BBV in the NY Times again: Who Tests Voting Machines?

http://www.nytimes.com/2004/05/30/opinion/30SUN1.html?ex=1086494400&en=178c48e0066d1c23&ei=5062&partner=GOOGLE

Whenever questions are raised about the reliability of electronic voting machines, election officials have a ready response: independent testing. There is nothing to worry about, they insist, because the software has been painstakingly reviewed by independent testing authorities to make sure it is accurate and honest, and then certified by state election officials. But this process is riddled with problems, including conflicts of interest and a disturbing lack of transparency. Voters should demand reform, and they should also keep demanding, as a growing number of Americans are, a voter-verified paper record of their vote.

Every time I see a "mainstream" media outlet addressing BBV I cannot but remember her (and people who joined her at the beginning) the struggles and hard work they had to go through to overcome the "tinfoil" aspects of their crusade for the truth.
Again, she has proven that one person who is willing to sacrifice can do a lot for her country. THANKS BEV AND COMPANY!

called me for info on this article, as he does frequently. This info has been out for nearly a year, and is in Chapter 6 of Black Box Voting http://www.blackboxvoting.org/bbv_chapter-6.pdf .

It is important that they are covering it.

At times I have called the The New York Times on the carpet for basically acting as the personal publicist for three people in the movement, ignoring about 20 other groups who are doing groundbreaking work, and ignoring the experts in the field on HAVA, auditing, investigative reporting, and litigation.

The New York Times has got to get over dealing with this issue in terms of computer programming rather than auditing issues. And even if we get paper ballots, we have achieved nothing without proper auditing, which isn't even on the table yet.

Many of the computer scientists: a) refuse to deal with the auditing issues at all and have weak expertise in writing legislation, but they do it anyway -- witness, Dr. David Dill attempting to help write legislation, omitting all meaningful audit procedures and calling it a "receipt" or a "trail" instead of a ballot -- though it has been pointed out to him a hundred times that the word "trail" has no legal definition and will therefore be meaningless in legislation; or b) We see computer scientists reinventing the auditing wheel over and over, using flawed models. Here's a concept: Ask people who actually understand auditing.

I recently spoke with Senator Patty Murray about this. I told her that upcoming congressional hearings need to bring in auditors and stop the overreliance on computer scientists, who have yet to get it right.

Why is it auditing, not certification or programming?

You mainly need to know if it is counting right. You could certify until the cows come home, but that still doesn't prove it counts right. Auditing forces you to "show your work" and prove that the count is correct.

You should see my e-mail. Dozens of ill-thought-out computer solutions, taking issue, of course, with the idea that we will argue this issue more effectively by concentrating on auditing, which would in turn give us paper ballots, meaningful USE OF the paper ballots to check the machines, and would give us several more checks and balances not used -- or even proposed by computerheads -- at this time.

We need:

To compare number of voters with votes cast. This will catch most kinds of stuffing or deleting votes from the electronic ballot box. (But it won't catch situations where a negative set of votes is used to balance the books; to catch that, you need a comparison of voter-verified paper ballots with the machine count on machines with stuffed ballot boxes).

To compare polling place tallies with central count tallies. This will catch substitutions or changes in the electronic ballot box done after the polling place closes, and diddling with the highly vulnerable central count tallies.

To compare voter verified paper ballots with the machine counts. This will catch dishonesty in the ballot definition, ie. the Sequoia flaw that allows the person creating the ballots to have the Spanish language and visually impaired ballots vote for someone else than it shows on the screen, and it will catch tampering with the machine tally by any means before or during the election.

To compare absentee ballots received by the post office with absentee ballots counted. This will catch tampering which removes strategic sets of absentee ballots before they reach the counting phase.

End of rant.

Bev

possibly dispute the critical importance of auditing.

However, there are a lot of single minded geeks, I guess ...

computer scientists can operate best within the confines of their discipline. The best teams that I have been on have used SMEs (subject matter experts) and computer scientists together. SMEs define the business logic and the computer scientists implement it within technological constraints (this can get to be a iterative process with computer scientists telling SMEs that some business logic can't be implemented in a computer system and SMEs refining their business logic and SMEs telling computer scientists that the system must have this business logic in there or else the system is worthless!!!).

It is of the utmost importance that the team be a multi-disciplinary team because of auditing and legal considerations.

