Post on 12-Jan-2016
25 October
Elections and Voting
Punch Card MachinePunch cards stacked here
Punched here
US Attitudes re e-government Beliefs:
45% agree that giving personal information would improve service
Same percentage believe that doing so risks security and privacy
Balance: 54% believe that government should proceed slowly
Actions: Only 25% of e-government users use it for
transactions Yet 70% execute commercial transactions
Is this a difference in attitudes or availability?
Homeland security Ability to share information
Between federal agencies With local governments
Potential benefit to terrorists Hacking More information
National identity cards US citizens against Other countries more positive
Exploring e-government
Federal: www.us.gov State: www.nc.gov County: www.co.orange.nc.us City: www.ci.chapel-hill.nc.us
Electronic voting:What are the issues? What are the requirements for elections? Key ones
Secret ballot Assurance that your vote is counted
New York Times editorial (13 June 04): “a vote for president should be at least as secure as a 25-cent bet in Las Vegas.”
Should we be worried about possible manipulations?
Did you have problems reading the article? What voting problems did you find?
Voting Problems Ballot stuffing Buying votes Improperly marked ballots
Under voting People who give up
Over voting Which of these are addressed with electronic
voting? Which of these are exacerbated with electronic
voting? Experience
India ended up with worse corruption problems
What is included in e-voting Range of Systems
Optically scanned paper Touch screen systems Internet voting
All Processes (what is the weakest link?) Registration Ballot design Voting Counting of votes Recounts
Major concerns raised
Correctness Certification process Digital divide System set up Auditing (recounts) Accessibility Internet vulnerability
Correctness
Should code be open source? Belief that more eyes are valuable Easier to hack
Corruption Vulnerability – improved by open source
Checking for errors that hackers can exploit Malicious changes – primarily a concern
of which version is running
Certification process
More than 40 states require certification
But what does it mean? Need to guarantee certification of last
minute fixes or changes – not always possible
Both California and Indiana found themselves using uncertified code
Digital Divide More generally an e-government
concern Intimidation
Could become a new literacy test California recall
Less than 1% missed (under voted) for yes/no
But nearly 10% under voted in the candidate selection
System Set Up
Lack of local technical skills Large number of local polling
stations Short set up time
Auditability vs. Privacy
Storing the full record means that someone could get at the information
Acceptable in England Secret Ballot Act of 1872 Requires that each ballot be tied to
the voter Records held as a state secret
Auditing (recounts) Voter Verified Audit Trail
Print a copy Voter verifies Puts it into a ballot box
Used for Routine audits (random) Recounts
Problems Cost: Australia opted out Training
Why do an audit?
If you can only identify a problem, what is the remedy?
If audit can also produce the corrected results, more valuable
Broward County, Florida
special election to fill a state House seat
victor won by only 12 votes 137 of the electronic ballots were
blank Florida law requires a manual recount
but no paper ballots recount isn't possible
Are there other options? Code can be verified against manipulating
Example: encryption within the system But, needs to get into the system
User interface is the vulnerable spot Assuming no program errors, can we be
sure that people will read a screen version correctly if they made a voting mistake?
Depends … Primarily on the quality of the ballot design
Partial Solutions Turnout: separate track of how
many people voted Number of votes cast should
match Need to count abstentions Need to track people who quit in the
middle Does not help to determine if the
vote went to the right person
Accessibility Florida ban on plastic templates with
holes for use by the visually impaired because NOT CERTIFIED
How do you address this problem without compromising privacy?
How is it done today? Generally, advocates for the visually
impaired prefer electronic voting Techniques to support them, primarily audio
What about the paper audit trail?
New Mexico this past weekend
Only two voting machines certified by the federal government for disabled and non-English speaking
Neither measures up to state law that requires voter-verified paper record Upgrade would require
$1000/machine
Internet vulnerability
Denial of Service Attacks Spoofing and Man-in-the-Middle Lack of Control of the Voting
Environment
Denial of Service Attacks Prevents people from getting at a server
Particularly problematic when there’s a time limit
Disrupted election in Canada in 2003 One study: 10,000 attacks in one week in
2001 Distributed Denial of Service
Large number of machines, called zombies or slaves, are used to perpetrate
Regional attacks
Spoofing and Man in the Middle
Basically, insert a component between the client and the server
User interacts with what appears to be a real server, but component in the middle can change votes!
Real server Client/server Real client
Voting Environment
Worms, Viruses, Trojan Horses Problematic if you need to have
special software on your system Spyware compromises privacy
A case study: Georgia 2000 – potpourri of voting
2 hand-counted paper 73 mechanical lever 17 punch card 67 optical scan 0 touch screen
3.5% “under votes” – no vote cast for president
Overall 4.4% under vote rate
Georgia Current Status Complete conversion to touch screen by
November 2002 Testing of 250,000 ballots Signature of code that detects
modification with a probability of 1/10,000,000,000
Oversight of the deployment process Under vote rate of less than 1% No recount capability
Florida (NY Times, July 15 ‘04)
The touch-screen voting machines intended to cure many of the ills of 2000 have raised a host of other concerns here just four months before the election.
A new state rule excludes the machines from manual recounts
The integrity of the machines was questioned after a problem was discovered in the audit process of some of them
Sun-Sentinel reported that touch screens failed to record votes six times more often than optical-scans in presidential primary
Voting rights groups filed a lawsuit last week challenging the recount ban
A Democratic congressman has also sued to request a printed record of every touch-screen vote
New North Carolina Law
Let’s try to find it www.nc.gov Hints:
House Bill 238 and Senate Bill 223 Title: Public Confidence in Elections
Key NC Requirements Machine requirements
vendor cover damages resulting from defects in the voting system, including costs of a new election
comply with all federal requirements for voting systems include in precinct returns votes cast outside of the precinct electronic voting systems generate a paper record of each
individual vote cast paper record generated by the DRE voting system be
viewable by the voter before the vote is cast electronically and voter may correct any discrepancy
vendor will supply source code if they fail to debug, modify, repair, or update the software or file bankruptcy
For optical scan and direct record electronic voting systems, sample hand‑to‑eye count of the paper ballots or paper records of a sampling of a statewide ballot item in every county
Next Area: Medicine
Impact of computers in medicine Two assignments (again paper):
Precis of a procedure or device made possible by computers
A website with useful medical advice