Friday, November 05, 2004

We Don't Need no Stinking Recount!

Back in 2000, I was astonished to hear of the odd, Heath Robinsonesque voting machines of chad infamy. Being British, I was used to a voting system based on three P's - paper, pencil, public counting. I've never been very keen on e-voting for the simple reason that I don't see a benefit that outweighs the risks. What does it give us that the three P's don't? Part of the answer may now be emerging - really interesting post-election furores. Over at the Daily Kos, extremely odd figures have been reported from Franklin County, Ohio, where George Bush appears to have won by several times the total number of votes cast. Here are the numbers:

Franklin County, OH: Gahanna 1-B Precinct

US Senator:
Fingerhut (D) - 167 votes
Voinovich (R) - 300 votes

US President:
Kerry (D) - 260 votes
Bush (R) - 4,258 votes

Remarkable, no? In all the President garnered something over 4 times the total votes cast. Even odder, this privilege was not extended to his party colleague Voinovich, who had to rub along with only 300 of his fellow citizens' agreement. It's also at least passing curious that a considerable number of voters seem not to have voted at all for a Senator. Then, there was this: USA Today
"Officials said UniLect Corp., the maker of the county's electronic voting system, told them that each storage unit could handle 10,500 votes, but the limit was actually 3,005 votes. Expecting the greater capacity, the county used only one unit during the early voting period. "If we had known, we would have had the units to handle the votes," said Sue Verdon, secretary of the county election board.

Officials said 3,005 early votes were stored, but 4,530 were lost.

Jack Gerbel, president and owner of Dublin, Calif.-based UniLect, said Thursday that the county's elections board was given incorrect information. There is no way to retrieve the missing data, he said. "That is the situation and it's definitely terrible," he said."
In this day and age, when nothing but nothing in information technology is cheaper than storage, they build voting machines with insufficient capacity. It is frankly ridiculous if not worse. Then, down in crucial Florida, there's worse.
"Broward County corrected a computer glitch Thursday that had miscounted thousands of absentee votes, instantly turning a slot-machine measure from loser to winner and reinforcing concerns about the accuracy of electronic election returns. The bug, discovered two years ago but never fixed, began subtracting votes after the absentee tally hit 32,500 -- a ceiling put in place by the software makers.

''Clearly it's a concern about the integrity of the voting system,'' said Broward County Mayor Ilene Lieberman, a canvassing board member who was overseeing the count. ``This glitch needs to be fixed immediately.''

The problem, which resulted in the shocking discovery of about 70,000 votes for Amendment 4, a measure allowing a referendum on Las Vegas-style slots at parimutuels in Miami-Dade and Broward, came to light just after midnight Wednesday when Broward's canvassing board shut down. Lieberman, Supervisor of Elections Brenda Snipes and several lawyers on both sides of the gambling amendment noticed votes suddenly disappearing on Amendment 4."
An interestingly similar problem, likely due to the use of a 16 bit counter for the votes. It seems obvious that the programmers of these systems gave little thought to what they were designing - they seem to have applied the sort of quality standard you might use for a video game terminal when a standard similar to those used for safety-critical applications was needed. Not only that, they apparently based the whole thing on a Windows environment running Microsoft Access. I don't believe in the Win/Mac geek wars, but I've seen enough Windows crashes and security breaches to know you would be insane to use it for anything that requires absolute reliability. Avionics? You're joking. Infrastructure? Not unless you like shit in your water. Banking? They've started putting it in ATMs now, but there's a damn good reason why the world's no. 1 commercial networking operation (VISA) doesn't. Voting?

After a little thought I came up with a list of conditions under which electronic voting would be acceptable in my view.

1. Independent analysis of the hardware prior to use.

2. All software must be open source, the source code to be provided in advance and analysed by a publicly appointed expert. Both it and the independent analyst's report must be open for challenge by the public pre-election.

3. A hard copy receipt must be issued.

4. Such a receipt must be visible to the voter before they proceed to final verification. Such a receipt must be marked at this point as verified or rejected.

5. All input to the machine must be logged electronically, by a physically independent device. That is to say, the voting device must consist of a primary voting machine whose input is mirrored on a second audit device not manufactured by the same company.

6. Both devices must provide a real time output readable by eye and displayed in the polling station, so that any discrepancy can be detected at once.

7. There must be no restriction on the number of votes recorded.

8. If it is desired to connect voting devices to a central count, both the main and audit devices must provide a simultaneous and automatic local record. Main and audit network connections must be independent of each other. At any sign of problems with the network connection, it must be disconnected and reported.

9. The initial declaration of the result can occur only after the main and audit totals have been compared. A final declaration can occur only after their comparision with the local record.

10. In the event of a discrepancy, the full audit, main and local records must be transferred to paper and cross-checked by hand. If this is not considered satisfactory, the paper receipts must be recounted.

Comments please.

No comments:

kostenloser Counter