California voting systems code review released today

["Dave" <dave () farber net>]

----- Original Message ----- 
From: "Matt Blaze" <mab () crypto com>
To: "David Farber" <dave () farber net>
Sent: Thursday, August 02, 2007 2:40 PM
Subject: California voting systems code review released today


> For the last two months I've been part of a security review of the
> electronic voting systems used in California. Researchers from around
> the country (42 of us in all) worked in teams that examined source code
> and documents and performed "red team" penetration tests of election
> systems made by Diebold Election Systems, Hart InterCivic and Sequoia
> Voting Systems.
>
> The red team reports were released by the California Secretary of State
> last week, and have been the subject of much attention in the nationwide
> press (and much criticism from the voting machine vendors in whose  
> systems
> vulnerabilities were found).   But there was more to the study than
> the red team exercises.
>
> Today the three reports from the source code analysis teams were  
> released.
> Because I was participating in that part of the study, I've been unable
> to comment on the review before today.  (Actually, there's still
> more to come.  The documentation reviews haven't been released
> yet, for some reason.)
>
> Our reports are now available for download at
>   http://www.sos.ca.gov/elections/elections_vsr.htm
>
> I led the group that reviewed the Sequoia system's code.
>
> The California study was, as far as I know, the most comprehensive
> independent security evaluation of electronic voting technologies ever
> conducted, covering products from three major vendors and investigating
> not only the voting machines themselves, but also the back-end  
> systems that
> create ballots and tally votes.  I believe our reports now constitute
> the most detailed published information available about how these  
> systems
> work and the specific risks entailed by their use in elections.
>
> My hats off to principal investigators Matt Bishop (of UC Davis)
> and David Wagner (of UC Berkeley) for their tireless effort in putting
> together and managing this complex, difficult -- and terribly
> important -- project.
>
> By law, California Secretary of State Debra Bowen must decide by  
> tomorrow
> (August 3rd, 2007) whether the reviewed systems will continue to be
> certified for use throughout the state in next year's elections,
> and, if so, whether to require special security procedures where
> they are deployed.
>
> We found significant, deeply-rooted security weaknesses in all three
> vendors' software.   Our newly-released source code analyses address
> many of the supposed shortcomings of the red team studies, which have
> been (quite unfairly, I think) criticized as being "unrealistic".
> It should now be clear that the red teams were successful not because
> they somehow "cheated," but rather because the built-in security
> mechanisms they were up against simply don't work properly.  Protecting
> these systems under operational conditions will likely be very hard.
>
> The problems we found in the code were far more pervasive, and much
> more easily exploitable, than I had ever imagined they would be.
>
> Our reports (linked above) should speak for themselves, but for
> my personal perspective on the review, see my blog entry at
>      http://www.crypto.com/blog/ca_voting_report/

-------------------------------------------
Archives: http://v2.listbox.com/member/archive/247/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com