Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Security News

Virginia Begins to Worry About Voting Machines 386

nonsecurity writes "Remember the unheeded stories about possible fraud with new electronic voting machines? Well it seems that someone is finally now taking notice. The Commonwealth of Virginia has been ready to take the leap with electronic voting machines, which many experts say are wide open to potential voting fraud. Like other jurisdictions, Virginia had been shrugging off the concerns. But the Washington Post is is now reporting that Johns Hopkins Computer Scientists have been studying the issue and have found that the machines might be easily hacked and election result tampering is a very real concern. And apparently Virginia is listening. With next year's elections promising to be full of fireworks, it's good to see that people are finally taking notice of the issue."
This discussion has been archived. No new comments can be posted.

Virginia Begins to Worry About Voting Machines

Comments Filter:
  • Solution (Score:4, Interesting)

    by swordboy ( 472941 ) on Monday August 11, 2003 @08:31AM (#6664859) Journal
    Why not simply anonimize the data but leave the potential for anyone and everyone to verify the results?
    • Re:Solution (Score:5, Insightful)

      by Novus ( 182265 ) on Monday August 11, 2003 @08:36AM (#6664885)
      Anonymising the data makes it hard to ensure that everyone casts only one vote. Consider Slashdot polls an example.
      • Re:Solution (Score:5, Informative)

        by Zarhan ( 415465 ) on Monday August 11, 2003 @08:42AM (#6664930)
        Anonymising the data makes it hard to ensure that everyone casts only one vote. Consider Slashdot polls an example.

        There are possible ways around this, based on cryptographical methods. Take a look at this [cranor.org], for example.
        • Re:Solution (Score:4, Funny)

          by gfody ( 514448 ) * on Monday August 11, 2003 @10:42AM (#6666059)
          why even worry about people voting twice? if they care that much then let their vote count as two, or three.. I'm sure there are zealous voters for the other side to counter the effect.
        • Re:Solution (Score:4, Insightful)

          by snolan ( 604108 ) on Monday August 11, 2003 @01:02PM (#6667509) Homepage
          That cranor.org site is very interesting, but the authors (who write a very good brief to be sure) keep missing one type of election fraud: keeping legitimate registered voters from legally voting.


          A voting system is both inaccurate and vulnerable if it allows corrupt officials to deny voting priviledges to those who are eligible.

      • Re:Solution (Score:2, Insightful)

        by Suhas ( 232056 )
        And pray, how do you think one person one vote is enforced right now?...The Voting machines are intended to register votes, not verify people...WAY Wrong Analogy
        • Re:Solution (Score:5, Insightful)

          by Novus ( 182265 ) on Monday August 11, 2003 @10:33AM (#6665986)
          The usual mechanisms (e.g. checking your ID at the voting station and checking off a list) protect only against voters trying to vote several times. They do not protect against any fraud by those involved in the collection and counting of votes. Right now, you have lots of pieces of paper to count, and a lot of people looking over your shoulder to make sure you don't cheat. With an automated system, it's hard to ensure that the system prevents anyone involved in the voting system (programmer, network technician, admin, et.c.) from changing other people's votes.
      • by TrekkieGod ( 627867 ) on Monday August 11, 2003 @08:47AM (#6664970) Homepage Journal
        The "data" is anonymous now. It's possible to tell who voted and where, but not which person you voted for (which is the meaningful data). The votes are secret to prevent abuse of the type that existed before they were secret (employers telling employees to vote for a certain candidate or lose their jobs, etc.)

        I'm pretty sure the parent of your post meant something similar to this method: you go vote very much the way you do now (by presenting your id and signing a sheet of paper)...then you assign your vote to a number (that is not associated with your name in any record) and you make those numbers public, so that you can check against them. I think this system is also good because you can check certain numbers (for example 10,354 voters showed up at this voting location, so there should have been exactly 10,354 vote numbers assigned)

        • I'm pretty sure the parent of your post meant something similar to this method: you go vote very much the way you do now (by presenting your id and signing a sheet of paper)...then you assign your vote to a number (that is not associated with your name in any record) and you make those numbers public, so that you can check against them. I think this system is also good because you can check certain numbers (for example 10,354 voters showed up at this voting location, so there should have been exactly 10,354

        • by Zak3056 ( 69287 ) on Monday August 11, 2003 @10:12AM (#6665735) Journal
          I'm pretty sure the parent of your post meant something similar to this method: you go vote very much the way you do now (by presenting your id and signing a sheet of paper)...then you assign your vote to a number (that is not associated with your name in any record) and you make those numbers public, so that you can check against them.

          I agree that a system like thisis a MUST when it comes to verifying electronic voting. My big problem with it is that because of the paper trail, the individual VOTER may trouble.

          Consider, we have a secret ballot for a reason--for example, to prevent your boss from pressuring you to vote for a certain candidate at the cost of your job, or to keep the local klansmen from going after folks who dared vote for a black candidate.

