December 22, 2024

Posts Comments

NJ Voting-machine trial update

February 26, 2009 by

Earlier this month I testified in Gusciora v. Corzine, the trial in which the plaintiffs argue that New Jersey’s voting machines (Sequoia AVC Advantage) can’t be trusted to count the votes, because they’re so easily hacked to make them cheat.

I’ve previously written about the conclusions of my expert report: in 7 minutes you can replace the ROM and make the machine cheat in every future election, and there’s no practical way for the State to detect cheating machines (in part because there’s no voter-verified paper ballot).

The trial started on January 27, 2009 and I testified for four and a half days. I testified that the AVC Advantage can be hacked by replacing its ROM, or by replacing its Z80 processor chip, so that it steals votes undetectably. I testified that fraudulent firmware can also be installed into the audio-voting daughterboard by a virus carried through audio-ballot cartridges. I testified about many other things as well.

Finally, I testified about the accuracy of the Sequoia AVC Advantage. I believe that the most significant source of inaccuracy is its vulnerability to hacking. There’s no practical means of testing whether the machine has been hacked, and certainly the State of New Jersey does not even attempt to test. If we could somehow know that the machine has not been hacked, then (as I testified) I believe the most significant _other_ inaccuracy of the AVC Advantage is that it does not give adequate feedback to voters and pollworkers about whether a vote has been recorded. This can lead to a voter’s ballot not being counted at all; or a voter’s ballot counting two or three times (without fraudulent intent). I believe that this error may be on the order of 1% or more, but I was not able to measure it in my study because it involves user-interface interaction with real people.

In the hypothetical case that the AVC Advantage has not been hacked, I believe this user-interface source of perhaps 1% inaccuracy would be very troubling, but (in my opinion) is not the main reason to disqualify it from use in elections. The AVC Advantage should be disqualified for the simple reason that it can be easily hacked to cheat, and there’s no practical method that will be sure of catching this hack.

Security seals. When I examined the State’s Sequoia AVC Advantage voting machines in July 2008, they had no security seals preventing ROM replacement. I demonstrated on video (which we played in Court in Jan/Feb 2009) that in 7 minutes I could pick the lock, unscrew some screws, replace the ROM with one that cheats, replace the screws, and lock the door.

In September 2008, after the State read my expert report, they installed four kinds of physical security seals on the AVC Advantage. These seals were present during the November 2008 election. On December 1, I sent to the Court (and to the State) a supplemental expert report (with video) showing how I could defeat all of these seals.

In November/December the State informed the Court that they were changing to four new seals. On December 30, 2008 the State Director of Elections, Mr. Robert Giles, demonstrated to me the installation of these seals onto the AVC Advantage voting machine and gave me samples. He installed quite a few seals (of these four different kinds, but some of them in multiple places) on the machine.

On January 27, 2009 I sent to the Court (and to the State) a supplemental expert report showing how I could defeat all those new seals. On February 5th, as part of my trial testimony I demonstrated for the Court the principles and methods by which each of those seals could be defeated.

On cross-examination, the State defendants invited me to demonstrate, on an actual Sequoia AVC Advantage voting machine in the courtroom, the removal of all the seals, replacement of the ROM, and replacement of all the seals leaving no evidence of tampering. I then did so, carefully and slowly; it took 47 minutes. As I testified, someone with more practice (and without a judge and 7 lawyers watching) would do it much faster.

Filed Under: Other Topics, Privacy & Security Tagged With: ,

Security Seals on AVC Advantage Voting Machines are Easily Defeated

December 19, 2008 by

On September 2, 2008, I submitted a report to the New Jersey Superior Court, demonstrating that the DRE voting machines used in New Jersey are insecure: it is easy to replace the vote-counting program with one that fraudulently shifts votes from one candidate to another.

