US Election Assistance Commission - Voluntary Voting System Guidelines Vote
EAC Home
Introduction
View Guidelines
View Comments
Glossary

View Comments

Section CommentsGeneral CommentsGlossary Comments
 
Name :   Ron Crane
Organization :   N/A
Post Date :   9/30/2005

Section Comments
Section :  .20.7
Page no. :  
Line no.:  
Comment :  13a. The Guidelines' configuration management (code management) requirements are toothless, thus giving rise to significant security holes.

While Vol. II, §7 requires the test lab to audit the vendor's configuration management program for effectiveness, nothing prevents an unscrupulous vendor from bypassing the ostensible procedure once the testers leave the premises.