Military and overseas voters saw improvements in their ability to vote in 2010, thanks to the Military and Overseas Voter Empowerment Act (MOVE) passed in late 2009, according to a report to Congress last month by the Military Postal Service Agency (MPSA). The report indicates that MOVE will improve things further as its provisions become better known and implemented.

The MOVE Act required states to send ballots to military and overseas voters at least 45 days before election-day in federal elections so they have time to return their voted ballot. MPSA must pick up ballots for return to election offices no later than 7 days before election day. MOVE also sped up the process by requiring states to offer electronic transmission (website, email, fax) of blank ballots and registration materials. The law stopped short of establishing electronic return of voted ballots because ballots cannot be secured against undetected interception and manipulation over the internet. New procedures were implemented for 2010, coordinating MPSA with USPS, including the use of Express Military Mail Service (EMMS) for uniformed overseas service members and their families.

(more)

In the August 3 primary in Mississippi voters experienced voting machine problems: candidates’ names and entire contests missing from the voting machine screens and equipment failing to booting up properly. Problems were reported in Hinds County, which uses the Advanced Voting Systems Winvote and in several counties that use the Premier  (Diebold) TSx equipped with a voter-verifiable paper audit trail printer.

Advanced Voting Systems has been out of business for several years after they failed to meet requirements for certification to Federal voting systems standards but their machines are still used in Hinds County and in several jurisdictions in Virginia.  The same type of AVS machine produced still-unexplained anomalies in Fairfax County, Virginia in 2009. The majority of Mississippi counties use the Premier TSx and most are equipped with voter verified paper audit trail printers, though the printers are not required by state law or regulation.

(more)

I am very concerned about the widespread push toward Internet voting in the U.S., of which email voting is just one kind.  Neither the Internet itself, nor voters’ computers, nor the email vote collection servers are secure against any of a hundred different cyber attacks that might be launched by anyone in the world from a self-aggrandizing loner to a foreign intelligence agency. Such an attack might allow automated and undetectable modification or loss of any or all of the votes transmitted.

While all Internet voting systems are vulnerable to such attacks and thus should be unacceptable to anyone, email voting is by far the worst Internet voting choice from a national security point of view since it is the easiest to attack in the largest number of different ways.

The technical points I am about to state are not my opinions alone. The computer security research community in the U.S. is essentially unanimous in its condemnation of any currently feasible form of Internet voting, but most especially of email voting. I strongly urge legislators in states considering e-mail voting to request testimony from other independent computer network security experts who are not affiliated with or paid by any voting system vendor.  Email voting is extremely dangerous in ways that people without strong technical background are not likely to anticipate. (more)

The second risk-limiting audit under California AB 2023 was conducted on May 6 in Monterey County. The contest was a Special all-mail election for Monterey Peninsula Water Management District Director, Division 1.  Monterey uses Sequoia equipment. There were two candidates: Brenda Lewis and Thomas M. Mancini, and write-ins. 2111 ballots were cast in all.  The reported totals were 1353 reported for Lewis, 742 for Mancini, and 13 write-ins. The remaining 3 ballots were recorded as undervotes and overvotes.  Lewis was reported to have 64.18% of the valid votes.

Two members of the public observed the entire audit process, which took roughly 90 minutes including some preliminary explanation of the procedure. They confirmed that their interpretation of the ballots agreed with mine and the elections officials’, and they helped roll the dice used to select ballots at random.  In conversations afterward, they seemed quite satisfied with the transparency of the procedure (although perhaps not utterly convinced by the mathematics that justified the details).

The audit was performed as follows. After the ballots had been tabulated officially, elections officials Bates-stamped each with a unique serial number (1962 ballots that were scanned had been stamped prior to audit day; the remaining 149 were stamped as part of the audit). It is my understanding that stamping the ballots took about 5 person-hours in all. (more)

This article was posted at the CT Mirror and is cross-posted here with permission.

Online voting is an appealing option to speed voting for military and overseas voters. Yet it is actually “Democracy Theater”, providing an expensive, risky illusion of supporting our troops. Technologists warn of the unsolved technical challenges, while experience shows that the risks are tangible and pervasive. There are safer, less expensive solutions available.

This year, the Government Administration and Elections Committee held hearings on a bill for online voting for military voters. Later they approved a “technical bill”, S.B. 939. Tucked at the end was a paragraph requiring that the Secretary of the State “shall, within available appropriations, establish a method to allow for on-line voting by military personnel stationed out of state.”

In 2008, over thirty computer scientists, security experts and technicians signed the “Computer Technologists’ Statement on Internet Voting,” listing five unsolved technical challenges and concluding: “e believe it is necessary to warn policymakers and the public that secure internet voting is a very hard technical problem, and that we should proceed with internet voting schemes only after thorough consideration of the technical and non-technical issues in doing so.”

The prevailing attitude seems to be, if voters and election officials like it and see no obvious problems then it must be safe. (more)

Oak Ridge National Labs (one of the US national energy labs, along with Sandia, Livermore, Los Alamos, etc) had a bunch of people fall for a spear phishing attack (see articles in Computerworld and many other descriptions). For those not familiar with the term, spear phishing is sending targeted emails at specific recipients, designed to have them do an action (e.g., click on a link) that will install some form of software (e.g., to allow stealing information from their computers). This is distinct from spam, where the goal is primarily to get you to purchase pharmaceuticals, or maybe install software, but in any case is widespread and not targeted at particular victims. Spear phishing is the same technique used in the Google Aurora (and related) cases last year, the RSA case earlier this year, Epsilon a few weeks ago, and doubtless many others that we haven’t heard about. Targets of spear phishing might be particular people within an organization (e.g., executives, or people on a particular project).

In this posting, I’m going to connect this attack to Internet voting (i-voting), by which I mean casting a ballot from the comfort of your home using your personal computer (i.e., not a dedicated machine in a precinct or government office). My contention is that in addition to all the other risks of i-voting, one of the problems is that people will click links targeted at them by political parties, and will try to cast their vote on fake web sites. The scenario is that operatives of the Orange party send messages to voters who belong to the Purple party claiming to be from the Purple party’s candidate for president and giving a link to a look-alike web site for i-voting, encouraging voters to cast their votes early. The goal of the Orange party is to either prevent Purple voters from voting at all, or to convince them that their vote has been cast and then use their credentials (i.e., username and password) to have software cast their vote for Orange candidates, without the voter ever knowing. (more)

This overview of the Wisconsin situation was posted at SaveOurVotes.org and is reposted here with permission of the author.

When Wisconsin voters flocked to the polls on April 5, one of the factors driving the high turnout was the State Supreme Court contest between incumbent Justice David Prosser and challenger JoAnne Kloppenburg. Prosser, whose term ends July 31, often casts the deciding vote on the seven-member court. He is a conservative Republican former Speaker of the Assembly seen as closely allied to Wisconsin’s controversial Gov. Scott Walker. Kloppenburg, a virtual unknown who was given little chance of success when she entered the race several months ago, was buoyed by the high passions stirred by Walker’s actions to strip government employees of their collective bargaining rights. Though the race is officially nonpartisan, it was seen as both a referendum on Walker and a chance to affect the Supreme Court’s ruling on Walker’s actions, which are likely to be reviewed by the Court in its next term.

Election night results were considered too close to call, but the next day when seemingly all the votes had been tallied, Kloppenburg claimed victory with a margin of 204 votes of the more than 1.4 million total votes cast. A recount seemed inevitable. (more)