Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Security United States

E-Voting Expert Testifies 309

Christopher Soghoian writes "Johns Hopkins University professor Dr. Avi Rubin (of previous e-voting fame) yesterday testified before the Maryland House Ways and Means Committee. An article in the Baltimore Sun describes his testimony, as well as that of the director of the state elections board, Linda Lamone. Mrs. Lamone was highly critical of Dr Rubin's testimony, stating that he was doing 'a great disservice to democracy. They're telling the public: Don't trust them, don't trust the voting equipment.' This begs the question: Is it better for security researchers to avoid publicly criticizing e-voting flaws? Is public faith in the system more important than overall system security?"
This discussion has been archived. No new comments can be posted.

E-Voting Expert Testifies

Comments Filter:
  • Well... (Score:5, Insightful)

    by Pig Hogger ( 10379 ) <.moc.liamg. .ta. .reggoh.gip.> on Saturday November 15, 2003 @12:10PM (#7481543) Journal
    If Lamone is attacking the messenger, rather than the message, she is surely guilty of some flaw...
    • Re:Well... (Score:4, Interesting)

      by scrytch ( 9198 ) <chuck@myrealbox.com> on Saturday November 15, 2003 @01:01PM (#7481813)
      Election commissioners are usually appointed, not elected (funny when you think about it), so I suspect that's going to be one of the last things Lamone says. Rubin's message was well-received, and at least one politician (a republican at that) publically expressed disappointment at the non-response of the election commission.

      Summary: Short Diebold, they're going to lose a lot of contracts.
    • Re:Well... (Score:5, Insightful)

      by t0ny ( 590331 ) on Saturday November 15, 2003 @01:55PM (#7482094)
      Mrs. Lamone was highly critical of Dr Rubin's testimony, stating that he was doing 'a great disservice to democracy. They're telling the public: Don't trust them, don't trust the voting equipment.

      I think Washington really *does* want voting equipment that can be tampered with.

      It seems that their opinion is that democrocy is too important to leave up to the people...

      • Folks,

        _____If public faith is lost, then the system (democracy) fails. System security must always support the public faith in democracy by assuring legitimate, veracious, and verifiable results. It is better that the nation and citizens die or fade into history, then allowing democracy to fail.

        _____A democracy is a nation where the citizens feel individually responsible for deciding their destiny. Corporate, religious, and plutocratic institutions are disenfranchised in a democracy, because of the human
  • by Anonymous Coward on Saturday November 15, 2003 @12:12PM (#7481551)
    The E-Testifying company which handled his testimony, also owned by an E-Voting company, has changed what he said! The testimony now reads "E-Voting is great. We should all move to E-Voting now. I for one welcome our new E-Voting overlords."
  • 1984...? (Score:2, Insightful)

    by binner1 ( 516856 )
    Is public faith in the system more important than overall system security?

    I love the Leader too!

    -Ben
  • by Neophytus ( 642863 ) * on Saturday November 15, 2003 @12:13PM (#7481554)
    Just because a virus sitting in Jane AOL's system sending out spam isn't affecting her business, it doesn't make it OK. If fraud is going to go on next election, as personally I'm sure it will, there need to be huge changes happen before integrety is restored.
  • by Pig Hogger ( 10379 ) <.moc.liamg. .ta. .reggoh.gip.> on Saturday November 15, 2003 @12:14PM (#7481561) Journal
    How can you implement trust in a given system?

    Doubters have to be able to scrutinize the way the system works. So, in order to be trusted by as many people as possible, the system should be understandable by as many people as possible.

    As soon as you have any kind of black box whose functionning cannot either be seen, or plainly understood by people, there is room for doubt.

    This is why a hand-counted, paper-based ballot system is the most trustable one possible: it doesn't take a computer scientist to understand how it works and how it could be rigged.

    • by richg74 ( 650636 ) on Saturday November 15, 2003 @12:33PM (#7481671) Homepage
      This is something I have been arguing since the whole kerfuffle over E-voting began. Any normally intelligent persons can understand the security / threat model for paper ballots and a ballot box. I would be willing to bet that only a tiny minority of election officials -- even those responsible for selecting the machines -- actually understand the model for the electronic device.

      Mrs. Lamone's response is unspeakably condescending, but I think it also unconsciously reveals this: 'please, don't make people ask all these awkward questions about the system -- because I don't know how to answer them.'

    • It is not because you understand something that it's trustworthy.
      It's not because you understand how it can be rigged, that it wil not be rigged.
      Understanding does not exclude fraud.
      Understanding how fraud can be committed does not give the system credibility or trust.
      One does not trust the system, but rather those who implement it. Regardless of the system in use.
      • by B'Trey ( 111263 ) on Saturday November 15, 2003 @01:23PM (#7481940)
        What you're talking about isn't trust. It's faith. And I don't have faith in our system or those who implement it.

      • by JaredOfEuropa ( 526365 ) on Saturday November 15, 2003 @01:48PM (#7482060) Journal
        One does not trust the system, but rather those who implement it. Regardless of the system in use.
        Not regardless of the system in use. As the Dutch saying goes "Trust is good, but control is better". (Control meaning the act of checking and supervising, rather than the act of actively steering). Ask yourself why you trust the people implementing the system. Simple, because you know they are being watched by others. In case of a paper ballot system, it's easy to see that they are being watched by others, ie. by people from the party you happened to vote for. And because the system is so simple, it's also easy to see that it will be very difficult to rig the elections without the watchers knowing it.

