April 24, 2014

avatar

Electronic Voting Researcher Arrested Over Anonymous Source

Updates: 8/28 Alex Halderman: Indian E-Voting Researcher Freed After Seven Days in Police Custody
8/26 Alex Halderman: Indian E-Voting Researcher Remains in Police Custody
8/24 Ed Felten: It’s Time for India to Face its E-Voting Problem
8/22 Rop Gonggrijp: Hari is in jail :-(

About four months ago, Ed Felten blogged about a research paper in which Hari Prasad, Rop Gonggrijp, and I detailed serious security flaws in India’s electronic voting machines. Indian election authorities have repeatedly claimed that the machines are “tamperproof,” but we demonstrated important vulnerabilities by studying a machine provided by an anonymous source.

The story took a disturbing turn a little over 24 hours ago, when my coauthor Hari Prasad was arrested by Indian authorities demanding to know the identity of that source.

At 5:30 Saturday morning, about ten police officers arrived at Hari’s home in Hyderabad. They questioned him about where he got the machine we studied, and at around 8 a.m. they placed him under arrest and proceeded to drive him to Mumbai, a 14 hour journey.

The police did not state a specific charge at the time of the arrest, but it appears to be a politically motivated attempt to uncover our anonymous source. The arresting officers told Hari that they were under “pressure [from] the top,” and that he would be left alone if he would reveal the source’s identity.

Hari was allowed to use his cell phone for a time, and I spoke with him as he was being driven by the police to Mumbai: (Video on YouTube)

The Backstory

India uses paperless electronic voting machines nationwide, and the Election Commission of India, the country’s highest election authority, has often stated that the machines are “perfect” and “fully tamper-proof.” Despite widespread reports of election irregularities and suspicions of electronic fraud, the Election Commission has never permitted security researchers to complete an independent evaluation nor allowed the public to learn crucial technical details of the machines’ inner workings. Hari and others in India repeatedly offered to collaborate with the Election Commission to better understand the security of the machines, but they were not permitted to complete a serious review.

Then, in February of this year, an anonymous source approached Hari and offered a machine for him to study. This source requested anonymity, and we have honored this request. We have every reason to believe that the source had lawful access to the machine and made it available for scientific study as a matter of conscience, out of concern over potential security problems.

Later in February, Rop Gonggrijp and I joined Hari in Hyderabad and conducted a detailed security review of the machine. We discovered that, far from being tamperproof, it suffers from a number of weaknesses. There are many ways that dishonest election insiders or other criminals with physical access could tamper with the machines to change election results. We illustrated two ways that this could happen by constructing working demonstration attacks and detailed these findings in a research paper, Security Analysis of India’s Electronic Voting Machines. The paper recently completed peer review and will appear at the ACM Computer and Communications Security conference in October.

Our work has produced a hot debate in India. Many commentators have called for the machines to be scrapped, and 16 political parties representing almost half of the Indian parliament have expressed serious concerns about the use of electronic voting.

Earlier this month at EVT/WOTE, the leading international workshop for electronic voting research, two representatives from the Election Commission of India joined in a panel discussion with Narasimha Rao, a prominent Indian electronic voting critic, and me. (I will blog more about the panel in coming days.) After listening to the two sides argue over the security of India’s voting machines, 28 leading experts in attendance signed a letter to the Election Commission stating that “India’s [electronic voting machines] do not today provide security, verifiability, or transparency adequate for confidence in election results.”

Nevertheless, the Election Commission continues to deny that there is a security problem. Just a few days ago, Chief Election Commissioner S.Y. Quraishi told reporters that the machines “are practically totally tamper proof.”

Effects of the Arrest

This brings us to today’s arrest. Hari is spending Saturday night in a jail cell, and he told me he expects to be interrogated by the authorities in the morning. Hari has retained a lawyer, who will be flying to Mumbai in the next few hours and who hopes to be able to obtain bail within days. Hari seemed composed when I spoke to him, but he expressed great concern for his wife and children, as well as for the effect his arrest might have on other researchers who might consider studying electronic voting in India.

If any good has come from this, it’s that there has been an outpouring of support for Hari. He has received positive messages from people all over India.

Unfortunately, the entire issue distracts from the primary problem: India’s electronic voting machines have fundamental security flaws, and do not provide the transparency necessary for voters to have confidence in elections. To fix these problems, the Election Commission will need help from India’s technical community. Arresting and interrogating a key member of that community is enormously counterproductive.


Professor J. Alex Halderman is a computer scientist at the University of Michigan.

Comments

  1. Anonymous says:

    As an Indian, I am ashamed … but unfortunately not surprised. The rule of law in India is a farce for the ones on the wrong side of it; and the antics of the police in computer security would be hilarious if not so damaging.

    see

    http://valleywag.gawker.com/tech/politics/google-helps-india-jail-the-wrong-guy-320818.php

    or

    http://valleywag.gawker.com/344918/indian-police-beat-man-google-helped-arrest

  2. Anonymous says:

    No wonder the elections in India are as they turned out to be…

    Elections are as fake in India as anywhere else in the world!

  3. Anonymous says:

    i think the only real way to get the mainstream to take notice of this sort of irregularity is to actually rig an election. you know, make some ‘underdog wins by a land slide’ sort of thing. then when the talking heads are going on about how interesting it is, you leak to the internet the details of what has been done and how. sure, the entire election will need to be redone, but at least it wont be done with those machines.

  4. Jacques mattheij says:

    Is there a defense fund that I can contribute to?

  5. Abhi says:

    “Then, in February of this year, an anonymous source approached Hari and offered a machine for him to study. This source requested anonymity, and we have honored this request. ”

    I guess it was a mistake from your side

  6. meDilbert says:

    One more example of what great democrazy India is. Even if this guys gets out on bail and courts exonerate him, he will be witchhunted by Congress govt like so many other whistle blowers.

  7. Lewis Baumstark says:

    I wonder if an election monitoring organization (e.g., the Carter Center) might be able to help here.

