Can America Trust Electronic Voting? 452
A anonymous reader writes: "The Sacramento Bee wrote an excellent article about the issues surrounding electronic voting. It was written by the Yolo County clerk/recorder and a professor of law at UC Davis. They quote sources such as Peter G. Neumann and Diebold's president Walden O'Dell."
Some paranoia... (Score:5, Interesting)
E-Voting and its problems are a clear example of what is happening: we are giving to our computers and networks more and more 'power' over our own lives. This wouldn't be a problem if security was some exact science.
We still have big problems with computer security and while we didn't fix them yet (anyway can we really fix them ?) the overall 'value' of the data that goes through our networks is fast increasing.
This, I think, will be even worse in the near future because the software, systems and networks we use will be more and more complex and it will be harder and harder to maintain a good level of security on them.
You could argue that the problems exposed in the article are not related to security. I would say 'not yet'.
But something really interesting is said: "These machines leave no 'paper trail,' that is, no voter-verifiable record allowing a retrospective audit of the votes recorded as cast for each candidate or ballot proposition.".
Everything in these system is 'virtual'. It makes it easier to loose, to replicate (to steal) or to alter information. I'm quite afraid about that.
Maybe the E-Voting system is not connected to Internet, which increase security of course, but maybe one day it will...
California is on the right track... (Score:5, Interesting)
While it's a step in the right direction, it's also ridiculous. A voting technology that is unacceptable in 2006 is also unacceptable today. I certainly hope they push up the deadline to before the 2004 election. There's plenty of time to fix it by then.
If you live in California, please bug the appropriate government officials about this.
Re:Hasn't Australia just mandated a paper trail (Score:1, Interesting)
Voting shouldn't be anonymous.
Re:Redundant, I know (Score:5, Interesting)
I wouldn't have a problem with that either. Problem is, somebody will point out "Ah, but what if people can't figure out how to use it or they mark it incorrectly?"
Anyway you cut it, voting is not rocket science people. All I want (as a concerned citizen) is someway to verify the process.
Can America Trust Electronic Voting? (Score:3, Interesting)
Re:Hasn't Australia just mandated a paper trail (Score:5, Interesting)
That we will be able to get voting results faster? Well, let's see. In Germany, polls are always on Sunday and the booths close at 6pm. By that time, you already get projected results that usually differ from the final results by less than one percent. By 11pm the final results ("Vorlaufiges amtliches Endergebnis", "preliminary official results") are available. Is it worth spending millions of dollars just to get the results, say, four hours earlier? OK, there's one advantage if the results can be seen in "real time," e.g. over the day, while elections are still running. Because then the knowledge that the current results are very close to each other (think Gore-Bush) might have an influence on who decides to actually go voting later in the day.
And then there's the argument that E-Voting will make it easier for people to vote and thus more people will vote. But on the other hand there have been studies showing that when people had to make more of an effort to go cast their vote, turnouts actually increased.
That being said, www.free-project.org is a good source of pro and contra arguments regarding E-Voting.
Now, really.. (Score:5, Interesting)
As an example implementation.. When you register, you get a plastic card with a magnetic stripe on it. It has two 32-bit numbers on the card, with your name, picture, and address. One of the 32-bit numbers is your personal identifier, and the other is your signing key.
Now, for the ballot, every candidate also has a 32-bit number. When you want to vote for your candidate, you swipe your card, then select the candidate on the screen. Your pid is appended to the end of the candidates pid, and then it is hashed with your signing key. At the same time, a publicly available signing key from the government signs the 32-bit pid of the candidate. Two slips are then printed out, both with one barcode indicating your hash of the candidate + your pid, and a barcode with the hash of the government signed pid.
One slip is given to the poll people, and you keep the other. Also, a copy of the slip is sent over some network to the vote counting place. If you doubt that your vote has been tallied correctly, all you have to do is search for your signed 64-bit candidate + personal id in some government database.
Paper trail. Verifiability. Randomness. What am I missing? Was t overly complicated? Input, please!
P.S.: Want to vote for someone not on the ballot? Do a write in. They're rare enough that counting by hand isn't an issue.
Re:Can America Trust Electronic Voting? (Score:2, Interesting)
http://blackboxvoting.com/
Re:Now, really.. (Score:3, Interesting)
Re:Redundant, I know (Score:2, Interesting)
ATM Analogy (Score:5, Interesting)
I think that the voting companies will eventually lobby to regulate out any scrutiny of their process. Will every attempt to investigate the security of such systems by an average citizen be dealt with as a "hacking" crime eventually? With today's fear of the "terrorists" exploiting things, the time for this type of legislation is ripe.
How's the weather in Ontario? Is rent cheap?
Re:Redundant, I know (Score:3, Interesting)
Re:Now, really.. (Score:3, Interesting)
For example:
I want to be elected, and I want you to vote for me. I offer you a bribe to vote (or threaten to break your legs if you don't). Now I can verify that you did vote for me.
Voting needs to be secure, but it also needs to be anonymous.
Re:Now, really.. (Score:4, Interesting)
Therefore, bribery is equally possible under the current system. I don't even need the California law I cited, it just makes it easier to sell my vote election after election instead of having to obtain absentee voter status for each election.
