CT Mirror Op-Ed: Online voting is risky and expensive

Online voting is an appealing option to speed voting for military and overseas voters. Yet it is actually “Democracy Theater”, providing an expensive, risky illusion of supporting our troops. Technologists warn of the unsolved technical challenges, while experience shows that the risks are tangible and pervasive. There are safer, less expensive solutions available.

Our op-ed published at the CTMirror <read>

Online voting is risky and expensive

by Luther Weeks

Luther Weeks is executive director of CTVotersCount.

April 29, 2011

Online voting is an appealing option to speed voting for military and overseas voters. Yet it is actually “Democracy Theater”, providing an expensive, risky illusion of supporting our troops. Technologists warn of the unsolved technical challenges, while experience shows that the risks are tangible and pervasive. There are safer, less expensive solutions available.

This year, the Government Administration and Elections Committee held hearings on a bill for online voting for military voters. Later they approved a “technical bill”, S.B. 939. Tucked at the end was a paragraph requiring that the Secretary of the State “shall, within available appropriations, establish a method to allow for on-line voting by military personnel stationed out of state.”

In 2008, over thirty computer scientists, security experts and technicians signed the “Computer Technologists’ Statement on Internet Voting,” listing five unsolved technical challenges and concluding: “[W]e believe it is necessary to warn policymakers and the public that secure internet voting is a very hard technical problem, and that we should proceed with internet voting schemes only after thorough consideration of the technical and non-technical issues in doing so.”

The prevailing attitude seems to be, if voters and election officials like it and see no obvious problems then it must be safe.

In September 2010, Washington D.C. opened their proposed internet voting system to public testing. The system was quickly compromised, changing all past and future votes. Separately, the municipal network was entered, passwords to municipal systems obtained, and the list of codes for Internet voting in the November election were obtained.

This should not be surprising. Almost weekly we learn of one system or another that is penetrated by outsiders, including teens and overseas criminals. Organizations that have been unable to protect networks and applications include banks, government agencies, the Department of Defense, Google, and ironically, Internet security firms.

Several states have implemented various forms of Internet voting. None has subjected their systems to evaluation and testing for the difficult challenges identified by the experts. One of the “success stories” without any proof for precluding vulnerabilities is West Virginia. That state spent about $75,000 for 54 electronic votes. Over $1,300 per voter!

To the public, like some legislators, it seems intuitive to accept that “We use ATMs and bank online with no problems, why not vote that way?” This argument fails theoretically and practically. The anonymous ballot does not provide the verification and proof of banking receipts or double entry bookkeeping which help detect fraud. ATMs are bank-owned computers with special network security, much safer than general purpose computers. Even so, banks lose billions each year to fraud with ATMs and online banking. They have warned their business customers to avoid online banking.

There are better, safer, economical alternatives available. The Federal Military and Overseas Voter Empowerment Act (MOVE), passed in 2009, provides for electronic distribution of ballots and absentee ballots that can be returned together in one envelope. In conjunction with the Overseas Voter Foundation, express return of ballots was available from 94 countries for $25 or less. Even regular express rates from almost anywhere are available for less than one-tenth the cost of the unproven West Virginia system. If a military and overseas voter can get to a computer network then they should be able to express their paper ballot and absentee application, at our expense, providing a safe, anonymous, and auditable vote.

To ask Secretary of the State, Denise Merrill, to accomplish what experts have not is a tall order. Especially with no budget! As Merrill testified earlier this year, “In the future, it is conceivable that we could move in the direction of online voting. But the problem is, the technology to make sure no one can hack into an online voting system and distort the vote totals has not yet been developed. We want to make voting more convenient, but not at the expense of the security or integrity of our elections…there is no on-line voting system secure enough to protect the integrity of the vote.”

Update: Said a different way. CBC interview with Professor Andrew Appel. He emphasizes that online voting is “dangerous to democracy” on both the client and server ends. (Interview starts about 1/3 into the podcast <listen>

When are recounts reasonable?

