Did I mention this is done entirely outside public view?
To make things even more interesting, sometimes a lot of voting software is changed all at once with distribution of a brand new version with many new features, while other times, just a few software modules are updated (often called a "patch"). Patches occur especially frequently to poorly-written software; just ask any PC user who pays attention to the pitter-patter of incoming Microsoft security updates. The level of scrutiny that a patch receives is even less than the ordinary lax standard applied to voting software. That there were last-minute patches to voting software in Georgia and Minnesota immediately before the elections of 2002 is indisputable. That may have had nothing at all to do with the surprising outcomes of two US Senate races a few days later... but we can never know for sure.
Pre-election slumber party Sure, just one vendor insider with access to just one of the master copies of one of the software version or patch distributions can compromise thousands of devices long, before the equipment ever reaches the voter. But you'll be comforted even further to know that even after the devices are readied for an upcoming election, local election officials have a surprising degree of cozy hands-on access to voting equipment. In fact, all over the country -most notoriously in California Congressional District 50 this year - voting machines are commonly brought home by poll workers for "storage" prior to the election. Voting equipment vendors allege that their equipment has tamper-proof seals, while in reality, it takes only minutes using household tools to gain sufficient access to voting equipment to permanently and in practice undetectably alter the software (see http://www.bbvforums.org/forums/messages/1954/36510.html?1158778859 ).
An apology on behalf of the information technology profession Here's the truth, and the truth hurts: my profession has enabled the development and deployment of voting systems which are obviously and patently unfit for use.
In fact, the whole system of computerized voting in America is so far removed from standard best practices for information technology that I can only conclude that - far from being the product of accidental defects or stupid sloppiness - the vast array of security vulnerabilities found in every type of electronic voting equipment that has ever been independently examined can quite plausibly be seen as deliberate features introduced to subvert the voting process itself.
And so I can only say: I apologize on behalf of my profession, to the American people. You have been so ill-served by those of us who bear the unique responsibility of ensuring that the computer systems upon which our civilization is now almost totally dependent operate in the public interest.
But even knowing what we do know, many of my IT colleagues continue to try to salvage some application of computer technology to voting. To them I say - just look at what we have done in the name of automation. We led the public into this predicament and we owe it to them to help lead the way out. We have an ethical duty to honestly advise the public when most appropriate choice is not to use computers.
Pull the plug! So let it be computer professionals who finally help he public to pull the plug on electronic voting.
The most urgent ethical duty facing the American information technology profession is for once to see past our technocentric arrogance and acknowledge that from a whole-systems perspective, computerized voting is surely one of the great blunders in the history of technology. Let us lend our full support to replacing computers as quickly as possible with the worst way of tallying votes - except, of course, for all the others: citizen-run elections using the most appropriate and secure vote tallying technology of all, hand counted paper ballots. While it may take a while to get there, let's start now. This is the least we can do to be worthy of all those who laid down their lives to win and defense our right to vote, the foundation of our freedom.
Don't throw good money after bad: ban computer technology in voting. Put ballots back on paper for everyone, using the VotePAD device for the visually impaired. My profession has talented user interface designers who can craft a paper ballot to meet the needs of the people who fill it out and count it - rather than dumbing it down to accommodate the pitiful limitations of an optical scan program, or making a paper ballot look like a 19th century newspaper to skimp on printing costs. Get serious about security for early and absentee ballots; treat them at least as well as if they were bearer bonds; their true value is, of course, priceless.
Let citizens take control of the election process to cast paper ballots by hand, and count them on election night in the polling place, in public. In the final analysis, we ourselves are the only people we can trust - or should ever trust - to safeguard the Republic.
We, the people, have the inalienable right to run our own elections. Pull the plug.
Bruce O'Dell is a self-employed information technology consultant with more than twenty five years experience who applies his broad technical expertise to his work as an election integrity activist.
His current consulting practice centers on e-Commerce security and the performance and design of very large-scale computer systems for Fortune 100 clients. He recently spent a year as the chief technical architect in a company-wide security project at one of the top twenty public companies in America, led a multiple client projects for compliance with new credit card data security standards, and has designed secure "virtual cash" e-commerce protocols. In 2007 he was invited to testify on computer voting security issues to the Texas and New Hampshire legislatures.
He lives just outside Minneapolis, Minnesota, and shares a love of good books with his wife - and her beautiful garden, with their talkative cat.
For the impending election though, a strategic action may thwart their attempts as thefts...
Using a camera mobile phone and a friend, record your votes and consider shutting down by force if need be any machine that refuses to record fairly your vote.
But if you have photo evidence, of a machine not doing its job surely then you would be able to call in the FBI and force the machines off there and then as a defined crime is easily shown as being committed.
Or failing that a bucket of nice cold water down the back of the machine would stop any dodgy recording. The vote MUST happen so what happens if all the machines are incapacitated?