Slashdot Mirror

← Back to Stories (view on slashdot.org)

E-Voting Expert Testifies

Posted by CowboyNeal on from the better-service-through-dissention dept.

Christopher Soghoian writes "Johns Hopkins University professor Dr. Avi Rubin (of previous e-voting fame) yesterday testified before the Maryland House Ways and Means Committee. An article in the Baltimore Sun describes his testimony, as well as that of the director of the state elections board, Linda Lamone. Mrs. Lamone was highly critical of Dr Rubin's testimony, stating that he was doing 'a great disservice to democracy. They're telling the public: Don't trust them, don't trust the voting equipment.' This begs the question: Is it better for security researchers to avoid publicly criticizing e-voting flaws? Is public faith in the system more important than overall system security?"

23 of 309 comments (clear)

  1. Well... by Pig+Hogger · · Score: 4, Insightful

    If Lamone is attacking the messenger, rather than the message, she is surely guilty of some flaw...

    1. Re:Well... by scrytch · · Score: 3, Interesting

      Election commissioners are usually appointed, not elected (funny when you think about it), so I suspect that's going to be one of the last things Lamone says. Rubin's message was well-received, and at least one politician (a republican at that) publically expressed disappointment at the non-response of the election commission.

      Summary: Short Diebold, they're going to lose a lot of contracts.

      --
      I've finally had it: until slashdot gets article moderation, I am not coming back.
    2. Re:Well... by t0ny · · Score: 4, Insightful
      Mrs. Lamone was highly critical of Dr Rubin's testimony, stating that he was doing 'a great disservice to democracy. They're telling the public: Don't trust them, don't trust the voting equipment.

      I think Washington really *does* want voting equipment that can be tampered with.

      It seems that their opinion is that democrocy is too important to leave up to the people...

      --

      Manipulate the moderator system! Mod someone as "overrated" today.

  2. E-Testifying company alters results by Anonymous Coward · · Score: 5, Funny

    The E-Testifying company which handled his testimony, also owned by an E-Voting company, has changed what he said! The testimony now reads "E-Voting is great. We should all move to E-Voting now. I for one welcome our new E-Voting overlords."

  3. How do you implement trust? by Pig+Hogger · · Score: 5, Insightful
    How can you implement trust in a given system?

    Doubters have to be able to scrutinize the way the system works. So, in order to be trusted by as many people as possible, the system should be understandable by as many people as possible.

    As soon as you have any kind of black box whose functionning cannot either be seen, or plainly understood by people, there is room for doubt.

    This is why a hand-counted, paper-based ballot system is the most trustable one possible: it doesn't take a computer scientist to understand how it works and how it could be rigged.

    1. Re:How do you implement trust? by richg74 · · Score: 5, Insightful
      This is something I have been arguing since the whole kerfuffle over E-voting began. Any normally intelligent persons can understand the security / threat model for paper ballots and a ballot box. I would be willing to bet that only a tiny minority of election officials -- even those responsible for selecting the machines -- actually understand the model for the electronic device.

      Mrs. Lamone's response is unspeakably condescending, but I think it also unconsciously reveals this: 'please, don't make people ask all these awkward questions about the system -- because I don't know how to answer them.'

    2. Re:How do you implement trust? by Prince+Vegeta+SSJ4 · · Score: 3, Insightful
      As soon as you have any kind of black box whose functionning cannot either be seen, or plainly understood by people, there is room for doubt.

      Yes and No. A high level of understanding by a great number of people could help, but don't forget that many (if not all of us) trust many things to 'black boxes' everyday.

      How does an ATM add and subtract money from my checking account?

      The answer may seem easy, but do I really know the answer?

      Do I know the programming involved in the electronic data transfer? The Software? The Hardware? How electrons are transferred via copper wire?

      another example would be a calculator

      Most people don't know much about most of this, but if the proper result can be proven with a reasonable degree of success, then people will trust the black box

      If you do not learn to trust, you will lose

      Raiden

      That being said, I still don't trust in much of anything anymore

    3. Re:How do you implement trust? by B'Trey · · Score: 3, Insightful

      What you're talking about isn't trust. It's faith. And I don't have faith in our system or those who implement it.

      --

      "The legitimate powers of government extend only to such acts as are injurious to others." Thomas Jefferson.

    4. Re:How do you implement trust? by JaredOfEuropa · · Score: 3, Insightful
      One does not trust the system, but rather those who implement it. Regardless of the system in use.
      Not regardless of the system in use. As the Dutch saying goes "Trust is good, but control is better". (Control meaning the act of checking and supervising, rather than the act of actively steering). Ask yourself why you trust the people implementing the system. Simple, because you know they are being watched by others. In case of a paper ballot system, it's easy to see that they are being watched by others, ie. by people from the party you happened to vote for. And because the system is so simple, it's also easy to see that it will be very difficult to rig the elections without the watchers knowing it.

