Iowa Voters

Secretary of State Chet Culver is about to issue an SOS (Save our Security) for Iowa’s voting machines. “Emergency” rules are to be published in early May—in time to plug security holes in the new equipment that will debut for the June primary election. Iowans for Voting Integrity obtained a copy of the rules last week.

The action is a tacit admission that Bev Harris and the other “conspiracy theorists” have been correct these last three years when they said computerized equipment offered new ways to steal elections.

The emergency rules govern the memory cards that carry the key programming and voting results. These cards are so small that any magician could hide several up his sleeve and swap them when no one is looking. An altered card could mean a stolen election. It already happened in a vivid demonstration in Florida last December, now known as the Hursti hack.

At first Iowa’s election director Sandy Steinbach shrugged off the Hursti caper, saying he had inside access to the equipment. Actually he had access similar to that of any poll worker, technician or courthouse employee. And since it is, after all, insiders who steal elections, Hursti revealed how it can be done in the future. He pulled the perfect crime, leaving not a trace of his activity.

So the new rules treat the memory devices as the virtual ballot boxes that they are. No one is to be left alone with a memory card. Serial numbers are to be invented in each county for each card, and seals are to be used to keep the same card in its proper place for the proper time. An inventory log of the card’s life history is to maintained, detailing its every move.

The rules follow this warning from California computer scientists who looked into the problem:

Harri Hursti’s attack does work: Mr. Hursti’s attack on the [Diebold]AV-OS is defnitely real. He was indeed able to change the election results by doing nothing more than modifying the contents of a memory card. He needed no passwords, no cryptographic keys, and no access to any other part of the voting system, . . . .

The scientists pointed out that only paper ballots can truly prevent this attack from being the perfect storm of election fraud:

Successful attacks can only be detected by examining the paper ballots: There would be no way to know that any of these attacks occurred; the canvass procedure would not detect any anomalies, and would just produce incorrect results. The only way to detect and correct the problem would be by recount of the original paper ballots, . . . .

But not all voting machines involve paper ballots. Hmmm, haven’t we talked about this before?

Culver’s new rules follow similar rules from Florida but are not as complete. Florida warns local election officials to have backup plans in case a memory card turns up under the doormat or in case a security seal is found to be broken. And Florida reminds its election workers that all Diebold voting machines come with the SAME PASSWORD, and, really, it ought to be changed so that those of us who read about the “1111″ password will not be able to use it. Maybe these points have already been addressed in Iowa. Let’s hope so.

The Colorado state senate has become the first legislative body to reflect the popular will by spurning the electoral college. This could be the beginning of the end for the widely disliked way we elect our President.

An ingenious plan has been devised to skirt the college without actually repealing it. The plan can take effect when enough states join a contract to act together. They will then each select as their slate of electors the group who plan to vote for the candidate that won the most votes nationwide.

This plan was unveiled this winter. Now it has taken its first step. It is also under consideration in Missouri and Illinois and was endorsed by the Minneapolis Star-Tribune. Iowa is surrounded by activity.

The electoral college undermines democracy. Andrew Gumbel even reveals how its creation was part of the accomodation to slavery in his book Steal This Vote.

Using the popular vote should
– boost turnout by counting every vote equally;
– restore some faith in our system by making it more direct, and
– provide at least one federal election not subject to gerrymandering.

What Iowa legislators will introduce this plan next January?

by Sean Flaherty

Following right on the icountcoalition’s Lobby Days for HR 550 , New Jersey Rep. Rush Holt’s election integrity bill, VoteTrustUSA held its national strategy workshop for election activists. Representatives of election integrity groups from all across the country met at Catholic University in Washington, D.C. April 7-9 to trade ideas and get advice from people who have been fighting this fight for years.

Carole Simmons and I represented Iowans for Voting Integrity. We heard more valuable ideas for promoting election reform than I can enumerate here. Among the most important and practical:

(1)The most obvious— be a pollworker or a pollwatcher. See the Poll Monitors’ and Poll Workers’ Guide to Electronic Voting for ideas on what to observe. In Iowa ballot counting is public, so you don’t need to be either a pollworker or pollwatcher to observe the counting of the votes. Show up where the votes are being counted and record events. Be very alert to what you see, but be polite and respectful to election workers. Some election activists have developed remarkably productive relationships with local and state officials by simply being nice and knowledgeable. Challenge what you think is wrong, but you are not there to say “gotcha.”

