Numerous media outlets publish misleading attacks on decision to limit electronic voting
SUMMARY: While reporting on California Secretary of State Debra Bowen's decision to
decertify the state's electronic voting machines in light of a study that found
the systems are vulnerable to security breaches, numerous media outlets attacked
the study's "unrealistic" methodology or uncritically reported criticism of the
study's premise, without noting the researchers' explanation for their methods.
In his August 8 Sacramento Bee column, Dan Walters criticized California Secretary of State Debra Bowen's (D) decision to decertify most of the state's electronic voting machine systems following a state-commissioned study that found the systems are vulnerable to security breaches, as Courage Campaign founder Rick Jacobs noted in a blog post at The Huffington Post critical of Walters' argument. Walters asserted that it "is not surprising" that the systems were found to be vulnerable, given the "unrealistic circumstances of the tests. Among other things, the hackers were supplied with source codes and other confidential information, and they ignored the security procedures that election officials employ." But in simply repeating this criticism, Walters and numerous media outlets that reported criticism of the study's allegedly "unrealistic" methodology -- including The Washington Post, the Associated Press, the Los Angeles Times, and the San Francisco Chronicle -- did not address the explanation given in the report itself for the conditions under which the testers worked.
After discussing "techniques" by which hackers "can discover secrets that companies and organizations wish to keep hidden" and providing examples of "organizations," such as the DVD Copyright Control Association, being "unaware of their own leaking of information," the University of California, Davis researchers who conducted the study concluded: "Thus, the statement that attackers could not replicate what red team testers do, because the red team testers have access to information that other attackers would not have, profoundly underestimates the ability and the knowledge of attackers, and profoundly overestimates the infallibility of organizations and human nature." In other words, the research was conducted under the presumption that potential hackers would have access to sensitive information relating to the machines, given hackers' proven adeptness at obtaining protected information.
According to the UC study:
The California Secretary of State entered into a contract with the University of California to test the security of three electronic voting systems as part of her top to bottom review. Each "red team" was to try to compromise the accuracy, security, and integrity of the voting systems without making assumptions about compensating controls or procedural mitigation measures that vendors, the Secretary of State, or individual counties may have adopted. The red teams demonstrated that, under these conditions, the technology and security of all three systems could be compromised.
During the August 3 edition of National Public Radio's Talk of the Nation, the red team study's principal investigator, University of California, Davis, computer science professor Matt Bishop, further explained the study's methodology. In response to host Ira Flatow's assertion that "the companies that make the machines have been critical, saying that you had access to information manuals, about how the machine works and whatever, that normal voters might not have," Bishop responded, "Well, you have to be very careful when you make a claim like that" because "information in this day and age tends to get circulated very freely. ... There have been voting machines sold on eBay. How do people know that -- how do they know that others won't have access to this information?" Bishop also said that "the key issue" facing potential hackers "is getting access" to the machines and recommended that more physical safeguards be put in place to protect from this. But "if" some of those "polic[ies] fail ... the technical defenses of the machine should come into play," which was the focus of the red teams' study. To assume that the physical safeguards would "never" be breached, Bishop stated, "indicates a very high belief in human infallibility, one probably higher than warranted."
Walters also attacked the study for "ignor[ing] the security procedures that election officials employ" -- again, without noting the researchers' explanation. The UC report noted that its research teams "did not evaluate the likelihood of any attack being feasible. Instead, they described the conditions necessary for an attacker to succeed," allowing the researchers to "focus on the technology rather than on the policies procedures, and laws intended to compensate for any technological shortcomings." Because providing safeguards for the voting machines "is a local matter" in California, the report stated that "it was impractical for the red team testers to evaluate" the "at least 58 different sets of procedures." On NPR, Bishop added that it was "up to the politicians" to "look at the policies and procedures surrounding" securing the machines and suggested that since "the red teams were technology folks," they would not be sufficiently qualified to look into this issue." Bishop further stated that "in the limited time we had" to conduct the study, it "would simply not have been feasible for us to" examine the "policies and procedures" in place in California's 58 counties.
Nonetheless, numerous media reports similarly attacked the study's methodology or uncritically reported criticism of the study's premise, without noting the researchers' explanation for their methods. For instance:
- In an August 7 article headlined, "Voting-machine costs add up," the San Jose Mercury News uncritically reported that "[c]ompany officials have said the researchers were given unusual access to the machines that real-world hackers could never gain."
