News
Blogs
Shark Bait
Knowledge Centers
Opinion
Webcasts
Video
Podcasts
IT Careers
White Papers
Computerworld Reports
Zones
Case Study Library
RSS Feeds
Events
Industry
This Week in Print
Print Subscriptions


Ads by TechWords

See your link here


Martin McKeay's picture
Martin McKeay

Security Matters

More posts | Read bio

June 14, 2006 - 11:08 A.M.

Protecting themselves, not voters

8 comments

You got to hand it to the Florida election officials, they know how to protect themselves and their corporate sponsors from embarrassment.  They've proposed a new law which would mandate that only people with one of three little known certifications would be allowed to test e-voting machines, and even then only under very limited circumstances.  No one else would be allowed to look at the boxes.  So rather than fix any problems with the e-voting machines, they've transferred the risk from one of embarrassment for themselves to one of possible voter fraud for the state of Florida.  Good job of looking out for yourconstituency folks.

None of the three certifications specified by Florida legislation, the American Software Testing Qualifications Board, the American Society for Quality or the EC (E-Commerce) Council, actually qualify an individual to do a security assessment on an e-voting system.  And in my opinion, there's no way such a certification could be created without compromising the reviewer; the certification would have to be vetted by the very industry creating the e-voting machines and would invalidate the concept of a unbiased third-party review.  It is only by having independent review of the code can we guarantee that there is no chicanery going on behind the scenes and that the systems are safe from attack during the election.  Trusting the manufacturers of the e-voting machines to guarantee their machines without oversight is like asking the fox to watch the hen house.  They're the people who have the most to gain by hiding any vulnerability and the people with the most access to surreptitiously make changes to the code and, more importantly, the results.

I recently talked to Dan Kuykendall  of the Mighty Seek podcast , someone who makes his living trying to break software, and we agreed that e-voting machines are absolutely necessary to the future of democracy, or at least that they're coming one way or another.  But we have to be absolutely certain that the results these machines return are beyond reproach.  In many elections it would only take a swing of two or three percent to completely change the outcome.  Think about the changes that might have made in recent Presidential elections.   Diebold and the Florida election officials may be perfectly honest and upstanding; but I'm not willing to bet the future of the country on that assumption.  I want as many eyes as possible looking at the code and the process around e-voting as possible.  After all, there most definitely are "evil and nefarious voting officials" out there.  There have been in every election since the founding of our country. 

What People Are Saying

Add new comment

Living in Florida and being

Submitted by Anonymous on June 17, 2006 - 11:01 A.M.

Living in Florida and being involved with the elections department, I can tell you that IF all the precinct workers do as required by law, there can be no fraud from the e-machines. They have numbered seals on the memory cards, numbered seals on the carrying cases and they cannot be unsealed until they are at the precinct and a minimum of 2 people from differing parties have to witness (and sign for) the breaking of the seal on the carrying case (the seal on the memory card CANNOT be broken). During the election, the e-machine CANNOT be left unattended at any time - by law! After the election and after the results have been uploaded, the machines are put back into their carrying cases - relealed - and transported to a secure facility - again with 2 people from differing parties.

Sure, if a computer knowledgeable person was to be allowed to be left alone with the unit and didn't have to worry about not breaking the seal, it could be "hacked."

Also, these units are given a random test BEFORE they are sealed and sent to the field to make sure that a vote for X registers as a vote for X. The only reason Leon County 's machines were "hacked" was because the hackers were allowed to get into the machine and modify the code. Kind of hard to do when there are always multiple people (of differing parties) around the machine when it is not in the sealed case -- and how do you modify the memory card when there is a seal on it? All seal numbers are recorded and signed for (yes, by 2 people of differing parties).

Report this comment

The idea of a "Certified

Submitted by Steve on June 15, 2006 - 11:49 A.M.

The idea of a "Certified E-Vote Systems Examiner" doesn't bother me, provided the certification process and the examiners themselves are totally independent of the voting system manufacturers and the political parties, the processes by which they examine and certify the systems are publicly documented, all the notes and results generated in the examination process are made publicly available, and other concerned parties (i.e. the citizens) can still conduct their own examination and evaluation of the systems.

The only part of voting that should be conducted behind closed doors is the actual act of a voter casting his or her ballot. Everything else in the process must be exposed for full public examination.

A fully open process is in the best interests of the citizens and the politicians. The citizens obviously benefit by anything that reduces the potential for fraud. Removing potential fraud vectors protect the politicians by removing the temptation.

A fully open process also confers greater legitimacy on an election's results. The 2000 election ended with half the people in the country believing they'd been defrauded. It didn't matter if this was really the case or not, there still was a considerable cloud of doubt hanging over W's first months in office. If 9/11 hadn't happened, W could easily have been a one-term President who was unable to accomplish much simply because of the doubt cast upon his election's legitimacy. A politician doesn't just need to win, he needs the public to believe he won.

Report this comment

What amazes me is why this

Submitted by Anonymous on June 15, 2006 - 11:10 A.M.

What amazes me is why this is so hard in the first place. The votes for corporate annual meetings (re-electing directors, approving auditors, and even the occasional actual proposal worth worrying about) have been done electronically for years. What's so hard about transferring the technology?

Report this comment

It's apparent that jeb and

Submitted by LarryC on June 15, 2006 - 10:14 A.M.

It's apparent that jeb and the people in Tallahassee are interested in covering their actions and making FAT (Fair,Accurate and Transparent) voting impossible for We the People in Florida. The only thing that still amazes me is the lack of public outcry. Watch Lou Dobbs. At least he is begining to get the message.

Report this comment

Sure there has always been

Submitted by Anonymous on June 14, 2006 - 5:34 P.M.

Sure there has always been voting fraud. There are at least a couple of relevant differences between these systems and their predecessors. The environments in which to develop exploits are far more accessible to many more folks. Perhaps more interestingly the leverage is greater.

There used to be a joke about the difficulty of stopping the occasionally buggy fly-by-wire A320 after touchdown. What's the difference between a chain-saw and an A320? About 3000 trees a minute. E-voting machines are the A320s in the forests of cast votes.

Report this comment

It's amazing there wasn't

Submitted by derf on June 14, 2006 - 4:05 P.M.

It's amazing there wasn't this much furor over the mechanical machines or the paper ballots. It's just as easy to stuff a ballot box, swap a ballot box, "misplace" ballots, or wiggle some mechanical dials.

Report this comment

No, in fact it isn't just as

Submitted by Mitteldorf on June 16, 2006 - 4:21 A.M.

No, in fact it isn't just as easy. Stuffing ballot boxes requires man-hours. Individual attention to each ballot. Reprogramming can be done remotely, with trivial investments in time, shifting millions of votes from a central location.

Report this comment

This will hold up only until

Submitted by Anonymous on June 14, 2006 - 12:24 P.M.

This will hold up only until about 2012, when we elect a new president without know who won in Florida in 2008.

Report this comment

Related Posts

British finally apologize to Alan Turing; PM Gordon Brown says "sorry"
Six of the best: June's IT Blogwatch
Air France AF 447: Airbus A330 computer blamed
RSA Conference, day two

Today's Top Stories

Droid launch draws tech-savvy crowd
AMD graphics chip shortage hits PC vendors
Mozilla fixes Firefox crash bug
Update fixes iPhone sync problem with Windows 7 for some
First take: Apple's new MacBook offers sleek style, solid performance
Elpida inks DRAM tech, outsourcing deal with Taiwan's ProMOS
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.