January 6, 2008
Reading the 7,800-word New York Times article on voting systems, many will walk away believing optical scans are the best choice for democratic elections. Damn the science. Damn the cost. Damn the loss of transparency and public accountability. The problems inherent in software-driven systems can all be corrected by hand-counting paper ballots at the precinct on election night, before all who wish to observe.
In a 7,800-word article in today’s New York Times Sunday Magazine, writer Clive Thompson details the myriad of problems associated with touch screen voting systems and devotes only 3% of his essay to similar problems with optical scan systems. If readers actually make it to the last two paragraphs, they’ll read that optical scans – despite Thompson’s prior promotion of them – are also fraught with vulnerabilities.
In Can You Count on These Machines?Thompson correctly describes how “costs ballooned and chaos reigned when Cuyahoga County, Ohio first used Diebold’s AccuVote touch screen system, but inaccurately low-balls the number of memory cards and cartridges that went “missing” during that May 2006 primary. Thompson fails to mention that twenty-eight $4,500 voting machines also went “missing.”
Because the hired watchdog group (Election Science Institute) randomly selected 10% of the precincts to study, we can extrapolate to determine, with a fair degree of confidence, the total number of missing machines to be 280, and the total number of missing memory cards and cartridges to be 890, for the entire county, for that one election. Thompson reports that 200 cards went missing.
He also failed to report that Deputy Director Michael Vu, who oversaw all these “lost” mission critical assets, later resigned and was hired to run San Diego’s elections. In an unfortunate coincidence, at best, a shipment of memory chips to San Diego went missing last month. After Michael Vu’s dismal and shockingly inept handling of Cuyahoga’s May 2006 primary, that he is allowed to serve in any democratic election further defeats confidence in US electoral management bodies.
Reading Thompson’s piece, many will walk away believing optical scans are the best choice for democratic elections. Damn the science. Damn the cost. Damn the loss of transparency and public accountability. Hey, all technologies have problems.
But the problems inherent in software-driven systems turn insider vote stealing into child’s play. Pokey Anderson of Houston’s radio news show, The Monitor, notes:
While there has always been manipulation in elections, the difference between stealing in a hand-counted paper ballot election and an electronic election is the difference between successfully robbing a convenience store and successfully robbing Fort Knox.
Honest elections are a national security issue; without them we fall under the tyranny of the best thief. Media that continues to obfuscate the truth about software-driven election systems serves tyranny, not democracy.
Election integrity activists have been dealing with this obfuscation for three decades, as detailed in Votescam: The Stealing of America by Jim and Ken Collier (1996).
But Thompson’s recent article takes on particular import now, since New York has been ordered to deploy scientifically-condemned voting systems.
During oral arguments last month in USA vs. NY, Judge Gary Sharpe refused to acknowledge that all software-driven voting machines are vulnerable to being hacked. Todd Valentine represents the New York State Board of Elections and sought to show how none of the machines meet NY standards, at which point Judge Sharpe interrupted:
Sixteen months ago I told you to pick a machine, and here we sit in December, a week before Christmas, and you still haven’t picked a machine.
Maybe Judge Sharpe believes that if corporate media and the judicial system continue to deny the reality that none of these machines provide voters with a basis for confidence in reported results, the scientific community and informed activists will simply go away. Instead, our ranks continue to swell, as more and more citizens – and officials – take note of all the failures in software-driven voting systems.
Thompson accurately notes, at the very end of his article:
Public crises of confidence in voting machines used to come along rarely, every few decades. But now every single election cycle seems to provoke a crisis, a thirst for a new technological fix. The troubles of voting machines may subside as optical scanning comes in, but they’re unlikely to ever go away.
The reason is simple. We need to reject software-driven systems and implement the far cheaper hand-counted paper ballot system. It’s easier to protect from fraud and it provides the transparency that democratic elections demand.
A Pattern of Obfuscation
Back in the ’70s and ’80s, the Collier brothers endured the same media and judicial blackout of this issue when trying to expose these problems. In Votescam, they report that in 1989, the New York Times finally revealed problems associated with computerized vote tabulation:
Some critics of computerized vote counting worry about the potential for ‘trapdoors,’ ‘time bombs,’ and ‘Trojan Horses…’ Once inside the system, (a hacker) could program the computer to count votes for one candidate as votes for another.