          Under the current system, only you know who you voted for--you can always lie if pressured by someone to know how you voted. With a public paper trail, people with leverage can demand to know your receipt number, and CONFIRM what you tell them. This is BAD.
          • The important part is not knowing who cast a specific vote. What we want to know is that every single vote was cast by someone who had the right to do so; i.e. nobody voted more than once.

            One way to do this is to send everyone entitled to vote a randomly-generated private key, which they can then sign their vote with. The corresponding public keys can then be published together with the corresponding votes, which can then be verified. The keys must be hidden from whoever distributes them (e.g. using a seal
            • One way to do this is to send everyone entitled to vote a randomly-generated private key, which they can then sign their vote with.

              The problem there, of course, is that whoever is mailing out the private keys can "peek" and see who got what key.

              I think the best way to do it is this: You show up at the voting place, and along with scratching your name off the list of registered voters, you pick up a private key out of a big tub of private keys (it could be stored on a USB keychain storage device or somet
        • you go vote very much the way you do now (by presenting your id and signing a sheet of paper)...

          I don't know where you live, but everywhere I've voted in the US, it's gone something like: Show up, tell one of the people overseeing the voting what my name and address are (no ID check). Watch to make sure they cross off the right name on the list (no signing anything). Vote (by whatever method the district uses. I've lived in districts with lever machines, paper ballots, and electronic ballot readers). Tell
      • Anonymising the data makes it hard to ensure that everyone casts only one vote. Consider Slashdot polls an example.

        Hey! That reminds me...

        :::::searching:::::: :::::cutting, pasting:::::

        Which would you rather have?

        An serious-minded, experienced and respected Chairman of the Armed Services Committee

        An eager, qualified challenger with new ideas

        Cowboy Neal

    • Re:Solution (Score:5, Informative)

      by arvindn ( 542080 ) on Monday August 11, 2003 @08:54AM (#6665013) Homepage Journal
      That is far easier said than done. See, for instance, Bruce Schneier's explanation [counterpane.com] of why secure electronic voting is a hard problem.
      • Re:Solution (Score:2, Informative)

        by cshark ( 673578 )
        I did some work in this area a few years ago, and it seems to me that if governments would put the amount of thought into this, that they have put into regulating digital signatures, this would be a non issue.

        Another part of the problem lies in the auditing process. There really is no standard, or security regulation of any kind, except for maybe the promise of security by the vendor. No one ever really checks these things for security until it's too late.
      • Re:Solution (Score:4, Interesting)

        by tetra103 ( 611412 ) <tetra103@yahoo.com> on Monday August 11, 2003 @09:34AM (#6665361)

        I read that artical, but what the author doesn't admit to is that paper ballots are just as suspect as a computer ballot.

        He does key on one aspect and that is banking vs voting. Computer banking works because transactions can be traced. Because you can't track a computer vote is why it won't work. But think of it, you can't track an anonymous vote whether it's computerized or not. So in it's current form, the voting system we have/use is broken and always was.

        I suppose you could implement the concept of a vote reciept. Say you register and you cast a vote, then you recieve a reciept with a transaction number (ie: vote record). At any point, you should be able to use that transaction number to verify your vote. That may work for individuals having a piece of mind in casting a ballot, but there would still be a void when trying to vallidate an election. The problem centers around the "anonymous" vote. No matter how a system is designed, once the ballot becomes anonymous, you loose all tracking ability and hence leaves a large hole for hacking or rigging an election. This has nothing to do with computers mind you. It's just the nature of performing an anonymous transaction. Encryption doesn't help. The flaw is in the transaction design, not it's implementation.

    • Voting seems like a strange issue to track. You need accountibility for each person casting only one vote, yet you need a method to hide ones identity. I think it's the anonymous issue is what causes all the loop holes.

      Even with the current voting system, sure only registered voters can vote, so that's suppose to limit multiple votes from one person. But have you ever thought that after you pulled the levers and made your choice that your choice was actually recorded? Am I the only one paranoid about

    • Re:Solution (Score:3, Funny)

      by Anonymous Coward
      Why not simply do a vote electronically one night, and then do another vote with paper a week later (not announced until the first results are in). If anyone wins by a landslide in the first, but loses in the second, they get a bullet in the head.
    • Re:Solution (Score:3, Interesting)

      by Jordy ( 440 )
      This problem has been beaten to death. It is not hard to keep votes anonymous while at the same time providing the ability for an individual to verify their vote was counted accurately.

      Step 1. Take random number generator.

      Step 2. Take name, social, etc. and tack on random number. Hash. Toss random number. Run through an algorithm with built in forward error correction or other conversion to allow machines to check the number is valid/accurate without connecting to a central server.

