Slashdot Mirror
E-Voting Expert Testifies
Christopher Soghoian writes "Johns Hopkins University professor Dr. Avi Rubin (of previous e-voting fame) yesterday testified before the Maryland House Ways and Means Committee.
An article in the Baltimore Sun describes his testimony, as well as that of the director of the state elections board, Linda Lamone. Mrs. Lamone was highly critical of Dr Rubin's testimony, stating that he was doing 'a great disservice to democracy. They're telling the public: Don't trust them, don't trust the voting equipment.'
This begs the question: Is it better for security researchers to avoid publicly criticizing e-voting flaws? Is public faith in the system more important than overall system security?"
If Lamone is attacking the messenger, rather than the message, she is surely guilty of some flaw...
The E-Testifying company which handled his testimony, also owned by an E-Voting company, has changed what he said! The testimony now reads "E-Voting is great. We should all move to E-Voting now. I for one welcome our new E-Voting overlords."
Is public faith in the system more important than overall system security?
I love the Leader too!
-Ben
Just because a virus sitting in Jane AOL's system sending out spam isn't affecting her business, it doesn't make it OK. If fraud is going to go on next election, as personally I'm sure it will, there need to be huge changes happen before integrety is restored.
Doubters have to be able to scrutinize the way the system works. So, in order to be trusted by as many people as possible, the system should be understandable by as many people as possible.
As soon as you have any kind of black box whose functionning cannot either be seen, or plainly understood by people, there is room for doubt.
This is why a hand-counted, paper-based ballot system is the most trustable one possible: it doesn't take a computer scientist to understand how it works and how it could be rigged.
I think they still do that today and if somebody went public with how stupid this really is, I'm sure they would get the same treatment. Be EDUCATING the public, the politicians feel threatened. They've made clueless decisions and when those decisions are threatened... well, it's just unAmerican( or so THEY say ).
For the people, by the people... yea, right.
LoB
"Anyone who stands out in the middle of a road looks like roadkill to me." --Linus
Most people, like the poster, incorrectly assume that "begs the question" is the same as "answers the question". This describes the proper use of the phrase.
Toronto-area transit rider? Rate your ride.
I don't think that I am stepping outside of the "group think" of Slashdot when I say "Secure systems are more secure with open and accessable standards and code which will verify that they are indeed secure". Furthermore, "Security is not inhanced by elimating the freedom of discussion"
The grass is only greener, if you don't take care of your own lawn.
Public faith in the integrity of the electoral system is vital if democracy is to be successful. If one of the vital components of the electoral system is flawed then the public can have no faith and the system cannot work.
Do not try to read the dupe, thats impossible. Instead, only try to realize the truth
What truth?
There is no dupe
Is it better for security researchers to avoid publicly criticizing e-voting flaws? Is public faith in the system more important than overall system security?"
Is this a trick question? Is Slashdot being controlled by e-voting Nazi's who hope to find out those that are skeptical so they can come to their houses and force feed them e-voting propaganda?
Oh well, the answer is NO!!! Security through obscurity DOES NOT WORK!!!
They're telling the public: Don't trust them, don't trust the voting equipment.
Is public faith in the system more important than overall system security?
The trouble is with that 5-letter word: faith. Anything that handles data in an obscure way (read closed-source) relies on user's faith.
Anytime you start a closed-source program, faith in the coders/packagers is what makes you believe that nothing will go wrong. You can't double-check anything; if source is available, you don't need faith: just read the code. I guess for the majority it's the same: they don't understand so they must have faith in those who do.
But I feel it's just like a car: most people don't understand the inner workings - but they wouldn't buy one on which the hood is sealed.
How in the world can you do a disservice to democracy by highlighting a new voting technqiue that is plauged by insecurity and potential for fraud? In fact, what he is doing more service to democracy than anyone alive. It's the people who think their jobs are on the line for some questionable calls that are doing democracy a disservice. With all due respect to their opinion, I don't really care if this makes some election official look bad. Perhaps the professor should be heard and the problems he highlights investigated. A lot of this technical stuff is not all that subjective. Here's an idea, have Cusomer Reports subject the e-voting machines to their usual array of scrutiny (they'll need experts of course). That sounds fun. :)
David Whatley
Mrs. Lamone was highly critical of Dr Rubin's testimony, stating that he was doing 'a great disservice to democracy. They're telling the public: Don't trust them, don't trust the voting equipment.'
