Behind the Scenes at The Mezonic Agenda: An Electronic Voting Primer
by Spyros Nomikos, coauthor of The Mezonic Agenda09/15/2004
|
Related Reading 
The Mezonic Agenda |
Before electronic voting, optical scans, and punch cards, even before people voted by paper, elections were typically held by voice: voters would walk up to the official voting area, take an oath, and voice their decision to the officials who recorded their votes. This voting method has various flaws, one of the most obvious being that the official person recording the votes had an awful amount of power to decide the election. No matter what the voter voiced as his selection, the vote recorder could very easily change that decision on the official count.
The founding fathers of the United States realized the importance of one's vote and implemented the Electoral College as the means of electing the President and Vice President. This system works by assigning a number of votes per state based on the number of Senators per state (2) plus the number of Representatives to the House per state (varies according to state population). The result is that more populated states have a greater number of votes.
What may be surprising to most is that on Election Day when a voter casts his or her vote for Howard Dean, let's say, the voter is not actually voting for Howard Dean. The voter is asking his or her Electoral College representatives to cast the state's Electoral College votes for Howard Dean. The majority of States use a winner-take-all approach. For example, in 2000, George W. Bush received 546 more votes than Al Gore in the state of Florida. With this margin, George W. Bush was awarded all of Florida's 27 Electoral College votes.
In November 2000, the United States experienced one of the most controversial general elections to date. Among purged voter lists in Florida and a sea of hanging, dimpled, and pregnant chads, the American people awaited decisions by both the Florida Supreme Court and the U.S. Supreme Court, which ultimately brought the Florida ballot recount to a halt, declaring George W. Bush the 43rd U.S. President. In October 2002, the 107th Congress passed the Help America Vote Act (HAVA), written to fund and encourage states and precincts to upgrade their voting systems from the flawed punch cards to more modern Direct Recording Electronic (DRE) systems and optical scan systems.
Although electronic voting and touch-screen systems have been in use since the 1970s, the recent controversy that has surrounded DRE design and implementation, as well as the companies that make them, has brought the risks of electronic voting under spotlight. One of the most famous examples is that of Diebold Election Systems. Diebold is one of the largest manufacturers of automated teller machines (ATMs), which we are all familiar with when performing transactions at our local banks. Their electronic voting company has received great scrutiny over conflicts of interest and some ill-fated quotes by their CEO when he claimed that he would deliver Ohio's votes to President Bush in 2004.
When researching electronic voting for The Mezonic Agenda: Hacking the Presidency, we found investigative reporter Bev Harris who discovered an FTP site full of Diebold software and firmware upgrades, source code, internal emails and memos, and voter data from a live voting precinct. One of the main arguments of Mrs. Harris and her foundation, Black Box Voting, is that Diebold uses Microsoft Access as the main database to store votes, ballot information, and user passwords for Diebold's central tallying software, GEMS. The ease with which one can gain access to these databases has raised serious concern in the scientific community and from activists nationwide.
As featured on 60 Minutes II, in The Washington Post, in the Associated Press, and coming soon to a bookstore near you, The Mezonic Agenda: Hacking the Presidency. A tale of one software security expert, a cryptic CD, and the U.S. presidential election hanging in the balance. The Mezonic Agenda is the first of its kind cyber-thriller in which the reader can "hack along" with the hero of the novel. The novel stands alone as an entertaining and informative story for those looking for a good read. For the more tech-savvy readers, the accompanying CD and web site, www.mezonicagenda.com, offer the same software that the novel's hero, Dr. Chad Davis, must crack in order to save the upcoming elections. Additionally, the appendices give the reader a great non-fiction starting point to learn more about voting, security, and examples of potential software exploits.
There have been numerous papers and reports--some warranted by state officials in California, Maryland, and other states--on electronic voting, security, and the real possibility of voter fraud and disenfranchisement. California's Secretary of State, Mr. Kevin Shelley, decertified Diebold's TSX DRE model in the state of California. On March 8, 2004, Florida's Senator Robert Wexler filed a lawsuit demanding voter-verified paper trails for counties using DREs. Senator Wexler claims that it is unconstitutional for counties using DREs to deny their voters of a means for manual recount. This paper trail would assure the voter that what he or she has selected on the touch screen is what is actually being counted, with a paper record to prove it. While this requirement looks good on paper (no pun intended), there is no real way of ensuring that a vote has indeed been counted properly. A machine need only print out what the voter wants to see, and could still potentially count a vote for a fraudulent choice. Only if an election is questioned is the paper trail used for a recount.
It should be noted that election security goes far beyond the voting machine itself. Among other issues, the election process itself, the integrity of the poll workers, and the extent of training will also play key roles in just how secure each precinct will be. I recently voted in Florida's August 31 primaries and experienced a DRE machine for the first time. I voted at the Broward County Courthouse in a room with about a dozen iVotronic systems from ES&S. I registered with a staff member who verified my identification and handed me a slip of paper. I handed that paper to the machine operator who activated one machine for me and let me cast my votes. Once finished with my selections, I pressed the blinking red "Vote" button and I was done. The process indeed seemed secure, but I left with an empty feeling. I had nothing to hold on to and submit to someone. I had to trust that the machine did its job as programmed.
The threat of voter fraud has existed from day one and no matter what technology we use, someone, somewhere will find a way to break into what we deem to be secure. Our best defense is transparency, traceability, and an understanding of how voting machines and the voting process work.
Return to security.oreilly.com
