Herbert H. Thompson, PhD ("Hugh" to his friends), is one of the people featured in the HBO documentary, Hacking Democracy, that Diebold tried to keep from airing. Hugh is a long-time Slashdot reader who called me to volunteer for this interview — on his own, not through anyone's PR department. Here's a YouTube excerpt from a CNN Lou Dobbs show with Hugh in it. (Find more articles by and about Hugh here. And perhaps check this brand-new MSNBC story about e-voting, too.) Hugh suggests that you give him "your wildest questions about what went on behind the scenes and how safe the e-voting systems actually are." Let's take him up on that challenge, hopefully while following Slashdot interview rules. Note to Diebold and other voting machine companies: We welcome comments and questions from you, same as we welcome them from everyone else. If you feel you are being vilified unfairly by Slashdot readers, please respond and set the record straight.
Other countries are embracing E-voting [smh.com.au] despite the massive concern here in the United States. My simple question is, in your opinion, will E-voting ever reach standards rigorous enough to satisfy the American populace? If not, why?
I'm astonished that it's not as simple as several vendors make the UI, several vendors make the DB's, hook them up on a closed network which of course requires physical security, but there will always be human element). When a person votes, the UI computers broadcast the votes over the networks, to the multiple DBs (I say 3). I leave out the authorization part of this equation because it obviously COULD be done. The UI program issues the voter a paper receipt, to be used in the event of a recount. He she
This is a really basic question and it seems I should know an
answer, but it never seems to be discussed: Why are the
electronic voting machine companies generally so dead-set against
emitting verifiable and auditable paper records? It can't just
be cost, because they could and would just pass that on to their customers.
It can't just be cost, because they could and would just pass that on to their customers.
Sort of a follow up, how do the states/districts decide what machine to go with? Is it a standard "go with the lowest bidder", is this why we see such shoddy machines going into action? Do the decision making organizations tend to have specific features they look for? Anything else you would like to share about the decision making processes that you have seen?
Pittsburgh (Allegheny country) had a public review of 4-5 voting systems (Unisys, Sequoia, ES&S, and Diebold) that I attended. Of all the systems I saw, ALL of them had an option to produce a paper trail. Some were inherently better at paper trails than others - such as the bubble-fill versions, but they all had some sort of option.
Most of the salesmen there seemed to steer you away from the bubble-fill devices, stating that they were cheaper up front but would cost more in the long run with paper costs. I still liked them the best. They have multiple ways of recovering from problems - built in paper trail, still work under power outages, and anyone that can play the lottery can use them.
Yes, such laws do exist. (They're apparently why you can't get the raw voteing machine and punchcard ballot reader output to examine for statistical signs of vote tampering, too.)
But the point of the printed reciept is NOT for the voter to take it home. The point is for him to put it in a ballot box. Then it's no longer in his possession, so the laws to prevent vote-buying don't apply.
The printed "reciept" is actually the official ballot, and subject to recounts and audits. The voting machine becomes simply a ballot marking aid - which can opportunistically take a count as it operates. The machine's count can be used for rapid return reporting, but only becomes the official count if there are no challenges and the precinct doesn't happen to be randomly selected for auditing.
With a spit-out printed ballot added to the voting machines, the rest of the current software can remain in place. With an audit trail any fraud can be detected and corrected. (Further: With random sampling and the inevitable recount requests in close races and those where fraud is suspected, it is LIKELY to be detected.)
In the absense of the ability to untracably corrupt the count, voting macine fraud attempts become much less likely - and a path to prison rather than to political power.
In your opinion, what is the largest inherent flaw within electronic voting systems today? Diebold's been in the news of having many potential problems ranging from securing the physical hardware to the ability to hack the software or firmware. I'm sure you're quite prepared to pose a case against implementations but can you think of a more intuitive scheme (encryption, network layout, verification scheme) to protect against "hacking our democracy?"
He doesn't need to suggest anything, since others already have. The most intriguing to me is Ron Rivest's ThreeBallot [mit.edu], which I've written an article about [lerfjhax.com]. Quoting myself:
The properties of an ideal election system are contradictory. Voters should be able to verify that their votes are counted correctly, but should be able to have their choices kept completely private--in fact, some would say that voters should not be able to prove they voted a certain way, even if they wanted to. So, can both of these goals
ThreeBallot does come close but the paper in which it is outlined says right up front that it is susceptible to vote buying schemes and as such is not a practical solution.
