Testimony on Voting System Testing and Cerification
By David Wagner, Computer Science Division, University of California, Berkeley
May 08, 2007
The following written testimony was submitted for the public hearing of the Committee on Oversight and Government Reform, Subcommittee on Information Policy, Census, and National Archives on May 7, 2007.
Summary
We have seen dramatic changes in election technology over the past decade. This new technology was introduced for laudable reasons and has brought important benefits. However, it has come at a cost.
Many of today’s electronic voting machines have security problems. The ones at greatest risk are the paperless DRE voting machines. These paperless machines are vulnerable to attack: a single person with insider access and some technical knowledge could switch votes, perhaps undetected, and potentially swing an election. With this technology, we cannot be certain that our elections have not been corrupted.
In my research into electronic voting, I have come to the conclusion that the federal certification process is not adequate. The testing labs are failing to weed out insecure and unreliable voting systems. The federal certification process has approved systems that have lost thousands of votes, systems with reliability problems, and systems with serious security vulnerabilities. Over the past four years, independent researchers have discovered security vulnerabilities in voting machines used throughout the country — vulnerabilities that were not detected by state and federal certification processes. Unfortunately, the standards and certification process has not kept pace
with the advances in election technology over the past decade.
One of the most promising directions may be to reduce our reliance upon software. With today’s paperless voting machines, flaws in the software can potentially cause undetectable errors in the outcome of the election. That places an impossible burden on vendors and testing labs, because it requires perfection: a single overlooked defect can be enough to render the whole system insecure, unreliable, or inaccurate, and experience has proven that it is common for even the most capable experts to overlook flaws and defects in software. It is unreasonable to expect perfection from vendors or testing labs given the complexity of modern election technology. If the system is completely reliant upon software, failures and security flaws are inevitable.
more at:
http://www.votetrustusa.org/index.php?option=com_content&task=view&id=2435&Itemid=26