How To Spot E-Vote Tampering? 507
Precinct Election Judge writes "I am one of the Republican Party Precinct Chairs in Harris County, Texas. Since in 2006 Republican Rick Perry won the Governor's race in my precinct I will be the head election judge at my polling station this November. (My Democratic counterpart will be assistant election judge.) I have read with interest the stories about voting machine hacking, and I want advice from those of you who are experts on what to watch for to make sure there is no fraudulent activity at my precinct during the election. What activities should I look for? Keep in mind my restrictions: I will be at a table in the front of the room with the voter rolls signing people in, I can only approach the voting machines if a voter asks a question or if I have strong reason to believe there is fraudulent activity, the last thing I need is for someone to say the Republicans are trying to keep people from voting! And finally, although each station and voter will be visible from my seat each machine has 'blinders' around it so I will most likely not be able to see the hands of each voter while they are at the station. Thank you in advance for all suggestions."
You won't see most of the fraud (Score:5, Informative)
The most egregious fraud on electronic voting machines is completely out of your control, and most likely happens out of sight of any precinct level election official: in the software that is installed on the machines. Unless you have the authority and knowledge to inspect many thousands of lines of code on each machine, you are powerless in this regard.
However, most machines have some type of USB, SD card, or other hardware interface that might be protected with some type of tamper proofing, like the foil seals on aspirin bottles. This is probably beyond your authority to put in place, though.
The only thing you can do is pay attention to the tabulations, if you get to see them.
I recommend you watch Hacking Democracy for insight on what to watch for.
Black Box Voting Org (Score:5, Informative)
Re:How To Spot E-Vote Tampering? (Score:5, Informative)
Remember: Diebold changed their name to Premier Election Systems last year.
honesty is tricky (Score:2, Informative)
before, during, after (Score:5, Informative)
1) Ensure that the machines are physically safe before the election. Don't leave them in an insecure area between the time that you check them to ensure that the counts are at zero (and DO check that) and the time that voting begins. Allow nobody near the machines without both ID and a witness at all times, including yourself (you don't want to be accused of anything), ESPECIALLY if they claim to work for the company that makes the machines. In fact, if anyone you don't know shows up to work on the machines, get approval from as far up the chain of command as can be managed and WRITE DOWN the name, time, etc. if it happens. Consider some sort of tamper-evident seal for the area where the machines are stored (your local trucking company can provide you with a handful of the ones that they use on freight trailers).
2) Watch for voters who are holding either memory cards or keys. The best-publicized ways of messing with a machine involve unlocking the machine and/or inserting a card with altered data. Keep in mind that the memory cards can be a lot smaller than those giant plastic cases around some of the official cards. Also keep in mind that if you see this, it might just be somebody with a spare memory card for their camera and a set of car keys.
3) After the polls close, physical access becomes a big deal again. Don't allow anyone near the machines or cards without ID and a witness, including yourself. Ensure that the machines are locked away, and find out who has a copy of the key to the room/closet/truck/whatever.
Re:Start with the obvious (Score:3, Informative)
Then check the machine and see if your vote was counted correctly.
If you make sure all administrative openings are taped over with tamper-resistant tape, keep one (random) stataion aside during the voting and then have a "control" group vote using it, that's about all you can do from your end, apart from preventing e-stations from being used in the first place.
Re:Black Box Voting Org (Score:4, Informative)
Re:That's the hard part (Score:3, Informative)
But it is also true that we are planning elections so that never more than two simultaneous consultations are done the same day (and never during Presidential Indecisions days).
I was assesseur (co-judge) in numerous elections, and we rarely have to count more than one hour for 2000 exprimed votes. I think symbolic transparency of the ballot box help to have more than 50% of participation for major elections (less are European votes, with 40%)
Re:That's the hard part (Score:2, Informative)
Good sources of Info. (Score:5, Informative)
I would be sure, to tell all voters to read the confirmation screen carefully. Many other locations have reported instances of vote switching where voters, once they reach the closing screen, see a different outcome than they pushed. Evidence from a Rice University study indicates that less than 30% of people even read this screen but those that do have reported nontrivial numbers of flipped votes.
Secondly I would educate yourself about the machines. Ohio's Everest study [state.oh.us], particularly chapter 14 [state.oh.us] contains many scary things about the machines. Some you can look for, many you cannot.
You will also find information from the California study [ca.gov] notably the red-team reviews of the hart system.
Voters Unite is also a source of some good info As does [votersunite.org]Pollworkers.us [pollworker.us] which is a useful site for those working the polls.
Re:Do you have a paper trail? (Score:5, Informative)
Where I live the requirement for electronic voting machines means that poorer areas, who can't afford enough of them have lines that routinely take hours to get through, which damn well disenfranchises people every damn election...Lot of poor people have jobs that are real understanding of a 4-hour "vote break".