In that 1989 New York Times article, Princeton University computer scientist Howard J. Strauss explained:
Writing the ‘source code’ for one of these vote counting systems, a programmer could insert a ‘Trojan Horse’ that might not appear for years.
Suppose I wanted to throw the 1992 presidential nomination to (Mario Cuomo, for example). I write the code so that every time the name comes up in the primaries, he receives a certain number of votes.
Today’s computer scientists have the same exact criticism for using software in public elections. They take it even further: because there can be a million lines of code, opening up the source code for review in no way guarantees that problems will be discovered.
The 2006 Princeton study of touch screen systems reiterated the same complaints:
Malicious software running on a single voting machine can steal votes with little if any risk of detection. The malicious software can modify all of the records, audit logs, and counters kept by the voting machine, so that even careful forensic examination of these records will find nothing amiss.
Anyone who has physical access to a voting machine, or to a memory card that will later be inserted into a machine, can install said malicious software using a simple method that takes as little as one minute. In practice, poll workers and others often have unsupervised access to the machines.
One has to wonder why the U.S. government would give states $3.9 billion to buy easily compromised voting systems, a vulnerability known for decades.
Expert Studies Condemn Optical Scan Election Systems
Last month, I quoted several computer experts who studied the machines in use today and urge all Americans to read this 20-page summary. By no means do I cover all the reports that have come out in the last ten years, but all experts who study these systems agree: they are subject to easy manipulation. Use your find command to search the annotation for the term, optical scan, and read how optical scan systems also fail democracy.
Also note the paper by Ryan and Hoke that focuses on the GEMS tabulation system which is used in Diebold’s optical scan system. Not only are optical scans vulnerable to hack, but apparently, they were designed that way.
Many people, by now, have heard of California’s Top-To-Bottom Review of Diebold, Hart and Sequoia touch screens and optical scan systems. Cleveland State University Center for Election Integrity Chief, Dr. Candice Hoke, summarized all the findings into a two page document. In a personal email, she wrote:
I was the team leader for the TTBR Diebold Documentation assessment. The TTBR study’s lead scientists provided suggestions for this short summary but it is ultimately my work. To reduce over 500 pages to two pages, at least a few important findings – especially about design flaws not relating to security issues — had to be sidestepped.
I urge all Americans to read that document, as well. The more each of us grasps the inappropriateness of using such technology in public elections, the quicker we will return to a more secure voting and counting system.
While computer experts continue to detail the myriad ways that software-driven systems can be manipulated, as detailed in my annotation, only some of these technical problems can be addressed by implementing best management practices. Particularly, this includes better training and the employment of expensive experts and expensive chain of custody protocols.
But since the Department of Homeland Security and the Pentagon are unable to keep their systems from being hacked, we can have even less confidence in our electoral management bodies who are paid far less and have a far smaller staff than either federal agency.
Optical Scan Systems Obfuscate the Vote Count
The hackability of software-driven systems is only one reason to reject their use in public elections. More importantly, the use of any machine hides the vote count from the public. Josef Stalin understood this when he said, “It’s not who votes that counts; it’s who counts the vote.”
Free and fair elections, as contemplated by international experts, require a secret vote and a public count. Democratic elections are to be transparent, so that the entire public can have confidence in reported results.
The 2007 Florida study affirmed prior findings that voting on touch screen systems removes voter privacy. With the use of touch screen systems, the vote becomes public and the count becomes secret.
It is somewhat gratifying that the work of thousands of people have finally moved someof our nation’s electoral management bodies to decide that they should reject touch screen voting systems. But this does not go far enough.
When votes are counted on an optical scan system, there is a machine and several experts between the voter and her vote. This expensive overlay obfuscates the vote count and renders its results questionable, at best. Software can be programmed to read the blackened bubbles in a way other than how the voter intended.
We Don’t Need No Stinking Audit
San Diego elections chief has sued the State of California on the grounds that audits are too time-consuming and expensive. This, in a county that sends its voting machines on sleepovers with poll workers weeks in advance of an election. Anyone who has read any of the scientific studies understands that only a minute of unsupervised access is all that is needed to subvert the integrity of that machine.
But, audits provide false confidence, and should not be relied on for accurate results. Get it right on election night, not days later.
Numerous examples exist – in present day elections – showing how audits reveal outlandish results that the courts allowed to stand.
