October 11, 2007



Reject Theft-Enabling Voting Computers


By andi novick



A New York Story About Irresponsible Voting Vendors, Irresponsible Legislators, Irresponsible Election Commissioners and:


You Choose the Ending (a) the Irresponsible Citizens Who Did Nothing or (b) the Responsible Citizens Who Fought Back




The Legislature is responsible for ensuring that our electoral system is secure, reliable and safe. Our Legislature in New York, knowing nothing, passed the buck, authorizing the State Board of Elections (SBOE) to test the two different types of computers offered by the same few vendors and decide which machines should be made available for the individual county election commissioners to choose for their respective counties. The SBOE Commissioners, with one exception, are not familiar with the studies and reports which reveal that there are no secure, reliable or safe computerized voting systems. They have exhibited no consideration for what is required in a democratic election system and have no idea how computers can be rigged by insiders and outsiders to steal an entire election. And yet our legislators and the SBOE insist we must have these privately owned and controlled computers. The county election commissioners are similarly ignorant. The Governor has inherited this nightmare, but has to date taken no action to protect New Yorkers against the fraud these vendors, with the complicity of our public officials, intend to perpetrate.


Since We the People own this government and since democracy is only as good as the people who care enough to make it work, I thought I'd share this with You The Citizen, in the hope that you would figure out what you might do to preserve our democracy. Please keep in mind that if our electoral system becomes so insecure that you don't know whether your vote has been counted, that is the end of democracy. Unless you can see the process of how a vote is cast and counted, you just don't know how the votes were counted.


You can't see inside computers which we know can be readily manipulated without detection. Touch-screen DREs are impossible to ever verify no matter how many paper trails you attach to the other end of this corrupt machine. Paper Ballot Optical Scanners (PBOSs) are equally corruptible, but if we had laws that required a hand count of a sufficient number of the paper ballots and if we had laws which permitted the citizens to also see the ballot images taken by the optical scanners, at least we could see some of what was happening. Of course we don't need non-transparent computers doing a job we are more than qualified to do, for less money and with far greater security: We could just count the paper ballots ourselves and then we'd be able to observe the entire process from start to finish so we'd know are votes were being accurately counted.


But this piece isn't about the requirements of a democratic electoral system: No one in New York is even thinking about something like that. This piece is about how shoddy and untrustworthy the voting computers are; how irresponsible the voting vendors, politicians and election officials are; and how responsible you need to be while there's still time.


When products are made so unsafe and so defective that they cannot perform the function they are intended to perform (in this case voting machines that are capable of accurately recording and counting votes), those products are supposed to be recalled. Dozen of studies have shown that these voting computers are incapable of providing for a safe and reliable election because aside from a myriad of other problems, anytime a computer scientist (or a competently skilled child) gets her/his hands on one, the machine is hacked in a matter of minutes. Rather than rejecting these error-prone, vulnerable machines New York - the only state in the Union not to have purchased computerized voting systems for its citizens- is planning on doing just that.


What if the government in New York decided to purchase one automobile per family. Let's say it was considering the Ford Pinto, even though it had already been revealed that the Pinto would explode upon impact. And to make this fully analogous to the current situation with computerized voting systems, let's say that dozens of studies had confirmed that the Pinto is too unsafe to drive. If New York State, notwithstanding that evidence, was still going to buy one of these vehicles for your family, what would you do?


Don't let your government buy these unsafe machines for us. The piece below is redrafted from a letter I sent to various members of our NYS government. Please read this and do what you think you should.


"Those who expect to reap the blessings of freedom must....undergo the fatigue of supporting it." --Thomas Paine.



California's Secretary of State Finds all Computerized Voting Systems Sold by the Vendors Enable The Potential For Theft on a Massive Scale


New York State is about to undergo the most dramatic change to its electoral system in a century. The only options currently being considered by the state are two different computerized systems - touch-screen DREs and paper ballot optical scanners (PBOSs) – both sold by the same handful of vendors. Why is New York still considering these systems when California's Secretary of State has publicly exposed these machines for the snake oil they are?

