[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Clips November 19, 2002
- To: "Lillie Coney":;, Gene Spafford <spaf@xxxxxxxxxxxxxxxxx>;, John White <white@xxxxxxxxxx>;, Jeff Grove <jeff_grove@xxxxxxx>;, goodman@xxxxxxxxxxxxx;, David Farber <dave@xxxxxxxxxx>;, glee@xxxxxxxxxxxxx;, Andrew Grosso<Agrosso@xxxxxxxxxxxxxxxx>;, ver@xxxxxxxxx;, lillie.coney@xxxxxxx;, v_gold@xxxxxxx;, harsha@xxxxxxx;, KathrynKL@xxxxxxx;, akuadc@xxxxxxxxxxx;, computer_security_day@xxxxxxx;, waspray@xxxxxxxxxxx;
- Subject: Clips November 19, 2002
- From: Lillie Coney <lillie.coney@xxxxxxx>
- Date: Tue, 19 Nov 2002 09:16:07 -0500
Clips November 19, 2002
ARTICLES
White House to unveil first homeland security tech blueprint
'Harry Potter' Film Appears Online
Congress Close to Approving Webcast Royalties Measure
Watchdog Urges Bush to Kill Pentagon Data-Mine Plan
Judge rules cops' hacker went too far
Hackers drop spyware into popular tool
Court Reverses E-Mail Suppression
***************************
Government Executive
White House to unveil first homeland security tech blueprint
By Shane Harris
sharris@xxxxxxxxxxx
November 14, 2002
The White House Office of Homeland Security will soon release the first in
a series of conceptual plans for how information technology systems should
fit together in the new Homeland Security Department, according to a White
House official.
Lee Holcomb, the office's director of "infostructure," said Wednesday that
in the next 90 days the administration would unveil an enterprise
architecture plan for Homeland Security agencies with border control
responsibilities. An enterprise architecture is a blueprint that shows how
disparate technology devices should work together to serve an
organization's overall mission.
Holcomb didn't elaborate on what the new plan would entail, but he said it
was one of four designs that officials are working on now to help set up
the new department. The other three cover components of the department's
mission, including intelligence and warning, weapons of mass destruction
countermeasures and coordination of "first responders," such as fire and
emergency workers.
Holcomb said the border security architecture would be a guide for making
decisions on how to invest funds for the backbone technologies of the new
department. A team of chief information officers from the 22 agencies
slated to move into the Homeland Security Department is currently reviewing
several technology projects in the merging agencies to decide whether to
terminate them or combine them with other programs. That group will use the
architecture to inform their decision-making, Holcomb said.
In addition to the component architectures, administration officials are
building a "technical reference model" that Holcomb said is intended to
identify IT standards for the agencies. The model would note what brands of
particular products agencies use. White House officials have said that if,
for example, the majority of agencies use a particular company's e-mail
product, that product would become the e-mail standard for the department.
The reference model cuts across a variety of business areas, including
human resources and financial management.
Holcomb said that the administration is in negotiations with some companies
to secure departmentwide licensing agreements. He wouldn't reveal which
companies they are, but he did say that officials are looking for the best
deal they can get in all cases.
Holcomb added that some agencies' technology projects have been "paused"
pending the establishment of the Homeland Security Department. He declined
to name the projects.
*******************************
Associated Press
'Harry Potter' Film Appears Online
By GARY GENTILE, AP Business Writer
LOS ANGELES (AP) - Illegal copies of "Harry Potter (news - web sites) and
the Chamber of Secrets" have already begun appearing on the Internet, days
before the film is scheduled to hit theaters.
Warner Bros., the studio that produced and distributes the movie, confirmed
Wednesday that pirated copies of the movie have popped up on Internet sites
that regularly offer illegal copies of first-run films.
"The illegal copying and distribution of movies is theft," the studio said
in a statement issued late Tuesday. "Warner Bros. takes the threat of
Internet piracy very seriously and employs all legal means to contain the
unauthorized copying and distribution of our films on the Internet."
