Where are the California E-Voting Reports?
Where are the California E-Voting Reports?: "
I wrote Monday about the California Secretary of State’s partial release of report from the state’s e-voting study. Four subteams submitted reports to the Secretary, but as yet only the ‘red team’ and accessibility teams’ reports have been released. The other two sets of reports, from the source code review and documentation review teams, are still being withheld.
The Secretary even held a public hearing on Monday about the study, without having released all of the reports. This has led to a certain amount of confusion, as many press reports and editorials (e.g. the Mercury News editorial) about the study seem to assume that the full evaluation results have been reported. The vendors and some county election officials have encouraged this misimpression — some have even criticized the study for failing to consider issues that are almost certainly addressed in the missing reports.
With the Secretary having until Friday to decide whether to decertify any e-voting systems for the February 2008 primary election, the obvious question arises: Why is the Secretary withholding the other reports?
Here’s the official explanation, from the Secretary’s site:
The document review teams and source code review teams submitted their reports on schedule. Their reports will be posted as soon as the Secretary of State ensures the reports do not inadvertently disclose security-sensitive information.
This explanation is hard to credit. The study teams were already tasked to separate their reports into a public body and a private appendix, with sensitive exploit-oriented details put in the private appendix that would go only to the Secretary and the affected vendor. Surely the study teams are much better qualified to determine the security implications of releasing a particular detail than the lawyers in the Secretary’s office are.
More likely, the Secretary is worried about the political implications of releasing the reports. Given this, it seems likely that the withheld reports are even more damning than the ones released so far.
If the red team reports, which reported multiple vulnerabilities of the most serious kind, are the good news, how bad must the bad news be?
"
(Read Original Article - Via Freedom to Tinker.)
Twitter
Digg
StumbleUpon
Technorati
del.icio.us
Facebook
Furl
LinkedIn
YahooRecent blog posts
- In Bid to Sway Sales, Cameras Track Shoppers
- Unprecedented 25-Year Sentence Sought for TJX Hacker
- EFF Appeals Dismissal of Warrantless Wiretapping Case
- Viacom Makes Its Case Against Yesterday's YouTube
- Obama supports Senators draft plan to rework U.S. immigration policy - Includes National Biometric ID card for all.
- Domain Names Can't Defend Themselves
- Hacker Disables More Than 100 Cars Remotely
- Judges Approves $9.5 Million Facebook ‘Beacon’ Accord
- Hooking Up The Big Brother Machine... And Fighting It
- Court: State Can Dump Non-Sex Offenders Into Registry