        With an electronic system, you have two issues when it comes to trusting the implementers:
        1) Are the implementers being watched at all times? Who can say... remember that you'd have to inspect the code for the machines and also make sure that that exact code is loaded into the voting machines, and not some different version. With such a complex system, even I wouldn't be so sure that all steps in the process, manual or automatic, are under scrutiny of impartial observers (or observers from all parties).... and I'm a techie. Besides, recent news about Diebold does not instill much confidence in the process, now does it?
        2) Even if you somehow ensure that all steps of the software programming, software and machine distribution, machine operation, and the collection of the tallies are all supervised by impartial observers... how can you be sure that they are doing a good job? With such a complex system, it'd be easy for some mistake or intentional hack to pass undetected.
      • In a world that has been shown to have people willing to cheat, the only way to have trust in any system is to have openness. Show me what you've got, don't expect me to believe somebody or thing I don't even know. Show me how it works. Let me take it to my experts, and have them check it for me.

        I favor the paper ballot, as used here in Wisconsin. Here each voting station is just a small folding table with a curtain, and a magic marker. (Very cheap per station, never goes down, never needs a reboot.)

    • As soon as you have any kind of black box whose functionning cannot either be seen, or plainly understood by people, there is room for doubt.

      Yes and No. A high level of understanding by a great number of people could help, but don't forget that many (if not all of us) trust many things to 'black boxes' everyday.

      How does an ATM add and subtract money from my checking account?

      The answer may seem easy, but do I really know the answer?

      Do I know the programming involved in the electronic data transfe

      • by HeyLaughingBoy ( 182206 ) on Saturday November 15, 2003 @02:05PM (#7482143)
        How does an ATM add and subtract money from my checking account?

        The answer may seem easy, but do I really know the answer?

        The fundamental difference between this and a voting system is that if the ATM makes a mistake with my checking account, I will know about it when I balance my statement at the end of the month. If the voting machine decides to change my vote to the candidate I happen to hate the most, I won't have a clue. This is why people have been calling for paper output. Give me a summary of what candidates I selected that I can examine before I press the [submit] key. Then I deposit that into a lockbox as I leave so if there is any question about the vote, it is still possible to go back and do a manual count.
    • Doubters have to be able to scrutinize the way the system works.

      Private citizens are generally not allowed to scrutinize (paper) ballot counting. Normally each candidate can send representatives, but that's all.

      Of course, that situation is still vastly better than the Diebold fiasco, where *nobody* can scrutinize the ballot counting...
    • Linda is nuts. (Score:5, Insightful)

      by twitter ( 104583 ) on Saturday November 15, 2003 @01:38PM (#7482017) Homepage Journal
      The director of the state elections board, Linda Lamone lost my trust when she refused outside help with her voting machines:

      "I don't think Diebold would allow it," she said. "It's their proprietary code."

      Bam, there it is, she's put some kind of faith in IP above her elected duty to safegaurd elections. It's peposterous that elections officials don't have access to the actual method of vote counting and everything else the machines do. With transparancy you don't need faith in a system, you can have reasonable trust that what you saw and know will work.

      Dibold has made themselves a proxy for voting. If you removed the electronic components the flaw becomes apparent. Imagine Dibold hired people to sit in a booth and write down your vote where you could not see what they wrote! After that, the representatives would take the votes in closed bags to a place where they would count them and give the results to the elections commisioners. The electronic system has even larger flaws because it's easier to comprimise thousands of computers than it is to comprimise thousands of people, but no one would trust the low tech analog. Defending faith is such a system over the actual integrity of the system is nuts.

      You can have an electronic system with a publically inspected paper trail. If the system is not free or open it can't be trusted because you don't know how it works. It's that simple.

  • by Locutus ( 9039 ) on Saturday November 15, 2003 @12:14PM (#7481562)
    I think they still do that today and if somebody went public with how stupid this really is, I'm sure they would get the same treatment. Be EDUCATING the public, the politicians feel threatened. They've made clueless decisions and when those decisions are threatened... well, it's just unAmerican( or so THEY say ).

    For the people, by the people... yea, right.

    LoB
  • by s20451 ( 410424 ) on Saturday November 15, 2003 @12:14PM (#7481566) Journal
    Most people, like the poster, incorrectly assume that "begs the question" is the same as "answers the question". This [wsu.edu] describes the proper use of the phrase.
    • Most people, like the poster, incorrectly assume that "begs the question" is the same as "asks the question," not "answers the question," which is still equally wrong.

    • Most people, like the poster, incorrectly assume that "begs the question" is the same as "answers the question".

      I was taught that english rules are determined by usage, not the other way around.

      If most people in the audience think an idomatic expression has a particular meaning,
      then it does have that meaning.

      I've seen "begs the question" used as a replacement for "immediately raises the question with a level of urgency that can't be denied"
      far more often than any other usage.

      English is a living l

      • Actually, I think it is important to speak correctly and correct people when they misuse english. "Begs the question" is actually a technical term in formal logic. It has a special meaning that you should learn before USIBGthe term.

