Maryland's second major evaluation of electronic voting technology took place in 2003 and was contracted to be performed by
Science Applications International Corporation. The officially published report was merely 38 pages whereas the original, unredacted document (with appendices) was a full 193 pages. That's quite a striking difference between what the Governor of Maryland was given (redacted) and what State Board of Elections Administrator Linda Lamone received directly from SAIC.
A secret top Maryland official is said to have recently disclosed the full unredacted version. The
Huffington Post has a report submitted by ABC reporter Rebecca Abrahams detailing the story. Here is one of the more chilling excerpts detailing the lead up until now:
The report has been completed but Linda Lamone will not disclose the contents of the report. Governor Ehrlich can't get her to do it, nor can Giles Berger the Chairman of the Maryland Board of Elections. It is important to note that even Berger, the SBE's Chairman, has not seen the original, unredacted report. Berger and his staff have been left to make sense of the 38 page report.
Anyone who knows anything about the troublesome voting situation we face in Maryland is surely aware of Linda Lamone's history. To say that her actions are questionable in terms of intent and judgement is a profound understatement. The implication of concealing the full SAIC report is obvious and clearly has a significant bearing on the trustworthiness of the upcoming election.
Examples of redacted sections of the report are given at the link above. Here's something you conveniently won't find in the 38-page version:
There is no documentation that describes security controls for detecting unauthorized transaction attempts by authorized or unauthorized users. Therefore, the application of security controls may be applied inconsistently, incorrectly or incompletely.
Since a threat source is more likely to exploit a system if the evidence of his/her actions cannot be gathered or will go undetected, failure to have controls for detection increases the likelihood of system attacks, and consequently, of system compromise.
That's just one example. I'm exercising restraint to avoid abusing fair use rules. Please read the full report for more excruciating details.
I think there are two particularly salient calls to action listed in this report by Abrahams which we might consider. Both ultimately involve ensuring compliance with all recommendations in the unredacted SAIC report: One demands manufacturers show explicit compliance to those recommendations. The other suggests petitioning the release of a report commissioned by the Maryland Board of Elections at the request of the Governor to determine such compliance (this was commissioned since the release of the original SAIC report).
I think we all want secure and trustworthy elections. It is election administrators like Linda Lamone partnered with corporations like Diebold that force us to call them into question. TrueVoteMD continues to call for paper ballots. Please support us in this endeavor.