Go Back  DVD Talk Forum > General Discussions > Other Talk
Reload this Page >

Shocker: Public, security experts' e-voting views differ sharply

Other Talk "Otterville" plus Religion/Politics

Shocker: Public, security experts' e-voting views differ sharply

Old 08-06-04, 08:07 PM
  #1  
DVD Talk Hero
Thread Starter
 
jfoobar's Avatar
 
Join Date: Jun 2000
Posts: 37,855
Likes: 0
Received 2 Likes on 2 Posts
Shocker: Public, security experts' e-voting views differ sharply

http://www.computerworld.com/securit...,95094,00.html

Public, security experts' e-voting views differ sharply
Experts worry more about errors in e-voting than does the public

News Story by Sharon Machlis

AUGUST 06, 2004 (COMPUTERWORLD) - Security experts are substantially more skeptical about e-voting than the public, but their greatest worry is system and programming errors, not malicious hacker attacks, according to a survey released this week by the Ponemon Institute.

The study, conducted in July and early August, aimed to measure public opinion about electronic voting systems and then compare the results with those of security experts -- both IT pros and hackers.

"The degree of difference was just startling," said Larry Ponemon, adjunct professor of ethics and privacy at Carnegie Mellon University and director of the independent institute bearing his name.

The Tucson, Ariz.-based institute collected 2,933 usable responses nationwide from the public, both online and by postal mail, and surveyed 100 attendees at the Black Hat and Defcon hacking/security conferences.

Six out of 10 Black Hat/Defcon attendees had an unfavorable view of e-voting, while only 17% of the public did (22% of experts and 28% of the public were undecided).

Ponemon expected the public to be less concerned about e-voting problems than the hackers. However, in all the studies he has conducted comparing views of experts in various fields with those of the public at large, "I have not really seen differences of this magnitude before," he said.

Twenty percent of the experts cited system and programming errors as their top concern, followed by attempts to influence the outcome of an election (17%). A potential breach of security by hackers and cybercriminals ranked third (15%) as a potential e-voting worry among the Black Hat/Defcon attendees.

Among the public, the top worry was a decline in voter turnout because of fear or distrust of e-voting systems (18%), followed by human errors and privacy violations (15% each).

A number of citizen and political groups as well as security experts have criticized electronic voting systems, charging that they are unreliable and insecure. Many have called for a "paper trail" so that results can be recounted via hard-copy backups. System vendors insist that their machines are reliable and argue that critics are touting unlikely worst-case scenarios as probabilities (see our e-voting special coverage page). The president of the Information Technology Association of America, Harris Miller, told Computerworld that some of the criticism is less about electronic voting machines than "a religious war about open-source software vs. proprietary software" (see story).

In the Ponemon Institute survey, 83% of the experts said e-voting is either less or much less secure against election tampering than traditional paper ballot machines, compared with just 19% of the general public. Almost half (49%) of the experts said electronic voting systems were less likely to record and report their votes accurately, vs. 21% of the public.

"Most people are fairly trusting of this technology," Ponemon said. But among the security experts he spoke with, the feeling was quite different. "They think a lot of this technology is pretty crummy," he said.
I was at Black Hat and Defcon this year myself. I am not at all surprised at the one-sidedness of the polling taken there, but I am somewhat shocked at the fairly wholesale trust the hoi polloi has in e-voting systems.
Old 08-06-04, 08:24 PM
  #2  
DVD Talk Hero
 
Join Date: Jul 2001
Location: MI
Posts: 25,061
Likes: 0
Received 0 Likes on 0 Posts
The public's only view is what they get from the media which potrayed it as the "white knoght to the rescue" after punch card problems in Florida in 2000.

I don't think the security (and mistake) issues are solvable but this needs the kind of in-depth software design review that is normally reserved for mission-critical and life/death type systems. I doubt they will get it as the contract will go to the low bidder.
Old 08-06-04, 08:31 PM
  #3  
DVD Talk Hero
Thread Starter
 
jfoobar's Avatar
 
Join Date: Jun 2000
Posts: 37,855
Likes: 0
Received 2 Likes on 2 Posts
Originally posted by OldDude
The public's only view is what they get from the media which potrayed it as the "white knoght to the rescue" after punch card problems in Florida in 2000.
They only get that from the media if they haven't been paying much attention to the news over the past year or so.

The talking heads making the most noise about it are some of the same talking heads who feel like Bush stole the election in 2000. I tend to agree with them on e-voting concerns.
Old 08-06-04, 08:32 PM
  #4  
DVD Talk Hero
 
Join Date: Nov 1999
Posts: 36,981
Likes: 0
Received 0 Likes on 0 Posts
i agree that the software needs to be throughly reviewed...possibly to the point of it being open source.



i think the security concerns are similar to paper ballot concerns
Old 08-06-04, 08:58 PM
  #5  
DVD Talk Hero
Thread Starter
 
jfoobar's Avatar
 
Join Date: Jun 2000
Posts: 37,855
Likes: 0
Received 2 Likes on 2 Posts
Originally posted by Venusian
i agree that the software needs to be throughly reviewed...possibly to the point of it being open source.

i think the security concerns are similar to paper ballot concerns
Not really. The A-#1 biggest concern (right now anyway) is that many of these e-voting systems do not create a paper trail for auditing purposes (as well as to assure individual voters that their vote was entered correctly).
Old 08-06-04, 09:24 PM
  #6  
DVD Talk Hero
 
Join Date: Jul 2001
Location: MI
Posts: 25,061
Likes: 0
Received 0 Likes on 0 Posts
I don't think voting machines (with all the little levers and one big lever) made a paper trail either.

