Score one for the good guys - maybe
Aug. 12th, 2003 03:07 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
khaosworksE-Vote Machines Face Audit
By Kim Zetter
02:00 AM Aug. 12, 2003 PT
After weeks of defending itself against charges of bad programming and lax security, Diebold Election Systems is facing an independent, third-party audit of the software for its touch-screen voting machines.I too, would like to see a public report - particularly since any alterations made to the Maryland machines as a result of SAIC's audit would not necessarily be made to other states' machines. So it's up to you who live in states switching to e-voting to get on the horn to your represenatives and get them to subject those machines to independent audits, also.
Maryland Gov. Robert L. Erhlich Jr. ordered the review after researchers at Johns Hopkins University and Rice University released a report (PDF) last month revealing numerous programming flaws and security vulnerabilities in the source code for Diebold's AccuVote-TS voting machines.
In March 2002, Maryland purchased more than 5,000 Diebold touch-screen terminals at a cost of $17 million. The machines were used in four counties in the state election that year.
Then last month, just days before the university report came out, Maryland awarded Diebold a $55.6 million contract to provide and service 11,000 additional Diebold machines to be used throughout the state for next spring's presidential primary.
But publicity about security flaws has caused the state to seek a thorough review of the software before proceeding with the order.
"Government has no more fundamental obligation than to ensure the integrity of the democratic election process," Ehrlich said in a statement released from his office. "In an effort to strengthen public confidence in Maryland's election process, I have ordered a thorough, fully independent review of the Diebold system by a third party leader in information security."
Maryland is the first state to adopt a unified electronic voting system statewide. The success of electronic voting machines there likely will result in additional lucrative contracts for Diebold around the country.
The audit is the first to be conducted on the entire range of AccuVote-TS software -- the Johns Hopkins report focused only on software for the touch-screen terminal and not on backend software that tabulates, compiles and prints final votes.
Science Applications International Corp., or SAIC, will conduct the audit. The San Diego-based company has a standing contract to vet new software purchased by the state of Maryland, so its role in the audit is not a surprise.
According to Diebold spokesman Mike Jacobsen, the company granted SAIC access to the source code after the group signed a nondisclosure agreement. The report is expected to be completed in about three weeks but likely will remain closed to the public. Critics of electronic voting will watch closely to see if Maryland goes through with its purchase of Diebold's equipment.
Jacobsen said, "We're confident that no problems will arise from the review. But should the third-party audit require action on our part, we're going to work very closely with the state of Maryland to make sure that their needs are met."
When asked whether any alterations made to the software used by Maryland will also be made to electronic machines already purchased by other states, Jacobsen replied: "This review is for Maryland. No other state has found the need to enact that kind of review at this time."
He added, "Were going to work very hard with all of the states to make sure that their needs are met, that they're as comfortable with the security of our system as we are."
Cindy Cohn, legal director at the Electronic Frontier Foundation, said the audit is a good first step but wants the report made public.
"I would like the review to be more open so that ordinary people can see what testing was done and what the results were," she said. "There's a list of things that the university teams found and I'd like to see a point-by-point response to it from SAIC."
Anyway, this is a victory, right? At least there's an independent audit being done. But - there's always a but here, I'm not so sure about the independence of SAIC, which is a corporation with very close ties to the military-industrial complex:
This privately held company with 20,000 employees and 450 offices around the globe has close ties to the Defense Department and intelligence agencies. Its current board of directors includes former National Security Agency chief Bobby Inman, former Defense Secretary Melvin Laird, and the former head of research and development for the Pentagon, Donald Hicks. Ex-CIA Director Robert Gates, Secretary of Defense William Perry, and CIA Director John Deutch have been past members. Eighty-three percent of the company's $2 billion annual revenue comes from government contracts, including defense, intelligence, and law enforcement contracts. It is designing new information systems for the Pentagon, helping to automate the FBI's computerized fingerprint identification system, and last year won a $200 million contract to provide "information support'' to the Internal Revenue Service.(source: mediafilter.org)
So basically it's a private spook operation with very close ties to the military and intelligence communities. SAIC has also been accused of shady dealings in Venezuela, and in 2000, they were involved in a joint venture with our old pals Halliburton - when Dick Cheney was still with the company, mind you. So from Dick to Bush to Florida's voting frauds...
So the question is, given all these incestuous connections, how independent can SAIC's audit be? Make the report public.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2003-08-12 12:31 pm (UTC)That said, I'd like to see the report made public too.