Exclusive to OpEdNews:
OpEdNews Op Eds

Computer Election Verification: Another IT boondoggle

By Bruce O'Dell  Posted by Bruce O'Dell (about the submitter)     Permalink       (Page 1 of 2 pages)
Related Topic(s): ; ; ; ; ; ; ; ; , Add Tags Add to My Group(s)

View Ratings | Rate It

opednews.com

William Poundstone's New York Times January 7, 2008 opinion piece on Rivest and Smith's computer election verification scheme sounds "gee-whiz plausible" - at first glance.  A closer look shows not only is the scheme utterly impractical, it's just another inappropriate computer technology solution in search of a problem - a problem, that's already been solved.

Here is the essence of Rivest and Smith's election verification proposal, as described by Poundstone:

"[Rivest and Smith's] basic idea is to allow each voter to take home a photocopy of a randomly selected ballot cast by someone else.

"The scheme is low-tech. Paper ballots would be tallied by optical scanners or even by hand. The results would be then posted on a Web site. Using a serial number assigned to each ballot, voters could check the site to make sure that their random ballots were posted and had not been altered or misread."

At first glance it sure sounds "gee-whiz" plausible, but to an e-commerce and security professional, well, a few questions immediately spring to mind.

Here's an obvious one: how do I know the data on the "web site" is correct?

If the paper ballots are altered after being cast and photocopied, and before being "officially" imaged for the web site, sure, the copy the voters retain would not match the online version - but it would not match the paper, either.  So that kind of fraud would be successful - and not detectable.

Those familiar with the horror stories of punch card and optical scan ballot handling, most notably in the 2004 Ohio recount - and afterwards - should not be quick to assume that ballot paper cannot be altered once it leaves the room.  (That's why secure election protocols count the paper before it leaves the polling place in front of multiple witnesses, and deprecates early and absentee balloting in the absence of serious chain-of-custody reform.)

If I want to spend the money, I could introduce a "man-in-the-middle attack", and deliberately corrupt or alter the ballot data, either in flight or after it is received. Generating a high volume of false positive recounts would add to the cost of elections and decrease public trust in the process, instead of the reverse.

I'll leave it as an exercise to the reader to figure out a way to flag the ballots that do get photocopied in such a way as only those are not altered. (By the way, the prize is control of a $12 trillion economy and the US Military, so put on those thinking caps).

Infrastructure boondoggle?

By the way - anyone thought about the storage requirements for keeping hi-fidelity ballot images online?  Back-of-the-envelope, for 130 million presidential year ballots, at say 20KB per ballot image (optimistic compression), that's 2.6 times 10 to the 12th bytes of image data, or 2.6 terabytes, or 2,600 gigabytes - maybe, as much as 10 terabytes.

Sure, you can stop down at your local computer store and buy that much storage for your PC or Mac for a couple of thousand dollars, and that utterly misses the point.

The largest online transactional databases today are on the order of tens of terabytes, and they are very expensive to maintain and index for high volume performance and scalability. 

How do you get all those bytes from the precinct into the central database in a timely manner, and securely serve them to what we in the e-commerce world call an "open queue" - essentially unlimited numbers of users - with the gigantic peak in processing volumes coming in the critical hours after an election - precisely when public perceptions of winners and losers are being set?

That will require a substantial investment in network, hardware, software and security infrastructure. Someone will need to buy all that (namely taxpayers), and some of my colleagues in the IT industry will profit very handsomely. That has nothing at all to do with their advocacy of these kinds of proposals, of course. OK, maybe a little.

Next Page  1  |  2

 

The views expressed in this article are the sole responsibility of the author and do not necessarily reflect those of this website or its editors.

Writers Guidelines

Contact Editor

Most Popular Articles by this Author:     (View All Most Popular Articles by this Author)

UPDATED Obama-Clinton: remarkable opscan v. handcount results

Pull the Plug on E-Voting

Holt's HR 811, A Deceptive Boondoggle -- 10 Blunders to Fix

An Exit Strategy for Electronic Voting

Pull the Plug on E-Voting, Part 2

Computer security expert who testified to NH Legislature, holds State accountable

Comments

The time limit for entering new comments on this article has expired.

This limit can be removed. Our paid membership program is designed to give you many benefits, such as removing this time limit. To learn more, please click here.

Comments: Expand   Shrink   Hide  
1 people are discussing this page, with 1 comments
To view all comments:
Expand Comments
(Or you can set your preferences to show all comments, always)
considered robust enough for war time" is to&... by Rady Ananda on Monday, Jan 7, 2008 at 8:56:33 PM