Matt Blaze of the University of Pennsylvania and leader of the Sequoia review team for California's Top to Bottom Electronic Voting Investigation, described these systems as "fatally flawed". The sheer magnitude of the problems as revealed by last month's California's Top to Bottom independent reviews was devastating.1 They corroborate what computer scientists have been trying to tell us: that Americans have been sold a bill of goods and are now voting on computerized systems which are all easy to rig.


The essential safeguards that we all agree are fundamental to any democratic voting system have been removed - obliterated by oblique computerized processes that these vendors try to hide behind. All of the vendors' voting systems were found by California's Secretary of State (SOS) to be seriously vulnerable to attacks that could change the outcome of elections:


the expert reviewers demonstrated that the physical and technological security mechanisms provided by the vendors for each of the voting systems analyzed were inadequate to ensure accuracy and integrity of the election results and of the systems that provide those results.


the expert reviewers reported that all of the voting systems studied contain serious design flaws that have led directly to specific vulnerabilities, which attackers could exploit to affect election outcomes


Among the machines New York is nonetheless still considering purchasing (Diebold and Sequoia), the California reports specifically stated:


the Sequoia Source Code Review Team found significant security weaknesses throughout the Sequoia system, the nature of which raise serious questions as to whether the Sequoia software can be relied upon to protect the integrity of elections; and


the Sequoia Source Code Review Team found that the Sequoia system lacks effective safeguards against corrupted or malicious data injected into removable media, especially for devices entrusted to poll workers and other temporary staff with limited authority, with potentially serious consequences including alteration of recorded votes, adding false results, and, under some conditions, causing damage to the election management system when the corrupted or malicious data is loaded for vote counting.


The Sequoia Source Code Review Team found that while in certain cases, audit mechanisms may be able to detect and recover from attacks...other attacks may be difficult or impossible to detect after the fact, even though very rigorous audits, and even with procedural safeguards in place and strictly observed


that the Diebold software contains vulnerabilities that could allow an attacker to install malicious software on voting machines and on the election management system, which could cause votes to be recorded incorrectly or to be miscounted, possibly altering election results


the Diebold system is susceptible to computer viruses that propagate from voting machine to voting machine and even voting machines to the election management system, which could allow an attacker with access to only one voting unit or memory card to spread malicious code, between elections, to many, if not all, of a county's voting units; and


Since many of the vulnerabilities in the Diebold system result from deep architectural flaws, fixing individual defects piecemeal without addressing their underlying causes is unlikely to render the system secure. Systems that are architecturally unsound tend to exhibit "weakness-in-depth" - even as known flaws in them are fixed, new ones tend to be discovered. In this sense the Diebold software is fragile.


Improvements to existing procedures may mitigate some threats in part, but others would be difficult if not impossible to remedy ............ Consequently we conclude that the safest way to repair the Diebold system is to reengineer it so that it is secure by design.


It doesn't get more damning than that!



Government's Primary Responsibility Is to Secure and Protect Our Rights: So Why Is New York State Still Considering Purchasing Voting Machines Which Have Been Exposed as Incapable of Securing a Fair Election?


The Legislature in New York has declared2 that government is the public's business and indeed it is. A business that is about to spend millions of tax payers dollars on computer equipment and permit the public's elections to be run on the computer equipment it buys, must at a minimum educate itself as customers and potential users of computer technology. As the last state in the Union to have determined what our next electoral system should be, the state's failure to recognize the grave errors committed by those public officials who trusted that the vendors knew what they were doing and left it to them to decide, amounts to misfeasance. So who in NY is making these decisions and what do they know?



This Is No Way to Run a Business – Especially Our Business


Our legislators and appointed county election commissioners have heard the vendors assure them of the integrity of their products, but have failed to look at the evidence of these products' abysmal performance record. The vendors have misrepresented their voting systems across the country. In six short years they have peddled their shoddy voting systems throughout the nation leaving in their wake millions of disenfranchised Americans. How many of New York's decision-makers know the thousands of examples in which these electronic voting machines failed to count votes, failed to tally the votes correctly, broke down during elections, switched votes, counted votes that were never cast, reversed election outcomes? How many appreciate the budget-breaking consequence owning these machines will have on taxpayers after the first year?