  8. prasen says:

    As much as I sympathize with the arrest of the researcher, the problem is not the EVM. If the EVM can be tampered (and it can be ofcourse), so can paper ballots (and they are too) – Let me explain:

    Booth Capturing, or even rigging vote counts is extremely common. I can tell you from personal experience where the booth was locked up, votes were rigged using EVMs and the one journalist called by two rival politicians along with them were beaten up simultaneously in the room.

    But the problem actually starts much before that. After decades of living through impotent governments, rural people (who account for over 75p of the pop.) can readily be bought for 2-3 dollars each. Ofcourse they take this money from multiple parties, and noone except them knows who really gets the vote.

    Then there is the caste vote. Most people will only vote people of their caste, so any person who genuinely wishes to bring about change faces lots of difficulties.

    Most importantly, to win an election, you need funds. Lots of them. The corporate houses give funds to the biggest of the parties, who in turn have loads of black money stocked up. The Gandhi family, which has been at the top job ever 2-3 elections since independence had 2 Billion in US dollars in a Swiss Bank in 1990 – all from one single transaction from the KGB – on a side note, its interesting to see that the most corrupt had 20-25 Billion piled up. All this is from Schweizer Illustrierte, a reputed Swiss magazine which did the expose 2 decades back.

    Democracy cannot work in India which has multiple problems – population, social hierarchy, and many more. It will either get worse, unless we get one strong leader who is able to start the change.

    • Anonymous says:

      Democracy cannot work in India which has multiple problems – population, social hierarchy, and many more. It will either get worse, unless we get one strong leader who is able to start the change.

      There is a big risk with that: that leader might turn out like Hitler or something. A politically nonunified government may flail about and cause some problems but at least it’s incapable of truly monstrous levels of evil if it’s pulled away from any extremist behavior by internal dissension and a flow of money from extremists that prefer a different extreme.

      Look at recent US history. Much of the time its government’s been sufficiently internally divided that it’s avoided being a really serious problem, aside from not getting some useful things done and wasting huge amounts of tax money. While making sure something much worse doesn’t take its place.

      Then we suddenly got a unified Republican government — House, Senate, and Presidency. No sooner than you can say “PNAC needs a new Pearl Harbor”, we conveniently get one, then the Patriot Act shreds the Constitution, then a wasteful and destructive war in Iraq started on a fraudulent pretext that blew *trillions* of dollars and led to who knows how many pointless deaths both of Iraqis and of loyal American soldiers. And back on the home front the economy was left in smoking ruins.

      And that’s without serious abuse of emergency powers to suspend elections, circumvent term limits, or any of that stuff. Bush was bad, but things could conceivably have been even worse, as they were in WWII Germany.

      The moral of this story is: Be careful what you wish for. A strong leader is not necessarily a good leader.

  9. Anonymous says:

    I had come across this story several months ago and had refrained from circulating it further because of the ramifications of the findings contained in this research. The researchers should know that no machine or code can be claimed to be inviolable. Their decision to publish this report before even apprising the Election Commission of India itself is flawed and shows the amateurish nature of this research. I am not aware if they were issued any notices prior to the arrest to disclose the information the authorities are now seeking. Not to disclose the source of the EVM which came into possession of the researchers may be equivalent to being accessory to a serious crime.
    The researchers did not bother to tell us how many machines need to be tampered with to materially affect the result of elections in a constituency and how much time it would take to do such tampering. It is easy to raise bogeys about a democracy which operates at a scale such as India. University of Michigan should have checked about the ramifications before publishing the findings. The seriousness could not have been lost on the university after fiasco of chads in Florida when Bush was declared elected. Had the ethics committee of the University gone to sleep? The researchers may have a point about the vulnerability of the machines, but it was their duty to first apprise the Indian authorities about their findings before rushing to the media. I sincerely hope that Mr. Hari is treated well by the police. It is his duty to tell how he got into possession of the evm. He may not enjoy the so-called journalist’s immunity. Freedom to tinker comes with caveats. We wll be enlightened to know if these issues were considered before the research was published before any peer review. It is very important to understand these issues. otherwise, a yeoman’s service to Indian democracy will go waste.

    • AnonymousProf says:

      Is that the best argument you have? Researchers uncover reasons for concern with a country’s election system, and you think it’s reasonable for the authorities to try to intimidate one of their critics? That’s shameful. That’s not how a free country works. That’s not democracy. That’s the kind of action that repressive, autocratic regimes take — not respected democracies like India.

      The decision to publish the report was reasonable and falls squarely within scientific practices. I can’t believe you are criticizing the researchers for unethical practice. That’s ridiculous. Their actions were entirely ethical.

      And if it’s a crime in India to not disclose the source of the EVM, then India’s laws are screwed up.

      This whole incident makes the Indian authorities look bad. The mature, professional response would be to respond to the critics in a calm, fact-based manner — not to send the police after them to intimidate them. The Indian authorities should be ashamed.

      • KG says:

        If, hypothetically for now, the EVM used in the research was illegally obtained, please explain how the actions of the researchers were ethical?

        Then Indian authorities are trying to track down how the security surrounding the EVMs was broken and a machine removed without authorization. Hari Prasad is suspected on possessing stolen property and will be produced in court with legal representation. If there is any intimidation, then the judicial system of India will look into it, however unbelievable that my sound to a westerner.

        • Truth says:

          More importantly, is it ethical to use insecure voting machines for “free and fair” elections? Is it ethical to refuse to fix said flaws even after they have been proven to exist?

          Sometimes, people have to break a lesser law to fight a bigger injustice. The machine was borrowed for a good cause, not stolen. It was returned in perfect condition, so no actual harm was done. During colonial times, wasn’t it “illegal” to agitate for independence?

          • KG says:

            A systemic insecurity in the voting has not been proven to exist. My point is that the researchers concentrated purely on the engineering aspects of the EVM, while ignoring the wider process it is part of.

