Hackers, Public Differ Greatly On E-voting

cweditor writes "Sorry to be touting one of my own Computerworld stories, but I only covered it because I found it so interesting. The Ponemon Institute surveyed 2,933 members of the general public and then 100 DEFCON and Black Hat attendees to get their views on electronic voting. 'The degree of difference was startling,' said director Larry Ponemon. It was the biggest split between 'experts and the public he'd ever found. For example, 83% of the experts said e-voting is less or much less secure against election tampering than paper ballots, compared with just 19% of the general public."

Imagine that.

[2names]

The experts know more than the general public. Will wonders never cease?

Re:Imagine that.

[lazyl]

Yeah, but how much do these 'experts' know about how secure paper ballots really are? They should also interview a third group: those who are experts in the paper system.

Re:Imagine that.

[aardvarkjoe]

What makes it even less informative is that these "experts" are not experts in the field that's being discussed. The numbers would at least be interesting if they had actually used experts knowledgable about voting security.

Re:Imagine that.

[Phisbut]

Maybe people don't hack into the old unpatched NT box because there would be no valuable reason to do so. Or maybe it does get hacked but when the hacker sees there's nothing of interest, he leaves and hunts for another target.

But election tampering, *now* you've got something valuable. Being able to bypass democracy and nominate (in opposition to elect) the guy who has the power to say "Let's bomb Iraq some more", now you've got a good reason to worry about security.

I have a little server at home that basically only runs to gather high-scores from a little amateur online game I made. There's no reason for me to patch it ad-nauseum since I don't really care if the machine crashes or gets hacked or anything. Just as a hacker would care about somebody's high score when he sees my server.

Being paranoid is trying to secure something nobody would want to tamper with. Making sure nobody can hack into the e-voting system that will elect the next president is *not* being paranoid, it's plain ol' common sense.

Re:Imagine that.

[Teancom]

Did you actually read the article? All the way to the end, that is? The only thing that actually went wonky was the machine that projects the totals up on the wall. And it was smart enough to know that it hadn't been reset, so it delibaretly put up huge numbers to attract attention to the fact. As the article said, at no time was the actual voting machine off in any way. In short, there are plenty of reasons to dislike or distrust electronic voting, but this is a particulary bad example to use as one of them.

Re:Imagine that.

[Phisbut]

Sometimes, the old fashioned way is the best way. We had a federal election a couple of months ago in Canada, and it was all paper & pens.

People could come from 9AM to 9PM to take the piece of paper, go behind the curtain over there, mark the paper with the pen (make an X in a cirle next to the one you want to vote for... not all that complicated), and put the little piece of paper in the sealed box.

At the end of the day, human beings opened the sealed boxes, with several witnesses (at least one representative of each party, plus other government officials), and hand-counted each ballot. Take one paper, show it to everybody, add 1 to the score of the guy on that ballot, put the ballot in a pile. Repeat the process about 500 times per box, for each of the thousands and thousands of boxes around the country. The whole process of counting takes about an hour, and there's very very few occurences of a party requiring a recount, because everything has been done in front of at least 10 witnesses.

Where's the need for all that electronic voting stuff? Maybe it goes faster, and maybe the paper-way requires the hiring of more people (thus costing more in salaries), but consider the cost of buying the electronic stuff, then the cost of all the judicial stuff that happens because votes are missing or something got hacked or so.

Go back to plain ol' paper & pens, and let democracy reign.

Re:Imagine that.

[abb3w]

since they only interviewed 100 experts to the 2,933 everyjoes,

Error bars on statistical samples IIR are (N^0.5); thus, percentages have error bars of (N^-0.5). Thus, the 83% expert opinion on 100 experts is +/- 10%; the 19% opinion on 2933 everyjoes has an error of about 1.8%. So, even worst case, the experts are more than three times as likely to distrust the computer voting.

"Anyone who cannot cope with mathematics is not fully human. At best he is a tolerable subhuman who has learned to wear shoes, bathe and not make messes in the house." --Heinlein

Re:Imagine that.

The key is that as long as physical security is maintained, the paper ballots can always be recounted, manually if needed, and the process can be manually validated by observers.