"Ignore that man behind the curtain."
(Or should that be "Ignore the guys sneaking up behind you with the net."?)
Yes, they're telling the public to distrust the voting machines. And in the short run that may destabilize the nation - slightly.
But distrust of something untrustworthy is appropriate - especially when letting it be corrupted can literally lead to tyrrany and war, while FIXING it so that it is verifiably trustworthy is trivial.
Of course that means the decisions of Mrs. Lamone's department (no doubt those of Mrs. Lamone) might be criticised, and her state be required to spend more money to upgrade or replace the devices they selected. Bad for her carreer path, eh?
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
This begs the question: Is it better for security researchers to avoid publicly criticizing e-voting flaws?
The answer is pretty straightforward: NO. Security researchers and other whistle blowers serve a valuable role in public. This isn't even an interesting question. A more suitable qustion for discussion is:
* Why is the incumbent party in power supporting untrustworthy voting machines?
* Why would someone oppose a simple request for accountability being built in to our democratic process?
* How is it so difficult to see there is an opportunity to create the worlds possibly first trustworthy election system? All we need is a paper backup...
-- $G
There's no reason not to perform an ordinary round of safety and reliability testing on this system. It's obvious they did nothing other than casual alpha and beta testing, with no code inspection, no robustness, no structural coverage, and no documentation of faults.
They don't even follow the laws when taking machines out of service to be repaired at the polls.
It's not worth discussing the merits of the current machines. They have none.
Probably the best quote from the whole article: "I thought he was far more credible than I thought."
Use Ctrl-C instead of ESC in Vim!
However, having a black box which can do anything with your vote it likes, provides no verification of vote cast, and is completely open to manipulation - THAT I have a problem with.
Bush: He's Liberal in all the wrong ways.
a great disservice to democracy. Now they are trying to improve on punchcards, and that's a disservice.
Will the argument go:
2000 - "Bush stole the election with punchcards. The people need e-voting!"
2004 - "Bush stole the election with e-voting. The people need punchcards!"
You know people, e-voting might not be foolproof, but punchcards are easier to hack. Any al Qaeda can walk into a DMV in California and ask for a voter's registration card, and voila!
Hacked.
Slashdot "libertarians": Small government for me, big government for those I disagree with. -1, I disagree with you
Public faith is important. The first step to that faith is a system which deserves it.
-Rob
Which is the argument against security researchers publicizing problems in any voting system. This is especially true if the new voting system is at least as fair and secure as the system to be replaced.
However, the standards for 'fairness' are increasingly strict. Many in the US now want to count every single person, no matter how poor, dark, or uneducated that person is. Such inclusive counting keeps people content while not changing the political landscape all that much, as the elite have other ways to control the landscape. Furthermore, as more people become educated they want access to the public process. Since the educated have the power to disrupt, their concerns matter and should be addressed to protect the peace which is so critical for economic well being.
Additionally, technology allows increased trust in our system. One good example is fingerprinting. Genetic matching brought up issues of the trust and reliability in the technology used to identify suspects. The courts ruled that any technology used in the courts must be reliable. This brought up the question of whether fingerprints are reliable. Though they have been used for a long time, and though a full fingerprint is reliable, the partial prints may not be. Even though they satisfies the standards of the past, they may not satisfy current standards.
Voting may be a smilier case. A higher level of reliability is possible, so it mandated that the possibility be realized.
"She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
Is public faith in the system more important than overall system security?
The most important aspect of the public's relationship to voting is trust. Universal suffrage does not employ all the people in choosing our leaders because "100 million heads are better than one". To the contrary, "None of us is as dumb as all of us". Voting is a method of demonstrating consensus of the governed, so it's easier for us to accept the elected. With the beating administered to their constituents' trust by politicians ever increasing, trust of the elections must be increased to compensate, to allow us to be governable.
We don't have to choose between trust and security. Just read that sentence again; choose between trust and security?! Security REQUIRES trust. This goes beyond the modern either/or fallacies of the excluded middle, like "those who would choose a little temporary security at the expense of liberty" who would neither deserve nor get either security or liberty. When you look at the torrent of these fallacies coming out of politicians today, you've got to wonder "where is this coming from"? They're adults, haven't they learned to see through that simple trap? Or is it just contempt for the public that frames these false choices? America is the strongest country in the world, because of the variety of choices we create, then choose. To throw that away over every security issue is to choose the path to doom. Why do they hate America?
