Forgot your password?
typodupeerror

Voting Isn't Easy, Even if Cheating Is 260

Posted by timothy
from the sobering-thought dept.
The Open Voting Foundation's disclsosure that only one switch need be flipped to allow the machine to boot from an unverified external flash drive instead of the built-in, verified EEPROM drew more than 600 comments; some of the most interesting ones are below, in today's Backslash story summary.
Expressing a common sentiment, reader cmd finds nothing innocent about the inclusion of such a switch:

Diebold also builds automated teller machines (ATM), the definitive model for reliability and accountability.

The AccuVote machines are what they are, not due to poor design or unintentional mistake. They are the result of a deliberate intent to enable fraud on a massive scale. Viewed from this perspective, the AccuVote design is very good. The real problem comes when Diebold realizes that it needs to become better at obfuscation and makes it harder to detect the fraud.

"Electronic voting machines with no paper trail are an insult to democracy," writes pieterh. "That they come with switches to bypass even the dubious 'safeguards' provided is hardly a surprise."

Paper trails, of course, are only as good as the people guarding the paper; readers familar with more recent allegations of vote manipulation may be interested in the 1946 confrontation in Athens, Tennessee (pointed out by reader William J. Poser) between WWII veterans and the election officials.

Reader Soong, though, provides a conspiracy-free explanation for the presence of such a switch:

The ability to boot from different sources is a normal debugging feature, not in itself sinister. Should they have cleaned that up on the production model? Yeah, sure. But verifiability is ultimately a human concern anyway, not a tech one.

It all comes down to who you trust.

If you don't trust the polling place, make the voting machine tamper proof. But then you have to trust the guy who built the voting machine. You have to trust the guy who loaded the software on it at the factory or the elections office. You have to trust the guy who wrote the code. Even if you inspected the code, you have to trust him to give you a binary based on that and not pull a fast one. You have to trust his compiler to give him a binary without compiled in back doors. I feel like I probably haven't listed all the points where this voting machine chain of trust can break down.

Several readers pointed out that voters might better trust the machines as well as the process of electronic voting if regulation were more rigorous; as reader Animats puts it, "slot machine standards are much tighter":
The Nevada Gaming Control Board has technical standards for slot machines. They've had enough fraud over the years that they know what has to be done. Some highlights:
  • ... must resist forced illegal entry and must retain evidence of any entry until properly cleared or until a new play is initiated. A gaming device must have a protective cover over the circuit boards that contain programs and circuitry used in the random selection process and control of the gaming device, including any electrically alterable program storage media. The cover must be designed to permit installation of a security locking mechanism by the manufacturer or end user of the gaming device.
  • ... must exhibit total immunity to human body electrostatic discharges on all player-exposed areas. ...
  • A gaming device may exhibit temporary disruption when subjected to electrostatic discharges of 20,000 to 27,000 volts DC ... but must exhibit a capacity to recover and complete an interrupted play without loss or corruption of any stored or displayed information and without component failure. ...
  • Gaming device power supply filtering must be sufficient to prevent disruption of the device by repeated switching on and off of the AC power. ... must be impervious to influences from outside the device, including, but not limited to, electro-magnetic interference, electro-static interference, and radio frequency interference.
  • All gaming devices which have control programs residing in one or more Conventional ROM Devices must employ a mechanism approved by the chairman to verify control programs and data. The mechanism used must detect at least 99.99 percent of all possible media failures. If these programs and data are to operate out of volatile RAM, the program that loads the RAM must reside on and operate from a Conventional ROM Device.
  • All gaming devices having control programs or data stored on memory devices other than Conventional ROM Devices must:
    1. Employ a mechanism approved by the chairman which verifies that all control program components, including data and graphic information, are authentic copies of the approved components. The chairman may require tests to verify that components used by Nevada licensees are approved components. The verification mechanism must have an error rate of less than 1 in 10 to the 38th power and must prevent the execution of any control program component if any component is determined to be invalid. Any program component of the verification or initialization mechanism must be stored on a Conventional ROM Device that must be capable of being authenticated using a method approved by the chairman.
    2. Employ a mechanism approved by the chairman which tests unused or unallocated areas of any alterable media for unintended programs or data and tests the structure of the storage media for integrity. The mechanism must prevent further play of the gaming device if unexpected data or structural inconsistencies are found.
    3. Provide a mechanism for keeping a record, in a form approved by the chairman, anytime a control program component is added, removed, or altered on any alterable media. The record must contain a minimum of the last 10 modifications to the media and each record must contain the date and time of the action, identification of the component affected, the reason for the modification and any pertinent validation information.
    4. Provide, as a minimum, a two-stage mechanism for validating all program components on demand via a communication port and protocol approved by the chairman. The first stage of this mechanism must verify all control components. The second stage must be capable of completely authenticating all program components, including graphics and data components in a maximum of 20 minutes. The mechanism for extracting the authentication information must be stored on a Conventional ROM Device that must be capable of being authenticated by a method approved by the chairman.

