Guest blogged by Ernest A. Canning
Brad Friedman has often compared the task of Election Integrity (EI) advocates to a game of Whac-A-Mole. One moment they expose an “it’s the machines transparency, stupid” moment when the 100% unverifiable ES&S iVotronic touchscreens announced that the unemployed and virtually unknown Alvin Greene had somehow defeated the respected circuit judge and former state legislator Vic Rawl in the 2010 South Carolina Senate Democratic Primary. The next moment we learned that DC officials had planned a live experiment to use “an untested and unverifiable Internet Voting scheme on real voters, in a real election…” — an experiment that Friedman described as “insane.”
More than 16 months after that disastrous experiment came to a crashing halt following a spectacular hack, as initially reported by The BRAD BLOG, the PBS News Hour produced a short documentary, Internet Voting: Will Democracy or Hackers Win? (see video below), which touched upon the D.C. Internet Voting Hack.
The now-legendary hack was carried out by a team of white-hat hackers, led by Univ. of MI Computer Science Prof. J. Alex Halderman. Within hours after D.C.’s 2010 Internet Voting scheme was opened to the world for a hack test (just days before it was scheduled to go live for the real thing), Halderman and his team of U. of M. students found and exploited a vulnerability which gave his group almost total control of the server software, allowing them to rewrite every single ballot and even take over command of the security cameras inside the D.C. server room. Team Halderman not only acquired the ability to change votes and install the Univ. of MI fight song to be played at the end of every vote cast, but discovered and thwarted an intrusion attempt by Chinese and Iranian computers.
Disturbingly, the new PBS documentary also reveals that, despite the spectacular failure and warnings from virtually every computer science and security expert, election and Pentagon officials are still pressing forward with what MIT Prof. of Electrical Engineering and Computer Science Ronald L. Rivest describes, as seen in the short PBS report, as an “oxytopian” solution. “‘Secure Internet voting,'” Rivest charges, “is a bit like the phrase ‘safe cigarettes'”…
The Revolving Door
In some instances, like that of Paul Stenbjorn, the former Executive Director of the D.C. Board of Elections and Ethics who first pushed for the live D.C. Internet vote experiment and was then embarrassed by the D.C. Internet Voting Hack, the persistent effort to damn the science, the scientists and the extraordinary failures to move ahead with Internet Voting anyway, might be explained by the fact that he subsequently became the Director of US Operations at SCYTL, a manufacturer of online voting and election systems.
Stenbjorn’s new job underscores the EI advocates’ fight against a long revolving door between private e-voting system vendors and the government agencies and election officials who are supposed to provide oversight for those very systems. See, for just one of many examples, our 2009 report: “Disgraceful: Discredited E-Voting Vendor VP Appointed to U.S. EAC Advisory Panel“.
Reliance upon technology that does not exist
Where, in the PBS report, West Virginia Secretary of State Natalie Tennant (D) expresses certainty — with no evidence to back it up — that there has been “no breach in our votes,” U.C. Berkley Computer Science Prof. David Wagner, who examined the SCYTL system, reported that there “is no known way to audit Internet voting.”
If there is no way to audit the voting, there is no way to know whether the votes have been “breached” and accurately recorded as per the voters’ intent.
Where Stenbjorn advanced the unscientific prediction that a secure system will be developed in the near future, Wagner, in the same report, noted: “It is not technologically feasible today to make Internet Voting safe against attack.”
Stenbjorn and Tennant have made it their mission to push for Internet Voting nonetheless.
No security against insider threat
One shortfall of the otherwise excellent PBS report — which includes interviews with a number of computer scientists The BRAD BLOG has turned to for years for their invaluable expertise on these issues — is that it only examined the concerns of system security from the perspective of an outsider attack, like the one that occurred in the D.C. Internet Voting Hack.
Even assuming that it were technologically feasible to prevent an outside attack, this does not begin to address the far more immediate threat that, whenever there is a lack of transparency in how votes are counted, there is a risk that the count can be manipulated by insiders with access to any e-voting system, be it Internet, Direct Recording Electronic (usually touchscreen) voting machines or paper-based computer optical scan systems.