      With an electronic system, you have two issues when it comes to trusting the implementers:
      1) Are the implementers being watched at all times? Who can say... remember that you'd have to inspect the code for the machines and also make sure that that exact code is loaded into the voting machines, and not some different version. With such a complex system, even I wouldn't be so sure that all steps in the process, manual or automatic, are under scrutiny of impartial observers (or observers from all parties).... and I'm a techie. Besides, recent news about Diebold does not instill much confidence in the process, now does it?
      2) Even if you somehow ensure that all steps of the software programming, software and machine distribution, machine operation, and the collection of the tallies are all supervised by impartial observers... how can you be sure that they are doing a good job? With such a complex system, it'd be easy for some mistake or intentional hack to pass undetected.
      --
      If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
    5. Re:How do you implement trust? by HeyLaughingBoy · · Score: 4, Insightful
      How does an ATM add and subtract money from my checking account?

      The answer may seem easy, but do I really know the answer?

      The fundamental difference between this and a voting system is that if the ATM makes a mistake with my checking account, I will know about it when I balance my statement at the end of the month. If the voting machine decides to change my vote to the candidate I happen to hate the most, I won't have a clue. This is why people have been calling for paper output. Give me a summary of what candidates I selected that I can examine before I press the [submit] key. Then I deposit that into a lockbox as I leave so if there is any question about the vote, it is still possible to go back and do a manual count.
  4. Misuse of "begs the question" by s20451 · · Score: 4, Insightful

    Most people, like the poster, incorrectly assume that "begs the question" is the same as "answers the question". This describes the proper use of the phrase.

    --
    Toronto-area transit rider? Rate your ride.
  5. Its important alright by Timesprout · · Score: 4, Insightful

    Public faith in the integrity of the electoral system is vital if democracy is to be successful. If one of the vital components of the electoral system is flawed then the public can have no faith and the system cannot work.

    --
    Do not try to read the dupe, thats impossible. Instead, only try to realize the truth
    What truth?
    There is no dupe
  6. Uhhhh... by jeffkjo1 · · Score: 4, Insightful

    Is it better for security researchers to avoid publicly criticizing e-voting flaws? Is public faith in the system more important than overall system security?"

    Is this a trick question? Is Slashdot being controlled by e-voting Nazi's who hope to find out those that are skeptical so they can come to their houses and force feed them e-voting propaganda?
    Oh well, the answer is NO!!! Security through obscurity DOES NOT WORK!!!

  7. Ignore that man behind the curtain. by Ungrounded+Lightning · · Score: 3, Insightful

    Mrs. Lamone was highly critical of Dr Rubin's testimony, stating that he was doing 'a great disservice to democracy. They're telling the public: Don't trust them, don't trust the voting equipment.'

    "Ignore that man behind the curtain."

    (Or should that be "Ignore the guys sneaking up behind you with the net."?)

    Yes, they're telling the public to distrust the voting machines. And in the short run that may destabilize the nation - slightly.

    But distrust of something untrustworthy is appropriate - especially when letting it be corrupted can literally lead to tyrrany and war, while FIXING it so that it is verifiably trustworthy is trivial.

    Of course that means the decisions of Mrs. Lamone's department (no doubt those of Mrs. Lamone) might be criticised, and her state be required to spend more money to upgrade or replace the devices they selected. Bad for her carreer path, eh?

    --
    Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
  8. Not a fair question by salesgeek · · Score: 3, Insightful

    This begs the question: Is it better for security researchers to avoid publicly criticizing e-voting flaws?

    The answer is pretty straightforward: NO. Security researchers and other whistle blowers serve a valuable role in public. This isn't even an interesting question. A more suitable qustion for discussion is:

    * Why is the incumbent party in power supporting untrustworthy voting machines?

    * Why would someone oppose a simple request for accountability being built in to our democratic process?

    * How is it so difficult to see there is an opportunity to create the worlds possibly first trustworthy election system? All we need is a paper backup...

    --
    -- $G
  9. Just apply common testing procedures by blair1q · · Score: 4, Insightful

    There's no reason not to perform an ordinary round of safety and reliability testing on this system. It's obvious they did nothing other than casual alpha and beta testing, with no code inspection, no robustness, no structural coverage, and no documentation of faults.

    They don't even follow the laws when taking machines out of service to be repaired at the polls.

    It's not worth discussing the merits of the current machines. They have none.

