E-voting Security Under Fire in San Diego Lawsuit
Machine practices, reliability in doubt
Computerworld - A lawsuit has arisen over alleged breaches in security procedures around electronic voting machines in San Diego County following a hotly contested congressional election, casting doubt on the reliability of the machines themselves.
The suit, filed on July 31, requests that a special election on June 6 to fill the 50th Congressional District seat be invalidated. It also seeks a complete manual recount of the paper ballots, said Paul Lehto, an Everett, Wash.-based attorney handling the case. The suit was filed in Superior Court in San Diego and names Mikel Haas, county registrar of voters, and Brian Bilbray, the winner of the seat, as defendants. San Diego voters used AccuVote optical-scan and TSx touch-screen systems from Diebold Election Systems.
Whatever the specific merits of the suit, it could heighten some citizens' concerns for e-voting technology if critics' claims of the inherent security deficiencies get debated in court during the run-up to the fall elections.
One of the main points raised by the suit was the so-called sleepover policy, under which Haas directed that all the machines be released to poll-worker supervisors before the election. The "sleepovers" in the homes of the supervisors lasted from three days to more than a week.
"During these sleepovers, the voting machines were unsecured, subject to access by innumerable neighbors, strangers and family members, and stored without records or proof of actual chain of custody, eliminating the ability of any person to detect whether or not fraud or improper access to the voting machines occurred," according to the lawsuit.
"The sleepover issue is fairly egregious," said Lehto. Tampering with one card in one device conceivably could change race results, he said.
The suit alleges that keys for touch-screen voting machines were released to poll workers -- which is a violation of state and federal law. It also accuses Haas of suppressing or not collecting relevant materials, such as audit logs and electronic programs and ballots, for potential review after the election. In addition, the suit cites a recent report alleging that testers discovered a "heretofore unknown switch" in the circuitry of the Diebold TS touch-screen system, the predecessor to the TSx. This feature allows the machine to boot from an external source, circumventing the software and safeguards inside.
Haas declined to comment in detail about the suit, citing pending litigation, but he defended the sleepover practice as being common in California and other states.
"Supervising poll-workers take all supplies home following a training class so they are prepared. They are directed to keep it [the machine] secure," he said.
- 18 Hot IT Certifications for 2014
- CIOs Opting for IT Contractors Over Hiring Full-Time Staff
- 12 Best Free iOS 7 Holiday Shopping Apps
- For CMOs Big Data Can Lead to Big Profits
- Slideshow: 5 ways to lock down your mobile device
- Slideshow: 10 mistakes companies make after a data breach
- How to rob a bank: A social engineering walk through
- Which smartphone is the most secure?
If you like your iPhone, you can keep your iPhone. Period.
President Obama has revealed that he's not permitted to carry an iPhone. It's too insecure for the job, he says. Instead, he's stuck with a BlackBerry. Well, someone's got to have one still. However, it turns out that the Pentagon has also outlawed non-BlackBerry smartphones. In IT Blogwatch, bloggers joke that 2006 called and they want their smartphones back.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Mitigating DDoS Attacks with F5 Technology
- This document examines various DDoS attack methods and the application of specific ADC technologies to block attacks in the DDoS threat spectrum while...
- The DDoS Threat Spectrum
- Bolstered by favorable economics, today's global botnets are using distributed denial-of-service (DDoS) attacks to target firewalls, web services, and applications, often simultaneously.
- Defending Against Denial of Service Attacks
- By utilizing end-user interviews, this whitepaper explores a deeper understanding of DDoS defense plans and reveals the knowledge gaps around the Denial of...
- Strategic Solutions for Government IT
- This paper outlines why F5 is the optimum partner to help achieve the levels of security, performance and availability that are vital to...
- Leveraging Managed Security Services to Fight Growing Cybersecurity Threats
- IT Infrastructure-as-a-Service enables agile responses to constantly changing threats. All Government IT White Papers
- Video: 5 Secrets To Scaling Enterprise Apps Watch this video to learn how to successfully scale enterprise apps>>
- Collaboration 2013: Where Mobility Meets Connectivity Mobility and collaboration are quickly converging and users are demanding more capabilities. It's no longer enough to enable file sharing. This Webcast dives...
- Modernizing SAP environments with minimum risk - a path to Big Data Hear from top IDC analyst, Richard Villars, about the path you can start taking now to enable your organization to get the benefits...
- The Power of the Citrix Mobility Solution, XenMobile Does everything become a smartphone? Or does the smartphone begin to do everything? How can we afford to support BYOD? Rather, how can...
- BYOD Happens: How to Secure Mobility How to navigate the journey of securing mobility, including the BYOD corruption of IT, the top ten mobility strategies, and the mobility management...
- All Government IT Webcasts
Does your organization offer extensive benefits, cool perks, competitive salaries, opportunities for training and advancement? Then get it recognized!
Nominate your company or another deserving organization for Computerworld's 2014 Best Places to Work in IT list now through Dec. 12, 2013.