As acknowledged by virtually all computer scientists and security experts, and even confirmed by the highly compromised, GOP-operative-created Baker/Carter National Election Reform Commission years ago, the greatest threat to all such electoral systems comes from insiders. As even the phony Baker/Carter commission noted: “There is no reason to trust insiders in the election industry any more than in other industries.” Thus, there is almost nothing that can be done to protect against such exploits.
“I follow the vote,” CIA Cyber Security Expert Steven Stigall warned officials of the U.S. Elections Assistance Commission (EAC) in a 2009 presentation. “And wherever the vote becomes an electron and touches a computer, that’s an opportunity for a malicious actor potentially to…make bad things happen.”
Convenience is no substitute for democracy
During the PBS report, Bob Carey, the Director of the Pentagon’s Federal Voting Assistance Program not only expresses the unscientific belief that a foolproof Internet Voting system will be developed within five to six years, but he also downplays the risks identified by computer scientists as “unfair to military voters.”
The remark brings to mind a similar tactic used by proponents of 100% unverifiable touch-screen voting systems earlier this century, when they attacked critics of such systems as being insensitive to the blind, who, they claimed, needed such systems in order to vote without assistance. Then, opponents of such unverifiable e-voting machines were “unfair to the disabled,” now, from the very same playbook, opponents of Internet Voting are “unfair to military voters.”
Let’s set aside the fact that those overseas military voters can and do vote on paper by absentee ballot, just as they did back in 1968 when I served in Vietnam. One would think that the one thing that would be more disturbing to a member of the U.S. military than the deprivation of his or her right to vote would be the discovery that the vote he or she cast was counted for the candidate he or she voted against!
PBS New Hour’s report on Internet Voting by Miles O’Brien, as broadcast on 2/17/2012, follows below…
Ernest A. Canning has been an active member of the California state bar since 1977. Mr. Canning has received both undergraduate and graduate degrees in political science as well as a juris doctor. He is also a Vietnam vet (4th Infantry, Central Highlands 1968). Follow him on Twitter: @Cann4ing.
A perfect election in a madhouse nets us what?election in a madhouse
Take the case where the inmates in a madhouse use machines to elect their leader, and the case where they use paper ballots counted in public for all to see, to elect their leader.
Inmate X, who mass murdered beat inmate Y who also mass murdered, using the machine method.
But that problem was solved by using paper ballots and Y beat X.
Good election!
Whoopee freakin’ doo!
Uh oh … I think I just violated some doctrine.
There are many challenges for our election systems and for our democracy. These challenges are persistent and severe and they must be fixed if we are to navigate the path ahead.
America is the world’s leading democracy, yet each election we lose millions of votes because of problems with voter registration, voter inconvenience, vote by mail, machine error and other election system flaws. Military voters and the poor are often disproportionately affected by these problems.
There is no question that this situation must not be allowed to continue indefinitely. 10M+ lost votes each election is unacceptable. Yet, nothing much has happened in the last decade despite widespread knowledge of these problems since at least the aftermath of the 2000 presidential election.
Given this backdrop, secure internet voting, in combination with other reforms, may offer a long term solution to some of these problems and deserves additional research attention. At present there are no internet voting systems that are sufficiently secure for public elections in the United States. Though this may be the case today, any inadequacies can be corrected with sufficient effort and investment. The question is then, how much should be spent and how soon. Perhaps the return on investment does not warrant an aggressive near-term research effort. Or perhaps it does. These are issues which deserve more discussion but a categorical dismissal of internet voting, though it may be the dominant fashion of the current time, does not serve our democracy well. Instead we should move forward with care, with reason, and with persistence towards reforms that offer the best opportunity to improve our system of government.
More information is available at:
Christopher Camp, who says that at each election we “lose” millions of votes, writes @2:
Leading democracy? By what standard?