(2)Write yourself a pithy, 30-second speechon the election integrity issue. Be ready to go into detail, but be able to make your point quicky. Example: “In this country, we have several companies running our elections on behalf of our governments. You wouldn’t believe how secretive these companies are and what little power any level of government has to regulate them.” Plenty of people can do better than that example speech, but it gives you an idea.

(3)Watchdog your county election system. John Washburn, a software tester and election activist in Wisconsin, describes four things you can do about voting integrity in your county:

*Show up at the offices of the county commissioner for the L&A testing of the software. No need to help— just show up and record the proceedings.
*Examine the purchase documents to confirm the system your election administrator is buying or has taken delivery on is actually state-approved.
*If the state-approved system has conditional use requirements (e.g. security protocols), ask your election administrator for documentation the conditions of use are being met.
*Show up at the precinct canvassing of votes and or the county-wide tabulation. Again, no need to help just show up and record the proceedings.

These are the most specific and local actions an election integrity advocate can undertake. We still need state and federal laws requiring truly independent testing of voting equipment, voter-verified paper ballots, random hand audits, and fully disclosed vote-counting software. But nothing does more for our cause than the close observation of elections and election equipment in your own area. After all, it is a mountain of specific and local examples of hackable voting machines, careless procedures, and other oddities that is moving election reform ever closer to the country’s front burner.

Summitt County Ohio has new voting machines, but the election director predicts that there will be trouble during the May 2 primary. His equipment is sold by ES & S of Omaha. The following Iowa counties should pay special attention, as they have also purchased similar new voting machines from ES & S:

Buena Vista, Butler, Calhoun, Cerro Gordo, Clinton, Dallas, Decatur, Delaware, Emmet, Grundy, Hancock, Hardin, Jasper, Johnson, Jones, Kossuth, Lee, Louisa, Marshall, Muscatine, Polk, Pottawattamie, Van Buren, Wapello, and Woodbury.

According to the story in the Akron Beacon Journal, the problem lies in the memory cards that record the vote totals as the scanner reads the paper ballots. Election director Bryan Williams says the cards work one day, but not the next:

“One card is physically coming apart at the seams,'’ Williams said. “We’re seeing at every point of use, a little drop off.'’

Williams said that based on what he has seen so far, he can only expect that some of the 475 memory cards programmed for each county voting precinct will not work on Election Day.

And that’s not all. When the 475 cards (virtual ballot boxes) are in turn read by the machine that adds all precincts together, more errors occur:

The main ballot tabulator, called the election reporting manager or ERM — which is supposed to read the memory cards and report totals — also isn’t working correctly. At one point in practice runs, the tabulator was dropping off dozens of races for Republican candidates for precinct committee members.

And, the machines the county purchased to accommodate disabled voters still aren’t working right, even though by law they should have been available for absentee voting that has been ongoing since the end of March.

When a blind man came to the elections board to vote absentee last week, he had to vote instead with the assistance of a bipartisan pair of board employees.

The conclusion of one member of the board of elections is this:

`If it doesn’t work, we’re either going to ship it back and go into litigation or you’re going to retrofit it,'’ Arshinkoff said. “The manure is going to hit the fan on this.'’

At least they will have the original paper ballots to rely on, even if the machines can’t count them correctly. I’m sure they are grateful for that.

This is another example of why doing your own test ballots and performing audit checks after the election are wise practices.

From the Chicago Tribune, a story about the recent Illinois primary, lawsuits for recounts, faulty equipment, and dissatisfied election workers:

Fueled by concerns about “poor management and organizational incompetence,” Maureen Murphy, vice chair of the county GOP and a member of the county Board of Review, said she has met with about 200 suburban election judges who detailed a litany of problems from the March 21 primary.

Among the issues, she said, were a touch-screen voting machine that “blew up like an M80″ and had to be unplugged; machines showing votes that hadn’t been cast; and machines not working at all. In one meeting she asked about 125 judges how many of them were confident that every vote at their polling place had been counted, and no hands went up, she said.

