Helen of Marlowe's Blog

 How can we trust our elections?

Posted in "North Carolina", computers, Government, Politics, voting by helenofmarlowe on September 30, 2012

Gov. Romney may end up in the White House not because the majority of voters choose him, but because Pres. Obama’s lead may not be large enough to survive the obstacles his supporters will face on the way to the voting booth, and inside it. The Obama supporters who will not be allowed to vote, or whose votes, once cast, will not be counted, may be in numbers high enough to put the wrong man in the White House. Again. We all know, and most of us acknowledge, that the photo ID laws and the purging of voter rolls disenfranchises many legitimate voters, and these voters are not evenly distributed among voter demographics. That burden falls most heavily onto college students, the elderly poor, and racial minorities. Guess how they usually vote.

I’m taking a coursera course, Securing Digital Democracy, from the University of Michigan. Most of what we’re learning, I already knew in general terms, but this course is revealing the details. Especially interesting to me are the intricate innards of the voting machines which were implicated in putting George W. Bush into the White House.

Code might be a million lines long. Any typos? Any errors? Any malicious code? What happens is unobservable. The process is secret.

The ways that these machines can miscount votes, either because of design flaws that have been discovered and reported but not corrected, or by deliberate manipulation, are too many to list. I take notes as I watch these lectures, with pen on paper, and my spiral notebook contains eight pages of ways these machines can miscount votes. In most cases, the software running the vote has never been tested. No independent tests. Diebold has threatened election officials with loss of their job if they request independent testing.

Instead of a hand behind a curtain, we have a secret program developed by a private company. We can’t see the code, but hey, it was approved by our government, so what could go wrong? Right?

Some of the troublesome source code is revealed and explained in the course. In some cases the teacher points out the errors, and in some he simply says, see if you can find the errors.

Here is an example of the latter. I cannot find the error(s).


Computer Science departments were able to get hold of actual voting machines (through cloak and dagger adventures that I won’t go into here) and find hardware flaws as well. The many ways the votes can be changed involve the removable memory chips, the locks, the bootloader, the encryption keys, the memory cards, and the jumpers on the motherboard, to name just a few.

Memory cards (holding the votes) could easily be replaced without leaving evidence. And the machines were left unlocked in schools and other public buildings so that anyone with access could replace a memory card. A person with even brief access (the computer has a locked compartment, but the lock can be picked in about 10 seconds) can replace memory cards or even replace a chip that will cause the machine to boot to another program other than the vote recording program.

Once in, a hacker can even change the code so that when a vote is cast for Candidate X, the machine records a vote for Candidate Y, but the paper record shows that the voter voted for Candidate X, assuring the voter that all went well. This kind of malicious code is not as likely, as it would be caught in the case of an audit, but only in the case of an audit, and most precincts don’t end up in an audit.

Our voting machines are tested by independent testing authorities.  The testing companies are chosen by the voting machine companies and paid by them.  After machines are certified by ITAs, independent computer experts have found flaws that allow votes to be changed without detection.  Every independent testing has found serious flaws in machines that have been certified.

There is great incentive in a competitive market for ITAs to produce a glowing report, and no requirement that flaws be reported.

Exit polls were extraordinarily reliable predictors of wins until computer counting became the prevalent means of deciding outcomes.  There is overwhelming evidence that exit polls are more reliable than  the counts reported by private proprietary secret computer codes. Yet the National Election Pool had made a decision to eliminate exit polling in the 2012 election in 19 states.  This further erodes election integrity.

All this is troublesome, but it requires citizens to learn about the troubles. And that’s not easy. So should we just  trust our elections to private corporations with secret codes?   What could go wrong?

See the answer  here, at  Voting Machines, again.

Tagged with: , ,

15 Responses

Subscribe to comments with RSS.

  1. Joseph Gilmore said, on September 30, 2012 at 1:25 pm

    Troublesome indeed.

  2. Jim Wheeler said, on September 30, 2012 at 3:07 pm

    Helen, you raise a concern here far more serious than I imagined it would be. Based on <a href="http://money.cnn.com/magazines/fortune/fortune_archive/2006/11/13/8393084/index.htm"a 2006 Fortune Magazine article I found, “there has never been an infallible ballot”. The linked article contains an embedded and very neat listing of all the voting methods ever used, right up to the present. Notably it includes a notation on “how to cheat” for every one of them.

    Given the shrill and deep contention in this year’s politics I can only suggest that both parties deploy expert monitors to all parts of the voting systems in every state.

    • helenofmarlowe said, on September 30, 2012 at 6:01 pm

      Yes, Jim, you are right. The coursera course takes us through the history of voting, beginning with the voice vote, and including the handwritten ballots, the newspaper-printed ballots, the party-printed ballots, the false-bottoms in the boxes. And tells tales of vote-buying schemes. The chain-voting scheme is interesting – the vote seller goes in to vote, brings his blank ballot back out and gives it to The Man, who fills it out for the next vote-seller who takes it in and brings back his own blank to give to The Man, etc. They put a stop to that with serial numbering. I did click the link you have here, but got Page Not Found.

    • helenofmarlowe said, on October 1, 2012 at 10:00 pm

      Thanks, Jim, the link works and I read the article. I find a number of questionable statements. I’ll
      list a few:
      “[In] Brazil, they delivered a quick and clean count in the 2000 elections.”

      How can we know since they were not audited, and indeed cannot be? However, it’s very likely the Brazil elections are more trustworthy than most. The code in the Diebold machines was changed- it runs on Linux instead of the the original Diebold code.

      “But for all the sound and fury swirling around the company, there has not been a single confirmed incident of tampering with a Diebold or any other electronic machine”

      Hard to make sense of that sentence, when there are so many cases, some even cited in this article.

      “The report all but ignores physical security and election procedures,” says Mark Radke, marketing director of Diebold Election Systems. “Every local jurisdiction secures its voting machines – every voting machine, not just electronic machines. Electronic machines are secured with security tape and numbered security seals that would reveal any sign of tampering.”

      Two inaccurate statements in this one. 1) Of course Diebold can’t be held accountable for the fact that election officials leave the machines in unlocked schools, in unlocked hallways of public buildings, in unguarded gymnasiums — but surely Diebold can be held accountable for knowing that and not making the machines tamper proof.
      2) About the security seals, I’m reluctant to post publicly how easily they are made to look as though they haven’t been pulled off and replaced. It’s in coursera. Maybe after the election I’ll say how that’s done.

      “The company pointed out in a 27-page retort that the software wasn’t in use and that there were checks and balances to prevent fraud.”

      Of course I have no inside info, but this is mentioned in Coursera, and is cited as a case of misinformation — that the software was used in California’s election.

      And the brief mention of the paper audit trail in this article overlooks what is covered in the coursera course and also in the article that Anne Wilson cites in the comments below: The sentence “we could easily tamper with the printer output where the paper record would not match what was stored electronically.” The printer simply prints out what the sotfware tells it to print — and that’s not necessarily what is recorded in the machine. (Same with the “zero counts” that observers are shown at the beginning of an election.)

      I’ll end with the box that says Think electronic voting’s a joke, and note that the chart says about electronic voting, “Counts every vote instantly and accurately.” I would like to ask the author if this was intended to be a joke!

      The next section of the course I’m taking covers the minimum criteria for accurate voting: Transparency (using opensource software, such as Linux, instead of secret, proprietary code), Verifiability, and Auditability, and how those could be achieved. That’s for my next blog.

      • Jim Wheeler said, on October 2, 2012 at 9:04 am

        Thanks for monitoring this for us, Helen. I am looking forward to your conclusions when you complete your course.

  3. vorsteggianuu said, on September 30, 2012 at 6:27 pm

    This is very distressing information, and it needs to be passed on to as many people as possible.
    I’ll be glad to help getting it out, but I suggest that you provide more info for people who might read your blog == I’m thinking primarily of Winston-Salem & Forsyth County. Can you answer these Questions:
    (1) Will Diebold machines be used in Forsyth County?
    (2) What does the coursera lecturer say about voter options?
    (3) What do you suggest we do about it right now, with just one month before the election?

    • helenofmarlowe said, on September 30, 2012 at 8:16 pm

      The Coursera course shows a map of states most likely to have voting-machine problems that affects the count in the 2012 election. NC is among those.

