U.S. To Certify Labs For Testing E-Voting Machines

InternetVoting writes "In a clear counter to the recent criticisms of secrecy involving Ciber labs the National Institute of Standards and Technology (NIST) has issued recommendations (pdf) to the Election Assistance Commission (EAC). NIST recommends the accreditation of two labs, iBeta Quality Assurance and SysTest Labs. The recommendation, emphasizing the need for transparency, includes on-site assessment reports, lab responses, and on-site reviews for each lab. These reports shed much needed light into the process of voting machine certification. Learn more from the Q&As About NIST Evaluation of Laboratories that Test Voting Systems."

Opaque Audits

[P(0)(!P(k)+P(k+1))]

It sounded, prima facie, like progress was being made; but quoth TFA:

Currently, laboratories are using proprietary test methods and test cases to determine that a voting system meets existing federal standards. . . . By law, NIST must protect proprietary information. This includes details of a laboratory's specific testing methods and protocols.

Call me cynical, but auditing opaque processes with equally opaque tests doesn't change much; I foresee a holographic sticker labelled “certified.”

I'd wager, furthermore, they expect us to buy it at face value.

Re:Opaque Audits

[Rob T Firefly]

They do have a halfway decent excuse for that, though.

Why are laboratories using proprietary test methods?
Currently, no uniform set of tests exists to determine that a voting system meets federal standards. With the support of the EAC, in 2007 NIST will begin to develop a uniform set of non-proprietary tests to be used in conjunction with the next version of the Voluntary Voting System Guidelines (VVSG 2007). The availability and use of these open tests will improve consistency and comparability among testing laboratories.

Even a baby step in the right direction counts at this point.

Re:Opaque Audits

[truthsearch]

So, does that mean once these non-proprietary tests are created the process will be made more open? I agree, any step in the right direction is something good. I just hope that in the end we have real transparency.

Re:Opaque Audits

[P(0)(!P(k)+P(k+1))]

Even a baby step in the right direction counts at this point.

I think you're being too soft on your own government. Government isn't a child in need of coddling: it's a cynical and self-aware machine that studies to persist at your expense.

Re:Opaque Audits

[Billosaur]

When you think about it, the lack of standards is probably what has caused the current crop of voting machines to be such dismal failures. While I'm not sure I trust Diebold anyway, given their political connections, they probably would have done at least a halfway decent job on their machines if there were a set of standards to measure them against. It's not enough for the US Government to send out a Request For Proposals outlining what they are looking for, unless the functionality and security can be defined against some kind of standard. If the standards had existed first, maybe the machines would not have all the loopholes and omissions which make them such trash currently.

Why is it

[gillbates]

That politicians can't grasp the immediately obvious? Why do they even bother with electronic voting machines when:

• The voters don't want them, and,
• They cost more and are less reliable than paper ballots, and,
• The technical community thinks they're dangerous to democracy.

How could any politician come to a conclusion that electronic voting machines make sense? There is no compelling reason to use electronic voting machines at all. The only possible explanation I see is that counties which bought electronic voting machines had county officials on the payroll of the voting machine makers.

The fact that they've been purchased seems to suggest that politics is already not quite as transparent as it should be.

Watchmen

[jdcook]

Let me guess: the auditors are political appointees?

Re:Opaque Audits

[truthsearch]

And if standards exist, maybe more companies can compete equally for the contracts.

whats wrong with this picture?

[gordona]

Why is this just happening now after several years of use (and possible misuse)? Note to readers: this is a rhetorical question. I work for the cable industry which spends lots of money and time for years, certifying devices that get attached to the cable networks. I guess this is more important that ensuring the veracity of our voting systems. But this begs the question. The voting machines are only one link in the chain and perhaps not even the weakest link. Previous elections have quite possibly been affected by selective voter purges and mishandling of ballots--do provisional and absentee ballots even get counted? So, certification of the devices is a needed measure as is holding in escrow the source code of the devices. But this is not the only measure that should be taken.

"If god had wanted us to vote, he would have given us candidates"

Re:Opaque Audits

[Alien Being]

No, it just means the Reps didn't cheat hard enough.

Re:Why is it

[PadRacerExtreme]

The voters don't want them

I think you are confusing the /. crowd with the 'normal' mom & pop crowd. For the non-technical people it is much easier to press a box with the person's name (which then changes color) that poke a hole in a card.

Re:if you ask me....

[DudeTheMath]

And any vote that's not secret can be coerced. Heard any news lately about the U.S. Chamber of Commerce pushing for legislation to make votes to form a union non-secret?

Admittedly, in this country, it's hard to believe there could be wide-spread voter tampering, but vote-buying could still occur. For example, a company president could offers election day as a paid holiday (or just a monetary bonus) if the employee brings in his or her ballot indicating a vote for X? Or something more sinister: offer a paid holiday to all who show their ballot, but record who voted for whom, and using that data for some nefarious purpose.

Re:if you ask me....

[lividdr]

It wasn't that long ago that being identified as a "Communist" was enough to be accused of treason and brought before a Congressional inquest. It's nice to think that nobody will care how you vote, but once your voting record is public there are all sorts of people who wouldn't think twice about using it in judgements. It isn't that much of a leap to imagine being denied work or fired because you didn't vote with the PHB.

See also, http://en.wikipedia.org/wiki/House_Committee_on_Un -American_Activities [wikipedia.org] and http://en.wikipedia.org/wiki/Joseph_McCarthy [wikipedia.org] for historical reference. There is already a fair portion of the public who thinks secret wire-taps are okay for catching "terrorists" - is it that much further to extend this to investigating people who vote for medical marijuana (drug users!) or assisted suicide (serial killers!)? Or those who voted for Keith Ellison (D-MN), that new muslim representative who surely has ties to the terrorists - he even insisted on using the Quran at his swearing-in!

going back in time

[chdig]

I wonder how the previous elections' voting computers would fare, being put through the new tests... think diebold would like to see exposed just how many security holes there were in their last series of "machines"?

Voting Computers

[benjonson]

As was pointed out on slashdot yesterday http://politics.slashdot.org/article.pl?sid=07/01/ 18/152205 [slashdot.org], calling these things voting computers rather than voting machines gets the story across much better. People might wake up when they hear these things more accurately described.