President Carter and the Carter Center long ago concluded that US elections would not meet international voting standards, at the center of which is a required transparent, uniform, nation-wide process for casting and counting votes.
I seriously have to question whether Christopher bothered to read this article before he let loose with what appears to be a dose of e-voting propaganda in suggesting an oxymoronic solution of “secure internet voting, in combination with other reforms…”
Counting the vote entails the application of simple addition (1 + 1 + 1 etc). It’s not rocket science. It doesn’t require computers, though a calculator might come in handy when adding the verifiable result totals after they have been publicly posted at each precinct.
Accurate, transparent and verifiable vote counting entails application of Democracy’s Gold Standard — hand-marked paper ballots publicly counted and posted at each precinct on Election Night before the press and public.
As is reflected by the Gold Standard article, that is the method demanded by the German high court, which found that verifiable democracy can be assured only when:
• There is a “constitutional requirement of a publicly observed count.”
• [T]he government substitution of its own check or what we’d probably call an ‘audit’ is no substitute at all for public observation.
• A paper trail simply does not suffice to meet the above standards.
• As a result of these principles,…’all independent observers’ conclude that ‘electronic voting machines are totally banned in Germany’ because no conceivable computerized voting system can cast and count votes that meet the twin requirements of…being both ‘observable’ and also not requiring specialized technical knowledge.
Comparison of that not only to our opaque voting systems but to the extent to which corporate wealth has so thoroughly obscured truth in the U.S. not only belies the idea that the U.S. is the “leading democracy,” but raises serious questions as to the applicability of the word “democracy” in the 21st Century USA.
As to convenience, I’d suggest, Christopher, that you read our earlier article on the application of Democracy’s Gold Standard by many towns in New Hampshire, who frequently complete their accurate, verifiable counts more expeditiously than their machine-counting counterparts.
Finally, Christopher, it is unfortunate that you did not furnish the link for “more information is available at.” I suspect that link would reveal that you are connected to the e-voting system industry.
Oh, one more point, while your exploring the oxymoronic solution of “secure Internet voting.”
Prof. Wagner, in the report I quoted from states:
Paper ballots are inexpensive. Moreover, the money spent on part-time employees to count the vote at each precinct on Election Night is money recirculated into the local economy — as compared to the much larger sums of money sent to a Canadian company with ties to Hugo Chavez’s Venezuela (Dominion) or to an Internet Voting Systems manufacture, SCYTL, which is located in Spain.
The system used in Oregon seems to me to be as resistant to tampering as I can imagine. Ballots are mailed or placed in lock boxes, then opened on election day by a team of people representing all the parties involved. They are read by a machine unless any of the observers want a ballot to be read by humans. It is a very open, public process.
Denis Heidtmann –
Here’s my quick response to your comment above: “Why Vote-By-Mail is a Terrible Idea for Democracy”
If you have any questions, let me know.
Christopher Camp @ 2 said:
It is not the “fashion of the current time”. It is the science, as computer scientists and security experts have explained over and over and over again.
Which part of the science here or the computer scientists who are trying to explain it to you, leads you to belittle it or them as a “fashion of the current time”?
Similarly, which part of those votes “lost” by machine, as you describe them, wouldn’t be lost via Internet Voting? And how would you even know?
I knew THEY would come up with something new. Do you believe that DREs really are on their way out? What percentage of voters will use them in 2012?
A question for internet voting advocates: Why not just go a step further and have TELEPATHY VOTING? It would be like internet voting, except it would bypass the distracting electronics. Votings would beam their preferences telepathically to the central tabulator, which would then report their results — without any paper trail or means for the voters to check that their preferences had been accurately recorded and reported — just like internet voting.
An even simpler way would be to get the campaign funding billionaires all together at 30 Rock. They could have a public vote on TV and decide for all of us who our elected representatives should be. Save us the trouble of having to listen to all the lies and bullshit their money will buy.
The catch would be that the millions/billions they’d save in not having to bother with the charade of financing campaign propaganda for the candidates of their choice would have to be donated to a fund to recreate Acorn.