            That wider process involves physical security of the EVMs at several levels post manufacturing. The research is based on obtaining an EVM, which violates the stated controls of the Election Comission. In other words, it is based on the flawed premise of sustained physical access to an EVM. After the previous elections, the losing political parties raised a hue and cry about the EVM. So motivations other that the desire to see fair elections cannot be ruled out on the part of the insider providing the EVM.

            Do the researchers seriously suggest that if one EVM can be removed then tens of thousands can? Can they all be tampered with, a process that would take months, resealed and inserted back into the election system? Can a hacker modify the code that goes into the ROM during production?

            And for god sake, please dont expect to be taken seriously if you are trying to justify research that is based on a flawed premise by comparing it to agitating against slavery (which colonialism in its barebones basically was). The election system in India is in a process of continuous improvement and EVMs are a massive improvement over the previous system of paper ballots. Even after EVM use, there is a system of monitors at each election booth in case there are attempts to coerce voters. Yes, thats voters and not colonial slaves. Various further improvements have been suggested and the EC should look into them. But if someone steals a lock, opens it up and changes the levers, they havent really proven that the lock is defective, just that they stole the lock.

          • senthil says:

            First we need to define what is meant by ethical.. violating a law is NOT related to ethics.. Ethics is about morality.. the ethics is based on the intent of the person and the purpose for which he is doing an activity..

            In the case of hariprasad, it may be illegal..

            But we have to note one point.. How can one prove that EVM can be secretly stolen, without attempting it?

            From this perspective, the anonymous persons who stole the EVM also did a good thing that they exposed flaws in physical security..

            I think you are in self-denial mode..

        • homunq says:

          If, hypothetically for now, the computer from which you posted this comment was illegally obtained, please explain how your actions are ethical? Oh, and have you stopped beating your wife?

          • KG says:

            If, hypothetically, the computer from which I posted this comment was illegally obtained, my actions are not ethical.

            Other than being a troll, please explain how your question about me beating my wife, or for for that matter anyone at all has any bearing on this blog post or the discussion.

    • Anonymous says:

      There is more than enough time to put in all kinds of safeguards to improve these machines before the next elections, or to use paper ballots. Several voting experts, including the authors and others, have offered to help the EC do so. This was noted in the letter sent out by voting experts to the EC just two weeks ago, see:
      http://www.usenix.org/events/evtwote10/final-letter-eci.pdf

      The constitutional role of the EC is not to defend the machines come what may, but to ensure free and fair elections in India. When experts have pointed out problems and offered to help fix them, the EC is answerable to the Indian people: why is it not trying to improve the machines?

      Perhaps the EC will still rise to the occasion: after all, it has played a strong role, with Magsaysay-Award-winning Election Commissioners Seshan and Lyngdoh, in ensuring free and fair elections in the past.

  10. Sachidanand says:

    Congress has ruled the country the way they wanted, by changing the history of India, tampering the EVM and lots of other things …
    Even the media is pro-congress and never say anything against them …
    See the hypocrisy of media and human rights comission : http://www.indybay.org/uploads/2007/01/29/rahul.pdf

    And the foolish citizens are still supporting them without asking them what they done to this country by ruling for almost 50 years ….

  11. Anonymous says:

    “That’s not how a free country works. That’s not democracy. That’s the kind of action that repressive, autocratic regimes take — not respected democracies like India.”

    haha. Time to wake up my friend.

  12. Anonymous says:

    Buy Diebold: because voting is too important to be left to voters.

  13. AnonyMouse says:

    Although the narrative of the persecuted researcher seems convenient and hits all the right emotional spots, the procedural aspects of how the device was obtained is still important. If we can draw a parallel with the Gizmodo/iPhone4 fiasco, the provenance of the object in question is of utmost importance. Being a maverick type researcher comes at its own peril.

    • Anonymous says:

      And what happens if you instead draw a parallel with the Pentagon Papers, or, as GVLN Rao has done, with Tehelka exposes?

      If one reads the the other information surrounding this case, one sees that the EC has not been forthcoming about letting researchers examine the EVMs. Would you prefer that only
      (a) thousands of insiders, who do have official access to these machines, and
      (b) those who have forcibly stolen several EVMS during elections,
      should be able to look at them and figure out how they can be hacked?

      That’s absurd.

      • AnonyMouse says:

        I assume the laws would have been framed for the stolen EVMs and so forth, which still apply to researchers. Would this still be kosher if the machine(s) in question were one of those ‘stolen’ EVMs? Would that not be a conceivably justifiable pretext for the Government to know where these came from?

        I am all for transparency, but I am assuming that the researcher would be aware that being in possession of an EVM without the permission of the Indian government could land him in hot water. So converting this episode into a ‘righteous researcher vs. evil government’ frame would be reductive at best.

        India’s RTI laws leave much to be desired, but these are slow changes opening up a complex system. The whole WikiLeaks style guerrilla investigative approach, where the ends justify the means, does not sit well with me.

        • Anonymous says:

          I don’t think you or I know the exact legality of this situation, if it were to be treated as a simple technical issue: whether a statute was violated or not.

          If you read up on the history of the efforts of VeTA in general and Mr. Hari Prasad in particular, you will see that there is considerable sincerity. I don’t think the comparison to WikiLeaks is appropriate: no lives have been endangered, and the authors have already offered, in a public panel at a conference attended by Deputy Election Commissioner Shukla, to help the EC address these issues. This is far from guerilla, and more like civil disobedience.

          Further, it is not convincing that this arrest is just a follow-up on a stolen machine, and that law enforcement has to follow up on these instances. The VeTA blog also mentions several stolen machines, truly stolen using force during elections, that nobody has bothered to further investigate. This makes the arrest feel much more like an intimidatory tactic.

          Given the nature of communications today, governments will have to become more transparent. While they can intimidate their own citizens/residents with laws that prevent transparency, they will, in general, not be able to keep information from being circulated in other countries, which might have more open laws. I think some senior folks in India will get this.