The most blatant example is the Jennings-Buchanan race in Florida’s District 13 with a whopping 15% undervote rate in one county, when the national average is normally 3% undervotes in a Senate race.
When a team of us counted the signatures in Franklin County’s November 2006 election, fully one-fourth* of all precincts showed that the number of signatures did not match official reports. During the recount, computer scientist Dr. Rebecca Mercuri observed:
In summary, there are numerous reasons why there cannot be confidence in the election process, the recount, and the vote totals for the Franklin County, Ohio November 7, 2006 election. These reasons include:
a) the denial of an appropriate recount from the VVPAT/RTAL materials for the requested precincts;
b) significant evidence that parts of original RTALs and end tally reports were missing;
c) evidence the voting system was inappropriately configured and improperly used during the election;
d) indication that election procedures were violated, including the possibility of password overrides during setup, and use of the machines to cast ballots after RTAL paper supplies has run out;
e) evidence of inappropriate impounding and handling of election materials at the County warehouse following the election, including improper exposure of the VVPAT/RTALs;
f) unexplained disparities between the public counters of ballots cast and the number of voters who signed the poll books in many precincts; and
g) misleading information provided to voters, and not properly followed up by the County, regarding the safety and examination of the voting machines and system.
The judge in that case was unimpressed with these “anomalies” and declared the official results credible. Clearly, audits and recounts are meaningless when it comes to elections.
Election attorney Paul Lehto writes:
I, for one, have never doubted that computers including opti-scan computers CAN COUNT. That’s all that the usual “audit” and certainly the usual “recount” ever test for: whether or not there was funky addition in the counts (presuming proper chain of custody between the first count and the audit or recount).
I realize that, as Bev (Harris) points out, a real “audit” would be significantly broader and include the full panoply of chain of custody issues, etc., but in practice as I see it, this broader evaluation either doesn’t occur at all because it’s not fully mandated, or else problems that DO occur or rather are found by the audit’s broader provisions do NOT result in any remedy or result that changes anything or results in any consequences.
Many people feel confident with optical scan systems since they are used in school exams. They fail to recognize, tho, that test results can be directly questioned by a student whose name is on a specific test answer sheet. This is not possible with anonymous ballots.
Trust Has No Place in Public Elections
When Holland computer experts obtained a Nedap-Liberty voting system and proved it could be hacked, the Netherlands rejected that machine and then outlawed such independent tests. Now why would they do that?
When Project EVEREST published its results of Ohio’s voting systems, Secretary of State Jennifer Brunner revealed that these vulnerabilities existed in all the systems used in the highly questioned 2004 election.
Bev Harris of Black Box Voting spent 2007 pursuing the Trust Me Election Model and published her shocking findings that pertain to all 50 states. She writes:
The very core of the voting machine controversy is not paper trails or spot check procedures. The essence of whether an election system can be trusted is whether it allows the owners of the government, The People, to view the counting and the chain of custody. Votes counted in secret, and secret chain of custody can never work unless we change human nature itself….
* I testified in court that our signature count differed from the official report of vote totals in 68% of the precincts we audited. (We audited 1/4 of all precincts in the Franklin County, Ohio November 2006 election.)
In collecting forensic data, we found one column in the signature books which contained marks by pollworkers that each represented different information. When reviewing what my team of auditors had reported for these differing marks, I realized the entire column of “provisional” votes had to be removed from my analysis because of potentially inconsistent interpretation by my auditors.
For example, pollworkers marked the “provisional” vote column on Election Day to note if a voter voted provisionally, or if a voter voted Absentee (whether or not he or she showed up at the polls that day). This conflict in how pollworkers marked the column provided another level of inconsistency in the forensic records which rendered this column useless in performing our audit.
When I prepared the spreadsheet of our findings for court, I created two analysis columns – one which used the “provisional” vote column from the pollbooks and one which used official reports of how many voters had voted provisionally.
When using the second analysis – which compared the number of signatures of those who arrived on Election Day and voted in person PLUS the number of provisional voters as reported by the Franklin County Board of Elections, our audit revealed that official numbers conflicted with the audit in 24% of the precincts.
This second analysis is the most conservative estimate of how far off official results are as compared to the paper records, and is stunning in light of BOE Director Matt Damschroder’s testimony that he had less than 1% error rate in this election.