Throwing the baby out with the bathwater?

I am very disturbed by people's complacency toward electronic voting. But I am equally concerned by the un-nuanced rush toward hand-counted paper ballots by those opposed to electronic vote-rigging.

I think it is quite possible that, done properly, electronic voting could be more accurate and more democratic than traditional voting.

Regarding the security, the problems we see today are not caused by computers themselves. It would be quite easy to build a voting machine out of a minimal number of standard components, and run a minimal amount of software on it. The hardware and software could be checked by a geek from each candidate's party and any citizen groups who wanted to do likewise.

I can't see any reason for either the software or hardware to be complicated. Just put the machines - one model for the whole country would be best - into padlocked boxes, run the election, print out the results from each machine and tally those numbers by hand.

The plus side of this is that it eliminates old-fashioned cheating which can take place when people are carrying boxes of paper ballots around and hand-entering the counts for batches of ballots into the forms. Remember how many "clerical errors" there were in New York City during the Democratic primary?

But the really good thing about just getting simple and making an openly computerized voting system is that it would allow the easy pursuit of other, more democratic, voting systems. The two that get the most attention are instant run-off voting and range voting.

These alternative voting systems give the voter much more democratic power and reward candidates with crossover appeal. A lot of people who scream and shout about electronic voting are totally unfamiliar with alternative voting models. They don't realize the possibility that they are being duped. What if all this voting machine irregularity was part of a plan to constitutionally legislate the use of hand-counted paper ballots for the rest of time. That would suit the Dems and the Dums both just fine. Haven't you heard, they're all in cahoots anyway.

by Peter Dearman (8 articles, 15 quicklinks, 7 diaries, 113 comments) on Friday, April 25, 2008 at 1:02:31 PM
 

Electronic voting IS the way to go, if done properly

Electronic Voting Systems Don’t Have to be All Bad

We should not be avoiding electronic voting systems in favor of paper-based systems.  An electronic system, properly designed, tested and distributed, can provide a paper trail and can be delivered nationally for far less than one-third the three billion dollars that has been allocated by the Help America Vote program.  The paper trail is a by-product that looks just like a cash register receipt that lists everything the voter has selected.  The original is dropped into a ballot box, while a copy is kept by the voter.

Further, we’ll never have ‘equal protection under the law’ in our voting systems until we have a standard system of hardware and firmware used at all locations across the country.  I know that voting systems have always been the prerogative of the states and counties, but I still believe that a case can be made that an appropriate system can be provided to the states and counties by the Federal Government that would provide uniformity while still leaving the states and counties with enough control to feel that it is beneficial to all.

The system is based on the use of touch screens for voting with hardware and firmware, i.e., operating system software that is ‘burned’ into the system, so that it cannot be tampered with.  The idea is that the Federal Government would provide this part of the system, at no cost to the states. The hardware and firmware would be tested by independent laboratories before the equipment is sent to the states. 

The state and local governments would load slates of candidates, propositions, or other ballot measures, into the voting units, to meet their requirements.

The basis is the use of a low cost, hand-held voting device, about the size of a Gideon Bible, which is the same size and configuration as was delivered 30 years ago for use by the military.  The unit is battery powered and not connected to the computer system when the voter is inputting his or her votes.  To simplify this description, let’s assume we are at the point where a candidate list for a particular office appears on the screen.  The voter selects the candidate of choice by touching the screen at his or her name.  The voter gets immediate feedback by a box appearing around the selected choice. Other possibilities might be to using reverse video, becoming much brighter than the other names, or there could even be voice feedback, with the voter using a headset.  If an error has been made, the voter merely touches the correct name and the first name returns to the original condition.  Only one name is allowed to be selected, eliminating over-voting. If selection of multiple candidates is allowed, e.g. three (3), the last three selected would be considered to be the decision of the voter.

When the voter is satisfied with the vote, a NEXT button is pressed and the next page of selections comes up.  This process continues until all the categories have been processed or until the voter indicates that he or she has voted on every category he or she intends to and presses the REVIEW button.  This causes a list of all the selections to be displayed on the screen.  If a change is to be made, the voter need merely touch the selection to be corrected, makes the proper selection, presses REVIEW again, and verifies that the selections are as they were made.

