She’s hinted as much previously, and her new security requirements issued in the wake of her landmark “Top-to-Bottom Review” of e-voting systems would seem to preclude them, but CA Secretary of State, Debra Bowen has now given her most direct comment to date on the matter of voting machine “sleepovers”.
“Sleepovers don’t comply with the security requirements,” Bowen said in response to a question we submitted on the matter during a conference call with the Secretary sponsored by the Courage Campaign.
“It’s really simple,” she added, after a pause following her immediate, direct reply to the question.
She went on to explain how unauthorized access to a single machine, by a single person, could allow an entire county’s election to be flipped, putting everyone’s election at risk.
The complete question and Bowen’s full answer is transcribed at the end of this article.
The matter of voting machine “sleepovers” — the practice of sending pre-programmed, election-ready voting systems home with pollworkers, often days and weeks prior to elections, for deliver to polls on Election Day — first became a controversy last year after The BRAD BLOG exposed the issue as it occurred during San Diego’s special election to replace disgraced Republican U.S. House Rep. Randy “Duke” Cunningham. Our exhaustive coverage (see: Busby/Bilbray category) of the resulting scandal, continued throughout some 100 articles here.
The special election in San Diego was the first federal contest to have taken place after several analysis of Diebold’s e-voting system found that the systems utilized undisclosed software code prohibited by federal standards. The particular type of code is banned at the federal level since it can be exploited to flip an election undetectably.
Subsequent studies at Princeton University and elsewhere revealed that inappropriate access by a single person, to a single machine, could virally affect every other machine used across the same county.
The revelations made the notion of voting machine “sleepovers” all the more stunning to those of us who recognized the remarkable threat the practice posed to the security of our elections…
After discovery of the Diebold security hole in late 2005 — captured live on video and seen being exploited to flip a mock election during HBO’s Emmy-nominated documentary, Hacking Democracy — the extraordinary vulnerabilities would later be confirmed [PDF] by then-Secretary of State Bruce McPherson’s own team of computer scientists at UC Berkeley. New security requirements for such systems were then mandated by federal authorities.
McPherson, however, refused to enforce them during the subsequent 2006 general election.
Several counties, including San Diego — whose then-Registrar Mikel Haas had previously admitted the practice didn’t meet the federal authority’s requirement for secure chain of custody for such machines — continued to send the vulnerable voting systems home with pollworkers nonetheless, for as many as three weeks prior to the 2006 general election.
Last Friday, the issue of “sleepovers” came up during a live radio interview with Santa Cruz County Clerk Gail Pellerin. She told us she planned to send her touch-screen machines, made by Sequoia Voting Systems, home on “sleepovers” again next year with pollworkers despite Bowen having found that Sequoia’s machines contained the same vulnerabilities as the systems made by Diebold.
As part of the strict new security requirements issued for the use of such machines (Diebold’s here, Sequoia’s here, both PDFs) Bowen has now explicitly required that secure chain of custody procedures be overseen by two election officials at all times (“the two-person rule”).
According to those requirements, “any piece of voting equipment for which the chain of custody has been compromised” must be “removed from service immediately.” Memory cards used in the device are to be removed, and “all device software and firmware must be reinstalled from a read-only version of the approved firmware and software supplied directly by the federal testing laboratory or the Secretary of State before the equipment is placed back into service.”
After informing Pellerin of Bowen’s comments last night, Pellerin has indicated to The BRAD BLOG that she’ll be rethinking the practice and exploring other options for deploying voting systems in Santa Cruz.
Just prior to her inauguration as Secretary of State earlier this year, Bowen had stated that she believed “sleepovers are illegal.” Her answer to the question on the controversial issue during Monday night’s conference call, however, was her first such direct, detailed response on the matter since taking office last January and since the release of the results of her “Top-to-Bottom Review” last month.
The practice of voting equipment “sleepovers” is not a new one in California, or in other states around the country. Unlike the old paper ballot systems, however — where a single person could not affect an entire election — new, more vulnerable e-voting equipment has made the issue a major national concern.
Our reporting on the matter at The BRAD BLOG in the Summer of 2006 led to coverage by Lou Dobbs Tonight on CNN. Their story featured a pollworker from San Diego who we first reported on after she had stored voting machines in her garage prior to the special election. Dobbs’s report characterized the practice as “mind-boggling.” (Video, text-transcript here.)
DNC Chairman Howard Dean then decried the practice during an appearance in San Diego and Bowen herself illustrated the dangers presented by “sleepovers” in a campaign video depicting hackers breaking into a poll worker’s garage in order to violate one of the machines.