Bring the soldiers home from their bad-intentioned multiple “tours” and let them vote on hand-marked, hand counted ballots along with their handicapped-via-war compatriots in their own country. Those who are literally blinded in war will have to trust somebody to help them cast their vote.
It’s way past time to stop congress from USING our soldiers, blind and handicapped people to tug our heartstrings in favor of unverifiable voting for our entire society.
It’s an evil scam if there ever was one.
This is my own opinion which is based on my own observations over the last decade.
Re Larry Bergan @11: Solid point. Glad you added it to the dialogue.
Ernest and Brad,
There can be little doubt that popular opinion and expert opinion currently weigh in favor of your position against internet voting. The main question that I raise is, how long will the popularity of this opinion hold?
At present I do not think that any internet voting system is suitable for widespread use in the United States. On this point we would seem to agree. We appear to disagree on internet voting’s prospects for the future.
It is my position that at some point in the future, when sufficient investment and effort are expended to solve the technical challenges related to this technology, internet voting will become commonplace. I make no prediction as to the exact date when this will occur but I do believe that we have some control over the timeline. In the same way that we exerted influence over our arrival on the surface of the moon, we have some control over when internet voting becomes technically viable.
Of course, if the belief that internet voting is impossible maintains its grasp on experts and the general population the date when internet voting is widely adopted will shift backward. If the climate shifts in a way that allows significant resources to be directed to the understanding of the entire spectrum of issues surrounding internet voting, the timeline will move forward.
You have both made your position clear: you do not believe that internet voting is an acceptable voting technology. Not now, not ever.
I don’t expect to be able to change your mind, but others who have not staked themselves so firmly to a position may wish to consider alternatives to your position, I write this for them.
Also, I have no relationship with any e-voting companies.
For some reason the link did not publish in my prior comment, more info is available at restartdemocracy.org (my name is linked to the site in both this comment and the one above).
Best,
Chris
After reviewing your comment @13, Christopher Camp, I could not but help to think of the prophetic observation once made by the UK Guardian editor, C.P. Scott nearly a century ago:
“Popular opinion” has absolutely no place in a discussion of the efficacy, or lack thereof, of Internet voting.
The fact that you and your restartdemocracy.org website express the “belief” that there can be “secure Internet voting” is of no moment whatsoever — no more so than if you expressed the belief that the world is flat.
I saw nothing at that site or in your comments that would suggest that you are remotely qualified to dispute the scientific conclusions of experts, like U.C. Berkley Computer Science Prof. David Wagner, who tells us, “It is not technologically feasible today to make Internet Voting safe against attack.”
You’ve ignored the core issue of transparency, laid out by both Brad and I in comments, and the threat of insider manipulation which is present in all e-voting systems.
Insofar as I can tell, from having looked at your site, restartdemocracy.org is but a site containing the commentary of a single individual, Christopher Camp. In assembling what you “believe,” Christopher, you’ve simply demonstrated what you do not “know.”
When it comes to the subject of election integrity and the vital need for transparency in a functioning democracy, ignorance is certainly not bliss.
Ernest:
Thanks for your comment at #12.
I don’t use the word “evil” lightly because it’s a conversation killer, but I stand by every word I said because people who steal elections don’t want a conversation anyway and it has been proven they will cross any line to get their way.
As Scalia would say: SO THERE!
Ernest,
Wagner’s comments are, as the quote explicitly indicates, about today. I agree with the quote – today is not the right time for internet voting because key problems have not been resolved.
Given the sharp tenor of the conversation on internet voting, Wagner and most other well respected computer scientists and cryptographers have been careful to limit their public comments on the future of internet voting. David Chaum has been among the most vocal proponents of secure internet voting. Chaum and a group of notable compsci/crypto folk have created a voting system called Scantegrity. The group includes Rivest and half a dozen other well credentialed security/voting experts. Scantegrity has become the launching pad for Remotegrity, a relatively new voting system which allows for remote voting via postal mail or internet. Takoma Park, MD has been testing the technology and used Remotegrity (minus the internet voting portion) in the most recent elections in Nov. 2011. Again, internet voting may not be ready for deployment today but the future is another story…
Even those who are often considered to be the most severe critics will, when asked directly, say that the technology is “decades” away from being successfully implemented. Rivest and Halderman have both made public statements of this sort.
