Slashdot Mirror
Interview with Voting Machine Company Reps
laupsavid writes "Here's an interesting interview with government and industry reps on the Black_Box_Voting site. I think it's funny (yet terrifying), almost like an extended Shark-Tank Unclear on the Concept item. They interview Paul Miller, Registration and Systems Manager of the Office of the Secretary of State. Black Box Voting is dedicated to informing people of reasons to reject electronic voting systems. I believe Bev Harris runs the site, and she claims to be an expert on accounting fraud. Also, see this area of the a site called Ecotalk for a list of instances of purported fraud by electronic voting."
Let me see here, they reject electronic voting due to fraud.. so what do they support, the fraud free special hanging chads when using paper ballots (in Florida)?
It's not like many of us vote anyway..
and hate it at the same time.
This interview (while somewhat hostile), does illustrate why I hate it - we have voting system companies that refuse to make their systems open that are, in turn, monitored by officials that do not understand how the systems can be tampered with.
I think our elected officials just aren't ready to handle technology, unfortunately.
Oh, any voting system that doesn't provide a hard-copy output of how I voted to be used as a check is a voting system I don't trust - a pure touch-screen system should provide a printout that I can confirm, and hand in, where it will be filed much the way traditional ballots are file. The actual counting can be purely electronic for all I care, until a recount is requested, in which case the paper ballots should be used - any tampering significant enough to alter the election should be trivially detectable using this system.
One of my favorite stories occured in a western state, I believe New Mexico. The local election official was suppose to set up the "tailor" files for the electronic vote counting system. Afterward, he was suppose to run a variety of test cases to make sure it all worked right. So on election night, their counting the ballots and someone noticed that the totals don't add up right. As I recall, a large group of ballots were being ignored. In a panic, they ID the problem and call the equipment vendor asking how to make the necessary changes. The vendor begs them not to change a thing and call a judge, pointing out that any changes made on election night will probably led to a election fraud trial. They call in a judge, who brings in reps from the handful of political parties. It takes days to fix the problem.
Comment removed based on user account deletion
I voted in the last election for governor in Florida with the new voting machines.
As they stand right now, they give me the creeps: They do not give you a print-out for backup. And there is no way to look at the code by an independent auditor because the republican Kath "Cruella" Harris declared the code a propietary secret. Only the vendor has the right to audit their own code and certify it as bug free.
An open system should print a ballot that goes into a ballot box as a back-up and it should be open for any independent party to review. If not how do we know there is no fraud involved?
~~~Please pass the salt, I hate unsalted MD5s
Many ways to abuse this system. If your interested in voting fraud, a story can be found on the bbc website about implementing online voting in the UK.
There was also a discussion about election reform and voting voting fraud last summer and can be found on the cato site.
Or you can watch the even in Real video
-this comment would be modded up if I posted it earlier =)
Most European countries have voting machines. Our system (in the Netherlands) is electronic, but there is a printer inside the machine for backup.
The problem with electronic voting is just as much about transparency and accountability as whether it is more susceptable to fraud than a dead-tree vote.
With a paper vote, the system is intrincially very simple - the voter marks a ballot paper according to who they're voting for. The ballot papers can be counted by hand, and anyone who wants to can observe the counting.
With an electronic voting system, how can I check how it's working? Even if the source code is open for all to see, how do I know that the published source is what's actually being used? And how can someone who doesn't understand computer programming check that the system is correct.
Any voting system is vulnerable to fraud of some sort, but, imho, a system which anyone can understand is better than one which only a privilaged minority (geeks) can.
The purpose of a democratic election is not to determine a winner. Every conflict, democratic or not, peaceful or not, ends up generating winners. No, the purpose of an election is to make everyone agree who lost, and to generate (through a future election) a preplanned battlefield for a future engagement.
Only through this process can the costs of conflict -- which are often substantial, sometimes far greater than the value of what's being fought over -- itself be minimized.
Some engineers with no knowledge of politics imagine voting is a counting problem. Given hundreds, thousands, maybe hundreds of thousands of individual polling sites, how can the numbers be collated and reported accurately? How can the top scoring candidate be identified and informed of his or her success? In short: Who won?
