Voter fraud in Texas, and tweaking an old idea for preventing

Topics: Democracy
25 Nov 2007

From: Ervan Darnell




Texas: Voting System Allows
"Corrections" [1]
Texas: Voting System Allows "Corrections"
by Warren Stewart, Senior Project Director, Verified Voting
Foundation
November 20th, 2007
A
Houston Chronicle article last week described how, following
the November 6 election, Harris County election administrator Johnnie
German “used high-security codes to tap into the Harris County elections
computer system last week and change some of the results manually.” It
seems that the Hart Intercivic voting system used in Harris County allows
anyone with access and a passcode to modify vote totals from an election
without leaving any record of the modification.
But it gets worse. According to Dan Wallach of Rice University's Computer
Security Lab, who served on the task force that recently studied the Hart
system as part of the California Secretary of State’s electronic
voting system
review , the "encryption key" code can be extracted from
voting equipment at any precinct.

Wow. The level of both political corruption and technical
incompetence here is extraordinary.
Where is the "all votes should count" lobby? I suppose
without an election having already been conducted, there just isn't
enough interest in this. Fixing these things a priori is a lot more
compelling than calling for multiple recounts ex post facto.
Back in Jan 2005, I wrote how this could be fixed (in short: machine
generated, perfectly punched, digitally (public key) signed, and
duplicate printed paper ballots that create a physical thing people can
guard and verify by hand). It relied on, among other things, voters
getting a copy of their ballots. The concern with that is that if
your vote can be demonstrated externally, then someone might bribe or
intimidate you into voting a certain way. I don't regard those as
fatal problems. But, certainly vote selling is a substantial change
independent of preventing fraud, and not one most people agree
with.
The physical fix is this: There can be as many monitors at a polling
station as desired. Exactly that many copies of each (punched
paper) ballot is produced. The voter must put one ballot in each
box on the way out (thus no voter can carry proof out of the polling
station). The monitor could be anybody, say the local TV
station. They can now request by serial # the voting record from
the ROV. That must much the ballot they have. Were they to
find a discrepancy, the original ballots at both the TV station and ROV
could be examined for alteration. Obviously, having 3 or more would
be useful. Independent verifiers could add their digital signature
to the ballot along with the ROV's so that neither party could alter the
vote and both would have a copy of the ballot and both
signatures.
Of course, this doesn't solve problems with identifying who is a
legitimate voter in the first place, but it does put a cap on the
technical fraud problems.
A tech note: I'm still pondering if there is a purely tech fix that
creates arbitrary verification, a physical record in the voter's
possession, but doesn't reveal the exact vote. I have some ideas,
but it's not really relevant here.

[1]http://www.verifiedvotingfoundation.org/article.php?id=6529


====================================================
Ervan
Darnell

ervan@kelvinist.com

http://www.kelvinist.com



_______________________________________________
Ragnar mailing list
Ragnar@ragnar.kelvinist.com
http://ragnar.kelvinist.com/mailman/listinfo/ragnar

Home