--
make install -not war
Consider this: If the American people are so blind as to ignore the obvious problems with these e-voting machines, then they DESERVE whatever form of government corruption they end up with. We have a valuable lesson to be learned here. Fox news is beginning to pick up on this. Lets hope that the media bcomes quite loud in the coming months about the discrepancies and the "changes" made to these machines during and immediately after some recent elections. If these machines could be hacked, or changed, then I would submit that they are NOT viable as an alternative to conventional voting machines, be they mechanical or punch-paper cards. I would suggest that we keep the voting process as simple and straightforward as possible, and that we utilize our current methods for counting and recording the votes. No matter how complex it becomes, the voting process must be overseen by a responsible party, one that can be criminally prosecuted for fraud, should it become apparent. Since no electronic method is 100% secure, I would suggest that we disallow those methods. Now it's up to you, the people. Do you want someone else telling you how you voted before you vote?
I'm gonna go out on a not-too-long limb and say that he's a 'e-voting' expert because he's done, written, and published investigations on electronic ourvoting techniques, devices, and related technology in the past.
Your welcome in advance for leading you to such a huge stretch of understanding and logic.
"I think they're doing a great disservice to democracy," she said. "They're telling the public: Don't trust them, don't trust the voting equipment."
Sounds like the sort of thing dictators say when making an example out of someone eg. "he's an enemy of the people, he would kill your baby in the blink of an eye, would you actually trust a man like this that kills babys?" Then again there was the whole communist thing "hes a commie burn him" and the un-american thing "you are an un-american and im gonna call the FBI on you"
Linda Lamone either has no-idea about electronic voting, or has another agenda.
Actually i just realised shes right but shes using the redifined term for democracy which means "the most money wins" in which case its bad that the machines cant be controlled buy the most affluent people
This comment does not represent the views or opinions of the user.
If you aren't up to date on the controversy over so called "black box voting" here's just a few recent articles to give you a flavor about what is being said in the media:
.html?tw=wn_tophead_5
http://www.wired.com/news/politics/0,1283,61068, 00
http://www.nzherald.co.nz/storydisplay.cfm?story ID =3529556&thesection=news&thesubsection=wor ld
http://www.wired.com/news/print/0,1294,61045,00. ht ml
http://www.washingtonpost.com/ac2/wp-dyn/A1397-2 00 3Nov5?language=printer
Why there is no need to rush
The state deadline for HAVA compliance is over two years off, the planned system wont meet expected new federal requirements (sponsored by Tom Udall and 61 other congressmen), and better, equivalently priced, systems will be available in the forseable future. Finally, the federal law and state law requires voting machines to be FEC and NIST standards compliant; these standards have not yet been set for touch screens.
STATE DEADLINE IS OVER TWO YEARS AWAY
First, some comments by the clerks office indicate a belief that Los Alamos must have touch screen systems in place for the 2004 vote. Recent information contradicts this deadline. In fact, the N.M. Secretary of States draft plan for implementation of the HAVA act, calls for a goal of January 1 2006, for placement of one touch screen DRE in every polling place. (http://www.sos.state.nm.us/Election/HAVA/HAVA03.h tm )
NEW FEDERAL LEGISLATION MAY DISQUALIFY PLANNED SEQUOIA SYSTEM
Second, federal legislation currently in committee would disqualify the proposed Sequoia voting systems equipment. In may 2003, our representative Tom Udall co-sponsored H.R. 2239, to amend the Help America Vote Act of 2002 to require a voter-verified hardcopy, also know as The Voter Confidence and Increased Accessibility Act of 2003. This bill requires DRE systems to produce a voter verifiable hardcopy and the software to be fully disclosed to anyone (i.e. open source). The Sequoia system meets neither of these requirements at present (however, the next generation of Sequoia systems may possibly be able to meet this requirement.) http://holt.house.gov/issues2.cfm?id=5996
This bill has 61 co-sponsors: even if this bill fails to pass this session, the strength of this overwhelming endorsement ought to indicate to the council that Voter verifiable hardcopies and open source software are extremely desirable characteristics. Indeed this is so important that the country of Brazil, which has 400,000 electronic voting machines has decide to replace them with voter verifiable systems.