This abdication of responsibility and abuse of the public trust must not be tolerated. What will it take to stop New York from playing the fool and purchasing the same inferior, shoddy, insecure equipment that caused Secretary of State Bowen to remark, "Things were worse than I thought. There were far too many ways that people with ill intentions could compromise the voting systems without detection" and Avi Rubin, Professor of computer science at John Hopkins, to proclaim, "The studies show that these machines are basically poison". As the last state to make a decision about our electoral system, New York can not say it did not know!


New York Law Prohibits the State from Entering into Contracts with "Non-responsible" Vendors


Not only does New York lack the plausible deniability the rest of the nation may assert as the litigation for fraud and breach of contract against the voting vendors mushrooms, but New York is also on notice that these vendors are ineligible to do business in New York. The evidence of the vendors' flagrantly "irresponsible" conduct and record of failed voting equipment is contained at , and Non-responsible vendors include a vendor whose committed a crime, been indicted for a crime, committed ethical violations, exhibited failed past performance on other contracts, etc. The list of "non-responsibility" for the voting vendors New York is proposing to do business with is a virtual who's who of non-responsibility.  Who in New York is paying attention? Who is going to take responsibility, look at the evidence and enforce the law, enjoining these vendors from conducting business in New York?


Who is going to implement New York's law, which requires that the state's machines be capable of demonstrating their "integrity and security" by being able to "demonstrate an accurate tally"3. None of the machines New York is considering purchasing can do that. Secretary Bowen has already told us of all of these machines' "inadequa[cy] to ensure accuracy and integrity of the election results". New York could choose to disregard her findings- in which case I bet I know where we could pick up some equipment at fire sale prices. Or is someone in a position of responsibility in New York going to step up and ensure New Yorkers that they will not be trading in their lever machines for these electronic voting systems now publicly revealed to be not merely snake oil, but the antithesis of what is required for a secure, transparent, reliable electoral system?



Why Computerized Voting Systems are so Much worse than Our Lever Machines4


Computerized Voting Machines Are Vulnerable to Viruses and Other Attacks Which Can Spread Between Voting Machines and Steal Votes on the Infected Machines Regardless of New York's Ban on Wireless Devices


All of the electronic voting machines tested in California were found vulnerable to malicious attacks that could "affect election outcomes". The reports also point out:


An attack could plausibly be accomplished by a single skilled individual with temporary access to a single voting machine. The damage could be extensive - malicious code could spread to every voting machine in polling places and to county election servers.


The fact that New York prohibits wireless devices will not prevent the election-altering attacks found by California's independent experts to be so easily executable. I asked Bruce O'Dell5 to explain why even with a ban on wireless, there's really no such thing as a "closed system" with "stand-alone" computers. Understanding that computerized voting machines are fundamentally different than mechanical lever machines in this way is essential to appreciating how devastating it would be for New York to switch our lever machines for these electronic voting machines, particularly the DREs. The implications for tampering on a grand scale are breathtaking.


Malware (software that performs a malicious function) can be spread from voting machine to voting machine - like deliberately-crafted viruses that not only change election results, but spread form machine to machine via memory cards, and delete themselves at the end of the election (see the Princeton report for an example).


But that's just one way to subvert the voting software. Here are more ways I can think of:- hardware exploits; the manufacturer of a circuit board substitutes components which contain hardware with covert functionality; this was exploited by the CIA against the Soviet Union in the 1980s, when they discovered a company smuggling computer hardware into Russia form the West; among the consequences was the largest non-nuclear explosion ever recorded, as the compromised equipment was installed to regulate the Soviet natural gas system. This is described in the attached document, (which is among the best short introductions to computer security that is accessible to the general reader). And of course, there is simply no way to know for sure if a wireless receiver has been built into any piece of voting equipment. The feasibility and consequences of that particular class of exploit are described in Section 3.1.1 and 3.1.2 of


- Rootkit and virtualization technology. Both the Brennan Center and Princeton reports mention rootkit or virtualization attacks on voting equipment. A rootkit is a type of software exploit which specifically replaces and/or bypasses portions of the operating system that are used to detect the presence of malicious software. (Google "rootkit" - Wikipedia has a reasonably accurate overview). With sufficiently sophisticated virtualization technology, the voting software and operating system itself could be perfectly fine; it would just be interrupted during elections to enable the malicious code to execute. There would be no way for the non-rootkit code to know this had happened. This kind of exploit is ideally suited to be introduced by malicious insiders at the vendor or manufacturer, but anyone with hands-on access to central tabulators or memory cards or precinct equipment, or direct or indirect access to the networks connected to central tabulators, could introduce a self-replicating rootkit.