The Wisconsin Supreme Court election recount started this week. The margin was a bit over 7,000 votes and the percentage just under 0.5% as required by law. John Nichols writes of past instances where the loser asked for recounts in much wider margins and of cases with relatively close margins where the original result was overturned

The Wisconsin Supreme Court election recount started this week. The margin a was bit over 7,000 votes and the percentage just under 0.5% as required by law. John Nichols writes in Recount reasonable — just ask a Republican, of past instances where the loser asked for recounts in much wider margins and of cases with relatively close margins where the original result was overturned <read>

Back in 1960, when the closest presidential race in modern American history was decided for Democrat John Kennedy, the Republican National Committee and state Republican parties sought recounts in 11 states, including Texas. Kennedy’s advantage over Republican Richard Nixon in Texas in the initial count was 46,000 votes. While Democrats objected that Kennedy’s margin was too large to be overturned, Republicans argued that allegations of voting irregularities in a number of Texas counties justified the demand.

Similarly, in the 1976 presidential race, after Democrat Jimmy Carter beat Republican Gerald Ford in Ohio by more than 9,000, Republicans sought a recount of the votes in that state.

And just last year in Minnesota’s gubernatorial race, Democrat Mark Dayton led Republican Tom Emmer by a little less than 9,000 votes. A hand recount of the state’s ballots confirmed Dayton’s winning margin was 8,770 votes. Emmer’s campaign and the state Republican Party continued to wage court fights and challenge ballots until more than a month after the election, when Emmer finally conceded.

In all three cases, Republicans made reasonable requests for recounts, even if those requests failed to overturn the results.

But Wisconsinites know that recounts can alter results.

In 1970, it appeared that Les Aspin had lost a Democratic primary to Doug La Follette in southeastern Wisconsin’s 1st Congressional District. But after the official canvass, the margin of victory for La Follette — now Wisconsin’s secretary of state — was less than 0.5 percent of the vote. That enabled the former Pentagon aide to seek a recount paid for by the state. The recount found enough uncounted Aspin votes, most of them in Kenosha, to put him ahead of La Follette.

Barely a month after the primary was finally settled in his favor, Aspin defeated Republican Congressman Henry Schadeberg and began a distinguished career that would eventually see him chair the House Armed Services Committee before his appointment as President Bill Clinton’s secretary of defense.

In 1982, it appeared that Democrat Russ Feingold had lost his first political race to Republican state Sen. Everett Bidwell. But the vote in the south-central Wisconsin Senate district was close enough to entitle Feingold to a state-sanctioned recount. He pursued it and, after uncounted Feingold votes turned up in rural Sauk County and on a broken voting machine at a school in Dane County, the result was reversed. Feingold was elected to the state Senate and a decade later became a U.S. senator, serving 18 years as the chamber’s most independent and principled member.

Elections are huge endeavors, involving thousands, sometimes millions, of votes that are tabulated by poll workers and clerks who are — like all of us — imperfect human beings.

When dealing with so many variables, mistakes and missteps are to be expected.

Recounts set things right. They identify actual winners, as well as flaws in the voting and counting systems of the state.

Wisconsin law calls for machine recounts unless a candidate objects. In this case many precincts are being hand counted to preserve the memory card used in the election. They could use alternate memory cards, but their scanners are so old that the manufacturer cannot supply them. From what we have seen Wisconsin’s recount law is stronger than Connecticut’s – Wisconsin calls for each ballot to be reviewed by those representing opposing candidates to make sure they agree it can be counted by machine – Connecticut’s does not – only by procedure do we call for election officials, not candidate representatives, to check ballots. In fact, our recanvass law remains stuck in the lever age presuming that tabulators do no have ballots. Connecticut procedures but not our law may be reasonable for moderately close races, but insufficient when voter intent and absentee ballot adjudication becomes critical.

More online voting risks and opportunities for skulduggery

We have been warning of the risks of Internet voting and ignoring science since our founding. Yet, we have overlooked some of the risks, literally right in front of our nose.

