In a letter obtained by The BRAD BLOG, Riverside County, California, Supervisor Jeff Stone attempts to move the goal posts concerning the ill-considered challenge he issued to Election Integrity advocates in December during a public, video-taped meeting.
The letter, sent by Stone on Wednesday to outgoing California Secretary of State Bruce McPherson, attempts to unilaterally create unrealistic (some might say desperate) conditions for a proposed hack test of the county’s electronic touch-screen voting machines, made by Sequoia Voting Systems. When Stone initially issued the challenge, he included no such ground rules.
Computer scientists and security experts interviewed by The BRAD BLOG, as well as a number of reports and studies from nationally-recognized bodies, understand what Stone apparently doesn’t: the major threat to voting machine malfeasance comes not from a voter walking up to a voting system on Election Day, but rather from insiders who are easily able to gain unsupervised access to the machines.
The letter to McPherson from Stone is posted in full at the end of this article.
As we reported in mid-December, Stone had challenged Election Integrity advocates from Democracy for America-Temecula Valley, during a public meeting of the County Supervisors, to bring in a programmer willing to attempt a hack of Riverside’s voting system. His offer was simply “to set up an appointment with one of our machines and I’d like him or her [the programmer] to verify that they can manipulate that machine.”
At the time, Stone also said that he was willing to “bet a thousand to one that they cannot do it.” (A transcript of the entire, very brief exchange was posted in full in our initial report of the incident, along with links to two different video tapes of the encounter.)
The challenge was accepted the following week by the activists, who announced that noted Finnish computer security expert Harri Hursti had volulnteered to perform the tests. Hursti previously hacked a paper-based Diebold optical-scan voting system in Leon County, Florida, at the end of 2005, and helped to discover alarming vulnerabilities in Diebold touch-screen systems a few months later in Emery County, Utah.
At the same time, a number of other election integrity advocates announced they would stake $1000 for charity on the bet against Stone’s $1 million.
Stone’s challenge, as seen in the videos and transcript, specified no ground rules for the hack test, despite what Stone indicates in his letter to McPherson. The Secretary of State recently lost his election bid to the incoming Debra Bowen, who will take office this coming Monday. McPherson had been much criticized for his lax testing of voting systems and his close relationship with a number of voting machine companies such as Diebold. He had also been quite friendly with the all-Republican Board of Supervisors in Riverside, The BRAD BLOG has learned from sources on the ground. Bowen has been an outspoken critic of McPherson’s rubber-stamp certification of electronic voting systems in the state as well as the lack of adequate security standards specified for their use.
In his letter — notably sent to McPherson and not to Bowen — Stone creates a number of ground rules which were neither specified at the time of the challenge, nor the norm for standard security and vulnerability testing of computer software and hardware. He incorrectly characterizes the December exchange with Election Integrity advocate Maxine Ewig this way, unilaterally creating absurd conditions for the testing in the process…
Stone’s reference to being “prohibited from…reaching around the back of the machine” is a direct reference to one of the already-known security vulnerabilities of Sequoia’s touch-screen voting systems; specifically the “Yellow Button” on the back of the machines which, if pressed in a simple sequence, allows voters to cast as many votes as they like. The BRAD BLOG broke that story in the week prior to the November election.
Despite Stone’s newly invented restrictions, actual experts familiar with security testing of such systems say that vulnerability testing is conducted quite differently in the real world.
Dr. Herbert F. Thompson, Chief Security Strategist for Security Innovation, who also worked with Hursti on the Leon County, Florida hack of the Diebold optical-scan system, explained to The BRAD BLOG recently that security testers first try and gain access to systems “in the same way that someone hoping to insert malicious code might attempt to access the machines. The most direct avenue,” he explained, “would be to try and exploit insider access such as an election official or poll worker might have.”
Thompson is the author of 12 books on computer security including How to Break Software Security: Effective Techniques for Security Testing and The Software Vulnerability Guide.
Another computer scientist and security expert familiar with both electronic voting systems and their certification procedures at both the state and federal level wrote to us after reading the letter to say that he finds Stone’s expectations to be unrealistic and uninformed, but not necessarily unusual.
“This, of course, represents the most common of misunderstandings — that voting system security means invulnerability to attacks by voters. Voters are not the problem,” the scientist wrote, requesting anonymity due to close relationships with authorities in his state.
“The much more serious and difficult security problems involve protecting the system from errors or potential malicious acts by insiders, including [voting machine] vendor employees, employees of county election agencies, contractors, and poll workers,” he explained.
In Riverside County, where pre-programmed, election-ready touch-screen systems are sent home with pollworkers on overnight “sleepovers” days before the election, as well as unsecurely stored in various polling locations the night before the election, a would-be hacker might have plenty of time to attempt to exploit the systems.
Additionally, election officials and employees of the voting machine companies could gain lengthy and unrestricted access to the supposedly “secure” voting systems before they are used on Election Day.
These are the type of real-world conditions, both scientists explained, that professional testers would seek in their attempts to mimic potential exploits from the “black hats.”
