Thursday, November 30, 2006

NIST: Touch-Screens Not Enough for Voting

This is great news. BradBlog, which has been following the touchscreen voting-machine controversy for a long time, is reporting that NIST -- the National Institute of Standards and Technology -- is about to issue a ruling on the use of these infernal devices to record and aggregate the will of the people. NIST hosts the Technical Guidelines Development Committee for the U.S. Election Assistance Commission, who developed the current standards, and also oversees the federal "Voting Systems Standards."

Brad quotes Michael Hickins of Internet News:
A federal agency is set to recommend significant changes to specifications for electronic-voting machines next week, has learned.

The National Institute of Standards and Technology (NIST) is recommending that the 2007 version of the Voluntary Voting Systems Guidelines (VVSG) decertify direct record electronic (DRE) machines.

According to an NIST paper to be discussed at a meeting of election regulators at NIST headquarters in Gaithersburg, Md., on Dec. 4 and 5, DRE vote totals cannot be audited because the machines are not software independent.

In other words, there is no means of verifying vote tallies other than by relying on the software that tabulated the results to begin with.

The machines currently in use are "more vulnerable to undetected programming errors or malicious code," according to the paper.

The NIST paper also noted that, "potentially, a single programmer could 'rig' a major election."

By the way, that NIST paper is very clear and readable. Follow that link to see a nice, succinct summary of the situation.

Brad is saying that NIST is going to recommend that machines, in order to be certified, must create paper ballots that can be physically counted. Because crazy things do happen. We remember that Maryland's primaries, especially in Montgomery County, were a big mess.

BradBlog makes a good point about the difference between a paper trail and paper ballots, which NIST is recommending. A "paper trail" is not verified by the voter, really isn't going to be looked at by election judges, and will just jam the printers, making it harder for people to vote. A paper ballot though can be printed, checked, and counted instead of the digital data.

It's funny, as far as I know, Democrats have suspected that Republicans would hack these machines to steal votes -- I'm sure some Republicans have said the same about Democrats, but it mostly goes the other way. I don't remember, it was something about "stolen elections" in the recent past ... At the same time, support for the touch-screen machines has mostly come from the Democratic side of the aisle. It seems likely there was some hacking -- Florida's 13th District is a major eye-opener -- but in general, most places, people's votes seem to have gotten counted.

This time.

It will be really nice, I think, if NIST puts their foot down and secures a solid technology for the activity that is the cornerstone of our democratic society.


Anonymous Anonymous said...

computer memory is just a lousy storage-medium for votes: it can't be read by humans with trusting potentially manipulated software and it can be changed in an instant without a trace.

paper on the other hand can be verified with the own eyes and can't be changed easily by humans, hardly without leaving a trace and it's nearly impossible for a machine to change a vote on paper.

November 30, 2006 6:54 PM  
Blogger Theresa said...

so what's the difference with a paper backup or a hard drive back up or multiple usb stick backups or electronically transferring the votes to several different remote machines at the same time.....

Or have it write the voting information onto multiple word documents on the backup, if you are concerned about the format being misread - better yet, pdfs...

I can absolutely symapathize with not wanting to maintain this much paper... I mean what are you going to do, have it spew out a paper copy every 60 votes with one line per vote and then have scanners to read it back in and convert it ?

You are back to hanging chads, which I think we would all like to avoid.

though I understand the concern about the software being vulnerable to penetration...

December 01, 2006 7:46 PM  
Anonymous Anonymous said...

Here's the difference.

December 01, 2006 11:54 PM  
Blogger Theresa said...

Alright - it is running Windows CE.
Enough said.

So it is vulnerable to any Windows virus, and it can dynamically download just about anything.

which says that clearly there needs to be someone writing the specs for the software on these machines with the understanding that it will have to go through a security validation.

So the question is, what idiot that wrote the requirements specification for these didn't automatically build software security into the requirements ?

That is pretty dumb.

There are lots of ways to build computers with security - that cannot be penetrated.

You put them on classified networks, you don't allow anyone access (physical access) that shouldnt' have it.

We do this in the military all the time - for obvious reasons. You don't want an unfriendly getting a hold of the targeting software for a Tomahawk, now do we ?

So clearly, we should have applied the standard and understood military assurance levels to whatever contract was let for the voting machines.

This is why I said that I don't think you have to have paper. Computer security is a well understood problem with lots of solutions. What it sounds like anyway, is nobody bothered to enforce any security requiremnents on whomoever let the contract for the voting machines.

So the voting machine people whatever operating system they wanted to in the computers.... Windows. Dumb. Really dumb.

December 02, 2006 6:47 PM  
Blogger JimK said...

Theresa, sit down.

I think this means ... can I say it? I think this means ... we agree on something.

PS Did you watch that video that somebody linked? If it's the one I think it is, it's an eye-opener.


December 02, 2006 7:17 PM  
Blogger Theresa said...

Jim -
Is it on the last set of comments on this subject ?

December 03, 2006 11:07 AM  

Post a Comment

<< Home