sense inadequate
testing.

Al

-----Original Message-----
From: Bev@xxxxxxxxxxxxxxxxxx [mailto:Bev@xxxxxxxxxxxxxxxxxx] 
Sent: Sunday, November 07, 2004 4:34 AM
To: alkolwicz@xxxxxxxxx
Subject: Documents: voting system test lab omitted test for tamperability

Freedom of Information requests at http://www.blackboxvoting.org have
unearthed two Ciber certification reports indicating that security and
tamperability was NOT TESTED and that several state elections directors, a
secretary of state, and Dr. Britain Williams signed off on the report
anyway, certifying it.

The documents, posted at Black Box Voting (.ORG) show that Ciber Labs' Shawn
Southworth used a conformance chart specifying FEC regulations, marking each
test item "pass" or "fail."

Southworth "tested" whether every candidate on the ballot has a name. But we
were shocked to find out that, when asked the most important question --
about vulnerable entry points -- Southworth's report says "not reviewed."

Ciber "tested" whether the manual gives a description of the voting system.
But when asked to identify methods of attack (which we think the American
voter would consider pretty important), the top-secret report says "not
applicable."

Ciber "tested" whether ballots comply with local regulations, but when we
asked Shawn Southworth what he thinks about Diebold tabulators accepting
large numbers of "minus" votes, he said he didn't mention that in his report
because "the vendors don't like him to put anything negative" in his report.
After all, he said, he is paid by the vendors.

Was this just a one-time oversight? 

Nope. It appears to be more like a habit. We also posted the sister report,
for another vendor entirely, VoteHere, and you can see that the critical
security test, the "penetration analysis" was again marked "not applicable"
and was not done.

Maybe another ITA did the penetration analysis?

Apparently not. We discovered an even more bizarre Wyle Laboratories report.
In it, the lab admits the Sequoia voting system has problems, but says that
since they were not corrected earlier, Sequoia could continue with the same
flaws. At one point the Wyle report omits its testing altogether, hoping the
vendor will do the test.

Computer Guys: Be your own ITA certifier.

Black Box Voting has posted a full Ciber report on GEMS 1.18.15. We also
posted a .zip file download for the GEMS 1.18.15 program. We also provided a
real live Diebold vote database. Compare your findings against the official
testing lab and see if you agree with what Ciber says. E-mail us your
findings.

Who the heck is NASED?

They are the people who certified this stuff. Now, if the security of the
U.S. electoral system depends on you to certify a voting system, and you get
a report that says security was "not tested" and "not applicable" -- what
would you do?

Perhaps we should ask them. Go ahead. Hold them accountable for the election
we just had. (Please, e-mail us their answers) Their names are listed on the
Web site.

Bev Harris

Prev by Date: Re: BallotNow recount still a possibility
Next by Date: Fwd: House Dems Seek Election Inquiry
Previous by thread: TC story
Next by thread: Fwd: House Dems Seek Election Inquiry
Index(es):
- Date
- Thread