The paper also discusses a modification of ThreeBallot that uses exchanged receipts. Again, check it out:
However, the best approach to the problem may derive from thinking about the functions of the receipts a bit more carefully.
The receipt is used in two ways: it is compared by the voter against its corresponding ballot before the ballot
The voter may use a DRE/EBP (DRE/electronic ballot printer) to create and print her multi-ballot see Section 9.3. The voter enters her choices on a touch-screen. The DRE controls the random allocation of marks in each row.
ThreeBallot can be used directly, or as an auditable paper trail for an otherwise electronic system. It doesn't need to be any more complicated for the voters, but it provides a way to check that votes are being tallied correctly.
as in "no-choice-it-must-be-evote-or-novote-and-novote-i snt-an-option", how would you set it up? I.E. would there be encryption, would there be ways for individuals (but not others) to track their own votes, etc?
I noticed in the documentary that the Diebold machine tested in Tallahassee prints "Diebold Memroy Card" on its little grocery-store-quality tape. Is this kind of slipshod programming reflected throughout the Diebold system?
I saw that typo too, and I started to wonder that if THAT slipped QA, what else did? A typo itself is not a big deal. The fact that it passed testing and was shipped with a type IS a big deal
> I noticed in the documentary that the Diebold machine tested in Tallahassee prints "Diebold Memroy Card" on its little grocery-store-quality tape. Is this kind of slipshod programming reflected throughout the Diebold system?
Don't fret -- the typo is evidence that they hire real programmers!
Your bio kind of paints you as an academic with tons of authoring and training but no real deep diving into implementing an E-voting system. Have you worked on any physical systems or only the theory behind it?
I ask this because of a quote, "In theory there is no difference between theory and practice. But, in practice, there is." - Jan L.A. van de Snepscheut. Which occasionally appears at the bottom of Slashdot. I interpret it that the theoretical side of the world is constantly criticizing the pa
"In theory there is no difference between theory and practice. But, in practice, there is."
I think that when there is a difference between theory and practice, that it simply means that the theory is wrong. A right theory will hold up in practice. Otherwise it is not right. So this should not be seen as a criticism of theory or theorists in general, but an exhortation to have right theory.
All too often that quote is taken to mean "Well, I don't know jack about this, but I'm not an academic who has stu
Issue a statement with verbage stating something along the lines of "these machines, like everything electronic, controlled by a computer, are 'hackable' and here's what you can do, as a voting body, to protect the investment, and to ensure a safe and reliable election:"?
It seems that these flaws are bad, but they're fixable. They have the way to plug the holes, but they don't work on it, don't promote it, and don't seem to want to admit there's issues. I know they're a company trying to protect their b
Let's assume for a moment the 2006 US House/Senate election goes this way: Republicans keep control of both through a series of smallish victories, Democrats gain a few seats, and the results are explained away in the mainstream media as "fluke results", "margin of error", etc...
How do you prove that foul play (hacking) has been involved?
Do you even have a plan in place to check the results?
Please note that this is a very serious question. There was a saying, a few years back, that said a novice hacker is someone known in a small circle, a confirmed hacker is someone who is known all over the Internet, and a great hacker is someone who is totally invisible.
What if the election was subtly hacked, in a way that left lingering doubts (51%-vs-48% kind of results and all that), but no solid proof?
... so a republican victory automatically dictates tampering with voting machines? The democrats have a long history of being ahead in polls and losing, before e-voting ever hit the scene. Democrats are democrats and have a tendancy to lose it for themselves as the elections approach (see: John Kerry's recent comments, Alan Hevesi, etc)
> How do you prove that foul play (hacking) has been involved?
Obviously we should apply the Intelligent Design movement's latest algorithm for proving that God (or some other unnamed being with supernatural powers) tampered with biology.
What if the election was subtly hacked, in a way that left lingering doubts (51%-vs-48% kind of results and all that), but no solid proof?
