Can Static Electricity Generate Votes?

artgeeq writes "A recent local election in Washington, DC resulted in 1500 extra votes for a candidate. The board of elections is now claiming that static electricity caused the malfunction. Is this even remotely possible? If so, couldn't an election be invalidated pretty easily?"

Solution?

[iminplaya]

Paper ballots?

Re:Valid election?

[j0nb0y]

I personally have no problem with black box voting machines, provided that they print out a human readable ballot, and the printed ballot is the only official ballot for the purpose of vote counting.

Open source was always a distraction from the real issue. I like open source, but we shouldn't use this issue to try to push open source. It just doesn't make sense. Open source doesn't guarantee security. If the computer is responsible for maintaining the vote total, there will be the possibility of mischief, whether the software is open source or not.

Bullshit.

[fuzzyfuzzyfungus]

I don't buy it. Static can definitely frag electronic devices that aren't properly protected; but having static damage and/or random bit flipping cause 1500 extra votes to appear in an otherwise valid filesystem is the computer equivalent of a human getting cancer and, instead of a lethal tumor, growing an extra, fully functional eye.

At best, the system is seriously, seriously flawed. If there is even basic checksumming in place(never mind signing) it would be functionally impossible for static damage to imitate valid data. At bad, there is some other error entirely, and it has been decided that an idiot emitting bullshit is cheaper and easier than actually investigating the problem. At worst, which is upsettingly plausible, the system is suffering from outright fraud, and those involved don't even feel the need to lie convincingly.

Re:Valid election?

[fuzzyfuzzyfungus]

I agree that open source is a distraction from the real issue(though it is, I would argue, a likely part of the solution to the real issue, so it comes up for a reason); but I think that the real issue is slightly different. For the purpose of discussion, I propose a measure, call it the "Nixon Number". A system's Nixon Number is the smallest plausible number of people who would have to conspire in order to subvert that system successfully. The real problem with electronic voting is not closed vs. open per se, it is the fact that, thus far, we keep building systems with pitifully low Nixon Numbers in order to do the job, when what we need is the exact opposite. A system's Nixon Number depends on hardware, software, procedures, and institutional safeguards.

Open Source licencing is not necessary to build a system with high Nixon Number, nor is it assured that an OSS system will have one. However, I would argue that(barring substantial advances in static analysis of binaries, or the like) publicly auditable code, along with a publicly available trusted compiler, publicly disclosed hashes of all binaries, etc, etc. is in practice necessary to achieve a Nixon Number high enough to be considered for critical uses like voting. The code doesn't have to be under a licence allowing free reuse, or reuse at all; but it must be available for inspection by anybody, for any reason, without limitation or expense.

That alone is by no means good enough, the other main issue is hardware security. Unfortunately, techniques for assuring that hardware is doing what it ought to be are as yet immature(see this from EETimes). In practice, voting and similar critical systems should probably be conducted on minimal complexity systems, so that the necessary chips can be manufactured with oversight, in secure fabs, and optically or otherwise verified.

Even, that, though, isn't enough. Beyond hardware and software security and transparency, a high Nixon Number requires that the technology be surrounded by a robust institutional structure. We have, thus far, failed here as well. The election commissions have, on the whole, done an awful job of enforcing oversight of voting system vendors, and have rubber stamped known broken systems.



Ultimately, I think the difficulties of electronic voting have two parts. The first is that it isn't an easy problem. The second is that we don't take it nearly seriously enough. If elections are not free and fair, democracy has fallen. Period. Full Stop. No ifs, ands, or buts. E voting is not something to be done on the cheap. It is not something we can trust vendors to do. We are treating E voting like a minor IT procurement project, when we should be treating it as Democracy's Manhattan Project.