[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
New Open Voting Consortium FAQ
The Open Voting Consortium now has a nice FAQ. Here is a pointer and
a few excerpts. The first one in particular ("Why are people
concerned") is a source of good language describing the special
security requirements of voting equipment.
I've also included their definition and the FEC definition of
"DRE", a term which often leads to subtle confusions.
Cheers,
Neal McBurnett http://bcn.boulder.co.us/~neal/
Signed and/or sealed mail encouraged. GPG/PGP Keyid: 2C9EBA60
http://www.openvotingconsortium.org/faqs.htm
9. Why are people concerned?
Voting is the foundation of democratic systems, whether those be
direct or representative systems. There is no shortage of
historical anecdotes of attempts to undermine the integrity of
electoral systems. The paper and mechanical systems we use today,
although far from perfect, are built upon literally hundreds of
years of actual experience.
There is immense pressure to replace our "dated" paper and
mechanical systems with computerized systems. There are many
reasons why such systems are attractive. These reasons include,
cost, speed of voting and tabulation, elimination of ambiguity
from things like "hanging chads", and a belated recognition that
many of our traditional systems are not well suited for use by
citizens with physical impairments.
Many of us today have come to trust many of our financial
transactions to ATM (automatic teller machines). The push for
electronic voting machines has been a beneficiary of that faith in
ATMs. However, we are starting to learn that that faith is
unwarranted.
First of all, ATM machines do fail and are often attacked. Those
who operate ATM's usually consider the loss rate to be a
proprietary secret. Banks are well versed in the actuarial arts
and they build into their financial plans various means to cover
the losses that do occur. In more crude terms, it's only money.
Voting machines carry a more precious burden - there is no way to
buy insurance or to set aside a contingency fund to replace a
broken or tampered election.
There are several areas of concern regarding the new generation of
computerized voting machines:
+ No means for the voter to verify that his/her votes have been
tallied properly.
+ No means outside of the memories of the voting machines
themselves to audit or recount the votes.
+ Lack of ability to audit the quality of the software.
Fortunately the widespread belief that "computers are always
right" is fading. Our individual experiences with buggy
software on personal computers and consumer products (e.g.
the BMW 745i), software errors by even the best-of-the-best
(e.g. NASA and the loss of the Mars Climate Orbiter), and the
possibility that intentional software bugs can be hidden so
deeply as to be virtually invisible (Ken Thompson's famous
1984 paper - [15]Reflections on Trusting Trust) have all
combined to teach us that software
+ Vulnerability of the machines or of their supporting
infrastructures to intentional attack or inadvertent errors.
The companies that product voting machines have poured gasoline
onto the smoldering embers of concern. Some of these products are
built on Microsoft operating systems - operating systems that have
a well earned reputation for being penetrable and insecure. And
virtually all of these companies claim that their systems are full
of trade secrets and proprietary information and that, as a
consequence, their internal workings may not be inspected by the
public. In addition, these companies have frequently displayed a
degree of disdain (in some cases disdain that takes the form of
lawsuits) against those who are concerned about the integrity of
these products. And finally, these companies have themselves have
frequently demonstrated an appalling lack of sophistication
regarding the protection of their systems, procedures, and
corporate computer systems. There is a widespread perception that
these companies are more concerned about profits than about
elections.
11. DRE or Direct Recording Electronic: A DRE is an integrated
electronic voting machine. DRE's contain all voting functions -
from presentation of the choices to the voter to collection,
recording, and counting of the voters' choices.
The [19]United States Federal Election Commission [20]defines DRE
as:
The most recent configuration in the evolution of voting
systems are known as direct recording electronic, or
DREs. They are an electronic implementation of the old
mechanical lever systems. As with the lever machines,
there is no ballot; the possible choices are visible to
the voter on the front of the machine. The voter directly
enters choices into electronic storage with the use of a
touch-screen, push-buttons, or similar device. An
alphabetic keyboard is often provided with the entry
device to allow for the possibility of write-in votes.
The voters choices are stored in these machines via a
memory cartridge, diskette or smart-card and added to the
choices of all other voters.
In 1996, 7.7% of the registered voters in the United
States used some type of direct recording electronic
voting system.
Some jurisdictions use the term DRE in slightly different ways.
Note that DRE's are a essentially "black boxes" - the voters input
their choices and the final tally pops out the of the DRE at the
end of the day.
A lot of controversy has been raised about the trustworthiness of
DREs. Because DRE's are computers that combine all aspects of
the voting process into a single, opaque black box, DRE's are
considered by Independent experts to be vulnerable to a wide range
of flaws, failure modes, and attacks.
Reference Materials
1. [32]Voting and Elections by Douglas W. Jones, The University of
Iowa - This page is full of in depth material about voting history
and technology.
2. [33]United States Federal Election Commission (FEC)
3. [34]http://voter.browndogs.org/terms.html
4. [35]"Help America Vote Act" (HAVA)
5. [36]Electronic Voting Hot List by Lorrie Cranor - This list
contains a comprehensive list of pointers to relevant materials.
6. Voting methods:
+ [37]http://www.electionmethods.org/evaluation.htm
+ [38]http://lorrie.cranor.org/pubs/diss/node4.html#SECTION0031
0000000000000000
References
32. http://www.cs.uiowa.edu/~jones/voting/
33. http://www.fec.gov/
34. http://voter.browndogs.org/terms.html
35. http://fecweb1.fec.gov/hava/hava.htm
36. http://lorrie.cranor.org/voting/hotlist.html
37. http://www.electionmethods.org/evaluation.htm
38. http://lorrie.cranor.org/pubs/diss/node4.html#SECTION00310000000000000000