          • AnonyMouse says:

            My supposition on the legality of the procurement of the devices is (perhaps unfairly) based on the desire for anonymity on the part of the source as well as the researchers refusal to disclose the same. While this far from a conclusive indicator, in a benign situation such measures are generally unnecessary. The WikiLeaks comparison is not an aspersion but more of a methodological parallel, on investigations that attempt to bypass governmental opacity by means of ‘anonymous’ sources. In both cases, the individual providing the information/object which had been hitherto been behind a bureaucratic veil would likely anticipate some governmental reaction. Transparency is an obviously desirable end, but contravening the direct procurement (i.e. official) approach definitely entails dealing with the possible ramifications of the decision.

            ‘Intimidation’ is a strong word and is the reaction that I guess such a framing of the issue hopes to elicit. I do not mean to question the sincerity of Mr. Prasad or VeTA’s efforts. However, even if this incident is considered under the ‘civil disobedience’ construct and if governmental due process requires action such as what has occurred, it can hardly be construed as intimidation.

            I would wait for greater details on the legal aspects of the issue before jumping the gun and considering it as a domination/repression tactic. It is perfectly possible that the government reaction is heavy handed in comparison to what the law dictates and this would be reprehensible, however, till specifics emerge, the intimidation arguments would be best kept aside.

          • AnonymousProf says:

            You say that anonymous sources are generally unnecessary if everything is on the up-and-up. But that’s just not true. I think you must be ignorant of the history in this area. The researchers’ actions to protect the anonymity of their sources are perfectly reasonable, and in keeping with the standards of the field.

            There’s nothing nefarious about this. I sense you must be unfamiliar with the history of research into electronic voting machines. Haven’t you heard of Utah County Election Clerk Bruce Funk, who lost his job when he asked an independent researcher to inspect his machines? Haven’t you heard of Ed Felten and team, who were threatened by a voting machine manufacturer with legal action, as a result of his research into their electronic voting machines? Haven’t you heard of how another voting machine manufacturer tried to suppress research by Avi Rubin and team that was critical of their voting system, by calling up officials at Avi Rubin’s university and trying to get them to force Avi to withdraw the paper? You may be unaware of these incidents, but trust me, voting machine researchers are well aware of them, and it is entirely reasonable for researchers to protect the anonymity of their sources.

            And the intimidation tactics going on here would appear to substantiate concerns about how the authorities would respond to public criticism. After seeing how the Indian authorities have responded, any prudent researcher would be prudent to protect the anonymity of their sources in the future, to protect them from similar tactics.

            The Indian authorities’ actions are disappointing. I agree that they are a distraction from the real issue: can the Indian electronic voting machines be trusted? The question is whether the Indian authorities will act to address concerns about the voting machines, rather than trying to silence their critics.

          • AnonyMouse says:

            My basic point is that if it turns out that under Indian laws there is a reasonable justification for an arrest, it isn’t intimidation. To state a truism, context matters. The cases you cite may validate your point in their contexts but do not stand as precedent for what is happening in India currently. The larger argument that I am making is that while it may appear to you that the intimidation story corresponds to the narrative of persecution you clearly favour, it is too early to frame the situation in such a way. Since we seem to have irreconcilable differences on this issue, I will conclude my part in this discussion by saying that it would perhaps be prudent to wait for details, such as the specific legal aspects, before printing the “Free Hari Prasad” posters. The floor is all yours.

          • Anonymous says:

            If there have been more blatant, forcible thefts of EVMs without much police investigation (let alone arrests), then the selective pattern of investigation and arrests does indeed suggest intimidation as the intent.

  14. James says:

    Most police are good people following the book. At least he got those people… jmo…

    In any event, I don’t really like to judge a book by it’s cover, but if I had to, this guy meant no malicious intent. Doesn’t prove anything though…

  15. averros says:

    The sooner everybody abandons the myth that in the democracy the ruling class somehow represents the will of the people (whatever it is), the sooner the criminal nature of this ruling class becomes apparent. The reliability of the voting machines is quite irrelevant, and is, at best, a distraction – why bother fighting for fair vote counts, when the choice you’re given is between few barely distinguishable scoundrels coming from, and vetted by, the same gang?

    It’s like trying to make gold out of base metals by trying to repeat even more and more carefully the same idiotic alchemical protocol. It’s not the accuracy of the election ritual which somehow turns votes into moral right to have power over other people – it’s the principle that the magic ritual of voting transforms the gang of thieves into lawful rulers, which is flawed. The principle that other people can give consent for you (even if you are not willing) to be ruled.

    Which makes it even more sad that people are jailed for trying to improve the ritual – instead of fighting against the principle. Just like those Soviet dissidents from the 60s which believed that communism could be salvaged. What a waste.

    • Anonymous says:

      And what would you replace elected representatives with? Direct plebiscites of the population? Doesn’t scale. Any other system of government that’s already been tried? “Representative democracy is the worst system of government, except for all the others”. Nothing at all? Welcome to Somalia, hope you enjoy your visit.

  16. averros says:

    prasen: “It will either get worse, unless we get one strong leader who is able to start the change.”

    Those who didn’t read “The Road to Serfdom” are doomed to illustrate it.

  17. Anonymous says:

    The problem is with the way we handle things. “Arrested for researching on bugs.”

    Please re-tweet and spread the news.

  18. AtariBaby says:

    It seems in these times we’ve become numb to the effects of news on human beings. Someone has been arrested. This guy’s life is being harmed by government officials. I can’t imagine what it must be like to have to pay a lawyer a fortune for your freedom! This is terrible! I hope your friend is swiftly and inexpensively released.

  19. Anonymous says:

    Publish the vulnerabilities.

    Advise that you will also publish the architecture of the machine if he is not released to enable additional vulnerabilities to be discovered by others.

  20. Rex says:

    I was trying to check the possibilities of the Internet Voting software for countries like Australia, New Zealand. There were a lot of places where we could not think of putting it on paper design cos of the flaws that it has.
    Many countries do have Internet Voting too but not much for government elections. Companies like Accenture too have built good systems but its the people that think otherwise.

