The EVEREST: Evaluation and Validation of Election-Related Equipment, Standards and Testing: Final Report has been released. This is an Ohio study released by the Ohio Secretary of State and prepared by teams from Pennsylvania State University, the University of Pennsylvania and WebWise Security. Excerpt of conclusions:
- Insufficient Security - The systems uniformly failed to adequately address important threats against election data and processes. Central among these is a failure to adequately defend an election from insiders, to prevent virally infected software from compromising entire precincts and counties, and to ensure cast votes are appropriately protected and accurately counted.
- Improper Use or Implementation of Security Technology - A root cause of the failures present in the studied systems is the pervasive mis-application of security technology. Failure to follow standard and well-known practices for the use of cryptography, key and password management, and security hardware seriously undermine the protections provided. In several important cases, the misapplication of commonly accepted principles renders the security technology of no use whatsoever.
- Auditing - All of the systems exhibited a visible lack of trustworthy auditing capability. In all systems, the logs of election practices were commonly forgeable or erasable by the principals who they were intended to be monitoring. The impact of the lack of secure auditing is that it is difficult to know when an attack occurs, or to know how to isolate or recover from it when it is detected.
- Software Maintenance - The software maintenance practices of the studied systems are deeply flawed. This has led to fragile software in which exploitable crashes, lockups, and failures are common in normal use. Such software instability is likely to increase over time, and may lead to highly insecure and unreliable elections.
Read the Report here.
Posted by Jon Lutz