Pirated copies of films, often grainy, jumpy versions taped using a
handheld camera at a pre-premiere screening, regularly show up on the
Internet before a movie hits theaters.
"As long as they are showing premiers and as long as post-production have
access to the film, it's very hard to prevent this from happening," said
Andrew Frank, vice president for media and entertainment at Divine Inc., an
Internet software and services firm.
That may be the case with "Harry Potter and the Chamber of Secrets," which
was shown to the public in a special "sneak preview" screening last weekend
in New York and in London earlier this month. The movie opens nationally on
Friday.
The early, inferior copies often are soon replaced by better versions that
pirates make by bribing a theater projectionist and mounting a camera on a
tripod in a projection booth.
Other high-quality versions, called "screeners," are sneaked from
post-production houses, where final production work is regularly done on
prints of films destined for theaters.
Movie studios are aggressively fighting piracy on several fronts. The
industry has sued file sharing networks for allowing the swapping of
copyrighted material over the Internet. The industry also has been trying
to hold Internet service providers responsible for illegal activity over
their networks.
The anti-piracy division of the Motion Picture Association of America uses
software that sweeps the Internet, looking for key movie titles on pirate
sites.
*****************************
Los Angeles Times
Congress Close to Approving Webcast Royalties Measure
The bill passed by the Senate would suspend fees online broadcasters must
pay to record labels and artists.
By Jon Healey
Times Staff Writer
November 15 2002
Hoping to rescue small Internet radio stations, Congress was close to
approving a last-minute compromise late Thursday night that would
temporarily suspend the royalty fees many Webcasters must pay to record
labels and artists.
The main question was whether the House would pass the revised version of
H.R. 5469 before it adjourned for the year. The compromise, which has broad
support from broadcasters, labels and artists, passed the Senate
unanimously Thursday.
The new Webcasting bill does not solve most of the problems faced by
Internet radio stations, and many proponents of the compromise urged
Congress to try again next year to overhaul the way royalties are set. But
if passed, the measure would clear the way for small Webcasters to obtain
discounted rates that better reflect their ability to pay, rather than
simply the volume of music they play.
The latest version of H.R. 5469 was the third attempt by lawmakers to
preserve at least some of the free-wheeling nature and diversity of
Internet radio, much of which is provided by small businesses, community
and college broadcasters and hobbyists. Many of those Webcasters complained
that they would be driven out of business if they had to pay the royalty
rates set by the Librarian of Congress in July.
Those rates -- .07 cent per song per listener for commercial stations, .02
cent per song for noncommercial ones -- were based on a deal that Yahoo
Inc., one of the Internet's largest broadcasters, negotiated with the
Recording Industry Assn. of America. The Librarian ordered Webcasters to
pay four years' worth of back royalties Oct. 20, prompting many stations to
run to Congress for relief.
The House unanimously passed a version of H.R. 5469 in October that would
have let qualified small Webcasters pay royalties of either 8% to 12% of
their revenues or 5% to 7% of their expenses, whichever was greater.
But the quick passage in the House belied the growing opposition to the
bill among an array of over-the-air broadcasters and Webcasters, who argued
that the rates were unacceptably high. They also feared that the measure
would set a dangerous precedent, helping record labels and even songwriters
win higher royalties from broadcasters in 2003.
Responding to these complaints, Sen. Jesse A. Helms (R-N.C.) stopped the
Senate from taking up the House bill last month. On Thursday, Helms and
Senate Judiciary Committee Chairman Patrick Leahy (D-Vt.) offered a
compromise version that the RIAA had negotiated with a trade association of
religious broadcasters.
Instead of enacting specific fees for small Webcasters, the Helms-Leahy
version gives SoundExchange -- the royalty-collecting arm of the RIAA --
the right to negotiate retroactive discounts with small Webcasting
businesses and noncommercial stations. Any deals with commercial Webcasters
must be based on a percentage of their revenues, their expenses, or both.