    India doesn’t want to shift to this new Internet Voting. Companies like BEL sell only the normal voting machines.

    If someone has to remove defects of such machines, why dont you guys prove it to the government officials in BEL instead of blogging it. This is a very sensitive matter and not supposed to be blogged on a mass level. Point out the drawbacks and I am sure BEL authorities will take a note of it and rectify if there are any issues.

  21. Rohith says:

    yeah right. This genius claims he can hack an hard coded electronic chip and change the code after manufacturing process. When I asked him in a phone in TV interview “how can he do that without having access to manufacturing procedure during which nobody has any clue who the candidates will be for the elections in any particular constituency?”

    He said “people could steal some EVM technology from factories, make their own chip after list is announced and swap them before or after election procedure.” Then the anchor asked him “But don’t you think it is easier to swap ballot boxes with paper votes than an EVM given the difficulty in replicating an EVM”. To which he said (drum-roll) “That is what I am trying to say, that EVMs are also hackable”.

    His logic is “no encryption is secret if we have the key” or “No computer is safe if we have the password”. To be short this guy speaks non-sense. And he bloody stole a government property.

    and for goodness sake. In India, it is not Internet Voting machine (we don’t even have electricity to most villages). It is electronic. Every polling booth in every constituency has a separate Electronic Voting Machine. After elections during counting, all EVMs from a particular constituency are put in a particular place and result from each EVM is check (surprise surprise) manually in front of political party’s polling agents (who are also present during elections’ time in every polling station). Those numbers are added and results are declared. This has nothing to do with Internet Voting used in US, Australia where every polling booth is connected to internet to record votes in a central database (which can be hacked during or after elections). A hard coded chip used in EVM can only be changed during manufacturing process and at that time even elections wouldn’t have been declared by Election Commission forget the list of candidates.

    • AnonymousProf says:

      Are you a reporter? If so I think you have passed judgement too quickly.

      I encourage you to talk to experts in the field. There is an entire field of computer scientists who study these issues, such as those at EVT. I think you are misjudging this research. The researchers have answered your questions in their paper, and I think they have valid responses to all of your questions.

      It is simply not accurate to say “this guy speaks nonsense”, and I call on you to withdraw that statement. Their research is featured in one of the world’s most selective and prestigious scientific peer-reviewed conferences on computer security. That should be a clue to you that perhaps there may be some validity to their findings.

      • KG says:

        The research involved had a very fundamental premise that was flawed i.e. that physical access to the EVM is very easy to have, and that tampered EVMs can be taken in and out of government warehouses very easily, and that corrupt officials or criminals with inside access could easily influence the result. Makes for a great academic paper, but in the real world absolutely no system is invulnerable to corrupt insiders, including paper ballots. The EC, being concerned with the real world, has bothered to build in multiple checks and balances at various stages to make the system redundant as much as possible, and improve it from the previous paper ballot system. To claim that all of them will fail simultaneously is a smear job. Can the researchers provide a probability estimate at least for a complete systemic failure, from manufacture, to storage, to use, to vote counting?

        In the western world it will draw a lot of eyeballs, and the narrative of a 3rd world government trying to hide something will immediately catch on. But what has the EC exactly done? Physical protection of the EVM is a cornerstone of the system. And it has filed an FIR against a person who has illegally acquired one to protect the system it has in place. Can the researchers point to any instance of research done to expose the vulnerabilities of EVMs in the West based on illegally acquired hardware?

        If they were so sure that EVMs were vulnerable, then why did they have to resort to illegally breaking the exact system the EC has put in place. India has a functioning judicial system independent of the EC, then why didnt the researchers follow the legal route to get the access it wanted. Demanding improvements to the EVM based process, and illegally acquiring one to make physical hardware alterations are entirely different propositions. Can the researchers demonstrate how an EVM can be removed, altered, resealed and put back into a voting booth, and the voted recorded then be counted? It is very easy to put a lot of if and buts in an ACM paper.

        • Anonymous says:

          The research involved had a very fundamental premise that was flawed i.e. that physical access to the EVM is very easy to have, and that tampered EVMs can be taken in and out of government warehouses very easily

          The very fact that the researchers themselves obtained extended enough physical access to an EVM to carry out their research proves that “flawed” fundamental premise!

    • Anonymous says:

      At the time of manufacture, or if a machine is accessed by miscreants long before an election, you’re right that the candidates’ names may be unknown. But a) the political parties then are likely to be the political parties now, so rigging the machine to favor one of these parties is a viable threat model, and b) the miscreant could simply install a back door that makes the machine easier to hack (requiring just minutes or even seconds of furtive activity at the machine) once the candidates are known.

      As for paper ballots, most countries that use them extensively (Canada, for one) just have members of the political parties and any additional interested citizens witness everything. First they can see that the boxes are empty and don’t have false bottoms or anything at the outset. Then ballots are taken behind screens and marked in private, then brought back out folded and put in the slot at the top of the box in public — the box never leaves the sight of voters waiting their turn and any observers hanging around. After the voting is done, the boxes remain in public view all the way to, and through, the counting of the ballots. It’s nigh impossible to sneak extra ballots in, accidentally-on-purpose lose a box (say from an area that votes strongly left, on behalf of the right, or vice versa), or tamper with the box contents without being caught.

      And paper ballots require serious effort and many conspirators to throw an election. Large numbers of altered/lost/extra ballots are needed to change any but the closest of races, and very close races represent cases where the people’s preferences are about equal anyway. Further, these need to be widely disseminated, as too many lost/extra ballots or strong enough unusual voting patterns in one single precinct that swing a whole nationwide election will be investigated as highly suspicious. You need to stuff a few extra votes for your party in each of thousands of boxes, not a few thousand in one box, to have a hope of not being caught. But large conspiracies scale poorly, both in terms of cohesion and remaining dedicated to their purpose and in terms of keeping secrets. The more conspirators, the shorter the half-life before someone lets something slip or gets caught and talks.