Those standards cover the possibility of an "alternate program" in a slot machine, and provide a way to check for it, with logs and an external program check capability.

The Gaming Control Board of Nevada was asked to take a look at Diebold, and Nevada rejected Diebold equipment as a result.

Voting machines need tough standards like that. They don't have them.

Even if e-voting machines had a spec list that would pass at the Gaming Commission, Midnight Thunder is puzzled that tamper-proofing techniques aren't more evident on the Diebold machines:

Given taxi meters and electricity meters both have tamper seals, you would have thought that these would have visible tamper seals as well. If in doubt you could even have two tamper seals: one from Diebold and another from the voting commission, in order to ensure that both parties are satisfied with the state of the machine.

Several readers are for canning electronic voting for U.S. elections completely. Reader Iamthefallen wants to know

Has anyone answered the question regarding need for automated vote counting in a satisfactory way?

Seems to me that manual counting of votes would be vastly more secure as it would take a huge conspiracy to affect the result either way.

Counting a hundred million votes is hard, counting a thousand votes in a hundred thousand locations is easy.

Similarly, slofstra writes

Sorry, I have never seen the point of these machines. Paper ballots are auditable, user friendly, and if electronics is put into the reporting system, can be counted in a few minutes and submitted. Voting machine are a perfect example of a technology fetish at work. It would make an interesting case study to examine the economic and sociological reasons why we sometimes buy technology that we don't need, don't want and further, serves no useful purpose.

(Augmenting electronic voting machines with a paper record is a frequently raised idea; reader megaditto, for one, asks "Is it that hard to put a thermal printer behind a glass shield?" A similar system is required in Nevada voting machines already.)

Paper ballots and electronic ones aren't the only options, though; lever-based voting machines have dominated recent American national elections. Mark Walling writes

My district switched to electronic- from lever-based. in 2004, at 7:15 when I voted on lever machines, there was no line, and just about as many signatures in the book. In 2005, the line was out the door and around the corner at the same time. The person in front of me took 5 minutes to use the electronic machine. People knew how to use the old machines, and they were reliable. These new things take the old people forever to use, and then they complain that they were hard to read ...

Reader WillAffleckUW suggests skipping in-person voting completely; absentee voting is a good idea, he argues, not only in light of the flaws (demonstrated or alleged) in electronic voting methods, but because

absentee voters get a paper ballot that is not only delivered by a trusted source (the U.S. Post Office) who have a verified date/time stamp — and that the ballots can be audited, traced, and verified — now that is a reason to register permanent absentee.

Not so fast, says reader JDAustin:

I suggest you take a look at the research into the recent Washington state elections done by SoundPolitics.com. They verified close to a 20% error rate in absentee balloting. The signature verification on absentee balloting is no verification at all due to non-verification being done by those who count the ballots. Additionally, the USPS is not a trusted source, they are just another government bureaucracy. The ballots themselves cannot necessarily be traced nor verified — and even when the signatures are completely different, they are still counted. Due to the nature of voter rolls, duplicate ballots are sent out all the time due to slight variation in a person's name, and the duplicate ballots counts are not caught until after the final tally has been done and the election finished. Finally, mischievous government officials can always delay sending the military their ballots so those serving overseas do not have time to get their vote in on time. This actually happened in 2004 in Washington state.

