On Critics of California's Review of Electronic Voting Machines

Tuesday, 2007-07-31; 14:07:00

California's Secretary of State Debra Bowen ordered a "top to bottom review" of electronic voting machines, and the UC study that was recently released found numerous vulnerabilities in every machine they tested. Today's SF Chronicle had an article about the controversy regarding the study, in which some county election officials had bones to pick with Bowen:

County election officials already have issues with Bowen, who they claim shut them out of the voting machine study of equipment made by Sequoia, Diebold and Hart InterCivic. The UC "Red Team" attack by hackers purposely ignored any security measures that would be taken by local counties, such as limiting access to the computer centers, putting guards over the voting machinery and training poll workers and other election officials to look for suspicious activity.

And then there was this choice quote, left in the reader's mind at the end of the article:

"This was not a security-risk evaluation," said Bennett of Sequoia, "but an unrealistic, worst-case scenario evaluation."

You're damned fucking right it was an unrealistic, worst-case scenario evaluation. The one most important right that the U.S. Constitution affords its citizens is the right to vote. Voting allows citizens to elect representatives who fight for your interests, voting allows citizens to enact propositions in their own states, and voting allows citizens to choose the president of our own country.

So leaving voting machine security up to each county is a terrible idea. It means that there are no standards across the board for ensuring that votes are counted accurately across the whole state, and it means that counties that don't have enough money may not be able to ensure voting security as well as other counties.

More importantly, if your voting machines rely on guards and election officials to function properly and count votes correctly, your fucking voting machines do not deserve a place in our democracy. It means they are not secure enough on their own. I want my voting machines to be 99.999% reliable and secure. Other security measures taken by the county or the state are there to take care of the last 0.001% of security problems; guards and election officials are not supposed to be an integral line of defense. People make mistakes, may not be totally attentive, and they may even be subject to corruption and bribery. Computers aren't. They may have bugs, they may have intentional backdoors (which is why voting machine source code should be freely available for public evaluation), but they can't be co-opted or coerced into doing anything besides what they were written for.

So yes, I'm glad that Debra Bowen had an unrealistic study done on our electronic voting machines. When your voting machines cannot be hacked in a controlled, unfettered environment like the UC study, then and only then do your voting machines deserve to be used. Not before.

Technological Supernova   Rants   Older   Newer   Post a Comment