+ Slide 26
Voting system integrity is a matter of national security
Why do we ignore the Common Criteria?
a widely accepted standard for information security
Voting systems are accounting systems
Votes should be counted as carefully as dollars
Elections should be subject to audit
Mechanical voting machines are not auditable!
Neither are direct recording electronic machines!
Voting systems should not be based on trust
We must assume all participants are partisan
suppliers of voting system components
"Industry standard components" are not inspected!
Microsoft Windows is exempt
Disk drive firmware is exempt
Modem firmware is exempt
Testing is incomplete!
Only black-box testing plus code inspection
No feedback from code inspectors to testers
No provision to re-open testing after trouble reported