Re: Hand Recounts of votes recorded on DREs
Barbara,
Your email and past comments indicate a philosophy that any thing other
that a paper ballot is inherently insecure and there is nothing that can
be done to reduce the risk of compromise to an acceptable level. Since
it is my professional opinion that adequate protections can be built
into the development, testing and operation of voting systems to enable
trust and confidence in the veracity of the results. Therefore, since
you have chosen to accuse anyone not agreeing with your position as
being unpatriotic, I chose to reply to your message based on that
perception. Even in your reply to my message you equate "an inadequate
set of standards" to being unpatriotic and then determine that only your
solution is "adequate". I reject your premise and will not accept your
attempt to camouflage the assault on my patriotism by this weak attempt
to make it look like you meant no offense.
We are not the party responsible for the veracity of elections and
engendering trust in the process, the States have that authority and in
general have taken that responsibility seriously. Our purpose is to
develop standards that can be used to improve the usability,
accessibility, reliability, and security of vote recording devices. The
choice of whether to even use the standard is the prerogative of the
State officials either elected or appointed to that duty.
And, Barbara, there is, at least in the states that require it, a
concept of a "secret" ballot. So, your second comment is equally
fallacious and again designed to define the standard to your terms. The
public needs to trust the process and the people they have chosen to
operate that process. Your attacks, even when valid, may have a more
negative affect on the voting process that the poor programming to which
you object. Now, just to ensure you do not try to take my comment to
mean that we should not strive to eliminate poor coding, that is not the
intent. We should work to ensure that we have the best possible voting
systems.
On the issue of buggy software affecting the outcome of an election,
can you provide documentation of that? There have been a number of ad
homonym attacks on voting systems, but few validated instances and no
intentional attempts to inaccurately report an election result. It is
definitely not in the interest of those whose livelihood depends on the
ability to sell voting device to those who are responsible for the
election process. Vote Fraud is a very serious charge that should not
be lightly bandied about and accusations without proof are indeed
damaging to the election process.
I do agree that there has been voter fraud in the past, but the
documented instances of intentionally fabricating votes have occurred on
paper records and not electronic and I have asked for data on this issue
and no one has produced any. There may not be many who think they can
get away with tampering with an electronic voting device and get away
with it. We should ensure reasonable and effect standards are developed
to build and test voting systems, not elevate the most commonly
defrauded media as somehow above reproach.
Another issue that I have to disagree with you on is that we should
"make it as difficult as possible for the outcomes of elections to be
changed". You have neglected a couple of key issues, if we make it too
hard to vote then we are part of the problem not the solution and in a
lot of cases we have made it too hard for those with vision problems to
vote privately. Additionally, if systems cannot be purchased by the
voting officials because we have increased the cost for a marginal or
unneeded benefit, those systems will not be used to vote and the product
will die. An election official, particularly those who are elected by
the voters whose taxes pay for the voting systems and who use them,
wants to provide a is interested in a good experience and a reliable
outcome. These do not depend on whether a piece of paper is produce by
the voting device.
Barbara, your referral to the current systems that have had problems as
examples of how testing has failed is vapid. It is in fact a credit to
the vendors who developed these systems without any guidance from the
FEC in the area of security. Until recently, there were no systems that
even meet the 2002 FEC standards because they were not available to test
them. I think we can make a significant improvement in the voting
systems people use to elect our government, but requiring a printer on
every voting system is not the way to do it. This could in fact reduce
the reliability of the voting system to an unacceptable level. I do not
reject the viability of a paper verification, but it needs to meet it's
own set of requirements and those have not been adequately tested.
Also, the standards should not exclude other viable options.
Finally, your PS, many jurisdictions do in fact test the accuracy of
their electronic voting devices every time they do an acceptance test or
logic and accuracy test. A predetermined input should yield an output
that matched that input. The ability to accurately reflect the voter's
intent is also determined by the usability factors we are working to get
included into the standard. On an electronic voting system, we can
alert the voter that they have not voted in one or more of the races and
then give them a chance to change that if they desire. Overvotes are a
thing of the past on the electronic voting devices. So, as long as we
do not drive the price of the voting systems out of the range the voting
jurisdictions can afford, we can have a better experience for the voter
that accurately records their vote and with adequate testing validate
the results as accurate.
Barbara Simons wrote:
> Dear Vern,
>
> I am surprised that you think that my comment about patriotism had anything
> to do with you. I have never questioned your patriotism. My reference
> about patriotism was not aimed at any individual.
>
> Rather, I was simply stating the obvious. Our committee bears a heavy
> burden. If we produce an inadequate set of standards, we may be undermining
> democracy. To do so would, in my opinion, be unpatriotic.
>
> To repeat: we must not endorse any voting system that lacks transparency,
> one where the voter must have faith in secret code, secret and inadequate
> testing, and secret test results. Secret is not a word that should be used
> to describe voting systems.
>
> It is not rhetorical to say that software has bugs. We know of cases in
> which buggy software has already been used in actual elections. Have any
> election outcomes been changed because of buggy software? I don't know, and
> neither does anyone else on this committee - though there are several cases
> that are highly suspect.
