CDR: Gary Chapman On Online Voting, Even if Secure, Won't Solve Election Troubles
DIGITAL NATION Online Voting, Even if Secure, Won't Solve Election Troubles By Gary Chapman Copyright 2000, The Los Angeles Times. All Rights Reserved The uproar over last week's election results, particularly the controversy over the vote in Florida, has fueled calls for online voting. Some experts think the problems of last week could be solved by computerized voting, while others insist that is fraught with insecurity. Controversy about how computers handle votes has been around for a while. It was an issue championed for years by longtime Los Angeles civil-liberties activist Mae Churchill, who died in 1996 at age 84. Churchill was the founder of Pacific Palisades-based Election Watch, and 15 years ago she convinced many technical experts that there are serious problems when computers are introduced into the voting process. "Mae Churchill got me into this issue," said Peter Neumann, a researcher at SRI International in Menlo Park, Calif., and an internationally known authority on computer security. Now, he said, "I would not trust a computerized voting system even if I had written itmyself, because of the many ways in which such systems can be subverted." "It's so easy to rig an election," Neumann said. He cited the fact that "punch card" ballots -- the cardboard ballots that use a punched hole to read a vote -- can be invalidated simply by running a needle through a stack of the cards. That can make it look like a vote for two candidates for the same office. Florida election officials threw out more than 19,000 ballots last week because of the appearance of voters selecting two candidates in the presidential election. In Boston in 1993, Neumann said, a local election's results were reversed after authorities discovered errors caused by "hanging chad," the tiny paper remnant of a punched hole that can hang off the back side of the card ballot and then reclose the hole when the ballot is run through a light scanner for tabulation. This problem reportedly caused some of the vote tallies to change in last week's recounts in Florida. Also in 1993 in Florida, a St. Petersburg precinct that had no registered voters because it was an industrial area showed 1,429 votes for an incumbent mayor, who won by 1,425 votes. Another Florida case happened in 1988, when there were 200,000 fewer votes in the Senate race than for the presidential candidates, and most of the missing votes came from four counties that used the same computer vote-tallying vendor. "If it was built by man, it can be broken by man," said Doug Lewis, director of the Election Center in Houston, an organization that does training and consulting for election officials nationwide. "People asking for [online voting] don't understand the electoral process and the incredible safety and security problems that go into that." "I do worry that computer elections systems are large and complex systems," said David Jefferson, the technical director of the California Internet Voting Task Force and a researcher at Compaq Systems Research Center in Palo Alto. "The main worry is not bugs in the software or in communications, but each time they are used they have to be configured rather elaborately. Ballot choices have to fit a voter's residence, which can often be a complicated task. If they are misconfigured they can produce erroneous results." The California secretary of state's task force on Internet voting recommended against remote online voting earlier this year. "We have to understand that the security problems for allowing that are so severe that we can't recommend that solution at all. These problems are inherent in the architecture of the personal computer," Jefferson said. Instead, some online voting proponents are supporting an interim solution: polling-place computer voting. "That kind of Internet voting can be fielded now, and the security problems are manageable," Jefferson noted. Polling-place electronic voting involves using a networked computer to vote at a conventional polling site. This method has the added security of controlling the machines and identifying each voter in person. Some argued last week that polling-place electronic voting would have solved some of the problems Florida encountered. "Spoiling a ballot would be prevented by computer," Jefferson said. The computer program could prevent a confused or deliberate vote for two candidates in the same race. Another benefit might be that counties could report real-time vote counts, which could help prevent television networks or Web sites from inaccurately guessing at how a state's electoral college vote might turn out. Vote totals also could be reported instantly after the polls closed. But Jefferson said the alleged confusion last week in Palm Beach County, Fla., where some people claim to have voted for Pat Buchanan when they meant to vote for Al Gore, still could be a problem in electronic voting, Jefferson said. "Someone with a good design sense has to be in charge of the design of a screen, just like a paper ballot," he said. Even so, the obstacles to adopting polling-place electronic voting are daunting. Aside from the expense of providing every polling place with multiple computer systems, there are still significant security issues and a dearth of trained personnel in our election system. "Most of us who have been in elections a long time are uncomfortable with the idea of turning over elections to a private, for-profit company," said Lewis of the Election Center. Although private companies do run election systems, they are supervised by public officials, usually at the county level. Few counties in the U.S. can afford to pay for technical experts who can evaluate and monitor sophisticated networked computer systems with multiple redundancies, encryption, complex backup and security measures, and state-of-the-art equipment. Moreover, Lewis said, fraud in U.S. elections is low because the systems we use are so decentralized and cumbersome. Centralized and computerized data would be a tempting target for hackers, subversives and perhaps foreign governments, he said. "Even companies with tens of millions of dollars for protecting their systems are penetrated," Lewis said. "How many counties have that kind of money?" "Electronic voting is not going to solve our problems," Neumann said. Lewis added: "Everyone wants instant Internet gratification. We've been conditioned to expect this now. The truth is we're not going to have instantaneous Internet voting. We're not going to be doing this in 'Internet time.' " Gary Chapman is director of the 21st Century Project at the University of Texas at Austin. He can be reached at gary.chapman@mail.utexas.edu. ------------------------------------------ To subscribe to a listserv that forwards copies of Gary Chapman's published articles, including his column "Digital Nation" in The Los Angeles Times, send mail to: listproc@lists.cc.utexas.edu Leave the subject line blank. In the first line of the message, put: Subscribe Chapman [First name] [Last name] Leave out the brackets, just put your name after Chapman. Send this message. You'll get a confirmation message back confirming your subscription. This message will contain some boilerplate text, generated by the listserv software, about passwords, which you should IGNORE. Passwords will not be used or required for this listserv. Mail volume on this listserv is low; expect to get something two or three times a month. The list will be used only for forwarding published versions of Gary Chapman's articles, or else pointers to URLs for online versions of his articles -- nothing else will be sent to the list. To unsubscribe from the listserv, follow the same instructions above, except substitute the word "Unsubscribe" for "Subscribe." Please feel free to pass along copies of the forwarded articles, but please retain the relevant copyright information. Also feel free to pass along these instructions for subscribing to the listserv, to anyone who might be interested in such material. Questions should be directed to Gary Chapman at gary.chapman@mail.utexas.edu. ************************************************************************** Subscribe to Freematt's Alerts: Pro-Individual Rights Issues Send a blank message to: freematt@coil.com with the words subscribe FA on the subject line. List is private and moderated (7-30 messages per month) Matthew Gaylor,1933 E. Dublin-Granville Rd., PMB 176, Columbus, OH 43229 (614) 313-5722 Archived at http://www.egroups.com/list/fa/ **************************************************************************
At 01:55 PM 11/14/00 -0500, Matthew Gaylor wrote:
DIGITAL NATION
Online Voting, Even if Secure, Won't Solve Election Troubles
I was in a discussion about this a while ago, where I was defending absentee ballots (as making it easier to vote), and in the process learning about attacks on electronic and social voting systems. What I found is that every tech is going to have societal attacks even if the protocols are perfect. Spouses brow/beating spouses with home voting (regardless of tech); authentication (of dead pets..); collaborations breaking protocols, rigged tech, etc. Attacks and weaknesses. Hollerith cards have the recently apparent weakness that the perforations may not fall out. To say nothing of the recently evident human factors whining, as readily misinterpreted in phosphor as in ink. Though perhaps the "Are you sure [y] [n]" dialog box would increase reliability. Maybe the election observers the Cubans have volunteered will have more ideas..
participants (2)
-
David Honig
-
Matthew Gaylor