- Device driver and privileged code. Every other software component might be legitimate, but compromising device drivers or privileged operating system code enables malicious code to take complete control of the device. One or a few malicious insiders at the manufacturer, vendor - or anyone with hands-on access to central tabulators or precinct equipment, or direct or indirect access to the networks connected to central tabulators, could compromise thousands of machines. This code can be distributed under the guise of a software patch if you believe Chris Hood (the whistleblower who reported undocumented patch distribution in Diebold equipment in Georgia in 2002). [For more about this whistleblower and the theft of Georgia's elections, see RFK Jr.'s ].


- Malicious application logic. Ideally suited for exploit by malicious insiders at the vendor, with potential exploitation by malicious insiders at the state or county election office (anyone with hands-on access to central tabulators, memory cards or precinct equipment, or direct or indirect access to the networks connected to central tabulators), as Harri Hursti demonstrated with his Diebold op-scan exploits.

- Memory card exploits. Both Hursti and Princeton researchers have shown how executable code can be transmitted on memory cards from machine to machine.


The following studies/reports all confirm that there is no such thing as closed, stand-alone computerized voting systems and attest to the ease with which voting software can be corrupted to alter the outcome of an election, often without detection. Moreover, these independent studies demonstrate how computerized voting has created the potential for theft on a massive scale, made possible for the first time in history by this technology.


If You Don't Call Your Government on its Negligence and Irresponsibility, Who Do You Think Is Going to Do That?


These computers, which the nation has been forced to vote on, have created the very opposite of what 150 years of case law in New York has established as essential to a democratic election: a secure, accurate means to vote in which the risk of tampering is reduced as much as is humanly possible. Nothing in New York's "better" law, including the ban of wireless devices or the requirement that source coding be places in escrow, will adequately safeguard against the potential for this wholesale computer-assisted fraud, which humans could never have achieved alone.6


All of the inspection reports mentioned above are responding to the existing crisis wherein the other states already bought these unsafe and unreliable electronic voting systems, leaving the computer experts to propose mitigation strategies in an attempt to make the most of a bad situation. There is no excuse for New York to purchase these poorly designed, insecure machines only to have to then spend millions more of our tax dollars trying to compensate for their inadequacies through auditing and mitigation strategies. Instead, New York can pay attention to the overwhelming evidence and make the only reasonable decision – which is to not purchase such flawed and budget-breaking voting systems.


The other states, all of which have committed the error of negligently presuming the voting machines sold by these vendors were secure, are now suffering the consequences of their irresponsibility. No responsible business would approach security that way. As Bruce O'Dell stated to me: The boards of directors of publicly-owned companies that applied the same standard to their corporate accounting systems would face the very real prospect of personal jail time under the federal Sarbanes-Oxley legislation, and their corporation's stock could well be delisted.


Since government is the people's business, citizens are entitled to expect that their government is behaving at least as responsibly as other businesses. Indeed citizens should be able to expect that their government is acting above the standards set by regular businesses.7 Particularly when it comes to elections, ensuring safeguards against fraud is the sole basis upon which the Legislature is permitted and expected to legislate. Who is going to tell the Legislature? Why doesn't anyone in a position of responsibility understand that computerized systems should be presumed insecure and the burden of overcoming that presumption to be on the one offering or creating the voting system? How can so many representatives of the people be so unaware of the rich precedence in New York respecting the essential requirement for safeguards in our elections? How can those charged with the responsibility for determining New York's next electoral system in a century possibly believe they're doing their job when the current means of arriving at the next generation of an electoral system looks solely to these publicly discredited vendor options?



