Freedom of Information requests at http://www.blackboxvoting.org have
unearthed two Ciber certification reports indicating that security and
tamperability was not tested and that several state elections directors, a
secretary of state, and Dr. Britain Williams signed off on the report anyway,
certifying it.
The documents, posted at Black Box Voting (.ORG) show that Ciber Labs' Shawn
Southworth used a conformance chart specifying FEC regulations, marking each
test item "pass" or "fail."
Southworth "tested" whether every candidate on the ballot has a name. But we
were shocked to find out that, when asked the most important question - about
vulnerable entry points - Southworth's report says "not reviewed."
Ciber "tested" whether the manual gives a description of the voting system.
But when asked to identify methods of attack (which we think the American voter
would consider pretty important), the top-secret report says "not
applicable."
Ciber "tested" whether ballots comply with local regulations, but when we
asked Shawn Southworth what he thinks about Diebold tabulators accepting large
numbers of "minus" votes, he said he didn't mention that in his report because
"the vendors don't like him to put anything negative" in his report. After all,
he said, he is paid by the vendors.
Was this just a one-time oversight?
Nope. It appears to be more like a habit. We also posted the sister report,
for another vendor entirely, VoteHere, and you can see that the critical
security test, the "penetration analysis" was again marked "not applicable" and
was not done.
Maybe another ITA did the penetration analysis?
Apparently not. We discovered an even more bizarre Wyle Laboratories report.
In it, the lab admits the Sequoia voting system has problems, but says that
since they were not corrected earlier, Sequoia could continue with the same
flaws. At one point the Wyle report omits its testing altogether, hoping the
vendor will do the test.
Computer Guys: Be your own ITA certifier.
Black Box Voting has posted a full Ciber report on GEMS 1.18.15. We also
posted a .zip file download for the GEMS 1.18.15 program. We also provided a
real live Diebold vote database. Compare your findings against the official
testing lab and see if you agree with what Ciber says. E-mail us your
findings.
Who the heck is NASED?
They are the people who certified this stuff. Now, if the security of the
U.S. electoral system depends on you to certify a voting system, and you get a
report that says security was "not tested" and "not applicable" - what would you
do?
Perhaps we should ask them. Go ahead. Hold them accountable for the election
we just had. Their names are listed on the Web site: http://www.blackboxvoting.org. (Please,
e-mail us their answers to Bev@blackboxvoting.org)
© Copyright 2002, 2003, 2004, 2005, 2006 by MikeHersh.com
and identified authors. MikeHersh.com invites you to broadcast
any material at this site, provided you identify the source as
MikeHersh.com. All print, Internet, email and other summaries, excerpts
or other written reproductions must
include this blurb and a link to http://www.MikeHersh.com.