      Step 3. Mail number to
  • Big Advantage (Score:5, Insightful)

    by patch-rustem ( 641321 ) on Monday August 11, 2003 @08:35AM (#6664880) Homepage Journal
    The big advantage is that electronic voting will make election fraud, much easier to hide and so, less embarrassing for the free world's leading democracy.
  • SlashVote (Score:3, Funny)

    by RevDobbs ( 313888 ) on Monday August 11, 2003 @08:36AM (#6664883) Homepage

    I don't understand the worries about electronic voting machines; they are just so convenient. I'm building one myself that uses the "poll" section of SlashCode, so that my fellow neighbors can vote (and comment) with out leaving their webTV's.

    As they say in Hudson County, NJ... "Vote early, vote often".

    • Re:SlashVote (Score:4, Insightful)

      by Anonymous Coward on Monday August 11, 2003 @08:45AM (#6664954)
      I don't understand the worries about electronic voting machines; they are just so convenient.

      Voting has never been about convenience, it's about doing your civic duty. American citizens have very little responsibilities in this country other than voting, paying taxes, and serving jury duty. Being lazy and not voting should result in an instant STFU award for the rest of the term. If you don't vote then I sure as hell don't want to hear you whining about the people running the government.

      • "Voting has never been about convenience, it's about doing your civic duty."

        Well how about the politicians doing their duty and genuinely representing the electorate?

        When we do vote, the politicians reneigh on their election promises, they reverse their previous positions on matters (opposed to what they once were for, for what they once were against) they lie, they cheat, they use resources that are supposed to serve the public, to lie to the public; they do as they please and throw a bone or two at any

  • by Anonymous Coward on Monday August 11, 2003 @08:36AM (#6664886)
    In an amazing upset, the winner was not even running. It appears that Linus, maker of the well known Linux operating system has won the Presidential election. Of special note is how he received four hundred billion votes...
    • by JaredOfEuropa ( 526365 ) on Monday August 11, 2003 @08:44AM (#6664943) Journal
      In an amazing upset, the winner was not even running. It appears that Linus, maker of the well known Linux operating system has won the Presidential election. Of special note is how he received four hundred billion votes...
      Hmm, I hope someone will actually hack into a voting machine and do something similar... if the tally shows votes for 'Linus', '1RL33T', 'BuTtMunCh' and 'Pwn3d', I bet the rest of the world will take notice of the problems with these machines. Oh, and throw in a negative total # of votes for some actual candidates as well... fun!
  • Stupid Question (Score:5, Insightful)

    by Todd Fisher ( 680265 ) on Monday August 11, 2003 @08:37AM (#6664903) Homepage
    Why are these machines connected to the outside world? Why can't all the polling locations be on a LAN?
  • But, (Score:4, Funny)

    by grug0 ( 696014 ) on Monday August 11, 2003 @08:38AM (#6664906) Journal
    If these machines really are insecure, then the John Hopkins researchers should just hack themselves into the Governor's office. Then it would be a simple matter to introduce better voting machines.
  • by maharg ( 182366 ) on Monday August 11, 2003 @08:38AM (#6664909) Homepage Journal
    All machines had the same password hard-wired into the code. And in some instances, it was set at 1111, a number laughably easy to hack, Rubin said.

    Go figure.
    • All machines had the same password hard-wired into the code. And in some instances, it was set at 1111, a number laughably easy to hack, Rubin said.

      How do you hack it? The number 1111?

      Seriously, I can't figure it out. No matter what I try (DoS, social engineering, beating it with a stapler), I can't seem to change that number so that instead it reads llll.
  • by Connie_Lingus ( 317691 ) on Monday August 11, 2003 @08:39AM (#6664914) Homepage
    All voting software and results should be subject to scrutany by the OSS community. All fraud is shallow when subjected to so many eyeballs.
    • All voting software and results should be subject to scrutany by the OSS community. All fraud is shallow when subjected to so many eyeballs.
      By that logic, wouldn't it be better to abandon electronic voting and leave system as understandable and inspectable by all instead of small technological (programmers) or byrocratical elite?

  • by mao che minh ( 611166 ) * on Monday August 11, 2003 @08:41AM (#6664923) Journal
    I live in Virginia, and to my knowledge, these machines are only being used at one or two voting facilities (I know, it sounds bad that I forgot what the places that you vote at are called.....). Although some of the old voting machines have been destroyed, there are still plenty left.

    But, it does make for a good story.

  • Why bother? (Score:2, Interesting)

    by Pig Hogger ( 10379 )
    In a place where everyone and their dogs don't vote, what difference will it make if the results are screwed with???
  • by BinaryOne ( 697044 ) on Monday August 11, 2003 @08:43AM (#6664941)
    NPR just did a story on this. The issue with the system is that there are a number of security steps that the poll workers are required to follow. Failure to follow all the steps exactly as prescribed will open the system to fraud.

    Sounds alot like every other voting system.

    My experience with poll workers is that they are serious and committed folks. But they are not the most savvy with computers and that may be the biggest security challenge.