New York's Election Law Safeguards, While Better than Other States, Are No Match for Computerized Voting Systems


Having the Source Code in Escrow with the SBOE Is No Panacea for the Problems of DREs and Optical Scanners


Neither the banning of wireless devices nor requiring the escrowing of source code (both of which are supposed to protect New Yorkers from the horrors of computerized voting systems) will make computerized voting systems reliable or safe to vote on. Peering Through The Chinks,, is the best article I know of clearly explaining why New York's source code escrow requirement will not ensure the "integrity and security" required by NY law. The article is well documented and includes statements from the nation's leading computer professionals who have been following the election machine problems, including Bruce O'Dell referred to earlier.


With regard to the hundreds of thousands of lines of source code (a Diebold system for voting contains roughly 285,000 lines of source code) David Dill, a professor of Computer Science at Stanford, explained:


It is practically impossible for someone to review software of any length at all – even 10,000 or maybe even 1500 lines of code– to make sure that's 100% error-free.


Dan Wallach, Associate Professor of Computer Science at Rice University, in reference to Avi Rubin's statement that undetected code could be inserted in a large code package and the chance of its remaining undetected was 99.9% said,


I don't know about that other tenth of a percent. This is a classic computer security problem. Whoever gets into the machine first wins. So if the Trojan horse software8 is in there first, you ask it to test itself – it will always lie to you and tell you everything is fine. And no matter what testing code you try to add after the fact, it's too late. It can now create a world where the testing software can't tell that the machine has been compromised, even though it has.


The article's author summarizes the problem with the limitations of security even if one has access to the source code:


Even if a person could check hundreds of thousands of lines of software code and find hidden malicious code,


and even if software could be written bug-free,


and even if the hardware works properly and interfaces perfectly with the software and peripherals,


and even if the binary and source code match identically,


and even if each electronic voting machine were physically guarded every minute to prevent insertion of malicious code (including by insider vendors or subcontractors or election personnel or anyone with a key including the janitor),


and even if every software change has been clean and legitimate,


and even if unexamined ballot definition files are accurate and trustworthy,


and even if there were reasonable ways to make sure that the software previously checked is now the software running on each machine on the morning of election day


...chinks in the voting system armor could allow intrusion DURING voting day and during tabulation.


In addition to this article and the numerous citations found therein, the studies referred to earlier reveal that having the source code does not provide sufficient safeguards against grand-scale election theft. California had the source coding and almost $2 million dollars later concluded that the voting systems could all be rigged, often without detection, with or without the source coding. Unlike mechanical equipment (ie, the lever machines) software is not static. Software regularly requires updating or "patches" to improve or fix it. Are taxpayers to spend millions of dollars every year to vet the patches and the machines to find what California and other states have found: that uncertified software is installed; that the certified software has bugs which can undermine the will of the voters? Are jurisdictions willing or able to test each of thousands of machines just before they are sent out to precincts? Is that how we should be spending our tax dollars when there are safer means to vote that are far less costly? And even if the state had a surplus of our money to burn, all of this testing would not uncover those hacks designed to be undetected.9







Anyone reading this could definitely answer that question. What is our responsibility having elected our legislators and our governor? At the moment, our legislators and the agency they appointed (SBOE) to make decisions regarding the next electoral system for New York, seem to be suffering from a condition that might be described as "under the influence". Alcohol consumption would be relatively harmless in this situation. It is the influence of the voting vendors that have successfully disinformed those who are poised to force New Yorkers to vote on theft-enabling voting machines. How else can we account for the fact that notwithstanding what California has now made public New York is still planning on buying these defective, unsafe machines? Of course nothing's preventing our decision-makers from getting beyond the propaganda from the vendors. Why should our decision-makers be permitted to remain misinformed about something as critical as the means by which we protect our sovereignty?


Computerized Voting Machines Should Have Been Recalled


When we found out that the Ford Pinto blew up upon impact, did we run out to test drive them and give them another chance? When Mattel announced it was recalling 11 of Barbie's playsets for lead paint and investigating the lead paint in other toys, how many parents rushed to embrace the other Barbie products? We expect people are capable of a rational response to such revelations. Why can't we insist our representatives behave rationally?


Consider this.


The federal government sets minimum performance and safety requirements for automobiles which are certified for use on public roads and highways. Failure to comply with these standards results in a recall of the car or its defective parts.


