September 18, 2020

Preemptive Blame-Shifting by the E-Voting Industry

The November 2nd election hasn’t even happened yet, and already the e-voting industry is making excuses for the election-day failures of their technology. That’s right – they’re rebutting future reports of future failures. Here’s a sample:

Problem

Voting machines will not turn on or operate.

Explanation

Voting machines are not connected to an active power source. Machines may have been connected to a power strip that has been turned off or plugged into an outlet controlled by a wall switch. Power surges or outages caused by electrical storms or other natural occurrences are not unheard of. If the power source to the machine has been lost, voting machines will generally operate on battery power for brief periods. Once battery power is lost, however, the machines will cease to function (although votes cast on such machines will not be lost). Electronic voting machines may require the election official or precinct worker to enter a password in order to operate. Lost or forgotten passwords may produce lengthy delays as this information is retrieved from other sources.

In the past, of course, voting machines have failed to operate for other reasons, as in the 2002 California gubernatorial recall election, when Diebold machines, which turned out to be uncertified, failed to boot properly at many polling places in San Diego and Alameda counties. (Verified-voting.org offers a litany of these and other observed e-voting failures.)

The quote above comes from a document released by the Election Technology Council, a trade group of e-voting vendors. (The original, tellingly released only in the not-entirely-secure Word format, is here.)

The tone of the ETC document is clear – our technology is great, but voters and poll workers aren’t smart enough to use it correctly. Never mind that the technology is deeply flawed (see, e.g., my discussion of Diebold’s insecure protocols, not to mention all of the independent studies of the technology). Never mind that the vendors are the ones who design the training regimes whose inadequacy they blame. Never mind that it is their responsibility to make their products usable.

[Link credit: Slashdot]

Comments

  1. More on E-Voting

    To follow up on yesterday’s e-voting post:

    Ed Felten at Freedom
    to Tinker has some posts on problems with e-voting,
    especially concering protocol
    design.

  2. I have recently become very worried about the subject (“Florida recount debacle? You ain’t seen nothing yet“) since the NYTimes reports today that “527” advovacy groups are spending over $350 mm to encourage voting, and absentee voting in particular, this year. In other words, there are a lot of folks spending a lot of resources with an awfully large temptation to attack the system for partisan gain.

    The two prime example I can think of are (1) right-wing operatives posing as early voting agents to destroy votes collected in heavily Democratic districts and (2) left-wing operative paying homeless folks to sign pre-filled absentee ballots.

    Perhaps in future posts, I’d be interested in your thoughts on:

    * What opportunities are their for fraud in non-e-voting systems (vote by mail, traditional balloting and registration, etc.)
    * How can we put these fraud opportunities in context?

    – Mike

  3. I worked at the Princeton OIT helpdesk for a while. This is usually the first suggestion when something won’t turn on (I actually answered a call like this one time. Turns out the lady hadn’t plugged her computer in. Oops). In fact, I’m wondering… if one of the machines goes down, and it isn’t the power, what would you tell the poll worker? I haven’t read the whole report/manual, but I’m curious. While I agree that your criticisms of e-voting have been spot on, this one seems to fall a bit flat. Yes, the tone is arrogant and haughty and demeaning to poll workers, and doesn’t mention that the machine could just catastrophically fail (and if it took a bunch of democrat votes, would that be a “catastrophic success” to the Bushies?); beyond that, I can’t understand what else they should have put in there. Reboot?

    Michael-
    The threat of fraud isn’t limited to the examples you listed. In fact, signing the pre-filled absentee ballots requires a registered person to get one. The issue that we are seeing is that people are finding it very easy to register multiple times by changing small bits of information on each application. Another example is moving to a different state, and never deregistering in the state you have moved from.
    Other opportunities for fraud are:
    -People driving around neighborhoods that drive in a distract that votes predominantly for one party and offer to “ensure” that absentee ballots are delivered.
    -People calling up residents and “registering” them over the phone. To paraphrase Dana Carvey paraphrasing Ross Perot: “It just don’t work like that folks.”
    -People calling residents and telling them that the polling place has changed locations. Not fraud in the traditional sense, but fraud nonetheless.
    -People making up voter registrations. Reminds me of why they don’t let people beyond security. It has little to do with directly securing the terminal. But if every passenger brings a friend, then the number of screened people doubles, and the chances that the screeners will miss something increases. So by flooding registrations may try to do this as well.

    Now solving this is no easy task. Because the easy way to do it (make everyone register every other year), would alienate voters, and make our stellar turnout be that much better. National ID cards might do the trick (except that the ACLU/privacy groups would never go for it). It’s probably the biggest problem facing capitalist/democratic societies. You want everyone to be able to participate, but there are people who want to gain an unfair upper hand, and will do so. Nobody expects it (in the USSR or Russia today, nobody would be surprised by vote fixing); people are encouraged to participate and groups are willing to “help out.”

    I’m sure I’ve glossed over and missed something and swung wildly and missed (like the Yankees, damn them), but hopefully it makes some sense.

  4. Mike: You’re right that absentee ballots are problematic (see this post). Voter registration and vote-suppression tricks of the sort jvance mentions are also hard to cope with. I’ll grant you all of that.

    The good news, on those issues, is that we have many, many years of experience in dealing with them. Many people will be out there fighting for fairness and trying to counteract the dirty tricks that we know will be tried by some people.

    I just don’t want to compound those problems by adopting a polling-place technology that is so open to fraud and malfunction. Probably, I write more about e-voting systems because they’re within my expertise as a infosecurity guy, and I know how badly many of them are designed.

    Jvance: In my role as informal tech-support consultant to family and friends, I have seen the occasional didn’t-plug-it-in failure; and I’ve learned always to check the cabling and power switches first. I’m sure that some polling place, somewhere, will fail to open on time because poll workers forget to plug in the machines.

    But it’s one thing to ask people to check the cables and switches first, and another to dismiss any possible startup failures, in advance, as being caused by that kind of error. Only the dumbest reporter would write a sensational story about a failure that turned out to be caused by failure to plug in the machines. More likely, we’ll see stories about real failures — as in the California gubernatorial race, when some Diebold devices wouldn’t boot — and the vendors will try to blame them on operator error or to insinuate that it was really a plugging-in problem.

  5. Furthermore, many e-voting systems have battery backup, without any indication of whether they’re running on battery or power mains. If somebody kicked out the plug early on, and nobody noticed, it’s easily conceivable that the machines could fail mid-day. Is that a poll worker problem or a machine engineering problem? Most likely, it’s an engineering problem. There should be a big red “I’m using my battery” light that poll workers are trained to look for. If the light says “LOW BATTERY”, then normal voters would dutifully report it to the poll workers.

    It’s also worthwhile to point out that optical scan cards (fill in the bubble) or even punch cards are much more resiliant to this sort of issue. Sometimes, old technology can be more reliable than its fancy replacement.

  6. My mistake. I thought this was a support guide, not an excuse book. My fault for not reading your post completely.