“We tell people every vote counts. But we do not believe every vote has been counted,” she said. “This makes what happened in Florida, folks, look like a textbook election,” she said, referring to the 2000 presidential election.

Election officials have agreed that faulty equipment led to Election Night mishaps, . . . .

By Sean Flaherty

Last week, Carole Simmons and I were honored to represent Iowans for Voting Integrity at two important and inspiring election integrity events in Washington, D.C. April 6 and 7 were Lobby Days, a citizen lobbying effort on behalf of Rep. Rush Holt’s election reform bill HR 550, the Voter Confidence and Increased Accessibility Act.

The Holt bill would require that all voting machines produce a voter-verified paper record, and that the paper record be the official ballot in a recount. Equally important, it would prohibit conflicts of interest between testing laboratories and voting machine vendors, require disclosure of software code, and establish a mandatory hand audit of 2% of all precincts in federal elections.

Congressman Jim Leach (R-IA-02) met with our Iowa-Missouri group, and agreed to cosponsor during our meeting! Three other Republicans, and six Democrats, have signed on since April 6.

Congressman Leach seemed a bit skeptical about two points: the cost of the bill, and the public disclosure of voting machine software. HR 550 provides funding for its provisions, to the tune of $150 million. The cost of the nationwide audit of 2% of precincts seemed to concern him. We mentioned the example of the Washington gubernatorial recount. That hand count cost about $3 million and counted 2.8 million ballots. In 2004 there were about 125 million votes cast, so the 2% puts the cost in the same league. The Washington example does provide evidence that the audit shouldn’t take us into tens of millions of dollars.

He wondered if public disclosure of software would make voting systems more vulnerable. I brought up the consensus against “security through obscurity.” Just as I thought we were getting into the weeds, he stated that he respected Holt, and was confident he had done his homework. He looked at Ms. Butler, said, “You know what, I like this. Sign me up as a cosponsor.”

Why hadn’t he signed on yet? Word had it among the leaders of Lobby Days that Leach is not one to cosponsor legislation. The issue may not be prominent on his radar screen, even though he was aware of a growing problem of public perception. He probably needed some constituent advocacy to nudge him in the right direction, and his respect for Rush Holt seemed quite unaffected.

It’s impossible not to be overwhelmed by the sobriety and passion of the election integrity movement. People came to lobby on their own dime, or on the pooled contributions of their state groups. They are well-informed , dismayed at what is happening to our democracy, and ready to fight for this cause as long as it takes. Not once did I hear a “conspiracy theory.” Those who try to dismiss our cause as belonging in the black-helicopter ranks should have been there.

There is real interest in this issue among Republicans. Some of the most spontaneous interest was shown by a staffer in a Republican Rep’s office (not one of the new cosponsors-yet). Politicians of both major parties have been through close races and dicey recounts. If you live in Jim Nussle’s (1st), Tom Latham’s, (4th) or Steve King’s (5th) district, or know folks who do, make sure that you mention the Republican cosponsors of HR 550 when you contact them. Frank Wolf (R-VA), according to Rush Holt, is a particularly weighty name among Congressional insiders.

Leonard Boswell (D-IA-03) is not yet a cosponsor; he should be! Here is a map of the 3rd District. If you live there, write him.

On Monday, a Florida activist (formerly of Clinton, IA) and I met with a staffer in Senator Harkin’s office. Harkin is interested in the issue but concerned about disabled access. The staffer, Beth Stein (actually a counsel to Harkin), assured us that he is committed to both a paper trail and equal access for the disabled. I think we can get him to come around. If we can arouse the interest of the Iowa disabled community, there’s no reason we can’t get him on board.

We did not lobby Senator Grassley, but the same principle applies to him as to all Republican legislators. It’s not a partisan issue, and the cosponsor list reflects that fact.

We’ve got a lot of work to do for election integrity here in Iowa. HR 550 is gaining momentum, but there is no guarantee that it or any other federal election integrity legislation will pass soon. We need to push for a state election integrity law with many of the same provisions as the Holt bill. But with our first HR 550 cosponsor, we are off to a strong start.

I’m going on spring break, but I’ll leave a reading list for you.

To keep up with the news visit votetrustusa or blackboxvoting.

