Friday, February 14, 2003

More Voting Machine Info

More people are starting to notice problems with computerized voting machines. See Seeing the Forest for a list of articles on the subject. There's even a book, Black Box Voting: Ballot-Tampering in the 21st Century coming out in May. Maybe somebody in the mass media will notice. I rather doubt it.

To me, the most ominous item is that Senator Chuck Hagel of Nebraska, founder of the biggest maker of voting machines in the country, may be planning to run for President in 2008. 'Ya see, normally, everybody tries to make sure the election process is as fair as possible. The Demicans may be in power now, but they know that the Republicrats will get in there eventually. If the Demicans gimmick the vote now, the Republicrats will use it against them later. Solution -- make sure the vote is as fair as possible. This is an idealization, of course. It breaks down when a single party has control of an area. However, then, it doesn't matter. From what I've heard, Richard J. Daley of Chicago never tampered with ballot boxes, either directly or via funny rules. He didn't have to. In case you're wondering, yes, Hagel did win in a completely unexpected upset, and, yes, his own company was the only one counting the votes. Folks, if somebody is going to put in the fix, they're going to do their darndest to make sure it's permanent.

A lot of the problem seems to be that all of the election officials responsible for these horrors are nontechnical people. They simply don't understand how computers work, and just accept the assurances of the manufacturers that everything is OK. Unfortunately, some of the investigators aren't so up on things, either. For example, Bev Harris, author of Black Box Voting, went to a great deal of trouble to try to track down a patch that was put into Georgia's voting machines shortly before the November 2002 elections. She asked "who examined the source code?" and "did you check that the patch altered only the files it was supposed to?". However, the patch was not to the actual voting software, but to the underlying Windows CE operating system. Better questions would have been "Was the patch signed by Microsoft? If not, who did sign it?" and "Did you check the signature"? However, of course, all the people that Harris talked to were also non-techies. I'll bet that the key programmers are overseas, in India, Russia or Ukraine. Hard to ask questions (Gavarete pa'Russki?), and harder to issue subpoenas.

Examining the source code is not very helpful anyway. Computer programs actually run "object code", which is not human readable. Before you run a program, it has to be translated from "source code", which a human can read, into "object code", which the machine can read. When verifying the code, the translation process can be subverted. Do you know that a particular hunk of object code really corresponds to the source code that you put in? This exact question was addressed by Ken Thompson, in his classic speech Reflections on Trusting Trust, in 1985. (Thompson, for the non-computer types out there, is the co-author of the Unix operating system and one of the major architects of today's computer world. Impressive dude.).

Basic answer -- you can't be sure. Does the source code represent its specification properly? Maybe. Does the object code correspond to the source code? Maybe. Does the object code actually get loaded into the machine? Maybe. Does the machine actually run your code? Maybe. Can the code be changed after it's loaded? Maybe. The only foolproof solution that anybody's been able to come up with is to have the machine print out a paper ballot, which is then counted like a normal ballot. This doesn't mean that the systems are useless -- the printed ballot would be a lot easier for a machine to read than any hand-marked ballot possibly could be. Point is that, as long as everything is stored as bits, there is no way to make sure that it has any relationship to the way people actually voted. Little pieces of paper give you something you can count, by hand if necessary.

Anyway, the "gold standard" of these references is the Rebecca Mercuri's Electronic Voting website. This is the place to go if you're arguing with your local election officials about these machines.

LATER: Another link, this one by a professor of cyberlaw and constitutional law at Yale. His opinion: in its haste to come up with an argument for appointing Georgie Bush President, the Supreme Court came up with an opinion that can be construed as declaring "unauditable" voting machines to be unconstitutional.

STILL LATER: Whoops! They're popping up all over the place! Here's Pandora's Black Box: Did it Really Count Your Vote?, from 1996. (This one is reprinted without the author's permission, so there's no telling how long it'll be there.)

LATER AGAIN: Good Grief! Now, there's a discussion over at Slashdot about Stanford professor David Dill's resolution on electronic voting Note for the non-computer types -- Slashdot is a heavy-duty computer nerd site, with a fair representation from the tinfoil-hat crowd. There is some good stuff there, however. To survive on the Web in any case, you need a really good built-in crap detector.

Weblog Commenting and Trackback by