Category Archives: security

supreme court rules on Indiana Voter ID case

Posted on April 29, 2008 | 7 comments

I’ve mostly stayed quiet on this issue but it is newsworthy.

The Supreme Court just ruled on the Indiana Voter Id case
(Crawford v. Marion County Election Board) in support of
allowing states to issue stricter voter id laws.

Rick Hansen gives his initial thoughts at the Election Law Blog:

Today’s much anticipated decision in Crawford v. Marion County Election Board is a significant win for those who support stricter voter identification laws, even if they support such laws for partisan purposes. It will encourage further litigation, because it relegates challenges to laws imposing onerous burdens on a small group of voters to “as applied” challenges, but those challenges will be difficult to win. The lack of a majority opinion, moreover, injects some uncertainty into the appropriate standard for reviewing other challenges to onerous election laws.

I am disappointed by how cursory that opinion was in its review of the state’s interest in light of the highly partisan atmosphere of election administration, and I fear that, despite the Stevens-Kennedy-Roberts’ opinion’s best intentions, this opinion will be read as a green light for the enactment of more partisan election laws in an attempt to skew outcomes in close elections.

I’m personally a bit conflicted on voter ID requirement laws. Opponents (1 2) of these sorts of laws argue that they are effectively poll taxes, that there is very little evidence of significant fraud by voters that they would help prevent (as contrasted with election fraud by election system insiders) and that the motivation for these laws is a partisan push to discourage voters from classes of people that lean to the Democratic party.

Despite these arguments, it seems very reasonable to me for our election system to have means to prevent or detect fraud attempts by voters. Intuitively a voter id requirement does not sound very burdensome. The question for me becomes not “Can / Should Voter ID requirements be enacted?” but rather “How can Voter ID requirements be implemented in a fair, non-partisan way that will not effectively result in partisan voter suppression?” I don’t have answers except for suggesting that laws like this not phase in for ~10 years so that the negative impacts can be minimized and partisan effects be less predictable.

Dan Wallach at Freedom To Tinker has a couple of very thoughtful posts on the topic:

  • How can we require ID for voters?

    he real issue is making sure that all people who might want to vote actually have IDs, which is a real problem for the apparently non-trivial number of current voters who lack normal ID cards (and, who we are led to believe, tend to vote in favor of Democrats).

    The question then becomes how to get IDs for everybody.

    The only way I could imagine a voter ID requirement being workable (i.e., having a neutral effect on partisan elections) is if there was a serious amount of money budgeted to help people without IDs to get them. That boils down to an army of social workers digging around for historical birth records and whatever else, and that’s not going to be cheap. However, I’m perfectly willing to accept a mandatory voter ID, as long as enough money is there to get one, for free, for anybody who wants one. The government is willing to give you a $40 coupon to receive digital signals for an analog TV, as part of next year’s phase-out of analog broadcasts. Why not help out with getting identification papers as part of phasing in an ID requirement?

  • voting ID requirements and the Supreme Court

    In the end, the court found that the requirement wasn’t particularly onerous (the New York Times’s article is as good as any for a basic summary, or go straight to the ruling).

    The big technical question, of course, is whether the root desires behind the voter ID requirement can be addressed in some more effective fashion than ID requirement. What are those root desires?

Advertisement

7 Comments

Posted in news, security, turnout, voterid

Follow up to Sacramento central tallying

Posted on March 25, 2008 | 1 comment

The SacBee gives us some follow-up information to the decision to tally votes centrally in Sacramento:

mproper maintenance of some of Sacramento County’s voting machines – and the tint of the Feb. 5 ballots – were to blame for malfunctions that sidelined vote-counting scanners and delayed results of last month’s presidential primary, according to the county’s top election official.

The problems have been corrected and the scanners are expected to be used in the June election, Registrar of Voters Jill LaVine said in a report to the county Board of Supervisors.

Because of the malfunction, all ballots had to be counted in the election department’s central command in south Sacramento – instead of some being processed as usual at the precincts.

During its investigation, the county said that the vendor that supplies and maintains the scanners, Elections Systems & Software, conducted improper recalibration and preventive maintenance on the machines in December.

My take:

  • I’m glad to see that there was some sort of quality testing that occurred so that problems were noticed.
  • I’m surprised that the issues were universal at all precincts. For a problem of that scale you would expect that someone (ES&S – the vendor?) would be contractually responsible for their mistakes.
  • I’m not very comfortable with the resolution which was to use central tabulation. Central tabulation requires that there are observers of the counting and a strong chain of custody for the ballots. Precinct level counting is more robust in this regard. Perhaps a fall-back to manual precinct level counting might have been better.