(see http://www.notablesoftware.com/Papers/BtF.html ) Australia, New Zeland, and Canada require open-source voting systems.
VASTLY BETTER TOUCH SCREEN SYSTEMS AVAILABLE AT NO ADDITONAL COST
Third, already three manufacturers offer touch screen systems, which provide paper voter verifiable records of vote and some offer software disclosure. The Avante Vote-Trakker, Accupol, and Advanced Voting Systems (Hewlet Packard) all print voter verifiable ballots. The "big three" touch screen makers ( ES&S, Diebold, Sequoia) all have prototypes that produce voter verifiable paper records that should be certified in the near future. (http://verifiedvoting.org) Finally, Vogue Election Systems, offers an alternative to touch screen systems: a HAVA compliant device that assists handicapped voters to independently mark a conventional optical scan ballot. (http://www.vogueelection.com/ )
These newer systems are not expected to be more costly that the current non-voter-verifiable systems. After pressure by California's Santa Clara county (19 million dollar contract), Sequoia voting system has agreed to implement (at no added cost) a voter verified, recountable, paper ballot addition to the touch
screen system. http://www.verifiedvoting.org/states/ca/ca-scco.as p
OTHER UNCERTAINTIE
Some drink at the fountain of knowledge. Others just gargle.
I think, one of the most important safeguards in voting is the possibility to audit and correct the results many times over by many "auditors" (e.g. people and processes who re-count). Paper and pencil in connection with proper processes represent technology/methodology with these characteristics. Good electoral processes include a certain amount of re-counting already in the original count. More than one person looks at each ballot and agreement on the intent of the vote has to be there. If an entire electoral station's vote-counters are corrupt, then ballot boxes can be shipped off to a new group of examiners.
For example, I think e-voting needs to emulate the capability of having several independent examinations of a vote (like several people looking at a ballot, and interpreting which way the vote was intended). This would at least require the capability of having software from more than one provider, each piece of software essentially interpreting the intent of the vote.
Each step of the data gathering and interpretation process should be multi-sourced. And yes, that would mean, that even a log of x/y co-ordinates, which have been touched, should be generated by more than one independent source.
If the independently created and managed processes(hardware/software) in the voting machine all agree on the result, there is a good chance that neither fraud nor error has been present - but if the results amongst the independent processes vary, one needs to investigate.
So, while I think open sourcing is a fundamentally more democratic approach to e-voting software (and hardware!), I think that multi-sourcing of software (preferably in each machine) is even more important.
"This begs the question: Is it better for security researchers to avoid publicly criticizing e-voting flaws? Is public faith in the system more important than overall system security?"
:/
This alone should be sufficient to overturn the DMCA and other laws of this nature. Basically forcing people to keep silent rather than voice concerns over issues we are facing. Reminds me of a Babylon 5 episode where Sheridan was appointed a political officer. She made a couple comments which are frightening.
"Of course we have problems back on earth, but that's no reason to embarrass our leaders".
then there was
Sheridan: When did all these problems with poverty, unemployment... go away?
PO: When we rewrote the dictionary.
Sounds familiar doesn't it. Ignoring the problem makes it go away. We've reached a new low level if this is true
Has Comcast disconnected your Internet account? Same here. You can read about it at http://comcastissue.blogspot.com
This begs the question: Is it better for security researchers to avoid publicly criticizing e-voting flaws? Is public faith in the system more important than overall system security?"
Of course not. If they fix security, faith will follow. It really is that simple. This is like leaving your front door wide open while you go on holiday and then being upset when people worry that their house will be robbed while they are gone. Secure the door well and people will feel better. It really is that simple.
In a nut shell, it's Linda Lamone that's doing a great disservice to democracy, technology, and the people that elected and/or hired her to do what's best for the people in her distirct(s). I can't think of anything more un-American that ensuring democracy is easily manipulated and faith in the results is shaken. She needs to be beaten with a stick and replaced. She is either incompetent or actively wants a mechanism to minipulate election results.
"I don't think Diebold would allow it," she said. "It's their proprietary code."
