August 13, 2004

Stealing the 2004 election.

In The Nation, Ronnie Dugger has an excellent article summarizing the state of electronic voting in the US. Dugger looks at how the problems with technical glitches and the lack of a paper trail (and the resulting possibilities for fraud and manipulation of results) are either being dealt with or — more often — not being dealt with be federal, state, and local authorities.

Confident, friendly, but officious, Jesse Durazo, the registrar of voters of Santa Clara County in the heart of the Silicon Valley, is typical of hundreds of local election officials who berate "the academics." This past spring, despite dire warnings from Professors Neumann of SRI and Dill of Stanford, Durazo led his county into buying 5,500 of the Sequoia AVC Edge DREs at $3,000 each ($20 million, figuring in everything). The anteroom of his county election headquarters is festooned with cheery signs such as one saying Voting Just Got Easier. He is delighted that DREs will facilitate voting by those who speak a foreign language (including Spanish, Vietnamese and Chinese).

Durazo said that the AVC had first been approved by the federal government (which is not correct) and then certified by the California secretary of state. He said that providing a voter-verified ballot would open the way to "unlimited error," while computer error, in contrast, can be "quantified." As for Trojan horses smuggling in corrupt instructions, he said in a confident tone, "I don't have those fears...."

Alfred Gonzales, Durazo's Filipino outreach specialist for voters who speak Tagalog, demonstrated the AVC, a sign on the top of which said Try It Out Today. No More Punchcards! I voted on it and asked Gonzales how I knew for sure that my vote would be counted. "Because it will be registered in the machine, saved in the hard drive, and put on a cartridge," he said. "At the end of the day it will be in the printout of the total." How did he know the machine would do that? "Because it has been federally certified!" he said. "There is fool-proof security." Well, one more thing, I asked. There's no ballot--what if you need a recount? "It's really a matter of trusting the machine," Gonzales said. Patting the AVC gently, he intoned with pride, "It's really a matter of trust."

"These companies are basically saying 'trust us,'" Rebecca Mercuri told the New York Times. "Why should anybody trust them? That's not the way democracy is supposed to work." Douglas Kellner, a leader on the New York City Board of Elections, exclaimed at a meeting of computer specialists in Berkeley this past spring, "I think the word 'trust' ought to be banned from election administration!" Dr. Avi Rubin, computer science professor and technical director of the Information Security Institute at Johns Hopkins University, recently testified before the federal Election Assistance Commission, "The vendors, and many election officials, such as those in Maryland and Georgia, continue to insist that the machines are perfectly secure. I cannot fathom the basis for their claims. I do not know of a single computer security expert who would testify that these machines are secure."

Mercuri wrote in her dissertation on vote-counting in 2001 that "security flaws (such as Trojan horse attacks)...are possible in all of the computer-based voting systems" and that providing thorough examinations of source code and other circuits for DREs that vary from municipality to municipality "is a Herculean task--one that is likely not to be affordable, even if it were accomplishable."

As long as that excerpt was, it's just a small portion of Dugger's article. We highly recommend reading the whole thing.

Posted by Magpie at August 13, 2004 10:53 PM | Elections | Technorati links |

Some of the opposition to paper trails comes from people of good will who misunderstand the proposed process. I had to explain to my Democratic precinct chair, a bright and politically savvy guy who is also one of the precinct's election judges, that the paper printout is to be examined by the voter, then deposited in a box in case there's a recount. He was concerned that voters would take the paper with them, and that some would use it to prove their vote to some unscrupulous person who paid them to vote a certain way. It should be obvious that the paper printout, like any paper ballot, must be subject to a strict chain of custody. But apparently there is some misunderstanding.

I asked this same person, who is a lawyer, what procedure he would legally be required to follow if a candidate demanded a recount. He said that he would print totals again from the eSlate server's memory (sorry; I don't know what technology is used, maybe some sort of memory card). In other words, when you cast your vote in Houston, TX, it is immediately and irrevocably aggregated, and there are no more individual votes.

Rush Holt's bill won't even get to a vote, soon or perhaps ever. It's pretty clear we're not going to get paper trails in very many places that DRE voting systems are used, at least not by November. That means that we're going to have to win this election overwhelmingly in places that use older voting technologies, to compensate for votes stolen... including, perhaps, my own.

Posted by: Steve Bates at August 16, 2004 08:58 AM