Indeed, insider access to the voting systems has been one of the top concerns expressed in a number of reports, including a landmark 2006 study by NYU’s Brennan Center for Justice and a National Commission on Federal Election Reform, co-chaired by James A. Baker III and former President Jimmy Carter in 2005.
The final report of the Baker/Carter commission found that, “Software can be modified maliciously before being installed into individual voting machines. There is no reason to trust insiders in the election industry any more than in other industries.”
The computer scientist who wrote to The BRAD BLOG after reviewing Stone’s letter also alluded to the common insider threats seen in industries other than E-voting. “In financial institutions, intelligence agencies, and most other security situations, the most challenging security threats are almost always from insider malfeasance.”
The expressed written intent of Stone’s letter seems to be to inquire as to whether McPherson concurs that such a test would be “in compliance with all State and Federal laws and regulations.”
While we don’t have an answer from McPherson, an official from Bowen’s office replied to our query on that point that they are unaware, at this time, of any such state or federal regulations that would bar such an independent analysis of a voting machine by an expert with the approval of county officials.
Finally, Stone writes the following early on in his letter:
Setting aside the last sentence for the moment, which is silly beyond description… on the first sentence, clainming that previous “hacking experiments” having allowed testers “unlimited resources and time with the voting unit and software,” Stone is just plain wrong.
In the aforementioned 2005 hack of the Diebold system in Leon County, Florida, by Hursti and Thompson, the two computer security professionals were given no such “unlimited” access or “time with the voting unit.” In fact, the machine used in the live hack test — as seen in the HBO documentary Hacking Democracy — was chosen by random lot just moments before the test was actually done. Hursti, who wrote the code that flipped the mock election during the test, was never even allowed inside the same room while the exploited optical-scan system was in use.
Riverside election integrity advocate Tom Courbat told us that Stone’s statement was “like NASA saying ‘we don’t want to test those O-Rings, it’ll only undermine the astronauts’ confidence in their space craft’.”
“The system is either secure or it is not,” Courbat said. “What is this nonsense about vulnerability testing harming voter confidence?”
As Stone desperately works to find a way to extricate himself from his own ill-conceived mess, he would do well to simply consider instead that he, and his fellow supervisors and county election officials, have been wrong all along. And the truth is that they too have no faith in the security of their own voting systems. That, despite so many years of denial to the contrary.
In truth, it’s folks like Stone and other voting machine apologists like his fellow County Supervisors and Riverside’s Registrar of Voters, Barbara Dunmore, whose disingenuous actions, statements, and complete lack of transparency — to quote Stone — “generate distrust in the democratic process and discourage voters from participating in elections.”
Stone’s hilarious letter to McPherson follows in full below…
It looks like Debra Bowen now is launching into action to go after these machine as indicated by article/interview here. A lot of good comments from here about her willing to decertify many machines, despite expenses paid for them already, and her questioning the legality/propriety of the sleepovers and the problems with inflated costs propsed by those like Marty Haas in recounts, being partially born by public financing.
Good to see her getting on the warpath!
Do we have any current email contact information for Debra Bowen? I think she needs “six or seven” thank you notes.
The contact page for the California Secretary of State – http://www.ss.ca.gov/ – still points to McPherson. I’d think that any snail mail sent to Bowen at that address would get to her after this week.
Thomas D. Elias, who wrote the article mentioned by Calipendence in #1, can be reached at
tdelias@aol.com.
BTW – I got a snail mail letter from my Representative over the holidays. He’s a co-sponsor for HR550, which is encouraging because it means he’s at least aware there is a problem with evoting – but he’s still not getting the “paper ballot vs paper trail” issue.
I’ll keep trying.
I hope Debra kicks his ass all over the county next week
by allowing all hackers to try it
Before she de-certifies the machines, of course, that way she’ll have a solid case for doing so
… Floridiot said…
I hope Debra kicks his ass all over the county next week by allowing all hackers to try it. Before she de-certifies the machines, of course, that way she’ll have a solid case for doing so
That’s funny… as if she didn’t have a solid case already from all the broken laws and regulations involved with e-voting in California.
I wonder if people became so inured to the culture of corruption that they just stopped trying to keep track of such violations…?
I think I’ll write a book about this mess. I was thinking about using satire, but this is beyond satire. One chapter (or maybe an appendix) will consist solely of stunning, mind-boggling quotes like, “Such controlled demonstrations generate distrust in the democratic process and discourage voters from participating in elections.”
If they can’t think or compute, at least they can read our lips. No, I guess that’s asking too much.
Thank you for keeping us informed and not letting this story fade away and die which is exactly what Sequoia and all the political criminals who pushed this unreliable system onto our American Democracy wish would happen. Even worse, these bastards continue to advocate this bushit system of elections banking on the misinformed, the uninformed, and a mass media watchdog that has turned into their private lap dog.
This complicit operative Stone is an official in the state of California; don’t they have a law in CA that states the citizens can force a “recall” vote for anyone previously elected? I nominate Stone for this honor…..but wait until his nose has been rubbed in a Sequoia vote-stealing machine hack first.