Bam, there it is, she's put some kind of faith in IP above her elected duty to safegaurd elections. It's peposterous that elections officials don't have access to the actual method of vote counting and everything else the machines do. With transparancy you don't need faith in a system, you can have reasonable trust that what you saw and know will work.
Dibold has made themselves a proxy for voting. If you removed the electronic components the flaw becomes apparent. Imagine Dibold hired people to sit in a booth and write down your vote where you could not see what they wrote! After that, the representatives would take the votes in closed bags to a place where they would count them and give the results to the elections commisioners. The electronic system has even larger flaws because it's easier to comprimise thousands of computers than it is to comprimise thousands of people, but no one would trust the low tech analog. Defending faith is such a system over the actual integrity of the system is nuts.
You can have an electronic system with a publically inspected paper trail. If the system is not free or open it can't be trusted because you don't know how it works. It's that simple.
Friends don't help friends install M$ junk.
I understand the concern about e-voting, as a US citizen, I do feel that my vote should count. However, it doesn't. Because it isn't a representative vote. If 60 percent of the country votes for 2 candidates that have leftist views, but neither of them get a majority, the remaining 40 percent (the minority) of the country has an administration in power. Interesting, eh?
I find this disturbing. But thats just one way of vote manipulation. Others include: blatant lies during campaigns, smear campaigns, party affiliation (I don't know anything about this candidate, but it's a democrat! I'll pick it, n/m it's warhawk stance and corporate leanings), intimidation, money, and pre-political fame. Not to mention the manipulations of the present administration: free press conferences, interviews, wars (or the stopping of)... etc.
I think these are more pervasive than electronic tampering. Plus, since there are over 2 brands of voting machine being used, I think it could be easy to detect which ones are cheating: lets say diebold only picks republicans and brand x always picks democrats. When votes are tallied I think this manipulation will be obvious.
The biggest problem with these systems being closed is that as long as large number of machines are being purchased from the same vendor, and the number of vendors are small, there's now a trivial way of fixing the elections.
A little trivia: We know the security at Diebold is ridiculous as is. But let's say they do code reviews. Lets say check ins are monitored.
Heck, maybe they even open source the system.
Then it would be safe, wouldn't it?
WRONG
Without an audit trail in physical form, verified by the voter, these systems will NEVER be safe.
Consider this little todo list if you decide that voting fraud would be an interesting career choice:
The list of fun stuff to try would be endless.
Creating a paper audit trail is cheap, compared to verifying the hardware design (of the actually delivered boxes, not of what was supposed to be manufactured), verifying the binary images of all the software actually on the delivered boxes, INCLUDING BIOS, drivers, microcode on any "interesting" chips in the system (it would not be surprising if the touch screen had a programmable CPU on it, for instance - after all the good old Amiga keyboard had an embedded CPU with on chip RAM and ROM and a 6502 compatible instruction set - all you'd need to modify the data stream), and how it all works together (see the memory arrangment suggestion).
Seemingly innocent changes to various parts of the system might have distasterous effects once they are combined.
Without an audit trail you will NEVER, EVER have a reliable, safe, tamper proof system - electronic solutions are simply too complex to prevent someone from finding comparatively easy exploits.
"Is public faith in the system more important than system security?" Why on earth would any rational person ask such a thing? In a democracy the accuracy and integrity of elections are paramount. All the "faith" in the world counts for zip if the elections are rigged or so incompetently run that the results cannot be trusted. Should the truth about possibly dangerously skewed election results be suppressed in a free country? Again, this is a stupid question. Freedom is about NOT suppressing the truth, especially when it comes to the direct exercise of that freedom.
Calling Avi Rubin a "smart aleck" after he criticizes e-voting machines is like saying the AMA is a bunch of smart alecks when they decry smoking as cancer-causing. We don't have a 'Security General' like we have a Surgeon General, but if we did, Rubin would be qualified by the job -- and only one of a handful of people I'd want to see in it.
This has really gone from, "Wow, what is that crazy county thinking?" when they selected Diebold e-Tyranny systems to absolute insanity. After so many major vulnerabilities were found and a bevy of absolutely insane catastrophes have occurred (like the number of votes being 10x the number of registered voters?), these systems should be done forever. Fix them? Wrong. Throw them away, and let Diebold make something they're qualified to make, like... bubble gum dispensers.