Thus any weaknesses with paper ballots is entirely a process issue (how physical security is maintained, and how one counts the votes and the requirements to request a recount), while with electronic voting there are significant technical issues to come across.

The only safe electronic voting system is one where the system prints out a paper ballot, asks the voter to confirm that the paper ballot matches their selections, and where the paper ballots are collected as usual. Further, the electronic vote and the paper ballot should both be tagged by an id. If that is done, then random validations (in the form of manual recounts of a small percentage of paper ballots and comparison with their electronic equivalents) could safeguard against fraud.

Note that it's vital that voters aren't allowed to take the paper ballot home, as that would make vote selling and forced voting trivially easy.

It's simply so extremely hard to make a tamper proof pure electronic voting system that maintains secrecy and prevent vote selling that it won't be worth it.

Re:Imagine that.

[xTown]

Amen to that. I've always been of the opinion that the requirement for speed of counting has been a detriment to the entire process. For something as important as voting...we can wait. And with paper and pen, there's almost no chance to misinterpret a vote.

Re:Imagine that.

[Doobian+Coedifier]

So the article says. But why on earth would they program it to make up numbers, instead of it saying "ERROR MACHINE WAS NOT RESET". Why would they program it to MAKE UP RESULTS if it knows it cannot display the correct ones? Not to me a conspiracy theorist, but this almost sounds like a coverup/excuse for bad programming...

Interesting.....

[boschmorden]

...but were those polled by e-voting machines? :)

Ya Think?

[darth_MALL]

What data or insider knowledge does Joe Public have about how this wouldn't be secure? I think they assume its simplified and therefore more secure.

I have said it before, and I will say it again

[YankeeInExile]

Electronic Voting is a solution in search of a problem.

Why this fetish for applying complicating technology to simple problems?

Re:I have said it before, and I will say it again

[hpa]

Or, if you're a conspiracy theorist, one can argue that the politicians, especially the incumbents, want to be able to tamper with ballet result.

Either that or they're just dancing around the issue...

Re:I have said it before, and I will say it again

[bigpat]

Or, if you're a conspiracy theorist, one can argue that the politicians, especially the incumbents, want to be able to tamper with ballet result.

Who needs a conspiracy, just one guy with an agenda and a connected system can tamper with elecotronic ballots, that is why there is all the fuss. At least with physical ballots you really do need a conspiracy to tamper with them successfully. And then there is usually more physical evidence of the tampering.

Computers are useful for the same reason they are dangerous for voting, computers substantially seperate the content from the physical medium, making deleting, copying, and modification much easier. Sure you can recontruct some deleted files on a hard disk, but try figuring out what the votes should have been if they are deleted, especially by someone with knowledge of the system.

Once these machines are around for a few years, then you can be assured that even that sweet little grandmother volunteering down at the polling place, whom you don't realize has been strong armed by the local party boss, will be plugging in her ipod to the back of one of these machines and revoting 70% of the votes the correct way using a simple program she downloaded off the web. Even she will not really feel too guilty just plugging in a wire into the back of a terminal... or maybe just about as guilty as a seventeen year old hacker

Some things are just meant to be physical.

The point is...

[Decameron81]

The point is that the general public doesn't know what happens behind the scene when they click on a button with their mouse. Maybe the reason those experts don't trust e-voting is because they know it takes only so much to be able to read and modify data going through the net.

Just my 2 cents.

That's why they call it the 31337...

[CharAznable]

It's disturbing when technical issues become central to a wider political issue that involves everybody, yet very few people have the background to understand it or have an informed opinion about it. Software patents is such an issue. This one is too, and much more important. It's quite easy to lie and mislead the general public with it, since few people have the knowledge to see through the bullshit.

I have a feeling...

[odano]

That e-voting isn't the only topic which hackers and the general public disagree.

no fair

[pizza_milkshake]

it's obvious that the blackhat people tampered with the results of the poll concerning the tamperability of polls

Well, duh...

[flying_monkies]

This would be the same "general public" that uses Gator to store their passwords and really believe that someone they know would suddenly send them a poorly formatted email message with an executable attachment of a naked Anna Kournakova? Where's the "in other news, the sky is blue and water is wet" post?