In Section 10 of my report, I explained that

  1. There are no security seals on New Jersey’s AVC Advantages
    that prevent removal of the circuit-board cover;

  2. Even if there were security seals, physical security seals are easily defeated and would not significantly increase the security of elections in New Jersey.
  3. And in conclusion, one cannot achieve trustworthy elections solely by trying to ensure that a particular computer program is installed in the voting machine.

In October 2008, the State of New Jersey (and Sequoia Voting Systems) reacted by installing new security seals on the circuit board cover of voting machines in New Jersey. That is, they reacted to point 1 and ignored points 2 and 3.

In December 2008 I submitted to the Court a new report, and a new video, demonstrating how New Jersey’s new security seals can be removed and replaced without leaving evidence of tampering. It took me about 7 minutes the first time I tried it; I estimate it would take less than half that time with practice.

The video available here is now available in a compressed mp4 format, though it still takes a while to load. not well compressed and takes forever to load over the Internet; sometime in the near future I hope to make available a better-compressed video.

Filed Under: Other Topics, Privacy & Security Tagged With: ,

Voting Machines are Silent in Princeton Today

November 4, 2008 by

In my recent report on the Sequoia AVC Advantage DRE voting machine, I explained (in Section 32) that the AVC Advantage makes a chirping sound when the pollworker activates the machine to accept a vote, and makes the sound again when the voter presses the CAST VOTE button. In important purpose of this sound is to alert all witnesses in the room that a vote is being cast. This makes it harder for people to cast extra votes on the machine. This idea goes back a hundred years: equip the voting machine (or even a simple ballot box) with a bell that rings every time a ballot is cast. In my report I wrote that the AVC Advantage’s chirping sound is not as loud as it should be.

This morning when I voted in Princeton, New Jersey, the chirping sound was not heard at all. When the AVC Advantage machines were activated to vote, and when the voters pressed the CAST VOTE button, there was no sound at all. Configuring the machines in this way is not a good idea. It makes the voters more uncertain about whether their vote was cast, and it makes it easier to inadvertently or deliberately cast extra votes.

UPDATE: Other machines in Princeton are making sounds. Also, some voters who used these very same machines report hearing sounds. So at this point I don’t believe that it’s a county-wide configuration issue. It may be a local, temporary malfunction of the little speaker in the operator panel, or it may be something else.

Repeated voting, though made easier by the absence of a sound, would still require collusion with the pollworker standing outside the voting machine. Such collusion does not require criminal intent. It may take the form,
Voter: I’m not sure my vote registered.
Pollworker: OK, I’ll activate the machine again just to make sure.
This scenario is not as far-fetched as you might think.

UPDATE 2: Another voter reports that when she voted later in the day at a different location in Princeton, she listened carefully (when pressing the CAST VOTE button) for the sound, but did not hear it. In both my case and hers, the CAST VOTE button was lit before we pressed it, so presumably our votes did count, if the manufacturer’s standard firmware was installed in the AVC Advantage.

Filed Under: Other Topics

Judge Suppresses Report on Voting Machine Security

October 1, 2008 by

A judge of the New Jersey Superior Court has prohibited the scheduled release of a report on the security and accuracy of the Sequoia AVC Advantage voting machine. Last June, Judge Linda Feinberg ordered Sequoia Voting Systems to turn over its source code to me (serving as an expert witness, assisted by a team of computer scientists) for a thorough examination. At that time she also ordered that we could publish our report 30 days after delivering it to the Court–which should have been today.

Three weeks after we delivered the report, on September 24th Judge Feinberg ordered us not to release it. This is part of a lawsuit filed by the Rutgers Constitutional Litigation Clinic, seeking to decommission of all of New Jersey’s voting computers. New Jersey mostly uses Sequoia AVC Advantage direct-recording electronic (DRE) models. None of those DREs can be audited: they do not produce a voter verified paper ballot that permit each voter to create a durable paper record of her electoral choices before casting her ballot electronically on a DRE. The legal basis for the lawsuit is quite simple: because there is no way to know whether the DRE voting computer is actually counting votes as cast, there is no proof that the voting computers comply with the constitution or with statutory law that require that all votes be counted as cast.