Patriot, while a recall of Stone would be usefull, we ARE talking about Riverside County here. The voters of that county would have to prove to me they are smart enough to know what to do — my guess is they are NOT.
Some day, people like Stone, Dunmore, McPherson, and all the rest will be tried and jailed for treason. I’m opposed to the death penalty, but will make a one-time exception for neo-cons; Republican crooks and liars; and those that have subverted the electoral process in this country, from the db criminals at ChoicePoint to the players at ES&S, Sequoia, and DieBold, to Rove and all the rest of the WH conspirators.
Really, we only need to executve a FEW to show that we care about these crimes. Then, a lot of the other petty criminals and hacks will decide it’s not worth dying just to put an idiot into power.
CharlieL
Portland, OR
Nail those criminals to the wall!
Return the voting machines and force the companies to return some of the money.
“Such controlled demonstrations generate distrust in the democratic process and discourage voters from participating in elections.”
Really, that sentence from Stone that I quoted in #5 epitomizes in nice neat form what we are up against…why the pablum for brains and seeming blindness to our concerns.
What it does is fully equate Diebold, Sequoia, and so on (and their minions) with “the democratic process” and American citizens fighting for fair, verifiable elections (people with an obvious and well-articulated case) with an attempt to subvert the “democratic process”.
Truly awesome stupidity and dumbing down; mind-boggling, but it’s the kind of thing corporate America has been working toward for years. It is amazing that it could get this far.
Personally, (and I know some of you will disagree) I think it’s not so much being a cog in the Republican machine – although it is involved – as the fact that Republicans have bought the fairy tale lock-stock-and barrel, and they think and act on faith in the corporate cult in everything they do and have great difficulty is seeing outside of it. It is a cult. I’ve known many Democrats who have also imbibed the punch.
But I’m eagerly looking forward to seeing what Debra Bowen does, as Weinberg’s column in the Sacramento Bee gave me pause awhile back. Wow, January. Now we’ll see what actually happens.
Excuse me…Weintraub, I mean.
Ok everybody, let’s lighten up on Supervisor Stone some – alright? If it were not for his challenge, we wouldn’t have the opportunity to prove how unsecure the system really is. And the letter to the Secretary of State is (although containing incorrect information and assumptions)appropriate in clarifying that there is no prohibition against doing this.
So, I say THANK YOU Supervisor Jeff Stone for standing up and being the first elected member of a governing board in the U.S. to suggest the security of the voting machines be tested in public with the media present. That is an incredible step forward.
Continuing to belittle those who are not as “into” election integrity issues as most of us are only serves to put them off and makes them less likely to listen to what we have to say. Especially when it is someone who is willing to put his butt on the line (notwithstanding that his motivation is) to prove they are secure. AND, he has now offered to pay $1,000 to charity (which I believe WE should choose) if the machine is hacked.
Just my two cents.
HI
Thanks for the blog, getting more accurate vote counts
seems to be the right thing to do, President Bush was correct in one of his African speeches when he said the only acceptable form of government is democracy. He also defined democracy, in that speech, as one vote one-person majority government. This requires every vote be counted and every vote be counted correctly and verifiable when results are questioned. In the Republic of Ireland, they seem to have a very reliable paper ballot system without using machines. They do not use the e-voting machines they bought a few years ago and have in storage. The same kind that were shown to be unreliable in Holland’s elections where the wrong results were given by the machines.
It takes more time to count in Ireland because each ballot box is opened and votes counted in front of both partisan and neutral vote observers using hand counting.
It, also, takes additional time because they count twice. They start with an overall total count with out regard to whom the votes are for because of proportional representation. This lets them know how many votes are needed to win a particular race. By this method, votes for a person are counted until he has enough votes to get a seat.
If 5 seats are being contested as soon as one candidate gets twenty percent he is elected and the ballots of other people who chose him continued to be counted using their second choice as their first choice. Everyone’s vote is counted. This way more peoples votes count in making up the legislature. If you voted for a person who already has enough votes to be elected WHEN your vote is counted then your second choice is counted as your vote in that particular race.
They do this to overcome a legislative districting map that, like in Pennsylvania, packs many voters of one party into one district where the majority wins the seat by a wide margin, but allows minority parties to win other districts by small majorities. Minorities in these cases can win majorities in the administration and legislatures, and control of public laws and policies goes to minorities. This type system is defiantly not one -vote one-person democracy government, because a minority of voters can control the legislature and policy. The extra cost in time in getting the results in one-person one vote democratic majority governments is a requirement for democracy to result from election procedures. Optical scan paper trail voting could speed up the counting if necessary, but it should be a copy of the entire ballot, not some abbreviated version.
#13 Tom — That may be, but it’s not hard to understand that “insiders” would be the primary threat to election integrity and something that should be looked into and protected against as a matter of public policy. I’d know that even if I knew nothing about Brad Blog and the election integrity issues. The inability of people in positions to do something about it; their blindness for whatever reason to see such simple things is incredibly frustrating and we are all trying to figure out such a strange and baffling condition.
Nevertheless, I understand your point.
I said before, where is he going to get all the $$$ to pay when he loses the bet?