The machines are the AccuVote-TSx touch screen and the AccuVote-OS optical scan devices. California Secretary of State Bruce McPherson announced Feb. 17 that he had given conditional approval for the gear with the proviso that special security procedures be observed when using it. Additionally, in the long term, Diebold must fix the security vulnerabilities if it wishes to keep its certification.
California, like a number of other states, will use these machines to comply with the Help America Vote Act (HAVA), which stipulates that every voting precinct have a touch screen or optical scan system that is handicapped-accessible. States that are non-compliant, such as New York, face legal action from the U.S. Department of Justice.
Over the past few months, California has been scrambling to attain compliance and working to certify voting machine vendors. However, there have been questions around the security of Diebold's machines, including the AccuVote-OS, in particular. That hardware was the subject of high-profile hacks by experts. So, as part of the California certification process, which included both state and federal reviews of the devices, the state sponsored special testing on the source code in the Diebold systems' memory cards by a Voting Systems Technology Advisory Board. Working with the board were computer scientists from the University of California at Berkeley.
According to McPherson's spokeswoman, these reviewers are among "some of the harshest critics" of electronic voting machines. Their findings indicated the machines had security vulnerabilities that could be mitigated by using best practices, she said.
As part of the certification, McPherson is mandating that any county employing the Diebold gear implement a set of new security procedures, which will also require poll working re-training. The mandates require that administrators reset the cryptographic keys on every AccuVote-TSx machine from the factory-installed default prior to use in an election. Additionally, each memory card must be programmed in a secured facility under the supervision of the registrar of voters. After being programmed for the election, the card must immediately be inserted into its device and sealed.