Despite my reputation, here, I'm not being a smart-aleck. What if, as a variation on your scenario, the guy you want to win does so by fairly tight margin? People who think that narrow victories are a sure sign of a vast conspiracy against them personally are looking right past the reality: modern communications (rabid media coverage, the internet, etc) and technology
Does the HBO show spend any time discussing the three "sides" to the debate? E-Voting, open sourced e-voting software, and paper voting? The last Slashdot article on this topic, when Diebold's complaint was announced, spent some time on this. The worry being, the debate is nothing more than "e-voting good" or "e-voting bad", ignoring the possibility that "open source e-voting" might be a viable middle ground.
How do you think open source could fit into this issue? Or should it?
Before I poo-poo the idea, let me say I like the idea of OSS implementations of anything the government does: they pay for this implementation in my dollars, so I might as well get a chance to see how it works. But this does not make the system more secure.
Even with OSS, you're relying on an assurance by some clerk at the polling station that the code you've audited at home is the code that drives your voting choice from fingertip to election commission. You can't SEE software, and as this crowd knows, rootkits can virtualize the whole machine to appear to run one thing while really doing something else.
The only way for an individual to audit their vote is to see their vote on a tangible artifact, be it marks on paper, holes in paper, colored beads or whatever works in your village. It's already bad enough that you can't follow that vote artifact out of the voting booth into the counting center, and watch it every step of the way, but with many eyes from all vested parties along the path, you can have a small sense of security in this process.
What, exactly, is the argument against pen-and-paper voting? It seems to me that everybody wants to migrate to voting machines - electronic or mechanical - but so far nobody has explained to me what's wrong with good old-fashioned "put an X next to your candidate's name" voting.
> What, exactly, is the argument against pen-and-paper voting? It seems to me that everybody wants to migrate to voting machines - electronic or mechanical - but so far nobody has explained to me what's wrong with good old-fashioned "put an X next to your candidate's name" voting.
The "problem" is that it doesn't shuffle enough of your tax money into corporate pockets.
In many jurisdictions, like mine, they do put an X next to somebody's name, and then slide the ballot into a scanning machine which counts the votes. However, the issue of returning to a 1920's style all-manual system is the count, the crucial part of the system. In Canada ballots have only 3 or 4 party names listed. Its easy to count those. In Chicago, we will have nearly 90 names on the ballot. The possibility of mischief or mistakes increases dramatically when you let humans do it.
It demeans the real challenges faced by individuals with handicaps to suggest that we need to diminish the reliability of our electoral system in order to encourage their participation.
2. Printing costs.
Costs for paper / pencil only systems are significantly less than for electronic systems, particularly when election administration is centralized (see Canadian electoral system costs). This is even before you consider that electronic voting equipment is being amortized over an absurdly long period of time (far longer than their estimated useful life. I would bet there will be a lot of counties writing off systems after the next cycle that still have significant unamortized book value).
3. Storage costs. Storage costs are increased with electoral equipment. The equipment itself needs to be stored and takes more room than paper ballots. Further, the equipment typically has more stringent environmental requirements (temperature, humidity, etc. control) for the storage facility than paper ballots. Paper ballots need to be stored for less time than equipment. Paper ballots can be destroyed once disputes relating to them have been settled, and only have a useful life of at most one electoral cycle. Equipment must be stored throughout its useful life.
4. People.
It takes candidates' representatives and two officials from the authority conducting the election to count ballots in precinct. These are individuals who are already involved in the process, observing and administering (respectively) the conduct of the voting process of the election.
5. Quicker results. We know who our Prime Minister is before bed-time EST on election night. How about you? Vote counting is a highly parallelizable activity.
Regardless, is it appropriate to set cost and speed above accuracy and security in elections administration?
Do you think the greatest threat of an e-voting system being hijacked is during the voting itself, with one or more people influencing things at the polling place, during the processing, with untrained, nonaccountable poll workers and supervisors, or do you think a greater threat would be someone maliciously attacking an electronic vote counting reposiotory/database?