1 Comment

Posted in news, security, votingmachines

Bob Koehler on election integrity and voting machines

Posted on January 24, 2008 | 4 comments

Bob has a short, well written article on election integrity entitled Conspiracy Theorist. It’s a good resource to point people to whose reaction to election integrity issues is to ask “What’s the problem? Just vote and trust that the votes will be counted accurately.”:

“We should at least get votes back on paper and get people counting them by hand.”

This is not what I’d like to be writing about. Our nation’s soul is bleeding, its future up for grabs. The candidates jockey for a mandate — our mandate — and they’ll define it as narrowly as possible unless we define it for them.

Why, then, must I divert my attention from matters such as this and ponder . . . memory cards and molded plastic deflectors? Ah, democracy! We can’t simply leave it to the voting machine vendors any more than we can leave it to the politicians. The O-rings and gusset plates of democracy are poised to fail in every election; every vote does not count. The media and most government officials are still in denial about this, still dazzled by glitzy, electronic voting technology or maybe just trapped in their billion-dollar commitment to it. Besides, when has technology ever gone backwards?

But the call for paper ballots and hand counting — however jarring and quaint it may sound in the 21st century — comes most urgently not from Luddites or flat-Earthers but the technophiles and self-proclaimed geeks who understand computers most intimately, and know their vulnerabilities.

While security concerns are paramount in our financial and just about all other dealings…, we maintain a remarkable sense of denial that hunger for power could ever lead to breaches of democratic integrity. What are you, a conspiracy theorist?

No, but I’m from Chicago and I cut my teeth as a reporter back in the waning days of the Daley (Senior) Machine, when precinct captains didn’t need no conspiracy to know they needed to deliver their precinct, or else, and would do what it took. The quest for political power is raw and all too often dirty. That basic truth hasn’t changed.

My thoughts:

  • I’m glad to see more attention to the problems with electronic voting machines
  • The praise for the ritual of placing a ballot into a ballot box is bogus. That is just an argument for status quo and could be used to justify all sorts of poor practices – such as having voting occur on a workday (Tuesday).
  • I’m not a fan of electronic voting machines but it is unfair to say that there are no benefits to using them. I list a few benefits and problems below. To me the problems far outweigh the benefits.
    • Some benefits of electronic voting machines are: faster initial reporting of results, ability to handle many ballot variations with minimal waste (eg: variations for each precinct and for language preference), improved disability access.
    • Some problems with electronic voting are: very serious election integrity issues, cost (in my understanding), limited number of machines available in a location so unacceptably long waits when sufficient number of machines are not in a precinct, potential use in vote suppression via technology and access barriers.

4 Comments

Posted in security, votingmachines

Sacramento to tally votes centerally

Posted on January 23, 2008 | 6 comments

From the SacBee, Sacramento County machine flaws to delay results:

Problems with Sacramento County voting machines will stall Feb. 5’s election results for hours. Results may not come until well after your morning coffee – the next day, county elections officials said Wednesday.

“It might be slow, but it will be accurate,” offered Brad Buyse, a spokesman for the local election office.

He said the county discovered problems with the equipment used to count ballots in neighborhood polling places a couple weeks ago.

After days working with the ballot printer and election machine vendor to try to solve the problem – and Feb. 5’s presidential primary only days away – elections officials decided to take the faulty machines out of the mix.

So rather than scan ballots at each of the county’s 548 polling places, ballots will be taken back to the central office and tabulated using larger, faster machines that have passed required tests.

Tuesday election results usually come in by midnight. This time around, it could be 9 a.m. Wednesday before all the ballots are counted, Buyse said.

Comments:

  • An 8 hour delay in knowing election results is not an issue in my view
  • It would be nice to understand what specific issues were found with the machines.
  • In addition to not providing feedback about over/under votes (brought up in the article) there is an election integrity concern with moving from precinct tallying to central tallying. The chain-of-custody of the ballots becomes more suspect and the possibility of tampering while ballots are in transit or storage arises. Most election integrity advocates (who are not pushing for end-to-end verifiable systems) advocate for counting the ballots at the precinct level so that chain-of-custody issues are less pressing. For an example of recent chain of custody issues with central counting, consider the case of New Hampshire’s democratic primary (scroll down to the “Butch” and “Hoppy” part).

6 Comments

Posted in fraud, news, security, votingmachines

Well done video on verifiable voting

Posted on January 4, 2008 | Leave a comment

Ben Adida has filmed an excellent presentation on verifiable voting systems given on the Google campus. It’s 92 minutes long. Check it out.