To learn some good ideas on how voting machines can be tested, see the pdf on test ballots I recommended before.

To play with a fraudulent voting machine go here.

So see a video on the sensibility of using paper to record votes, go here.

During break you have time to read the rather short federal bill HR 550 that addresses paper trails, audits, and secret source codes.

You can look at the Iowa Code regarding voting machines at this page, and send me your ideas on how to modernize it for the digital age.

Once your reading is complete, you can prepare to meet your Congressman or Senator when they are around the state over the next two weeks. And plan to attend your political party district convention later this month to lobby auditors and legislators for trustworthy elections in Iowa.

The next post will be after Easter when we will report on how some ambitious Iowans talked Rep Jim Leach into co-sponsoring HR 550 last week when they met in Washington.

We need more than paper trails. We cannot have trustworthy elections based merely on paper ballots—whether they are printed out by computers or marked by hand. All votes are now being counted by computers, so the counting must also be credible.

In addition to paper trails, and open source software, a more modern set of election laws and other stuff, we need to audit the election.

University of Iowa computer scientist and voting machine expert Doug Jones says that without audits after the election, the paper ballots are “just inky wood pulp gathering dust in dark warehouses.”

Jones told an audience at the Statehouse on March 8 that he has himself engaged in audits of voting machines after an election and found egregious errors. He said there are enough innocent errors in every election that fraud can find a place to hide. The way to isolate fraud is to audit elections routinely, find innocent errors, improve the system and then start over again with more audits. Eventually there will be no way to conceal fraud as innocent error.

This sounds like a job for the Auditor. Not the county auditor, who already runs the election, but the State Auditor. His office is not in the election business and he has no axe to grind. Whatever he finds cannot embarrass him but could make Iowa’s elections better. If the Secretary of State is wary of such an outsider peaking under the hood, then the Secretary of State should begin his own routine random audits of every aspect the next election in a few of Iowa’s counties.

We came close to a recount in Iowa in 2000. It took days to call the election in 2004. An ounce of audit now may be worth a ton of spin in 2008 should a recount uncover the problems that Jones believes lie hidden in our own ballot boxes.

Not only do Iowa touchscreen voting machines fall short of Iowa code, all Diebold voting machines in the state violate federal regulations. They contain “interpreted code” which is banned by federal voting machine guidelines that Iowa supposedly follows(52.5)

Interpreted code is similar to executable code, as I understand it. Remember all those warnings to beware of unexpected emails with attachments. “Never open an attachment unless you know who sent it to you,” we were told. That is how you get a virus on your computer. It could happen because those attachments contained executable code. Some of them even said “.exe” at the end of the file name.

What can interpreted code do to the voting machine? Change your vote! In a Florida test in December it changed votes in an experimental election from No to Yes, thus changing the overall result while leaving no trace that it had done so. Since there were only eight voters and they had written the votes on paper ballots, everyone knew what the tally should have been. But the machine had other results progammed into it, thanks to the interpreted code. That is why it is banned.

This discovery prompted California’s Secretary of State to investigate and later issue a 40 page report confirming that federal standards were violated in both the ballot scanner and the touchscreen voting machines (Iowa has both). The report found “there are serious security flaws in the current state of the AV-OS [optical scan] and AV-TSx [touch-screen] software,” and “In order for the Diebold software architecture to be in compliance, it would appear that the AccuBasic language and interpreter have to be removed.”

So Iowa’s Diebold ballot scanners violate federal law when they use interpreted code. Iowa’s Diebold touchscreens violate the same law and also fail to meet Iowa’s requirement to produre a separate ballot. And touchscreens from Iowa’s other vendor (ES & S) violate at least the separate ballot requirement. Whether they use interpreted code has not been investigated yet.

What is being done about this? Monday in Des Moines Diebold will go before the Iowa voting machine “examiners” to get yet another approval for their illegal equipment. According to Susan Pynchon of the Florida Fair Elections Coalition, “Any legislator or elections official who recommends the purchase of the Diebold TSx without reading the entire California report should be considered grossly negligent.”

Iowa auditors purchased this junk before the California report was written. Now that Diebold is back, we should expect them to be rejected by Iowa officials. This would be a good opportunity to decertify the machines already deployed around Iowa and get a refund from Diebold.