The choice of words to describe things is very important... just as certain words resonate in a technological sense so do certain words resonate especially in a legal sense. There are legal principles and laws as part of the "business logic" to be embedded within these computer systems. The word "ballot" has a legal meaning. This word needs to be used in legislation and also in computer specifications so that there is a direct link between the law and the computer system. This way you can directly tie the workings of the computer system to the law. Then it will be much clearer when the law is being violated if the ballot is not functioning in accordance with legal principles. Use of terminology forces the issue. Using a synonym creates a grey area, a veritable legal thicket, for obfuscation. This is balanced by the need to communicate across disciplines. One way to achieve this balance would be the following: The law is written using legalistic terminology. As the specification is developed, we may choose to link the ballot to "trail" or "receipt" (these words should be defined in the specification itself so that there is no confusion) as these words have meanings within the computer science community (ie audit trail is commonly used) and may provide clarity for a programmer coding the specification. For example, a ballot may have an audit trail, ie we will log its entrance into the system and at critical junctures within the system and we will also create output showing the ballot has not been tampered with. One form of the printed output may be called a receipt. There may be other tallies necessary to cross check the validity of the ballot. "Ballot" should be used especially in terms of drafting legislation -- ie, you monkey with the ballot, you go to jail. That way clever attorneys don't debate what a ballot really is.

There are also basic principles of holding free and fair elections systems that honese and competent election officials want to see embedded in a computer system. Auditing is one of them.

I have been down this route before...I can tell you a computer system will work according to specification. I can not always tell you if the specification is correct; that is the job of the SME. I can tell you if the equations that you have given me have been implemented in the computer system according to the document. I can not tell you if basic physical equations are correct or if accounting equations are correct. I have told people what the limits of my expertise are and have refused to certify a system to the extent that they wished. I am also smart enough not to want to go to jail due to ignorance of the law on my part or to risk explosions!!!!

Certification needs to include both the validaton of the system according to computing standards and it needs to include validation of the system according to business logic, ie auditing. The former can be done by computer scientists and the latter by lawyers and election officials/auditors experienced in certifying elections. There is some overlap in these areas especially when trying to assess failure of the system. Did the computer system contain code that did not follow specification or was configured incorrectly? Or, was the specification wrong or inadequate or incomplete? These answers need different skill sets to be answered correctly.

The type of auditing/cross-checking that you are asking for is critical to ensure that the ballot has not been tampered with. And I believe it is the minimum set of rules or tallies. There are probably more. SME's can help computer scientists both with implementing these tallies and also with interpreting the data to account for anomalies.

At the end of the day, you are correct in asking for output that is readily understandable by anyone. Just as we merely plug in an appliance into a wall socket without understanding all the details of a city's electric grid and we can verify that there is indeed electricity at a particular outlet, so should our voting system be verifiable by its citizens without technical knowledge.

I think I need to consolidate that and present it to legislators.

Plaigarism in a good cause is always welcome!

should be counted independently/first...and results tallied..

THEN the machine count..

You can bet your last dollar, that people would be counting those paper balots very carefully.. Just the major races.. the propositions could be verified later..

How hard would it be to verify president...congress...senate..??


if a precinct has 600 registered voters, and 400 showed up to vote, there should be 400 paper ballots to start with..

some may not have voted for all three races, but most will have..

When the count is verified, then the machine's totals could be spit out.. They should match perfectly...

That would not allow anyone "wiggleroom/time" to make the two figures "match"..

If two cycles were run with no errors, people might start to trust the machines". I can guarantee you that they will NOT , the way things are now..

There should also be an exit poll at every polling station.. The three numbers should mesh perfectly..

There should also be a failsafe plan in effect, so that a "re-do" could be done in the event of discrepancies.. Simply re-printing bogus numbers will not do the trick..

I think it would be wonderful if the democrats who vote this Nov, just bring a picnic with them, and just stay at the polls.. No need to count ballots, ....they could just count the living breathing people , who would be there on the spot to swear an affadavit..:)

Just like everything else they do!

....and it all comes tumbling down.

Who founded The Election Center?

Who is R. Doug Lewis?

Lewis says he worked on Connally's campaign- but was he going by Bryan Lewis then?

I have read that The Election Center, in one form or another, was working in the late 1980's.

