[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

GAO report on electronic voting systems issues

To: cvv-discuss@xxxxxxxxxxxxxxxxx, attendees@xxxxxxx
Subject: GAO report on electronic voting systems issues
From: Neal McBurnett <neal@xxxxxxxxxxxxxxxxx>
Date: Wed, 26 Oct 2005 14:24:39 -0600
Delivered-to: mailing list cvv-discuss@coloradovoter.net
In-reply-to: <ATLANTISrPrvCWO6hm800000bf8@atlantis.fcw.com>
List-help: <mailto:cvv-discuss-help@coloradovoter.net>
List-post: <mailto:cvv-discuss@coloradovoter.net>
List-subscribe: <mailto:cvv-discuss-subscribe@coloradovoter.net>
List-unsubscribe: <mailto:cvv-discuss-unsubscribe@coloradovoter.net>
Mailing-list: contact cvv-discuss-help@coloradovoter.net; run by ezmlm
References: <ATLANTISrPrvCWO6hm800000bf8@atlantis.fcw.com>
User-agent: Mutt/1.4.1i

The actual GAO report, "GAO-05-956", from September 21, 2005 is here:

 http://www.gao.gov/docdblite/summary.php?rptno=GAO-05-956

 Federal Efforts to Improve Security and Reliability of Electronic
 Voting Systems Are Under Way, but Key Activities Need to Be Completed

Thanks to Paul Condon for the heads-up.

Neal McBurnett                 http://bcn.boulder.co.us/~neal/
Signed and/or sealed mail encouraged.  GPG/PGP Keyid: 2C9EBA60

The abstract and summary include these excerpts:

 GAO was requested to (1) determine the significant security and
 reliability concerns identified about electronic voting systems, (2)
 identify recommended practices relevant to ensuring the security and
 reliability of these systems, and (3) describe actions taken or
 planned to improve their security and reliability.

 ...

 Specifically, EAC has led efforts to (1) draft changes to existing
 federal voluntary standards for voting systems, including provisions
 addressing security and reliability; (2) develop a process for
 certifying voting systems; (3) establish a program to accredit
 independent laboratories to test electronic voting systems; and (4)
 develop a library and clearinghouse for information on state and
 local elections and systems. However, these actions are unlikely to
 have a significant effect in the 2006 federal election cycle because
 important changes to the voting standards have not yet been
 completed, the system certification and laboratory accreditation
 programs are still in development, and a system software library has
 not been updated or improved since the 2004 election. Further, EAC
 has not consistently defined specific tasks, processes, and time
 frames for completing these activities; as a result, it is unclear
 when their results will be available to assist state and local
 election officials.

Examples of Voting System Vulnerabilities and Problems

* Cast ballots, ballot definition files, and audit logs could be 
modified.
* Supervisor functions were protected with weak or easily guessed 
passwords.
* Systems had easily picked locks and power switches that were exposed
and unprotected.     
* Local jurisdictions misconfigured their electronic voting systems, 
leading to election day problems.
* Voting systems experienced operational failures during elections.
* Vendors installed uncertified electronic voting systems.

Source: GAO analysis of recent reports and studies. 

What GAO Recommends: 

To help ensure the security and reliability of electronic voting
systems, GAO is recommending that EAC define specific tasks,
processes, and time frames for improving the national voting systems
standards, testing capabilities, and management support available to
state and local election officials. In commenting on a draft of this
report, EAC agreed with the recommendations and stated that the
commission has initiatives under way or planned in these areas. The
commission also sought additional clarification and context on
reported problems.

On Mon, Oct 24, 2005 at 05:32:39PM -0700, pecondon@xxxxxxxxxxxxxxxx wrote:
> Paul Condon thought you'd be interested in the following story from
> FCW.com, the online resource for federal technology news and information:
> 
> Paul Condon said: I just found this mentioned on a computer science email
> list.
> 
> GAO confirms some e-voting problems
> http://www.fcw.com/article91183-10-21-05-Web

References:
- FCW.com article sent by Paul Condon
  - From: pecondon

Prev by Date: NEWS - Boulder County officials hiding from sunshine.
Next by Date: We need your help - this week.
Previous by thread: FCW.com article sent by Paul Condon
Next by thread: RE: FCW.com article sent by Paul Condon
Index(es):
- Date
- Thread