> Do you think the greatest threat of an e-voting system being hijacked is during the voting itself, with one or more people influencing things at the polling place, during the processing, with untrained, nonaccountable poll workers and supervisors, or do you think a greater threat would be someone maliciously attacking an electronic vote counting reposiotory/database?
Or by pre-rigging the machines before delivering them to the state, to misrecord, mistransmit, or miscount the votes, or simply misreport
What confuses me about electronic voting is that we constantly do commerce daily through electronic means (ATMs, credit cards online, etc) yet we cannot hammer down a viable scheme for voting. I am a programmer and very familiar with model view controller applications and it's always caused me great confusion of why we don't simply use a web based application for voting. For instance, if I built a secure website that required a local official to access through a terminal (with possible hardware verificati
> What confuses me about electronic voting is that we constantly do commerce daily through electronic means (ATMs, credit cards online, etc) yet we cannot hammer down a viable scheme for voting.
Who says we've got a reliable system for electronic commerce?
Umm... how do you know that the person entering their SSN is the person associated with that SSN? One of the larger issues here, I think, is the odd resistence against voters having to actually prove who they are. That, truly, I don't get. The rhetoric that it's somehow discriminating (against some particular cultural segment) to ask for ID at the polling place is already preventing such measures from happening even where they're still using much more old-fashioned ball
I may not be a programmer, but I have worked in an election (Canadian) before, and I can tell you exactly what's wrong with that approach - the moment you ask for the SSN, it stops being a secret ballot. Even if you don't record what the ballot is in relation to the SSN, there's still the possibility (and suspicion) that it can be hacked into, and the votes revealed. (And, part of being able to correct if something goes wrong with this would have to be matching up the vote to the SSN, and all of a sudden it
I would like to know if the studies of Diebold's machines have ever been compared to similar studies of other methods. I'm sure we all remember the issues of hanging chads and how recounts could be manipulated, which is one of the reasons some people don't support paper trails. Without this comparison, I feel like complaints about Diebold and other manufacturers can be construed as alarmist and nitpicking at best, political posturing and propagandising at worst. Do you have any numbers or direct comparis
Since many -- if not most -- districts with electronic voting devices have disposed of their older, non-electronic systems, there's no available back-up mechanism other than paper and pencil, something unlikely to be accepted due to impracticality. There's hardly the time and even less impetus to print the millions of machine-readable absentee ballots necessary.
Given that, by law, voting is anonymous and private and necessarily leaves the voter alone with the device, what can be done to minimise the risk
All politicians are criminals. Thus, it really doesn't make any difference if we use e-voting or rock stacking. The system promotes only the most corrupt and reprehnsible people to run for public office.
Given a choice between being burned alive or shot in the head, I suppose I would choose none of the above.
As a software engineer I'm constantly amazed at how incompetent Diebold and other companies making e-voting applications appear to be. This stuff is not rocket science at all, but fairly uncomplicated, basic software engineering.
Why do you think it's so hard for Diebold and other companies to come up with solutions that work well? Is it a stubborn unwillingness to listen and learn from critics, shere incompetence, or something else?
Bad software engineers pick the most complicated solution and complain about how impossible the task is. Good ones find the nugget of truth that makes complicated problems easy. Same here... electronic voting is actually a very very easy problem if you realize the truth: secure systems are not needed at all. 1. You have a computerized vote selection system. This does not need to be secure at all, because it will print out the selected votes onto paper in a human readable form. It can be written in TCL/TK
All of the attention lately has been on the touchscreen voting machines, yet
Hacking Democracy
clearly showed a tampered memory card skewing results in a optical scan machine. On the one hand, at least in this sort of system there is a paper ballot to verify, but it's mind boggling to me that something as simple as a optical scanner could be designed so badly as to allow an attack through the memory cards used for transporting results.
This raises an entirely new set of concerns, and seems to suggest that ma
It has always seemed to me that the real Achilles heel of e-voting is the networked approach that most vendors have taken. With a networked approach, fraud can be perpetrated on a mass scale if entry is gained at one weakness.
As a former election judge, I have enough experience to know that rigging a paper election is a daunting, nearly impossible task, as there are litterally thousands of ballot boxes that would have to be compromised for any sort of advanagte (on a state or national scale).