Freddie Oakley, Clerk-Recorder of Yolo County, was one of California’s only county election officials to publicly recognize the dangers of “sleepovers.” Just after our initial reports, in June of 2006, she posted an email comment in reply to discussion of the matter and on the question of how delivery of such systems to polling places could be handled securely without the use of “sleepovers.”
“As an election official, I understand the practical issues involved here perfectly,” she wrote. “I am strongly of the opinion that it is exactly this kind of practical issue that should give election officials serious reservations about deploying electronic voting machines.”
“If, as a practical matter,” Oakley continued, “[e-voting machines deployed prior to an election] can’t be secured, then perhaps they ought not be used at all. Period.”
Whether such machines can be used safely, with or without “sleepovers,” is of growing concern across the nation. Now that the California Secretary of State has spoken directly to the practice, only time will tell how state election officials will change their procedures in order to meet the state’s new requirements for the use of such systems.
Pellerin has promised to return for another radio appearance this Friday at 5pm PT, during our weekly guest slot on The Peter B. Collins Show. No doubt, the issue of “sleepovers” will be one of several interesting follow-up discussions with the Santa Cruz County Clerk.
Either way, it’s good to see that such issues are finally being the given the attention they deserve by the state’s chief election official. It’s good to have a new sheriff in town.
The complete question on “sleepovers” and the answer given by CA Sec. of State Debra Bowen, as heard on the Courage Campaign conference call on 9/17/07, follows below…
SEC. OF STATE DEBRA BOWEN: Sleepovers don’t comply with the security requirements.
(pause)
It’s really simple.
You know, I mean for everyone who’s argued that ‘security by obscurity’ is what keeps our votes safe, in other words, that nobody has access to the equipment, having anything out there for days or weeks before just goes in exactly the wrong direction.
And I don’t want this to be seen as a slam at pollworkers. Because if 99.999% of pollworkers are honest — and probably more than that are — that’s terrific. But all it takes is one person somewhere who uses a particular kind of equipment. And because these, the machines, are exactly the same wherever they’re used throughout the world, if there is access, unauthorized access to one piece of polling place equipment that allows somebody to figure out a hack or to change something then everybody else anywhere in the world who uses that equipment is potentially at risk.
So security needs to be layered. I believe it should be built into the equipment. It also ought to be enhanced by physical security measures including delivery of equipment on the morning of an election or secure custody using the two-person rule.
UPDATE: The complete audio of the conference call is now available below. Courage Campaign has posted the complete transcript here…
The republicans, since BIG BROTHER became a member of their party, have been having trouble with sleep overs.
This guy is going to use a defense that he thought it was an EVM sleepover, not a 5 year old child sleepover.
Debra Bowen: Always fighting back! A Democrat with SPINE! Thank you! I should’ve known Debra Bowen would ONCE AGAIN fight back, why should I expect anything different from her?
Bravo Debbie. Hit ’em where it hurts.
{Ed Note: Identical, off-topic, multiple-posted spam comment once again deleted. After multiple polite warnings, which you have ignored, to not spam comments here, Kyle, your posts will now be moderated. — BF}
It’s not just “sleepovers” that are the problem. I’m a high school teacher and my school is the local voting location for the precinct and the machines are routinely delivered a day or two before the election and picked up a few days later. They’re just sitting in our staff lounge with absolutely NO security.
Just sayin’…
OH SoS Brunner claims do be doing further work in this vein, and also claims to be in contact with Bowen. We’ll see, but time’s running out. There are elections in a couple spots this month.
I referred her office to this site.
Ummmm….So much how much of your tax money can we count on to hire the extra personnel, gas and vehicles to deliver ALL election supplies to the polling locations on election day?
You people still live in a fantasy world. Don’t be contrainian just because your ideology demands it…solve the problem.
And going back to punch cards read by hand…is not a solution.
{Ed Note: As “OMSmedia” doesn’t seem to believe in full disclosure – or transparency of any kind apparently- it’s left to us to point out that he is, in fact Don Haas, the brother of Mikel Haas, San Diego’s disgraced Registrar of Voters and champion of voting machine “sleepovers”. Don has a known history of hating democracy of all types. See my comments in response to his farther down this thread. – BF}
Republicans Block Voting Machine Testing in Ohio
http://dailykos.com/storyonly/2.../18/34338/6447
As I said before I ain’t ready to BBQ Bowen.
But…
If they violated state law already, then why not REVOKE the people and things elected, and THEIR votes from ALL legislation and appointees? (and any other stuff I seem to be missing here) I mean hell, you allowed these UNELECTED to change government, now that we know they broke the law, change it back. Or is breaking the law with slap on the wrist charges now an acceptable way to gain a coup in government?