They miss the point entirely: The problem is never the winner. The winner is not the one to doubt or challenge the system. The winner is always happy to win -- it's never the party in the lead that calls for a recount. No. The problem is with those to whom power has been denied. They are the ones that the entire system exists for; they are the ones who the process is designed to satisfy. We hold out a carrot -- you will have your chance again in some time -- and ultimately, a stick: You failed to convince enough people that your cause was worthy, that your message was true. We brought your message to the people, and they turned away.
That doesn't say "You won." That proves "You lost." This is why it is so critical to have a genuine paper trail for voting systems: Any idiot can tell you who won, but once the facts disappear -- once the finger rises from the touch screen -- there is no mark, no evidence, no proof at all. That doesn't mean the election won't have an outcome: Courts can quite easily, by fiat, declare that the voting system may not be challenged. By fiat, then, they decide who won.
Fiat -- legalese for "Because I said so" -- does not a proof make. Fiat declares a winner; it cannot prove a loser. Thus it fails, utterly and completely, to serve the purpose of the election system itself. Open and unambiguous access to the voting architecture is critical if we are to provide an election system that defies the sour grapes of a failed candidate. Anything less makes a farce of the election process -- why go through the rigamarole if people have no reason to believe the results?
The sad part is, most engineers have settled on the most obvious solution: Touch screen voting, with a human readable (but easily computer-auditable, through the use of the standard OCR fonts that have been on checks for decades) printout that is stored for recount purposes. (The printout is on difficult to forge official paper, and contains some piece of data that did not exist before the election, akin to POW's holding a newspaper.) At that point, there are a few choices -- have the touch screens also communicate to a central office, which collates votes and designates 5% of precincts randomly for immediate on-site audit, or perhaps skip the touch screen link and have each site read the votes from the printouts and only the printouts. Given a challenge, the computers speak the same language we do, and possess logs in the same physical format we can analyze. A challenged result can be answered with evidence -- and thus the challenge is not likely to be made at all, for that would be yet another failure for the candidate.
Elections without evidence see their legitimacy drain away like blood from a sliced jugular. Without evidence, it's not that the victor cannot be shown, it's that the challenger cannot be refuted. Shaking ones shoulders, saying "I'm not going to prove a negative", is insufficient. Blind touch-screeners leave elections vapid and useless, an exercise in futility that doesn't raise an eyebrow when precisely 100% of the (remaining?) population votes for Saddam.
It's honestly surprising that, in this d
and that is the true reason why they must be rejected. A society cannot claim to be a democracy unless it has free and secret elections.
An election is secret only if the voter is required to conceal his/her vote. This prevents votes from being bought (since the buyer cannot know if he actually gets the goods) and it prevents people from being pressurized into voting for a particular party (with online votes, a tyrannical husband can easily make sure his wife votes the right way).
Of course, vote by postal letter has the same problem which is why most democracies allow it only in case of unability to otherwise attend and also make it at least somewhat inconvenient.
We should have know something was amiss when Brokaw read the final totals: 15% for Bush, 15% for Kerry, 20% for Natalie Portman, and 50% for the next President of the United States, "that goatse guy".
If Slashdot were chemistry it would look like this:Cadaverine
Here in Clark County, Nevada, the very same Ms. Ferguson from the article was our elections supervisor at one time. She came in to the job, stayed just long enough to throw out all our old machines that had some kind of an audit trail and bought brand new totally electronic, un-auditable voting machines which violate state law from Sequoia Inc.
She only got the machines approved by the most ridiculous of explanations: A Printout of the memory card is just as good a audit trail as real ballots. Read about it here in our local paper. What did Ms. Ferguson do after leaving Clark County? Why she went to Santa Clara County in CA, where she stayed just long enough to throw out any auditable voting machines and replaced them with fully electronic voting machines from Sequoia.
After that, where did Ms. Ferguson go? Why she accepted a position as a Vice President... of Sequoia systems!
Do I think there is some wild conspiracy here? Nope. It's just a case of a political hack on the take, who doesn't care about the laws of the state that she is supposed to enforce.