      Electronic voting, on the other hand, in the worst case requires only a few minutes of access to a single machine to corrupt an entire election, in cases where the machines are vulnerable to computer viruses — and several common brands of voting machine have been found vulnerable to viral attacks that could propagate to other machines, or else up to a (physically much better guarded) master counting computer that if suborned can throw the whole election. The vote-count thumb-drive from the infected EVM ends up vectoring the attack to the counting computer, Trojan Horsing right past all that physical security, and there goes the country. *Poof*

  22. Sandeep Narayan Shelke says:

    Dear Mr. Halderman,
    Can I reproduce this piece of article on my blog for wider circulation? Thank you.

    Jai Bharat!
    -Sandeep.

    • Anonymous says:

      From the About link on this site:

      “Unless noted otherwise, material on Freedom to Tinker is licensed under a Creative Commons Attribution-Noncommercial 3.0 United States License. If you’d like to discuss alternative licensing terms, contact Ed Felten.”

      So the answer would seem to be “yes”.

  23. Akshay says:

    As much as I sympathize with the researcher and believe in a free debate on EVM’s and such, and more importantly, as much as I agree security-by-obscurity doesn’t work, it’s important to understand why he was arrested. There is a missing EVM that was in the possession of this researcher. This is not unlike Jason Chen from Gizmodo being interrogated on a missing iPhone 4 prototype.

    • AnonymousProf says:

      I think it’s important to keep some perspective about this. Serious and credible concerns have been raised about the trustworthiness of the Indian electronic voting machines. The Indian election commission could be acting to respond substantively to those concerns, to put the concerns to rest. They could be acting to address the weaknesses in the EVMs, to ensure the integrity of future elections. That would be the responsible, professional way for them to react. But so far, there is little indication that they are doing so. Instead they seem to be focusing their energy on actions that can be easily interpreted as silencing their critics and that do nothing to respond substantively to the concerns or to address the perceived weaknesses in the EVMs. That’s a shame, and a lost opportunity.

      In the long run, trying to spin things and silence your critics never works. It just makes the government look like they have something to hide.

      Don’t the Indian election authorities have enough on their plate, that they have better ways to use their time? Wouldn’t it be more constructive for them to focus their energy on improving the system and demonstrating the trustworthiness of their machines? Time spent on intimidation tactics is time that could have been more productively spent to ensure the integrity of future elections. I think it’s a misjudgement on their part.

      • Anonymous says:

        If there is a law that disallowshe EVMs from being used without consent from the right authorities (I assume there is one), do you expect the authorities to ignore it when someone who presumably was involved in breaking this law comes to light?

        I do assume good intentions of the research and I do hope the election authorities address the findings of the research; and I hope no harm comes to the arrested researcher. Maybe even the above law needs to be reviewed. I also agree that the legal system in India is pretty far from ideal when it comes to enforcing laws…

        But in the current situation I am not sure what the authorities have done can be claimed to be wrong or intimidatory just because he got arrested for breaking a law?

  24. VA says:

    I feel sorry for Hari but it seems that he has vested interest in pursuing this line. See the latest response from ECI to Mr. Har, it seems clear that he is shying away from actually proving what he claimed to have proved in his research. http://eci.nic.in/eci_main/recent/reply__sh.VVRao.pdf

    If the machine he used, was taken from any of the authorized manufacturers, it is a legal issue and he should give out the name of the source who gave him machine. it is his duty to help the law.

  25. Anand says:

    Please bring out the truth about the machine. The loosing party should demonstrate how it got tampered. They should ask the govt to bring out a randomly picked machine and demonstrate and prove it is tamper free. in the next election at least.

  26. Anand Babu Periasamy says:

    Voting is fundamental to any democratic system. Unlike manual counting process, loopholes in an electronic system can be exploited at a large scale. It can easily change the fate of an election. Hari did a great job to expose these limitations. Instead of rewarding Hari and coming up with fixes, he is sent to jail.. I am sick.
    – Anand Babu Periasamy

  27. KG says:

    The premise of the “numerous flaws” in the Indian EVMs is based on the hacker gaining physical possession of the machine. The research concentrates on purely computer engineering and science aspects of the EVM, ignoring the various physical safeguards the Election Commission puts in place, such as seals on the individual machines and baring access to them. The Election commission has clearly stated that this is an important component of the process by which the EVMs are secured. If the authors are suggesting that election fraud could take place by replacing the chips, post production, in thousands or millions of EVMs, then though the research may be technically correct, it has the markings of a smear job.
    If it is proved in court that Hari Prasad was in illegal possession of an EVM then any attempt to make this look like intimidation, an attempt to silence him, etc. etc. will be spin. The EC says that physical security is an important part of the process. Some insider, for reasons of their own, which is then construed as integrity to ensure that election fraud is not happening in India, breaks this safeguard and physically removes an EVM, which is a clear violation of the law. Though the current claims will gain a lot of eyeballs in the Western world, a rigorous approach would involve demonstrating how a manufactured EVM could be removed , tampered with and then reinserted into the election process and have its votes counted. And there is no evidence of that.

  28. Anonymous says:

    Transparency is a cornerstone of the election related commitments agreed by all OSCE participating States in the 1990 Copenhagen Document, and observation is a key aspect of transparency. Transparency is necessary to “ensure that votes are cast by secret ballot or by equivalent free voting procedure, and that they are counted and reported honestly with the official results made public

  29. henriique says:

    He need stay strong!

  30. Bharatwasi says:

    Hari Prasad is India’s leading lection security researcher.

    He exposed critical vulnerabilities in the country’s electronic voting machines by studying a machine provided by an anonymous source.

    On August 21, 2010 Hari was arrested by authorities demanding to know the identity of that source. The police took him from his home in Hyderabad to Mumbai, a 14 hour drive.
    Hari performed with the voting machine research with Prof. J. Alex Halderman, who reached him by phone in the police car.
    —————-
    I’m OK, I’m OK, thanks. I’m OK.
    We just reached Mumbai.
    In another 20-25 minutes, we will
    be reaching the police station.