Connally, of course, has connections to the LBJ kind of ballot rigging.

Connally's son appears to have been in the Texas Air National Guard around the time Bush was,not confirmed.

Connally's son knew Bath, and Connally senior ended up in some financial deals with Bath and that connection to the Saudi's.

Connally changed parties and served in the Nixon administration.

Connally apparently got into some trouble in the S&L debacle.

Around the time of the germination of The Election Center, Connally, on the board of a banking institution, guaranteed a $4 million loan to Bryan Lewis, that Lewis never repaid although people have wondered why not. (Like, he could have)

Is it all connected?

Who knows?

This is stuff gleamed from news stories of the era.

the "election center" seems to be nothing more than Lewis and a secretary. 4 million would have floated a whole office. Banks would have wanted to see something for that money...

And why has Congress taken testimony from Lewis and The Election Center for years without knowing who or what they really are?

Group Takes Money from Voting Machine Companies, Then Evaluates Voting Machines for the Public

March 25, 2004

Rigging electronic voting machines is easy, especially ones which don't print paper ballots. For example, Georgia election officials allowed an update to the software in their Diebold machines prior to the 2002 Senate election, without any officials reviewing the software update. With no paper ballots, a meaningful recount couldn't be done, even though the results were suspicious. We'll never know if those machines in Georgia were rigged or accurate, but they easily could have been rigged under those circumstances.

Any electronic voting machine company which wants to rig an election can tell officials shortly before the election that they discovered a problem and need to do a quick software update immediately, or the election will be a disaster. Installing uncertified software is illegal, but most election officials would go along with such an update anyway.

So why would The Election Center say rigging electronic voting machines is as difficult as "time travel?"

Money could be the answer.

The Election Center, a non-profit which evaluates voting machines for state governments in exchange for tax dollars, also takes money from electronic voting machine companies. This conflict-of-interest only came to light because of an error . Yet we're asked to believe executive director R. Doug Lewis' assessment that rigging an electronic voting machine is as difficult as time travel.

Obviously, any group which accepts money from voting machine companies shouldn't be evaluating their security for the public. That includes The Election Center.

To achieve secure elections, however, the answer isn't to get a more objective group to evaluate complex, electronic voting machines. Voting machines shouldn't be used by most voters for the major races.

To achieve secure elections, make it simple. Use plain paper.

Have voters mark X's on plain pieces of paper, and drop their ballots into a transparent ballot box. Let voters stay to watch the ballot box. Later in that room, after the voting, have two Republicans and two Democrats hand-count the votes as a roomful of citizens watches.

MOVELEFT.COM:

http://www.moveleft.com/moveleft_essay_2004_03_25_group_takes_money_from_voting_machine_companies.asp

:kick:

:kick:

this is making news in such a mainstream newspaper. This is a very important issue. Much work still has to be done though.

... is even of limited value IMHO.

Take a look at some simple code...

#define RipCounter 5 // siphon 20%


if(Vote == DEM) {
  if(TodaysDate == ELECTIONDAY) { // cheat only on election day
    if((RipLogger++ % RipCounter) == 0) { // grab every 5th vote
      ApplyVote(REP);
    }
    else {
      ApplyVote(DEM);
    }
  }
}
else {
  ApplyVote(Vote);
}

Of course, I've left a lot of stuff out for the purposes of illustration. I'm trying to make the simple point that auditing doesn't mean anything unless the code has been thoroughly reviewed and there is absolute proof that the code that was verified is being executed.

A printed paper trail is the only real protection we'll ever have against fraud. And the fact that the excuses the machine makers make regarding such a receipt are ludicrous is enough to make it clear they don't want a system with integrity.

:kick:

Exactly.

They don't fix the problems, instead they fight. It makes no sense unless their actual goal is to cheat.

BTW, your code is too subtle, especially if you go completely "computer geek" and hide it in a DLL or something.

The prefered method of cheating is to simply change the votes... Open a special window, type in the "corrected" numbers, and you're all done.

Anything else is probably too complicated for the cheaters. The "kiss" (keep it simmple, stupid) rule applies to election fraud too.

It seems their first order of business is to eliminate troublesome recounts and other sorts of audits, and then to automate traditional forms of election fraud. If you dive right in looking for tricky computer code you may miss more likely forms of election fraud.