Protecting trade secrets takes priority over election transparency (was Re: [LINK] [UK] Call for e-voting to be scrapped amid security fears

Kim Holburn kim at holburn.net
Tue Jun 26 20:19:14 AEST 2007 

And in the US protecting trade secrets are more important than  
election transparency:

http://arstechnica.com/news.ars/post/20070625-florida-appeals-court- 
says-trade-secret-protection-takes-priority-over-election- 
transparency.html

> Court: Protecting trade secrets takes priority over election  
> transparency
>
> By Ryan Paul | Published: June 25, 2007 - 08:26AM CT
>
> A Florida appeals court has upheld a lower court decision that  
> denies requests for an independent source code audit of voting  
> machines used by Florida's 13th district, which suffered election  
> irregularities in a highly controversial congressional race. The  
> appeals court has chosen to support a lower court decision which  
> asserts that forcing voting machine maker Election Systems and  
> Software (ES&S) to provide source code access to independent  
> security auditors would amount to "gutting the protections afforded  
> those who own trade secrets."
>
> It all started when candidate Christine Jennings lost to Rep. Vern  
> Buchanan by only 368 votes in a House race last year, the slimmest  
> margin of any congressional race in the country. Irregularities in  
> the election, particularly high undervote rates, caused Jennings to  
> express doubts about the validity of the outcome. During the  
> election, approximately 15 percent (or 18,000) of the total ballots  
> cast in the district did not include a vote in the disputed race.  
> By comparison, the absentee ballots in the same district and  
> regular paper ballots used in neighboring districts only exhibit a  
> 2 percent undervote rate for congressional races. The high  
> undervote rates have been attributed to the ES&S iVotronic machines  
> used in the 13th district.
>
> Although efforts to get the state to force ES&S to submit to  
> additional independent code audits have failed, a bipartisan  
> congressional task force working closely with the Government  
> Accountability Office is actively scrutinizing the circumstances  
> surrounding election irregularities in Florida's 13th district, and  
> may decide to subpoena ES&S. The congressional task force plans to  
> issue a progress report late next month, but the entire  
> investigation is expected to last until September.


> A bill that was approved by the House Committee on Administration  
> last month includes source code disclosure requirements which  
> stipulate that voting machine makers would be required to disclose  
> their code to independent third-party auditors who may be required  
> to sign nondisclosure agreements. As Tim Lee pointed out in his  
> article on the subject last month, independent code audit  
> requirements are important for election transparency, but  
> nondisclosure agreements would prevent broad public analysis of  
> source code and could potentially be used to intimidate security  
> analysts. Considering the high level of vulnerability exhibited by  
> mainstream electronic voting technology, Congress needs to do all  
> that it can to help the states protect themselves from faulty  
> products.


On 2007/Jun/26, at 10:57 AM, Bernard Robertson-Dunn wrote:

> Call for e-voting to be scrapped amid security fears
> Official observers express "deep concerns" after May election trials
> Silicon.com
> By Andy McCue
> Published: Monday 25 June 2007
> http://newsletters.silicon.cneteu.net/t/209666/642015/407475/0/
>
> Privacy campaigners have called for any further e-voting trials to  
> be scrapped after uncovering evidence of poor security, inadequate  
> audit trails, equipment failures and an over-dependence on  
> technology suppliers during the May local elections.
>
> The Open Rights Group (ORG) had a team of 25 officially accredited  
> election observers at the e-voting and e-counting pilots and has  
> expressed "deep concern" about the use of the technology in a  
> report of its findings.
>
> Five councils offered internet and telephone voting and six  
> authorities were approved to use electronic counting technology at  
> the May local elections.
>
> Numerous problems were observed with the e-voting technologies by  
> the ORG. In Swindon laptops and live electronic voting registers  
> were unreliable and kept crashing, while in Rushmoor an online  
> ballot paper temporarily included a Labour party logo next to the  
> Conservative party candidate.
>
> The observers also found evidence of weak physical security of the  
> e-voting equipment, such as PCs with open ports and networking  
> devices in openly accessible public areas.
>
> Additional concerns are raised in the report about the alleged  
> vulnerability of the system used to host internet voting for  
> Rushmoor and South Buckinghamshire authorities. According to the  
> report, the system could potentially allow hackers to steal  
> authentication details, monitor how someone had cast their vote or  
> change the contents of the online ballot paper.
>
> The e-counting technology fared no better with observers describing  
> "chaotic scenes" that led to significant delays in the declaration  
> of election results. Problems included scanner malfunctions and  
> software errors.
>
> All of this was compounded by a lack of technical knowledge among  
> the returning officers responsible for ensuring the vote count is  
> accurate and declaring the results, which led to a dangerous over- 
> dependence on the suppliers of the equipment.
>
> The ORG report said the actions of some vendors in trying to fix  
> problems that arose on the day with the e-voting and e-counting  
> equipment left a lack of a reliable audit trail.
>
> The report said: "Returning officers and their deputies were  
> observed to have little or no technical knowledge, leaving them  
> unable to judge the quality of the technologies supplied. They were  
> unable to monitor technical issues - and hence hold their suppliers  
> to account."
>
> The ORG is now calling for a halt in any further use of e-voting  
> and e-counting technology until it is proven to be more robust,  
> reliable and transparent.
>
> Jason Kitcat, ORG's e-voting co-ordinator, said in the report: "We  
> were surprised by the scale of the problems our team observed on  
> polling day. Despite our best efforts, we have been unable to  
> verify the accuracy of the elections we monitored."
>
> -- 
> Regards
> brd
>
> Bernard Robertson-Dunn
> Sydney Australia
> brd at iimetro.com.au
>
>
>
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link

--
Kim Holburn
IT Network & Security Consultant
Ph: +39 06 855 4294  M: +39 3494957443
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request

Democracy imposed from without is the severest form of tyranny.
                           -- Lloyd Biggle, Jr. Analog, Apr 1961

More information about the Link mailing list