The bill also suspends royalties for noncommercial, community and college
Webcasters until June 20, giving them time to negotiate a deal with
SoundExchange. And it would let Sound- Exchange delay royalties for small
commercial Webcasters until Dec. 15 so that they can finalize their own
discounts.
The bill includes a provision calling for 50% of the royalties to be paid
directly to artists, as well as a more controversial section allowing
SoundExchange to deduct certain administrative costs before paying
royalties to labels and artists.
Mike Roe of Radioio, a small Internet station involved in the earlier deal
with the RIAA, praised the bill but said it was just the first step needed
to help Webcasters. "Sure, we would love to see a better rate," Roe said,
"but that's certainly a manageable rate."
*****************************
Reuters
Watchdog Urges Bush to Kill Pentagon Data-Mine Plan
WASHINGTON (Reuters) - The Pentagon (news - web sites) should end research
aimed at sifting through everything from credit card transactions to travel
records for tip-offs to terrorist plots, the American Civil Liberties Union
(news - web sites) told President Bush (news - web sites) on Thursday.
"If the Pentagon has its way, every American -- from the Nebraskan farmer
to the Wall Street banker -- will find themselves under the accusatory
cyber-state of an all-powerful national security apparatus," said Laura
Murphy, director of the Washington national office.
The Pentagon program would create an infrastructure for what the government
hopes will become the most extensive electronic surveillance in history,
the watchdog group said.
The Defense Advanced Research Projects Agency, the Pentagon's cradle of
emerging technologies, began awarding contracts this month for development
of a prototype "Total Information Awareness" system -- a kind of vast
global electronic dragnet.
The system would use statistical techniques known as data mining to look
for threatening patterns among everyday transactions, the director of the
effort, John Poindexter, a former national security advisor, has said.
The civil liberties group said it would link commercial and governmental
databases in the United States and overseas, presumably including
everything from student report cards to mental-health histories.
If Bush refuses to kill the project now, said Katie Corrigan, an ACLU
legislative counsel, "Congress should step in quickly and pull the plug on
this dangerous idea."
Poindexter, a retired Navy admiral, has argued that the government needs to
"break down the stovepipes" separating commercial and government data
bases. Poindexter was convicted on five counts of deceiving Congress in the
Iran-Contra scandal but his conviction was set aside on the grounds that
his immunized congressional testimony had been used against him.
"We must become much more efficient and more clever in the ways we find new
sources of data, mine information from the new and the old, generate
information, make it available for analysis, convert it to knowledge, and
create actionable options," he said in an Aug. 21 speech to a technology
conference in Anaheim, California.
In the first related contract, Booz Allen Hamilton Inc. of Falls Church,
Virginia, has been awarded $1.5 million worth of work on a planned $62.9
million contract, the Army said last week. Work under the contract is
expected to be wrapped up by Nov. 7, 2007, the Army said.
Philip Zelikow, a member of the President's Foreign Intelligence Advisory
Board who is executive director of a Markle Foundation task force on
national security in the information age, said the government's immediate
challenge was to make better use of the mountains of data already in its
hands or publicly available.
"Data mining, like any other government data analysis, should occur where
there is a focused and demonstrable need to know, balanced against the
dangers to civil liberties," he said. "It should be purposeful and
responsible."
*****************************
News.com
Judge rules cops' hacker went too far
By Lisa M. Bowman
Staff Writer, CNET News.com
November 14, 2002, 8:34 PM PT
A federal judge has ruled that law enforcement officials went too far when
they tried to use evidence gathered by a known hacker to convict someone of
possessing child pornography.
The decision, handed down earlier this month, is believed to be the first
to say that hacking into an Internet-connected home PC without a warrant
violates the Fourth Amendment, which prohibits unreasonable searches and
seizures.