Continue reading

Leave a comment

Posted in scratch_and_vote, security

Ohio EVEREST Report

Posted on December 19, 2007 | Leave a comment

From their press release:

On December 14th, 2007, Ohio Secretary of State Jennifer Brunner released the results of a comprehensive review of her state’s electronic voting technology. The study, called Project EVEREST, examined electronic voting systems – touch-screen and optical scan – from Elections Systems and Software (ES&S), Hart InterCivic, and Premier Election Systems (formerly Diebold). As part of that study, three teams of security researchers, based at Pennsylvania State University (State College, PA), the University of Pennsylvania (Philadelphia, PA), and WebWise Security, Inc. (Santa Barbara, CA), conducted the security reviews. The reviews began in September, 2007 and concluded on December 7, 2007 with the delivery of the final report. The teams had access to voting machines and software source code from the three vendors, and performed source code analysis and security penetration testing with the aim of identifying security problems that might affect the integrity of elections that use the equipment.

The public report can be downloaded from:
http://www.sos.state.oh.us/

The report is similar to those that Debra Bowen had commissioned in California. In short, the electronic voting machines all had extremely serious flaws.

Continue reading

Leave a comment

Posted in news, security, votingmachines

Kathy Dopp and the MN Post Election Audit Summit

Posted on November 19, 2007 | 7 comments

(Rebecca Mercuri asked me to write this as a follow-up to my post about the MN Post Election Audit Summit. I’m a bit hesitant as I do not know the whole story, have had very little interaction with any of the players, and I am concerned that I am jumping into a preexisting conflict which I know very little about. I am posting this anyways as a favor to Rebecca.)

Continue reading

7 Comments

Posted in auditting, conferences, security

Post-Election Auditing Summit

Posted on November 8, 2007 | 2 comments

I’m continuing my tradition of posting about conferences that I have not attended…

The Post-Election Auditing Summit was held in Minneapolis October 25-27, 2007.

Continue reading

2 Comments

Posted in auditting, conferences, news, security, votingmachines

A random post

Posted on October 28, 2007 | Leave a comment

From Joseph Hall’s blog:

(This is funny, but you have to let me build it up with context…)

In elections, especially in election audits, we often have to produce random numbers that an observer can prove to themselves came from a true source of randomness.

The RAND corporation also publishes a book of random numbers, which you can buy: “A Million Random Digits with 100,000 Normal Deviates”.

So, where’s the funny in all of this? Check out the reviews on Amazon for the RAND book. They’re drop-dead hilarious. My favorite is the first one:

A truly amazing genre-breaking work of art unlike any that has ever been or ever will. I was captivated from the moment I opened the cover until the extremely suspenseful moment I turned the last page. With that said, I was a little disappointed that 71602 was knocked off by 92937 just as the plot was unfolding, but the arrival of 96240 really got my blood pumping and I just couldn’t put the book down from that moment on.

I am so glad that Amazon.com is offering the “Search Inside This Book” option for this book so that it can be enjoyed by countless other avid readers who otherwise may not have come across it. I wait, impatiently, for the audio CD version of this fine book

Be sure to read Joseph’s whole post and to look through the reviews for this book as well. There are some gems in there.

(Joe describes himself as a politechnologist and PhD student at UC Berkeley’s School of Information. He was involved in at least the documentation part of the CA secretary of states Debra Bowen’s top-down review of electronic voting machines.)

Leave a comment

Posted in humor, random, security

Daniel Castro’s response to my ITIF review

Posted on October 5, 2007 | 1 comment

Daniel Castro has responded to review of the ITIF eVoting report that he wrote.

In that review I agree with his thesis that “end-to-end verifiable” voting systems should be encouraged and be part of the debate on electronic voting and I basically agree with his recommendations. But I strongly disagreed with his assessment of the relative risks of paper systems, electronic voting systems, and electronic voting systems that print a voter verified paper trail. I also found much of the tone of his report offensive.

My assessment is:
e2e verifiable system > paper system > eVoting with voter verified paper trail > eVoting

His appears to be:
e2e verifiable system > eVoting > eVoting with voter verified paper trail > paper system

And I believe that we both agree the e2e voting systems need more support and some trial runs but are not yet ready for widespread deployment.

To put it pithily, “I agree with the thesis of this disagreeable report“.

Here is his response. This is posted with his permission:
Continue reading

1 Comment

Posted in fraud, HR811, itif, legislation, punchscan, security, votingmachines