        And "I could care less" is wrong, if you mean "I could NOT care less". I for one, am not going to speak sloppily and stupidly just because there are a large number of idiots in the world.

        • There's a difference between saying "that begs the question of why blah blah blah" and "you're begging the question"

          The latter is declaring a logical fallacy, the former is simply a statement. It's already been established that "begs the question" has a perfectly valid and common definition of "begs", so how can the existence of the other form invalidate the first?

          Finally, your "misuse english" is overstated, at best. The "correct" English you use is only correct because usage has made it so. You are obey
    • Thanks for pointing to that site. I'd never seen "besgs the question" so well explained. I especially like the little picture of the jack ass. It makes me think of people who bray extraniuosly while others around them are trying to have a reasonable discussion about something important. Yeee-Awwww, Yee-Awwwww! You can't spell. Shut up, ass.

      As far as the topic at hand, the poster might have written what they said as:

      I can't fucking believe the Director of the Maryland Elections board would stand befor

    • You know, ordinarly, "English lessons" citing prior comments or even the root comment are typically modded down here on Slashdot. I think it's a shame really.

      There is nothing that makes a person appear more intelligent than the proper use of language. Even though there are times when it's annoying when people make the obvious mistakes such as the inappropriate use of "there," "their" and "they're" I think it is somewhat important that these errors are indicated often enough to teach the Slashdot reading
  • I don't think that I am stepping outside of the "group think" of Slashdot when I say "Secure systems are more secure with open and accessable standards and code which will verify that they are indeed secure". Furthermore, "Security is not inhanced by elimating the freedom of discussion"
  • by Timesprout ( 579035 ) on Saturday November 15, 2003 @12:15PM (#7481572)
    Public faith in the integrity of the electoral system is vital if democracy is to be successful. If one of the vital components of the electoral system is flawed then the public can have no faith and the system cannot work.
  • -50 points
    thank you
    have a nice day
  • The adage "one (wo)man, one vote" is one of the founding principle of any democracy. Similarly "No person, be (s)he so great or so small shall count any more or less than any other."

    With such powerful statements as the above, how can the reliability of the voting system be allowed to be suspect. I can't think of anything more demoralising to a voter than the thought that the "system" might just lose that person's vote. Or make it up. Or get it wrong. Or ...

    You need to have a faith that "the system" works,
  • "Is public faith in the system more important than overall system security?"

    Maybe...since "democracy" is an illusion anyway, maintained by those with power to give those without power the illusion (or delusion) that they actually have a say in what goes on...basically to keep them pacified. Maintaining that illusion better suits democracy's real purpose more so than blowing the whistle on technical voting "irregularities". Make no mistake: Those irregularities, coupled with influence peddling and all
  • Uhhhh... (Score:5, Insightful)

    by jeffkjo1 ( 663413 ) on Saturday November 15, 2003 @12:20PM (#7481598) Homepage
    Is it better for security researchers to avoid publicly criticizing e-voting flaws? Is public faith in the system more important than overall system security?"

    Is this a trick question? Is Slashdot being controlled by e-voting Nazi's who hope to find out those that are skeptical so they can come to their houses and force feed them e-voting propaganda?
    Oh well, the answer is NO!!! Security through obscurity DOES NOT WORK!!!
    • The issue isn't about security through obscurity. I think everyone agrees that the system should be secure by design (although people seem to disagree about what constitutes secure design). The issue is whether a widespread public perception of the flaws of the system would damage people's faith in the system, thereby decreasing voter turnout.

      While I think this should be a concern, I really don't think that we are at the point of these e-voting articles actually having a negative effect on the number o
  • by ptaff ( 165113 ) on Saturday November 15, 2003 @12:20PM (#7481601) Homepage
    They're telling the public: Don't trust them, don't trust the voting equipment.

    Is public faith in the system more important than overall system security?

    The trouble is with that 5-letter word: faith. Anything that handles data in an obscure way (read closed-source) relies on user's faith.

    Anytime you start a closed-source program, faith in the coders/packagers is what makes you believe that nothing will go wrong. You can't double-check anything; if source is available, you don't need faith: just read the code. I guess for the majority it's the same: they don't understand so they must have faith in those who do.

    But I feel it's just like a car: most people don't understand the inner workings - but they wouldn't buy one on which the hood is sealed.

    • The trouble is with that 5-letter word: faith. Anything that handles data in an obscure way (read closed-source) relies on user's faith.

      Take the position of joe average. You get your hands on the source code. Do you think it is NOT obscure?

      E-voting should fail because it cannot be directly trusted or checked by majority or even a large minority. Would you trust your vote on the exclusive hands on $profession that has agendas and attitudes that are easy to see? If not, why would you require it from everyo
  • This begs the question: Is it better for security researchers to avoid publicly criticizing e-voting flaws? Is public faith in the system more important than overall system security?

    Is this really a question that needs to be asked? Are you asking that for the sake of democracy, is it better if the people don't know everything? At first I thought this question was ironically posed, but now I'm fearing that it's not.

