From Kim Zetter at wired.com comes the story at of the recent Napa County, California election. Napa County uses paper ballots that are marked by the voter with a pen or pencil, and counted by an optical scanner machine.
Due to a miscalibrated scanner, some valid votes went uncounted, as the scanner failed to detect the markings on some ballots. The problem was discovered during a random recount of one percent of precincts. The ballots are now being recounted with properly calibrated scanners, and the recount might well affect the election’s result.
Although a mistake was made in configuring the one scanner, the good news is that the system was robust enough to catch the problem. The main source of this robustness lies in the paper record, which could be manually examined to determine whether there was a problem, and could be recounted later when a problem was found. Another important factor was the random one percent recount, which brought the problem to light.
Our biggest fear in designing election technology should not be that we’ll make a mistake, but that we’ll make a mistake and fail to notice it. Paper records and random recounts help us notice mistakes and recover from them. Paperless e-voting systems don’t.
Did I mention that the Holt e-voting bill, H.R. 2239, requires paper trails and random recounts?
[Link via Peter Neumann’s RISKS Forum.]
Did Diebold machines over-count for Schwarzenegger by a factor of 1.6?
It’s getting late so I’m going to post this and run. I just got this in the inbox from the ever-vigilant Jody Holder. Apparently, (see the email below) if one looks at the relative amounts of votes cast in the California Recall election last fall over …
Though I was not specifically address in the previous posts, I have been reading this blog for a while now and disagree with Cypherpunk in some regards.
Cypherpunk, there seem to be two aspects to your debate. The first is that Avi Rubin and Ed Felten only focus on “the potential problems with electronic systems.” The second argument seems to be that this site is strongly biased. I will address these in order.
You are right in a way that both of them are fighting a war against Diebold and friends, but the term war brings to mind unconditional surrender and a desire for extinction, which is not their goal. From my point of view, it cannot be called a war because they are working with the developers of this technology. After analysis and constructive criticism, a better product is in place. I have never heard either of them hostile towards people they criticize, so it is clearly for the betterment of electronic voting.
Paper ballots are tried and trusted. There is very little point in analyzing paper ballot systems since the margin of error and other problems cannot be solved by improving paper ballots. So, we have to develop a new system, but until we trust it, we use a system in the background that we trust just in case. While we do this, we compare results (as the article shows) and analyze the system, because how else do we develop trust in a system if we don’t analyze it?
To get to your second point, of the blogs I read, this site seems to be good at remaining nuetral on certain topics. I remember there was a post about Dean earlier and at the bottom there was a disclaimer which read:
[Disclaimer: My longstanding policy is to avoid partisan politics on this blog. I’m commenting on this issue because of my expertise in computer security, and not to make a political point or to urge anyone to vote for or against Dean.]
I think that this is a clear example of what type of blog Ed Felten is aiming for. Of course his views will show through what he picks to post, but I also feel that if a report came out from a major news source that praised electronic voting, it would appear here.
If what you felt was happening was happening, then there would be a clear problem, but, in my mind, it isn’t.
You’re right, I misunderstood the sense of your headline. I thought you were saying that the good news was that paper ballots were once again shown as superior to electronic ones (or, as the Wired story spun it, that this system was considered an electronic voting system and the error was yet another “glitch”), and that this would be good by helping to defeat the movement towards electronic ballots. If the good news was just that an egregious election error was caught and fixed, I agree that is good.
The point I thought was overlooked was that this cumbersome system, with pens that might not mark, blobs that might not be filled in, and paper that might not scan, is highly error prone compared to a simple touch screen with immediate confirmation and feedback to the voter of what the machine read. All you and Avi Rubin and other experts talk about are the potential problems with electronic systems. You never point out that paper based systems like this one have significant vulnerabilities of their own. As far as I can tell, you and he are not even trying to give a balanced presentation of the strengths and weaknesses of the various systems.