- On August 5, a Sacramento Bee article -- "Voting decision creates turmoil" -- similarly reported without question, "The UC studies drew criticism from registrars and manufacturers because they did not take into account Election Day security measures by local officials. Researchers also had access to proprietary access cards and internal codes." The article added: "Manufacturers said they were disappointed in Bowen's conclusions because they believe the tests were unfair," concluding, " 'Secretary Bowen's top-to-bottom review was designed to ignore security procedures and protocols that are used during every election,' Diebold Election Systems President Dave Byrd said in a statement. 'Her team of hackers was given unfettered access to the equipment, the source code and all other information on security features provided by (Diebold) to the Secretary of State's Office.'"
- In an August 5 news brief taken from news services, the Post reported only that "[c]ompany officials have played down the results of Bowen's review, saying they reflected unrealistic, worst-case scenarios that would be counteracted by security measures taken by the companies and local election officials."
- The same day, the AP uncritically reported: "Companies complained that the review was performed under conditions that don't exist in the real world, with the university hackers having full access to machines' manuals and complex computer codes."
- In an August 4 article, "State decides to secure electronic voting machines," the Los Angeles Times also reported only that "Bowen's audit has been harshly criticized by election officials across the state who said the testing was done in a manner inconsistent with real-life situations. ... 'It was akin to testing the security of your money in a bank with unlocked doors, with no security guards or even bank tellers in sight and the bank's vault wide open,' said Los Angeles County Registrar-Recorder Conny McCormack."
- A July 28 San Francisco Chronicle article on the study uncritically quoted the "head of the state Association of Clerks and Election Officials" as saying: "Letting the hackers have the source codes, operating manuals and unlimited access to the voting machines 'is like giving a burglar the keys to your house,' '' said Steve Weir, clerk-recorder of Contra Costa County and head of the state Association of Clerks and Election Officials."
On August 3, Bowen announced that "[e]ach of the systems" that had gone "through the top-to-bottom review ha[d] been legally decertified," and that "each of them ha[d] been recertified with the addition of a number of conditions." The Diebold and Sequoia systems were "recertified solely for the purposes of conducting early voting and to allow counties to have one DRE [direct recording electronic] machine in each polling place on Election Day for the purpose of complying with disability access requirements of the Help America Vote Act (HAVA)." The "Hart InterCivic DRE system was also recertified but will only be required to comply with increased security and post-election auditing procedures."
From Walters' August 8 Sacramento Bee column:
This year, Bowen commissioned a "red team" from the University of California to test electronic voting systems. The team found them to be vulnerable -- which is not surprising, given the less-than-reasonable, unrealistic circumstances of the tests. Among other things, the hackers were supplied with source codes and other confidential information, and they ignored the security procedures that election officials employ.
Based on what the California State Association of Counties calls "flawed analysis" of the systems, Bowen decertified them, drawing sharp criticism from officials who must now scramble to put voting systems in place for the Feb. 5 presidential primary election and from Diebold, the chief target of the review.
"Secretary Bowen's top-to-bottom review was designed to ignore security procedures and protocols that are used during every election," Dave Byrd, president of Diebold Election Systems, said in a statement. "Her team of hackers was given unfettered access to the equipment, the source code and all other information on security features provided by (Diebold) to the Secretary of State's Office."
Bowen, it might be said, disregarded reasonable doubt and embraced the "imaginary doubt" that criminal law forbids.
Considering that the only vested interest in compromising these machines is the Corporate/Repugnant alliance, and that they are precisely the best source of the information and access tested by Bowen, I would not trust any less demanding testing than she applied. Three in a row is too many to allow them to steal from the people, even if that requires paper ballots.
I do not know why there still seems to be so much resistance to electronic voting. Voter machine fraud, malfunction the 2000 fiasco, Ohio 2004 should all be warning signs, yet as a nation we still have not come to terms with the possible fraud that is coming again in 2008.
Maybe I am wrong Sueeld, is this also not a states issue?
Fair warning: I contributed to Bowen's campaign, although I reside in Michigan; so take my support for her tests and her decertifications accordingly.