The question of whether this report can legally be suppressed was already argued once in this Court, in June 2008, and the Court concluded then that it should be released; I will discuss this below. But as a matter of basic policy–of running a democracy–the public and legislators who want to know the basic facts about the reliability of their elections need to be able to read reports such as this one. Members of the New Jersey Legislature–who need to act now because the NJ Secretary of State is not in compliance with laws the legislature passed in 2005–have asked to read this report, but they are precluded by the Court’s order. Members of the public must decide now, in time to request an absentee ballot, whether to cast their ballot by absentee (counted by optical scan) or to vote on paperless DRE voting machines. Citizens also need information so that they can communicate to their legislators their opinions about how New Jersey should conduct elections. Even the Governor and the Secretary of State of New Jersey are not permitted, by the Court’s order, to read this report in order to inform their policy making.

Examination of the AVC Advantage. In the spring of 2008, Judge Linda Feinberg ordered the defendants (officials of the State of New Jersey) to provide to the plaintiffs: (a) Sequoia AVC Advantage voting machines, (b) the source code to those voting machines, and (c) other specified information. The Sequoia Voting Systems company, which had not been a party to the lawsuit, objected to the examination of their source code by the plaintiffs’ experts, on the grounds that the source code contained trade secrets. The Court recognized that concern, and crafted a Protective Order that permitted the plaintiffs’ experts to examine the source code while protecting the trade secrets within it. However, the Court Order, issued by Judge Feinberg on June 20, does permit the plaintiffs’ experts to release this report to the public at a specified time (which has now arrived). In fact, the clause of this Order that permits the release of the report was the subject of lengthy legal argument in May-June 2008, and the plaintiffs’ experts were not willing to examine the AVC Advantage machines under conditions that prevent public discussion of their findings.

I served as the plaintiffs’ expert witness and led an examination team including myself and 5 other computer scientists (Maia Ginsburg, Harri Hursti, Brian Kernighan, Chris Richards, and Gang Tan). We examined the voting machines and source code during July-August 2008. On September 2nd we provided to the Court (and to the defendants and to Sequoia) a lengthy report concerning the accuracy and security of the Sequioa AVC Advantage. The terms of the Court’s Protective Order of June 20 permit us to release the report today, October 2nd.

However, on September 24 Judge Feinberg, “with great reluctance,” orally ordered the plaintiffs not to release the report on October 2nd, and not to publicly discuss their conclusions from the study. She did so after the attorney for Sequoia grossly mischaracterized our report. In order to respect the Judge’s temporary stay, I cannot now comment further on what the report does contain.

The plaintiffs are deeply troubled by the Court’s issuance of what is essentially a temporary restraining order restricting speech, without any motion or briefing whatsoever. Issuing such an order is an extreme measure, which should be done only in rare circumstances, and only if the moving party has satisfied its high burden of showing both imminent harm and likelihood of success on the merits. Those two requirements have not been satisfied, nor can they be. The plaintiffs have asked the Court to reconsider her decision to suppress our report. The Court will likely hear arguments on this issue sometime in October. We hope and expect that the Court will soon permit publication of our report.

Filed Under: Other Topics Tagged With: ,

Lenz Ruling Raises Epistemological Questions

August 22, 2008 by

Stephanie Lenz’s case will be familiar to many of you: After publishing a 29-second video on YouTube that shows her toddler dancing to the Prince song “Let’s Go Crazy,” Ms. Lenz received email from YouTube, informing her that the video was being taken down at Universal Music’s request. She filed a DMCA counter-notification claiming the video was fair use, and the video was put back up on the site. Now Ms. Lenz, represented by the EFF, is suing Universal, claiming that the company violated section 512(f) of the Digital Millennium Copyright Act. Section 512(f) creates liability for a copyright owner who “knowingly materially misrepresents… that material or activity is infringing.”