    • Last year in Montgomery County, Maryland we had all electronic voting. *All* of the poll workers were IT staff from the County and local City governments. Seemed to work out nicely except for the fact that I had to wake up 4 hours early that day to be at one of the polling stations. =(
    • Yes they ARE serious and comitted folks, but that doesn't mean that they are'nt biased. Once while voting at the local voting place, the 'helpers' were not only helping people figure out the process, but also helping them decide to vote for. "Oh you don't want to for him deary, he's the one who approved that landfill on Maple St." This is illegal, but goes on in small towns all across America.

  • paper receipt tape (Score:5, Interesting)

    by mwilliamson ( 672411 ) on Monday August 11, 2003 @08:43AM (#6664942) Homepage Journal
    Why not just install cheapo receipt printers into the voting machines and keep a paper tally that would be easily verifiable if need be. This would be good for an audit, and a statistically proper number of voting machines could be audited to insure valid electronic reporting. Although crude, a paper record is nice in it's resistance to tampering (at least electronically). At work we've got a dot matrix printer hooked to the door's ID card reader. There ain't no hacking that without physical access.
    • Why not just install cheapo receipt printers into the voting machines and keep a paper tally that would be easily verifiable if need be.

      Why keep the votes in electronic form at all? Just print them out on the receipt printer with a bar code. Take all the receipts from the election day, run them through a reader and tally the votes. It'd let people verify their vote and be in the most computer readable format without relying on electronic storage.

    • Yes AND have the printer print out 4+ copies of the voter's vote, only one of which gets stuffed in the ballot box. Two others can go to "disinterested" parties for an "un biased" paralell count. the final can be retained by the voter.
  • by cnb ( 146606 ) on Monday August 11, 2003 @08:44AM (#6664946)
    India's been using electronic voting since
    years and the next general election will
    be all-electronic with 800,000 electronic
    voting machines.

    http://sify.com/news/politics/fullstory.php?id=1 32 01701
    • by BooRadley ( 3956 ) on Monday August 11, 2003 @09:01AM (#6665071)
      November 5, 2004 Washington:

      In a stunning upset, Indian Prime Minister Shri Atal Bihari Vajpayee has been unanimously elected President of The United States of America. In an interview this morning in New Delhi, President-Elect Vajpayee stated that his first order of business would be to persuade Canadian President-Elect Pervez Musharraf to stand down on his quest for weapons of mass destruction, by force if necessary.
    • by AtariAmarok ( 451306 ) on Monday August 11, 2003 @09:09AM (#6665119)
      In a stunning upset, Apu Nahasapeemapetilon of Springfield, USA has been unanimously elected President of The United States of America. In an interview this morning , President-Elect Nahasapeemapetilon stated that replacing the ATM machine in his Kwik-E-Mart was the best idea he had since deciding to serve green Squishee's.

      Springfield citizen Homer Simpson was asked what he thought of the new voting system, but apparently he entered the Kwik-E-Mart to vote, and then saw the hot-dogs and forgot why he was there in the first place. "Mmmmm. 3 day old frankfurters [drool]" was his only comment.

  • by tigre ( 178245 ) on Monday August 11, 2003 @08:45AM (#6664955)
    If we truly believe that open-source tends to provide better security, we should be developing open-source voting software. I'm sure it would take a while to get much notice from the government, much less "certification", but we could start a grass-roots campaign for adopting it through, say, universities in student body elections (a target screaming for being hacked) or maybe even local elections.
  • by Anonymous Coward on Monday August 11, 2003 @08:48AM (#6664976)
    "The 2000 Florida presidential election showed the shortcomings of the current system."

    The main shortcoming of the system is that it allowed Florida State Supreme Court justices to try and change the election rules after the election occured, and it allowed lawyers to lie in court in a wasteful attempt to overturn the election.

    It works. The only thing we have to accomplish is prevent the sore losers from trying to mess things up.
    • by Anonymous Coward
      Rules are one thing, but when they change the intent of the electorate then something is wrong.
      • by Anonymous Coward
        " Rules are one thing, but when they change the intent of the electorate then something is wrong."

        How do you determine intent? By actual votes, of course. Not stray marks on ballots, or bumped chads.

        Where does it end? "I was disenfranchised. I intended to vote for Nader, but I never got out of the house on Election Day because I had to wait all day for the cable guy who missed his appointment. But I intended to vote for him!!!!"
  • by Creepy Crawler ( 680178 ) on Monday August 11, 2003 @08:51AM (#6664993)
    I dont know why they'd implement a vote DB using Microsoft Abcess. Still, if they REALLY wanted to, they could implement this system.

    1: DB exists with basic vote rules.
    2: User walks up to votebox.
    3: Person hired to do polls check idetity (so that they can legitly vote)- enables 1 session for user
    4: The votes are tallied by unsigned long int incrementation counter for each "Politican". Be aware, the machine knows exactly what this user votes for.
    5: An MD5sum is made for the whole vote session, along with printing the md5 and votes cast on 1 small piece of paper.
    6: The MD5 checksum is stored in concurrent use of the data.