Don't even try to sell it on that grounds, because there are people all over this country whose franchise would be a lot easier to exercise if they could just use a pencil and a piece of paper.
Austin Parallel Testing (Score:1, Informative)
In Travis County, TX (where I live) they have a system in place that uses "parallel testing." This is where they randomly select a machine at each precinct at the start of election day and vote a randomly selected number of times throughout the day to simulate people voting. They keep track of how they voted and verify that was what was recorded correctly at the end of the day. Not foolproof, but pretty smart and a good safeguard.
Here's the report (very cheesy):
http://www.co.travis.tx.us/county_clerk/election/pdfs/NIST_paper_051005.pdf
Re:Do you have a paper trail? (Score:4, Informative)
Re:Just ask the votes (Score:3, Informative)
According to my local papers, I'm illiterate.
Well, those that care. As for trolls like me, I have nothing to lose. Society has already shunned me. I'm voting for McCain or Barr.
Consult an expert (Score:2, Informative)
Post Results! (Score:1, Informative)
This doesn't prevent the kind of tampering that happens at the central tabulator, as in Ohio in 2004, but it does give us all (voters) the opportunity to have a greater chance of seeing shinnanigans early so we can know when it is obvious that we need to jump up and down about something.
Re:Someone please... (Score:5, Informative)
I live in Harris Co. and the machines are pretty horrendous. They look pretty, but there is no form of verification whatsoever. As for the asshats who say that we have secure electronic systems for securities trading, credit card systems and bank ATMs... well just remember that not one of those systems is anonymous.
As to detecting "fradulent activity" as an election judge, well if you hear somone operating a power screwdriver or see small parts being dropped on the floor, well that is about as good as you can get on detecting tampering with those damnable machines. In other words, you are not going to detect any fraud that involves hacking the machines. You are limited to what you can do to prevent "old fashioned" fraud - ie the vote early and often crowd. Since there are no ballot boxes you don't have to worry about them being tampered with
Now if you could demand photo ID (and anyone presenting those cards from the Mexican consulate should be immediately deported) and compare that against your local voter rolls that would be nice. It would also be nice if you had some way to update your voter rolls by checking against death certificates issued in the last year.
Using a machine as an interface would be fine, just let it print a darn ballot that the voter can verify.
Re:Do you have a paper trail? (Score:3, Informative)
As a computer scientist and programmer I have 0% confidence in any system which doesn't produce a paper audit trail, but even if it does, if the voter can't personally validate that the audit trail for their vote reflects their intent, the system could still just be producing a phony audit trail.
Re:Just ask the votes (Score:3, Informative)
This is called an "exit poll" and it's remarkably accurate. Except of course in the last couple of elections in the USA, where the exit polls utterly failed, especially in districts that had new shiny e-voting machines with no paper trail.
You can't make exit polls part of the official process, as then it would no longer be a secret ballot. Unless you do an exit poll with complete anonymity, in which case you're just making people vote twice.
Also, as a resident of the west coast, I hate exit polls with a passion. Getting the early poll results from the east coast before our voting locations even open has to influence voters in an extremely negative way. I'd prefer the press be banned from reporting any polls or results until after polls close on the west coast, personally. Damned free press.
Educate yourself about the entire process (Score:4, Informative)
Ask "Why?" Ask to have equipment and processes explained to you. But at the same time, make sure that every moment of the day, you're acting beyond reproach. I hold my poll workers to very high standards, because every moment of every day, we're possibly under scrutiny, and it's important that there never be even the slightest incorrect impression that we're not being fully compliant to the rules and laws involved. I've actually had poll workers get angry and leave early because I was asking them to comply with the rules and they were unhappy being told, "No, you can't talk to your friend who is voting about politics" or "No, you can't imply you don't like a candidate by giving someone a funny look when they ask about a ballot option," or "No, you can't use your laptop/PDA/cellphone in our polling place".
But I'm pretty freakin' idealistic about what I do. If I lived where I grew up, I'd be a poll worker in a place where these have been real problems for decades. Right now, I live and work as a poll worker in a part of the country that has not historically had problems with voter disenfranchisement. So my work may have less meaning, in some ways, but it's still important. (Sorry, I feel very strongly about what I do, and it's hard not to talk about that.)
Re:Do you have a paper trail? (Score:5, Informative)
BTW, changing one in 20 votes would not be enough to swing elections for us -- I have between 50 and 200 voters in elections -- and more than double that cast absentee ballots -- and the margins in their votes tends to be very large, more than 20-30 percent. They're pretty homogenous in their voting habits. But hey, it's the Bay Area, it's like that.
Re:Just ask the votes (Score:2, Informative)
First, let me say that I'm not trying to say that e-voting machines are secure. They have a number of unique vulnerabilities which could be corrected with proper planning and procedures.