    I really don't see why in the world the people responsible would want to shush the research
  • Disservice? (Score:3, Insightful)

    by nsxdavid ( 254126 ) * <dw@plaOOOy.net minus threevowels> on Saturday November 15, 2003 @12:23PM (#7481609) Homepage
    How in the world can you do a disservice to democracy by highlighting a new voting technqiue that is plauged by insecurity and potential for fraud? In fact, what he is doing more service to democracy than anyone alive. It's the people who think their jobs are on the line for some questionable calls that are doing democracy a disservice. With all due respect to their opinion, I don't really care if this makes some election official look bad. Perhaps the professor should be heard and the problems he highlights investigated. A lot of this technical stuff is not all that subjective. Here's an idea, have Cusomer Reports subject the e-voting machines to their usual array of scrutiny (they'll need experts of course). That sounds fun. :)
  • by Ungrounded Lightning ( 62228 ) on Saturday November 15, 2003 @12:24PM (#7481617) Journal
    Mrs. Lamone was highly critical of Dr Rubin's testimony, stating that he was doing 'a great disservice to democracy. They're telling the public: Don't trust them, don't trust the voting equipment.'

    "Ignore that man behind the curtain."

    (Or should that be "Ignore the guys sneaking up behind you with the net."?)

    Yes, they're telling the public to distrust the voting machines. And in the short run that may destabilize the nation - slightly.

    But distrust of something untrustworthy is appropriate - especially when letting it be corrupted can literally lead to tyrrany and war, while FIXING it so that it is verifiably trustworthy is trivial.

    Of course that means the decisions of Mrs. Lamone's department (no doubt those of Mrs. Lamone) might be criticised, and her state be required to spend more money to upgrade or replace the devices they selected. Bad for her carreer path, eh?
  • by salesgeek ( 263995 ) on Saturday November 15, 2003 @12:26PM (#7481623) Homepage
    This begs the question: Is it better for security researchers to avoid publicly criticizing e-voting flaws?

    The answer is pretty straightforward: NO. Security researchers and other whistle blowers serve a valuable role in public. This isn't even an interesting question. A more suitable qustion for discussion is:

    * Why is the incumbent party in power supporting untrustworthy voting machines?

    * Why would someone oppose a simple request for accountability being built in to our democratic process?

    * How is it so difficult to see there is an opportunity to create the worlds possibly first trustworthy election system? All we need is a paper backup...
    • Q: * Why is the incumbent party in power supporting untrustworthy voting machines?

      Q: Why isn't the opposition party making more of a stink about these untrustworthy machines?

      A: They're both clueless.
      Alternate answer: They're both looking at how to rig future elections in their favor with these incredibly flawed systems.
      • A: They're both clueless.
        Alternate answer: They're both looking at how to rig future elections in their favor with these incredibly flawed systems.


        Or, perhaps more likely, one is clueless and the other is looking at how to rig elections. Why you think both parties see this issue the same way is beyond me, and not terribly logical. While the parties in the U.S. often want the same things, they often want them for different reasons.
        • Why you think both parties see this issue the same way is beyond me, and not terribly logical.

          Both parties do want the same thing. They want to win. Anything else comes after that.
  • Mr Rubin or Ms Lemone?

    Ok, now that we have that settled, this woman has no idea what she's talking about and yet she's running the system. This is one of the MAJOR problems with e-voting. Everyone running the show has absolutely no clue. This makes it ripe for fraud and abuse.

    I say we go back to a form of voting that even a five year old can understand - paper and pencil... or paper and crayon... because five year olds like crayons.

    Remember, when dealing with children -- Keep it simple.
  • This begs the question: Is it better for security researchers to avoid publicly criticizing e-voting flaws? Is public faith in the system more important than overall system security?

    Obviously, for e-voting to function, there can't be any suggestion of fallibility. After all, what good is a voting system that instills doubt? It may be reasonable, but it's still doubt.

  • by blair1q ( 305137 ) on Saturday November 15, 2003 @12:28PM (#7481634) Journal
    There's no reason not to perform an ordinary round of safety and reliability testing on this system. It's obvious they did nothing other than casual alpha and beta testing, with no code inspection, no robustness, no structural coverage, and no documentation of faults.

    They don't even follow the laws when taking machines out of service to be repaired at the polls.

    It's not worth discussing the merits of the current machines. They have none.
  • by thelenm ( 213782 ) <mthelen@gmai l . com> on Saturday November 15, 2003 @12:29PM (#7481638) Homepage Journal
    Probably the best quote from the whole article: "I thought he was far more credible than I thought."
  • Trust by Obscurity will never work to convince people with a background in computers. However, it is sad that people can argue about "hanging chads" but seem to trust that computers are impartial and never wrong.

    Then again if we inform people that even discounting corruption and other problems, that a simple "off by one" error can greatly change the results they may never trust us, the computer development community, to do anything significant again.

    All said and done though, since this seems to be a Rep
  • Ok, i'll bite..

    Just how, exactly, does one become an "e-Voting expert"?

    "Yes, your Honor, I have 3 years experience in the field of poking. I was a Poking major in college, and belong to a number of internationally-recognized poking, pointing and clicking consortiums. During my years at McDonalds, I logged a total of over 40 hours a week poking screens for nearly two years before leaving to pursue other career opportunities (fry clerk)."

    WTF?

