Slashdot Mirror

← Back to Stories (view on slashdot.org)

E-Voting Expert Testifies

Posted by CowboyNeal on from the better-service-through-dissention dept.

Christopher Soghoian writes "Johns Hopkins University professor Dr. Avi Rubin (of previous e-voting fame) yesterday testified before the Maryland House Ways and Means Committee. An article in the Baltimore Sun describes his testimony, as well as that of the director of the state elections board, Linda Lamone. Mrs. Lamone was highly critical of Dr Rubin's testimony, stating that he was doing 'a great disservice to democracy. They're telling the public: Don't trust them, don't trust the voting equipment.' This begs the question: Is it better for security researchers to avoid publicly criticizing e-voting flaws? Is public faith in the system more important than overall system security?"

13 of 309 comments (clear)

  1. Well... by Pig+Hogger · · Score: 4, Insightful

    If Lamone is attacking the messenger, rather than the message, she is surely guilty of some flaw...

    1. Re:Well... by t0ny · · Score: 4, Insightful
      Mrs. Lamone was highly critical of Dr Rubin's testimony, stating that he was doing 'a great disservice to democracy. They're telling the public: Don't trust them, don't trust the voting equipment.

      I think Washington really *does* want voting equipment that can be tampered with.

      It seems that their opinion is that democrocy is too important to leave up to the people...

      --

      Manipulate the moderator system! Mod someone as "overrated" today.

  2. E-Testifying company alters results by Anonymous Coward · · Score: 5, Funny

    The E-Testifying company which handled his testimony, also owned by an E-Voting company, has changed what he said! The testimony now reads "E-Voting is great. We should all move to E-Voting now. I for one welcome our new E-Voting overlords."

  3. How do you implement trust? by Pig+Hogger · · Score: 5, Insightful
    How can you implement trust in a given system?

    Doubters have to be able to scrutinize the way the system works. So, in order to be trusted by as many people as possible, the system should be understandable by as many people as possible.

    As soon as you have any kind of black box whose functionning cannot either be seen, or plainly understood by people, there is room for doubt.

    This is why a hand-counted, paper-based ballot system is the most trustable one possible: it doesn't take a computer scientist to understand how it works and how it could be rigged.

    1. Re:How do you implement trust? by richg74 · · Score: 5, Insightful
      This is something I have been arguing since the whole kerfuffle over E-voting began. Any normally intelligent persons can understand the security / threat model for paper ballots and a ballot box. I would be willing to bet that only a tiny minority of election officials -- even those responsible for selecting the machines -- actually understand the model for the electronic device.

      Mrs. Lamone's response is unspeakably condescending, but I think it also unconsciously reveals this: 'please, don't make people ask all these awkward questions about the system -- because I don't know how to answer them.'

    2. Re:How do you implement trust? by HeyLaughingBoy · · Score: 4, Insightful
      How does an ATM add and subtract money from my checking account?

      The answer may seem easy, but do I really know the answer?

      The fundamental difference between this and a voting system is that if the ATM makes a mistake with my checking account, I will know about it when I balance my statement at the end of the month. If the voting machine decides to change my vote to the candidate I happen to hate the most, I won't have a clue. This is why people have been calling for paper output. Give me a summary of what candidates I selected that I can examine before I press the [submit] key. Then I deposit that into a lockbox as I leave so if there is any question about the vote, it is still possible to go back and do a manual count.
  4. Misuse of "begs the question" by s20451 · · Score: 4, Insightful

    Most people, like the poster, incorrectly assume that "begs the question" is the same as "answers the question". This describes the proper use of the phrase.

    --
    Toronto-area transit rider? Rate your ride.
  5. Its important alright by Timesprout · · Score: 4, Insightful

    Public faith in the integrity of the electoral system is vital if democracy is to be successful. If one of the vital components of the electoral system is flawed then the public can have no faith and the system cannot work.

    --
    Do not try to read the dupe, thats impossible. Instead, only try to realize the truth
    What truth?
    There is no dupe
  6. Uhhhh... by jeffkjo1 · · Score: 4, Insightful

    Is it better for security researchers to avoid publicly criticizing e-voting flaws? Is public faith in the system more important than overall system security?"

    Is this a trick question? Is Slashdot being controlled by e-voting Nazi's who hope to find out those that are skeptical so they can come to their houses and force feed them e-voting propaganda?
    Oh well, the answer is NO!!! Security through obscurity DOES NOT WORK!!!

  7. Just apply common testing procedures by blair1q · · Score: 4, Insightful

    There's no reason not to perform an ordinary round of safety and reliability testing on this system. It's obvious they did nothing other than casual alpha and beta testing, with no code inspection, no robustness, no structural coverage, and no documentation of faults.

    They don't even follow the laws when taking machines out of service to be repaired at the polls.

    It's not worth discussing the merits of the current machines. They have none.

  8. Re:General Question about e-voting by JayBlalock · · Score: 4, Insightful
    It's not e-voting itself we're against (generally), it's the incredibly flawed implementation which Diebold and its ilk are pushing. I don't know about everyone else, but give me an e-voting system with transparent code and which produces a paper verification \ backup ballot when you vote, and I'll have no problem with e-voting.

    However, having a black box which can do anything with your vote it likes, provides no verification of vote cast, and is completely open to manipulation - THAT I have a problem with.

    --
    Bush: He's Liberal in all the wrong ways.
  9. Linda is nuts. by twitter · · Score: 5, Insightful
    The director of the state elections board, Linda Lamone lost my trust when she refused outside help with her voting machines:

    "I don't think Diebold would allow it," she said. "It's their proprietary code."

    Bam, there it is, she's put some kind of faith in IP above her elected duty to safegaurd elections. It's peposterous that elections officials don't have access to the actual method of vote counting and everything else the machines do. With transparancy you don't need faith in a system, you can have reasonable trust that what you saw and know will work.

    Dibold has made themselves a proxy for voting. If you removed the electronic components the flaw becomes apparent. Imagine Dibold hired people to sit in a booth and write down your vote where you could not see what they wrote! After that, the representatives would take the votes in closed bags to a place where they would count them and give the results to the elections commisioners. The electronic system has even larger flaws because it's easier to comprimise thousands of computers than it is to comprimise thousands of people, but no one would trust the low tech analog. Defending faith is such a system over the actual integrity of the system is nuts.

    You can have an electronic system with a publically inspected paper trail. If the system is not free or open it can't be trusted because you don't know how it works. It's that simple.

    --

    Friends don't help friends install M$ junk.

  10. Sue the state? by theolein · · Score: 4, Interesting

    I was under the impression that one could practically sue for almost anything in the US. Would it not be possible for someone to start a class action suit against the state election commission for willfully damaging the saftey of the democratic process in that state (MD)?