A Survey at DEFCON about HACKING???

[Lord+Grey]

The Ponemon Institute surveyed 2,933 members of the general public and then 100 DEFCON and Black Hat attendees to get their views on electronic voting.

DEFCON is hardly the right place to be conducting a survey about the "hackability" of an electronic voting system. 50% of this year's attendees could probably figure out how to hack the vote before their third Mountain Dew.

Re:A Survey at DEFCON about HACKING???

[upsidedown_duck]

50% of this year's attendees could probably figure out how to hack the vote before their third Mountain Dew.

This shows that there are clearly people out there who have the skills and, given the right circumstances, the will to be hired by a political campaign, incumbant, lobbyist organization, or criminal organization to aid their respective agendas. When big power plays and money are involved, hiring a computer cracker is probably just part of doing business.

Black Box Voting

[james_in_denver]

It is amazing how trusting (or maybe it's just ignorant) the population is as regards e-voting.

It seems as if they blindly trust our gov't to protect them from voting fraud. It's my opinion that the voting booth is really (short of violence) the ONLY tool that the population has to control their government.

To trust the gov't to keep the vote safe is kind of like putting the fox to work gaurding the henhouse.

The right to a secure, private, verifiable vote is the very foundation our country was built on. It's a shame that more people don't take it seriously.

Visit the Open Voting Consortium" for more indepth thoughts and ideas on this topic.

Yeah, well, we're smarter...

[thatguywhoiam]

.. and we know the difference between a superficially rigged voting system that looks secure, and one that is a sham. I mean, these people should really get a clOMIGOD a GIRL

[runs away and hides]

The thing I don't get

[dg41]

Is why elections officials are so adamantly opposed to a paper trail? Sure, it creates extra expense in the short term, but it simplifies matters (by using electronic voting, hands down then the chad-bearing cards) and provides an auditable trail.

Technology as utopia

[sgarrity]

This seems to be an example of how technology has been sold to us ("the public" in this story) as an always-win net gain.

New is better than old. Expensive is better than cheap. Big is better than small.

This attitude is dangerous. Our collective faith is being misplaced in science and technology - both of which are important, but not perfect.

Re:Technology as utopia

[teamhasnoi]

You said it, man.

As a Space Marine currently deep in the bowels of U-A Corp on Mars, I can truly say faith is misplaced in science and technology.

Word.

Voting public's greatest fear is the truth

[dillon_rinker]

Look at the graph in the article. The biggest fear of the voting public is "Declines in voter turnout because of fear or distrust of e-voting systems."

In other words, their greatest fear is that people will realize that e-voting is a recipe for fraud and will stay home. Their greatest fear is that people respond rationally to what I think most of us believe is the truth. That just astounds me.

P2P voting

[revery]

To quote a popular saying, He who counts the votes, elects.
The only way to ensure the safety of ballots is to distribute the counting of ballots among a larger number of people.

The more centralized the ballot counting, the easier it is to corrupt, the more distributed it is, the more difficult it is to corrupt and the greater the likelihood of exposure.

And by distributed, I'm not talking about computers networks, I'm talking about people.

--

Was it the sheep climbing onto the altar, or the cattle lowing to be slain,
or the Son of God hanging dead and bloodied on a cross that told me this was a world condemned, but loved and bought with blood.

Accessible Voting

[Bondolo]

My wife has been terribly excited by electronic voting because it promises to be accessible. She takes great offense that because she is blind she has to get assistance to vote under the current system.

It's taken a while, but I've finally convinced her that being able to "vote" is pointless if the "vote" is not counted or they system itself is fundamentally flawed.

It's interesting that the local newspaper, the Berkeley Daily Planet took the position that being opposed to electronic voting was a scheme to disenfranchise the disabled. It took a while, but following many insightful letters, they finally admitted that electronic voting as currently proposed in Alameda had the more serious potential to disenfranchise everyone!

