VotersUnite.Org
is NOT!
associated with
votersunite.com
|
Sheila Lennon: One person's experience as an election judge March 4, 2004 By Sheila Lennon / The Providence (R.I.) Journal 6:40 p.m. Wednesday My experience as an Election Judge in Baltimore County: Let's follow up on yesterday's item that led with Aviel Rubin, one of the authors of the Johns Hopkins study Analysis of an Electronic Voting System, serving as an election judge in Lutherville, Md. Here's Rubin's account of his day. It's all interesting, but here are the relevant revelations from the front lines: During breaks, I decided to educate Marie and Joy about the security problems of electronic voting machines. Amazingly, they really started to get it. They confessed that they had been ready to fight me, and that there was great animosity towards me, but that, in their words, I wasn't "such a bad guy after all". At the same time, I started realizing that some of the attacks described in our initial paper were actually quite unrealistic, at least in a precinct with judges who worked as hard as ours did and who were as vigilant. At the same time, I found that I had underestimated some of the threats before. I think that being an election judge was the best thing I could have possibly done to learn about the real security of elections. In our paper, we described how the smartcards used by these machines had no cryptography on them, and we made the widely criticized claim that a teenager in a garage could manufacture smartcards and use them to vote 20 times. I now believe that this particular attack is not a real threat at least not in the primary I worked today. We had 9 judges and 5 machines. Whenever a voter took what seemed to be too long, we always had a judge ask them if they needed help, or if something was wrong. Also, the machines make a loud clicking sound when the smartcard is ejected, and we almost always had a judge standing there waiting to collect the card and give the voter a sticker, as they are ushered out. In general, multiple voting attacks during the election are not likely to work in a precinct such as the one where I worked. Every hour or so, we counted all of the voter authorization cards (different from the smartcards), which were in an envelope taped to the machine, and compared them to the number of votes counted by the machine so far. I believe that if any voter somehow managed to vote multiple times, that it would be detected within an hour. I have no idea what we would do in that situation. In fact, I think we'd have a serious problem on our hands, but at least we would know it. Every hour, we also counted the totals on the machines and compared them to the totals in the registration roster that we used to check people in. I was amazed at the number of countings and pieces of paper that we shuffled throughout the day in what was billed as a paperless electronic election. There were also some security issues that I found to be much worse than I expected. All of the tallies are kept on PCMCIA cards. At the end of the election, each of those cards is loaded onto one machine, designated as the zero machine. (I found it interesting that Diebold numbered the machines 0 through n-1, disproving my notion that they don't have anyone on board who knows anything about Computer Science.) The zero machine is then connected to a modem, and the tallies are sent to a central place, where they are incorporated with the tallies of other precincts. In our case, the phone line was not working properly, so we went to the backup plan. The zero machine combined all the tallies from the PCMCIA cards that were loaded one at a time onto the machine. It then printed out the final tallies. One copy of that went onto the outside door of the building where there were talliers and poll watchers eagerly waiting. The other was put into a pouch with all of the PCMCIA cards, each wrapped in a printed tally of the machine to which it corresponds, and that pouch was driven by the two head judges to the board of elections office. The security risk I saw was that Diebold had designated which machine would be the zero machine, and at one point, all of the vote tallies were loaded onto that one machine in memory. That would be the perfect point to completely change the tallies. There is no need to attack all of the machines at a precinct if someone could tamper with the zero machine. In fact, even when the modem is used, it is only the zero machine that makes the call. In the code we examined, that phone call is not protected correctly with cryptography. Perhaps that has been fixed. I was glad to see that the administrator PIN actually used in the election was not the 1111 that we used in our training, and that we had seen in the code. One thing absolutely amazed me. With very few exceptions, the voters really LOVED the machines. They raved about them to us judges. The most common comment was "That was so easy." I can see why people take so much offense at the notion that the machines are completely insecure. Given my role today, I just smiled and nodded. I was not about to tell voters that the machines they had just voted on were so insecure. I was curious that voters did not seem to question how their votes were recorded. The voter verifiability that I find so precious did not seem to be on the minds of these voters. It was on the mind of a California voter, though: Did I vote? Blogger Brian Dear of Brianstorms wonders, I went to the polling place. I used a Diebold machine. But I have no idea if I actually voted nor do I know if my vote actually was counted. The happy-go-lucky local San Diego TV news reported tonight very nonchalantly that roughly 25% of the voting machines DIDN'T WORK when the polls opened this morning. Why? DIEBOLD and MICROSOFT WINDOWS SOFTWARE PROBLEMS. ... ...THIS IS NOT ABOUT TOUCH SCREENS. It's very much about what happens to your vote *after* it is processed by the touch screen terminal. Where does it go? What machines does it pass through? What evidence is there that my vote was even counted? I took my little card out of the Diebold machine when I was done voting, stood in the center of the neighbor's garage polling place, waved the card around to all the polling people, none of whom seemed to care. Finally got someone's attention, and she took the card. I have no idea what she did with it. I did not see her run the card through a reader or other machine, and she gave me nothing but the sticker. ... (The sticker read, "I VOTED TOUCH SCREEN," which isn't quite English.) Poll workers grapple with electronic voting glitches is the AP wrapup: The Baltimore Sun reports, Touch-screen gets a mixed Md. response: New ballot technology called easier by some, but suffers breakdowns: The Campaign for Verifiable Voting in Maryland, which offers this report, VerifiedVoting.org has a page of reports. There are more reports at BlackBoxVoting.com, where you'll also find Bev Harris's book, with the same name as the site, in its entirety. Bev Harris found (or was leaked) internal memos Diebold left on an open server detailing problems with its machines. The potential danger to our voting system does not come from child hackers, but from political dirty tricks: Check out the Top 10 Ways to Rig a Voting Machine at Harris's site. Related: The Voter Confidence Act would require a voter-verifiable audit trail on every voting system. Lots more at that link. |
Previous Page
2004 to 2009
Previous
Features
Accessibility Issues
Cost Comparisons
Handouts
Copyright © 2004-2010 VotersUnite!