How to Steal an Election

There’s been a lot of talk recently about electronic voting machines and the potential for fraud. To bring home just how serious this issue is, the always excellent Ars Technica has a chilling how-to guide on how to steal an election using electronic ballot machines. So simple, even a neocon could do it!

It amazes me how we’ve suddenly gone from a system that, while it may have its faults and has been abused in the past, at least is somewhat open. People would be able to stand at the polls and watch what was going on, and perhaps catch any fraud red-handed. In going to these electronic voting machines that do not leave any sort of audit trail, we have in effect, handed over the security of our democratic institutions to a private company. If we went to the average voter and said “hey, we’d like to hire this company that will collect and tabulate the all of the ballots in our election. You won’t be able to see what goes on within their company… you won’t be able to look at the ballots yourself… you’ll just have to accept whatever they say is the result of the election” I think most people would think it’s a lousy idea.

My ranting about the entire situation after the jump.

As a software professional (and someone who has done some writing about some aspects of system security) I’m simply amazed at how really shitty the engineering is behind these machines. I mean, this one fact from the article made my blood run cold:

The GEMS database stores all of the votes collected from precinct accumulators, and it’s used to do the vote tabulation for a county. Because it’s so sensitive, you might think it would be tightly secured. But you’d be wrong.

The GEMS database is a vanilla, unencrypted Microsoft Access database that anyone with a copy of Access can edit.

I’ve been forced to use Microsoft Access for a number of different projects. I’m fairly rabidly anti-Microsoft, but I will admit Access has its uses. A simple little database for tracking small amounts of non-mission critical data is fine. I’ve used it, for example, to log requests to my company’s website. It’s easy to use, but the trade off is that if the database gets corrupted you’re screwed. And it will, eventually… since Access lacks many of the features that keep more robust database systems (like Microsoft’s own SQL server, Oracles offerings, etc.) from becoming corrupted.

I can’t imagine anything more mission-critical to our country than honest and accurate elections. Access is simply not up to the job. It boggles my mind that anyone would certify Access as being capable of handling something as sensitive as elections. Would we use Access to launch the Space Shuttle? Does Microsoft itself use it in any mission-critical environment? Then what the hell is it doing tabulating votes?

If we’re going to go the electronic voting route (and we should) we have to have accountability. My not-very-well-thought-through idea is this. You go into a voting booth, and cast your vote. At the end, you get a receipt. This receipt contains a “vote ID number” that consists of information on what precinct of what state you voted in, when you voted (probably down to the millisecond) and in what machine you voted. There would also be a unique identifier for your vote (say, the number of vote cast so far on that machine) and a checksum number that represents your actual vote. Your vote, itself is stored on the machine (perhaps also printed out on paper) and electronically signed by the voting machine.

After the election, all of the votes from the machine are retrieved and uploaded to a central location where they are compiled and tabulated. Then, along with the election results, the entire electronic vote is made public. You can go to a website, punch in the number of your receipt, and verify that what you voted was what was recorded and counted. Having the entire voting public be able to check up on the election system is going to be the only way we can ensure our elections are fair.

3 Comments

  1. I believe that Diebold designed their machines to make it possible to steal elections, and I further believe that the last election was stolen. This is just on the logic of Occam’s Razor — it’s the simplest explanation of the facts at hand.

    Having given your proposal even less thought than you probably did, I encourage it 100%. I just read your article out loud to my brother and sister-in-law, who are non-geek, and they like your idea as much as I do. They were shocked that nothing like you propose is in place.

    Thanks for a great post.

  2. Two separate comments, that I wish I had more time to expand on. Hopefully the Wetmachine crowd can take this further:

    1. Entrusting elections to a “security” company is a BAD idea. World-wide there’s been coverage (e.g., this from the BBC http://news.bbc.co.uk/1/hi/…) that Florida threw out many legitimate voters before the election — way more than the margin of victory — based on erroneous information from a mysterious security company funded by Bush supporters. Interestingly, I’ve never seen a report of this reported in the US, and the DNS info for the BBC reporter’s own Web site seems to be getting attacked by someone. (http://www.gregpalast.com/)

    Hard to believe? Consider this incredibly creepy site for the company responsible: http://www.choicepoint.com/ Have a look through their pitch. (The Wetmachine editorial board is gonna go ballastic.) Still not convinced? Most companies have a Press Release section on their site that talks about what all the good stuff they are about to do. Look at ChoicePoint’s: http://www.choicepoint.com/… There used to be an even more self-incriminating page in which they go through the BBC story point by point, basically admitting that it’s true if you can read through the corporatespeak. But I can’t find it now. Wish I saved a copy.

    2. Despite not covering this, there is a lot of American news now about voting systems not working. Based on the above, it’s easy to believe that there are politicians and special interests who don’t want them to work. That may be true. There’s also a techno-business reason that they’re not working. This is mission-critical stuff. No politician or bureaucrat wants to be seen making a bad decision. So they “conservatively” hire the IT consulting arms of conservative accounting companies to set up the systems. Or they hire IT shops (mostly big ones) with proven records for accounting software. But the problem is that these operations don’t know anything about voting or voting technology. No one does. As with Gary’s suggestion, it’s all being invented. Unlike enterprise accounting or ERP software, this is all immature technology. It takes scientists. Real engineers. But successful IT shops BY DEFINITION don’t have people who can understand the problem. They only know how to tend to their archaic systems that work well enough, but are based on technology that was obsolete 30 years ago. They are simply not capable of inventing something appropriate for a new domain. There are some efforts to truly solve the problem, notably at MIT and Johns Hopkins. But the politicians and bureaucrats are not going to them to actually implement a solution.

  3. WRT Choicepoint. Not sure what you were pointing to. They certainly seem rather defensive about the “myths” that their company is hand in glove with the administration.

    WRT to voting machines generally: We will not see real reform until we get a few riots from disenfranchised voters. Alas, the last few years have persuaded me that political hacks have become too entrenched in their ways and the accountability strutcures have been sabotaged.

    This has happened in U.S. history in the past. Look to the history of progressivism and the gilded age, the social unrest that culminated in the New Deal, the riots of the 1960s that pushed civil rights and welfare reforms. As I have said before, the ultimate political check on the system is the mobs with pitchforks and torches.

    I don’t like it. I don’t advocate it. And I hope it will be extremely limited. But the groundwork is laid by the nature of the controversy itself. If we have no confidence in our electoral process, then the legitimacy on which the government derives its moral authority is eroded. It takes little for people who feel the government is illegitimate and that they are permanently disenfranchised to rise in violence against it. Once that becomes apparent, those in power have two choices: either provide sufficient reform to satisfy the mob, or escalate violence. Nixon found out how well the second works in this country.

Comments are closed