Plus, I think the Slashdot crowd understands full well how when you have critical software apps that are closed source, you are essentially outsourcing control of your apps. So any county that has these fully electronic devices has outsourced election security to the low bidder. Egads.
Never confuse feeling with thinking.
I am in a class in which our final project is to design a remote pollsite e-voting system. We read a bunch of definitive papers, including those by Caltech/MIT, the California Electronic Voting Task Force, and the National Science Foundation.
First off, every source believes that there should be a paper trail as a backup. This is good.
Second off, every source believes remote internet voting is too insecure to be feasible at this time.
Third off, my team's research shows it is impossible to have 'remote poll-site voting', in which a voter can cast his ballot at any station or kiosk in the county or state, while protecting voter anonymity and without relying on an always-up internet connection at each poll-site.. The crux of the problem is this: you can't update a voter's record in a central voter registration database (to change him to "VOTED" or something) without the polling stations being connected to that database over the internet , or phone lines, or some kind of link. So instead, you would give each polling station its own copy of the voter registration database. But that means if someone tries to vote twice (once each at two different polling stations), the only way to ensure that both votes are not counted is to associate the ballot with the voter-ID..
At this point, it becomes a matter of trusting the government. Even if the ballot that is associated with the voter-ID is encrypted, do you trust the government not to decrypt those ballots before duplicate votes have been resolved and the voter-IDs have been stripped off? Even if the voting system was open source, do you trust the government to not use a forked version that *doesn't* respect your privacy?
Another scenario is to set up secure links (internet w/ IPSec, or private phone circuits, or satellite...) from the polling stations so you *can* update the central voter database in real-time. All of a sudden, the entire voting system is subject to denial of service attacks. People would climb poles to cut wires, etc. And if your system was designed to be "failsafe", so that voters could still cast a ballot even if the link was down, you'd be back at the voter anonymity problem mentionend above: those failsafe ballots would essentially be the equivilent of modern-day "provisional ballots", in which your name and identifying information are written right on the front of the envelope.
I don't see a cryptographic solution to the problem, as such solutions seem to involve the government holding all the keys.
The professor of the class is a brilliant man, and he admitted to me that this is a fundamental problem and that he was, in fact, hoping a solution might come out of his assigning it to a bunch of students with fresh perspectives.
Intercarve Networks, LLC
somewhat hostile /.ers on privacy naive or even gullable; I actualy thought the the FLA election fiasco was basicaly much ado about nothing. After reading the article, allowing for editorial liciense on the interviewer side and giving the election officail the benefit of the doubt the only thing I can conclude is that Miller should be ashamed to cash his pay check. This Miller guy was not somewhat hostile, he was downright evasive unaceptable for a public servant. I could except answers like, "I don't know that's Joe Snuffy's area of expertice, let me ask him and I'll Email back an answer ASAP"
Compared to most of the vocal
I made my first 'puter by wire-wrapping from a schematic back in 1976, and there is no way I'd trust a system without a hard copy output for anything more inportant than internet surfing.
basicaly what I got out of the interview is
1. a company make the voting machines named AccuVote
2. this company issues updates on CD's and if the update is significant it's independantly tested but nobody seems to have a definition of significant.
3. the CD's arrive from a source that's not explained, and don't seem to be verified as coming from an authorized source. Something like doing a MD5 checksum to verify the cd might be usefull for accounting purposes.
4. the CD are load into the system and they do what-ever they do and nobody seems to be accountable for tracking the machines that are updates; or even verifing which files have been changed.
5. before the election's the system is tested for Logic and Accuracy and if this test is passed, it's assumed valid for live data. of course off the top of my head an election would need huge amounts test data to cover all of the different vote possibilities and possible user responses.
I'd also have to agree with the interviewer, touch-screen voting machines are untestable.
Seems a pretty sloppy way for a secratary of state's office to do bussiness if you ask me
Apocalypse Cancelled, Sorry, No Ticket Refunds
Personally, I believe votes are as important as money, and should get the same care in their accounting. That, rather than the electronic nature of the new machines, is what irritates me about the new machines. They are fundamentally broken from an accounting point of view, and nobody seems to give a shit because, apparently, votes are not as important as dollars in the United States of America.
Send mail here if you want to reach me.