<http://www.wired.com/news/print/0,1294,65490,00.html> Wired News E-Vote Vendors Hand Over Software By Kim Zetter? Story location: http://www.wired.com/news/evote/0,2645,65490,00.html 03:00 PM Oct. 26, 2004 PT In an effort to increase the integrity of next week's presidential election, five voting machine makers agreed for the first time to submit their software to the National Software Reference Library for safekeeping, federal officials said on Tuesday. The stored software will serve as a comparison tool for election officials should they need to determine whether anyone tampered with programs installed on voting equipment. The National Software Reference Library is part of an election security initiative launched by the U.S. Election Assistance Commission, a new federal entity that Congress created after the Florida 2000 election problems. The EAC is the first federal entity established to improve the integrity and efficiency of elections. DeForest Soaries, chairman of the EAC, in June requested software from the largest voting companies, which provide 90 percent of the software to be used in computerized voting machines on Tuesday. The EAC will eventually ask all voting companies, even those that produce counting software for punch card machines, to submit their software. Soaries called the library a major step and praised the vendors for their willingness to increase the transparency of elections. "Their acceptance of our request to submit their software begins the process that assures the country that we will have (a) higher level of security and therefore confidence in e-voting than we have ever had before," Soaries said in a press conference. The National Institute of Standards and Technology -- the agency that sets official measurements and defines standards for all kinds of commercial products -- will maintain the voting software library. NIST already manages a library of other types of software, like the Windows 2000 operating system, to help law enforcement investigate crimes involving computers. Doug White, the library's project leader, said NIST stores applications on CDs in a room that is similar to a criminal investigator's evidence locker, which means the software can be used as evidence in a court. Counties and states will eventually be able to use the library to verify that they are using a certified version of software. This is good news to Scott Konopasek, the registrar of voters for San Bernardino County in California. In September, after California certified a new version of software for his county's voting system, the vendor, Sequoia Voting Systems, sent Konopasek the software to load on his machines. But when Konopasek asked the state to verify that the software the vendor gave him was unchanged from the version the state certified, state officials told him they had no means to verify it and that Konopasek would have to trust the vendor. Vendor trust was precisely the measure of verification the state was using last November when it discovered that Diebold Election Systems had installed uncertified software on machines in 17 California counties without telling the state. NIST's voting software library was established too late this year to examine software that has already been loaded onto locked voting machines, so election officials won't be able to verify that they have unchanged, certified software before Tuesday's election. But if questions about the veracity of a voting system arise after the election, computer forensic experts will be able to compare the software used on machines with the software in the NIST library to see if the software was altered. They can do this by comparing hash files, which are digital fingerprints that identify the integrity of software. The hash is a mathematical sum derived from the software code. If someone changes the software, the mathematical sum changes as well. "This gives us one more mechanism for assuring voters that their votes have been recorded and reported correctly and haven't been tampered with," Konopasek said. "There's no one single thing that election officials will ever be able to do to convince everyone. But the more we can add to our inventory of audits and controls, the more we can establish confidence of voters -- not just the technically savvy voters, but all voters." Soaries acknowledged that the library alone can't secure elections and voting systems but can only work in concert with other procedures. And the EAC still has to work out several issues related to the library, such as who will be responsible for checking hashes before an election if county election officials don't have someone knowledgeable on staff to do so. EAC has to determine how best to handle patches, or last-minute fixes and upgrades to machines. Currently, it will be up to the county and vendor to decide whether to resubmit that software to the library before an election. And the EAC has to establish a policy for dealing with false positives -- that is, when a hash check indicates that software has changed when it actually hasn't. In addition to the library, the Commission has instigated several measures to increase the integrity of elections. These include developing new voting machine standards that would require voting machine companies to make machines that are more secure. The commission is also looking at developing national standards for election procedures to establish uniform methods for physically securing voting machines and providing checks and balances to prevent and catch voter fraud. Additionally, the commission has been speaking about creating a clearinghouse to gather reports from states and counties about problems they encounter with voting equipment. -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'