New E-voting Blog

On October 31, 2004, in Policy, by Peter Harsha

Computer Scientists David Dill, Ed Felten, Joe Hall, Avi Rubin, Barbara Simons, Adam Stubblefield, and Dan Wallach have joined forces at to post news and commentary on e-voting issues (just in time for election day). The site has only been up a day or two and already has some good commentary on reports of voting problems in Texas, as well as a bunch of handy links.
If chaos does ensue on Tuesday (and even if it doesn’t), the site looks like it will be a great place to check in and get the scoop with a technical perspective.


According to this piece in Federal Computer Week, the National Security Agency plans to create a government-funded research center devoted to “improving the security of commercial software.” The effort would include researchers at NSA and NIST, and researchers funded by DARPA, and the Department of Homeland Security.
From the article:

The quality and trustworthiness of commercial software has become a matter of increasing concern to NSA officials, who are responsible for the security of Defense Department and intelligence software. NSA officials anticipate that many companies on whose software DOD and intelligence users rely will be moving significant portions of their commercial software development overseas within a few years.
NSA officials cannot force companies to develop software a certain way, Wolf said, “but we would like to get them to a point where they are producing commercial products that meet the needs of our users.” About 95 percent of the agency’s desktop PCs run Microsoft’s Windows operating system, Wolf said.

Read the whole thing here.


CRA and USACM Urge Congress to Support NIST Labs

On October 29, 2004, in Funding, by Peter Harsha

CRA and ACM’s U.S. Public Policy Office today urged members of the House and Senate to adopt Senate approved funding levels for NIST Labs as part of the expected negotiation over omnibus appropriations legislation for FY 2005. As we’ve covered previously, NIST finds itself in dire funding straits as a result of decisions made by appropriators to cut $22 million in funding for the Labs in last year’s funding bill.
Both the House and Senate appropriations committees have completed work on their respective bills, with the Senate bill coming closer to addressing the funding shortfall. The Senate bill would funnel more funding to the NIST Labs than the House version, adding $43 million to the FY 2004 number for a total of $384 million for FY 2005. In contrast, the House version would provide $375 million for FY 2005. Both versions are still well short of the Administration’s request of $423 million.
CRA and USACM joined in writing to members of the House and Senate expected to be involved in the negotiations over the FY 05 Omnibus:

October 29, 2004
Dear Conferee:
As representatives of two leading computing societies representing more than two hundred computing research institutions and over 85,000 computing professionals, we write to express our immense concern over the current funding level for the National Institute of Standards and Technology (NIST) Laboratory Program, and to urge you to support the program at the more appropriate level approved by the Senate in the Commerce, State, Justice and Judiciary Appropriations bill or higher.
The NIST Labs have played an important role in the continuing progress of computing research that has, in turn, enabled the “new” economy. Advances in information technology have driven significant improvements in product design, development, and distribution for American industry, provided instant communications for people worldwide, and led new scientific disciplines like bioinformatics and nanotechnology that show great promise in improving a wide range of health and communications technologies.
Within NIST’s Labs, the Computer Security Division (CSD) has played a crucial role in computer security by conducting research on security issues concerning emerging technologies, by promoting security assessment techniques, by providing security management guidance, and by generating greater awareness of the need for security. In particular, the CSD has demonstrated its ability to meld science and technology with commerce by working with industry and the cryptographic community to develop an Advanced Encryption Standard (AES). The CSD’s work on AES and its numerous other contributions have assisted the U.S. government, information technology industry, research enterprise, and the overall security of the Internet.
Current work underway at the NIST labs will have profound effects on the nation’s cybersecurity, as many Federal agencies rely on NIST’s expertise and recommendations. Other areas where NIST’s work is crucial to the nation include electronic voting technologies and standards, as well as research into semiconductor manufacturing and nanotechnology that hold the promise for significant advancements in computing.
Unfortunately, this work and NIST’s efforts to recruit talented researchers are in jeopardy as a result of the inadequate funding levels enacted as part of the FY 2004 appropriations process. To avoid jeopardizing NIST’s ability to produce materials trusted by the community, impairing its ability to conduct research, and detracting from some of its vital standards-oriented work, we urge you to make this funding a priority for FY 2005.
As a neutral third party, NIST provides an invaluable setting for industry, academia, and government to work together on crucial technical issues. As a result, NIST and its work have tremendous credibility. The underfunding of NIST will adversely affect this credibility as well as NIST’s ability to function, and will have serious long-term consequences.
The Computing Research Association (CRA) and the U.S. Public Policy Committee of the Association for Computing Machinery (USACM) stand ready to assist you as you address this important issue. We appreciate your continued support for research and development funding and would be pleased to answer any questions you or your staff might have.
James D. Foley, CRA Chair
Eugene Spafford, USACM Chair

Previous CRA/USACM joint letter here.