Permanent absentee is not the solution. Neither is electronic voting.

The true solution takes elements of the recent Mexican election to prevent fraud (voter ID cards, thumb inking, precinct-based monitoring and tallying) and combine them with the best paper-based voting machine.


Many thanks to the readers (especially those quoted above) whose comments informed this discussion.
This discussion has been archived. No new comments can be posted.

Voting Isn't Easy, Even if Cheating Is

Comments Filter:
  • by metoc (224422) on Tuesday August 01, 2006 @05:22PM (#15827765)
    In Canada we count our ballots manually and generally have results in under two hours after polls close. The USA has more polling stations (with 10 times the population) but not necessarily more people per station. In practice, a manual counting system could be implemented with only a modest increase in people. It could probably pay for itself in time and resources saved not installing/testing/servicing voting machines, and the inevitable audit trail (does anyone still count handing chads)?.
  • Re:Too many hoops... (Score:4, Informative)

    by LordKazan (558383) on Tuesday August 01, 2006 @05:23PM (#15827775) Homepage Journal
    my my aren't we a troll

    can you prove to me the 2004 election was fraud free? can you even support the statement that it was fraud free? Of course fucking not, even a cursory glance at Ohio will tell anyone who has a brain that we can never know if bush really was the honest winner of that state (not to mention several others) or not.

    Why did they make up a fake terrorist threat claim on the last county to count it's votes (which prevented all observers from seeing the count)? We know it wasn't a real threat, and we know counting votes in secret like that is one of the fundmantal signs of a flawed election.

    How about the ESS tech who, without authorization, accessed on of the voting machines used in voting between the voting and the "recount" (retabulating insecurable inauditable unreliable data tables doesn't constitute a recount).

    Insecure elections is NOT a partisan issue, just like jerrymandering ISN'T a partisan issue. The last two national election cycles the insecurities in the voting system have merely happen to have been taken advantage by the republicans - there Is no gaurantee that the democrats wouldn't do that same thing, and I have no illusions that they are immune to the temptation.

    Insecure balloting techniques, jerrymandering, etc should ALL be illegal. Jerrymandering is impossible in exactly ONE state in the nation: Iowa, where I happen to live. One state with only 5 house reps is the only state where you cannot jerrymander

    Unjerrymandered:
    Iowa http://www.legis.state.ia.us/GA/77GA/Congressional /Maps/Map.gif [state.ia.us]
    Hawaii http://upload.wikimedia.org/wikipedia/en/3/32/HI-d istricts-108.JPG [wikimedia.org]
    (probably) Idaho http://upload.wikimedia.org/wikipedia/en/b/b3/ID-d istricts-108.JPG [wikimedia.org]
    NH http://upload.wikimedia.org/wikipedia/en/2/2c/NH-d istricts-108.JPG [wikimedia.org]

    Jerrymandered:
    Texas http://z.about.com/d/uspolitics/1/0/w/texas_congre ssional_map.png [about.com]
    California http://www.senate.ca.gov/ftp/SEN/cngplan/CNGMAPS/C D_STATE8X11.JPG [ca.gov]
    Florida http://www.democracyinaction.com/dia/organizations /karin/images/congressionalmap.gif [democracyinaction.com]?
    Illinois http://upload.wikimedia.org/wikipedia/en/b/b8/IL-d istricts-108.JPG [wikimedia.org]

    see the difference? Jerrymandering leads to complex districts most of the time, unjerrymandered districts are as geographically simple as possible.

    rather obvious are they not? Jerrymandering is just another form of election fraud and both parties engage in it.
  • by fishbowl (7759) on Tuesday August 01, 2006 @05:56PM (#15827975)
    "When our government didn't send that Alaskan piece of crap republican straight to jail for threatening to quit if his state didn't get Katrina relief funds so he could build the famous bridge to nowhere..."

    Uh.. As much as I dislike Ted Stevens, he did not demand "Katrina relief funds", and the "bridge to nowhere" actually is the only thing connecting a tribal land to the 21st century (it being "nowhere" is a matter of opinion.)