Since our founding, we have been warning of the risks of Internet voting and ignoring science. We are currently amazed at our own legislators, risking military voters rights, dismissing the scientific facts and the practical evidence of the impossibility of internet voting. Yet, we have overlooked some of the risks, literally right in front of our nose.

More Risks Right In Front Of Our Nose

An ongoing story starting late last week highlights those dangers.  B. F. has a post describing intended or accidental suppression which brought those issues to my attention http://tinyurl.com/3fg2t36 (Note: We use the initials B.F. and a tinyurl intentionally and instructively, just in case you might want to bring this post to the attention of your friends through an email, post, or Facebook link.)

Here is a summary of what happened to B.F.:

If you use an AOL email address, AOL is doing you the favor of making sure you do not receive email containing any links to [B.F.’s site] in it.

Not email from a [B.F. site] address, mind you, as if I were a spammer or something (which, obviously, I’m not), but any email from anybody that has a link to this site, or to one of our news stories.

I learned this swell news early this week when someone was kind enough to let me know that their attempts at sending a link to this site to a friend bounced back to them with an error message. That error message was “HVU:B2”. What is that error?:

* 421 HVU:B2
o There is at least one URL or domain in your e-mail that is generating substantial complaints from AOL members. Resolution will require opening a support request.

That’s right, “substantial complaints” from someone, whatever that means, will result in no links to stories at [B.F.’s site] getting through to any of AOL’s millions of members. And they will never know about it.

Again, these are not even emails from [B.F’s site]. They are simply emails from anybody to any AOL email address which has my domain linked in the body of the email.

Neat, huh? I wonder what would happen if there were “substantial complaints from AOL members” about, say, FoxNews.com? Or MSNBC.com? Or NYTimes.com? Would that result in millions of members not being able to receive any email that links to anything at those sites? Sounds like a great way to [expletive verb] someone you don’t care for politically, doesn’t it?…

So far, I’ve spoken to at least 10 different AOL support people on the phone, since clicking the “support request” URL they offer in the error message seen above actually takes you to someplace on the “AOL Postmaster” that doesn’t actually give you the form you supposedly are to fill out to deal with this issue.

It took a day or two, and several more calls to more very nice AOL tech support people who told me they couldn’t help me in the slightest…

Most ironically, and so that you are open to the interpretation that these are not intended but simply the result of bureaucratic incompetence:

I finally looked up the AOL corporate website online, found the numbers for the “Corporate Media Inquiries” department, figuring I’d either get help or get an on the record comment about this mess and about the fact that AOL is censoring members emails for them, and spoke to another very nice person whom I told about the situation, explained that I was a journalist, not a spammer (and besides the notes being rejected didn’t even need to come from my address to get rejected), mentioned the irony that I even write news for Huffington Post from time to time,

But from personal experience I would call it unintentional arrogance. Over the years, I have put up with similar problems from both AOL and Google:

  • I am webmaster for a 501.c3 organization that runs annual tournaments for children.  Over the years AOL has, to my knowledge, blocked us at least twice. It took some time, each time, to realize this was happening. Both times, I did manage to get through the bureaucracy and get it fixed after some time.  Once was because a spammer used some of our email addresses.  Another time when a board member sent an email that had some key words in it that had AOL classify our site as a spammer.
  • A couple of years ago we had problems  when a couple of my WordPress sites fell victim to some WordPress vulnerabilities with  malware added from sources unknown. Malware with potential for spreading viruses.  The good news is that Google informed me and provided tools, so that it could be quickly corrected. But the bad news was that the sites were banned for several weeks from Google search results and provided users with messages that warned of the dangers of my sites.

Withing the last month, a popular news site was hacked and completely taken down such that it had to essentially be rebuilt.  And just this weekend another popular reader supported  news site sent this message to donors:

We learned that right in the middle of our spring campaign this past week that our secure credit card processor was offline for several hours on a few occasions. Donations were not processing. If you encountered this and gave up, please try again.