On Wednesday, the judge denied Universal’s motion to dismiss the suit. The judge held that “in order for a copyright owner to proceed under the DMCA with ‘a good faith belief that the use of the material in the manner complained of is not authorized by the copyright owner, its agent, or the law,’ the owner must evaluate whether the material makes fair use of the copyright.”

The essence of Lenz’s claim is that when Universal sent a notice claiming her use was “not authorized by… the law,” they already knew her use was actually lawful. She cites news coverage that suggests that Universal’s executives watched the video and then, at Prince’s urging, sent a takedown notice they would not have opted to send on their own. Wednesday’s ruling gives the case a chance to proceed into discovery, where Lenz and the EFF can try to find evidence to support their theory that Universal’s lawyers recognized her use was legally authorized under fair use—but caved to Prince’s pressure and sent a spurious notice anyway.

Universal’s view is very different from Lenz’s and, apparently, from the judge’s—they claim that the sense of “not authorized by… the law” required for a DMCA takedown notice is that a use is unauthorized in the first instance, before possible fair use defenses are considered. This position is very important to the music industry’s current practice of sending automated takedown notices based on recognizing copyright works; if copyright owners were required to form any kind of belief about the fairness of a use before asking for a takedown, then this kind of fully computer-automated mass request might not be possible, since it’s hard to imagine a computer performing the four-factor weighing test that informs a fair use determination.

Seen in this light, the case has at least as much to do with the murky epistemology of algorithmic inference as it does with fair use per se. The music industry uses takedown bots to search out and flag potentially infringing uses of songs, and then in at least some instances to send automated takedown notices. If humans at Universal manually review a random sample of the bot’s output, and the statistics and sampling issues are well handled, and they find that a certain fraction of the bot’s output is infringing material, then they can make an inference. They can infer with the statistically appropriate level of confidence that the same fraction of songs in a second sample, consisting of bot-flagged songs “behind a curtain” that have not manually reviewed, are also infringing. If the fraction of material that’s infringing is high enough—e.g. 95 percent?—then one can reasonably or in good faith (at least in the layperson, everyday sense of those terms) believe that an unexamined item turned up by the bot is infringing.

The same might hold true if fair use is also considered: As long a high enough fraction of the material flagged by the bot in the first, manual human review phase turns out to be infringement-not-defensible-as-fair-use, a human can believe reasonably that a given instance flagged by the bot—still “behind the curtain” and not seen by human eyes—is probably an instance of infringement-not-defensible-as-fair-use.

The general principle here would be: If you know the bot is usually right (for some definition of “usually”), and don’t have other information about some case X on which the bot has offered a judgment, then it is reasonable to believe that the bot is right in case X—indeed, it would be unreasonable to believe otherwise, without knowing more. So it seems like there is some level of discernment, in a bot, that would suffice in order for a person to believe in good faith that any given item identified by the bot was an instance of infringement suitable for a DMCA complaint. (I don’t know what the threshold should be, who should decide, or whether or not the industry’s current bots meet it.) This view, when it leads to auto-generated takedown requests, has the strange consequence that music industry representatives are asserting that they have a “good faith belief” certain copies of certain media are infringing, even when they aren’t aware that those copies exist.

Here’s where the sidewalk ends, and I begin to wish I had formal legal training: What are the epistemic procedures required to form a “good faith belief”? How about a “reasonable belief”? This kind of question in the law surely predates computers: It was Oliver Wendell Holmes, Jr. who first created the reasonable man, a personage Louis Menand has memorably termed “the fictional protagonist of modern liability theory.” I don’t even know to whom this question should be addressed: Is there a single standard nationally? Does it vary circuit by circuit? Statute by statute? Has it evolved in response to computer technology? Readers, can you help?

Filed Under: Other Topics Tagged With: ,