Note that the Secretary of State's testing also showed that the machines were not accessible to people with disabilities. Accessibility is required by the Help America Vote Act (HAVA) and by California law as well. See the report here:
http://sos.ca.gov/elections/voting_systems/ttbr/accessibility_review_report_california_ttb_absolute_final_version16.pdf
dumping the punch cards which produced the florida recount mess was a hasty decision. it was done because of the usual rush of politicians to be seen doing something. after the 2000 election i had read that there was a machine into which the punch card could be inserted and it would tell you who you had voted for, and whether a vote was recording for every race. in other words, if you had not completely punched the hole, that would show up. it would have been relatively cheap to have one at each precinct. having a entirely electronic system with no verifiable back up was an invitation to massive doubt about the integrity of the vote.
Yeah, I've got doubts for sure. I am absolutely convinced based on the limited retrieval of records from Ohio before they were so conveniently "lost", that Ohio was stolen: even the few precincts adequately examined demonstrate sufficient change from the reported numbers, to (even without the remaining 85-90%) change the resident in the White House.
and of course, the first state to go exclusively with diebold machines was georgia in 2002. which featured the "upset" win of saxby chambliss over incumbent democratic senator max cleland. see link. cleland had led almost every poll by various margins, but ended up on the losing end by a margin of 53 to 46%.
http://www.pbs.org/newshour/vote2002/races/ga_11-05-02.html
and as pointed out in this excellent article by the very excellent thom hartmann, the georgia governor's race featured an upset by the republican over the democrat favored in every poll.
http://www.organicconsumers.org/politics/elections31005.cfm
to those who want to dismiss the possibility of cheating, the fact is that the republicans tried to illegaly shut down the democrats ride to the polls program in new hampshire in 2002, in a close senate race. the gop paid for the legal bills of james tobin, who was convicted in the scheme. see link. and there is the fact that al gore withdrew his concession in 2000 when it became clear that his florida total was undercounted by 16000 negative votes from one precinct in volusia county. see link. no one shoud be content with a system where votes disappear into thin air.
http://ekyprogressive.blogster.com/memo_shows_2000_election.html
here's the tobin link.
http://www.lasvegassun.com/sunbin/stories/bw-wh/2005/aug/11/081101319.html
Great information on an issue that everyone in this country should be concerned about....thanks.
To actually mark a paper ballot in some way, by ink or punched hole or whatever, is to create a permanent record of your vote, right there... the ballots are stored that way, they're not thrown away... and to count those ballots takes no more effort, than for a certified person to look at it, and then tally the vote on another record, or tally sheet... and seeing as how all votes are cast at some place, they are counted there too (nobody counts millions of votes; not even tens of thousands; all ballots are counted at the place they're cast, usually no more than a thousand or several, and the results are forwarded... only thousands of ballots are ever counted in any place, and then the rest is just arithmetic, addition)... and the count or tally, once determined at the close of the polls (or in the day or so following: we're not in a mad rush here you know... it's not like a building is on fire, or a ship is sinking), that count once determined at that local place, it is then reported up to a more central place, where the results from the different precincts are totaled.
Its the way it's always been done: it works just fine. The beauty of is that it requires no private company's contracted services (except those who print the ballots)... it's all done by regular folks, as volunteers... they staff the polling stations and count the votes.
It's beautiful, for it's ease and simplicity.
You know what else is beautiful about it?
As a process, the manual registering and counting of paper ballots is extraordinarily difficult to corrupt.
Extraordinarily difficult: it requires making counterfeit ballots, by the thousands and tens of thousands, in order to make even the slightest difference in the final tally... and those counterfeit ballots become permanent records themselves, just as the legitimate ballots are... they can be inspected and examined, and their counterfeit detected, at any time after they're cast.
Again, it takes thousands upon thousands of counterfeit ballots, to make any difference in most elections... millions even, in a presidential election.
How easy is it to make it appear electronically, as though many more or many less votes were cast, than were actually so?
How easy is it to manipulate the tally, without anyone knowing?
I'll tell you how easy, watch this:
2,787, 318
There, I just did it! With a keyboard I made a number appear electronically... without any proof to back it up, in the form of paper ballots, I just said that 2,787, 318 votes were cast for a candidate. And how could you ever know if it were true? Who could say it were not true, and how would they prove it?
Without paper ballots as a permanent record of those votes being actually cast, I would be left to proving my tally by simply restating it:
2,787, 318
There, I did it again... it's that easy!