Another good article... (Score:3, Interesting)
Electronic Voting Debacle
Grave concerns over the security of electronic voting machines in the United States means the heart of American democracy is at risk.
[snip]
"...The Big Issue: Security
So, how do you know that the machine actually counted your vote? You don't! Oh sure, you may see a screen at the end of the process that shows you what you selected
Why have electronic voting at all? (Score:1, Interesting)
The answer is, to a great extent, impatience. We've been conditioned to think that it's important to know the election results before we go to bed on election night. It isn't. TV networks cover elections with the maximum of hoopla they can muster: pundits, talking heads talking to pundits, statistics, counts, partial results, and forecasts based on partial results. All of it meaningless to the democratic process. Feeding this hoopla is one of the reasons that we have electronic systems - election officials decided to spend money on unproven systems simply to get results faster to keep reporters off their necks.
What's wrong with paper ballots, marked with a rubber stamp and counted by volunteers supervised by other volunteers? Nothing.
The yankees have it backwards. (Score:5, Interesting)
Since 2000, municipal elections here are counted with a mark-sense reader.
Voters get a letter-sized ballot, and they mark their vote with a sharpie. Then, they insert the ballot in a carrier-envelope.
Each ballot has a detachable stub with a sequential serial number, which is initialed by the scrutineer. When the voter returns, he tears-off the stub, and hands it to the scrutineer; this way, everyone can be sure it's the same ballot that was given (instead of a telegram, where you put in a pre-marked ballot, and prove you did it by bringing back the blank ballot).
The ballot is then passed though a mark-sense reader which tallies the counts, and drops into a sealed box, along with the other ballots.
This way, the results are known within seconds when the polls close, AND you STILL HAVE the paper ballots to be recounted, if the need arises.
The machines are not open-source, but starting tomorrow, I am pursuing the matter with the authorities.
Demand House Judiciary Hearing (Score:2, Interesting)
On Friday, U.S. Representative Dennis Kucinich from Ohio requested that the House Judiciary Committee take notice of Diebold's misuse of the DMCA:
From Kucinich's press release [house.gov]:
Write your own Congressman, and ask him or her to call for this hearing!
Answer: Make e-voting have a paper trail (Score:3, Interesting)
Furthermore, each voting system should have a secret key. On the recipt there should be a hash (ala MD5) of the information and the secret key. A recipt with this hash would be *proof* that a vote was cast, on which machine it was cast, and what you voted for. This way there would be no way for someone to come in later and change votes in the database without that change being evident. Voters could punch in their recipt code into a web interface and have the system automatically check that their vote was cast and counted correctly.
The central votes database would need to record:
It's Quite Simple (Score:3, Interesting)
benefits of speed and efficiency?? (Score:2, Interesting)
Why are there benefits to speed and efficiency?
My understanding is that the people who work at the Polls are either volunteers or temporary employees who earn a 'civic duty' stipend for providing their services. Efficiency is something you worry about at a hamburger stand, not at a polling place.
As to speed: why the hell does it matter that we get a 'speedy' result. The whole obsession over 'speed' seems to be driven by the 'news' media and their incessant need to report results. In actuality, it is always weeks or months before the result of the election is put into action.
Screw speed. Screw efficiency. Let a bunch of community volunteers tally the paper ballots. Fine any news organization that 'reports' official results before they're posted by elections officials. The vision I get of a group of old ladies saying 'hold on and we'll have the numbers in a few hours' to some yuppie fuck journalist is wonderful, and should be the reality.
non-competition agreements for public officials? (Score:2, Interesting)
One may argue that the public has only to gain if the public official brings his expertise into the private sector. My concern is, however, that the public official will use his expertise in side-stepping regulations or choosing the way of minimal resistance, to maximize profits at the expense of following rules and regulations.
Kind of like a hardware vendor optimizing their wares for benchmarks as opposed to real life situations!
Re:Redundant, I know (Score:2, Interesting)
You will never convince me that touch screen machines provide the same combination of security, accuracy and speed. I have nothing against Diebold, but sometimes, we all need to step back and remember the KISS principle and not to make a solution more complex than it needs to be...
Re:More badly-researched rhetoric on voting machin (Score:2, Interesting)
Note page 15 of this PDF'd election manual. [sf.ca.us] (The document is an election workers manual from the County of San Francisco, I've worked polls in Santa Clara County myself.) Note that it does not state that ID is illegal to ask for, but does say that "Voters are NOT required to provide proof of identity or residence."
I will add that many voters do bring their voting booklet, or present an ID, and it definitely helps poll workers when you do that, it's somehow just slightly quicker to look something up when you have a nicely printed version fo what you're searching for, particularly with hard-to-spell names.
Here is [ca.gov] the text of a proposed law, from February 2003, to require IDs to be checked by precinct workers.
I can't, in the few moments I've looked today, find an explicit prohibition, although I believe I've seen one, I'm willing to drop the assertion that it's directly illegal until I can find direct proof of that statement. I will note, however, that if it's not required, it'd be a pretty bad idea to demand it of voters, since it'd be a direct opening to charges of discriminatory, selective checking of IDs.
On the other hand, a mistake by a polling worker on this point is far more likely to be a mistake than a serious attempt at fraud, poll-workers don't get a ton of training.