Comments on: States’ Testing of Voting Technology http://www.trustthevote.org/states_testing_voting_technology Re-inventing How America Votes Tue, 22 Jun 2010 16:36:00 +0000 http://wordpress.org/?v=2.8.4 hourly 1 By: gmiller http://www.trustthevote.org/states_testing_voting_technology/comment-page-1#comment-4 gmiller Tue, 04 Mar 2008 02:35:17 +0000 http://wordpress.trustthevote.org/2007/12/12/states-testing-of-voting-technology#comment-4 <p><strong>Mr. Wolfe</strong>- <br />Thanks for your comment; I've been away this past week plus on assignment and missed your important remark. </p><p>First, thanks for the helpful links! I erred in failing to write carefully enough that I was looking for real evidence of compromised computing machinery that resulted in demonstratble vote fraud. That clarified, I knew (<em>from back in law school days</em>) that there are plenty of examples of general election irregularities and outright fraud, but I was looking for examples of digital fraud in elections (<em>read on, I've found it</em>). </p><p>Bear in mind, 2004 and 2006 are not lost on me. I simply wanted to see real hard evidence of digital fraud and not conspiracy theories and innuendo. Well, I've been enlightened there too, thanks to <a href="http://www.uncountedthemovie.com/about-the-film-flimmakers.html" target="_blank">David Earnhardt</a>. I've since seen <a href="http://www.uncountedthemovie.com/index.html" target="_blank">UNCOUNTED</a>, the <a href="http://www.youtube.com/watch?v=-nJz09T0HME" target="_blank">documentary film</a> now being released (<em>and owe a blog post to that point, but did put up some information on our Facebook page</em>). Mr. Earnhardt and I have actually been in e-Mail communication. I've purchased a copy of the movie for the Foundation and one for myself. I now have no doubt that election fraud in a digital world is real and can be evidenced. </p><p>So, to be clear: <strong>I have religion on this point</strong>. I believe digital fraud is possible and probably has already happened. I still think its difficult only because I believe, especially going forward, this will require a well orchestrated effort, and conspiracies generally fail because in absence of superior blind transfers of information, someone will always talk. That, in of itself, does <em>not </em>and <em>will not</em> prevent this Foundation from supporting work, that... to your point... demonstrates <strong>integrity </strong>and a <em>complete intolerance</em> for any tampering, <strong>digital or otherwise</strong>. </p><p>But to your comment, more specifically: Any misunderstanding of my posting is my bad for writing on the fly (and not doing the compose, edit, rest, edit, post cycle :-) For instance, at the outset I pointed out that her writing was "<em>Just a tiny bit sensational IMHO</em>" and just that: a "tiny bit." And I also importantly went on to write that, "...<em>I concur about the vulnerability</em>..." I did then, and I do more so now.</p><p>Is it hard to compromise machines? In fact, <strong>Ed Felton</strong> recently <a href="http://www.youtube.com/watch?v=8JESZiLpBLE" target="_blank">demonstrated</a> that its too easy. Are <u><em>current </em></u>systems vulnerable? <strong>Absolutely</strong>. Should machinery be built that exhibits robustness against attempts to compromise integrity? <strong>Absolutely</strong>! And to your point, we take that further by ensuring that the common points of social engineering, or as you suggest -- an inside job -- are also faults that machinery must resist. I actually prefer to think of it as "<em>fault intolerant</em>." </p><p>So in the end, I hope you will remain concerned, interested, and question things as you see them. I am not immune to misstatements. And I am open to being called on my opinions and enlightened as well. This Foundation is not and never will be based on my viewpoints. I am merely a shepherd of a larger cause. Success will require thoughtful individuals, such as yourself, to step up and make the cause and efforts of OSDV a responsible reality. </p><p>Blogs tend to be a free form commentary device, and I clearly need to do a more careful review and edit of my comments to prevent misinterpretation of my actual view points. </p><p><strong>So, my bottom line</strong>: I now have religion that digital voting fraud is totally possible and may have already happened. I still think its a challenge to successfully do so, but far from impossible. And finally, I can assure you (<em>and encourage you to speak with our CTO for further </em>assurance) that <strong>matters of integrity matter to OSDV</strong>, considerably.</p><p>Cheers<br /><strong>GAM </strong></p> Mr. Wolfe-
Thanks for your comment; I’ve been away this past week plus on assignment and missed your important remark.

First, thanks for the helpful links! I erred in failing to write carefully enough that I was looking for real evidence of compromised computing machinery that resulted in demonstratble vote fraud. That clarified, I knew (from back in law school days) that there are plenty of examples of general election irregularities and outright fraud, but I was looking for examples of digital fraud in elections (read on, I’ve found it).

Bear in mind, 2004 and 2006 are not lost on me. I simply wanted to see real hard evidence of digital fraud and not conspiracy theories and innuendo. Well, I’ve been enlightened there too, thanks to David Earnhardt. I’ve since seen UNCOUNTED, the documentary film now being released (and owe a blog post to that point, but did put up some information on our Facebook page). Mr. Earnhardt and I have actually been in e-Mail communication. I’ve purchased a copy of the movie for the Foundation and one for myself. I now have no doubt that election fraud in a digital world is real and can be evidenced.