And oh, I forgot to mention: seeing as there's always at least two persons running for an office, I forgot to mention what the other candidate got for votes:
3,286
Wait, I mean 286... the other guy got:
286
There, I did it again... how are you going to prove me wrong, without paper ballots, as a permanent record and as tangible things we can see and count, as proof of an actual vote.
And how would you ever prove me wrong in what I, the Diebold Corporation and it's owners and executive officers, tell you....
...what permanent record paper ballots can you examine and count, to prove Diebold wrong?
Did I miss something in 2006? I don't remember any cries of vote manipulation. Seems to me, the Rs would have wanted to keep control of Congress, or am I missing something? Maybe, just maybe, the Ds got control of the computer codes in 2006. Makes as much sense as some of the other drivel that has been posted since 2000.
Being asleep doesn't count:
http://arstechnica.com/news.ars/post/20061101-8131.html
http://www.npr.org/templates/story/story.php?storyId=6069712
http://www.foxnews.com/story/0,2933,227857,00.html
Several screwy results from 2006 bolster the indictment of the electronic "vote", including very clear problems in at least two House districts in Florida. Despite the outrage from the net, the House dismissed the contests. Same in California, and Colorado. A lot of speculation about over a dozen suspect victories by Repugnants in other states, where the data is not as accessible as in Florida and California.
I want paper. I want comparisons of the number of registrants to the number of voters (in several of the aforementioned cases, more votes totalled than registrants, plus serious deviation from both pre- and exit polling; in Florida, far fewer voters for the Congressional contests than for dogcatcher or county clerk.) I want audits to cover 100% of the precincts, in any contest within x%. All long-established, and reliable methods of uncovering discrepant results. (Dogcatcher above is hyperbole; clerk is not.)
Why not? No money there for Repugnant campaign contributors?
SAVE DEMOCRACY, VOTE FOR A DEMOCRAT!!
Ah how the pendelum does swing, the worm does turn, and our fortune do change, eh Republican?
As I wright this the revered stock market takes a bath with what is left of the middle class's pentitions while directors of boards on international corporations take their stock options, cash buy outs and gorge on cash assetts left from payroll roll backs from outsourced jobs to China, India, and Mexico to mention a few!
They earn dividends from oil stocks as oil prices increase three fold from $25.00 a barrel to nearly $80.00 caused mainly from a illegally premptive invasion of the 3rd largest oil reserve in the world smack dab in the middle of the middle east, smack dab in between Sunnis and Shia's!
They lit the middle east on fire to create a kaos that would require American troops to protect a strategy of forcing the Iraqi's to submit to a constitutional amendment awarding 80% of all revenues from their own oil to American-British international oil companies! They would divide the remaining 20% between a divided Shia majority, rebelious Sunni minority that doesn't believe they are the minority, and a Kurdish government that could care less about the other two! This while the mighty Turkish Army sits on the border itching to invade the north of Iraq to qwell any idea of a Kurdish Nation!
They want to own our vote thus put to end any opposition to their design to profit from every element of the commons that were until the Reagan Administration and now the Bush Administration, the ownership of a common interest, our government, our representative democracy for the common good of all citizen, not just corporate profits!
I am a business owner, I have great respect those whom make a business work in this day and age. I just don't think that democracy has to be so blinded by the desire for corporate profits to the extent their should be no more democracy to reach that end!
Happy Thoughts;
Dan Grady
Just for the record, columns are generally written from a point of view, they are intended to promote the opinion of the columnist. That's what separates columns from news stories.
So, I don't think it's fair for MMFA to expect Walters to provide counter-arguments for his opinions on the electronic voting machines study. He puts forth his argument, others can challenge his argument if they feel it is unsound. And that's exactly what Rick Jacobs did in his Huffington Post blog.
It is opinion, yes, but not informed opinion. The newspapers and our airwaves are full of uninformed opinion, and it is hurting our democracy.
Opinion should be based upon one trying to discover the whole truth of the matter first.
I don't think it's fair for MMFA to expect Walters to provide counter-arguments for his opinions on the electronic voting machines study.
Why isn't it fair? This isn't a personal indictment of Walters. It's a rebutal to to a column he wrote.
Walters may be stating an opinion, but it's not simply one such as "blue is my favorite color." It's intended to influence policy. MMFA, like any other group or individual, is entitled to offer evidence that challenges Walters' argument.
