A MUST READ -- Bob Fleischer: Software IS a Problem

Bob Fleisher, who holds a Master's in computer science from MIT and has over 30 years experience in programming and computer systems consulting, explains in plain English why computers don't belong in the electoral process.

http://home.tiac.net/~rjf/Computers-and-Elections.html

among IT and IS professionals.

Who have you been talking to? Everyone I know votes by absentee ballot.

Mr. Fleisher is in the DISTINCT Majority. He is right on. If they don't want to cheat why not have paper ballots? Why do they need 20000 lines of secret code to do what I could do in 200 lines of open source code? Please just THINK.

company. I guess I should qualify my answer by saying IT and IS professionals not registered at DU.

That's a new one on me.

Dr. Avi Rubin, Dr. David Dill, Dr. Rebecca Mercuri and Dr. Doug Jones
certainly don't endorse it. The only expert I've ever heard invoked who
endorses it is Britain J. Williams of Kennesaw State. Some time ago I
tried and was unable to confirm that he has a PhD.

http://en.wikipedia.org/wiki/Britain_J._Williams

If you have information beyond personal anecdotes that IT professionals
endorse electronic voting, I'd certainly like to see it.

defense industry research laboratory. He's been a shill for the voting machine industry for over 15 years now.

Any software professional worth their salt would not endorse something
with as many "access" holes as the computer electoral process.

Rather it seems many software people are unaware of the hackability of
systems.

Do you run a completely paperless office? Do you think it would be a good idea to run a completely paperless office?

If not, why not?

Here's what the geeks at slashdot.org think of your lunacy:

http://www.google.com/search?as_q=voting+machines&num=10&hs=ZiL&hl=en&client=firefox-a&rls=org.mozilla%3Aen-US%3Aofficial_s&btnG=Google+Search&as_epq=&as_oq=&as_eq=&lr=&as_ft=i&as_filetype=&as_qdr=all&as_occt=any&as_dt=i&as_sitesearch=http%3A%2F%2Fslashdot.org%2F&safe=images

.. believe that long codes are easily debugged? believe that all other IT/IS professionals are honest and never make mistakes? believe computers cannot be and have never been used to commit fraud? believe that hacking into systems is impossible?

none of them ever saw malicious code? none of them has ever seen a program that did something different than it purported to do? none of them knows of any company that ever misrepresented its operating procedures?

I have 15 years experience as an IT professional - and I can tell you secret code with no paper trail is insane! (or intentionally corrupt)

was stolen in one year,and that same year there was 500 million electronic dollars stolen.


Intentionally corrupt..... I'd say YES.

ballots/totals.

Anybody who actually understands how computers work knows that anyone who somehow gains access can make them do anything he or she wants.

Computers certainly be used to assist blind and handicapped people and people who don't speak English. They can be used to standardize ballot selections, to limit the number of choices selected to the correct amount and to warn people when they leave a portion of their ballot blank.

However, when it comes the actual cast ballots, people counting paper is infinitely more safe and secure than computers counting whatever their controlling programs tell them to count.

World-renowned computer security expert, author of Applied Cryptography:

"Computerized voting is a horrendously dangerous idea."

Sometimes short cuts will provide a greater opportunity for error or manipulation. Every vote should be on paper. Perhaps we can have two counting machines to verify each other's readings, but the paper trail is needed.

:bounce: :toast: :bounce:

:hi:

Welcome! :hi:

:toast:

and EVERYONE I know in the business agrees that computers should not be counting votes. We know first-hand just how easy it is for a computer to get things wrong or to be compromised.

Since the idea behind HAVA is to allow greater freedom for the disadvantaged and to be able to verify the vote before actually casting it, these computerized systems should just actually print out the paper ballot, once verified by the voter, whereupon the voter will take the paper ballot and place it in the ballot box (as per the usual custom). The computer system should not, BY ANY MEANS, tabulate the vote - it should just make it easier for the voter to perform their civic duty. I've done software development for over 25 years - anyone who thinks these systems can't be hacked/manipulated needs to stop that close visual inspection of their lower colon.

over 15 operating systems and all of these systems have one thing in common: they count whatever I tell them to count.

I don't agree with Mr. Fleisher's conclusions, but I do agree with many of his points.

Put simply; we already accept machines as part of the election process. Converting some of these machine to computerized alternatives is a natural extension of our current process. Safeguards can be put into place to make these new systems less tamperable then our current systems.

Up through the nineteenth century, voting was essentially a completely unautomated process. Ballots were hand marked, hand counted, hand tabulated, and manually reported. Errors, both accidental and purposeful, can and did happen. Ballots could be "lost", misplaced, miscounted, remarked, etc.