Are these concerns balanced (or even discussed) when officials are purchasing equipment? Do local Board of Elections have not only the expertise, but the concern to ask the right questions? And how do BoE directors react when they hear about your concerns and research?
To me, the only 'benefit' of e-voting is the speed of counting after the polls close, which seems pretty small compared to the problems that have surfaced. That said, I wonder what you think of this possible solution:
After the voter makes his selection on the e-voting machine, the machine then prints out a piece of paper with the voter's choice on it. The voter reviews it, makes sure it's correct, and then exits the booth and deposits the paper ballot in an old-fashioned ballot box. When the polls close, we have an instant count but if the result is challenged, we have the old-fashioned system to do a recount. Note that "hanging chads" and other such nonsense wouldn't apply, as the machine would print the voter's choice - no question of "unclear marks" or "multiple selections", or other problems that exist with manual ballots today. It seems to me this would satisfy both camps, without requiring a massive rewrite of the software, and minimal physical changes. (These machines must have a port somewhere that a printer could be connected to.) Any thoughts?
I saddened and dismayed by the poor engineering and ignorance of basic security practices that our electronic voting machines show. However, is this really something we should panic about or even the biggest problem in our election system.
All voting systems are vulnerable to fraud. What makes these electronic systems different is that one or a very small number of individuals can engineer a fraud. However, their ability to execute a fraud is limited by the media polls (we will suspect something if the results are inexplicably different than polled) and knowledge of precinct history. Thus the danger from individuals changing the vote seems to really be that they will shift a close race (say 10% apart) one way or another.
However, this sort of shifting close races doesn't greatly degrade the structural force of voting. All candidates will still try to enact policies to garner support whether they need 50% of the votes or only 45%. Much of voting is random, affected by things like personal charisma rather than policy questions so clearly the system doesn't work because we always have the person who 50% want but rather it works because of the structural pressure not to stray to far from what the people want. Or to put it in political science terms what does all the work is the tendency of all candidates to shift to the middle in the long run who actually wins each race isn't so important.
But now comparing the potential for electronic vote fraud to things like machine politics (with conventional ballot stuffing), safe districts, voter disenfranchisement efforts, felon lists etc.. etc.. it doesn't seem like it is such a big deal. Making sure the poling places in the inner city don't have enough machines has a much bigger structural effect, by making sure one group's votes don't count at all, than just giving one candidate a random 10% of the vote. Creating a safe district removes virtually all of the structural pressure of voters on government and it seems far more effective and less dangerous to accidentally strike the wrong people from the rolls or put too few voting machines in some precincts.
In short are we letting our concern over the technology of voting blind us to the bigger issues? Shouldn't we be paying more attention to who gets to vote, how districts are drawn and other conventional aspects of voting than to the potential for individuals to electronically cheat?
Are voting machines fixing the wrong problem? As far as I can tell the problem with the traditional system is not in the voting process, but in the counting process. Surely what needs to be made more efficient is the process of counting votes? What I mean here is sticking to time tested voting cards (or making them more machine readable if you need to), but making machines that count and tally the results faster. At least with such a solution you still have a paper trail that humans can count, even if it sl
Despite the rhetoric to the contrary, the list of requirements for a "perfect" electronic voting machine is quite long and somewhat conflicted. Anonyminity and verification comes to mind.
I have to point out that each successive generation of voting machines has undergone more or less backlash, until the populace came to flush out the details. I believe this should prompt us to stronger and stronger oversight and transparency in designs, but not cause us to give up altogether.
First of all, I'm from Missouri. Missouri approved a company to create touch screen voting machines to Missourians. According to Voter's Unite [votersunite.org], one of those companies is AccuPoll - a company that is now bankrupt [yahoo.com]. The CEO of that company recently spoke out [votetrustusa.org] against voting machines, saying the following: I am not happy about the outcome, or the state of the industry. I think that something needs to be done. I'm not sure what it is, it probably doesn't include AccuPoll at this point, but I do not feel that a
Why are people so hell bent on using voting machines? What benefits could voting machines provide that can counterbalance the loss of transparency and accountability that inevitably occurs even if open source/standardized protocols and machines were to be used, compared to voting with paper? Is it really more important that people know a result of their vote faster than that they know that the result is what they actually voted for?
