[E-voting] Disinformation about Ireland
cansbro at eircom.net
Fri Mar 24 10:42:48 GMT 2006
Pierre Muller wrote:
>I have to speak in a conference organized by the association of French
>large municipalities. This is our first real public event. Nedap
>importer probably funded the conference. It could be adversarial...
>I remind that Ireland don't want to use Nedap machines as often as I
>can. I am wondering how to contradict some disinformation :
>1) CEV report is empty : I read it (partially yet), and I found a lot of
>precious information in the appendixes. In this list too. I have the answer.
Yes. I think the CEV report added some wimpy statements to make sure
the vendor couldn't sue them. But they comment quite precisely on many
actual and potential defects and security holes. And as we all know,
the most important kinds of testing were never done, and a full range of
options was never considered.
>2) Ireland didn't use the machines because of political fuss/stuff. What
>would you answer ? When did it really become political
My personal viewpoint is that this was never political (objections to
oppose the government), but the government kept framing it as such. It
was more genuinely an objection to the technology itself and to the lack
of security, lack of testing, lack of transparency, and the real threat
to Irish democracy. This was especially ill-advised since we have a
hand-counting system that works well, and that can be closely
scrutinised by average citizens who are not IT experts.
>3) I have noticed a weird marketing : they pretend that their machines
>are not computers (easy to contradict: PTB report mentions a 68000
>processor and a 25000 lines source code). This leads to silly
>declarations from municipalities' election staffs: "these machines are
>secure because there are not computers, but only
>mechanical/electrical/electronic devices" :-D
>I noticed something similar from Liberty (US importer) : "our machines
>are secure because they don't contain software, but only firmware".
If you look at some of the extraordinary developments in the USA (which
I haven't been posting for the simple reason there has been too much
news about it over the last 6 months--but the news is *consistently
unbelievably BAD* about *ALL* the different electronic voting machines,
regardless of manufacturer--there are huge problems--technical,
procedural, lots of signs of possible fraud though of course difficult
or impossible to prove because of how the machines were designed and
lack of access to them to investigate)--/*the firmware is a very
vulnerable point*./ Technical details about this will come out on
blackboxvoting.org in the next 3-7 days.
>Anything similar in Ireland ?
In Ireland they focused the PR on how easy it is to use, how it would
make us look "modern", and give faster results. They repeatedly made
misleading and outright false statements, such as claiming they had been
thoroughly tested by 6 independent companies. (They never mentioned
that the most important security aspects were not tested, e.g. no
penetration threat analysis was carried out, and no end-to-end testing
Note that in Ireland former prime minister Albert Reynolds and several
other prominent political and business figures were on the board of
directors of the company that owned Sequoia. (I think from about 1994
to 1998 approx. when Sequoia was sold.) I think the internal push for
electronic voting occurred at the same time, if I remember correctly the
timelines from some previous news articles. Please correct any errors
in my recall.
Because the very architecture (below the software) of the machines in
the USA is now being revealed to be vulnerable by design, I can't help
but be very suspicious of Sequoia and what Irish government officials
may have learned about the "possibilities" that can be delivered with
electronic voting. It's also possible that it was a naive and
well-intended desire to be "up-to-date" and to present to the world an
impression of a modern, IT-savvy country--however I am increasingly
cynical that such naivete was the real reason for promoting electronic
voting. Also, IT experts raised serious concerns right from the
beginning, but these concerns were consistently ignored.
Some have also mentioned that it may have been motivated by the FF
party's desire to avoid overvotes, which typically cost it many votes
every election because of voters giving FF candidates several #1 votes,
resulting in a spoiled vote. If true, there may have been a political
reason /for the FF-led government/ to insistently push through
electronic voting. However, in my experience, the /opposition/ to
e-voting was /not/ on political grounds at all. I think ICTE members
would agree with me in saying that we'd love to make it easier to avoid
unintentionally spoiled votes, regardless of which party benefits the
most from this--but not at the expense of transparent, accurate,
reliable counting of all our votes.
Some opposers expressed concern that some people might be put off by the
new-fangled machines, and therefore might not vote. But most of the
opposition came about as a result of factual information about the
risks, problems in the pilot that were concealed at the time, lack of
testing, and costs being brought to the attention of the media, all
politicians, and the general public. There were a lot of lively
discussions about this topic on the main radio and television current
Maybe sometime I'll post some of the more recent news from the USA. In
a nutshell--the situation is FAR WORSE than any of the most cynical or
tin-foil-hat folks ever imagined it could be. The limited
investigations that have so far taken place, thanks to two election
officials of integrity in Florida and Utah, has revealed truly shocking
security vulnerabilities. The most recent news involves a vulnerability
that, once a person has 60 seconds access to a machine at any point in
its lifetime, can affect ALL elections for the lifetime of the machine
and be almost impossible to detect or remedy, even if the machine is erased.
And the elections that have taken place on these machines have resulted
in one fiasco after another. (In the last few months there have been
horror stories coming out right across the country. The optical
scanners are as bad as the touchscreens. Ironically, in some states
that have a paper ballot that is scanned, states have actually made it
/illegal/ to hand-count the paper ballots, even in a recount! If this
doesn't raise serious concerns, I don't know what else can. Even VVAT
is /useless/ (or worse than useless since it provides a false sense of
security) if the paper ballots are not kept under carefully documented
chain of custody and hand-counted with multiple observers.
Sorry for such a long response,
>Thanks for your help.
>Just for fun : did anybody notice the "geographical argument" that your
>government recently used (concerning VVAT) ?
>"A spokesman said it was aware of the legal requirements of some
>American states but added: “We are closer to Berlin than Boston..."
More information about the E-voting