So, to be clear: I have religion on this point. I believe digital fraud is possible and probably has already happened. I still think its difficult only because I believe, especially going forward, this will require a well orchestrated effort, and conspiracies generally fail because in absence of superior blind transfers of information, someone will always talk. That, in of itself, does not and will not prevent this Foundation from supporting work, that… to your point… demonstrates integrity and a complete intolerance for any tampering, digital or otherwise.

But to your comment, more specifically: Any misunderstanding of my posting is my bad for writing on the fly (and not doing the compose, edit, rest, edit, post cycle :-) For instance, at the outset I pointed out that her writing was "Just a tiny bit sensational IMHO" and just that: a "tiny bit." And I also importantly went on to write that, "…I concur about the vulnerability…" I did then, and I do more so now.

Is it hard to compromise machines? In fact, Ed Felton recently demonstrated that its too easy. Are current systems vulnerable? Absolutely. Should machinery be built that exhibits robustness against attempts to compromise integrity? Absolutely! And to your point, we take that further by ensuring that the common points of social engineering, or as you suggest — an inside job — are also faults that machinery must resist. I actually prefer to think of it as "fault intolerant."

So in the end, I hope you will remain concerned, interested, and question things as you see them. I am not immune to misstatements. And I am open to being called on my opinions and enlightened as well. This Foundation is not and never will be based on my viewpoints. I am merely a shepherd of a larger cause. Success will require thoughtful individuals, such as yourself, to step up and make the cause and efforts of OSDV a responsible reality.

Blogs tend to be a free form commentary device, and I clearly need to do a more careful review and edit of my comments to prevent misinterpretation of my actual view points.

So, my bottom line: I now have religion that digital voting fraud is totally possible and may have already happened. I still think its a challenge to successfully do so, but far from impossible. And finally, I can assure you (and encourage you to speak with our CTO for further assurance) that matters of integrity matter to OSDV, considerably.

Cheers
GAM

]]> By: AllAboutVoting http://www.trustthevote.org/states_testing_voting_technology/comment-page-1#comment-3 AllAboutVoting Fri, 22 Feb 2008 17:56:30 +0000 http://wordpress.trustthevote.org/2007/12/12/states-testing-of-voting-technology#comment-3 Note that there is active research and some light deployment of voting systems that ensure end-to-end verifiability without compromising the secret ballot. Voters can be confident that their vote was counted-as-cast and not dumped in the garbage dump. Systems that do that are called <a href="http://allaboutvoting.com/2007/09/25/rasing-the-e2e-profile-in-the-public-eye/">end to end verifiable</a>. One such system is <a href="http://allaboutvoting.com/2007/07/27/the-punchscan-voting-system/">PunchScan</a>. Some end-to-end verifiable systems involve voting machines. Some do not. A common theme is that voters take home some sort of 'receipt' with which they can verify that vote was counted as cast but where the receipt does not reveal how they voted. I do not think end-to-end verifiable voting systems are yet ready for wide deployment. I do think: * that they should be discussed and seriously considered * that additional funding for basic research of E2E verifiable technologies should be supported * that limited deployment of E2E verifiable systems should be allowed and encouraged * laws that frustrate any of the above are misguided Note that there is active research and some light deployment of voting systems that ensure end-to-end verifiability without compromising the secret ballot. Voters can be confident that their vote was counted-as-cast and not dumped in the garbage dump.

Systems that do that are called end to end verifiable. One such system is PunchScan.

Some end-to-end verifiable systems involve voting machines. Some do not. A common theme is that voters take home some sort of ‘receipt’ with which they can verify that vote was counted as cast but where the receipt does not reveal how they voted.

I do not think end-to-end verifiable voting systems are yet ready for wide deployment. I do think:
* that they should be discussed and seriously considered
* that additional funding for basic research of E2E verifiable technologies should be supported
* that limited deployment of E2E verifiable systems should be allowed and encouraged
* laws that frustrate any of the above are misguided

]]> By: AllAboutVoting http://www.trustthevote.org/states_testing_voting_technology/comment-page-1#comment-2 AllAboutVoting Fri, 22 Feb 2008 17:51:46 +0000 http://wordpress.trustthevote.org/2007/12/12/states-testing-of-voting-technology#comment-2 This post has me seriously concerned about your organization. How could you be in the space of creating election system proposals and exhibit such a lack of concern about election integrity? >but the thought of anyone willing to attempt to throw an >election seems like a bit of stretch – at least until we >accrue some hard evidence (not circumstantial) that such >has, in fact, occurred An election system should exhibit robustness against attempts to throw the election. In my view it should do so even when the attempts are made by those in power and administrating the election. >(can anyone enlighten me?). Some helpful links: http://www.rangevoting.org/PresFraud.html http://www.rangevoting.org/FraudHist.html This post has me seriously concerned about your organization. How could you be in the space of creating election system proposals and exhibit such a lack of concern about election integrity?

>but the thought of anyone willing to attempt to throw an
>election seems like a bit of stretch – at least until we
>accrue some hard evidence (not circumstantial) that such
>has, in fact, occurred
An election system should exhibit robustness against attempts to throw the election. In my view it should do so even when the attempts are made by those in power and administrating the election.

>(can anyone enlighten me?).
Some helpful links:
http://www.rangevoting.org/PresFraud.html
http://www.rangevoting.org/FraudHist.html

]]>