    The police came to my house at
    05:30 in the morning
    saying that they are going to take
    me into custody.

    As i couldn’t revert back to the,
    eh, on the anonymity
    In the sense like … I didn’t disclose
    who had given me the machine

    They said, like, if you want to get
    out of this, you ought to find …
    who has given you, and you get
    out of this issue.
    Then nobody will touch you.

    The police are getting pressure on the top, …
    so obviously they can’t do anything.
    They have no other option than arresting me.

    The only thing what I want so say
    is this kind of intiimidation …
    will hit the hearts of volunteers,
    and no volunteer will come forward
    if this kind of thing happens in the future.

    That’s the reason I’m going to
    take it on and I’ll face it, …
    so that the volunteers get inspired by me.

    And the ultimate goal is…
    we have to achieve that these machines
    are not fit enough for the elections.
    This is what I am thinking.

    And I want to say…
    whatever research we have done,
    or whatever work we have done is right,
    with all my heart

    Thanks for your concern.
    ——————-

  31. Anonymous says:

    We admire incompetency. Any attempt to make a better voting machine will make people angry!

  32. RMercuri says:

    The situation with the Indian voting machines was hokey from the get-go. The major given reason for them was to supposedly cut down on the violence that occurred at their polling stations (where paper ballots, hand marked, hand counted) were formerly used. There tended to be a lot of deaths (people burning down the polling stations in order to destroy the ballots, etc.).

    When these machines first came out a few years ago, I was quoted (in a few independent papers in India and I think also by the AP) as saying they were problematic for a number of reasons. First, a government-owned company manufactured them (should we trust?). Second, they didn’t manufacture enough for the entire country to vote at the same time, so the machines travel about during a voting period — which means that some results may be known, and this information may be used to persuade other voters to vote certain ways, etc. Third, although the violence at the polls was reduced somewhat (the death count was less), this might have been because it was easier to commit election fraud with the machines — there were reports of rogues grabbing the machines, voting 200 times, and then handing them back to the poll workers. Somewhat simpler (and considerably less obvious) than stuffing the ballot boxes, but with the same effect. Even easier if the votes were on the machines to begin with (at the start of the day). I have thus never viewed India’s voting system as secure or appropriate for democratic elections, and (as noted above) have publicly been saying this from the start.

    It is good to finally have confirmation of this by Felten’s folks, but as with the Diebold code when it was leaked and reviewed by Rubin et al, this type of examination tends to create more problems than solutions. The government can always say (as Diebold did) that “the version reviewed was not the one that we are currently using.” Even if this isn’t true, there’s no way to prove (since they won’t provide the current version for review) it renders the “scientific report” somewhat moot and the folks who want to defend the machines can continue to do so under this guise. You’d think that Felten’s offspring would have learned from this mistake a while back and wouldn’t have been so eager to publish their results without at least trying to determine (or giving the government an opportunity to respond) if the machine they were given was a) the same as what is currently being used there and b) wasn’t just a scam machine to make the researchers look like fools and provide an excuse to take their Indian scientist out of commission. Incidentally, here in the USA the government (and their cohorts) removes researchers they don’t particularly like, from the front lines, by denying NSF funding. It’s a lot easier than arresting them and gets far less press coverage.

  33. Anonymous says:

    Q: How did you get the EVM you studied?
    A: It was provided by a source who has asked to remain anonymous.

    All right. You did not steal a machine, but you got a stolen machine. Indian police did their job.

    • Hari K T says:

      I don’t know whether you are in this world , hearing about open-source :) .
      Go with GNU/GPL licence :) , freedom to study :) .
      Do you love research ? I think no ….
      When a computer says 5+2 = 8 , do I want to believe ? I don’t think so . But may be your case :) .
      Don’t bother about from where they got it . They should be protected. For whom are you talking ? Its my country and I want to know what’s happening . If you are from PAK , stay away :) .

  34. Roy says:

    Some idiotic commentators are supporting the police act. That is unbelievable. Thank you so much for writing about this issue on your blog. Indian media seem to have picked up the news now. Hopefully media pressure will force police to free Mr Hari Prasad. Please provide your side of the story to Indian media as they are very active and will certainly create pressure. This is a shame for Indian democracy and for the freedom of scientific research.

  35. C G says:

    A stolen machine? What about the thieves who stole the election? ….

    I think the guys who did are the kind of upright whistle blowers our country needs, and the bastards who got him arrested is the kind of people we need to put on a deserted island in the indian ocean for their lifetime…

    Damn the thieving politicos who want to steal the votes!

  36. Hari Krishna Tadepalli says:

    Mr. Hari Prasad’s case is classic on how modern democracies, despite the visions of founding fathers, have degenerated to exclude their supposed owners and benefactors – the people who do not rule and hold offices. Laws supposed to be for the people, by the people and of the people are framed, voted and passed in secrecy.

    In another classic fight for justice, a common Indian was responsible for the RTI (Right to Information) act only a few years ago.

    I would like to see this debate turn into a nationwide support to Mr. Hari Prasad and make the EC accountable for its actions.

    - Hari Krishna Tadepalli

  37. Varun says:

    So if some criminal at election times gets caught with a unaccounted for or stolen EVM and his defense being the argument that i wanted to show the results can be tampered with in that EVM,
    The authorities should just let him and the person who leaked the EVM in the first place, let go and move on.

    BS this needs to be investigated, how did a EVM end up on TV without the EC knowing about it, this is serious as it forms the chain of the “tamper proof EVM” argument.

    With hook or crook anything can be messed up, insider official is the weakest link of that chain and there is no full proof solution for that as long as Homo Spaiens are Homo Spaiens

  38. masijeevi says:

    Security of EVMs is fundamental to democracy in India specially since no back up paer ballot record is kept. As far as making a machine available for research and security audit is concerned, it shouldn’t be a big issue.
    I teach at Delhi University and we at Student Union Elections are provided same EVMs by Election Machinery of the Delhi state every year. Not all machines are used. point here is that it not impossible to acquire a few machines, in best case scenario it ECI should readily make available some machines for security audit.

