;-)
http://www.theregister.co.uk/2004/05/10/us_e_voting/
This is being billed as the next expected Tragicomedy in the US.
I wonder how many of these electronic ballot machines there are
in.ohhhh..I dunno.say..Florida? ^_^
"The bad
Election fraud is a tradition stretching back to the dawn of
civilization. There is no system, whether paper, mechanical, optical, or
computerized, that can prevent it. We are clever little apes, and we
will muck about with things. However, there are ways of making it
evident that fraud or a malfuncion has occurred, and in this respect,
touch screen devices are sorely lacking.
It's not so much that they're easier to scam than other systems; they're
not. In fact, they're more difficult to scam than most. It's just that,
as they're currently designed, it's difficult to detect tampering.
A box full of paper ballots can be sealed. If the seal is broken before
the votes are tallied, it's painfully obvious that something has gone
wrong. On the other hand, it takes some skill and planning to attack a
DRE system; you don't just open a hatch and shove in a fistful of bogus
ballots. But there are numerous points vulnerability; and while it may
be more of a challenge to mount an attack, it's considerably easier to
get away with one.
Comedian Jerry Seinfeld once said that the worst thing about being blind
would be the inability to see if there were bugs in your food. This is
the essence of the DRE problem: the devices offer a number of potential
advantages, and if designed properly, could eliminate or mitigate a slew
of serious problems, only the user has no way of knowing if they're
crawling with bugs.
The ugly
The voter verifiable paper record has become the clarion call of DRE
skeptics. Their reasoning is simple: if a machine is suspect, the paper
printout creates a separate medium for a presumably reliable recount.
Only there are two problems: first, many election regulations specify
that a recount must be performed in the same manner as the original
election. Thus, if the machines are in use, such laws would require that
the memory devices be read again, yielding the same, meaningless result
ad infinitum.
Many devices have storage media as well as memory modules. But it is not
known what would happen if the two should record different results,
either due to an attack or a malfunction. Which is paramount? And if one
should be empty, is the other an acceptable substitute without
corroboration from a third source of data?
Second, in venues where paper printouts could legally be tallied in lieu
of the electronic result, accuracy can only be assured if all voters
review their recipts carefully, assuming they recall what they decided
on fifty or a hundred questions moments earlier - a significant
challenge. Furthermore, there are man-in-the-middle attacks that could
potentially record the voter's input correctly on the paper record, but
stealthily tweak the electronic results. And let's not forget that the
paper output could be manipulated, though presumably, some sharp-eyed
voter will notice this. If the two sets of results differ, the question
then would be, which is paramount? The paper record is useful only if it
is paramount, but as previously noted, there are numerous precincts
where it probably won't be, and others where it will. Such uncertainties
could entertain the courts for months - far past the deadline for
election certification.
And the DRE machines are quite hackable at the moment. Johns Hopkins
University computer science professor Aviel Rubin testified that "not
only have the vendors not implemented the security safeguards that are
possible, they have not even correctly implemented the ones that are
easy."
Witness Neil McClure of vendor Hart Intercivic recommended that DRE
manufacturers be required to implement the FIPS 140-2
<http://csrc.nist.gov/cryptval/140-2.htm> crypto module standard. This
would be "a great first step toward putting DREs on a path to becoming a
trusted computing device," he reckoned.
No fan of the paper-trail panacea, McClure claimed that "irregularities
can be traced to product quality issues," and advocated raising quality
requirements and implementing national quality-management systems and
testing requirements for all voting devices. Which of course will not
happen, at least not between now and November. "
-Gel
--
Incoming mail is certified Virus Free.
Checked by AVG Anti-Virus (http://www.grisoft.com).
Version: 7.0.241 / Virus Database: 262.9.18 - Release Date: 5/9/2004
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
