Electronic Voting in Ireland

The Irish Commission on Electronic Voting has released a 433-page report. It's an excellent and detailed analysis of the e-voting system purchased by the Irish government.

Posted on December 21, 2004 at 9:22 AM • 7 Comments

Comments

Colm MacCarthaighDecember 21, 2004 9:53 AM

As a co-author of one the submissions (Irish Citizens for Trustworthy Evoting) - http://evoting.cs.may.ie/ - I too am impressed by the quality of the report, particularly the technical reports in the appendices.

Although the language of the report itself is lukewarm at best, the material of the report in the appendices is damning.

I and other representatives of ICTE, will be meeting with the Government Minister concerned here early in the new year. If any readers have any points they feel should be raised, feel free to e-mail them (colm stdlib.net).

Although the report mentions that the full text of the submissions are available online, they are not yet. However ICTE have collated some and they are available at;

http://evoting.cs.may.ie/cev.shtml .

I have a paper copy of all submissions, and hope to be allowed by the Commission to publish their texts in the near-future.

Paul CrowleyDecember 21, 2004 10:37 AM

The good news is that they recommend against this system, point out many vulnerabilities, and ask for much more openness. But the bad news is that they seem to think that it's just a question of overcoming some incidental problems before an all-electronic balloting system can be fielded, while as far as I know we know no way of deploying paperless voting that offers anything like the same overall security as systems that use paper.

I had been hoping to find something similar to the well chosen strong words in the similar SERVE report:

"There really is no good way to build such a voting system without a radical change in overall architecture of the Internet and the PC, or some unforeseen security breakthrough."

(http://www.servesecurityreport.org/)

sunnyMarch 23, 2006 10:39 AM

its a bloody diosgrace - what a waste of the states money!! Look at all the homelessness today and yet the government waste this money!! its terrile!!!

denisMarch 23, 2006 10:41 AM

i think the electronic voting is a waste of money!! the heroes of the easter rising wouldn't waste this kinds of money!!this kind of money could build schools for the poor etc!!

NoreenNovember 28, 2006 8:52 AM

Name some types of accessibility software and what issues are with the security i am doing my masters in this please help

Harry ReaJuly 30, 2007 8:37 PM

Perhaps you should read this!

3 voting systems faulted

A review by California's secretary of state finds that the machines can be easily hacked into, potentially putting millions of votes at risk.

Times Staff Writer

July 28, 2007

Three of California's electronic voting systems — including those used in Orange, Riverside, San Bernardino and Ventura counties — can be easily hacked into, potentially compromising millions of votes, according to a detailed review announced Friday.

Makers of Los Angeles County's InkaVote system did not submit its equipment in time, so it wasn't included, said Secretary of State Debra Bowen, who requested the study. The three systems evaluated, used by more than two-thirds of California's counties, also had problems with accessibility requirements for disabled and non-English-speaking voters.

The findings of what some believe to be one of the most comprehensive electronic voting studies to date come as California registrars rush to prepare for the state's presidential primary election Feb. 5. Bowen must analyze the report's conclusions under pressure: Her deadline to decide which equipment to use in the primary is Aug. 3.

Over two months, dozens of experts in information technology organized by the University of California tested machines made by Diebold Election Systems, Hart InterCivic and Sequoia Voting Systems. The analysts tried to infiltrate the three systems physically and electronically, without the safeguards that voting machine vendors or counties might use.

"Under these conditions, the technology and security of all three systems could be compromised," the review said.

For example: Testers accessed the insides of Sequoia machines by prying open seals or unscrewing external screws to bypass locks. The experts connected to secure data in a Diebold machine by hacking into its Windows operating system.

Testers "were able to bypass both physical and software security in every system they tested," Bowen said. "The severity of what it means, whether counties have adapted [security] procedures already … is something we have to analyze," she said.

"Our very existence as a democracy is dependent on our having voting systems that are secure, reliable and accurate."

Not all election officials agreed with the report's findings. "Right now, I don't see any smoking gun, honestly," said Stephen L. Weir, Contra Costa County's clerk-recorder and registrar of voters, and president of the California Assn. of Clerks and Election Officials. Weir criticized the review for excluding real-life security measures, such as placing a voting machine server in a secured room.

L.A. County Registrar-Recorder Conny McCormack declined to comment.

Sequoia is "very anxious to review the findings, give appropriate feedback and supply information," spokeswoman Michelle M. Shafer said. "However, we will need adequate time to dissect the reports, discuss them internally and draft our response so that we can share it, including correcting any errors and framing the report assertions in the context of an actual election environment."

Hart InterCivic offered similar criticisms of Bowen's review, saying it "demonstrates an advanced, malicious attack in a laboratory environment." The Austin-based company suggested physically securing buildings where voting machines are located as well as tightening election data delivery procedures.

Diebold also condemned the review, questioning in a letter to Bowen why no election officials were included in the testing. "We believe that when used in conjunction with proper security procedures and protocols, our voting solutions … reduce voter errors and ensure that every vote is safe, secure and accurate," a company spokesman said in a statement.

Election watchdog groups applauded the review, with one saying it corroborated the group's own findings.

"The key thing our organization is worried about is the people working inside the system," said Bev Harris, founder of Black Box Voting, a nationwide voting watchdog group based near Seattle. "It forces the citizens to put just blind trust in officials, which is not how the government works."

Bowen will hold a public hearing on the report at 10 a.m. Monday in Sacramento. The report can be found on the secretary of state's website, http://www.sos.ca.gov .

susannah.rosenblatt@latimes.com

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..