Category Archives: votingmachines

EVT

The 2007 Electronic Voting Technology Workshop

Posted on August 9, 2007 | 1 comment

(I’m continuing my tradition of blogging about conferences I have not attended.)

The 2007 Electronic Voting Technology Workshop was held on Aug 6 in Boston. A lot of interesting people were there.

Here is Ben Adida‘s writeup:

Joe Hall kicked off the post-lunch session with a discussion of election contracts and how they may prevent proper oversight. This is dry stuff, but it is likely incredibly important. He pointed out specific clauses in vendor contracts that prevent any analysis of the equipment and software. Some contracts even declare “unit pricing” to be trade secret, which, as Joe points out, is in conflict with normal government public budget reviews. Funny thing: the restrictions are so strict that the contracts then specifically carve out “permission for the voter to use the equipment for voting.” And of course, the contracts themselves are often considered confidential.

Amnon Ta-Shma presented an approach to cryptographic voting that does not reveal the plaintext of the vote to the voting machine, yet remains “bare-handed.” He provided some background on Chaum, Neff, and Ryan’s schemes. He then explained the conflict between preparing a ballot in the booth (privacy), and preparing a ballot at home (coercion). Amnon concurs with Josh that privacy cannot be fully guaranteed, only made more likely. His scheme involves the voter bringing an encrypted ballot for each candidate, and having the booth
reencrypt the one he wants. That way, the booth doesn’t know the plaintext (privacy), and the voter doesn’t predict the ciphertext (no coercion). There were numerous questions about whether it’s workable to use cryptography in the first place when voters may not be very
tech savvy.

Overall, a fantastic day with lots of high quality talks. EVT is shaping up to be the de-facto conference for voting developments. I remain a little bit disheartened by the continuing gap between the crypto and applied security crowds. The crypto folks (me included)
need to do a better job pitching this stuff, especially now that there’s an opening to improve the technology in places like California.

Here is Warren D Smith’s writeup:

Some interesting and talented people were there. That’s the good news.

The bad news is, there also were a lot of bad talks (I did not like Rivest’s talk about my own work, a fact which particularly grated) and the press did not show up. That’s a pity sonce there were several things that really deserved press.

Also very good talks were those showing how to hack voting machines and demonstrating the absolutely awesome level of incompetence among their manufacturers/designers. (It is so hard to be that bad…)

There are also a few posts about EVT 2007 at the election technology blog.

1 Comment

Posted in EVT2007, news, votingmachines

Thank You, Debra Bowen!

Posted on August 5, 2007 | 6 comments

Bowen and HAL

Remember, you heard it here last!

You can get much better coverage of this issue at the Brad Blog.

California Secretary of State Debra Bowen has commissioned a ‘Top-to-bottom’ review of voting machines used in California. The reports are in and as a result of them are abysmal. As a consequence Bowen has decertified the machines and recertified some of them for very limited use.

In a dramatic late-night press conference, California Secretary of State Debra Bowen decertified, and then recertified with conditions, all but one voting system used in the state.
Her decisions, following her unprecedented, independent “Top-to-Bottom Review” of all certified electronic voting systems, came just under the wire to meet state requirements for changes in voting system certification.

Bowen announced that she will be disallowing the use of Direct Recording Electronic (DRE, usually touch-screen) voting systems made by the Diebold and Sequoia companies on Election Day, but for one DRE machine per polling place which may be used for disabled voters. The paper trails from votes cast on DREs manufactured by those two companies must be 100% manually counted after Election Day.

Many are expecting lawsuits to follow soon so this story is not over.

The top to bottom review consisted of at least 3 parts. All of the machines reviewed had significant flaws with respect to each report:

  • A ‘red team’ report of hack attempts
  • An accessibility report
  • A source code review

In short, each machine is hackable and not very accessible.

Some more resources:

6 Comments

Posted in news, votingmachines