Government Technology

E-Vote: Colorado Tests Voting Equipment, Decertifies Some



December 18, 2007 By

"If I'm too lenient in determining what passes then I risk having the state taken to court by activists groups who will ask for an injunction on the use of electronic voting machines for the 2008 election, and if I exceed the requirements of state law and the court order, then I will be sued by the vendors who manufacture and sell the equipment."

Colorado Secretary of State Mike Coffman today issued his findings from a court-mandated retesting of electronic voting equipment. In September 2006, a district court judge had ruled, in Conroy vs. Dennis, that the certification process used by the Secretary of State's office was inadequate and that the voting equipment had to be retested before the 2008 primary election. Under state law, all electronic voting equipment purchased after May 2004 has to be tested and certified by the Secretary of State's office after being federally certified.
 
"My job, as the Secretary of State, is to follow the law and the law requires my office to test the electronic voting equipment used in Colorado to make sure that these systems are secure and can accurately count every vote as set forth by the standards established in state law and mandated by a court order," said Coffman.

Under state law, the clerks and the vendors of decertified equipment will have up to 30 days to formally "request a reconsideration" of Coffman's decisions. The Legislature, when it convenes next month, can also decide to modify the requirements set forth in the state's certification law to allow decertified equipment to be used in the 2008 election. On Wednesday and Thursday, Coffman's staff will meet with the clerks and the vendors who have decertified equipment for a detailed technical briefing of the testing results and the factors leading to decertification.
 
"I had to strictly follow the law along with the court order," said Coffman. "If I'm too lenient in determining what passes then I risk having the state taken to court by activists groups who will ask for an injunction on the use of electronic voting machines for the 2008 election, and if I exceed the requirements of state law and the court order, then I will be sued by the vendors who manufacture and sell the equipment."

Coffman carefully reviewed the process for certifying electronic voting equipment used in 2006 and made dramatic changes, which include three additional layers of technical experts reviewing the tests results. He instituted a testing board composed of four technical experts to decide the passage or failure of individual tests, and an outside audit of technical experts to review the testing process, as well as making sure that the results matched the tests. He also engaged the cyber security experts from state government to also review and comment on the security testing.
 
Coffman's Decisions:

  • Premier (formally known as Diebold) All voting equipment submitted for recertification passed.
  • Sequoia The optical scan devices, Insight and 400-C, used to count paper ballots both passed, but the electronic voting machines, the Edge II and the Edge II Plus, both failed due to a variety of security risk factors, including that the system is not password protected, has exposed controls potentially giving voters unauthorized access, and lacks an audit trail to detect security violations.
  • Hart The optical scan devices, eScan and BallotNow, both failed because test results showed that they could not accurately count ballots. The electronic voting machine, eSlate, passed.
  • ES&S The optical scan devices (M 100 and the M650) both failed because of an inability to determine if the devices work correctly and an inability to complete the testing threshold of 10,000 ballots due to vendor programming errors. The electronic voting machine (iVotronic) failed because it is easily disabled by voters activating the device interface, and the system lacks an audit trail to detect security violations.



| More

Comments

Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Redefining Citizen Engagement in a Mobile-First World
Today’s consumers are embracing the ease and convenience of anytime, anywhere access to the Internet from their mobile devices. In order for government and public sector organizations to fully engage with their citizens and provide similar service quality as their consumer counterparts, the time is now to shift to mobile citizen engagement. Learn more
McAfee Enterprise Security Manager and Threat Intelligence Exchange
As a part of the Intel® Security product offering, McAfee® Enterprise Security Manager and McAfee Threat Intelligence Exchange work together to provide organizations with exactly what they need to fight advanced threats. You get the situational awareness, actionable intelligence, and instantaneous speed to immediately identify, respond to, and proactively neutralize threats in just milliseconds.
Better security. Better government.
Powering security at all levels of government with simpler, more connected IT.
View All

Featured Papers