letter addressed this week to the NC State Board of Elections (SBOE) from electronic voting machine experts and fair voting advocates charges that in its certification of new machinery for NC elections -- the vote on August 23rd when new SBOE Chair Damon Circosta voted with the Republicans -- the SBOE violated North Carolina law. "The law requires a security review of the source code of all voting systems before they are certified for use in the state." According to the experts, no security review of source code was conducted. According to Carolina Public Press,
The experts in question, including Duncan Buell, a professor of computer science at the University of South Carolina, reviewed testing documentation from the state and from the federal government.“You read all of that, and it’s clear,” Buell said. “There was no source code review conducted. That would certainly seem to suggest that things are not in accordance with North Carolina law.”
Just last week, on September 5, SBOE member Stella Anderson got Circosta to vote with her to demand that SBOE staff produce any documentation of source code review. The SBOE next meets on October 1, and Carolina Public Press reports that SBOE staff is striving to supply the information requested in Anderson's September 5 motion. That's "too long to wait," claimed the computer experts who wrote the most recent letter:The law details an extensive list of components to be reviewed, including “application vulnerability, application code, wireless security, security policy and processes … security organization and governance, and operational effectiveness.”
In order for counties to buy the new equipment, each county’s board of elections needs to attend a demonstration of the voting systems, recommend one to their county commissioners for purchase, test that system in the October or November elections, then purchase and deploy them by the March 2020 primaries.
Counties are moving quickly to enter into multimillion-dollar contracts to purchase this equipment.
“What the state board is doing is irresponsible in letting these counties proceed as if they are going to go to contract and not letting them know that there is a serious black cloud over the certification,” [Marilyn] Marks [Coalition for Good Government] said.