"This makes it clear that law enforcement needs a search warrant to do
this," said Orin Kerr, an associate professor at George Washington
University Law School. Kerr said the ruling was the first of its kind.
The Virginia judge suppressed evidence of child porn possession after the
defendant's lawyers argued the evidence had been illegally obtained by a
hacker whose methods had received approval from law enforcement officials.
The decision came out of a case in which a hacker uploaded a file to a
child porn newsgroup that made it possible to track who downloaded files
from the service. The uploaded file contained the SubSeven virus, which the
hacker used to remotely search people's computers for porn.
The hacker then played the role of a cybervigilante, sending anonymous tips
to law enforcement officials alerting them to child porn files the hacker
had found on people's PCs.
In one case, the hacker tipped off officials in Alabama about a doctor in
that state who had downloaded files from the newsgroup. The doctor was
eventually sentenced to 17 years in prison. The hacker later contacted the
same officials about a Virginia man who the hacker suspected was involved
with child porn.
The Alabama officials told the FBI of the hacker's suspicions. The bureau,
through the Alabama officials, encouraged the hacker to send more
information. Based on that further data, U.S. attorneys and state
prosecutors filed numerous charges against the Virginia man, William
Adderson Jarrett, related to creating and receiving child porn.
Jarrett pleaded guilty. However, his attorneys also argued that the FBI had
violated Jarrett's Fourth Amendment rights when they retrieved the
information, via the hacker, without a warrant.
The judge agreed with that assertion, ruling that the evidence could not be
used in court because the FBI had approved of hacking as a means of
obtaining it, a move that violates protections against unreasonable search
and seizure.
"By requesting that (the hacker) send the information," the judge's ruling
said, "the FBI indicated its approval of whatever methods (the hacker) had
used to obtain the information."
The decision put Jarrett's guilty plea on hold.
Although U.S. prosecutors are likely to appeal the ruling, the case could
be a cautionary tale for agencies that try to use hackers as an arm of law
enforcement without first obtaining a warrant.
The ruling also could open the door for other defendants to use similar
arguments in their cases.
*******************************
News.com
Hackers drop spyware into popular tool
By Robert Lemos
Staff Writer, CNET News.com
November 14, 2002, 5:27 PM PT
The main Web site for downloading a popular open-source network-monitoring
tool remained off-line Thursday following a revelation that rogue hackers
had implanted spyware in the latest version of the software.
Copies of tcpdump, a utility for monitoring data traffic on a network, and
its library of code, called libpcap, had both been corrupted on the site,
said Michael Richardson, Webmaster for the site and a member of the
open-source project that maintains the tools.
"The server has been taken down until we can be sure we have found the
problem," Richardson said in a phone interview Thursday.
However, other sites had already downloaded the software from the main
server and hosted the files on their own computers, a practice known as
mirroring. It's unknown how many of these other sites have corrupted copies
of the code, Richardson said, although some have already confirmed that
they have found the Trojan horse.
Tcpdump is a utility used by Unix, Linux and BSD system administrators to
monitor--or "sniff"--the data that passes over the network. Libpcap is a
code library that helps programmers write programs to tap into network data
on many different platforms.
The spyware component of the tainted software--called "conftes.c"--enables
the hackers to send and execute any command on computers that contain the
modified utility.
The attack bears some hallmarks of a group of hackers that struck two other
open-source projects, Sendmail and OpenSSH, in October. Specifically, the
Trojan horse has commands that can be triggered by using the letters a, d
and m--the name of a major underground hacking group. Whether the actual
hackers were members of ADM, were framing the group, or were just using the
group's tools is unknown.
The hackers apparently broke into the server during the weekend from a
computer in Finland and replaced the code with a corrupted version. The
infected software remained available for more than two days because,
Richardson said, he had been away from the main server, located in Canada,
and the people who found the problem--members of the Houston Linux Users
Group--didn't notify him.
"It would have been nice to have a little bit more warning," Richardson
said. "No one contacted me from that group."
