- Freedom of Information requests at
have unearthed two Ciber certification reports indicating that security
and tamperability was NOT TESTED and that several state elections
a secretary of state, and Dr. Britain Williams signed off on the report
anyway, certifying it.
- The documents, posted at Black Box Voting (.ORG) show
that Ciber Labs' Shawn Southworth used a conformance chart specifying FEC
regulations, marking each test item "pass" or
- Southworth ìtestedî whether every candidate
on the ballot has a name. But we were shocked to find out that, when asked
the most important question -- about vulnerable entry points --
report says ìnot reviewed.î
- Ciber ìtestedî whether the manual gives
a description of the voting system. But when asked to identify methods
of attack (which we think the American voter would consider pretty
the top-secret report says ìnot applicable.î
- Ciber ìtestedî whether ballots comply with
local regulations, but when we asked Shawn Southworth what he thinks about
Diebold tabulators accepting large numbers of ìminusî votes,
he said he didnít mention that in his report because ìthe
vendors donít like him to put anything negativeî in his
After all, he said, he is paid by the vendors.
- Was this just a one-time oversight?
- Nope. It appears to be more like a habit. We also posted
the sister report, for another vendor entirely, VoteHere, and you can see
that the critical security test, the ìpenetration analysisî
was again marked ìnot applicableî and was not done.
- Maybe another ITA did the penetration analysis?
- Apparently not. We discovered an even more bizarre Wyle
Laboratories report. In it, the lab admits the Sequoia voting system has
problems, but says that since they were not corrected earlier, Sequoia
could continue with the same flaws. At one point the Wyle report omits
its testing altogether, hoping the vendor will do the test.
- Computer Guys: Be your own ITA certifier.
- Black Box Voting has posted a full Ciber report on GEMS
1.18.15. We also posted a .zip file download for the GEMS 1.18.15 program.
We also provided a real live Diebold vote database. Compare your findings
against the official testing lab and see if you agree with what Ciber says.
E-mail us your findings.
- Who the heck is NASED?
- They are the people who certified this stuff. Now, if
the security of the U.S. electoral system depends on you to certify a
system, and you get a report that says security was ìnot
and ìnot applicableî -- what would you do?
- Perhaps we should ask them. Go ahead. Hold them
for the election we just had. (Please, e-mail us their answers) Their names
are listed on the Web site.