Calif.: All Vote Machines Tested Hackable
Secretary of State Debra Bowen released the first part of her review of California's voting systems Friday, seven days before she must decide whether to decertify any of the systems for the presidential primary.
It found that computer experts were able to breach all the systems they studied and change the machines' results. But the experts did that under artificial conditions, with unimpeded access to the equipment, a situation that ordinarily would not occur.
Matt Bishop, a computer scientist at the University of California, Davis, who led the team, said the findings must be evaluated in light of the security systems that county election officials have in place before any conclusions can be reached about whether the machines are reliable.
Bowen, who has made electronic voting security the centerpiece of her administration, said she needed to spend the weekend reviewing the reports before commenting on them.
"I am still in analysis mode," she said during a conference call with reporters, "and do not have any conclusion based on reports I have not read."
The review has been rushed because of the earlier-than-ever primary on Feb. 5. It did not include voting systems used in Los Angeles, San Francisco and Contra Costa counties.
Bowen said that was because the company that makes the machines, Election Systems & Software, had refused to give her the information she needed in time. A company spokesman said they delayed because they wanted more information about how the review would be conducted.
By law, Bowen must let counties know six months before the election that she is going to decertify their equipment. That means she must decide by Aug. 3, too soon to complete reviews of Election Systems & Software's equipment.
Instead, a spokeswoman for Bowen said she could subject that equipment to higher standards.
County elections officials see Bowen's "top-to-bottom review" as unnecessary. They say their equipment already meets federal standards and was approved by Bowen's predecessor, Bruce McPherson.
Steve Weir, president of the state association of registrars, said it was not news that voting systems could be breached under ideal conditions.
"They were given permission to get into the systems," he said. "It's not a real world test."
Experts examined systems built by Diebold Election Systems, Hart InterCivic and Sequoia Voting Systems.
One team tried to breach the machines' security. Another tested to see how accessible they were for voters with disabilities. A third group looked at the source code used in the machines. That report was withheld Friday because of concerns that it might contain proprietary information.
Among the findings:
The Secretary of State's office will conduct a public hearing on Monday, July 30, beginning at 10:00 a.m., in the Auditorium of the Secretary of State building in Sacramento.
You may view the reports at www.sos.ca.gov.