Computerized voting machines, like any other machine, help to increase productivity and lower costs. Still, every time any new machine comes along there is always some Luddite to cast FUD (Fear, Uncertainty, and Doubt) about the newest technology. In this essay I hope to dispel the irrelevant and get down to the core of the matter. The only question that really remains relevant when talking about voting machines is if one can count on their accuracy. Security is a wholly different matter. When talking about accuracy, though, it is very dependent on what kind of computerized voting system you have in place. Computerized voting can be accurate, indeed very much more accurate than, say, people hand counting paper ballots. Real accuracy can be ensured if and only if the software is implemented through a very concise approach that adheres to prudent computer science practice and if the code is well audited. Only once one has ensured accuracy then one is ready to move on to the issue of security.

It is agreed upon by many in the field that the most accurate vote counting system to be trusted and now in use are Direct Recording Electronic (DRE) systems. (Cranor) They are basically specialized computers usually setup with an LCD touch screen. These systems are very easy to understand if the menu interface is set up properly, and the security behind the method they use to tally votes is very similar to the security behind mechanical leaver voting machines. DRE systems are also much easier to use from the voter’s perspective when compared to other methods and allow less room for voter confusion as one would get with, say, a butterfly ballot. When talking about electronic voting systems DRE is usually what stands out as the main subject matter. So it comes natural to primarily analyze DRE based voting systems.

Some of the prudent computer science methods that ought to be in place with DRE software are those that should be well known to the programmer and are regularly taught in the classroom. Aspects such as using positive-only integers for counters and making sure that your counters know their max limits and respond accordingly, and if required, with an informative error and an elegant shutdown. Sadly though the moment a programmer leaves the classroom and enters the real world things change. Then there are project deadlines and an air of “just get the job done and ship it already”. It is well known that Microsoft, at least in the beginning, took the security and accuracy of its source code secondary to shipping its product. Why should any other company be different when shipping is always in their best interests? Even then it is undeniably very hard if not impossible for a programmer to ensure that their code is written to react favorably in light of all the conditions it is put in. That is why when one is trying to create a very accurate and securely coded system intense auditing must be in place to check it after every revision. Also, never assume that there will not be revisions because code is never truly done and there are always later revisions down the line. It can be assumed through common sense that the more people who have access to the code the more auditors you have looking at that code. Therefore the utilization of the open-source model will clearly divulge bugs that need to be fixed at a faster rate than a closed source model.

Many feel that by keeping source code secret it is somehow more secure through obscurity. This is not true though because it is always the hacker who wants access to the code the most who eventually gets it and these things never stay secret anyway. On top of that, a programmer does not need the source code in order to probe for security holes in the software. A programmer needs only to run the compiled executable binary through a decompiler in order to view the low level assembly code. All obscurity does is slow down an inevitable process. Not only that, but you must consider that “it is hard to have confidence that software is performing accurately when you cannot look at the code.” (Newman) “If the system is unremittingly open, there can come to be full accountability, and correspondingly high public confidence in the process.” (Mann)

It is my strong belief that with a process as important as the election process is to our republic that every element in the process should be as open as possible so as to encourage the catching of anything out of the ordinary. If one is working with a black box doing the entire vote counting then one is putting way too much trust in the company that set up that black box. I don’t believe it is the wisest thing to do but this is the very thing that is happening with all the current DRE systems put into place now. This not only violates trust in accuracy, it also violates trust in security. “Indeed, there have been many documented cases of ballot counting machines that were accidentally programmed incorrectly or had the wrong software installed.” (Cranor)

As far as security is concerned, the human factor has much more forbearance over how secure a system is. A carefully thought out system is what it takes but of course the government is, as always, behind the curve and is taking too long to learn what is wrong with the current system. There are already many documented cases of the people writing to their elected representatives and asking for very relevant information about the voting machines in use in their precinct and their representatives were utterly clueless and still remain that way. This has happened in Georgia when their Secretary of State was not ensuring certification of some of the voting machines (Black Box Voting - Case). This has happened with Florida after installing their new voting systems: “Bay County showed that with more than 60 percent of precincts reporting, Richard Gephardt, who long before had pulled out of the presidential race, was beating John Kerry by two to one” (Black Box Voting - Florida). There are many other documented cases of black box voting machines showing how untrustworthy they are.