I got to be honest. As Mr. Ed so well put above.. TIME IS RUNNING OUT. and not just in his local precinct.
Continue things as usual, and we are all living on borrowed time.
This VAST MINORITY of oath of office breaking thugs, needs to be cleansed. And I PERSONALLY am sick of waiting for it to happen. Step up to the plate and JUST DO IT.
To Cleanse them non-violently, I’d PREFER.
But, If you hold your tongue, you will be punked next.
Going off topic now.
Just like that poor guy (“hit by the 50KV non-lethal weapon Florida student”) at the Kerry Speech for asking questions, while the guy at the right made motions to CUT, waiving his hands at his neck.
http://www.youtube.com/watch?v=6bVa6jn4rpE
Any Journalists out there?
I got some questions about that suit.
Who was that guy?
His name?
His authority?
His government office? (if any)
Why was he there?
Why stationed, allowed to stand next to the cops?
Who all, did he motion to?
And what did he say afterwards?
And shouldn’t HE be charge for inciting a riot?
Notice HE TOOK the microphone away?
WHO IS HE?!
But this won’t make it past the OJ simpson trial (another friggin 5 year circus?) nor will the DC protests for that matter.
My personal feelings is that I want to kill. My moral values say don’t kill until they cross the line with you personally.
Meanwhile, The CURRENT damage is done.
100% bypassing of the constitution
100% fascism
100% war profiteering
100% police state
100% control of the elections
100% control of media
We are not free anymore. People that say we are free and nothing is wrong are just part of the VAST MINORITY. But pretend to be the MORAL MAJORITY. Otherwise you’d see that guy’s face with a camera in it, asking him the questions I asked above.
There’s a couple freaks out there that say the “student” wasn’t tased. If he wasn’t tased then what was that clicking sound?
#7 OMSMedia
Ask yourself this.
How could you have an election, in your PERSONAL neighborhood, without electricity, and without communications?
How can you ensure it’s honest?
How can you then pass this information to then next city?
If the information is corrupted by gun play, what measures do you have to undo the corruption?
Do you re-vote?
Do you remove candidates from office?
Or do you shut up?
Bonus question what part of the constitution has been removed from you? (in the hypothetical context above where your forced to vote in DAYLIGHT, and in real life right now?)
Voting machine “sleepovers” — the practice of sending pre-programmed, election-ready voting systems home with poll workers, days or weeks prior to elections — is a critical chain of custody security issue.
But are “sleepovers” any worse than a county contracting a local freight hauling company to pick up pre-programmed, election-ready voting systems from the election office to deliver them to often unguarded polling locations all over the county up to a week before election day?
Or, are “sleepovers” worse than leaving voting machines in unguarded early voting locations every night during the two-week long early voting period?
Such are common voting machine transport and storage practices all over the United States. Does “security seal tape” really protect the voting machines from memory card software tampering as they sit unguarded in these voting venues? I say no!
Voting machine chain of custody security issues, critical as they are, may be like worrying about how securely the barn door is locked after the horses have already been stolen. The software most likely to steal elections is the BALLOT SOFTWARE loaded on optical ballot scan and DRE touch-screen voting machines in the county elections office warehouse before the machines are even sealed with security tape and transported to polling locations.
Ballot definition software is constructed for each voting precinct for each specific election and contains all the ballot details for that election. The DRE touch-screen and optical ballot scan machines use the ballot definitions to determine how selections on the touch-screen or paper ballot are interpreted and recorded in the vote database, and how election results are tallied.
“Ballot definition software” is most often written by temporary contract programmers and typically undergoes minimal testing and no independent audit by election officials. It is this software that is best able to steal elections!
Last November there were 1,142 counties using DRE voting machines and 1,752 counties using optical scanners. This tabulates to 2,894 counties and 161,111 voting precincts that depend on ballot definition software written in weeks and days just before the election last November. That adds up to a lot programmers writing a lot of “last minute” ballot software that election officials never visually audit or comprehensively test. (This is how 18,000 iVotronic machine votes can go missing as in Florida’s 13th congressional district last November)
Some counties have hundreds of ballot styles, and each one must be programmed correctly since the number of votes cast on each errant ballot style magnifies human error at this point.
The process of creating the ballot definition and vote tallying software is so complex that many counties contract the work to voting machine vendors and local temporary contract programmers.
