While reporting on California Secretary of State Debra Bowen's decision to decertify the state's electronic voting machines in light of a study that found the systems are vulnerable to security breaches, numerous media outlets attacked the study's "unrealistic" methodology or uncritically reported criticism of the study's premise, without noting the researchers' explanation for their methods.
In his August 8 Sacramento Bee column, Dan Walters criticized California Secretary of State Debra Bowen's (D) decision to decertify most of the state's electronic voting machine systems following a state-commissioned study that found the systems are vulnerable to security breaches, as Courage Campaign founder Rick Jacobs noted in a blog post at The Huffington Post critical of Walters' argument. Walters asserted that it "is not surprising" that the systems were found to be vulnerable, given the "unrealistic circumstances of the tests. Among other things, the hackers were supplied with source codes and other confidential information, and they ignored the security procedures that election officials employ." But in simply repeating this criticism, Walters and numerous media outlets that reported criticism of the study's allegedly "unrealistic" methodology -- including The Washington Post, the Associated Press, the Los Angeles Times, and the San Francisco Chronicle -- did not address the explanation given in the report itself for the conditions under which the testers worked.
After discussing "techniques" by which hackers "can discover secrets that companies and organizations wish to keep hidden" and providing examples of "organizations," such as the DVD Copyright Control Association, being "unaware of their own leaking of information," the University of California, Davis researchers who conducted the study concluded: "Thus, the statement that attackers could not replicate what red team testers do, because the red team testers have access to information that other attackers would not have, profoundly underestimates the ability and the knowledge of attackers, and profoundly overestimates the infallibility of organizations and human nature." In other words, the research was conducted under the presumption that potential hackers would have access to sensitive information relating to the machines, given hackers' proven adeptness at obtaining protected information.
According to the UC study:
The California Secretary of State entered into a contract with the University of California to test the security of three electronic voting systems as part of her top to bottom review. Each "red team" was to try to compromise the accuracy, security, and integrity of the voting systems without making assumptions about compensating controls or procedural mitigation measures that vendors, the Secretary of State, or individual counties may have adopted. The red teams demonstrated that, under these conditions, the technology and security of all three systems could be compromised.
During the August 3 edition of National Public Radio's Talk of the Nation, the red team study's principal investigator, University of California, Davis, computer science professor Matt Bishop, further explained the study's methodology. In response to host Ira Flatow's assertion that "the companies that make the machines have been critical, saying that you had access to information manuals, about how the machine works and whatever, that normal voters might not have," Bishop responded, "Well, you have to be very careful when you make a claim like that" because "information in this day and age tends to get circulated very freely. ... There have been voting machines sold on eBay. How do people know that -- how do they know that others won't have access to this information?" Bishop also said that "the key issue" facing potential hackers "is getting access" to the machines and recommended that more physical safeguards be put in place to protect from this. But "if" some of those "polic[ies] fail ... the technical defenses of the machine should come into play," which was the focus of the red teams' study. To assume that the physical safeguards would "never" be breached, Bishop stated, "indicates a very high belief in human infallibility, one probably higher than warranted."
Walters also attacked the study for "ignor[ing] the security procedures that election officials employ" -- again, without noting the researchers' explanation. The UC report noted that its research teams "did not evaluate the likelihood of any attack being feasible. Instead, they described the conditions necessary for an attacker to succeed," allowing the researchers to "focus on the technology rather than on the policies procedures, and laws intended to compensate for any technological shortcomings." Because providing safeguards for the voting machines "is a local matter" in California, the report stated that "it was impractical for the red team testers to evaluate" the "at least 58 different sets of procedures." On NPR, Bishop added that it was "up to the politicians" to "look at the policies and procedures surrounding" securing the machines and suggested that since "the red teams were technology folks," they would not be sufficiently qualified to look into this issue." Bishop further stated that "in the limited time we had" to conduct the study, it "would simply not have been feasible for us to" examine the "policies and procedures" in place in California's 58 counties.
Nonetheless, numerous media reports similarly attacked the study's methodology or uncritically reported criticism of the study's premise, without noting the researchers' explanation for their methods. For instance:
- In an August 7 article headlined, "Voting-machine costs add up," the San Jose Mercury News uncritically reported that "[c]ompany officials have said the researchers were given unusual access to the machines that real-world hackers could never gain."
- On August 5, a Sacramento Bee article -- "Voting decision creates turmoil" -- similarly reported without question, "The UC studies drew criticism from registrars and manufacturers because they did not take into account Election Day security measures by local officials. Researchers also had access to proprietary access cards and internal codes." The article added: "Manufacturers said they were disappointed in Bowen's conclusions because they believe the tests were unfair," concluding, " 'Secretary Bowen's top-to-bottom review was designed to ignore security procedures and protocols that are used during every election,' Diebold Election Systems President Dave Byrd said in a statement. 'Her team of hackers was given unfettered access to the equipment, the source code and all other information on security features provided by (Diebold) to the Secretary of State's Office.'"
- In an August 5 news brief taken from news services, the Post reported only that "[c]ompany officials have played down the results of Bowen's review, saying they reflected unrealistic, worst-case scenarios that would be counteracted by security measures taken by the companies and local election officials."
- The same day, the AP uncritically reported: "Companies complained that the review was performed under conditions that don't exist in the real world, with the university hackers having full access to machines' manuals and complex computer codes."
- In an August 4 article, "State decides to secure electronic voting machines," the Los Angeles Times also reported only that "Bowen's audit has been harshly criticized by election officials across the state who said the testing was done in a manner inconsistent with real-life situations. ... 'It was akin to testing the security of your money in a bank with unlocked doors, with no security guards or even bank tellers in sight and the bank's vault wide open,' said Los Angeles County Registrar-Recorder Conny McCormack."
- A July 28 San Francisco Chronicle article on the study uncritically quoted the "head of the state Association of Clerks and Election Officials" as saying: "Letting the hackers have the source codes, operating manuals and unlimited access to the voting machines 'is like giving a burglar the keys to your house,' '' said Steve Weir, clerk-recorder of Contra Costa County and head of the state Association of Clerks and Election Officials."
On August 3, Bowen announced that "[e]ach of the systems" that had gone "through the top-to-bottom review ha[d] been legally decertified," and that "each of them ha[d] been recertified with the addition of a number of conditions." The Diebold and Sequoia systems were "recertified solely for the purposes of conducting early voting and to allow counties to have one DRE [direct recording electronic] machine in each polling place on Election Day for the purpose of complying with disability access requirements of the Help America Vote Act (HAVA)." The "Hart InterCivic DRE system was also recertified but will only be required to comply with increased security and post-election auditing procedures."
From Walters' August 8 Sacramento Bee column:
This year, Bowen commissioned a "red team" from the University of California to test electronic voting systems. The team found them to be vulnerable -- which is not surprising, given the less-than-reasonable, unrealistic circumstances of the tests. Among other things, the hackers were supplied with source codes and other confidential information, and they ignored the security procedures that election officials employ.
Based on what the California State Association of Counties calls "flawed analysis" of the systems, Bowen decertified them, drawing sharp criticism from officials who must now scramble to put voting systems in place for the Feb. 5 presidential primary election and from Diebold, the chief target of the review.
"Secretary Bowen's top-to-bottom review was designed to ignore security procedures and protocols that are used during every election," Dave Byrd, president of Diebold Election Systems, said in a statement. "Her team of hackers was given unfettered access to the equipment, the source code and all other information on security features provided by (Diebold) to the Secretary of State's Office."
Bowen, it might be said, disregarded reasonable doubt and embraced the "imaginary doubt" that criminal law forbids.