So what? What can we learn?

  • Incidents like these may be intentional, untended, or bureaucratic arrogance.
  • They point the way to intentional disruption.
  • They point the way to intentional disruption covered up as unintended, well meant policies. Who is against protection from spam and viruses? Asking users to report concerns?
  • In cases like AOL’s  policies, when users are able to nominate spammers, dangerous, or offensive sites, or email addresses. – these policies can be used by others to assist in their agendas. It would not take any computer expertise. Beyond the simple cases, expert unethical hackers could infect sites and use policies like Google’s to their advantage.
  • Each of these examples either went unnoticed for several days, took away capabilities for several days once they were discovered, often inadvertently.
  • No matter how noble the intention or accidental, the result can be disruption and in some cases defamation in what could be a critical time period.
  • Most of all recognize that these are common occurrences. Much more widespread than the samples that each of us is aware of or listed here.

What does this have to do with online voting and democracy?

  • Any of these problems , or similar problems, can occur to any web site, any email account, any time – including those associated with voting, campaigns, and news, all vital to democracy.
  • Voting vulnerabilities include: Online voting, online registration, campaign web sites, campaign emails etc.  The impact of such vulnerabilities varies.
  • Many solutions to speeding military and overseas voting include sending election notification and voting materials by email. These would likely come from a known url and email account, which could be blocked. Presumably any form of online voting would require notification and information be sent electronically, unless overseas voters are expected to find and keep checking the site for upcoming elections and availability of materials.
  • We all know email is unsafe, vulnerable to hacking and blocking. These vulnerabilities highlight the possibility of easier and unintentional methods of blocking email return of ballots, email used for voter registration, or email communications/questions between voters and election officials.
  • Voting itself and access by remote military and overseas voters is conducted in very short windows.  A site blocked or down for even a day can discourage/disenfranchise someone who has infrequent opportunities for internet access.

Despite the risks we remain in favor of email notification and web access to election materials for military and overseas voting, but the high risk of using the internet, email, or fax for the return of votes is unacceptable.

I agree with our current Secretary of the State, Denise Merrill in her testimony this year:

  • In the future, it is conceivable that we could move in the direction of online voting.
  • But the problem is, the technology to make sure no one can hack into an online voting system and distort the vote totals has not yet been developed.
  • We want to make voting more convenient, but not at the expense of the security or integrity of our elections…
  • …there is no on-line voting system secure enough to protect the integrity of the vote…

Military Internet voting requirement tucked into “Technical Bill”

If you accept the science that global warming is caused by human activity – you have much more reason to oppose Internet voting.

In the last couple days, the text of bills passed by the Government Administration and Elections Committee in mid March have been posted to the Connecticut General Assembly web.

One item was tucked into S.B. 939 that requires the Secretary of the State to implement Internet voting without a budget increase. The bill was intended, and mostly remains, as a “Technical Bill” to make changes to the statutes to account for the move to optical scan voting. (the bill: S.B. 939) .

1779 Sec. 60. (Effective from passage) The Secretary of the State shall, within
1780 available appropriations, establish a method to allow for on-line voting
1781 by military personnel stationed out of state. In establishing such a
1782 method, the secretary shall look at what other states have done to
1783 reduce any potential for fraud in on-line voting and determine
1784 whether any such state’s on-line voting system could be appropriate
1785 for adapted use by this state. Not later than January 1, 2012, the
1786 secretary shall, in accordance with the provisions of section 11-4a of
1787 the general statutes, report any progress made toward establishing
1788 such a method to the joint standing committee of the General
1789 Assembly having cognizance of matters relating to elections.

Although the bill  mentions that the Secretary “shall look at what other states have done to reduce any potential for fraud in on-line voting and determine whether any such state’s on-line voting system could be appropriate for adapted use by this state” it does not make success in this necessary to the requirement to provide a means for Internet voting. The Secretary has no choice, in my reading, although there is no deadline for completion.

