California finds e-voting software had errors, data deletion functions
Diebold knew about the flaw for years
Computerworld - A report released on Monday by California's secretary of state, Debra Bowen, explains how nearly 200 votes were deleted from the official results for Humboldt County during November's presidential election, and identifies several problems with the e-voting technology from Premier Election Solutions, which was used by the county.
Among the problems identified in the report (PDF document) is one that allows operators of some e-voting machines from Premier, a Diebold subsidiary formerly called Diebold Elections Systems, to delete crucial audit logs that, under federal standards, are supposed to be stored permanently on the systems.
In addition, the report noted the version of Premier's Global Election Management System (GEMS) that was used in Humboldt County's e-voting machines failed to maintain required logs of important system events, and generated inaccurate data and time stamps in several cases.
It was not the first time Premier's e-voting machines have been at the center of a controversy. Last August, Premier initially blamed antivirus software from McAfee Inc. for a problem that resulted in its system dropping hundred of votes during the primaries in Ohio.
Later, the company changed its story and said the problem had been caused by a "logic error" in its GEMS source code, not McAfee's software.
Secretary of State Bowen's report, which was submitted to the U.S. Election Assistance Commission, said that Premier had known about the problems for at least four years but had not adequately warned the county about it. "The number of votes erroneously deleted from the election results reported by GEMS in this case greatly exceeds the maximum allowable error rate established by [Help America Vote Act]," the report noted.
The defects in the software version violate voting system standards established in 1990 and would have made the systems ineligible for use in an election had they been detected, the report said.
The secretary's office initiated the investigation after a volunteer group called the Humboldt County Election Transparency Project conducted an independent scan of all the ballots cast in the county during the presidential elections and discovered that 197 more ballots had been cast than in the official count. An inquiry into that discrepancy later led to the issue in the GEMS software.
According to the report, the error resulted from a so-called "Deck 0" flaw in the central counting server in the version of GEMS software used in Humboldt County's e-voting machines. The error "silently deletes" all tallied votes from the first batch or "deck" of ballots that is scanned into the system, the secretary's report said. The deletion results whenever an operator, at any point after the first batch of voted ballots is scanned into the system, deletes any subsequent batch for any reason, the report said.
- Path Selection Infographic Path Selection Infographic
- Hyperconvergence Infographic A wide range of observers agree that data centers are now entering an era of "hyperconvergence" that will raise network traffic levels faster...
- Preparing Your Infrastructure for the Hyperconvergence Era From cloud computing and virtualization to mobility and unified communications, an array of innovative technologies is transforming today's data centers.
- How WAN Optimization Helps Enterprises Reduce Costs If you wanted to break down innovation into a tidy equation, it might go something like this: Technology + Connectivity = Productivity. Productivity...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Legal White Papers | Webcasts