Through the 20th century, a certain amount of automation entered the electoral process. Voting machines and punch-card ballots became common. But these systems were still prone to manipulation. How does anybody really know that a Chicago voting machine was counting every lever the voter switched? How does anybody really know that every California punch-card ballot truly had the proper hole aligned with the name the voter punched? Why do we trust that the machine counting the punch-card ballots was counting them accurately?

What both of these processes above lacked was transparency and repeatability. There has effectively always been some point in the election process where we didn't really know what was happening to our ballots. And with any of the above processes, the exact repeatability of recounts was low. Humans make counting errors, and punch cards are fragile and deteriorate.

We should seize the opportunity of computerized voting to address these problems, and to improve the transparency and repeatability of the entire process.

Here are some things I would propose.

1: All software involved in the election process *must* be open source. All software actually in use must be from digitally signed distributions provided by a trusted source. The software must provide a challenge-response method of verifying the distribution, based upon something like RSA, which would allow representatives of any interested party to randomly audit compliance.

2: All hardware integral to the election process *must* be off-the-shelf commodity hardware available commercially. It needs to be possible for any interested party to assemble for them self a "trusted" hardware/software combination.

3: The voter interacts with a machine that helps them prepare their ballot. After all voter choices are made, the machine confirms them on screen, prints a paper ballot, and instructs the voter to review their ballot.

A note here: this is where I diverge most strongly from Mr. Fleisher's views. I believe that we must put the responsibility on the voter to look at their ballot and verify that it matches their intent. Mr. Fleisher holds the view that we cannot rely on voters to do this. But my proposal puts an additional "check" in the hands of the voters that we don't have now. How does a voter today know that the pattern of holes in their punch-card matches what they want? How does a voter today know that the lever-and-wheel system they used even registered their vote correctly? Think of my proposal so far as essentially being a hand-marked ballot, just that a computer has helped the voter to make sure that their votes are marked in a consistent and legible manner.

4: A key part of my proposal: the machine that is used to CAST the vote has no role whatsoever in COUNTING the votes. All it is used for is to simplify the voting process and produce a very consistently marked ballot.

5: The voter, supervised by an election worker, inserts their ballot into a counting machine. The counting machine is built to the same standards as outlined above (open-source signed software, commodity hardware). The ballots are stacked and retained by the machine.

6: Because ballots were produced and retained, we now have the ability to reproduce the count whenever we want.

7: Provide, by law, that any challenger to the election has the right to recount the original ballots on hardware and software that they provide. This is a *key*. If you don't think the people making the official count did it fairly, you have the right to use your own "known good" tabulator to count the votes. If there is a discrepancy, then there is a problem.

All in all, I don't think we as a nation can retreat from the idea of computerized voting, and if we as a party retreat from supporting it at all, we lose the ability to influence the system we will end up with. When we should be doing (IMHO) is driving toward a system that we can all trust, and all verify.

How about this....small precincts (under 1000 people)...paper ballots...hand counted by 1 rep, 1 dem, and 1 independent.....precinct totals posted publicly, then passed on -

seems pretty foolproof to me. and employs some people, which is a good thing.

critical.

IMHO, if you use ANY machine to do ANY kind of ballot counting, the entire process must be subject to a TRULY random physical hand audit of a certain percentage of precincts.

Of all the ideas I've seen so far, the one I like best is for a computer to generate a paper ballot, and then a voter examines and then puts the ballot in a ballot box. But then I am unfamiliar with all the ways fraud is committed with paper ballots. Your always hearing about fraud in countries that use paper ballots, but I've never seen details. Anyone have a list? I assume the computer would print a hash code on the ballot so alteration could be detected, but what are all the other ways?

BTW, I've been programming computers since 1969 and over that time I've made many a blunder that passed though the Quality Assurance team with flying colors. In my mind, it's simply impossible to find all the errors without the source code. If the code is complex enough, it's impossible to find all the errors with or without the source code. So I have no faith whatsoever in any certification process and I don't think anyone else should either. If I knew the source code was going to be kept secret, it would be a piece of cake to put in any backdoor I wanted and have it pass QA. If the source code was going to be public, I would probably deliberatly oversubscribe some array to change a voting variable without being obvious about it. If found, it would just look like a bug.

BTW2. I went to a "Meet the Candidates" event and asked the panel about their thoughts on black box voting. Got the blankest stares I've ever seen in my life. Some work needs to be done in educating the politicians.

The word "machine" is used to refer to any computer-based election systems, including Direct Recording Electronic ("DRE" -- commonly also called "touch screens"), Optical Scan, and central tabulating systems.

I don't see anything in his analysis which refutes the utility of an appropriately audited optiscan-based counting system. Otherwise, hez dead on.

http://www.democraticunderground.com/discuss/duboard.php?az=view_all&address=203x394430#394824 then

we have to fight a better fight, the "Exit poll waste of time thread" is on top with 180 post this thread

which is most important to our cause is 12 down with 29 post they will win if we keep allowing them to go at this pace. FIGHT!