    Some people may think there's a security hazard in step 3-5 as the poll worker can probably see what the MD5sum might be. That could be solved by saying to the user 'press any key at random. this is NOT part of the vote"

    Just an idea.
  • by Malc ( 1751 ) on Monday August 11, 2003 @08:52AM (#6664999)
    ... paper and pen? Put an X or a check by the candidates name. Real paper trails are easier to debug for tampering than the digital equivalent.
    • by lovebyte ( 81275 ) *
      Nothing is wrong with pen & paper. I entirely agree with you there. I think this electronic thing is simply stupid. What's the reason for it? You'll get the results faster. Whoa! Who cares.
      When I lived in the Netherlands, I voted there for the European elections on an electronic machine. I hated it. It left me with a taste of unfinished business. In France, I voted with paper, then in the evening went back to sort and count the votes. It was fun and symbolic of democracy in action.
      • by Malc ( 1751 ) on Monday August 11, 2003 @09:42AM (#6665420)
        1) How fast does it really need to be? Most paper counting can be done by that night, or at least the early hours of the next morning. It allows people to get worked up with anticipation for a while ;)

        2) I agree with your comment about getting people involved with the counting. I've thought of this myself: the more volunteers involved in the counting, the more people who are actually involved with the election. I see involvement like this as a means to help fight increasing voter apathy. In the long run, I think electronic voting will increase voter apathy, and thus decrease democracy.
    • Agreed (Score:3, Insightful)

      by JediTrainer ( 314273 )
      Canada does this. And it works. Perhaps takes a bit longer to report the results, because they all have to be counted by hand, but the system works well. It's also not confusing. No punch outs, no complicated UIs to learn. Simply put a checkmark in the circle next to the candidate's name. Just to make sure, they put an example of what the checked box should look like, right on the top of the ballot.

      All ballots are put in a securely-sealed box, which is opened up in front of officials representing the par
  • by aethelferth ( 686304 ) on Monday August 11, 2003 @08:53AM (#6665008) Journal
    Mercuri's page on e-voting problems: http://www.notablesoftware.com/evote.html

    http://www.scoop.co.nz/mason/stories/HL0308/S00014 .htm

    Computer Voting Expert Ousted From Elections Conference
    Lynn Landes
    freelance journalist
    www.EcoTalk.org

    Denver CO Aug 1 - Dr. Rebecca Mercuri, a leading expert in voting machine security, had her conference credentials revoked by the president of the International Association of Clerks, Records, Election Officials, and Treasurers (IACREOT), Marianne Rickenbach. The annual IACREOT Conference and Trade Show, which showcases election systems to elections officials, is being held at the Adam's Mark Hotel in Denver all this week.

    Mercuri believes that her credentials were revoked because of her position in favor of voter-verified paper ballots for computerized election systems. "I guess in a very troubling way it makes sense that an organization like IACREOT, that supports paperless computerized voting systems, which are secret by their very design, would not want computer experts who disagree with that position at their meetings."

    Dr. Mercuri said that her credentials were approved for the first three days of the conference. She attended meetings of other groups and visited the exhibitors hall. But it was only on Thursday as she sat down to attend her first meeting at the IACREOT that President Marianne Rickenbach took Mercuri out of the room and told her that her credentials were being revoked. Rickenbach said that Mercuri had not filled out the forms correctly. Mercuri protested, but was refused reinstatement.

    David Chaum, the inventor of eCash and a member of Mercuri's 'voter-verified paper ballot' group, had his credentials revoked on the first day of the conference. On the second day his credentials were partially restored. Chaum was allowed to visit the exhibitors hall, but not attend the IACREOT meetings.

    Rickenbach was unavailable for comment as of this report. Mercuri can be reached at the Adam's Mark Hotel through Saturday.

  • by theguru ( 70699 ) on Monday August 11, 2003 @08:54AM (#6665018)
    Let's give the voting machine contracts out to the makers of the slot machines. If anyone knows how to make an electro-mechanical device that is fraud resistant, it's those companies. Plus, just for fun, they could leave the little wheels with pictures of fruit on it. :)
  • Democracy could run under the Slashdot system. Let each of the candidates post a response to the news item "Presidential Election 2004".

    Then, moderate away on each candidate's post. The +5 Interesting ends up in the White House, the -1 Troll can hit the lecture circuit.
  • Why don't they... (Score:4, Insightful)

    by heyitsme ( 472683 ) on Monday August 11, 2003 @09:00AM (#6665062) Homepage
    Print out receipts.

    That way, you vote electronically, you have your receipt, and you throw it in a box before you leave. Random audits of polling stations with those results compared to the receipts.

    Just another failover idea..
  • by wavecoder ( 695422 ) on Monday August 11, 2003 @09:01AM (#6665067) Homepage Journal
    Somebody (cue 200 replies) help me out here: why wouldn't you go open source for something like this? Other than some company with hands in the governer's pockets (and vice versa), I don't know a single good reason to give a private corporation control over the methods used to conduct democratic elections. Hacking and fraud by voters aside, what about fraud by programmers? Debugging tons of code is hard work - stealing an election is just a matter of a couple of "errors" in the right procedure; that 6% difference in a close race (or .2%, as in the last Presidential election) could be made to disappear, with nobody the wiser.