Matt Solnik, president of the Houston Linux Users Group, said the group
contacted one of the other members of the tcpdump project less than an hour
after realizing the software had been compromised. Another HLUG member,
Russell Adams, had been installing Snort, an open-source intrusion
detection system that uses the libpcap library, when a test that matches
the software package with a unique fingerprint failed. The fingerprints,
known more formally as digital signatures, are used as a security measure
to make sure the software can't be surreptitiously changed.
"He found some interesting code and we looked over it and found that it was
a Trojan," Solnik said.
By Tuesday night, HLUG had extracted the Trojan horse and had started
notifying tcpdump's maintainers, said Solnik.
Richardson expects to start analyzing the server Thursday. He couldn't say
when the project's server would again be available. More information is
available in an advisory released by Carnegie Mellon University's Computer
Emergency Response Team (CERT) Coordination Center.
However, other sites had already downloaded the software from the main
server and hosted the files on their own computers, a practice known as
mirroring. It's unknown how many of these other sites have corrupted copies
of the code, Richardson said, although some have already confirmed that
they have found the Trojan horse.
Tcpdump is a utility used by Unix, Linux and BSD system administrators to
monitor--or "sniff"--the data that passes over the network. Libpcap is a
code library that helps programmers write programs to tap into network data
on many different platforms.
The spyware component of the tainted software--called "conftes.c"--enables
the hackers to send and execute any command on computers that contain the
modified utility.
The attack bears some hallmarks of a group of hackers that struck two other
open-source projects, Sendmail and OpenSSH, in October. Specifically, the
Trojan horse has commands that can be triggered by using the letters a, d
and m--the name of a major underground hacking group. Whether the actual
hackers were members of ADM, were framing the group, or were just using the
group's tools is unknown.
The hackers apparently broke into the server during the weekend from a
computer in Finland and replaced the code with a corrupted version. The
infected software remained available for more than two days because,
Richardson said, he had been away from the main server, located in Canada,
and the people who found the problem--members of the Houston Linux Users
Group--didn't notify him.
"It would have been nice to have a little bit more warning," Richardson
said. "No one contacted me from that group."
Matt Solnik, president of the Houston Linux Users Group, said the group
contacted one of the other members of the tcpdump project less than an hour
after realizing the software had been compromised. Another HLUG member,
Russell Adams, had been installing Snort, an open-source intrusion
detection system that uses the libpcap library, when a test that matches
the software package with a unique fingerprint failed. The fingerprints,
known more formally as digital signatures, are used as a security measure
to make sure the software can't be surreptitiously changed.
"He found some interesting code and we looked over it and found that it was
a Trojan," Solnik said.
By Tuesday night, HLUG had extracted the Trojan horse and had started
notifying tcpdump's maintainers, said Solnik.
Richardson expects to start analyzing the server Thursday. He couldn't say
when the project's server would again be available. More information is
available in an advisory released by Carnegie Mellon University's Computer
Emergency Response Team (CERT) Coordination Center.
****************************
Associated Press
Court Reverses E-Mail Suppression
MINNEAPOLIS (AP) - The 8th U.S. Circuit Court of Appeals (news - web
sites), reversing a federal judge's decision, ruled Monday that police do
not need to be present to collect evidence from an Internet service provider.
A three-judge panel of the appeals court in St. Louis said the district
court erred in suppressing e-mails collected by Yahoo! Inc. on a warrant
obtained last year by St. Paul, Minn. police while investigating Dale
Robert Bach, a Minneapolis man who was charged with inducing a minor to
engage in sexually explicit conduct.
Yahoo technicians in California provided the evidence after St. Paul police
faxed the search warrant they obtained, which permitted the retrieval of
e-mails between Bach and possible victims. Bach was indicted in August 2001.
The district court in Minnesota ruled the gathering of the e-mail evidence
violated Bach's Fourth Amendment protection against unreasonable searches
because it was executed outside the presence of a police officer.