The real point of a paper trail is to capture the mark made by the voter under an asumption that if the mark is improperly made, a human could count it more reliably than a machine (debatable whether that is true). In the case of an electronic vote, the machine makes a mark that is what it interpretted the voter said. What does that prove? I grant if the voter made an error or the machine did, the voter might complain on the spot. But for an audit trail, it just makes the same marks as it counts. I think a software review would prove more and be less tedious. For "recounts" it is useless, just as it was with voting machines.
Old 08-06-04, 09:26 PM
  #7  
DVD Talk Legend
 
Join Date: Jul 2000
Location: Arizona, USA
Posts: 23,460
Likes: 0
Received 0 Likes on 0 Posts
All I saw in that article was a word that almost looked like "Pokemon" - see, that's what you need to bold the important parts.
Old 08-06-04, 10:02 PM
  #8  
DVD Talk Hero
Thread Starter
 
jfoobar's Avatar
 
Join Date: Jun 2000
Posts: 37,855
Likes: 0
Received 2 Likes on 2 Posts
Originally posted by OldDude
I don't think voting machines (with all the little levers and one big lever) made a paper trail either.
Sure they did, in the form of the punched ballot.

The real point of a paper trail is to capture the mark made by the voter under an asumption that if the mark is improperly made, a human could count it more reliably than a machine (debatable whether that is true). In the case of an electronic vote, the machine makes a mark that is what it interpretted the voter said. What does that prove? I grant if the voter made an error or the machine did, the voter might complain on the spot. But for an audit trail, it just makes the same marks as it counts. I think a software review would prove more and be less tedious. For "recounts" it is useless, just as it was with voting machines.
The problem with software calculation of votes is that a software vote is virtual. It is nothing more than a phantom. If the totals were manipulated electronically and this was not detected, there would be no way of knowing what the real vote totals should be at all.

Let's look at the two advantages of e-voting:

1. Removes the "dimpled chad" and other questionable paper ballot problems. Hopefully the interface is designed in such a way as to prevent idiots and those with poor eyesight from accidentally voting for the wrong person.
2. It makes it much faster to do counts.

#2 is an almost worthless concern, IMHO. Yeah, its nice to know who the new governor is before you go to bed at 10:00pm, but this is hardly high up on the list of voting priorities.

Instead of solving the problem of voting irregularities, electronic voting without some physical auditability creates more problems than it solves.
Old 08-06-04, 10:12 PM
  #9  
DVD Talk Hero
 
Join Date: Jul 2001
Location: MI
Posts: 25,061
Likes: 0
Received 0 Likes on 0 Posts
We are not talking about the same thing as "voting machines"

The ones I'm talking about had a large number of little levers that you moved to mark your vote, and a humungous lever that in one direction closed the current and in the other direction tallied your vote on mechanical counters (locked until the poll closed, so no one could observe) and opened curtain. They had no paper trail.

They were a bear to "program" because all the rules (vote for only three) had to be mechanically encoded.

They sort of reminded me of a big Freiden desk calculator on steroids.

We used these until about 1990.

Edit: This is better than my description, but I can't find a pic.
http://americanhistory.si.edu/vote/r...gearlever.html
Gear-and-Lever Voting Machine
Conceived and developed in the late 19th century, the layout of the gear-and-lever voting machine approximates that of the Australian or blanket ballot. This type of voting machine, however, does not use paper ballots. The face of the machine shows a rectangular array of small levers, each identified by a label. Each party's candidates may be shown in one row or one column, depending on the manufacturer of the machine. The party name, and possibly a party symbol, may be shown at the top of the column or to the left of the row. The name of the candidate is shown on the label associated with each lever. Behind the face of the machine, unseen by the voter, is a set of counters or odometers that have at least three decimal digits each. There is one odometer for each candidate or referenda issue, allowing for a maximum vote per candidate of 999.

To unlock the machine, the voter pulls a large lever closing the curtain behind himself or herself to provide privacy. The movement of the lever closing the curtain unlocks the machine for voting. To vote, the voter pulls down the levers of the desired candidates and referendum issues. It is impossible to over vote—that is, to turn down more levers than are allowed for an office or issue. For example, in a "vote for one" contest, only one lever may be turned; the remaining levers for competing candidates for that particular office are locked in place when any one is turned down.

When the voter has finished voting, the voter opens the curtain. With that motion, the levers that have been pulled down return to their neutral positions. The return of each lever causes the associated odometer to increase by one.

