Helen of Marlowe's Blog

The voting machines, again

Posted in "North Carolina", Government by helenofmarlowe on October 15, 2012

More on the (un)reliability of voting machines.

This will make more sense if you have first read the immediately preceding post.  The course from the University of Michigan discussed in detail in previous post  explains in detail why paper ballots, available for counting and recounting, are essential.    Not sufficient, but essential.

I say not sufficient, because there are a number of reasonable scenarios in which paper ballots can be useless.  Perhaps worse than useless, since they can give the mistaken impression that  all is well, when perhaps all is not well.

Briefly, a few reasons paper ballots are helpful if actually looked at, but not a guarantee against voter-machine manipulation:

Software can be easily written to record a vote for Candidate A on the computer’s memory card, which is not the voter’s choice, but to print on paper that the vote was recorded for Candidate B, as the voter intended. Virtually all professionals in the field recommend open source software, such as Linux, which would make this sort of thing visible.

The print is often so tiny, and/or the ink so light, that the voter cannot read it.

Paper records are almost never looked at.   The paper audit is almost never used unless there is evidence of something wrong.   There are a few instances in which public announcements were made that there would be audits in certain states, and that the districts chosen would be random, but in fact, the districts were chosen ahead of time and the election officials were told which districts would be audited.

Here we see the memory card, much like the one in your camera, being changed to one which holds software that overrides the software shipped with the machine.

Although a paper trail cannot guarantee that votes have not been changed, it is still very useful if it is actually checked.

The course showed various ways that a person with only brief access to a machine can sabotage  the software or the hardware.

Recommendations for improving the security of our elections include requiring transparent certification by truly independent certification authorities (at present, machines are tested by certification companies chosen by and paid by the machine vendors), and using open-source software, so that computer professional from all over the world can see the code and look for and report bugs.

In summary, all the voting machines tested by university computer professionals were found lacking in security features.  All the testing universities (including University of California, Princeton, Johns Hopkins) reported sloppy coding in the software and  disturbingly easy access to the hardware.  Cards holding the votes and cards holding the program can be changed, “tamper-proof” seals can be removed and replaced without leaving evidence, jumpers that count the votes can be changed (changing the vote count). None of these problems were reported to the public or to election officials by the certification companies.  Vendors influence legislators, not just in efforts to make sure that their own machines are allowed in the states, but also to influence legislation that will make their competitors’s machines unacceptable.

In 2009, legislation was introduced by Rep. Rush Holt  entitled The Voter Confidence and Increased Accessibility Act of 2009 (HR 2894), which would require non-proprietary software and create a national standard to ensure the verifiability and auditability of every vote, but the legislation did not pass the senate.

Finally, I want to encourage everyone to watch this 14-minute video of the Oct. 4, 2012 Charlie Rose show, in which Charlie Rose interviews Barbara Simons, author of Broken Ballots: Will Your Vote Count?  A computer engineer, Dr. Simons confirms  in this video that we have no way of knowing who American voters are actually electing.

#

Advertisements

4 Responses

Subscribe to comments with RSS.

  1. Jim Wheeler said, on October 15, 2012 at 6:31 pm

    Yipes. This is disturbing news, and the fix is similar to what I was picturing. Any system devised by human beings can be fooled by human beings, so the only protection is to have in place independent verification by people who are compensated against compromise. I think it is similar to any security situation, whether it be the TSA, night watchmen, or keeping terrorists out of utility plants. In many such cases we need teams that constantly test the security system, or it will become lax.

    Thanks for your considerable work here, Helen!

    • helenofmarlowe said, on October 15, 2012 at 8:22 pm

      Thanks for your comment Jim. Maybe we can learn something by looking at the fallout from de-regulation of the banks.

  2. mark said, on October 29, 2012 at 6:19 pm

    Helen you should know that North Carolina law requires a 1% random audit of the precincts in each county. True in the ’06 primary election the county directors of elections were informed of which precincts would be audited. This was the first time these machines were used in NC. Afaik that has not happened since. NC law requires this random audit because as you point out there is no way to know how either a paper ballot reader (M-100) or an electronic machine (i-Votronic).

    Of course other states have different laws. Check with Joyce McCloy to find out how to participate in the audit. It is done before the vote is certified.

    -mark

    • helenofmarlowe said, on October 30, 2012 at 6:19 pm

      Hi Mark,
      The coursera course, and and my blog, are not especially about Forsyth County, or NC. I do think we in Forsyth County have better reliability than many (most?) states. But about the 1% audit — how do we know whether that will be done at the precincts with paper ballots? And if the audit is done in precincts w/o paper, how will we know the audit did something more than have the machine re-run its count?


I like comments. Put 'em here.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: