Send a Tweet
Most Popular Choices
Share on Facebook 3 Share on Twitter Printer Friendly Page More Sharing
Exclusive to OpEd News:
OpEdNews Op Eds   

Computer Election Verification: Another IT boondoggle

By Bruce O'Dell  Posted by Bruce O'Dell (about the submitter)       (Page 1 of 2 pages)   1 comment
Message Bruce O'Dell

William Poundstone's New York Times January 7, 2008 opinion piece on Rivest and Smith's computer election verification scheme sounds "gee-whiz plausible" - at first glance.  A closer look shows not only is the scheme utterly impractical, it's just another inappropriate computer technology solution in search of a problem - a problem, that's already been solved.

Here is the essence of Rivest and Smith's election verification proposal, as described by Poundstone:

"[Rivest and Smith's] basic idea is to allow each voter to take home a photocopy of a randomly selected ballot cast by someone else.

"The scheme is low-tech. Paper ballots would be tallied by optical scanners or even by hand. The results would be then posted on a Web site. Using a serial number assigned to each ballot, voters could check the site to make sure that their random ballots were posted and had not been altered or misread."

At first glance it sure sounds "gee-whiz" plausible, but to an e-commerce and security professional, well, a few questions immediately spring to mind.

Here's an obvious one: how do I know the data on the "web site" is correct?

If the paper ballots are altered after being cast and photocopied, and before being "officially" imaged for the web site, sure, the copy the voters retain would not match the online version - but it would not match the paper, either.  So that kind of fraud would be successful - and not detectable.

Those familiar with the horror stories of punch card and optical scan ballot handling, most notably in the 2004 Ohio recount - and afterwards - should not be quick to assume that ballot paper cannot be altered once it leaves the room.  (That's why secure election protocols count the paper before it leaves the polling place in front of multiple witnesses, and deprecates early and absentee balloting in the absence of serious chain-of-custody reform.)

If I want to spend the money, I could introduce a "man-in-the-middle attack", and deliberately corrupt or alter the ballot data, either in flight or after it is received. Generating a high volume of false positive recounts would add to the cost of elections and decrease public trust in the process, instead of the reverse.

I'll leave it as an exercise to the reader to figure out a way to flag the ballots that do get photocopied in such a way as only those are not altered. (By the way, the prize is control of a $12 trillion economy and the US Military, so put on those thinking caps).

Infrastructure boondoggle?

By the way - anyone thought about the storage requirements for keeping hi-fidelity ballot images online?  Back-of-the-envelope, for 130 million presidential year ballots, at say 20KB per ballot image (optimistic compression), that's 2.6 times 10 to the 12th bytes of image data, or 2.6 terabytes, or 2,600 gigabytes - maybe, as much as 10 terabytes.

Sure, you can stop down at your local computer store and buy that much storage for your PC or Mac for a couple of thousand dollars, and that utterly misses the point.

The largest online transactional databases today are on the order of tens of terabytes, and they are very expensive to maintain and index for high volume performance and scalability. 

How do you get all those bytes from the precinct into the central database in a timely manner, and securely serve them to what we in the e-commerce world call an "open queue" - essentially unlimited numbers of users - with the gigantic peak in processing volumes coming in the critical hours after an election - precisely when public perceptions of winners and losers are being set?

That will require a substantial investment in network, hardware, software and security infrastructure. Someone will need to buy all that (namely taxpayers), and some of my colleagues in the IT industry will profit very handsomely. That has nothing at all to do with their advocacy of these kinds of proposals, of course. OK, maybe a little.

Next Page  1  |  2

(Note: You can view every article as one long page if you sign up as an Advocate Member, or higher).

Rate It | View Ratings

Bruce O'Dell Social Media Pages: Facebook page url on login Profile not filled in       Twitter page url on login Profile not filled in       Linkedin page url on login Profile not filled in       Instagram page url on login Profile not filled in

Bruce O'Dell is a self-employed information technology consultant with more than twenty five years experience who applies his broad technical expertise to his work as an election integrity activist. His current consulting practice centers on (more...)
Go To Commenting
The views expressed herein are the sole responsibility of the author and do not necessarily reflect those of this website or its editors.
Writers Guidelines

Contact EditorContact Editor
Support OpEdNews

OpEdNews depends upon can't survive without your help.

If you value this article and the work of OpEdNews, please either Donate or Purchase a premium membership.

If you've enjoyed this, sign up for our daily or weekly newsletter to get lots of great progressive content.
Daily Weekly     OpEd News Newsletter
   (Opens new browser window)

Most Popular Articles by this Author:     (View All Most Popular Articles by this Author)

UPDATED Obama-Clinton: remarkable opscan v. handcount results

Pull the Plug on E-Voting

Holt's HR 811, A Deceptive Boondoggle -- 10 Blunders to Fix

An Exit Strategy for Electronic Voting

Pull the Plug on E-Voting, Part 2

Computer security expert who testified to NH Legislature, holds State accountable

To View Comments or Join the Conversation:

Tell A Friend