Larry Osterman's WebLog

Confessions of an Old Fogey
Blog - Title

The Computer Ate My Vote

The Computer Ate My Vote

  • Comments 15

I ran into a radio ad for True Majority on my way into work today.  True Majority is an online liberal advocacy group founded by Ben Cohen (of Ben&Jerry’s).  The ad was for a project of theirs called “The Computer Ate My Vote”.  Unfortunately, I can’t find a copy of their ad online so I can link to it, but it was fascinating.

While I have severe issues with electronic voting, especially as it’s practiced in America today, I found the tone of their ad disturbing.  The central premise was that EVERYONE knows that computers are unreliable and thus electronic voting is inherently unreliable, without a paper trail.

As I said, I support the principal that electronic voting is dangerous.  I love the fact that my precinct votes with a scan card – the card is scanned in at the voting place, and validated tallied there.  But the card itself is stored in a vault inside the scanner and can be tallied afterwards in the need of a recount.

I do have issues however with the fear mongering about the <scaaaaarry music>“evil computer that’s going to eat your vote”</scaaaaarry music>.  How often do you have computers eat your data nowadays?  I haven’t had a Word or Outlook crash that ate data in YEARS.  Computers are VERY reliable these days, the issues with electronic voting from my standpoint is that there is no recountability and that the systems are hacker-prone, NOT that computers per se shouldn’t be involved in voting.  As I said – my precinct votes electronically, WITH a paper trail that I authored.

I do feel obligated to point out one of the cooler things about the ad: They targeted it at a particular county, and at the chief elections official in that county, by name!  So it wasn’t a shotgun ad, it was carefully targeted.  A nice touch.

 

  • Computers are only as reliable as the software they're running, and from all the accounts of Diebold secretly installing uncertified versions of their software on voting machines, ability to manually alter the count without a trace and teh fact that they left their code on an open FTP site doesn't leave me with much faith in their technology.

    Perhaps computers' ability to do things without anyone being able to actually scrutinize the process maks them unsuitable for controlling the voting process at all.
  • As I said: I have major issues with the way that electronic voting is practised in America.

    I believe that eVoting companies should be required to divulge the source code for their products (maybe under NDA, but it should be available to anyone who asks) and the tools that are used to create those products so others can reproduce their binaries.

    They should be required to have a mechanism to ensure that auditors can determine that the version of software installed EXACTLY match the version that was validated by the LOCAL election commission.

    But I don't believe that raising the spector of "the evil computer that's going to eat your vote" is helpful.

    But maybe it's the only way to make their point, I don't know.
  • Larry,

    I agree. It's irresponsible to instill and proliferate fear, but I think this fear already exists in people through PC experiences of their own, others, and the most recent Florida debacle (http://www.cnn.com/2004/ALLPOLITICS/07/28/florida.voting.ap/index.html).

    For starters the immediate primary goal of electronic voting should be to make casting votes easier, not counting them. An incremental approach will ease voters into the system and result in quicker adoption.
  • Should the Windows source code be available to anyone who asks? Or is Windows an unsuitable platform for voting machines?
  • Actually IMHO Windows IS an unsuitable platform for voting machines. Windows CE or Embedded Windows is much more reasonable actually. You don't want a general purpose consumer OS on a voting machine - at a minimum, the attack surface is too large. You want something small that you can control the attack points.

    And as long as the platform is verifiably the same, it shouldn't matter if the platform's source is open or not.

    More later, gotta run to see the matinee of Joseph.

  • You can never be certain:
    http://www.acm.org/classics/sep95/

    Fortunately I'm not really this paranoid :-)
  • You need to realize that Diebold is using Access to store your votes. Have you ever seen a reliable large database running on Access?
  • Actually I did know that Diebold is using Access to store my votes. And that utterly terrifies me.

    Access is a FINE database, for what it was intended. But it was NOT intended as an enterprise-level secure database.

    And Carlos: That was the "more later". I do know about the turing lecture. But what are the chances of someone at Microsoft putting a back door that could detect a voting program? It's a question of where is the tampering likely to be - in the voting software or on the OS that runs the voting software? My bet's on the voting software.

    Actually, YOUR argument is a HUGE argument in FAVOR of using a closed source operating system, Carlos. If the OS was an open source operating system there's no way of knowing if a back door was introduced into the OS version that's running on the machine. If, on the other hand, it was a closed source operating system, you would just need to ensure that the machine binaries matched the binaries that were shipped from the OS vendor to know that no tampering had been done of the OS components.

    You DO need to verify that the OS is the one that's intended to run the product. But you don't need to have the source to the OS.
  • Larry,

    i agree with the intention of your post; that is, i think you're right about one is not loosing a lot of data with computers nowadays.

    personally, however, i do have a candidate that causes data loss at least once a month. and its the visual studio .net forms editor.

    really had to get this of my chest....

    WM_CHEERS
    thomas woelfer
  • Larry, it does not matter whether the system is open source or isn't. Both are equaly good (or bad, depending on your POV). The issue is, as you point out, to make sure the actual system running on the machine is the one you checked and verified. Not whether it's open source or not. Open source might be a little easier to check, but I think you would have access to the source code of a closed system as well (I hope the people who verify the voting systems have access to the source code).
  • Thomas, did you file the bug with ladybug? The MSDN support forms.
  • Larry,

    as far as i can tell, ladybug is for the vs2005 (and express) beta only. are you saying that bugs related to vs 2003 should be posted there also?

    WM_QUERY
    thomas woelfer
  • Thomas: Why not? It might be interesting to download the beta and see if they've fixed it or not too.

  • Larry,

    i'm working with the beta. just not for the full project stuff, because this is supposed to be shipping this year. this makes it somehow hard to check out if stuff got fixed or not. however, concerning ladybug, it says its for vs 2005 beta somewhere. of course, i can't find that page right now. :)

    i'll try and post some of my 2003 bugs....

    WM_THX
    thomas woelfer
  • Larry,

    i just tried to report a 2003 bug. won't work: ladybug only accepts bugs for the vs2005 beta and the community preview - not for 2003.

    my current solution has almost 4900 files and _lots_ of projects: there's no way i can move all of this to the beta just to check if my problems have been fixed - i need to use a tool that i can use to deploy the solution later this year...

    WM_TOOSAD
    thomas woelfer
Page 1 of 1 (15 items)