    As for paper audits: if the perpetrators are smart, nobody would ever even suspect that we needed to audit an election...

    My $.02
  • by tundog ( 445786 ) on Monday August 11, 2003 @09:06AM (#6665094) Homepage
    Some enterprising White Hat has to hack one of these machines before election day so that all votes are registered to Alfred E. Newman. Then all we have to do is watch the fireworks.
  • wrong focus ? (Score:4, Insightful)

    by selderrr ( 523988 ) on Monday August 11, 2003 @09:08AM (#6665110) Journal
    IMHO, anyone intending to fraud the elections would be aiming his ammo not at the voring machines, but rather at the counting machines. I can imagine that those are far easier to secure, but it's easier to bribe/bypass/eliminate 5 or 10 security guards at the center of the system rather than a few hundred guards at the leaves of the system... Why doesn't anyone ever question the security of the center of the system ? Especially with the most corrupt people being exactly there...
  • Pen and paper (Score:2, Insightful)

    by ozric99 ( 162412 )
    What's wrong with good old pencil and paper? No issues with 'chads', with electronic tampering, with software backdoors etc. Works fine here in the UK. Yes, I know there are more voters in the US, but surely the relationship or voters to overseers is linear?
  • Why so complicated (Score:5, Insightful)

    by Anonymous Coward on Monday August 11, 2003 @09:14AM (#6665170)
    Why do americans have this obsession about making everything more complicated. If you want a reliable solution to a problem use Occams razor. The simplest solution is usualy the best.
    Voting on paper is cheap, reliable and it's very difficult to commit fraud, (a large number of people has to be involved), if you set it up right.
    • Very true. The question, though, is how to set up effective, mass-scale, voting systems, because counting paper ballots is becoming increasingly difficult. Think what will happen in China and India as democracy develops further and more people vote: we're seriously talking about more than 800 million votes! That's a system that's doomed to break down. In a close election, stealing the race through electronic balloting isn't hard, but it is harder than bribing a couple local officials to change a 5 to a 6, o
    • Because we Americans want it NOW. We want to see the results minutes, not days after the polls close.

      The media feeds the hype by the forcasting the winners by use of exit polls, with scores of pundits discussing the ins and outs of every race. We have come to expect this and a move to return to paper ballots might dampen everyone's 'fun'. A paper ballot that could be reliable scanned, and non-refutable could work, but putting such a system in place has to run the gauntlet of every special interest group n
  • Perhaps... (Score:3, Interesting)

    by executebusiness.com ( 681094 ) on Monday August 11, 2003 @09:16AM (#6665188) Homepage Journal
    ... we have just to develop a better overall system of government selection. Based on credentials and the ability to serve? Based on ethics?

    Perhaps just dump voting for people for voting on policy. With today's tech, there is no reason we couldn't have a system of government that let's everyone have direct say in policy and lawmaking.

    Basically trade a system that doen't work for one that could... for a distributed government system, where voters make policy, instead of corrupt individuals influenced only by money and power.
  • Here's an idea:

    1) Encrypt everything and place everything on a WAN that is not connected to the outside world.

    2) Generate a unique/random PIN for each voter at the moment they walk into the polling station. Lock out that name/SSN from any further votes once a vote has been cast.

    3) Utilize a small in-station camera that can be matched against a vote in case of alledged fraud.

    While I know that item #3 will cause some privacy concerns, all image data could would be removed once the polling station closes.

    Tux
    Check out the great Linux PC I'm selling! [safferconsulting.com]

  • by Anonymous Coward on Monday August 11, 2003 @09:18AM (#6665205)
    The Johns Hopkins study isn't the worst of it. There is apparently a second report by some people who took a more detailed look at how the software stores data. It turns out that the format is MS Access, security is based on obscurity and that audit log entries aren't numbered.

    http://www.equalccw.com/voteprar.html [equalccw.com] has links that go into more detail on this subject.

    Cheers,
    Coward 132-213
  • by sheldon ( 2322 ) on Monday August 11, 2003 @09:22AM (#6665255)
    I'm as much of a technophile as the next guy, but there are still things in this world that require the paper trail.

    One has to ask, what is the problem that we are trying to solve with electronic voting? Is it cost? I don't think so. Elections only happen once a year and the results are far too important to cut costs while lowering quality.

    What we want to do is increase the quality of the elections by assisting the voters in filling out the ballot correctly. With the automated UI the voting results can be checked against business rules... that is, if you're only allowed to vote for two judges then you can only check off two on the ballot, etc. It provides instant instructions and instant feedback.

    But regardless, you need a paper backup to do audits on the election. And most importantly, as we learned in Florida, that ballot must be in a human readable form which can not be easily damaged through normal handling.

