Testing (2007)

Note: Many of the internal links are broken.

The Hidden Easter Egg

With the exception of California, there exists virtually NO procedure for confirming that the certified code is the code in the machines used on election day. Corrupt and partisan companies can place whatever code they want into the machines they deliver to the counties. This includes code to steal elections

This means that the companies can deliver hidden code in the machines that can only be activated by someone who knows how, on election day. This hidden code, also known as a trojan horse or easter egg will never be detected by any amount or kind of testing because the testers do not know how to activate it. The person who activates the hidden code does not even need direct access to the tabulator or memory cards. As 1 example, all they need to do is enter a special code as a write-in vote on the (electronic) ballot, and that code will be passed into the computers, and trigger the hidden vote swapping code. There would be no trace of what happened, because the code is hidden, and it can erase its tracks in any log files and then erase itself.

Nobody, and no machine, should be counting American votes in secret.

ITA “Testing” and “Code Review” Does Not Work

In theory, all electronic voting machines are in use today were tested by just a few companies that are designated Independent Testing Authorities (ITAs).

These ITAs are also instructed to review the source code used to program the machines. They should be looking for security holes in the system, but have failed.

“… the system we have for testing and certifying voting equipment in this country is not only broken, but is virtually nonexistent. … Some of these systems contain security holes so severe that one wonders what the ITA was looking for during its testing. … we have ignored the matter of where the software used in the machine comes from. … The existence of Federal standards and ITAs has actually had a counterproductive effect.”

– testimony of Dr. Michael Shamos before House of Representatives’ Committee on Science.

Overlooked Security Holes

The ITAs overlooked the many gaping security holes found in the California Top To Bottom Review of 2007 and in numerous earlier studies.
They overlooked an obvious unchanged encryption code, 8f2654hd4, for at least 10 years. A well programmed system would require every county to change this code for every election, but this system has fails to do so. Dr. Doug Jones first reported this hole in 1997. The Berkeley Report confirmed in February of 2006 that it is still in the code.

Uninspected Code

As an example, the ITA system’s code review has for years missed the following :

• the important device drivers, dlls, NK.BIN and NK.EXE files that the vendor must necessarily write in order to make the Windows CE operating system work

• the simple existence of an illegal interpreter in Diebold scanners

• the simple existence of illegal interpreted code on Diebold memory cards

• firmware (the code stored in chips on the motherboard)

There is no excuse for what is at best unprofessional, and perhaps fraudulent work.

Failed Stress Testing

While the ITAs should be checking that the hardware will hold up in real life, it became clear when Diebold flunked a California stress test in July of 05 that the ITAs were not doing their job.
The result is that these machines break down far too often. VotersUnite.org has well documented the many system malfunctions and miscounts.

Testing Closed To Public Review

The public is never allowed to inspect the source code, nor the machines, nor the reports. We are told to trust the system, without being able to check it. This is in direct violation of the fundamental principle of openness in elections; ie. trust, but please don’t verify.

Resources

• “Testing Voting Systems”, Dr. Doug Jones : www.cs.uiowa.edu/~jones/voting/testing.shtml