ES&S is already involved in a lawsuit
for providing uncertified software to California e-voting machines, but things keep getting worse for the company. Beyond all the other problems it's had with buggy machines and a defiant attitude towards anyone who questions the company, California has finally produced the independent security team review of the ES&S machines used in California and it's not pretty
. You may recall that all of the other e-voting machines were reviewed by independent researchers four months ago
. ES&S, however, wasn't included in that review because the company stubbornly refused to hand over its source code until well after the deadline
, meaning that the review had to wait. However, the results are pretty similar to the other machines. The machine was clearly not built with security in mind, as both the software and the physical security were found to be lacking and easily violated in ways that would not leave much of a trace. At this point, none of this should be even remotely surprising. What still is
surprising is why none of these firms will even admit that their approaches to date have fallen well short of what was necessary -- while committing to building new machines that actually have real security and accountability built in.