    The best solution I've seen suggested is to have an automated UI which queries the voter for responses, but the end result is then printed on a laser printer to a ballot sheet. The ballot sheet lists the names, with markers that are filled in(or line drawn between two arrows) to clearly identify the selections.

    The voter may then review their ballot to insure it is marked as they wished it to be, and if so take it to a secure optical scan machine just like we use today.

    One benefit of this system is that it provides a backup mechanism in the event of failure. That is, if the machines are not working the voter can still cast their ballot with the good old fashioned pencil. The automated UI system is there only as a convenience item.

    Any system which only records results in an electronic manner is subject to corruption. The results have to be on paper for auditing and verification purposes.

    Cost shouldn't be an issue, this is far to important to the stability of our democracy.
    • by ojQj ( 657924 ) on Monday August 11, 2003 @10:22AM (#6665851)
      One important advantage of electronic voting is the ability to eliminate option order advantages. All other things being equal, people have a statistically significant tendency towards choosing certain positions from a ballot. Electronic voting can present the options in a different order for each voter to eliminate the psychological effect of option position.

      I agree with you though that paper's the only way to persist the voter's choice. If speed is so important, we can create a preliminary election result from electronic data. We can even do an automated machine count of the paper ballots. But we still need at least the ability to do a proper hand count of the paper ballots, at least until the technology for pure electronic voting is much more proven than it currently is.

    • What we want to do is increase the quality of the elections by assisting the voters in filling out the ballot correctly. With the automated UI the voting results can be checked against business rules...

      Yes, yes, yes, yes, yes. Electronically, we can present a much better User Interface than the black-and-white paper ballots that have been used for years.

      Apply business rules, e.g. "vote for not more than two"

      Show summary to voter at end of session

      Unlike punchcards, mistakes can be revised without obta

  • by oldstrat ( 87076 ) on Monday August 11, 2003 @09:24AM (#6665274) Journal
    Georgia Secreatary of States Position on H.R. 2239

    Cathy asked that I pass on her message to you. Please do not hesitate to call if I or Cathy can be of any service.

    Ann Rosenthal
    Campaign Director
    404-728-NNNN

    Mx. Xxxxx,

    Thank you for your e-mail regarding proposed H.R. 2239.

    The passage of this legislation would be extremely damaging,
    both to Georgia?s new electronic voting system and to those
    which other states around the country are putting into
    place. The legislation is based on a lack of understanding
    of the operation of our machines and the software which
    supports them. In fact, in discussing this legislation with
    Congresswoman Denise Majette, I suggested that it should
    more accurately be called the Voter Delay and Loss of
    Integrity act.

    After you touch the names of all candidates you wish to vote
    for, the computer itself gives you a summary of your choices
    and enables you to change those choices before you leave the
    voting booth. That summary screen is the opportunity for
    voters to verify their votes, and adding a paper receipt,
    which presumably would be printed out while the voter waits,
    would add delay (as printers are very susceptible to
    breakdowns, paper and ink shortages, and other problems).
    Additionally, after a paper receipt is printed, the voter
    would have no ability to make further changes to their vote
    without a very complicated adjustment to the voting machine,
    which most poll workers would not be well-equipped to
    accomplish. Additionally, placing a paper receipt into a
    voting box or other instrument would add tremendous
    potential for fraud, as pieces of paper have been known to
    disappear from voting boxes in overnight and can otherwise
    be very easily manipulated. Such ease of manipulation does
    not exist with the new voting machines.

    The second primary objection to the proposed legislation in
    H.R. 2239 is that all software used in the voting machines
    would be disclosed and available on the internet, which
    would open up the integrity of our voting systems to every
    interested hacker around the world. Once it is disclosed,
    any hacker, any person interested in manipulating the
    machines, would have access to all of the security built
    into the software code and could then with ease manipulate a
    state or county?s system if they could gain access to the
    equipment. We have the source code available in a secure
    escrow account, and our office can access it any time we
    need to check the integrity of our systems. And each and
    every unit used for voting in Georgia -- more than 22,000
    individual units -- is individually submitted to logic and
    accuracy testing before every election.

    Please do not hesitate to contact me if I can answer any
    additional questions on HR 2239

    Cathy
  • This will be fixed (Score:4, Insightful)

    by onyxruby ( 118189 ) <onyxruby@ c o m c a s t . net> on Monday August 11, 2003 @09:34AM (#6665362)
    This problem will be fixed the day that Al Gore wins a presidential election he didn't run in. Unfortunately I can't see anything short of a non-candidate winning that will get Joe Sixpacks' attention. Nothing short of that will get the kind of public scrutiny needed to make this go away. I don't like it because I view the vote as something sacred, but somebody somewhere is going to do this to make the point. It's fundamentally no different than MS ignoring yet another security flaw and finally an exploit gets released to force them to do so.


    The article talks about one problem that was their 5 years ago and was still there when reviewed. This was claimed to be fixed years and in fact was never fixed. Without open source voting machines, there is no way to gain the absolute confidence of the public, and a hacker somewhere is going to prove my point. You may think the newest version of an operating system is a big target, but it's nothing compared to the vote that decides who runs the worlds lone superpower. The only question is who will get the most votes in 2004, mickey mouse or daffy duck?