The shocking thing is that the security experts are raving about how intentional compromises could occur -- but these machines are so pathetic, they can't even function properly due to accidental bugs! If they can't even function when used normally, what happens when we introduce maliciousness?
The ACLU should have lawsuits coming out the wazoo for this. Hanging chad? Hanging chad has nothing on these machines.
Is it better for security researchers to avoid publicly criticizing e-voting flaws? Is public faith in the system more important than overall system security?"
Ummm. No. An educated public is one of the foundations of democracy, withholding information about vital flaws to the election system for the mere purpose of public faith is precisely contrary to this goal! Of course this should be disclosed, withholding this information cannot have any benefit to the public and can only lead us to a situation were these inexcusable flaws will be forgotten.
I stole this Sig
This needs to be a very much past due wake up call for people (read taxpayers) in Maryland. We've had our collective pockets picked time and time and time again by totally inept state procurement processes when it comes to information systems. I started to cite examples in this reply and realized that it would soon become article-length. But I am thinking of school systems and our motor vechicle administration among others. Our records weren't even protected from August's virus onslaught.
/. (especially the comments) into a letter to the editor of the Baltimore "Sun." There are good technology companies here, and there are good people working in them. Perhaps if a few more of us did the same, it might attract the bloodhound interests of whoever's in charge at the Sunpapers these days.
It's time to make the fraud potential of these voting systems known to the general taxpaying public--in Maryland as well as in other places. We just have the misfortune to have feather merchants in charge of most IT here where we need smart, tough-minded computer people who know how to ask the right questions and to make themselves heard by the pols.
I have no clue what I can do as an individual, but I'm going to start by assembling what I've read here on
Also, and on another topic: JUST BECAUSE ADOBE DECIDES TO USE ATROCIOUS GRAMMAR IN ONE OF THEIR ADS DOESN'T MEAN YOU SHOULD. PLEASE GO LOOK UP THE DEFINITION OF "TO BEG THE QUESTION." (sorry).
Anne
DUCT TAPE: The Election Supervisors' Secret Weapon
I was under the impression that one could practically sue for almost anything in the US. Would it not be possible for someone to start a class action suit against the state election commission for willfully damaging the saftey of the democratic process in that state (MD)?
Folks,
... or other such poppycock [AKA: BS] rhetoric.
... whatever they are called) and need one great leader that will help murder the opposition literally.
_____If public faith is lost, then the system (democracy) fails. System security must always support the public faith in democracy by assuring legitimate, veracious, and verifiable results. It is better that the nation and citizens die or fade into history, then allowing democracy to fail.
_____A democracy is a nation where the citizens feel individually responsible for deciding their destiny. Corporate, religious, and plutocratic institutions are disenfranchised in a democracy, because of the human psychology/society premise of "Power corrupts, Absolute power corrupts absolutely."
_____This is part of the reason for the separation of powers in our USA Constitution, but though implied we have never been able to completely protect the election process and/or eliminate corruption of elected officials that vote/act in the interest of the corporate, religious, and plutocratic interest while verbally patronizing US citizens with "FRIENDS, ROMANS, COUNTRYMEN", "IN THE NATIONAL INTEREST",
_____Rhetoric is frequently the only skill most preachers and politicians have, and without honor and ethics they are puppets of any megalomaniac in power. Plutocratic factions promoting their interest know that they always have allies (religious terrorist (Christian Moslem and Jew), Nazis,
_____The nonsense rhetoric of some politicians and preachers is at this level. Just pay attention to Jerry Falwell, his colleagues, and followers [http://www.funnystrange.com/quiz/], and their close politician friends), and never forget the "Honorable for some" Louis Farrakhan. Fortunately the claptrap rhetoric has not been able to subdue the commonsense of US citizens and our birthright for skepticism of authority's self-interest and delusions of grandeur.
_____We can still vote for better citizens to take any politicians place in Washington DC, state capitals, and locally. Politicians are all (for now) replaceable. This is the way to put a politicians head up their own self-important ass and let them know their shit truly stinks. For preachers, let GOD judge them. For the Corporate and plutocratic institutions lets disenfranchise them from our democratic process and return to one person one vote by eliminating the purchased sound-bite rhetoric elections.