If you accept the science that global warming is caused by human activity – you have much more reason to oppose Internet voting.

If someone believes in Global Warming and that it is caused by human activity because the vast majority of scientists say so, then there is a much much more solid case against Internet voting in any form.  I just don’t understand why people believe scientists in one case when in reality the Internet voting case is much stronger:

  • Claiming Internet voting is safe and accurate violates an undisputed a basic proof of computer science (Turing’s  Halting Problem)
  • In practice no system has been proven safe, the one system subjected to public testing failed with all votes changed. All sorts of computer systems – business, government, and defense  – are regularly compromised. <some examples>

I wonder how the Secretary is supposed to implement Internet voting for 169 towns with no budget addition. Other states have paid significantly for Internet voting, while failing or neglecting to prove it safe.

The good news is the current bill only applies to Military voters, not all overseas voters.

The bad news it applies to any Military voters stationed outside Connecticut.

Here is my testimony against the standalone bill proposed and not passed by the Committee:

We oppose online voting, internet voting, email voting, and fax voting in general, for several reasons:

  • Internet Voting Is Technically Risky: The Computer Technologists Statement on Internet Voting details five technical challenges to such voting that have never been resolved and concludes: “The internet has the potential to transform democracy in many ways, but permitting it to be used for public elections without assurance that the results are verifiability accurate is an extraordinary and unnecessary risk to democracy.”
  • Internet Voting Has Proven Risky In Practice: In September 2010, Washington D.C. opened their proposed internet voting system to ethical hackers. With very short notice, the system was compromised, changing all past and future votes. Separately, the municipal network was entered, passwords to municipal systems obtained, and the list of codes for Internet voting for all voters in the November election were obtained. Internet voting for the election was canceled. Washington D.C. should be applauded for allowing the test, since other jurisdictions have not subjected their systems to such testing.
    https://www.ctvoterscount.org/video-cure-for-internet-voting-warning-viewing-may-case-severe-permanent-einsecurity/
  • Internet voting can be expensive: West Virginia, about half the size of Connecticut, spent about $75,000 for 54 electronic votes.
    http://votingnews.blogspot.com/2010/05/wv-overseas-internet-election-54-votes.html

I oppose this bill in particular because:

  • It contains no controls, specifications, or requirements for online voting. Would there be any public testing of such systems? Would there be any attempt to address the Technologists’ concerns or prevent problems similar to those in Washington, D.C?
  • It does not specify if such voting would be the responsibility of individual municipalities or the Secretary of the State.
  • It provides no funds either for the State or Municipalities to implement.
  • Could Connecticut accomplish centrally what Washington D.C. has not? Would it be constitutional?
  • Would each of Connecticut’s 169 municipalities be able to afford such systems and accomplish what Washington D.C. has not?
  • Would the system be optional by municipality? Different in each municipality? If implemented in only some, would it be unfair, violating Federal civil rights and voting laws?

Please join me and other technologists nationwide in opposing Internet voting.

Technologists’ Statement on Internet Voting <read>

PS: I have some other less serious concerns with this bill and another technical bill. In a few days I plan to review and comment on those concerns.

GAE Committee changed title and substance of bill

A “Technical” change to existing statutes becomes a National Popular Vote Agreement.

Earlier this year, the Government Administration and Elections Committee held hearings on a bill, H.B. 6331

Here is how it looked as originally submitted and still showing as the “Raised Bill” on the General Assembly Web <Raised Bill>:

AN ACT CONCERNING TECHNICAL AMENDMENTS TO CERTAIN ELECTION-RELATED STATUTES REGARDING TABULATORS.

Be it enacted by the Senate and House of Representatives in General Assembly convened:

Section 1. Subsections (a) and (b) of section 9-168a of the general statutes are repealed and the following is substituted in lieu thereof…

This bill was the subject of a public hearing on February 10, 2011 <Agenda>

And here is the “Substitute Bill” that was passed by the committee on April 1st <Agenda> Note the change in the name of the bill on the agenda.<Substitute Bill>

AN ACT CONCERNING AN AGREEMENT AMONG THE STATES TO
ELECT THE PRESIDENT OF THE UNITED STATES BY NATIONAL
POPULAR VOTE.