    • I'm gonna go out on a not-too-long limb and say that he's a 'e-voting' expert because he's done, written, and published investigations on electronic ourvoting techniques, devices, and related technology in the past.

      Your welcome in advance for leading you to such a huge stretch of understanding and logic.
  • by unassimilatible ( 225662 ) on Saturday November 15, 2003 @12:36PM (#7481686) Journal
    a great disservice to democracy. Now they are trying to improve on punchcards, and that's a disservice.

    Will the argument go:

    2000 - "Bush stole the election with punchcards. The people need e-voting!"

    2004 - "Bush stole the election with e-voting. The people need punchcards!"

    You know people, e-voting might not be foolproof, but punchcards are easier to hack. Any al Qaeda can walk into a DMV in California and ask for a voter's registration card, and voila!

    Hacked.
    • I think what I'm starting to see is that - at least in the case of voting, low-tech is the only solution.

      Punch cards have problems, OCR has problems, touch screens have problems.

      Pen and paper? No problems.

      Plus, it's cheap.
  • by rknop ( 240417 ) on Saturday November 15, 2003 @12:36PM (#7481689) Homepage

    Public faith is important. The first step to that faith is a system which deserves it.

    -Rob

  • Not that I'm advocating it, but I see a lot of people getting very angry about this issue. I can see this debate getting to the point where some group of angry citizens finds a way to disable or mess up the voting machines. Might be as simple as going into the booths and smashing the touch screens or better yet, something more clever, such as a hack that puts up Abe Lincoln as a candidate or something.

    I can see the irony of all e-voting machines being technically disabled and people actually having to vo
    • Bad idea. Under post-9/11 laws, that could get you declared a terrorist and we know what happens then. I wouldn't trust our current government to understand the difference between civil disobedience and malicious tampering.
  • Is public faith in the system more important than overall system security?

    Faith is completely unimportant. Trust, on the other hand, is incredibly important. Faith is blind trust which is only important when the belief is not verifiable (think religion...you can't prove god exists, but you could have faith that he does.) Since e-voting is, at least, somewhat verifiable, faith shouldn't apply.

    As the saying goes, "trust is earned." The only way to earn trust is to answer your detractors arguments to pr
  • Democracy depends upon the trust of the people who matter that their concerns are going to fairly represented. Voting is one way that concerns are represented. As long as voting appears to be fair, then democracy can function.

    Which is the argument against security researchers publicizing problems in any voting system. This is especially true if the new voting system is at least as fair and secure as the system to be replaced.

    However, the standards for 'fairness' are increasingly strict. Many in the

  • False Choices (Score:2, Insightful)

    by Doc Ruby ( 173196 )
    Is public faith in the system more important than overall system security?

    The most important aspect of the public's relationship to voting is trust. Universal suffrage does not employ all the people in choosing our leaders because "100 million heads are better than one". To the contrary, "None of us is as dumb as all of us". Voting is a method of demonstrating consensus of the governed, so it's easier for us to accept the elected. With the beating administered to their constituents' trust by politicians e
  • Disclosure: I'm a precinct poll-worker.

    I find myself more and more irritated with the idea that, even if a system is approved, then I would still be forced to use it. Seems to me that's not in the best interests of democracy. If I went into the polls one day, saw the machines, I should be able to say "to hell with them...I'll just write my votes on a ballot and give it you people."

    I say that one way to improve the system is to lobby state legislatures for the ability to opt-out from using the machines and
  • Security, as most geeks know it, is an issue, but it's an issue because it speaks to a much larger concern: the overall integrity of the system- it is this trait that should worry anyone interested in maintaining a democratic form of government. In other words, it's not that the system is insecure, it's that it's lack of security, in addition to the lack of controls over modifications to the software, hardware maintenance/administration, etc., poses a substantial threat to the integrity of the voting proces
  • Consider this: If the American people are so blind as to ignore the obvious problems with these e-voting machines, then they DESERVE whatever form of government corruption they end up with. We have a valuable lesson to be learned here. Fox news is beginning to pick up on this. Lets hope that the media bcomes quite loud in the coming months about the discrepancies and the "changes" made to these machines during and immediately after some recent elections. If these machines could be hacked, or changed, then I
    • If the American people are so blind as to ignore the obvious problems with these e-voting machines, then they DESERVE whatever form of government corruption they end up with

      I agree with the rest of your comments but not your opening statement, and I'm not even American.

      If it was some backwater country that had little ability to affect its neighbours, and the people's apathy let a tyrant get into power, who then screwed over the people, that's another story.

      But like it or not, the US is one of the bigg

  • "I think they're doing a great disservice to democracy," she said. "They're telling the public: Don't trust them, don't trust the voting equipment."

    Sounds like the sort of thing dictators say when making an example out of someone eg. "he's an enemy of the people, he would kill your baby in the blink of an eye, would you actually trust a man like this that kills babys?" Then again there was the whole communist thing "hes a commie burn him" and the un-american thing "you are an un-american and im gonna call
  • Anyone who wants public faith in the voting system over accuracy and security is opening the door to election fraud. Unfortunately for them, contempt levels with the government are so high right now (especially after Dubya's little fib about WMD in Iraq) that we don't trust anything they say. Stop lying to the people and they'll trust you. Until then, we'll continue to ask questions to make sure we're getting a fair deal and not a rigged election (well, they're all pretty much rigged anyway with party-based
  • ...in the interest of Democracy, we should continue being critical of E-Voting machines until we know exactly how they work (open source).