Will We Ever Get This Right? (Score:3, Interesting)
Simple Architectural Problem? (Score:2)
The UI program issues the voter a paper receipt, to be used in the event of a recount. He she
paper trail? (Score:5, Interesting)
Re:paper trail? (Score:4, Interesting)
Sort of a follow up, how do the states/districts decide what machine to go with? Is it a standard "go with the lowest bidder", is this why we see such shoddy machines going into action? Do the decision making organizations tend to have specific features they look for? Anything else you would like to share about the decision making processes that you have seen?
Thanks for doing this also!
Parent
Re:paper trail? (Score:4, Informative)
Most of the salesmen there seemed to steer you away from the bubble-fill devices, stating that they were cheaper up front but would cost more in the long run with paper costs. I still liked them the best. They have multiple ways of recovering from problems - built in paper trail, still work under power outages, and anyone that can play the lottery can use them.
I took some pictures if you're really interested. [flickr.com]
Parent
Re:paper trail? (Score:5, Insightful)
But the point of the printed reciept is NOT for the voter to take it home. The point is for him to put it in a ballot box. Then it's no longer in his possession, so the laws to prevent vote-buying don't apply.
The printed "reciept" is actually the official ballot, and subject to recounts and audits. The voting machine becomes simply a ballot marking aid - which can opportunistically take a count as it operates. The machine's count can be used for rapid return reporting, but only becomes the official count if there are no challenges and the precinct doesn't happen to be randomly selected for auditing.
With a spit-out printed ballot added to the voting machines, the rest of the current software can remain in place. With an audit trail any fraud can be detected and corrected. (Further: With random sampling and the inevitable recount requests in close races and those where fraud is suspected, it is LIKELY to be detected.)
In the absense of the ability to untracably corrupt the count, voting macine fraud attempts become much less likely - and a path to prison rather than to political power.
Parent
Largest Inherent Flaw? (Score:5, Interesting)
Re: (Score:2)
Re: (Score:2)
The paper also discusses a modification of ThreeBallot that uses exchanged receipts. Again, check it out:
Re: (Score:2)
ThreeBallot can be used directly, or as an auditable paper trail for an otherwise electronic system. It doesn't need to be any more complicated for the voters, but it provides a way to check that votes are being tallied correctly.
If you were going to set up an e-voting system (Score:2)
Typo (Score:2, Interesting)
Re: (Score:2)
Re: Typo (Score:2)
Don't fret -- the typo is evidence that they hire real programmers!
Theory Vs Practice (Score:2)
I ask this because of a quote, "In theory there is no difference between theory and practice. But, in practice, there is." - Jan L.A. van de Snepscheut. Which occasionally appears at the bottom of Slashdot. I interpret it that the theoretical side of the world is constantly criticizing the pa
Re: (Score:2)
I think that when there is a difference between theory and practice, that it simply means that the theory is wrong. A right theory will hold up in practice. Otherwise it is not right. So this should not be seen as a criticism of theory or theorists in general, but an exhortation to have right theory.
All too often that quote is taken to mean "Well, I don't know jack about this, but I'm not an academic who has stu
Why do you think Diebold Doesn't Just... (Score:2)
Here is my question... (Score:5, Insightful)
How do you prove that foul play (hacking) has been involved?
Do you even have a plan in place to check the results?
Please note that this is a very serious question. There was a saying, a few years back, that said a novice hacker is someone known in a small circle, a confirmed hacker is someone who is known all over the Internet, and a great hacker is someone who is totally invisible.
What if the election was subtly hacked, in a way that left lingering doubts (51%-vs-48% kind of results and all that), but no solid proof?
OT: Republican victory (Score:3, Insightful)
Re: Here is my question... (Score:2)
Obviously we should apply the Intelligent Design movement's latest algorithm for proving that God (or some other unnamed being with supernatural powers) tampered with biology.
Re: (Score:2)
Despite my reputation, here, I'm not being a smart-aleck. What if, as a variation on your scenario, the guy you want to win does so by fairly tight margin? People who think that narrow victories are a sure sign of a vast conspiracy against them personally are looking right past the reality: modern communications (rabid media coverage, the internet, etc) and technology
OSS? (Score:5, Interesting)
How do you think open source could fit into this issue? Or should it?