Voting machine vendors themselves do not maintain a staff of programmers large enough to write all the ballot definition software for all the voting precincts of all its county election administration customers across the U.S. Therefore, Voting machine vendors themselves must contract out the programming of ballot definition and vote tallying software for its customers.
Who checks the credentials of all these contract programmers writing “last minute” ballot software? Who asks if contract programmers also work for a political party or candidate up for election or if they have criminal records? Who performs detailed audits of the software they write? The frightening answer to all questions is – no one!
Whether voting machine vendors or local contract programmers write ballot definition and vote tallying software, typically, local contract programmers are temporarily hired to load the ballot definition software on to the voting machine memory cards of each and every voting machine.
Local election officials are not computer scientists; They can neither adequately assess the competence and veracity of local temporary contractor programmers hired to work on voting machines nor review and assess new software destined to be installed on their eVoting machines. In actuality, local election officials cannot verify that a contractor programmer’s work is bug free or that they did not nefariously write a few extra lines of software code that activates only on election day to flip votes or rig vote totals on a central tabulator and then self delete at the end of the election day.
DRE touch-screen and optical scan ballot counting machine “physical access security procedures” and “security seals” can never guard against incorrectly written ballot definition software. The frightening truth is ballot software is seldom tested by election office officials and can never be tested by polling place election judges and citizen observers to ensure that the ballot definition software is free of error, either inadvertent or malicious. The more that software is used in the administration of an election, the more election officials hand control of elections over to unchecked computer programmers.
It would be so easy for a political partisan to entice or plant a few willing temporary contractor programmers working with voting machine vendors or directly for key local election offices to stuff the software ballot box as they perform their legitimate programming duties. Even just a few motivated partisan programmers each working independently could easily throw an election into even deeper chaos than happen in Palm Beach County FL in November 2000 with rigged punch card ballots.
The software access and review language in the current version of H.R. 811 does not specifically address ballot definition software written directly by or for each county election office just before each election. Therefore, local county election officials can continue to refuse requests to review the exact software running on each and every optical scan and DRE voting machine on election day. But, it is this locally written and handled software that is best able to steal elections!
James #5 said
I hope you will officially notify the Secretary of State’s office about this apparent breach in secure chain of custody!
“OMSMedia” (who always fails to offer the full disclosure that he is the brother of San Diego’s former Registrar and “sleepover” champ, Mikel Haas) asked:
Well, let’s see. If we stand down in Iraq for exactly a week and a half, we’d have covered the $3 billion that your Republican heroes allocated in HAVA to “reform” the entire nations electoral system.
Of course, if we got that money back from your brother’s voting machine company benefactors, we’d easily be able to pay for new systems, which don’t require this kind of insane security, or otherwise, you can call off your Iraq War for three days and come up with another billion, which would more than enough cover the bill.
Beyond that, I suppose your suggestion is that we toss democracy overboard in America, because having legitimate elections would just be too costly for the tax payer.
(Seriously, you call yourself an American, right?)
I’ve been working hard to do just that, while you and your brother do all that you can to continue on your anti-democratic, unAmerican campaign.
Nobody ever said it was. Though it would lead to far more accurate, transparent and secure elections than the ones that you and your brother have forced on San Diegans who deserve far better.
Michael Dean #11 wrote:
The California Secretary of State agrees with you, Michael.
Her startling summary of security vulnerabilities listed in her decert/recert doc [PDF] for the failed Sequoia voting systems speaks to the point quite directly:
im sitting in merry old england watching with avid interest because we have a saying over here “if its in the states now, it’ll be here next week” i cant believe omsmedia has the nerve to try and rub your nose in such a derisive manner. would’nt it be nice if the said programmers decided enoughs enough and didn’t play ball “never in the field of human conflict has so much been owed by so few to so many”
Like Elder Flower (#15) I am also in England, and, like him/her, I also expect that we will soon see the same shenanigans introduced into our elections, given New Labor’s determination to stay in power for ever. I find it telling that there has been virtually no reporting of this issue in the British mainstream media even though it casts grave doubt on the democratic legitimacy of the Bush administration and the direction in which it has taken not only the American people but also (thanks to Tony Blair) we Brits at the end of Bush’s leash.
The brazenness of your Republican officials, who, by their resistance to implementing even rudimentary security safeguards, all but admit that they rig elections, is both shocking and frightening. In fact, I wonder if your country isn’t now corrupted beyond repair.
Debra shows how one should fight against those cheating Repugs.
Okay, so now NWO hacks can’t do sleepovers with Diebold machines. Someone tell that to “Jocko” Bush, who’s now dangling the human future over an 11th floor balcony.