    Saying it is un-American to be critical of the American government is un-American. To ask others to be critical as well is really, really un-American.

  • Here's part of a presentation to a county in New mexico which is considering Sequia systems If you aren't up to date on the controversy over so called "black box voting" here's just a few recent articles to give you a flavor about what is being said in the media: http://www.wired.com/news/politics/0,1283,61068,0 0 .html?tw=wn_tophead_5 http://www.nzherald.co.nz/storydisplay.cfm?storyID =3529556&thesection=news&thesubsection=wor ld http://www.wired.com/news/print/0,1294,61045,00.ht ml http
    • If you aren't up to date on the controversy over so called "black box voting" here's just a few recent articles to give you a flavor about what is being said in the media:

      http://www.wired.com/news/politics/0,1283,61068 , 00 .html?tw=wn_tophead_5

      http://www.nzherald.co.nz/storydisplay.cfm?story ID =3529556&thesection=news&thesubsection=wor ld

      http://www.wired.com/news/print/0,1294,61045,00. ht ml

      http://www.washingtonpost.com/ac2/wp-dyn/A1397-2 00 3Nov5?language=printer

      Why there is no need to rush

      T
  • I think, one of the most important safeguards in voting is the possibility to audit and correct the results many times over by many "auditors" (e.g. people and processes who re-count). Paper and pencil in connection with proper processes represent technology/methodology with these characteristics. Good electoral processes include a certain amount of re-counting already in the original count. More than one person looks at each ballot and agreement on the intent of the vote has to be there. If an entire elect
  • "This begs the question: Is it better for security researchers to avoid publicly criticizing e-voting flaws? Is public faith in the system more important than overall system security?"

    This alone should be sufficient to overturn the DMCA and other laws of this nature. Basically forcing people to keep silent rather than voice concerns over issues we are facing. Reminds me of a Babylon 5 episode where Sheridan was appointed a political officer. She made a couple comments which are frightening.

    "Of course w
  • Many vendors have ignored security problems in the past. One result of that is that security activists have wrestled with the idea of whether or not it's ethical to publish exploits. If you publish the exploit, people will get hacked. But it usually forces the vendor to take responsibility.

    Right now, these election commissioners are taking the same ostrich approach to security. They refuse to deal with a real problem, and they attack people who point out that the problem exists.

    Would it be ethical to
  • "I've said it before and I'll say it again: democracy simply doesn't work." - Kent Brockman

    Clearly there is a PAC driven talking points campaign to vilify anyone who points out the man behind the curtain. This seems to be coming from The Election Center (www.electioncenter.org) a front group for Diebold that's positioned itself as expert on the subject and is distributing white papers that get picked up verbatim by other organizations in an attempt to manufacture astroturf support for DREs.

    These document
  • Faith in the system is based on its security, accuracy, and anonymity of votes cast.

    If it's a black box, has no paper trail, and is manufactured by a company whose president has close ties to a sitting administration AND is a major contributor to the administration AND has promised to deliver votes to that administration AND a company that has an abysmal security record then how in the hell can you trust any election run on their voting platform?

    Shooting the messenger isn't going to fix the problems, nor

  • by GooberToo ( 74388 ) on Saturday November 15, 2003 @01:35PM (#7482006)
    This begs the question: Is it better for security researchers to avoid publicly criticizing e-voting flaws? Is public faith in the system more important than overall system security?"

    Of course not. If they fix security, faith will follow. It really is that simple. This is like leaving your front door wide open while you go on holiday and then being upset when people worry that their house will be robbed while they are gone. Secure the door well and people will feel better. It really is that simple.

    In a nut shell, it's Linda Lamone that's doing a great disservice to democracy, technology, and the people that elected and/or hired her to do what's best for the people in her distirct(s). I can't think of anything more un-American that ensuring democracy is easily manipulated and faith in the results is shaken. She needs to be beaten with a stick and replaced. She is either incompetent or actively wants a mechanism to minipulate election results.

  • Electronic voting is coming, and its not going to go away. It certainly does have the ability, if done properly, to make elections far more accurate and fair.

    However, the current election board members nationwide are generally clueless about computer security and why a closed system is bad as opposed to open, publically audited one. They don't have the knowledge or expertise to make a good decision regarding this.

    This is a excellent chance for you, slashdotters, to get involved with your community and d
  • Del. Jean Cryor, a Montgomery County Republican, said she came to the briefing thinking Rubin would be a "smart aleck."

    Is this where we're at now? Anyone who criticizes the official line is a "smart aleck" who should be disregarded before even listening to what they have to say?

    If a Ph.D. from Johns Hopkins gets this kind of treatment from the "we know better than you" legislators, how much influence do you think you and I have when we send our handy little emails to our elected officials?

    Why is ther

    • Calling Avi Rubin a "smart aleck" after he criticizes e-voting machines is like saying the AMA is a bunch of smart alecks when they decry smoking as cancer-causing. We don't have a 'Security General' like we have a Surgeon General, but if we did, Rubin would be qualified by the job -- and only one of a handful of people I'd want to see in it.