Re:OSS? (Score:4, Insightful)
Before I poo-poo the idea, let me say I like the idea of OSS implementations of anything the government does: they pay for this implementation in my dollars, so I might as well get a chance to see how it works. But this does not make the system more secure.
Even with OSS, you're relying on an assurance by some clerk at the polling station that the code you've audited at home is the code that drives your voting choice from fingertip to election commission. You can't SEE software, and as this crowd knows, rootkits can virtualize the whole machine to appear to run one thing while really doing something else.
The only way for an individual to audit their vote is to see their vote on a tangible artifact, be it marks on paper, holes in paper, colored beads or whatever works in your village. It's already bad enough that you can't follow that vote artifact out of the voting booth into the counting center, and watch it every step of the way, but with many eyes from all vested parties along the path, you can have a small sense of security in this process.
Parent
Pen-and-paper voting (Score:5, Interesting)
Re :Pen-and-paper voting (Score:5, Insightful)
The "problem" is that it doesn't shuffle enough of your tax money into corporate pockets.
Parent
Re: (Score:2, Informative)
Re:Pen-and-paper voting (Score:4, Insightful)
It demeans the real challenges faced by individuals with handicaps to suggest that we need to diminish the reliability of our electoral system in order to encourage their participation.
2. Printing costs.
Costs for paper / pencil only systems are significantly less than for electronic systems, particularly when election administration is centralized (see Canadian electoral system costs). This is even before you consider that electronic voting equipment is being amortized over an absurdly long period of time (far longer than their estimated useful life. I would bet there will be a lot of counties writing off systems after the next cycle that still have significant unamortized book value).
3. Storage costs.
Storage costs are increased with electoral equipment. The equipment itself needs to be stored and takes more room than paper ballots. Further, the equipment typically has more stringent environmental requirements (temperature, humidity, etc. control) for the storage facility than paper ballots. Paper ballots need to be stored for less time than equipment. Paper ballots can be destroyed once disputes relating to them have been settled, and only have a useful life of at most one electoral cycle. Equipment must be stored throughout its useful life.
4. People.
It takes candidates' representatives and two officials from the authority conducting the election to count ballots in precinct. These are individuals who are already involved in the process, observing and administering (respectively) the conduct of the voting process of the election.
5. Quicker results.
We know who our Prime Minister is before bed-time EST on election night. How about you? Vote counting is a highly parallelizable activity.
Regardless, is it appropriate to set cost and speed above accuracy and security in elections administration?
Parent
Re: (Score:3, Insightful)
The greatest threat to e-voting? (Score:3, Interesting)
Re: The greatest threat to e-voting? (Score:2)
Or by pre-rigging the machines before delivering them to the state, to misrecord, mistransmit, or miscount the votes, or simply misreport
MVC Web Interface with Possible Redundancy? (Score:2)
Re: MVC Web Interface with Possible Redundancy? (Score:2)
Who says we've got a reliable system for electronic commerce?
Re: (Score:2)
Umm... how do you know that the person entering their SSN is the person associated with that SSN? One of the larger issues here, I think, is the odd resistence against voters having to actually prove who they are. That, truly, I don't get. The rhetoric that it's somehow discriminating (against some particular cultural segment) to ask for ID at the polling place is already preventing such measures from happening even where they're still using much more old-fashioned ball
Re: (Score:2)
(And, part of being able to correct if something goes wrong with this would have to be matching up the vote to the SSN, and all of a sudden it
Comparison to older methods (Score:2)
How do we minimise the risk? (Score:2, Interesting)
Given that, by law, voting is anonymous and private and necessarily leaves the voter alone with the device, what can be done to minimise the risk
Why bother voting at all? (Score:2)
Given a choice between being burned alive or shot in the head, I suppose I would choose none of the above.
Why is it so hard? (Score:5, Interesting)
Why do you think it's so hard for Diebold and other companies to come up with solutions that work well? Is it a stubborn unwillingness to listen and learn from critics, shere incompetence, or something else?
