[E-voting] Digital voting fears are grounded in facts
warren at votetrustusa.org
Sun Dec 4 17:47:03 GMT 2005
The article was written by Justin Moore, from the computer science
department of Duke University in North Carolina.
Catherine Ansbro wrote:
> (from BBV admin: I cannot find the author's name in this beautifully
> written article. This piece contains many new analogies and sound
> bytes. Consider borrowing a few jewels from it if you will be speaking
> in public about these machines. I would like to get the name of the
> author, however, so he/she can be credited for this excellent work.
> Anyone know? By the way, the WINvote machines are made by Advanced
> Voting Solutions)
> New River Forum - Sunday, December 04, 2005
> Digital voting fears are grounded in facts
> I wanted to comment on two articles I have seen on your Web site, both
> concerning the WINVote machines specifically and paperless electronic
> voting in general.
> The first, "Voter paper trail might be a blind alley," contains a
> relatively standard defense of paperless machines from Registrar
> Randall Wertz, based on security steps the state and localities take
> against tampering.
> All of these steps are useful and necessary, but in the grand scheme
> they are nothing more than a sugar pill. The software that collects
> and tallies votes is complex, written to meet poor standards and has a
> history of failure. We, as computer scientists, know how to write good
> code -- it runs our airplanes, our pacemakers and our military
> equipment -- but we don't know how to do it on the cheap. Boeing spent
> $2 billion over five years to write the control software for the 777,
> and the final product contains less than one-fourth of the total
> amount of software that runs on your voting machines.
> If airplane code were written to the same standards of reliability as
> voting machines, every day about 10 planes flying out of
> Baltimore/Washington International would experience a software failure
> during flight.
> Testing can only reveal the presence of problems, not their absence.
> Otherwise, automakers and other companies would never have to issue a
> recall; their testing would be sufficient.
> Hacking is not the primary threat. Failure due to an honest mistake
> is, such as the one in the 2004 general election in North Carolina.
> Election officials carried out all the steps Wertz described, but a
> single mistake led to the permanent loss of 4,500 votes, throwing two
> statewide races into disarray for nearly a year.
> "I know we'll always have conspiracy theorists," he said. "They're
> sure the government people are out to get 'em."
> Do these "conspiracy theorists" include the Association for Computing
> Machinery, the largest and most prestigious organization for
> professional computer scientists? The ACM supports strong development
> standards combined with a non-electronic (i.e., paper) record of every
> vote. This position is supported by more than 95 percent of its
> members: www.myacm.org/opinion/poll.cfm
> Again, honest mistakes have been far more damaging than the bogeyman
> of "hackers" that election officials mock and use as a strawman argument.
> The second article, by Dave Price titled "Voters need not fear the
> digital age," contains chest-thumping bluster, but few facts. I -- and
> the other members of the ACM -- do not fear the digital age. We just
> understand the limitations of the technology.
> Price wrote, "I have a degree in information systems management, a
> national certification in computer repair and am fluent in several
> computer programming languages. The one thing I am sure of is that
> once you write a program and extensively test it, as Advanced has
> done, the darn thing works the same way every time."
> For this statement alone, his certificates should be revoked. Program
> correctness depends on how well it was written and if the programmers
> considered every possible event, along with the correct way to
> respond. What if someone mashes the screen too hard and holds his
> finger down? What if the disk is full? Will it tell the voter to come
> back, or will it just throw his vote away? There are literally
> millions of "what ifs," and unless the programmers have the correct
> course of action for each, the machine will fail.
> Price asserted that "Without a connection to the Internet, or a place
> to insert a floppy disk, they can never be subject to the horrors of
> identity theft, Trojan horses or e-mail phishing ... ."
> This statement would be comforting if it had any basis in reality.
> Every WINVote machine has a wireless connection that it uses to get
> ballot layout information and report final results (WIN stands for
> "Wireless Information Network"). A van parked out of sight of election
> officials and protective procedures could connect to these machines,
> or at the very least observe the traffic between them, unnoticed.
> Price referred to a summary screen as a way for voters to check
> accuracy. The machines in Carteret County, N.C., showed that kind of
> screen, too. Right before they discarded the electronic copy because
> there was no room on the hard drive, and flashed a message to the
> voter saying, "Thank you. Your vote has been successfully recorded."
> "No identity theft, no Trojan horses, no e-mail phishing, no fraud. I
> made sure of that," Price wrote.
> It's a relief to know he performed a source-code audit and confirmed
> that the code was written to military standards, checked the audit
> logs and did a forensic analysis on every machine to ensure that no
> tampering or errors occurred, and did extensive usability testing to
> ensure that no voter was confused by the interface on the machine.
> Perhaps Price could share his techniques with the rest of the computer
> science community, which has struggled to understand how to do these
> things in a quick and reliable way for seven decades.
> Unless he didn't do all of those things, in which case this final
> statement is meaningless bluster, akin to kicking a car's tire and --
> assuming it fails to explode -- declaring it a well-engineered piece
> of equipment.
> article: http://www.roanoke.com/news/nrv/columns/forum/wb/wb/xp-43263
>E-voting mailing list
>E-voting at lists.stdlib.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the E-voting