      This has really gone from, "Wow, what is that crazy county thinking?" when they selected Diebold e-Tyranny systems to absolute insanity. After so many major vulnerabil
  • the academic wouldn't be making a career for himself by saying that "everything is just fine." While i'm not saying that this /is/ the case, one must not forget that each side potentially has motivations beyond simple reporting of fact.
  • Del. Jean Cryor, a Montgomery County Republican, said she came to the briefing thinking Rubin would be a "smart aleck." "I thought he was far more credible than I thought," she said.

    Well, I thought I thought he was better than I thought you thought. So there.

  • Vote Manipulation (Score:2, Interesting)

    by BelugaParty ( 684507 )
    I understand the concern about e-voting, as a US citizen, I do feel that my vote should count. However, it doesn't. Because it isn't a representative vote. If 60 percent of the country votes for 2 candidates that have leftist views, but neither of them get a majority, the remaining 40 percent (the minority) of the country has an administration in power. Interesting, eh?
    I find this disturbing. But thats just one way of vote manipulation. Others include: blatant lies during campaigns, smear campaigns
  • So why is Linda Lamone so attached to the Diebold implementation of e-voting? I hope that if she is found to be on the Diebold payroll in any way that she does some jail time. My assumption is that her payoff will come in the form of an overpaid consulting job for Diebold because of her experience as an election official and early adoption of an e-voting system - I really hope she is not allowed to accept a payoff in that form.
  • So, where are the open-source alternatives ? I would have thought that there we enough open-source contributors and security experts worried enough about these closed-source products to start an open-source project to do the same thing. An enterprising touch-screen systems intergrator could take this to the market as fully independently audited by the community, and probably undercut Diebold etc in the credibility stakes.

  • How can anyone warning of voting machine flaws be doing a disservice to democracy? The US election system is already flawed, buggy voting hardware is the last thing you need.
  • This begs the question: Is it better for security researchers to avoid publicly criticizing e-voting flaws? Is public faith in the system more important than overall system security?

    See, this is exactly my argument about my paying my taxes. They shouldn't go checking up to see if people have paid or not. It just undermines confidence in society, and without that where are we. I mean people are basically honest and trustworthy, yeah?

    Yeah, right. I can't see them buying that one.

    So if the poli

  • I think the solution could be like this:
    1 Find a security flaw
    2 Keep it secret until next elections.
    3 Exploit it to promote a candidate that was without chance. Just make some really mad wacko win.
    4 Leave the note on the machines: "Go opensource or your candidates never win".
    5 Vanish until next elections.

    No matter if they cancel the results, if they investigate, if they say you're a terrorist or whatever, they will just HAVE to make the process secure. Simply the public will NOT allow them to go on with s
  • by vidarh ( 309115 ) <vidar@hokstad.com> on Saturday November 15, 2003 @02:22PM (#7482240) Homepage Journal
    ... if you want to sell votes.

    The biggest problem with these systems being closed is that as long as large number of machines are being purchased from the same vendor, and the number of vendors are small, there's now a trivial way of fixing the elections.

    A little trivia: We know the security at Diebold is ridiculous as is. But let's say they do code reviews. Lets say check ins are monitored.

    Heck, maybe they even open source the system.

    Then it would be safe, wouldn't it?

    WRONG

    Without an audit trail in physical form, verified by the voter, these systems will NEVER be safe.

    Consider this little todo list if you decide that voting fraud would be an interesting career choice:

    • On their build machines, replace the compiler binary with a compiler modified to inject malicious code when it detects a pattern present in the voting system source. (this is a computer science classic, and can be strengthened by making the compiler detect the compiler source as well, and modify the generated binary so that any compiler rebuild won't remove your code and won't differ from the one you planted)
    • Place a cron job that regularly patch built binaries with one with malicious code inserted
    • Install an extra component in the device that will modify the data fed back from the voting terminals to their database servers
    • Make any code changes you do trigger only on specific dates, or on other conditions that makes it unlikely to be a certification test
    • "Fix" their production line so that the software image placed on the voting machines differ from the one built, for instance mess with the BIOS / boot flash or other place you can place code that is unlikely to be verified.
    • Insert a little hardware device that let you inject wrong data from the touch screen interface remotely.
    • Find a good justification for partitioning voting data in a specific way in memory, and make sure the hardware design is adjusted so that the memory chips are spread nicely out over the design. Now, in the shipped units, short circuit a suitable set of pins on the right memory chips, or perhaps ensure they will be short circuited if something specific is done. Insta-vote-wipe...

    The list of fun stuff to try would be endless.

    Creating a paper audit trail is cheap, compared to verifying the hardware design (of the actually delivered boxes, not of what was supposed to be manufactured), verifying the binary images of all the software actually on the delivered boxes, INCLUDING BIOS, drivers, microcode on any "interesting" chips in the system (it would not be surprising if the touch screen had a programmable CPU on it, for instance - after all the good old Amiga keyboard had an embedded CPU with on chip RAM and ROM and a 6502 compatible instruction set - all you'd need to modify the data stream), and how it all works together (see the memory arrangment suggestion).