The voter then presses the FINISH button, which causes the screen to go blank, and brings the unit to the registration position where there is a personal computer into which the hand-held unit is now connected and the data of the vote is transferred to the computer.  It is also retained in the hand-held terminal, so that, should a recount be required, this is one of the entities that can be checked for verification of the vote.  But this is not the only place the vote can be verified.  The computer, which will be collecting information from all the hand-held units at this polling place will also retain the data.  The cash register type strips are then printed.  The voter verifies that the printout matches what the vote was and drops the original into a sealed box where the original votes can be counted, should a recount be required.

At the end of the voting, the results are transmitted in encrypted form to the next level up where it is accumulated with other inputs from the district, and so on up the line.  All computers, hand-held terminals, and the paper records are delivered to the collection points where they are held, should a recount be required.  There are three levels of verification that are available, including a paper trail.

There is currently, what I consider to be a misplaced aversion to touch screen interfaces to the consumer, (voter) with the excuse that most people are not familiar with them. I admit, I am prejudiced on this subject, having been a co-designer of a hand-held touch-screen computer and communications device, several thousand of which were delivered to the Military more than 30 years ago. The touch-screen proved to be reliable and accurate in recording what was selected by the touch, using either your finger or a stylus.  The argument that the public is not familiar with touch-screens is rapidly fading away.  For example, if you have ever checked out of a supermarket with a credit card, you have probably used a touch screen.

In contrast, putting a mark in a bubble on a piece of paper that will be optically read, raises a whole series of problems, most of which, the touch-screen does not have. 

1.      The voter may not get the mark sufficiently into the bubble, or not dark enough for the machine to pick it up

2.      If you make a mistake and mark the wrong bubble, it is difficult to correct, with the result that you may need to get a replacement ballot or hope that your erasure will not be picked up as a selection.

3.      There is no way to guard against over-voting, i.e., where the voter selects two candidates where only one is allowed, or where too many candidates where multiple candidates may be selected.

4.      The electro-mechanical mechanism that reads the ballot is more prone to error than is a pure electronic interface.

5.      It has been claimed that the optical readers can be hacked into and I am not expert enough in that area of computer design to know if this easy or difficult, but my guess is that any system will have its weak points and that good design will make it difficult to tamper with the voter’s intent.

The problem of being able to hack into any of these systems is not related to how the user interfaces with the device used to record the vote.  The problem is with the way the software that controls the process is stored, tested and used.

My experience of 45 years in the field, allows me to estimate that the entire project of designing and building all the hardware and firmware required for the entire nation, could be accomplished by the Federal Government for less than half-billion dollars if competitive bids were solicited to a detailed specification, three manufacturers were selected to share in the building of the equipment, and two independent companies were selected to do the testing.

Obviously, there’s more to the system including, absentee voting, identification of the voter, in terms of legitimacy, etc.  I have developed approaches to these elements also, but this paper gives you the approach.

In all cases, the system makes use of readily available hardware, firmware and software.

Leon

by Leon (4 articles, 0 quicklinks, 2 diaries, 22 comments) on Friday, April 25, 2008 at 2:00:29 PM
 

"Open" Elections It 'Aint

Your article, Ms. Singer, is perfectly put.  I liked the point you made about there being no way for a citizen to audit electronic voting.  One other point one might add to the nightmare that you described is the lack of transparency of electronic voting software.  Here in Missouri the state certifies voting equipment that can be used by local governments.  A "citizen group" vets the systems and passes on recommendations to the Sec. of State.  These citizens (who work for free) meeting for a couple of days a year can in no way review how the software that collects and counts the votes actually works.  (In fact, the software is proprietary and they are not permitted to even look at it.)  Each of the 12 systems they initially reviewed here had over 100,000 lines of software code.  Imagine, if you will, how long it might take to review 1.2 million lines of software code and the expertise needed. 

The certification of the equipment at the Federal level is no better.  A least one private company--part of the outsourcing of government trend--hired to certify the equipment was dropped from the program when it became apparent that they had no records of the tests they were supposed to be doing.  None of the voting equipment vendors certified by this company have been required to resubmit there equipment for testing (again??).