In reversing the district court ruling, the appellate judges noted the
"reasonableness standard" governing the Fourth Amendment "should not be
read to mandate rigid rules that ignore countervailing law enforcement
interests."
The presence of police is one of several factors that can help determine
when a search is reasonable. Other factors include the scope of the
warrant, behavior of officers and type of evidence being sought, the
appellate judges wrote.
In Bach's case, the panel wrote that the presence of a law officer wouldn't
have helped the search, as the technical expertise of Yahoo's technicians
is greater than that of police officers. St. Paul police also complied with
the Electronic Communications Privacy Act in executing the warrant, the
judges said.
"All of these factors weigh in favor of the government and we therefore
find that the search was constitutional under the Fourth Amendment's
reasonableness standard," the appellate judges wrote.
***************************
Federal Computer Week
E-Gov Act on its way to president
BY William Matthews
Nov. 18, 2002
Acting with almost Internet speed, the Senate passed the Electronic
Government Act late on Nov. 15, just hours after the House approved the
measure. All that's needed now is the president's signature and $45 million
will be available for e-government projects during the current fiscal year.
The act, sponsored by Sen. Joe Lieberman (D-Conn.) is intended to push
federal agencies to make wider use of the Internet to provide information
and services to citizens.
For instance, the legislation would require regulatory agencies to conduct
rule-making on the Internet by publishing proposed rules on their Web sites
and accepting comments from the public via e-mail.
Agencies also would be required to post on their Web sites all of the
information they now are required to publish in the Federal Register.
Federal courts also would have to provide more information to citizens over
the Internet. The bill requires them to post rulings on cases and other
information on their Web sites.
A key aim of the bill is to improve the federal Internet portal, FirstGov,
to make it easier for users to find the information and services they are
seeking. As one step, the bill calls for creating a directory of all
government Web sites. Rather than simply a list, the directory is to be
built on a detailed taxonomy that enables users to search for information
based on subject rather than on the agency that possess it, a Senate
staffer explained.
The E-Government Act of 2002 also would strengthen protections on privacy
to prevent inappropriate disclosure of personally identifiable information
that is maintained by federal agencies.
Lieberman said the intent of his legislation is to get the federal
government to take "full advantage of the Internet and other information
technologies to maximize efficiency and provide the public with seamless,
secure online information and services."
The bill also calls for better recruiting and training for federal
information technology professionals.
These and other e-government efforts would be managed by a new Office of
Electronic Government that is to be established within the Office of
Management and Budget. The new office would be headed by an administrator
who would be appointed by the president and would report to the OMB
director and deputy director.
That, essentially, is the setup that exists today with Mark Forman, who is
associate OMB director for information technology and e-government.
Including the $45 million for 2003, the administrator would have a $345
million over five years to spend on projects that promote electronic
government. Forman received $5 million for that purpose in 2002.
*****************************
Wired News
A Vote for Less Tech at the Polls
In the national debate over upgrading election infrastructure, Peter
Neumann is an unlikely defender of the low-tech approach.
As principle scientist at Stanford Research Institute's Computer Science
Laboratory < http://www.csl.sri.com/index.htm>, Neumann has spent the last
20 years studying how intrusion detection systems, cryptography and
advanced software engineering can improve the reliability and security of
computer systems.
But get him talking about how to run an election, and Neumann becomes an
outspoken advocate of the paper ballot. He's also a sharp critic of
computerized touch-screen voting machines.
"Some of them have lovely human interfaces, but if there's no assurance
your vote goes through, it's irrelevant," said Neumann, who is concerned
that in the fervor to embrace new voting technology, many jurisdictions
will compromise the integrity of the election process.
Two weeks after the most highly computerized federal election in U.S.
history, a number of computer scientists continue to raise concerns over
security risks created by the widespread adoption of touch-screen voting
systems.
