Feeds

Dr. Strangevote saves mankind with Luddite voting recipe

How I Learned to Stop Worrying and Love the Paper Ballot

Top 5 reasons to deploy VMware with Tegile

Usenix When it comes to elections, California Secretary of State Debra Bowen opts for blander, more traditional technologies, and that preference is helping her sleep better at night.

Speaking Wednesday at the Usenix Security Symposium in San Jose, California, the state's top elections official laid out a decidedly low-tech approach for ensuring that each voter's ballot is recorded as cast. It involves the use of ink pens to record votes on old-fashioned paper. An optical scanner records the information, and to make sure votes are counted correctly, ballots are randomly selected and compared with what's been tallied.

Not only is the method cheaper and less prone to polling-place glitches, she said, it also brings a transparency and auditability to elections that you can't get with today's electronic voting machines.

"Voting and counting paper ballots are things that all citizens can understand and in the case of random hand tallies, something that all citizens can observe and understand," she told about 400 attendees. "Hand tallies mean never having to say 'I trust you' to hundreds of thousands of lines of code no matter how cute and appealing they may be."

Bowen made her remarks during a 75-minute keynote titled "Dr. Strangevote or: How I Learned to Stop Worrying and Love the Paper Ballot."

As someone who understands cryptography and mucks around with Firefox extensions, Bowen is no stranger to computer technology. But last August, after commissioning a top-to-bottom review of all voting machines used in California, she imposed strict limitations on the use of e-voting machines from all four companies doing business in the state.

The move has made her unpopular in some circles, and she directed a few choice words to her critics.

"I sometimes wonder if those who continue to deny the stunning insecurities of the electronic voting systems that are on the market are the soul mates of those who persist in denying the evidence of global warming," she said. In either case, the risk of error is so grave that "the price of prevention is a lot lower than the cost of allowing the unwanted consequences of not taking action."

During Bowen's top-to-bottom review, a team of computer scientists uncovered a bevy of vulnerabilities that could allow someone to rig elections by making wholesale changes to voting results. Vulnerabilities included the ability to overwrite firmware, install malicious applications, forge voter cards and gain access to the inside of voting machines by unfastening screws that were supposed to be inaccessible. Gear made by Sequoia Voting Systems, Hart InterCivic and Premier Election Solutions (formerly Diebold) were all implicated. Products by Election Systems and Software wasn't included because the manufacturer refused to comply with the study.

By contrast, Bowen said, simple optical scanners reading paper ballots are much harder to hack, provided a statistically significant sample are manually checked against the results contained in databases. California law requires 1 per cent of ballots to be hand-checked in every race, except when a race is decided by a 0.5 per cent or less margin, in which case 10 per cent of ballots must be randomly audited.

"Paper ballots can be altered too, but it takes a retail, ballot-by-ballot process to do that," she said.

Lest anyone think e-voting is just another fanboi debate, Bowen reminded attendees that hanging in the balance of the controversy is nothing short of the future of civilization.

"Elections are important because in a democracy, that is how we transfer power in an orderly manner," she said. "That is how we decide what our collective will is and how we have chosen to give up bullets and instead rely on ballots. It is really critical for us to get this right." ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Attack reveals 81 percent of Tor users but admins call for calm
Cisco Netflow a handy tool for cheapskate attackers
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
Oi, Europe! Tell US feds to GTFO of our servers, say Microsoft and pals
By writing a really angry letter about how it's harming our cloud business, ta
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Internet Security Threat Report 2014
An overview and analysis of the year in global threat activity: identify, analyze, and provide commentary on emerging trends in the dynamic threat landscape.