Restart Democracy is focused on one question: Is there some positive net value in shortening the development and deployment timeline for secure internet voting? We don’t claim to know the answer but we do say that secure internet voting is not impossible, it’s simply impractical at present. That any of this is controversial is an indication of the toxicity of the current environment for debate.
There is one point on which we may agree: Serious change is needed in order to improve our democracy. Our point of difference is limited to method – Restart Democracy believes that a thorough investigation of internet voting is worthwhile. You do not. Only time will tell which perspective has more merit.
I wish you the best.
-Chris
With all due respect, Christopher Camp #16, since you agree with Prof. Wagner’s statement that it “is not technologically feasible today to make Internet voting safe against attack,” and, presumably with his conclusion that “operating an Internet voting system safely requires expertise and money way beyond what election officials are likely to have,” there is no reason why you and I should be having this discussion.
The “attack” Wagner was referring to is an attack by a malicious outsider. This does not even begin to address the question of protection against a malicious insider with access to the system.
Unless and until a technology is developed that would insure that the computer count was transparent to all concerned citizens; one which would foreclose both outside hacks and insider manipulations and would be more cost-effective than Democracy’s Gold Standard — paper ballots, hand-cast and publicly hand-counted and posted at each precinct on Election Night — even contemplating Internet voting is insane!
I, for one, am not ready for the rubber room and a white coat.
Oh, one other point, Christopher.
In your religious-like belief in some yet to be discovered technology, you miss the point that it is technology which created the core problem that threatens the very efficacy of democracy — lack of transparency.
There’s an old saying, “If it ain’t broke, don’t fix it.”
The means for conducting transparent, verifiable elections — Democracy’s Gold Standard — have been with us since this nation was founded. It is transparent. It is inexpensive. It is efficient.
So, tell me Christopher, why should we be looking elsewhere?
Christopher Camp @ various:
Apologies. I’ve been on the road, and unable to participate in as timely a fashion as I’d like on this thread. Happy Ernie was able to share his thoughts with you. I share many of them, as you may have guessed.
That said, allow me to add a slightly different angle than Ernie here, for your consideration.
Let’s go ahead and imagine that someday, somehow (even you admit you have no clue how long into the future it might be), we can figure out a secure way to cast votes on the Internet.
That leaves a) Ernie’s question, as to how that would preclude the greatest threat (insiders), but, even more importantly, b) how the citizenry could know the system was secure and that their votes were counted accurately as per their intent.
The same prob exists with DRE (usually touch-screen) voting systems. Even if they are secure, the citizenry has absolutely no way to know that. We are forced to simply trust that they are. Simply trust in someone, or some technology, rather than being able to oversee the counting ourselves and no for certain the results reflect the voters’ intent.
So even if Internet voting is somehow made secure at some point in the distant future, how are the citizens, like you and me, able to overseen an election to know that it has been accurately tallied? I see no suggestion of such a thing coming to pass. And, no, Chaum’s scheme, and others like it, don’t allow for that either.
Christoper Camp, also @ various:
Shoot! I meant to add one more point! You initially marginalized computer science and security expert consensus that Internet Voting cannot be done securely as “dominant fashion of the current time”.
In your follow up, you marginalized same as little more than “popular opinion”.
It is no more “popular opinion”, than gravity is “popular opinion”. Or that it is the “popular opinion” that the earth is round.
I appreciate that you generally recognize the expert scientific consensus. But you might have better luck in your advocacy if you get over your tendency to marginalize actual scientific facts as little more than “fashions of the time” and “popular opinion”. At least it would be easier for folks like me to at least respect your advocacy, even while seeing it as fully flawed, if you did.