By Cameron W. Barr
Washington Post Staff Writer
Saturday, October 21, 2006
A Maryland election official said yesterday that possibly stolen computer disks believed to be electronic voting software were "apparently produced" for use by a testing firm hired by the Maryland legislature in November 2003.
Ross Goldstein, deputy administrator of the Maryland State Board of Elections, said documents indicate that the disks were sent to Maryland so Raba Technologies Inc. could assess the security of the state's electronic voting system, which is provided by Diebold Election Systems. A receptionist at Raba, based in Columbia, declined to comment yesterday after consulting with her supervisor.
Labels on the disks indicate that they contain the versions of two Diebold programs that powered electronic voting machines in Maryland in 2004, Goldstein said Thursday. Diebold said one version of one program is still in use in some jurisdictions elsewhere in the United States.
Cheryl C. Kagan, a former Maryland delegate who has questioned the security of electronic voting systems, said the disks were delivered anonymously to her office in Olney on Tuesday.
State elections administrator Linda H. Lamone has asked the FBI to investigate the apparent theft and leaking of proprietary voting software.
Critics of electronic voting said the most recent incident in Maryland casts doubt on Lamone's claim that Maryland has the nation's most secure voting system. "There now may be numerous copies of the Diebold software floating around in unauthorized hands," said Linda Schade, co-founder of TrueVoteMD, which has pressed for a system that provides a verifiable paper record of each vote.
Yesterday, Henry Fawell, a spokesman for Gov. Robert L. Ehrlich Jr. (R), said the suspected leak "raises yet another unanswered question about the Diebold technology on which our election system depends." Ehrlich initially supported the Diebold technology but in recent years has said Maryland should switch to a system that provides a paper trail.
Some computer scientists said the incident shows why the makers of voting systems should publicly disclose their software. "It's hard to keep a secret like this for a long time," said Edward Felten, a Princeton University computer scientist who demonstrated in September how Diebold's machines could easily be hacked. The company called Felten's work inaccurate and unrealistic.
The Washington Post, which obtained copies of the disks Wednesday to verify them, agreed yesterday to Diebold's request to return them.
Kagan said that she expects to meet with FBI agents next week and that she was prepared to grant the FBI's request to turn over the disks.
The disks bear logos from two other testing companies, Ciber Inc. and Wyle Laboratories, which Diebold hired to test its voting system. Maryland retained Raba in 2003 to conduct a security assessment after an academic study revealed vulnerabilities in Diebold's system, said Karl S. Aro, executive director of the Department of Legislative Services.
Aro said he believes that Diebold made its own arrangements to transmit the software to Raba. "To my knowledge, [Aro's staff] never touched those disks," Aro said.
Diebold spokesman Mark Radke said: "We contacted Ciber and Wyle and asked them to send the software directly to someone in Maryland." He said he could not confirm if the recipient was Raba or an intermediary.
Felten, the Princeton computer scientist, said public disclosure of the core instructions or "source code" that powers electronic voting machines would enhance security by allowing experts to find flaws that could then be corrected.
David Jefferson, a computer scientist at Lawrence Livermore National Laboratory who advises California's secretary of state on election matters, said the source code should be public precisely because it is part of voting systems. "Our democratic process has to be completely open, and we cannot conduct transparent elections on top of secret software," he said.
Michael I. Shamos, a computer scientist at Carnegie Mellon University, said the appearance of the disks in Kagan's office is "essentially meaningless." He said electronic voting source code should be disclosed because of the public's strong interest in the credibility of voting systems. "Since the disclosure of source code is a good thing," he asked, "why should we be complaining when some gets disclosed?"
"Anything that happens to convince the makers of voting software to drop the nonsensical claim of 'trade secrets' is a good thing," Shamos said.
Radke said the company was not averse to disclosing its code if the law were changed to require it. But he said disclosure would dampen innovation in the field.
Avi Rubin, a computer scientist at Johns Hopkins University who reviewed the software Wednesday at the request of The Post, said he was all but certain that the material on the disks was Diebold software.