When there's lead found in the toys Mattel distributes, what's the consequence? Mattel at least claims to undertake extensive testing to ensure the safety and quality of the toys it sells, apologizes to the public, accepts responsibility and recalls millions of toys.


But when the voting vendors are exposed for selling shoddy, insecure equipment, that has been certified for use in public elections, what's the consequence? No recall. No apologies. No vendors accepting responsibility. Just legislators who, having waited this long, now can't wait to spend hundreds of millions of our dollars buying the should-have-been-recalled equipment for us!


New York can take advantage of what other states have had to learn the hard way and forego falling victim to these vendors' misrepresentations. New York can create a publicly accountable, reliable, properly safeguarded electoral system. Unfortunately it doesn't look like the people who want us to re-elect them have any interest in protecting our rights or behaving rationally. Our public officials in Albany seem to think the inadequate theft-enabling equipment sold by these vendors, who continue to misrepresent their defective products, is good enough for us. You gotta wonder where they're getting their information from. Certainly not from scientists who repeatedly have tried to tell us not to fall for the snake oil.


If New Yorkers get conned at this late date, we're going to be the rightful butt of that well known (if not well delivered) adage, fool-me-twice. We're also going to be stuck with the snake oil for a long time.


It's a shame that after the 2000 election, with the butterfly ballot and so on, there was a real national consensus that it was important to make voting more reliable. ....Unfortunately, we really rushed into buying equipment everywhere in the country that really wasn't ready, and I think the only way we are going to solve this problem is by recognizing that we've got to do a careful design. We're going to be left with whatever equipment we buy.


--Matt Blaze of the University of Pennsylvania, lead reviewer California's Inspection 10


The analogy to September 11th should not be lost. We had great world-wide support and our federal government squandered it. With the exception of Oklahoma, which publicly owns and controls its optical scan voting system, New York is the only state to not have squandered its resources on these failed voting systems. Rather than suing the vendors for breach of contract and misrepresentation, as many states have done and many more will be commencing, we can spend our time constructively creating a democratic voting system for all of New York State, providing a model for the nation to follow when it recovers after the snake oil peddlers leave town. 11 I have written to the Governor 12, but I'm guessing he'd have to hear from alot more of us before he paid attention. I told him there is an electoral system in existence where peoples' rights, as owners of the government, are preserved by enabling their scrutiny and oversight in a transparent election process.


The people must remain the masters of their technology and their government, both of which are there to serve the people. Until such technology exists that we can use to serve our interests with the level of assurance that is required by a people who mean to retain their freedom, we should proudly insist on our right and ability to count our votes by our own hand, with our own eyes. We look to you to lead New York and to be a beacon for the nation.

I wrote to my state senator and asked for a meeting. He had his secretary call to advise me he wouldn't meet with me because he had no jurisdiction over the issue! Can you imagine a more irresponsible answer? Who exactly has jurisdiction over this issue? No wonder our legislators don't feel the need to hold the irresponsible vendors accountable.


"Eternal vigilance by the people is the price of liberty"

-- Andrew Jackson


If every New Yorker wrote her/his senator, governor, assembly person, election commissioner - we could collectively hold government accountable before they sell us out.

– If you only have time for one letter start with the governor and fax it, 518 474 1513, or if you can't fax email Click here to email the Governor and copy James Clancy, Director of Legislative Affairs, – If you're feeling responsible, here's the contacts for your elected officials who are counting on you to re-elect them,  .


– If you're feeling vigilante, here's the contacts for the State Board of Elections: Co-Executive Directors Peter S. Kosinski  and Stan Zalen, , and to reach Election Commissioners, Neil Kelleher and Helena Moses Donahue, contact Allison Carr, , for Commissioners Douglas Kellner and Evelyn Aquila contact Anna Svizzero , also contact Todd Valentine  and Bob Brehm .


If we're not responsible enough to take the time to write letters, I guess we're all going down in one big sea of irresponsibility. Democracy is something you do.




1. .


2.McKinney's NY Public Officers Law, § 84:


The legislature hereby finds that a free society is maintained when government is responsive and responsible to the public, and when the public is aware of governmental actions. The more open a government is with its citizenry, the greater the understanding and participation of the public in government. 