Looking more closely at the normal local operational requirements makes an un-auditable, proprietary-software-driven system even more frightening. Software updates may be issued two or three times a year.  When an update is issued all the code needs to be reviewed from top to bottom.  Since code updates aren't submitted to any federal agency and since the state can't or won't review it, I can safely say that no one in Missouri (nor anywhere else--outside of a few experts inside the companies themselves) has reviewed the code that counts all of the votes in our elections.  Even if they did review it there is no chain-of-custody procedure to assure voters that the software reviewed by whatever public agency is the same software that is running on their local voting machines and tabulation servers.

When 12 vendors have the power to determine the outcome of every election and when there is a 99.99% probability of never being caught (in most states there is no way to audit the election independent of the equipment), there will be cheating. The only question is whether or not it has already happened.  Of all the awful things that have happened since George and his cronies were placed into office, nothing threatens our democracy more.

Thanks for your article.

by PecosinRat (2 articles, 0 quicklinks, 0 diaries, 6 comments) on Friday, April 25, 2008 at 2:44:39 PM
 

great poimts

We need more prosecution - See Jim March's work regarding consumer fraud on Black Box Voting-  Also we must raise the deterrent factor via open source-  Black hats don't dig the gray bar hotel-    Brent Turner 

by Brent Turner (1 articles, 0 quicklinks, 0 diaries, 81 comments) on Friday, April 25, 2008 at 7:43:38 PM
 

ARE YOU SAYING FIRMWARE CAN MAKE A COMPUTER UNHACKABLE?

Computers are notoriously easy to hack into.  We hear all the time about viruses and worms on the internet and new firewalls have to be continually added to our computers to protect them.  No one has figured out how to design a 100% safe computer.

But if this firmware, that is operating instructions that can be "burned into" the computer which renders them impossible to alter were as impossible to alter as Leon claims, it would be possible to design a computer that is 100% safe from hacking.  Since no one has put such a miraculous device on the market, I must conclude that this firmware cannot make the computer as hacker proof as you claim.

The necessity of a secret ballot has been established by centuries of experience with elections.  But if the voter can retain a copy of their vote, those with the power to pressure the voter to vote as instructed can simply demand that the voter produce their copy of their vote.  Employers or fundamentalist churches can demand that their employees or members show them how they voted.  Computers can be hacked to show the voters one copy of their vote and record a different vote.

Theoretically at least, we can mandate by law that the paper ballots be continually under the observation of the representatives of all interested parties so a secure chain of custody of the paper ballots can be maintained.  This is not possible with electronic ballots.

Robert Halfhill

by rhalfhill (3 articles, 0 quicklinks, 0 diaries, 270 comments) on Friday, April 25, 2008 at 4:28:59 PM
 

No, But there are other safeguards

I believe most hacking, unless someone is able to phisically access the hardware, before or during the time of the election, takes place by someone getting into the network.  The computers are not connected to the network except for the brief moments when the results are transmitted. The handheld terminals are not connected to the computer except for the moments when the votes just entered into the unit are transferred to the computer at the poling station. If giving the voter of copy of how that person voted is REALLY a problem due to coersion, then let's not give the voter a copy. That's easy enough. Yes, it would be possible to print one thing and record another, but that assumes that hacking of the computer has taken place and it ignores the additional checks that are available by counting the paper ballots, tallying the votes in the individual hand held terminals and checking them against the tally in each of the computers in the polling station.  It still won't be perfect, but neither is any other system including a totally manual system, optical recognition systems, or any others that can be devised.

Leon

by Leon (4 articles, 0 quicklinks, 2 diaries, 22 comments) on Saturday, April 26, 2008 at 2:20:22 PM
 

Back to basics

Great discussion-  Naturally, I think all parties should witness the system available for download at www.openvoting.org -  With all open source software and complete paper ballots-  we can raise the bar high enough to provide appropriate protection from the black hats. In the world of hacking, one must assume the opposition will break through-  The best defense is detection through transparency....   Please support the open voting movement by tendering your suggestions-  We hope to unite the hand counting community with the techno activists and have the movement embrace a solution soon-

Time is running out-   Brent Turner 

by Brent Turner (1 articles, 0 quicklinks, 0 diaries, 81 comments) on Friday, April 25, 2008 at 6:25:46 PM