[ale] [Fwd: Re: [ale] Thoughts on Electronic Voting]

[Charles Shapiro]

Oops...


> From: Charles Shapiro <charles.shapiro at nubridges.com>
> To: Jeff Hubbs <hbbs at attbi.com>
> Subject: Re: [ale] Thoughts on Electronic Voting
> Date: 06 Nov 2002 09:30:51 -0500
> 
> This is a very good essay which nicely sums up the problems in the
> current Georgia voting method.
> 
> It contains a misconception about the voting mechanism. The smart card
> you were handed contains no tallies, votes, or other unique information.
> As the system was explained to me, it contains only a boolean flag
> indicating whether it has been inserted in a machine which was used to
> cast a ballot. When you turn the card back in to the poll worker after
> you vote, she clears that flag for the next use. This prevents you from
> going through the voting process twice, or going to another machine to
> cast more votes for your candidates. All vote tallies remain in the
> voting machines. They're allegedly printed as well as written to the
> hard drive, although I cannot verify this part of the story.
> 
> But I agree with the substance of your argument.
> 
> -- CHS
> 
> On Tue, 2002-11-05 at 21:36, Jeff Hubbs wrote:
> > I've read a lot of the messages here and taken in some other information
> > and I'd like to weigh in with some of my conclusions.
> > 
> > I don't have the practical expertise of the Bob Toxens of the world (not
> > to belittle those of the rest of you who have similar geek stones of
> > titanium), but I am an IT manager who has dealt with difficult issues of
> > processing classified information, and in the course of that I developed
> > mental approaches that served me well in that realm.  
> > 
> > Let me start off by informing your intuition with a true story.  Ronald
> > Dale Harris was a software engineer for Nevada's Gaming Control Board,
> > and his job was to write software to prevent cheating in slot machines. 
> > He hacked the slot machine code to produce cash jackpots when a certain
> > sequence of coins was inserted.  He and his accomplices hacked over 30
> > slot machines and would likely have gotten away with it except for those
> > meddling kids...whoops, excuse me, I am the parent of a seven-year-old. 
> > Anyway, one of Harris' buddies fingered him when the buddy was busted
> > for trying to rig a Keno game.  
> > 
> > What can we learn from this?  The responsible agency for protecting the
> > integrity of slot machine gambling hired several people who were
> > motivated and determined to rig the machines to benefit them personally;
> > there was no higher overseeing authority.  Except for the fact that one
> > of them was caught committing another crime and then sang like a canary,
> > the hack would very likely have never been detected.  Those of you who
> > code or have coded, ask yourself:  could you determine if a program of
> > significant size and complexity did something other than or in addition
> > to what it is supposed to do, especially when you have no idea what that
> > additional behavior might be?  
> > 
> > A few years ago, a professional magician supposedly angered magicians
> > anywhere by going on national television, under cover of a mask and the
> > nom de voyage "The Masked Magician," and performing these marvelous
> > magic tricks and then revealing in great detail how they were done.  I'm
> > no magic aficionado, but I watched the shows with great interest and
> > afterwards I pondered about the purported controversy that The Masked
> > Magician caused.  While I realized that TMM was deflating the
> > professional magician's stock in trade with each segment of his shows,
> > it occurred to me that TMM was serving a higher purpose.  He was
> > exploring the nature and methods of mass deception, with magic as his
> > medium.  Viewers who watched his shows - even viewers of average
> > intelligence - might be just a little bit more likely to believe or at
> > least wonder if a given occurence is some sort of trick.  TMM's tricks
> > often had common elements to them, e.g., the "palm," misdirection,
> > substitution, concealment.  It isn't hard to see those same kinds of
> > things going on in any other kind of deception that gets the lid blown
> > off of it (Enron, "We had no warning prior to 9/11," "I did not have
> > sexual relations with that woman," "I am not a crook," "freedom to
> > innovate")
> > 
> > And now we have a computer-based voting system in which voters don't
> > even have a way to verify that the card they turn in actually has their
> > vote encoded into it.  When I ask myself questions like "Who has the
> > ability to manipulate these results?" or "Who has write access to the
> > code these machines run?" I realize that not only do I not know the
> > answers, but I have no WAY to know the answers.  When I ask myself "At
> > what points in the process could the process be manipulated?" I come up
> > with lots of answers - there are points that I *can* observe there in
> > the polling place and there are points that I *cannot* observe.  So, the
> > conclusion that I come to is that the opportunity for one or more people
> > to deliberately subvert the election process has grown and that the
> > likelihood of any subversion being executed out of view has likewise
> > grown.   
> > 
> > Inasmuch as I know that it would be possible to design and deploy
> > electronic voting systems with a high level of integrity, their inherent
> > complexity makes auditability by reasonable means impossible.  You can
> > write in all the crypto you want, and it can be "walked around" by
> > simple trickery (is it not possible that these voting machines are
> > wirelessly networked?).
> > 
> > I therefore call for an end to "black box" voting systems of all sorts. 
> > I want it to be possible for independent parties to audit voting results
> > incontrovertably.  I don't care if the systems use nothing more advanced
> > than brass cogs; I want something that's examinable in full.
> > 
> > - Jeff
> > 
> > 
> > 
> > ---
> > This message has been sent through the ALE general discussion list.
> > See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
> > sent to listmaster at ale dot org.
> > 
> 


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.