Be it enacted by the Senate and House of Representatives in General
Assembly convened:

Section 1. (NEW) (Effective from passage) The Agreement Among the
States to Elect the President by National Popular Vote is hereby
enacted into law…

It looks a lot like a bill H.B. 6163 where a public hearing was held on March 11, 2011 <Agenda>

I attended both hearings and the meeting on April 1st.  The Committee did debate the National Popular Vote, yet no member noticed/mentioned that they were passing a completely different bill than the bill number on the agenda.

As a final note, currently the Bill Status page remains confused as to the name and the purpose of the bill <read>

AN ACT CONCERNING AN AGREEMENT AMONG THE STATES TO ELECT THE PRESIDENT OF THE UNITED STATES BY NATIONAL POPULAR VOTE.

To make technical corrections to the elections statutes, including updating the statutes to reflect the current use of voting tabulators.

According to the rules of the General Assembly:

[15.] (b) Hearing Requirement for Favorable Report. Except as provided in Rule 32 (2)(A), no bill and no resolution proposing an amendment to the constitution or other substantive resolution shall be reported favorably by a committee unless a public hearing has been held as provided in Rule 6, but no further public hearing shall be required for a favorable report on a substitute for such bill or resolution, provided the substitute is based on or is germane to the subject matter of the original bill or resolution, or for a bill or resolution petitioned under Rule 11 on which a subject matter public hearing has been held.

I suppose it all depends on how inclusive a definition of “germane” is implied. I understand that similar changes happen regularly.

Courant Op-Ed: Daniel Patrick Moynihan warned of national popular vote risks

We have learned more about voting integrity since the time of Senator Moynihan. It would be even worse than he imagined.

Courant Op-Ed by Chris DeSanctis: NO: Electoral College Votes Should Represent State Voters’ Choice <read>

The op-ed quotes the late New York Democratic Senator Daniel Patrick Moynihan:

With a national vote differential of only 500,000 (less than a 0.5 percent) between the two candidates, a national popular vote Electoral College compact would have caused Florida’s problems to appear minor in comparison. Both campaigns would have contested votes state by state, precinct by precinct, looking for a few thousand here and a few thousand there. That struggle would have taken place across America, rather than just in Florida.

The late Democratic senator from New York, Daniel Patrick Moynihan, once remarked about such a circumstance under a national popular vote agreement: “There would be genuine pressures to fraud and abuse. It would be an election no one understood until the next day or the day after, with recounts that go on forever, and in any event, with no conclusion, and a runoff to come. The drama, the dignity, the decisiveness and finality of the American political system are drained away in an endless sequence of contests, disputed outcomes and more contests to resolve outcomes already disputed. That is how legitimacy is lost.” Close presidential races are managed more effectively with the Electoral College.

We have learned more about voting integrity since the time of Senator Moynihan. It would be even worse than he imagined. There would and could be no recount.

Unlike the the op-ed writer, I am theoretically in favor of one person, one vote and the popular election of the President. However, given the current unequal state by state franchise and voting arrangements, votes are not equal and cannot be made so by the Compact or a simple Constitutional amendment.

As a computer scientist and voting integrity activist I find there are extreme risks in the National Popular Vote Compact’s mismatch with our existing state by state voting system. The Compact would aggravate an already weak electoral accounting system.

There is no official national popular vote number compiled in time, such that it could be used to officially and accurately determine the winner in any close election.

Even if there were such a number, it would aggravate the flaws in the system. The Electoral College limits the risk and the damage to a few swing states in each election. With a national popular vote, errors, voter suppression, and fraud in all states would count against the national totals.

There is no national recount available for close elections, to establish an accurate number. Only in some individual states, if close numbers happened to occur in those states, would there be even a fraction of a national recount.