Another major factor being ignored by almost all the State implementations of DRE systems are paper audit trails. Even if one assumes that the DRE machine is open-source based, has been validated, and is accurate, one can still not ensure that the data will not get corrupted or that a crash of some kind would not happen. Here is one way of putting it: How often do you save a several page report when writing it on your computer? If one is wise that answer should be “quite often” and one would feel the most secure once the report is actually printed out. This should be no different when talking about tallying up votes on a computer. And yet many States totally ignore this safety net that was previously in place with the older mechanical voting machines. This is not a problem with the new machines for indeed it is technically as easy as plug and play to add printout capabilities. This is a problem with a change in election law towards the worse at the same time these DRE systems were ushered in. Voting in Virginia right now is a great case example of this problem (Verified Voting).

This situation creates an ethical dilemma in regards to the use of electronic voting machines. If one doesn’t trust the technology in its currently implemented form then should one boycott it altogether? This question is not easily answered. If one boycotts it then it is an outward display of lack of confidence in the system. If the system is no longer treated seriously then the government will lose the public appearance of the consent of the governed. However, by not voting one is effectively not getting across one’s views and you will not have a chance to elect an official who may yet change the broken election system for the better. I believe the best way to solve this dilemma is to use the voting machines in the mean time and to protest in other ways if one feels cheated. But of course there is always that paranoia that makes one wonder if your vote was counted, or if some ominous presence that wanted to keep control of the current system, just “accidentally” lost your vote. Yeah, it was a glitch, that’s all; you can trust that little black box… (Open Studios)

It is true that voting machines have helped to streamline and increase the accuracy of the American voting process of yesterday and the utilization computerized voting machines today is just taking the technology to the next level. However, the voting security model can and should basically remain the same. Nonetheless, it is being changed for some reason. It should never be security through obscurity, but always security through openness and auditing through the people. In the end it’s all about people’s confidence in the voting system and their confidence that their vote does count. New technology should help to make sure that every vote does count and a properly implemented DRE system does this. However, at this time I could not find any instances of a properly implemented open-source DRE system currently in use in any state.

Unless this situation changes the US is in great danger of a debacle that would make the Florida voting system in 2000 look like a subtle problem in comparison. Citizens should visit http://www.verifiedvoting.org/ now and call their representatives in Congress. This is a time bomb that threatens the future integrity of our country and yet the media spin has not picked up on this. Without security in our voting, the whole foundation of the US government collapses. I can only hope that these broken DRE systems are fixed, and with the rate at which they are now being adopted, they should be fixed soon. I am one who is definitely not a Luddite, but in these circumstances it pays to be worried about new technology flung around in this manner without any thought on to the long term consequences.

Bibliography

Black Box Voting, David “Florida Officials Have Reporter Removed for Trying to Cover Voting Machine Failure” http://www.blackboxvoting.com/modules.php?name=News&new_topic=3 (17 March 2004)

Black Box Voting, David “The Case of the Missing Certification” http://www.blackboxvoting.com/modules.php?name=News&new_topic=4 (17 March 2004)

Cranor, Lorrie “Voting After Florida: No Easy Answers” http://lorrie.cranor.org/voting/essay.html (13 March 2004)

Jefferson, Rubin, Simons, Wagner "A Security Analysis of the Secure Electronic Registration and Voting Experiment" http://servesecurityreport.org/ (13 March 2004)

Mann, Irwin “CFP'93 - Open Voting Systems” http://www.cpsr.org/conferences/cfp93/mann.html (13 March 2004)

Newman, Ron "Computerized Voting -- No Standards and a Lot of Questions" http://catless.ncl.ac.uk/Risks/2.42.html#subj4 (13 March 2004)

Open Studios “Can The Commons Protect Our Right To Vote?” http://www.ibiblio.org/studioforrecording/vote.html (17 March 2004)