      1) In all of Forsyth County, I believe we use all paper ballots, optical scan & automark (no touchscreens).
      ES&S Optical Scan M-100 on election day, with DRE iVotronic for ADA (Americans with Disabilities Act).
      We do not have precinct count (which can detect problem with the ballot immediately and can let the voter know if the vote can’t be read.) Precinct-count is best. In our system, the
      memory card is removed by election officials and taken to another computer for counting.

      2) & 3) As I look ahead at the syllabus, I see lecture

      9.2 Post-Election Auditing
      10.3 Recommendations
      10.4 What You Can Do!

      These will not be available until next week (9) and the week after (10). Right now we’re on the subject of
      internet voting.

  4. Anders said, on September 30, 2012 at 8:13 pm

    The security bug is on the line that starts with stprintf, it is a standard buffer overflow of the same kind that most security bugs are traditionally. It would allow a hacker who knows what he is doing to gain access to the machine with the same rights as that program – presumably this is the voting program, which means the hacker would be able to write and read votes – certainly enough to change the outcome of the election in that district

  5. Anne Griffis Wilson said, on September 30, 2012 at 8:25 pm

    Helen, thanks so much for sharing your blog with me, and I, too, find the voting machine snafu most disturbing and frustrating, b/c what can ‘we the people’ actually do about the voting discrepancies other than be aware? We simply don’t know what goes on behind closed doors! I don’t see how the “evils” can be monitored, and I’m highly distrustful/paranoid.

    Below is a link you may find interesting. I’m pretty sure I remember being told that locally (and maybe in NC), we do not have Diebold machines. Joyce McCloy could tell you exactly the machines we have. But even if Diebold is used in a handful of states, that’s enough to compromise the voting system. Diebold plus other attempts at voter suppression. Sadly, this is largely the work of ALEC, which has infiltrated our country, and I just hope it is not too late to rescue democracy. IF ONLY voters would realize what is going on! The ideological polarization and inability to compromise is killing our political system.


    Please let me know if you have difficulty opening the page; if so, I’ll send it via email. Also, have you and Bob seen the latest Bill Moyers program on ALEC? Horrifying! I can send you that link also; just let me know.

    Other than have observers at targeted polling places, I’m not sure what we can do about voting machines. We are a very sick country at this juncture, in my opinion.

  6. Earl said, on October 5, 2012 at 4:36 pm

    Helen, the information is important. The forum should be exposed to it. The question is what is democracy in the life of people? How do we create democracy in all areas of life? What forces are holding back the development of democracy? Where are new flowers of democracy coming into existence? It is not a question of rescuing a corrupt system in the long run. What little there is should be saved, but we should go further.

    Democracy is not compromising on how people can be fleeced.The two parties adhere to different methods, and today the snake of fascism has reared its head, that is why , even policies I disagree with, I will vote for Obama.

    The forum can take in information, but it is not going anywhere with it.

  7. David Phillips (@SkyDaver) said, on October 31, 2012 at 5:46 pm

    I would re-write your first sentence thus:
    “Our next president may end up in the White House not because the majority of voters choose him, but because his opponent’s lead may not be large enough to survive the obstacles his supporters will face on the way to the voting booth, and inside it.”

    Also, I do not agree that a proper voter id law and registration roll validation process disenfranchise anyone. I know of one voter who has moved twice since the 2008 election, properly registering in his new location, who gets voter registration notification from both prior residences. The moves are close enough that it would not be difficult for this person to vote in three locations.

    When I worked as a poll worker in the 2008 election, I had two people present themselves to vote who actually stated that they were going to vote for someone else. Those two were innocently attempting to vote for someone who could not get to the polls, and did not know that they could not do so. How many went through that did not have innocent motives?

    I consider it naive to think that either party has any interest in making voting transparent and verifiable. Both parties will undertake ANY dirty tricks possible to pad their count, and suppress their opponents.

    We, as a nation, should be able to make sure everyone who may vote has the opportunity to do so, once and only once.

  8. Beth said, on November 3, 2014 at 5:56 pm

    Wow. I had no idea. It’s pretty disheartening. Sometimes I wish I understood how computers work in detail and sometimes I just want to be a Luddite! I’m still trying to understand why voting matters if we use a “supervoter” process in the end.

    • helenofmarlowe said, on November 3, 2014 at 6:09 pm

      Hi Beth,
      A friend said to me yesterday, If we live long enough, we will all cross the Luddite border. I’m afraid I’m gettng close.

I like comments. Put 'em here.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: