US Election Assistance Commission - Voluntary Voting System Guidelines Vote
EAC Home
Introduction
View Guidelines
View Comments
Glossary

View Comments

Section CommentsGeneral CommentsGlossary Comments
 
Name :   Stanley A. Klein
Organization :   N/A
Post Date :   9/30/2005

Section Comments
Section :  6.4.3
Page no. :  
Line no.:  
Comment :  Focus on Secure Distribution and Setup Validation Based on False Premises
A significant portion of the newly added security provisions consist of a set of requirements for
secure voting software distribution and setup validation (Volume I Section 6.4.3). These
provisions, properly implemented and tested, can provide elements of a defense in depth.
However, they can not be relied upon as a significant focus of security protection. The
significant focus of the VVSG in this area is based on the false presumptions (1) that the
software prepared by the vendor is secure, (2) that a setup validation could not be bypassed or
defeated, (3) that vendor and election administration personnel can be trusted, and (4) that
malicious software used in attacking a voting machine must reside primarily on the voting
machine.