Dana
>E-voting, people. E-voting.
>;-)
>
>http://www.theregister.co.uk/2004/05/10/us_e_voting/
>
>This is being billed as the next expected Tragicomedy in the US.
>
>I wonder how many of these electronic ballot machines there are
>in.ohhhh..I dunno.say..Florida? ^_^
>
> "The bad
>
>Election fraud is a tradition stretching back to the dawn of
>civilization. There is no system, whether paper, mechanical, optical, or
>computerized, that can prevent it. We are clever little apes, and we
>will muck about with things. However, there are ways of making it
>evident that fraud or a malfuncion has occurred, and in this respect,
>touch screen devices are sorely lacking.
>It's not so much that they're easier to scam than other systems; they're
>not. In fact, they're more difficult to scam than most. It's just that,
>as they're currently designed, it's difficult to detect tampering.
>A box full of paper ballots can be sealed. If the seal is broken before
>the votes are tallied, it's painfully obvious that something has gone
>wrong. On the other hand, it takes some skill and planning to attack a
>DRE system; you don't just open a hatch and shove in a fistful of bogus
>ballots. But there are numerous points vulnerability; and while it may
>be more of a challenge to mount an attack, it's considerably easier to
>get away with one.
>Comedian Jerry Seinfeld once said that the worst thing about being blind
>would be the inability to see if there were bugs in your food. This is
>the essence of the DRE problem: the devices offer a number of potential
>advantages, and if designed properly, could eliminate or mitigate a slew
>of serious problems, only the user has no way of knowing if they're
>crawling with bugs.
>
>The ugly
>
>The voter verifiable paper record has become the clarion call of DRE
>skeptics. Their reasoning is simple: if a machine is suspect, the paper
>printout creates a separate medium for a presumably reliable recount.
>Only there are two problems: first, many election regulations specify
>that a recount must be performed in the same manner as the original
>election. Thus, if the machines are in use, such laws would require that
>the memory devices be read again, yielding the same, meaningless result
>ad infinitum.
>Many devices have storage media as well as memory modules. But it is not
>known what would happen if the two should record different results,
>either due to an attack or a malfunction. Which is paramount? And if one
>should be empty, is the other an acceptable substitute without
>corroboration from a third source of data?
>Second, in venues where paper printouts could legally be tallied in lieu
>of the electronic result, accuracy can only be assured if all voters
>review their recipts carefully, assuming they recall what they decided
>on fifty or a hundred questions moments earlier - a significant
>challenge. Furthermore, there are man-in-the-middle attacks that could
>potentially record the voter's input correctly on the paper record, but
>stealthily tweak the electronic results. And let's not forget that the
>paper output could be manipulated, though presumably, some sharp-eyed
>voter will notice this. If the two sets of results differ, the question
>then would be, which is paramount? The paper record is useful only if it
>is paramount, but as previously noted, there are numerous precincts
>where it probably won't be, and others where it will. Such uncertainties
>could entertain the courts for months - far past the deadline for
>election certification.
>And the DRE machines are quite hackable at the moment. Johns Hopkins
>University computer science professor Aviel Rubin testified that "not
>only have the vendors not implemented the security safeguards that are
>possible, they have not even correctly implemented the ones that are
>easy."
>Witness Neil McClure of vendor Hart Intercivic recommended that DRE
>manufacturers be required to implement the FIPS 140-2
><http://csrc.nist.gov/cryptval/140-2.htm> crypto module standard. This
>would be "a great first step toward putting DREs on a path to becoming a
>trusted computing device," he reckoned.
>No fan of the paper-trail panacea, McClure claimed that "irregularities
>can be traced to product quality issues," and advocated raising quality
>requirements and implementing national quality-management systems and
>testing requirements for all voting devices. Which of course will not
>happen, at least not between now and November. "
>-Gel
>
>
>--
>Incoming mail is certified Virus Free.
>Checked by AVG Anti-Virus (http://www.grisoft.com).
>Version: 7.0.241 / Virus Database: 262.9.18 - Release Date: 5/9/2004
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
