California’s elections chief is proposing the toughest standards for voting systems in the country, so tough that they could banish ATMlike touch-screen voting machines from the state. For the first time, California is demanding the right to try hacking every voting machine with “red teams” of computer experts and to study the software inside the machines, line-by-line, for security holes. The proposals are the first step toward fulfilling a promise that Secretary of State Debra Bowen made during her 2006 election campaign to perform a “top-to-bottom” review of all voting machinery used in California. County elections officials balked at the proposed standards in a letter Monday to Bowen and hinted broadly at the same conclusion reached by several computer scientists: If enforced rigidly, the standards could send many voting machines, especially touch-screens, back for major upgrades. Local elections officials argued that there isn’t enough time to fix any deficiencies before the February 2008 presidential primary. “It will be interesting to see what happens once the problems are found out,” Dill said. “That could be tricky depending on what disruptions there might be.” One of Bowen’s proposed standards for California voting machines echoes a state law that has been in place three years and never been enforced. The law requires every electronic voting machine to offer a paper record that blind voters can verify through an audio playback. Many computer scientists say most ATMlike touch-screen voting machines sold today and used in almost three-fourths of California counties cannot meet the law nor the standard. Two other standards require voting machines to be “effectively” or “reasonably secured against untraceable vote tampering” and cruder “denial of service” attacks intended to make a machine inoperable on election day. That’s hard to guarantee for any computer, including electronic touch-screen voting machines that both record and count electronic ballots, technically called DREs for direct recording electronic machines. Rubin called those requirements “very rigid, but rigid requirements are appropriate for voting.” “The criteria are clearly designed to eliminate DRE voting in California,” said Michael Shamos, a computer science professor at Carnegie Mellon University and a voting system examiner, in an e-mail. “An army of computer scientists will come forward to testify that computer programs cannot be verified to be secure against `undetectable vote tampering’ and therefore they all will have to be decertified.” If so, California would be headed back to all paper ballot elections as governors have ordered in New Mexico and proposed in Florida. That’s partly what worries county election officials. Bowen’s proposed standards frequently mention decertification or withdrawal of state approval, if the systems don’t pass muster. “You can’t miss the gist of that,” said Weir of the local elections officials’ organization. “That’s giving public notice of a process that’s starting whose outcome could be between dire and draconian, depending if it’s your neighbor or you.” Officials at Diebold Election Systems Inc. and Oakland-based Sequoia Voting Systems, the two largest suppliers of electronic voting machines in California and the nation, said they were still evaluating the proposed standards. Bowen’s office published the proposed standards late last week and is taking comments until Friday. Weir’s group wants more time, partly to argue for a broader set of criteria to cover more mundane matters such as the reliability of all voting systems. In Contra Costa County, for example, Weir doesn’t use DREs but rather a computerized ballot-marking machine to provide accessibility for disabled voters. If traditional touchscreens or DREs don’t pass the new state standards, local elections officials are likely to look to those machines, called AutoMarks. Yet in the last major election, Weir had problems with 31 of the machines out of 340 polling places. “That’s not acceptable,” he said. “This seems to be the chosen system and it’s not ready.” firstname.lastname@example.org (510) 208-6458160Want local news?Sign up for the Localist and stay informed Something went wrong. Please try again.subscribeCongratulations! You’re all set! “When they moved that election up 119 days, I think the door closed on any significant changes to election systems for the presidential cycle in 2008,” said Steve Weir, president of the California Association of Clerks and Elections Officials and chief elections officer in Contra Costa County. Advocates for stronger security in voting machinery applauded Bowen’s standards and said it marked a refreshing change from regulating voting systems based heavily on what manufacturers were willing to sell. “Debra Bowen is holding up voting machines to the standards they deserve,” said Avi Rubin, a computer science professor at Johns Hopkins University who published one of the first technical critiques of e-voting software. “I don’t know of any other state in the country that requires red team testing of voting machines, and I’ve long maintained that this is the only reasonable way to test security.” Stanford computer science professor David Dill, the founder of VerifiedVoting.org, endorsed Bowen’s standards as “quite good.” “I think it’s much to be preferred over our current see-no-evil approach,” Dill said. In every other case of “red team” attacks on voting machines and examination of their software code, experts have found major security problems, he noted.