_____Do you feel more secure today then you did on 2001/09/11? Do you feel national interest, economy, and security are the priority of today's politicians? I agree with JFK "Ask not what your country can do for you, ask what you can do for your country." I would add, be responsible to the USA Constitution and Democracy, "ask every politician and preacher what have they done for the NATION?", If they wear $500 to $2,000 dollar suits, have a personal income of more than $250,000.00 annually, and ask for any citizen to sacrifice and donate money to GOD or a cause then they are frauds.
OldHawk777
Reality is a self-induced hallucination.
Unaccountable leaders are masters, and unrepresented people are slaves. How do US and EU fare?
I like computers and technology - I really do.
However, unless computers will do a job better than previous methods, they shouldn't be used.
Voting systems are what I would have to call mission-critical systems. They should have all the rigor, analysis, and verifiability that can be brought-to-bear towards making systems accurate and robust. They should be very formally designed and tested, and placed under the most rigorous configuration management and control.
Why these sytems aren't being built (or required) to undergo what would have even been considered best-practices in the 1970s or 1980s eludes me. I consider the lure of the technology, coupled with a general apathy towards the genuine intracacies and consequences of failure, to be a big part of the problem.
There should be damned strong requirements on how any system used in any governmental election are designed, proven, built, etc... I would actually want to start with proven security/OS kernels in any such designs. This machine does not even have to be based on a commercially available OS platform - it has to perform a specific type of task very reliably.
Sam Nitzberg
http://www.iamsam.com
"Is public faith in the system more important than overall system security?"
A high-school educated adult can actually ask this question in seriousness?
Man the rockets. It's time to abandon the planet.
--
As an aside, I am desperately trying to find any sources not employed or otherwise funded by a voting machine company - think respected professors, prominent scientists, engineers, heads of standards bodies or trade groups - who will go on record saying that it's OK to skip per-vote paper records.
I have been searching off and on; I can't find a single credible expert who will say electronic voting without paper records is a good idea. Not one. In fact, even slashdot trolls devil-advocating the issue are rare. All I have found so far, from Harvard, Princeton and M.I.T., to the ACM, to acquiantances with the appropriate background, is 100% uniform agreement that per-vote paper records are absolutely necessary for the system to be trusted.
Do they even have a single person to trot out, to give them even a thin film of legitimacy? Or is actually true that every relevant expert is uniformly condemning these paperless systems? Are states across the nation actually adopting voting systems in opposition to every known academic standard?
You know, once upon a time, quite a long, long time ago now, in a very different age, people put their faith in things BECAUSE THEY WERE ACTUALLY SECURE.
Want to Know How to Cheat the GPL? Read On!
If the aim of the system is to provide a proper representative democracy, then it is critical that the system works and is secure. In this scenario, trust is secondary, since the untrusters will be in the minority, and not in a position to rock the boat too much - natural forces will balance out a level of distrust. Even if a paper audit trail is available, Joe Avg is not in a position to personally audit the results, so its all down to faith at the end of the day.
If the aim of the system is to install a fascist autocracy, then it is critical that public trust and perception comes first. The actual workings and security of the system (and indeed the results themselves) are largely irrellevant. Votes are conducted in a dictatorship scenario as a simple mechanism to make people think that they had their say, and therefore are being fairly represented.
Either way, there is going to be a small portion of the population who dont trust the result, and blame it on some conspiracy. Fact is, come the next general election in the USA (2004 ?), we are just not in any position to know which version of reality we are living in.
In another 20 years time anyway, voting will be conducted via SMS, and people will be openly encouraged to post multiple votes - Elections will be a combination of public circus, TV entertainment and money spinner.
They will start with 100 presidential candidates, and each week voters will have to tune in to TV to listen to their addresses, and then vote via SMS to evict a bunch of candidates who failed to perform in the speeches, singing and bathing costume sections of the election.
And tune in next week viewers, as our surviving presidential candidates have to negotiate the crocodile infested obstacle course in their speedos whilst singing 'I Did It My Way'. The real government of the day can then go about their business unmolested, whilst Mr Popular stands out before the TV cameras as the public face of the party.
Is there any way to independently validate the system, in a way that prevents tampering on election day? Please don't forget that Diebold's CEO is the one whose been shmoozing with the Republican aristocracy at $1000 / plate dinners and promised that his company was "committed to helping Ohio deliver its electoral votes to the president next year".