    • Varun says:

      Not a big issue?
      So its no big deal if some goons are given EVM’s to fiddle with, right?
      There is a difference between legitimate giving out of EVM’ as in your case you mention and without permission, as appears to be the case here.

      It is absolute paramount that every EVM is accounted for as it forms the “chain of security protocol” for the EVM’s overall security and credibility.
      So big issue is how the hell did it get out what ever be the pretext or excuse of it getting out.

  39. Anonymous says:

    Can somebody explain in few words how it can be tampered?

    • Varun says:

      See this video they did
      http://www.youtube.com/watch?v=ZlCOj1dElDY

      They replaced the display screen,
      They put on a bluetooth radio chip, then used a mobile app to send votes to it.
      They suggested removing the chip which contained program code,currently code can’t be read back from the chip itself apparently,
      Then they questioned the security offered by wax seal’ out on it.

      All this hack and slash even a locked iphone is hacked, With that much brutality its not even the same EVM, its custom made EVM.
      All what they showed can’t be done without an insider providing them physical access to EVM

      There is no full proof safe guard against that, some people will always be corrupt whatever the country whatever the system, paper or electronic.

  40. V.Aanand says:

    i always had a doubt on the machines. now the arrest has made things very clear and has confirmed that it can be tampered. many time subramaniam swamy has said this and he was not arrested. when an engineer said this he is arrested. why? is this unheard engineer more capable than s.swamy? just like automation concepts these machines can be controlled thru satellites. S.Swamy in one of his interview told that some 6-7 foregin engineers had come months before elections for doing this job. they were staying in 5 star hotels. posting of Navin Chawla who has many a black marks as CEC raised many eyebrows. there were so many areas where BJP thought that they would win but didnt. The plan must have been like this. to make things look too real, communists should lose. Being a respected opposition party, BJP should not lose shamefully. congress should not become absolute majority. it should need allies support also, but in small numbers. so BJP & communists are still in shock and they are too numb to smell the rat. not only machines can be tampered, the system also can be. look at tamilnadu. maximum polling was done after 4PM when the booths are empty. bribe everyone in the booth heavily with unimaginable amounts and then start punching the machines and underline the list as you please. a simple man like me knows this means then imagine professionals booth riggers.

    • Varun says:

      Please quit being so political.

      Arrest here is most likely because there is an unauthorized access or leak of a EVM which the EC isn’t aware of, It’s perfectly logical.
      He isn’t sentenced yet or is he?
      There needs to be an investigation to determine how an EVM got leaked, its paramount as EVM’s security was compromised what if it happened during election time under the pretext of research, who would believe them then,
      And have you seen the exploit?
      They apparently put radio receivers in it, so that EVM could be a ticking time bomb come election time,

      And about being controlled through satellite? that BS there is no network compatible hardware on the EVM, it’s totally standalone, get your facts together, satellite can’t control which isn’t networked unless you’re sending Electro Magnetic Pulse which would just fry the chips all together.

  41. Arjun says:

    As an EECS student at umich , i felt great pride that someone from our university had taken the initiative to expose the weeknesses of the devices used for elections of the biggest democracy in the world and my birthplace.

    I sympathize with Mr Prasad. Im sure he will be released. Good Luck!

  42. Nitin Kushwaha says:

    Hello Haldeman,

    Greetings!

    It is good to know that how some systems are used in India, without a proper check on it’s Operating conditions, and the extent to which it can operate, I am proud that Hariprasad had taken the trouble to test and prove this EVM thing,

    It’s simple any Electronic device which is designed for a specific operation can be also modified to work in another way, and who knows the loophole may be known but no one really wanted to patch them up!!

    however, In India we dont get the rights to conduct the Reverse engg and Security Analysis. although we can say that India is an Independent Nation and we all have freedom!

    but we do have some grey areas like this!

    It must be Politics and Politics only…
    otherwise for the past 3-4 years why no1 came knocking??

  43. Anonymous says:

    Join The Facebook group to save Hari Prasad and Save Indian Democracy.
    http://www.facebook.com/?ref=logo#!/group.php?gid=154908477857046
    Raise your voice. Don;t be evil and Don;t support evil. Visit the web site.
    http://fightwithhariprasadc.ipage.com/fightwithhariprasad//index.php?option=com_frontpage&Itemid=1

  44. Anonymous says:

    It was good thing that they are able to find the flaws in machine. But it is bad in india that they de-motivate and bring problem to same person.

  45. Anonymous says:

    Whistle-blowers are avenged in India by those who they expose, using Police as a tool, using criminal defamation charges, using draconian internet laws etc or are simply gunned down.

    Some references: Asian Human Rights Commission report 2009, http://www.ahrchk.net/pub/pdf/TheStateofHRin10AsianNations2009.pdf (The state of Maharashtra of which Mumbai is the capital tops the list for murders by police. Refer page 95).

    See other instances of whistle blower tragedies ( http://purefriendship.sulekha.com/blog/post/2010/01/rti-whistle-blowers-success-and-tragedy-a-report/comment/1894144.htm )

    Google co-operates with Indian Police and turns over electronic communication and IP Addresses which identify internet based whistle blowers. For example this case: http://dlvr.it/2qKk2

    The two problems which deny rule of law to Indian citizens is the lack of enforcement of existing laws and the selective misuse of certain draconian laws that Indians have created for themselves.

    I would not be surprised if the EVM researcher reveals the name of his source under torture (I hope and pray for his safety). Torture is apparently accepteable in India as a tool for investigation, as mentioned in the same Asian Human Rights Commission report.

  46. Anonymous says:

    One more Freedom of Information (RTI = Right To Information) activist was “found dead” in India yesterday.

    This is what India is, it happens every other day. To call it a “great” democracy is to insult the intelligence of people. India should become a great democracy with the help of people like Hari Prasad.

    Another RTI Activist who exposed scam, found dead