California finds e-voting software had errors, data deletion functions
Diebold knew about the flaw for years
Computerworld - A report released on Monday by California's secretary of state, Debra Bowen, explains how nearly 200 votes were deleted from the official results for Humboldt County during November's presidential election, and identifies several problems with the e-voting technology from Premier Election Solutions, which was used by the county.
Among the problems identified in the report (PDF document) is one that allows operators of some e-voting machines from Premier, a Diebold subsidiary formerly called Diebold Elections Systems, to delete crucial audit logs that, under federal standards, are supposed to be stored permanently on the systems.
In addition, the report noted the version of Premier's Global Election Management System (GEMS) that was used in Humboldt County's e-voting machines failed to maintain required logs of important system events, and generated inaccurate data and time stamps in several cases.
It was not the first time Premier's e-voting machines have been at the center of a controversy. Last August, Premier initially blamed antivirus software from McAfee Inc. for a problem that resulted in its system dropping hundred of votes during the primaries in Ohio.
Later, the company changed its story and said the problem had been caused by a "logic error" in its GEMS source code, not McAfee's software.
Secretary of State Bowen's report, which was submitted to the U.S. Election Assistance Commission, said that Premier had known about the problems for at least four years but had not adequately warned the county about it. "The number of votes erroneously deleted from the election results reported by GEMS in this case greatly exceeds the maximum allowable error rate established by [Help America Vote Act]," the report noted.
The defects in the software version violate voting system standards established in 1990 and would have made the systems ineligible for use in an election had they been detected, the report said.
The secretary's office initiated the investigation after a volunteer group called the Humboldt County Election Transparency Project conducted an independent scan of all the ballots cast in the county during the presidential elections and discovered that 197 more ballots had been cast than in the official count. An inquiry into that discrepancy later led to the issue in the GEMS software.
According to the report, the error resulted from a so-called "Deck 0" flaw in the central counting server in the version of GEMS software used in Humboldt County's e-voting machines. The error "silently deletes" all tallied votes from the first batch or "deck" of ballots that is scanned into the system, the secretary's report said. The deletion results whenever an operator, at any point after the first batch of voted ballots is scanned into the system, deletes any subsequent batch for any reason, the report said.
- Learn More About Peer 1 Hosting's Mission Critical Cloud Mission Critical Cloud from Peer 1 Hosting is enterprise-ready, creating a perfect point of adoption whether you need an off-premise solution for development
- What Makes a Cloud Solution Truly Enterprise-Grade? Future enterprise cloud capabilities will evolve from five core elements...
- Mission Critical Cloud Powers Freesat Website, Mobile App When subscription-free satellite TV service Freesat needed a scalable, cost-effective infrastructure it found the disaster recovery and security features it needed with Peer...
- Bring Your Own Device: From Security to Success Download this e-Book to learn best practices for executing a BYOD policy.
- Cloud and Collaboration: Driving Your Business Value Mission Critical Cloud from Peer 1 Hosting is enterprise-grade.
- Peer 1's Mission Critical Cloud: Your Cloud, Your Way Peer 1 Hosting's Mission Critical Cloud offers the ultimate in flexible customization of infrastructure, resources and support. All Legal White Papers | Webcasts