Despite reports of smooth performance on Election Day from the major voting
machine manufacturers, many experts remain concerned about fixing potential
bugs before states spend billions more on touch-screen systems to automate
the election process.
While paper ballots, punch cards and lever machines have their problems, a
worry among some computer scientists is that the risks presented by
touch-screen systems are more insidious because they are harder to detect.
Critics of so-called direct recording electronic, or DRE, voting machines,
most of which employ touch screens, are particularly concerned about the
lack of a paper trail. Although the most widely used DRE machines can at
day's end print out at a record of ballots cast, detractors say this is
insufficient.
Because of the potential for memory glitches or even possible tampering,
critics such as Neumann advocate printing a paper record that voters can
examine immediately after casting their votes.
A second concern is the voting machine companies' proprietary control over
the software that runs on their systems. Although companies are required to
allow election authorities to inspect their software, the code is not open
source and therefore not open to public inspection.
"It would probably be better if the software were open-source code and
anyone could check for its integrity," said Stephen Ansolabahere,
co-director of the Caltech-MIT Voting Technology Project. Another concern
-- albeit purely speculative -- is that software running on individual
machines could differ from the code provided by the company.
Voters raised a number of red flags this month, Ansolabahere said, when
they claimed that when they pushed the onscreen icon for one candidate's
name, they saw another candidate's name as their pick.
"That might be a signal that there are bugs in some of the software
programs, but there's no way to check," he said.
But Todd Urosevich, vice president of election product sales for Election
Systems & Software, a maker of DRE machines, said opening up the software
for all to view poses significant security risks. It might make it easier
for unscrupulous types to manipulate code to influence election results.
As for suggestions that voting machine companies provide paper receipts of
votes to voters, Urosevich said his company has not been requested to
provide this, although it does run a printout at the end of the election.
Election Systems & Software is not opposed to printing out individual
ballots, Urosevich said, but the company does have some concerns about the
practice. In particular, it raises the question of which record is the
official election result: the paper printouts or the data stored in the
voting machine? If the two sources provide different results, this would
create complications in contested races.
But Rebecca Mercuri, a voting technology expert and computer science
professor at Bryn Mawr College, said paper backups are necessary because of
computers' propensity to malfunction. This propensity is all the more
likely for voting machines, she said, because they are used infrequently
and by members of the general public.
"A computer is not intended to be sitting around some dank warehouse not
being used except two or three times a year," she said.
Ansolabahere said researchers at the Caltech/MIT Voting Project are still
reviewing results from this month's election to determine the relative
performance of various voting technologies. Early reviews indicate that the
voting process went more smoothly than in the previous congressional
election in 1998, he added.
But election observers at VoteWatch, a site set up to collect reports of
election irregularities, saw plenty to complain about in this month's
election. Findings published on Friday included a long list of computer
glitches that may have affected the outcome of races in several states.
Moreover, a study published by Caltech and MIT researchers last year
criticized the accuracy of DRE machines. The study found that 3 percent of
ballots submitted through DRE machines could not be counted in the 2000
presidential race. Mechanical lever machines, hand-counted paper ballots
and optically scanned paper ballots performed better. Only punch card
machines performed worse.
Such data didn't prevent counties from buying touch-screen systems in
droves. Officials at Sequoia Voting Systems, one of the largest providers
of touch-screen machines, estimated that 22.3 million registered voters
used DRE systems in the Nov. 5 election. Sequoia expects that number to
rise dramatically by 2004.
Neumann says counties should hold off on spending more on touch-screen
voting systems until election officials have better means to ensure that
votes are both anonymous and accurately counted.
"In the absence of any significant audit trails, you have no knowledge
whatsoever as to what goes on inside the systems," he said. "In the
pandemonium to get rid of punch cards, it's in effect created a worse problem."
Lillie Coney
Public Policy Coordinator
U.S. Association for Computing Machinery
Suite 510
2120 L Street, NW
Washington, D.C. 20037
202-478-6124
lillie.coney@xxxxxxx