However, suggesting the reliability of exit polls as an indicator of tampering is not a solution. There are social considerations involved in conducting the poll. The buzzword floating around this season is the Bradley effect [wikipedia.org] and described the observed tendency of exit polls to systematically overreport the performance of minority candidates. A cause is presumed to be the voter's fear of being branded racist by the poll-taker. Additionally, a number other factors in poll methodology can bias results, such as the time of day at which exit poll-taking ceases (with respect to poll closing time) (see Exit polls [wikipedia.org]).
Granted, if major tampering at a location has occurred, then exit poll will likely not match the polling location results. However, you can't use the converse of this statement to assert a rigged election (see any discussion of a logical contrapositive vs logical converse). The exit poll can only serve as an indicator that further investigation of tampering might be prudent. But, without an intelligently designed paper trail and paper trail chain of custody, those investigations won't find anything...
.Just barely better than no paper trail at all (Score:3, Informative)
The problem with these machines is that there's no guarantee that the ballot that the voter verified actually matches what gets recorded in the memory of the machine, and what eventually gets transmitted upstream.
Yes, a manual recount based on the paper trail would catch massive vote fraud - but that's only going to happen if the results are obviously bogus.
The results of the voting machine review that the CA Secretary of State performed are here:
http://www.sos.ca.gov/elections/elections_vsr.htm [ca.gov]
Reading those reports is pretty scary. The state identified a bunch of weaknesses in the various systems, and imposed requirements on the vendors to plug the most egregious security holes. But there are literally DOZENS of operational requirements imposed to ensure that the voting is secure and that the privacy of voters is maintained.
Things to watch for (Score:5, Informative)
That said what a voter can do depends on what machines you have in use. Lets consider the big three Diebold, Seqouia edge or ES&S ivotronic and no voter verified paper trails.
On the ES&S, the voter is usually facing the machine in a privacy carrel and the machine is a flat block. It very possible for a voter to complete obscure the following transaction ( I know because I've done it). Flip the 5 pound machine over and you find little plastic door. you can easily force this open. Behind it is the Flash memory cards. Yank these out and put them in your pocket. close the food and flip the machine over. Leave and the election is screwed.
It's also possible a diabolically well outfitted voter could have a second PBS device in his pocket. Armed with that, he can can admin access to the machine and do anything they like and vote as many times as they wish.
With Sequoias edges, depending on the model revision number there can be a little yellow button on the back. Pressing that causes the machine to go in to supervisor mode. If I lean forward I can just reach around and get that button. If you were watching you could see me execute this clumsy maneauver.
I've never had the chance to play with diebolds so I can't offer specifics Some diebolds have an unguarded IR port that a hacker might be able to do something interesting with on their palm pilot. But I don't think there's any known attacks yet.
On all of these machines, it's possible to miscalibrate the screens. The screens can be miscalibrated by heat or scratching them with keys. In the neighboring county we had one guy running for office actually carve his name into the machine. Unfucking believable.
That same county had a vote buying operation going on (a few people got arrested and convicted). So make sure people vote alone.
For systems with paper tapes (not paper ballots) you can sell your vote if you have a camera or cell-phone camera because a picture of the voted paper tape before it scrolls out of sight is proof of vote. So no cameras!
But the problem with all these is that there's a huge risk to the bad voter and they can only affect a few votes. At worst they wreck one machine and probably get caught. Vote flipping is hard if not impossible at the retail level.
THe really fun things happen when supervisors can reprogram systems, get access to the flash media and have the ability to replace it.
Perhaps the best way to sabotage an election is the Denial of Service attack. Simply having machines not boot in the morning tends to filter out working wage-class folks over seniors or people on salaries. Having long lines in the late afternoon filters out working moms that have to go pick up the kids and take them to soccer practice. Likewise breakdowns in the evening are cool because you can close the polls while there are still people who have not voted. (see Ohio for example).
Re:Let me be sure I understand.... (Score:3, Informative)
Just in case you ever wondered. As I've explained elsewhere, ID's are not required because historically, that's been used as a primary way to disenfranchise voters.
Sorry, but your facts are wrong. (Score:3, Informative)
(1) E-voting tampering has proven to be rampant and has been reported virtually "everywhere", i.e., it is impossible to predict what precinct will be victim, rural or otherwise.
(2) "The people", sophisticated or not, are not the problem. The problem is sophisticated, carefully prepared, and sneaky people who are in positions of authority or easy access. That is, the people to watch are voting officials and employees of the voting machine company, and anyone else who has "special" access, even if that is just tallying the count.
(3) Real errors are few, and they are EASY to distinguish from fraud. In order for electronic voting fraud to be worthwhile, each tampered machine must have significantly skewed results. You are correct, however, that "appearance of fraud" can be a problem.
You are also correct that transparency is your greatest ally. However, all the "apparent", public transparency you can muster will not compensate for "oddly designed" or hacked software on the voting machine. The only transparency that will solve that problem is public access to the machine's code. Some states are adopting laws to that effect.