  • by mwood ( 25379 ) on Monday August 11, 2003 @10:04AM (#6665643)
    The good old mechanical lever-type machines we had (:-( )in Marion County since time immemorial still look like better security design *and* better user interface design than anything else I've seen, be it paper or electronic. Definite visual and tactile feedback, Braille- and multilingual-capable, no electricity required, no system crashes, no possibility of erroneous multi-marking, and the counters locked inside a steel case -- what more is needed? (Okay the counters could be electronically readable via authenticated secure channel from a central tally office, but what *else* would you have?)
  • by bmasel ( 129946 ) <bmasel&tds,net> on Monday August 11, 2003 @10:10AM (#6665719) Journal

    In January, 2002 the State Elections Board approved two closed source touch screen voting systems, the ES&S Votronic DRE and the GBS Accu-Touch EBS 100 DRE.

    This spring I raised the system integrity issues with the Board, and persuaded them to revoke [state.wi.us] the certifications.


  • by b-baggins ( 610215 ) on Monday August 11, 2003 @10:45AM (#6666083) Journal
    This just goes to show you what you get when you let hysteria drive your decisions.

    Punch card voting machines are very reliable and secure, but because of some whipped up hysteria and misinformation, we're scrapping a perfectly good system for a nightmare boondoggle.
  • by hopeless case ( 49791 ) <christopherlmarshall&gmail,com> on Monday August 11, 2003 @11:03AM (#6666257)
    The article mentions $3.9 billion that was appropriated by the Help America Vote bill, and that Virginia is spending $55 million on 11,000 voting machines, which works out to $5000 per machine. That seems a bit pricey for a computer with a touch screen, doesn't it?

    I assume that the Help America Vote law leaves it up to the states to procure their machines how they see fit.

    How much could it possibly cost for university researchers (like the ones at John's Hopkins) to write an open source system for voting that could run on commodity hardware?

    Perhaps the government should take $10 million of that $3.9 billion, fund the research, and GPL the result. Let the code be vetted in public.

    Am I missing something?

  • I want a receipt (Score:3, Insightful)

    by mwood ( 25379 ) on Monday August 11, 2003 @11:24AM (#6666518)
    If they're going to take my vote down on electrons, I want to get something I can take away which records that vote, so that it can be compared to the official records in case of an investigation. (For that matter, I could authorize an unofficial tally organization to recount my vote -- if enough people did that, irregularities might become apparent.)

    There's lots of technicalities about signatures and timestamps and encryption and such, but the point is that if they're going to take away the property that my vote has a *visible* path through the system and can be *visually* verified and audited at each step in the process, then that's not OK and I want a way to make them prove that the vote tallied for me is the one I cast.
  • by Crolis ( 697068 ) on Monday August 11, 2003 @11:24AM (#6666520)
    I have worked as an Chief Election Officer for the past several years and have a few thoughts on our transistion to the new machines.

    For those who don't vote in Fairfax county, the machines we have been using in most precincts is the Shouptronic 1242, which was phased out last recently due to new voting regulations that stipulated minimum accessibility requirements (for the visually impaired) that the Shouptronic couldn't meet as well as maintenance issues for the aging machines.

    I am certainly wary of the new machines we have coming down for the next election in November, which use the WinVote software and appear physically as large laptops.

    The initial checking in of voters won't change the next time around. They will still have to state their name and current address, be assigned a number (for counting purposes, not associative purposes) and be issued a colored state sealed "machine enterance index card" which is relinquished to the officer supervising the machines themselves before they are allowed access to the machine.

    The new machines use a phone line (modem) to remit results to the registrar and are portable enough to allow us to physically move the machine to the curb to assist physically-challenged voters (curbside voting law).

    The number of conditional paper ballots we'll have to use will be lessened -- a good thing and I see that for the most part it will help in accuracy.

    I see problems in a couple of areas however. Most people vote maybe once every one or two years, so their familiarity with the machines wanes over time. Completely change the machine and there will be a lot of people with a bunch of questions and uncertainty, which will initially present an appearance of confusion (and may be enough to get some lawyers on the case if they see an opportinuity). Secondly, with untested technology, it will be difficult to gauge the number of problems with the machine -- misaligned touch screens, software crashes, static discharge, space aliens, seasoned citizens, ingenious fools, etc.

    In a month or two I'm going to be going back for training on the new equipment. I also believe for those citizens voting in Fairfax county, the Government Center has a sample machine available for those who want to become familiar with it.

    A system for securly transmitting certified results to the county should work well, but I am really concerned with any kind of Internet voting. That's where I believe the greatest potential for fraud exists.

    -Crolis

    P.S. I got a heck of a lot of comments after 2000, since my first name is "Chad". :)

Solutions are obvious if one only has the optical power to observe them over the horizon. -- K.A. Arsdall

Working...