Feeds

Dr. Strangevote saves mankind with Luddite voting recipe

How I Learned to Stop Worrying and Love the Paper Ballot

Security for virtualized datacentres

Usenix When it comes to elections, California Secretary of State Debra Bowen opts for blander, more traditional technologies, and that preference is helping her sleep better at night.

Speaking Wednesday at the Usenix Security Symposium in San Jose, California, the state's top elections official laid out a decidedly low-tech approach for ensuring that each voter's ballot is recorded as cast. It involves the use of ink pens to record votes on old-fashioned paper. An optical scanner records the information, and to make sure votes are counted correctly, ballots are randomly selected and compared with what's been tallied.

Not only is the method cheaper and less prone to polling-place glitches, she said, it also brings a transparency and auditability to elections that you can't get with today's electronic voting machines.

"Voting and counting paper ballots are things that all citizens can understand and in the case of random hand tallies, something that all citizens can observe and understand," she told about 400 attendees. "Hand tallies mean never having to say 'I trust you' to hundreds of thousands of lines of code no matter how cute and appealing they may be."

Bowen made her remarks during a 75-minute keynote titled "Dr. Strangevote or: How I Learned to Stop Worrying and Love the Paper Ballot."

As someone who understands cryptography and mucks around with Firefox extensions, Bowen is no stranger to computer technology. But last August, after commissioning a top-to-bottom review of all voting machines used in California, she imposed strict limitations on the use of e-voting machines from all four companies doing business in the state.

The move has made her unpopular in some circles, and she directed a few choice words to her critics.

"I sometimes wonder if those who continue to deny the stunning insecurities of the electronic voting systems that are on the market are the soul mates of those who persist in denying the evidence of global warming," she said. In either case, the risk of error is so grave that "the price of prevention is a lot lower than the cost of allowing the unwanted consequences of not taking action."

During Bowen's top-to-bottom review, a team of computer scientists uncovered a bevy of vulnerabilities that could allow someone to rig elections by making wholesale changes to voting results. Vulnerabilities included the ability to overwrite firmware, install malicious applications, forge voter cards and gain access to the inside of voting machines by unfastening screws that were supposed to be inaccessible. Gear made by Sequoia Voting Systems, Hart InterCivic and Premier Election Solutions (formerly Diebold) were all implicated. Products by Election Systems and Software wasn't included because the manufacturer refused to comply with the study.

By contrast, Bowen said, simple optical scanners reading paper ballots are much harder to hack, provided a statistically significant sample are manually checked against the results contained in databases. California law requires 1 per cent of ballots to be hand-checked in every race, except when a race is decided by a 0.5 per cent or less margin, in which case 10 per cent of ballots must be randomly audited.

"Paper ballots can be altered too, but it takes a retail, ballot-by-ballot process to do that," she said.

Lest anyone think e-voting is just another fanboi debate, Bowen reminded attendees that hanging in the balance of the controversy is nothing short of the future of civilization.

"Elections are important because in a democracy, that is how we transfer power in an orderly manner," she said. "That is how we decide what our collective will is and how we have chosen to give up bullets and instead rely on ballots. It is really critical for us to get this right." ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
NASTY SSL 3.0 vuln to be revealed soon – sources (Update: It's POODLE)
So nasty no one's even whispering until patch is out
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
FBI boss: We don't want a backdoor, we want the front door to phones
Claims it's what the Founding Fathers would have wanted – catching killers and pedos
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.