With the Compact there is every reason to believe that any close election would be decided the Congress or the Supreme Court – the same Court that ruled in Gore v. Bush, that not having a uniform recount law in Florida was grounds to stop the recount to avoid harm to the apparent winner. Citizens and candidates can be expected to bring court challenges of Governors and Secretaries of State for relying on and providing inaccurate results in awarding Electoral College votes.

Reference  testimony on the National Popular Vote vs. the Electoral College

Photo ID: “Birther Bills” For All?

  • This year’s proposals are the strictest voter identification proposals ever considered by states. Most severely limit forms of acceptable identification voters may show and make scant allowances for those unable to obtain the specific form of identification required by the law, even if they have other forms of ID that can verify their identities at the polls.
  • Photo ID proposals will cost cash-strapped states up to $20 million to implement.

Advancement Project: <read>

According to Advancement Project, this reactionary trend is part of the largest legislative effort to scale back voting rights since Reconstruction: nearly two-thirds of state across the nation introduced onerous voter identification bills this year. The report looks to the implications of this broad effort.

Among the report’s key findings:

  • Proposals to require strict forms of photo ID to vote have been introduced in 32 states.
  • This year’s proposals are the strictest voter identification proposals ever considered by states. Most severely limit forms of acceptable identification voters may show and make scant allowances for those unable to obtain the specific form of identification required by the law, even if they have other forms of ID that can verify their identities at the polls.
  • The photo ID proposals are part of larger coordinated efforts by conservative and Tea-Party backers, designed to reduce the voting strength of voters of color who saw record turnout in 2008, in advance of the 2012 elections.
  • Voter impersonation, the only voting irregularity that could be addressed with photo ID, is exceedingly rare. The proposals do nothing to address other voting problems that are known to occur.
  • Studies show that approximately 11 percent of voters – about 21 million people – lack or cannot obtain a current state-specific photo ID. African American voters are twice as likely to lack current state ID.
  • Photo ID proposals will cost cash-strapped states up to $20 million to implement.
  • Many of the proposals may be legally flawed and constitute a “poll tax” by imposing undue costs and burdens on voters.

We are reminded of the Presidential “Birther Bills” based on the rejection of alternative forms of ID that have been accepted for years.  We also note the strong support of the Tea Party despite the cost.  As we have said before “When we favor something, we ignore the costs“.

Wisconsin: Democracy In The Gap: Between Impatience And Incompetence

The best outcome of a recount would be to determine the correct winner of the election, leading to an improved system in Wisconsin, and serving as an example to other states. Yet, Democrats should not get their hopes up for a change in the result.

Let us hope that something good comes from the election error and concern in Wisconsin.

Most CTVotersCount readers have been reading various stories of the recent Wisconsin election, for example <here> or <here>

Overall the situation points out the weak underbelly of elections in many of our states, including Wisconsin and Connecticut. There is little reason to have confidence in the accuracy of election results reported on election night and marginally little additional reason to trust the certified results which usually conform closely to the original reported results.

The underlying causes are our media fueled goal to get results immediately from tired officials, regardless of their accuracy; followed by officials wish to get it over-with, avoiding any any questions of accuracy or if every vote was in fact counted;  playing a role is the lack of public attention and budget necessary for trusted, accurate elections; and the initially apparent winner claiming victory along with the real or imagined risks to the initial looser in being labeled a sore looser. We are aware that many Republicans continue claiming irregularities in the Minnesota 2008 recount while they accuse Democrats of not getting over Florida in 2000.

