Interesting People mailing list archives
California voting systems code review released today
From: "Dave" <dave () farber net>
Date: Fri, 3 Aug 2007 10:24:25 -0400
----- Original Message ----- From: "Matt Blaze" <mab () crypto com>
To: "David Farber" <dave () farber net> Sent: Thursday, August 02, 2007 2:40 PM Subject: California voting systems code review released today
For the last two months I've been part of a security review of the electronic voting systems used in California. Researchers from around the country (42 of us in all) worked in teams that examined source code and documents and performed "red team" penetration tests of election systems made by Diebold Election Systems, Hart InterCivic and Sequoia Voting Systems. The red team reports were released by the California Secretary of State last week, and have been the subject of much attention in the nationwidepress (and much criticism from the voting machine vendors in whose systemsvulnerabilities were found). But there was more to the study than the red team exercises.Today the three reports from the source code analysis teams were released.Because I was participating in that part of the study, I've been unable to comment on the review before today. (Actually, there's still more to come. The documentation reviews haven't been released yet, for some reason.) Our reports are now available for download at http://www.sos.ca.gov/elections/elections_vsr.htm I led the group that reviewed the Sequoia system's code. The California study was, as far as I know, the most comprehensive independent security evaluation of electronic voting technologies ever conducted, covering products from three major vendors and investigatingnot only the voting machines themselves, but also the back-end systems thatcreate ballots and tally votes. I believe our reports now constitutethe most detailed published information available about how these systemswork and the specific risks entailed by their use in elections. My hats off to principal investigators Matt Bishop (of UC Davis) and David Wagner (of UC Berkeley) for their tireless effort in putting together and managing this complex, difficult -- and terribly important -- project.By law, California Secretary of State Debra Bowen must decide by tomorrow(August 3rd, 2007) whether the reviewed systems will continue to be certified for use throughout the state in next year's elections, and, if so, whether to require special security procedures where they are deployed. We found significant, deeply-rooted security weaknesses in all three vendors' software. Our newly-released source code analyses address many of the supposed shortcomings of the red team studies, which have been (quite unfairly, I think) criticized as being "unrealistic". It should now be clear that the red teams were successful not because they somehow "cheated," but rather because the built-in security mechanisms they were up against simply don't work properly. Protecting these systems under operational conditions will likely be very hard. The problems we found in the code were far more pervasive, and much more easily exploitable, than I had ever imagined they would be. Our reports (linked above) should speak for themselves, but for my personal perspective on the review, see my blog entry at http://www.crypto.com/blog/ca_voting_report/
------------------------------------------- Archives: http://v2.listbox.com/member/archive/247/=now RSS Feed: http://v2.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- California voting systems code review released today Dave (Aug 03)