With Orange County, yes, I think that if there is a widespread misunderstanding and misconception about the nature of an important public security failure, you or other election-security experts might speak up to correct it. I’ll bet that if there were a similar misunderstanding in the opposite direction, something where people mistakenly thought electronic ballots would have fixed some problem when paper would actually be just as good, there would have been no hesitation from the security community to speak out and explain the inaccuracy.
The real problem is that I believe there is a perception in the security community that they are partisans in a war. They are fighting the electronic voting machine industry, which has its own tactical advantages in terms of money and political influence. The security community must then exploit its own advantages, in terms of reputation and expertise, to oppose the enemy and fight this battle for public opinion. That’s how it looks to me, anyway, and I believe it is utterly irresponsible and unprofessional to do so. The job of an expert is to provide expertise, not to hide some facts and promote others in order to sell his preconceived position.
Cypherpunk,
You may have missed the key word in my headline. It’s not “Good News: Election Error …” It’s “Good News: Election Error Found …”
Also, you may misunderstand my position. I am not opposed to e-voting systems. I am opposed to voting systems that lack certain safeguards, the most important of which is a voter-verified, recountable paper trail.
And I’m not sure I understand your argument regarding the Orange County errors. Are you really asserting that I have an obligation to write about facts that are “not relevant” to the arguments I’m making?
Can you step out of your box far enough to see anything in the current story, anything at all, which could be an argument against paper-ballot voting? Hint: I can see something.
As a security professional, isn’t it your obligation to be objective and present all sides of an issue, both pros and cons? Either you are abandoning your professional objectivity and betraying the public trust, or you have so effectively blinded yourself that you are unable to see beyond the narrow perspective of your preconceived notions.
It’s one thing when there is a dispute within the community. Then it’s fine for experts to advocate their positions forcefully, knowing that the other side will make its own arguments, and that the audience will have the background and experience to make informed judgements. But when the debate is between the security community on one side, and commercial interests on the other, there is no such balance. The public will discount the arguments of the companies on the grounds that they are motivated by financial gain, while academics will be seen as unbiased and disinterested.
It would be refreshing to read an analysis of voting technologies which listed the many disadvantages of paper ballots alongside the problems with electronic voting, providing the information in an unbiased and balanced way so as to let the reader make his own judgement. But instead we see this: “Good News! Election error in California!”
Look at the problems in Orange County, where people were given ballots for the wrong precincts. Did you, or anyone in the security community, speak up to say, wait, this is an unfortunate incident but it could have happened in the same way with paper ballots? Did you say, there are problems with electronic voting, but this story is not relevant? Did you say, states should rethink their conversion to electronic balloting, but not based on stories like this one? I didn’t see it, if so.
I hope that you in the security community will realize that writing for a lay audience is different from writing for professionals. You have a responsibility to use your expertise to illuminate and explain issues in objective terms. Becoming an advocate and presenting one-sided analyses is a misuse of your expertise and a violation of the trust which the public has invested in you as a distinguished expert.
Either that, or perhaps the community is right. Last time that I remember this much uniformity of opinion was on the issue of export controlls of cryptography. It turns out that the community was right, and the government finally realized it.
In my experience, whenever there is this much uniformity in the online and security community about an issue, it means that only one side is being heard. Examples which support the conventional wisdom are eagerly sought and propagated; those which do not help are cast aside. It’s like wearing intellectual blinders. I strongly recommend that you find someone to start playing devil’s advocate, if you care about the truth.
I will be speaking on the Marc Steiner show, which is the local Baltimore NPR talk show, at noon today on electronic voting security issues. I’m the guest in the studio for an hour, along with whatever representatives of Diebold and the state of Maryland that they can find to defend the machines. You can listen live at http://wypr.org/ and it repeats again at 7 tonight, all times EST.
This is a great example, and I’m going to work it into my comments. Thanks for posting that. I had seen the story already, and I really like the way you articulate the issue here.