    Seemingly innocent changes to various parts of the system might have distasterous effects once they are combined.

    Without an audit trail you will NEVER, EVER have a reliable, safe, tamper proof system - electronic solutions are simply too complex to prevent someone from finding comparatively easy exploits.

  • what a question! (Score:4, Insightful)

    by samantha ( 68231 ) * on Saturday November 15, 2003 @02:47PM (#7482359) Homepage
    "Is public faith in the system more important than system security?" Why on earth would any rational person ask such a thing? In a democracy the accuracy and integrity of elections are paramount. All the "faith" in the world counts for zip if the elections are rigged or so incompetently run that the results cannot be trusted. Should the truth about possibly dangerously skewed election results be suppressed in a free country? Again, this is a stupid question. Freedom is about NOT suppressing the truth, especially when it comes to the direct exercise of that freedom.
  • by quantaman ( 517394 ) on Saturday November 15, 2003 @03:08PM (#7482467)
    Is it better for security researchers to avoid publicly criticizing e-voting flaws? Is public faith in the system more important than overall system security?"

    Ummm. No. An educated public is one of the foundations of democracy, withholding information about vital flaws to the election system for the mere purpose of public faith is precisely contrary to this goal! Of course this should be disclosed, withholding this information cannot have any benefit to the public and can only lead us to a situation were these inexcusable flaws will be forgotten.
  • This needs to be a very much past due wake up call for people (read taxpayers) in Maryland. We've had our collective pockets picked time and time and time again by totally inept state procurement processes when it comes to information systems. I started to cite examples in this reply and realized that it would soon become article-length. But I am thinking of school systems and our motor vechicle administration among others. Our records weren't even protected from August's virus onslaught.

    It's time to make the fraud potential of these voting systems known to the general taxpaying public--in Maryland as well as in other places. We just have the misfortune to have feather merchants in charge of most IT here where we need smart, tough-minded computer people who know how to ask the right questions and to make themselves heard by the pols.

    I have no clue what I can do as an individual, but I'm going to start by assembling what I've read here on /. (especially the comments) into a letter to the editor of the Baltimore "Sun." There are good technology companies here, and there are good people working in them. Perhaps if a few more of us did the same, it might attract the bloodhound interests of whoever's in charge at the Sunpapers these days.

    Also, and on another topic: JUST BECAUSE ADOBE DECIDES TO USE ATROCIOUS GRAMMAR IN ONE OF THEIR ADS DOESN'T MEAN YOU SHOULD. PLEASE GO LOOK UP THE DEFINITION OF "TO BEG THE QUESTION." (sorry).

    Anne
  • Sue the state? (Score:5, Interesting)

    by theolein ( 316044 ) on Saturday November 15, 2003 @03:42PM (#7482647) Journal
    I was under the impression that one could practically sue for almost anything in the US. Would it not be possible for someone to start a class action suit against the state election commission for willfully damaging the saftey of the democratic process in that state (MD)?
  • by Sam Nitzberg ( 242911 ) on Saturday November 15, 2003 @06:31PM (#7483436)
    I like computers and technology - I really do.

    However, unless computers will do a job better than previous methods, they shouldn't be used.

    Voting systems are what I would have to call mission-critical systems. They should have all the rigor, analysis, and verifiability that can be brought-to-bear towards making systems accurate and robust. They should be very formally designed and tested, and placed under the most rigorous configuration management and control.

    Why these sytems aren't being built (or required) to undergo what would have even been considered best-practices in the 1970s or 1980s eludes me. I consider the lure of the technology, coupled with a general apathy towards the genuine intracacies and consequences of failure, to be a big part of the problem.

    There should be damned strong requirements on how any system used in any governmental election are designed, proven, built, etc... I would actually want to start with proven security/OS kernels in any such designs. This machine does not even have to be based on a commercially available OS platform - it has to perform a specific type of task very reliably.

    Sam Nitzberg
    http://www.iamsam.com
  • by Featureless ( 599963 ) on Saturday November 15, 2003 @07:42PM (#7483731) Journal
    "Is public faith in the system more important than overall system security?"

    A high-school educated adult can actually ask this question in seriousness?

    Man the rockets. It's time to abandon the planet.

    --

    As an aside, I am desperately trying to find any sources not employed or otherwise funded by a voting machine company - think respected professors, prominent scientists, engineers, heads of standards bodies or trade groups - who will go on record saying that it's OK to skip per-vote paper records.

    I have been searching off and on; I can't find a single credible expert who will say electronic voting without paper records is a good idea. Not one. In fact, even slashdot trolls devil-advocating the issue are rare. All I have found so far, from Harvard, Princeton and M.I.T., to the ACM, to acquiantances with the appropriate background, is 100% uniform agreement that per-vote paper records are absolutely necessary for the system to be trusted.

    Do they even have a single person to trot out, to give them even a thin film of legitimacy? Or is actually true that every relevant expert is uniformly condemning these paperless systems? Are states across the nation actually adopting voting systems in opposition to every known academic standard?

    You know, once upon a time, quite a long, long time ago now, in a very different age, people put their faith in things BECAUSE THEY WERE ACTUALLY SECURE.

Over the shoulder supervision is more a need of the manager than the programming task.

Working...