At the close of polls, the machines are opened by election officials to view and record the counters. In older machines, the values of the odometers must be copied on to summary sheets by hand. In newer machines, a printout can be produced that has the odometer values printed on it.
Edit2: Sequence of photos here http://www.michigan.gov/mikids/0,160...569---,00.html

Last edited by OldDude; 08-06-04 at 10:21 PM.
Old 08-06-04, 10:22 PM
  #10  
Admin-MemeCat
 
VinVega's Avatar
 
Join Date: Nov 2000
Location: Caught between the moon and NYC
Posts: 31,819
Received 8 Likes on 5 Posts
I don't see what the big deal is about creating a paper trail for backup/auditing purposes. It seems like logic and common sense. Why are Republicans in the state of Florida fighting it so hard? They site cost, but there have been numerous plans presented that would have paid for the adjustments to the machines that would allow for the paper trail. Why would you want to make the voting process less trustworthy?
Old 08-06-04, 10:39 PM
  #11  
DVD Talk Hero
 
Join Date: Aug 2001
Location: in da cloud
Posts: 26,196
Likes: 0
Received 0 Likes on 0 Posts
I think any e-voting solution is useless unless it assigns some kind of unique key to each voter for auditing purposes. When you register you get a smart card with a chip. You use it to vote and a central database makes sure you vote only once and it keeps a record of which key voted for which candidate.
Old 08-06-04, 11:30 PM
  #12  
DVD Talk Hero
 
Join Date: Nov 1999
Posts: 36,981
Likes: 0
Received 0 Likes on 0 Posts
i dont get the point of a paper trail? do you get the receipt so you know for sure it recorded the right vote? or does the receipt go into a bin or somethign? if you get it and take it home, what does that proof...same the other way? how do we knwo the receipt matches the software vote?


also, is the idea that someone can count the papers to make sure the computer was right? i think the computer would make a lot fewer mistakes than people would make.


like i said before, other than software flaws, i dont see a prolbme
Old 08-07-04, 04:25 AM
  #13  
DVD Talk Hero
Thread Starter
 
jfoobar's Avatar
 
Join Date: Jun 2000
Posts: 37,855
Likes: 0
Received 2 Likes on 2 Posts
Originally posted by Venusian
i dont get the point of a paper trail? do you get the receipt so you know for sure it recorded the right vote? or does the receipt go into a bin or somethign? if you get it and take it home, what does that proof...same the other way? how do we knwo the receipt matches the software vote?
No, they would not take it home.

also, is the idea that someone can count the papers to make sure the computer was right? i think the computer would make a lot fewer mistakes than people would make.

like i said before, other than software flaws, i dont see a prolbme
How about hackers? How about people in a position to manipulate the results? Without a paper trail there is no way of checking.
Old 08-07-04, 07:35 AM
  #14  
DVD Talk Hero
 
Josh-da-man's Avatar
 
Join Date: Sep 2000
Location: The Bible Belt
Posts: 31,667
Received 18 Likes on 14 Posts
Without a paper trail, it's too easy to lose data, or prove there was some kind of manipulation. Justin is correct about e-votes being "phantoms."

It's like this. Say you've written your great American novel on your computer using MS-Word. Great, you're finished. And then your hard drive crashes and you lose everything you've written.

Wouldn't it have been nice to have printed it out first? A nice, uncorruptable hard copy in your hands.

With e-voting there's just too much room for error or manipulation. Can you trust whoever is "counting" the votes not to alter the data? If something like that were to occur, is there any way to verify it? At least with paper ballots you can get second and third parties to do recounts if necessary. And if the programming is not open source, there goes another level of trust.
Old 08-07-04, 09:17 AM
  #15  
DVD Talk Hero
 
Join Date: Nov 1999
Posts: 36,981
Likes: 0
Received 0 Likes on 0 Posts
make backups right away so you dont lose data. i think FL forgot to do that last time.


hackers is the same things as people manipulating punchcard ballots or something. its the same security issue. what if the hackers changed the source code so the paper ballot printed out said the other guys name. you would be in the same situation
Old 08-09-04, 03:11 AM
  #16  
DVD Talk Hero
Thread Starter
 
jfoobar's Avatar
 
Join Date: Jun 2000
Posts: 37,855
Likes: 0
Received 2 Likes on 2 Posts
Originally posted by Venusian
hackers is the same things as people manipulating punchcard ballots or something.
Yes, that possibility exists (insofar as real paper ballots could be replaced with doctored/counterfeit ballots), but e-voting without a paper trail makes the possibility of election fraud substantially higher, not lower. That's the problem.

its the same security issue. what if the hackers changed the source code so the paper ballot printed out said the other guys name. you would be in the same situation
No. In the proposed modifications to the process, the voter would either see the paper record of their vote and have the opportunity to bring discrepancies to the attention of election officials or (and I like this one better), the e-voting machine would actually print out a paper receipt of the votes which the voter would physically carry to a box a la the old paper ballots.

In either case, quick (and presumably accurate) election results could be compiled from each precinct in record time but the official election results should be based on a physical count of paper ballots which would take longer.

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Thread Tools
Search this Thread

Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service - Do Not Sell My Personal Information

Copyright © 2018 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.