Quite frankly, the "it's an opinion" defense it over used.
MMFA is certainly entitled to counter-argue the column. In fact, I said as much about the Huffington Post takedown of the column. But where I disagree with MMFA is their suggestion that Walters is obligated to present a counter argument to his own point. It's HIS column and he's making HIS point.
MMFA doesn't present counter-arguments to their own points in threads here. They put forth the evidence that supports their position.
Two things many people don't seem to know about voting machines.
The reason we moved to electronic voting was to help handicapped people. The machines where you have to turn levers doesn't work for people who are in wheelchairs or too weak to do it. People with limited mobility can't work a punch card. They tried to create systems that would be more user-friendly for the disabled.
The threats posed to these electronic voting systems are threats if the machines are handled by corrupt people. We had the same problem with paper ballots before, and we'll have the same problem if we all move back to paper ballots. If you allow a dishonest person who wants to commit vote fraud access to the machines or to paper ballots, results can be manipulated. The only reasonable way to address the issues WRT criminal interaction with voting methods is to keep them secure, and if that happens, then no one could access those electronic machines to change any data. The voter registrars could put little tamperproof labels over the slot in those machines, and if anyone ever removed that panel, it would show up.
I have no problem with systems that create a paper ballot backup, but we need machines that are compliant with the HAVA act to give disabled people every chance to vote.
I agree that handicapped people need a system that is easy for them to use. I remember that someone (in California) invented such a system that uses a paper ballot and a pencil, I'll try to find the link.
There are numerous problems with electronic voting. Even if honest people are involved in the voting process (and that is not always possible); even if competent people are always available at every polling place; we still have the issue of the privitization of our vote.
The voting machines were developed by private companies that will not let our elected officials examine their source code. This means that programs can be written into the source code that would flip elections. The company officials are the ones that come in to election offices to "fix" the glitches that invariably occur during the voting.
Here's a link about the voting system for handicapped people using paper:
http://votetrustusa.org/index.php?option=com_content&task=blogcategory&id=144&Itemid=1021
With the advent of the Help America Vote Act in 2002, all polling locations across the nation are required to provide a method for disabled people to vote without assistance from another person.
That keeps the voter's balloting confidential.
A Port Ludlow woman has invented a low-tech system that helps the disabled vote -- solo.
Computerized voting machines didn't seem to be the answer to 15-year Port Ludlow resident Ellen Theisen, because they malfunction.
She began to worry about the democratic voting process.
With 22 years experience as a technical writer of computer software, Theisen knew the limitations of computers and what their pitfalls are.
"What got my interest was when I found out democracy was dependent on the correct alignment of ones and zeros,'' said Theisen of the digits that provide digital data.
"I know enough about software to know that it's unwise to trust computers with that.''
So in summer 2005, Theisen set out to fix the problem and offer disabled voters a trustworthy and private way to cast their ballots.
Voting on paper
Her solution: the Vote-PAD, or Voting-on-Paper Assistive Device.
It seemed to me that you ought to be able to design something that a person with a disability could use without having to use electronic voting,'' Theisen said.
The Vote-PAD system uses a plastic template for the ballot. Holes are cut out where the ovals to be marked are, and raised bumps on the template provide a physical indication where they are to aid the sight-impaired.
The disabled voter listens to an audio tape that explains the ballot and the voting options.
When the vote is cast, a battery-powered wand is used to verify the vote. It vibrates when dragged over the chosen voting option so the voter knows that the intended oval was marked.
"It looks pretty simple, but it actually does work,'' said Theisen.
"We've really got a lot of advice from people who have tested it.''
Although the patent is still pending, Theisen's invention has been certified in Wisconsin and in Yolo and Nevada counties of California.
http://votetrustusa.org/index.php?option=com_content&task=view&id=1129&Itemid=51
There is only one reason that Dan Walters and the rest of the winger crowd is so upset by this report is that they know they've been cooking the books and now we've taken away one of their tools used to deny the will of the people....this is only the first step...we must win this next election and then aggressively prosecute those who have been found guilty of rigging elections by whatever means.
Part of the problem with the machines is that it is not outside hackers but those who sell and service the machines who have a political agenda of their own, or at best, sell the information about the back doors to whoever will return favors in other ways.