>
> We also know that election fraud has occurred many times in the past. I do
> not believe that human nature has changed so fundamentally that election
> fraud will not occur in the future, if an opportunity is provided.
>
> I am certain that you agree that we must make it as difficult as possible
> for the outcomes of elections to be changed, either because of unintended
> software bugs or intentional manipulation of software. And, I am certain
> that you agree that to do otherwise is not simply irresponsible but in fact
> unpatriotic.
>
> Regards,
> Barbara
>
> P.S. You refer to the accuracy of DREs, but we both know that there is no
> audit trail for paperless DREs. We also know that current testing is
> inadequate and that even the best of testing (ask Microsoft or Sun or the
> other software vendors), which we certainly don't have for DREs, cannot
> detect all software bugs. Finally, we know that it's possible to write
> malicious software that would be triggered only during an election and could
> even erase itself afterwards. Given the vast sums of money being spent on
> elections, it would be relatively cheap to bribe or blackmail a programmer
> or someone else with access to the voting software. Unfortunately, this is
> reality, not "flat earth" rhetoric.
>
> On 12/7/04 0:24, "Vern Williams" <vernonw74@earthlink.net> wrote:
>
>
>>Barbara,
>>
>>I believe I have the right to my opinion and you have not earned the
>>right to call me unpatriotic. I dedicated 20 years of service to
>>defending our democracy and would ask what your investment has been. I
>>have been interested in evaluating the issues based on science and
>>reason, not on paranoia. You call yourself a computer scientist and I
>>hear much "flat earth" rhetoric from you and very little reason.
>>Systems can be programmed to perform their functions with audit trails
>>to confirm the veracity of the results. There are many who have been
>>investing in the actual process of democracy for a long time and not
>>just throwing stones from the outside. The real lunacy is to presume
>>that the results "recorded" on paper are somehow less corruptible than
>>modern voting systems with checks to warn a voter of undervotes and
>>prevent overvotes when the vast majority of attempted election fraud has
>>been with votes recorded on the very paper you consider so perfect and
>>incorruptible.
>>
>>The people working to run elections and produce voting systems that are
>>easy to use, reliable and produce accurate results are the ones who can
>>help us find ways to improve the process of recording votes. I only
>>hope that your name calling will encourage the committee to work hard to
>>prove you wrong. That we can develop standards that help produce the
>>next generation of better and more reliable and accountable voting
>>systems. Not go back to the "paper age" or was that the stone age? Oh,
>>and by the way the reason we are recommending testing and evaluation of
>>the voting equipment is to provide an acceptable level of assurance that
>>your unfounded accusations do not happen. It would be interesting if
>>you would compare the accuracy of the DRE voting systems with Mark Sense
>>and see which is more accurate. Maybe the ACM would be interested in
>>those results.
>>
>>Sincerely Disappointed,
>>Vern Williams
>>
>>
>>
>>Barbara Simons wrote:
>>
>>
>>>Pete's comment is so obvious I cannot understand why anyone would even
>>>question it. A "hand recount" of paperless DRE votes should come up with
>>>the same tally that the DRE originally produced, unless the DREs are really
>>>really broken.
>>>
>>>BUT, suppose there was a software bug (or malicious code) that corrupted the
>>>votes so that they were originally incorrectly recorded, as happened in
>>>Mahoning County, Ohio, where numerous voters reported that when they
>>>attempted to vote for John Kerry, the vote showed up as a vote for George
>>>Bush. We don't know - and can't know - whether or not those machine
>>>correctly recorded the intent of the voters, but if it recorded them
>>>incorrectly, then those same faulty records will appear in the printed paper
>>>versions.
>>>
>>>I find it amazing that anyone would defend a system that has the lack of
>>>transparency of paperless DREs.
>>>
>>>Since the standards produced by our effort are likely to be adopted
>>>nationally, we bear a tremendous responsibility. We have the opportunity to
>>>develop standards that will minimize the options for corruption and maximize
>>>openness and transparency. To do otherwise is irresponsible and even - dare
>>>I say it - unpatriotic.
>>>
>>>Regards,
>>>Barbara Simons, writing from Australia - which is why I have been unable to
>>>participate in email and phone discussions.
>>>
>>>On 12/5/04 16:43, "Pete Klammer" <pklammer@comcast.net> wrote:
>>>
>>>
>>>
>>>>A "hand recount" of paperless DRE votes is patently absurd, meaningless, and
>>>>futile.
>>>
>>>
>
>
--
Quote of the week...
"Posterity -- you will never know how much it has cost my generation to
preserve your freedom. I hope you will make good use of it."
--John Quincy Adams
Vern Williams, CISSP ISSEP CBCP CHSP IAM
Senior Security Engineer / Analyst, SAIC
Senior Member, IEEE
Vernon.C.Williams@SAIC.com
Cell: 512-635-5315
Any comments are my opinion and not the official position of SAIC.
This email and any attachments thereto may contain private,
confidential, and privileged material for the sole use of the intended
recipient. Any review, copying, or distribution of this email (or any
attachments thereto) by others is strictly prohibited. If you are not
the intended recipient, please contact the sender immediately and
permanently delete the original and any copies of this email and any
attachments thereto.