Re: (Score:3)
1. You have a computerized vote selection system. This does not need to be secure at all, because it will print out the selected votes onto paper in a human readable form. It can be written in TCL/TK
Who cares about Lou Dobbs? (Score:2)
How many voting techologies are this vulnerable? (Score:2)
clearly showed a tampered memory card skewing results in a optical scan machine. On the one hand, at least in this sort of system there is a paper ballot to verify, but it's mind boggling to me that something as simple as a optical scanner could be designed so badly as to allow an attack through the memory cards used for transporting results.
This raises an entirely new set of concerns, and seems to suggest that ma
On Open vs. Closed Networks (Score:4, Interesting)
As a former election judge, I have enough experience to know that rigging a paper election is a daunting, nearly impossible task, as there are litterally thousands of ballot boxes that would have to be compromised for any sort of advanagte (on a state or national scale).
Are these concerns balanced (or even discussed) when officials are purchasing equipment? Do local Board of Elections have not only the expertise, but the concern to ask the right questions? And how do BoE directors react when they hear about your concerns and research?
A simple solution? (Score:5, Interesting)
After the voter makes his selection on the e-voting machine, the machine then prints out a piece of paper with the voter's choice on it. The voter reviews it, makes sure it's correct, and then exits the booth and deposits the paper ballot in an old-fashioned ballot box. When the polls close, we have an instant count but if the result is challenged, we have the old-fashioned system to do a recount. Note that "hanging chads" and other such nonsense wouldn't apply, as the machine would print the voter's choice - no question of "unclear marks" or "multiple selections", or other problems that exist with manual ballots today. It seems to me this would satisfy both camps, without requiring a massive rewrite of the software, and minimal physical changes. (These machines must have a port somewhere that a printer could be connected to.) Any thoughts?
Is the Harm Really that Great? (Score:3, Interesting)
All voting systems are vulnerable to fraud. What makes these electronic systems different is that one or a very small number of individuals can engineer a fraud. However, their ability to execute a fraud is limited by the media polls (we will suspect something if the results are inexplicably different than polled) and knowledge of precinct history. Thus the danger from individuals changing the vote seems to really be that they will shift a close race (say 10% apart) one way or another.
However, this sort of shifting close races doesn't greatly degrade the structural force of voting. All candidates will still try to enact policies to garner support whether they need 50% of the votes or only 45%. Much of voting is random, affected by things like personal charisma rather than policy questions so clearly the system doesn't work because we always have the person who 50% want but rather it works because of the structural pressure not to stray to far from what the people want. Or to put it in political science terms what does all the work is the tendency of all candidates to shift to the middle in the long run who actually wins each race isn't so important.
But now comparing the potential for electronic vote fraud to things like machine politics (with conventional ballot stuffing), safe districts, voter disenfranchisement efforts, felon lists etc.. etc.. it doesn't seem like it is such a big deal. Making sure the poling places in the inner city don't have enough machines has a much bigger structural effect, by making sure one group's votes don't count at all, than just giving one candidate a random 10% of the vote. Creating a safe district removes virtually all of the structural pressure of voters on government and it seems far more effective and less dangerous to accidentally strike the wrong people from the rolls or put too few voting machines in some precincts.
In short are we letting our concern over the technology of voting blind us to the bigger issues? Shouldn't we be paying more attention to who gets to vote, how districts are drawn and other conventional aspects of voting than to the potential for individuals to electronically cheat?
Fixing the wrong problem? (Score:2)
All I have to say is: Thank you. (Score:2)
Accidental quote (Score:2)
Lou Dobbs: "E-voting machines will count at least 3 out of every 4 votes cast in next week's election."
Not simple (Score:2)
Despite the rhetoric to the contrary, the list of requirements for a "perfect" electronic voting machine is quite long and somewhat conflicted. Anonyminity and verification comes to mind.
I have to point out that each successive generation of voting machines has undergone more or less backlash, until the populace came to flush out the details. I believe this should prompt us to stronger and stronger oversight and transparency in designs, but not cause us to give up altogether.
Diebol
You mention standards in the video (Score:2)
Why should we be using voting machines at all? (Score:2)