E-vote vendors to submit software for safekeeping

27.10.2004
Von Dan Verton

With less than a week to go before the presidential election and concerns still lingering about the integrity and security of the software used by tens of thousands of electronic voting machines, five voting machine makers agreed to submit their software to the National Software Reference Library (NSRL) for safekeeping, federal officials said Tuesday.

While the move to store the software for comparison in the event of questions about the integrity of e-voting systems has been positively received, the decision comes more than three months after the U.S. Election Assistance Commission officially called on the vendors to submit their software to the NSRL.

In a July 13 advisory letter, EAC Chairman DeForest Soaries said that doing so would "facilitate the tracking of software version usage," a critical concern for some observers who say vendors have in the past installed patches and upgrades prior to and during elections without those pieces of software having been inspected.

The NSRL is designed to collect software and incorporate file profiles computed from the software into a reference data set (RDS) of information. The RDS can be used by law enforcement, government and industry organizations to review files on a computer by matching the profiles in the RDS. The U.S. National Institute of Standards and Technology will maintain the voting software library.

Soaries also said that the EAC will solicit information about suspicious electronic voting system activity, including software programming, and, if necessary, will request aggressive investigation from the U. S. Department of Justice Elections Crimes Branch. The EAC will also document incidents and record data concerning e-voting equipment malfunctions during the election.

Alfie Charles, a spokesman for Sequoia Voting Systems, said the NSRL will store "pristine copies" of vendor software "to help prepare for the inevitable challenges that take place whenever there are close elections." He also said that "this election is likely to be the most litigated and challenged contest we have ever seen."

Security experts and grass-roots voter advocacy groups, however, are skeptical of the vendor move.

Avi Rubin, a professor at Johns Hopkins University and a leading critic of the security controls put in place by e-voting system vendors, called the reference library "smoke and mirrors." The real threat to the election, he said, is that if "the code is already rigged, storing the hashes only guarantees the malicious code will be there if the hashes match."

Rubin also said he fears that the hash scheme will make it much harder to fix bugs and upgrade the systems and that binaries compiled on different platforms are not likely to match, which could create headaches for the vendors.

Kim Alexander, president of the grass-roots organization California Voter Foundation, called the submission good news, but only if there are no last-minute changes to the software.

"If there are technical problems with software vote counts on election night, it"s possible that vendors will, as they have in the past, install patches or upgrades to get the vote count started again," said Alexander. "And those patches and upgrades are rarely inspected prior to installation."

Such possibilities require election officials to plan on keeping a public audit log of all testing and software installations to ensure that there is no appearance of impropriety, Alexander said.

The Bush campaign, however, is already convinced that such appearances of impropriety are inevitable and is gearing up for what it refers to as an attempt by "shadowy forces" to stop at nothing to challenge the outcome of the election. In an e-mail Wednesday, Marc Racicot, chairman of Bush-Cheney "04 Inc., asked supporters to donate money to support the legal costs of the recount process.

"We must prepare for every possible outcome next Tuesday," wrote Racicot. "We must have the resources necessary to fight any legal battle."

But it"s not so much the potential challenges by Democrats or Republicans that has lowered voters" confidence in the integrity of the election process as it has been the reluctance of e-voting system vendors to open their software up to public inspection and scrutiny, said Rubin.

"I think that the lack of transparency on the part of the vendors is going to contribute to what has the potential to be a mess of an election," he said. "The inability to do recounts, and the refusal of the vendors to let their code be examined by experts, will compound the problems."

"We would have had at least a voter-verified paper record of every digital ballot in this election, were it not for a handful of people standing in the way of this reform," said Alexander. "The opponents of the paper trail, comprised of election officials who have purchased systems without this security feature, and, up until recently, most of the major vendors, have been objecting to this reform for years.

"So we"re in a situation now where nearly 30 percent of the nation"s voters will vote on equipment that produces results which cannot be publicly verified," Alexander continued. "And paperless touch-screens have rendered meaningful recounts impossible. That"s why so many elections officials are praying for wide margins."