As state and local government services increase and public problems become more sophisticated and complex and therefore harder to solve, and with the resultant increase in revenues and expenditures, it is incumbent upon the state and its localities to extend public accountability wherever and whenever feasible.


The people's right to know the process of governmental decision-making and to review the documents and statistics leading to determinations is basic to our society. Access to such information should not be thwarted by shrouding it with the cloak of secrecy or confidentiality.


The legislature therefore declares that government is the public's business and that the public, individually and collectively and represented by a free press ,should have access to the records of government in accordance with the provisions of this article. 


3.  McKinney's NY Election Law sec. 7-202 1 (r)


4. I am not advocating for the merits of lever machines which do not leave any evidence of voter intent.  I am advocating for not going from the fire into the frying pan and for the need to understand that substituting mechanical lever machines with computerized DREs or PBOSs is not as simple as swapping one machine for another.


5. Bruce O'Dell has spent his career working with very large-scale computer systems with stringent security, audit and accountability requirements-systems for financial accounting, insurance claims processing, mortgage origination, bond trading, stock trading, loan servicing, and on-line financial account aggregation.  At American Express he was lead software architect for a project to create a company-wide security component, and received their Chairman's Award for Quality, in 1998, for helping to develop methods for securely deploying new software to networks of thousands of computers.  He is also the co-founder of Election Defense Alliance, a national coordinating body which seeks to promote and support citizen activism at the local and state level and to restore integrity and public accountability to the electoral processes of the United States.


6.  See, Even a Remote Chance? :


Even a 50-state ban of wireless components in elections could be problematic to verify, as technological innovation accelerates.  Imagine a memory device about the size of a grain of rice or a freckle, with its own antenna built in, that could be embedded in a sheet of paper or stuck to any surface.  Imagine that the device could contain 4 MB of memory which could be accessed or altered wirelessly by a nearby cell phone.  Although it sounds like science fiction, this tiny wireless memory chip, called a Memory Spot, was announced July 17, 2006 by Hewlett Packard.


And see sections 3.1.1 and 3.1.2 in the Rebutting Shamos cite referred to above, in which the problem with concealed wireless devices is discussed and consider that Microsoft's operating system, relied on by the vendors', has built-in remote functionality.


7. "Declaration of intent. A continuing problem of a free government is the maintenance among its public servants of moral and ethical standards which are worthy and warrant the confidence of the people. The people are entitled to expect from their public servants a set of standards above the morals of the market place. A public official of a free government is entrusted with the welfare, prosperity, security and safety of the people he serves. In return for this trust, the people are entitled to know that no substantial conflict between private interests and official duties exists in those who serve them."

 McKinney's NY Public Officers Law, § 74 (emphasis supplied)


8. Trojan horse software refers to malicious software that can steal entire elections without detection because it is designed to hide or destroy itself after it has done its dirty work, hence the Trojan horse name.


9. The Security and Assurance in Information Technology Laboratory (SAIT) for the State of Florida, reviewing the ES&S DREs which caused the loss of 18,000 missing votes in the last election found:


A cleverly constructed virus can cover its tracks so that infected machines could not be detected by ordinary means and an appropriately programmed virus could self-destruct and erase all its tracks....[I]f carefully constructed, it can allow an attacker to transfer program control to her own malicious code.  Once this happens, the attacker controls the machine.


[p 37-38] of February 23, 2007 stu dy at


10. Interview of Matt Blaze, . 


11. Characteristically in Western movies the carpetbagger/traveling salesman would leave town before the good defrauded town people realized the snake oil they'd bought (the contents of which, like the voting machines, were always concealed) was not the magical panacea they were led to believe it would be.  As set forth in my second Vendor Irresponsibility memo referred to earlier, two of the three major voting vendors are looking for buyers for their voting systems' companies and having trouble finding any takers.  Whether they succeed in disappearing or declare bankruptcy or pay millions of dollars in litigation to the states trying to recover some of their losses, is of no consequence: they've still left the nation conned and struggling to cope, with illegitimate election results and no secure way to vote in 2008.




Authors Website:

Authors Bio: Andi Novick Northeast Citizens for Responsible Media