As technical professionals it's important we become informed as possible on the subject. That way when your dad or neighbour ask about electronic voting you can explain the dangers and current issues. The more the general public learns about electronic voting, the better off we all will be. (and these survey numbers will be more favourable)

Scientific Literacy

[mdemeny]

I read somewhere that only 5% of the general public has a basic understanding of the concepts behind major everyday items such as a television or a refrigerator. Unfortunately I can't find the source of that figure (but paraphrasing Homer Simpson - "87% of all figures are made up anyways")

However, this underscores an important weakness in our society. When a TV or fridge was simply a consumer item, it was less important to know how it works. Now that large parts of our economy (finance, software, inventory, logistics), society (arts and culture) and democracy itself is largely controlled by computers this knowledge gap become increasingly important. People looking to control these sectors can increasingly rely on the general populace to not understand the issues involved. Just look at the bills passed regarding the use of technology (DMCA, HAVA, etc.) and you'll see that basic weakness exploited.

What "Paper ballots" did John Q think was meant?

[Ungrounded+Lightning]

Yeah, but how much do these 'experts' know about how secure paper ballots really are? They should also interview a third group: those who are experts in the paper system.

I think a more telling question is: What "Paper Balots" did John Q Public think he was comparing to the e-voting systems?

And as usual we have a "game of telephone" going on here:

- We don't KNOW what the actual question on the survey was.
- The Computerworld article said "traditional paper ballot machines". (Maybe that was what was actually in the question. Let's assume it for the moment.)
- But when the Computerworld article's own author posted it to slashdot, he warped it to "Paper Ballots". And this thread is following his lead.

Now you and I know that paper ballots - the ones with the square boxes with hand-drawn Xes - are subject to some tampering, but it's hard to do it without leaving tracks, while a purely electronic systems is subject to all sorts of invisible breakdowns, from mechanical problems, software bugs, and malicious tampering.

But if you're talking "traditional paper ballot machines" you just completely dropped that system. Now you're talking about either punchcards, or optical mark sense systems.

What experience does John Q. have with either?

With punched cards, his sole reference point on reliability is the media storm over the presidential election in Florida. You know - the one where the democrats are STILL claiming the Republicans stole the election. Optical sense cards are subject to mis-scanning. Both can be hit by operational irregularities (such as not running one stack through while running another through twice.) Both are subject to cheating by replacement of physical ballots (as are all the other systems except e-voting without printed audit trail). Both are subject to exactly the same opportunities for accidental or malicious corruption of the vote counting hardware and software.

(And don't even get me STARTED on mechanical voting machines...)

So why SHOULD John Q. think that the e systems AREN'T better than the "traditional paper ballot MACHINES" - whose software has had more time for malicious bug injection and whose hardware and operational systems have been the subject of a recent major scandal?

IMHO John Q. may be right: All the objections except lack of an audit trail apply to the other paper ballot MACHINE systems, and they also have a better opportunity for misreading through mechanical failure or "user error" than the e systems. And since the audit trail is rarely checked, who's to say that the elections haven't been corrupted for decades.

IMHO the important thing about this flap is that it could lead to a less corruptable counting system than we've had since I became eligible to vote back in the '60s. The extra opportunity for unchecked vote corruption has lead to a move to eliminate the problem with the new machines by adding an audit trail, and to regular random surveilance of that audit trail. This, combined with the lower MECHANICAL error rate of the systems and the redundant counting mechanism will set a new, higher standard for the OLDER systems, and should lead to a much more accurate count.

Then, if we move on to eliminating the OTHER sources of election corruption (ineligible voters, multiple registrations, etc.), we might actually come up with fair and accurate elections within what remains of my lifetime. B-)

Re:Imagine this.

[Hatta]

• Electing federal, state, local, judicial, school board, etc. and voting on publicly proposed propositions and constitutional amendments. We have hundreds of races all on the same ballot.
  
• Having primary elections with different ballots for different parties, with different rules on who can vote in each race across each state.
  
• Permuting the order of candidates listed in a race to eliminate any first-listing bias.
  

...Automated ballot counting in the U.S. is a must. We don't want to wait till 2020 to learn who is on the school board and who is the 53rd district Judge.


Maybe we just need fewer government officials.