  10. Re:General Question about e-voting by JayBlalock · · Score: 4, Insightful
    It's not e-voting itself we're against (generally), it's the incredibly flawed implementation which Diebold and its ilk are pushing. I don't know about everyone else, but give me an e-voting system with transparent code and which produces a paper verification \ backup ballot when you vote, and I'll have no problem with e-voting.

    However, having a black box which can do anything with your vote it likes, provides no verification of vote cast, and is completely open to manipulation - THAT I have a problem with.

    --
    Bush: He's Liberal in all the wrong ways.
  11. Answer is simple... by GooberToo · · Score: 3, Insightful

    This begs the question: Is it better for security researchers to avoid publicly criticizing e-voting flaws? Is public faith in the system more important than overall system security?"

    Of course not. If they fix security, faith will follow. It really is that simple. This is like leaving your front door wide open while you go on holiday and then being upset when people worry that their house will be robbed while they are gone. Secure the door well and people will feel better. It really is that simple.

    In a nut shell, it's Linda Lamone that's doing a great disservice to democracy, technology, and the people that elected and/or hired her to do what's best for the people in her distirct(s). I can't think of anything more un-American that ensuring democracy is easily manipulated and faith in the results is shaken. She needs to be beaten with a stick and replaced. She is either incompetent or actively wants a mechanism to minipulate election results.

  12. Linda is nuts. by twitter · · Score: 5, Insightful
    The director of the state elections board, Linda Lamone lost my trust when she refused outside help with her voting machines:

    "I don't think Diebold would allow it," she said. "It's their proprietary code."

    Bam, there it is, she's put some kind of faith in IP above her elected duty to safegaurd elections. It's peposterous that elections officials don't have access to the actual method of vote counting and everything else the machines do. With transparancy you don't need faith in a system, you can have reasonable trust that what you saw and know will work.

    Dibold has made themselves a proxy for voting. If you removed the electronic components the flaw becomes apparent. Imagine Dibold hired people to sit in a booth and write down your vote where you could not see what they wrote! After that, the representatives would take the votes in closed bags to a place where they would count them and give the results to the elections commisioners. The electronic system has even larger flaws because it's easier to comprimise thousands of computers than it is to comprimise thousands of people, but no one would trust the low tech analog. Defending faith is such a system over the actual integrity of the system is nuts.

    You can have an electronic system with a publically inspected paper trail. If the system is not free or open it can't be trusted because you don't know how it works. It's that simple.

    --

    Friends don't help friends install M$ junk.

  13. what a question! by samantha · · Score: 3, Insightful

    "Is public faith in the system more important than system security?" Why on earth would any rational person ask such a thing? In a democracy the accuracy and integrity of elections are paramount. All the "faith" in the world counts for zip if the elections are rigged or so incompetently run that the results cannot be trusted. Should the truth about possibly dangerously skewed election results be suppressed in a free country? Again, this is a stupid question. Freedom is about NOT suppressing the truth, especially when it comes to the direct exercise of that freedom.

  14. This is a question? by quantaman · · Score: 3, Insightful

    Is it better for security researchers to avoid publicly criticizing e-voting flaws? Is public faith in the system more important than overall system security?"

    Ummm. No. An educated public is one of the foundations of democracy, withholding information about vital flaws to the election system for the mere purpose of public faith is precisely contrary to this goal! Of course this should be disclosed, withholding this information cannot have any benefit to the public and can only lead us to a situation were these inexcusable flaws will be forgotten.

    --
    I stole this Sig
  15. Sue the state? by theolein · · Score: 4, Interesting

    I was under the impression that one could practically sue for almost anything in the US. Would it not be possible for someone to start a class action suit against the state election commission for willfully damaging the saftey of the democratic process in that state (MD)?

  16. Trusted Systems ????? by Sam+Nitzberg · · Score: 3, Interesting

    I like computers and technology - I really do.

    However, unless computers will do a job better than previous methods, they shouldn't be used.

    Voting systems are what I would have to call mission-critical systems. They should have all the rigor, analysis, and verifiability that can be brought-to-bear towards making systems accurate and robust. They should be very formally designed and tested, and placed under the most rigorous configuration management and control.

    Why these sytems aren't being built (or required) to undergo what would have even been considered best-practices in the 1970s or 1980s eludes me. I consider the lure of the technology, coupled with a general apathy towards the genuine intracacies and consequences of failure, to be a big part of the problem.

    There should be damned strong requirements on how any system used in any governmental election are designed, proven, built, etc... I would actually want to start with proven security/OS kernels in any such designs. This machine does not even have to be based on a commercially available OS platform - it has to perform a specific type of task very reliably.

    Sam Nitzberg
    http://www.iamsam.com