  • Mod that FUNNY! (Score:4, Informative)

    by Ungrounded Lightning (62228) on Tuesday August 01, 2006 @06:10PM (#15828058) Journal
    Ken Thompson for President

    I'd bet he would get plenty of votes!


    ROTFL!

    For those who aren't aware, Ken Thompson admitted to actually writing and installing a back door [jargon.net] in the unix login program and the associated C compiler, as described in his 1983 Turing Award lecture.

    This worked by having the compiler recognize what it's compiling and:
      - If compiling login, insert the back door.
      - If compiling a later version of itself, insert the compiler patch.
    This has the advantage that, once you get it working, you can throw out the source code and it still propagates.
  • by jkauzlar (596349) on Tuesday August 01, 2006 @06:23PM (#15828148) Homepage

    (Disclaimer: I'm a long-time libertarian candidate. You've never heard of me, but then neither has anybody else.)

    First of all, regarding your statement, The Democrats in particular are quick to scream about voter fraud, voter disenfranchisement whenever an ID-less black person blah blah blah, the Democrats have long been the party to defend minority rights. If they weren't quick to scream about voter disenfranchisement they wouldn't be sticking to their platform. It's true that they have a personal interest for doing so, but you can't separate the fact into two separate agendas and treat the Democrats as though they're just scrounging for votes.

    Second of all, Rep John Conyers (D-MI) wrote What Went Wrong In Ohio, describing mountains of evidence for vote tampering and voter disenfranchisement within the Ohio election system by ES&S, Diebold, and Secretary of the State of Ohio Kenneth Blackwell (election supervisor, who will be supervising his own election for governor this year; he was also the chair of Ohio's re-election campaign for GWB). Thousands of complaints were filed by Ohioans (Ohioese?) for the difficulty they'd found in trying to vote.

    To say that both parties are guilty is a serious mistake. I really don't think there is a 'conspiracy' leading up to the Bush administration, but the Republicans, lets face it, have had a culture of corruption leading at least as far back as Eisenhower, McCarthy & J Edgar Hoover. Read the history books, or the nightly news.

    Of course, that's not your entire point. How do you expect to get the government to produce and enforce a law regulating itself? As someone else had said, with an incumbancy rate so high (80-95%?), congress likes things just the way they are. And given the amount of well-documented evidence of vote tampering in Ohio in '04, the federal election officials obviously aren't going to lift a finger to investigate anything. Unless more people start asking questions instead of mockingly crying 'sure, a conspiracy! right!' everytime somebody criticises the gov't, there's not going to be a change. Corruption starts from money, the Republicans have the vast majority of corporate support, the corporations don't care about *you* only your money, yet these cowards, willfully standing up for the power to get robbed by corporate america, still stand up for the republicans when there's evidence of tampering with the election system.

  • Re:Too many hoops... (Score:4, Informative)

    by CastrTroy (595695) on Tuesday August 01, 2006 @06:45PM (#15828270) Homepage
    Counting votes isn't a serial process. Counting can be done in Parallel. In fact it can be highly parallelized. In Canada, everybody from a certain neighbourhood goes to a nearby school or community centre to vote. Then when the polls close, each school/community centre counts their votes and reports their totals. All the votes can be counted independantly of what's going on at some other polling station. Some polling station even post their results before others are even closed. This system scales perfectly well. It can work for a population of 3000, 3,000,000, 30,000,000, or 300,000,000. So the time to count votes is not dependant on how many votes their are, but only how finely you distribute the counting load.
  • by michael_cain (66650) on Wednesday August 02, 2006 @11:20AM (#15832287) Journal
    Did you know felons can't vote?
    ==========
    It varies state to state; some states you can vote as soon as you are released from prison and re-register. Others, you can't vote until you are off supervised release. Others, it's a permanent lifetime ban.

    I always found the differences to be amusing. Convicted felon in state A, lifetime loss of voting. Until you move ten miles to state B, all voting rights restored. Only three states -- Florida, Virginia, and Kentucky -- have a lifetime ban. In Florida, this means that just about 25% of the adult male black population is not eligible to vote [wbai.org].

"If it ain't broke, don't fix it." - Bert Lantz

Working...