I agree and caution those that are calling for a complete recount in Wisconsin:

  • A thorough recount may expose the weak underbelly of the system in Wisconsin. It may show many small errors; uncounted votes; inappropriately adjudicated absentee ballots; slight changes due to machines and people missing voters’ intent; and even uncover some system flaws like those found in Humboldt County and in Ohio in after the 2008 election.
  • Democrats should not get their hopes up unless they find additional suspicious results in other precincts and counties. Chances are that a recount would uncover many small differences but unlikely that they would add up to enough to overturn an election. Everyone should avoid pushing unfounded or highly speculative theories.
  • The best outcome of a recount would be to determine the correct winner of the election, leading to an improved system in Wisconsin, and serving as an example to other states. A transparent, credible recount of integrity would serve to provide confidence in this one election to the ultimate looser and the majority of voters in Wisconsin. I expect it would uncover additional problems with the system beyond the “lone wolf” spreadsheet accounting in one county which could lead to an improved system. Admittedly this is an optimistic view, yet there are often at least positive incremental improvements after election vulnerabilities are discovered, with unfortunately the risk of expensive, knee-jerk reactions of questionable impact (see 2000, HAVA, vendor “help”).

Waukesha County, Wisconsin vs. Bridgeport Connecticut

  • Connecticut has little to offer Wisconsin as an example of accurate accounting. We do have some “lone wolfs” that use spreadsheet accounting, but many others use the old fashioned system of human transcription and accounting. As one Representative characterized our election system, it is a bit of the “Wild West”. In general, by hand or spreadsheet it is a three step process of manual transcription and accounting with a record of errors and omissions.
  • We have no idea what a recanvass would show in a statewide Connecticut Election. In the recent race for Governor we understand that about eight towns (nobody knows, there was no requirement to report it) ran out of preprinted ballots and produced copied ballots that would be counted by hand. At least two of those ran out of ballots in polling places. The state recounted none of those towns.  The Connecticut Post newspaper and citizens recounted one of those towns demonstrating extensive counting and accounting errors along with wide discrepancies in ballot counts vs. check-off lists. Ten percent of districts were subject to post-election audits of district machine counted audits. No official report is yet available, however, the Coalition audit observation report demonstrated the usual level of significant differences that indicate inaccurate counting and the possibility of machine errors. The audits do not check hand counted ballots or centrally counted absentee ballots. As far as we know, five towns have yet to supply official audit report to the Secretary of the State for the audits which would have been completed by November 22nd 2010.
  • Connecticut has little to offer Wisconsin in the area of recounting. Like Wisconsin, our recanvasses are primarily a modified recount by similar machines and memory cards. Unlike Wisconsin, we have no provision in our recanvasses for our adjusting vote counts if check-off lists counts do not match.  In fact, Connecticut recanvass do not check check-off lists.  Recounts in Connecticut are possible via a court order. Procedures are not defined in our state law.

We also recommend that citizens of Wisconsin with concerns under take a thorough review of all posted results and confirm election documents to uncover any other potential specific questionable counts. To his credit, the well supported and financed losing candidate in Connecticut in November 2010 did that to satisfy himself that the result was accurate enough to select the actual winner.

We also note that the Connecticut Legislature and Secretary of the State are proposing steps that would reduce the possibility of similar ballot shortages in the future, yet we have much more work to provide election integrity and credibility equal to the promise of democracy.

Let us take no comfort in the election error in Wisconsin.  Let us hope that something good comes from the concerns.

Update. More reasons to Investigate:

Worth checking the source of numbers reported and the accounting details. Alleged history of some questionable results in the county: 20,000 more votes than ballots (Waukesha, 2006) <read> <read>

Also Democrat refutes earlier impression that she endorsed/understood revised result <read>

Losing democracy in cyberspace

Voting computers, like heads of state, must be held accountable to the people they serve.

As we have said, many times, with regard our audits in Connecticut: “If we dismiss all differences as human counting errors, if there ever was error or fraud it would not be recognized.”

Editorial by voting integrity advocated Penny Venetis in NorthJersey.com: Losing democracy in cyberspace – Voting computers, like heads of state, must be held accountable to the people they serve. <read>

What nobody is talking about is how votes will be cast in emerging democracies. For elections to be legitimate in such countries, it is critical to use voting technology that counts votes accurately. In the 21st century, chances are high that computers will be used in some form in the coming elections in Egypt and Tunisia. But voting computers, like heads of state, must be held accountable to the people they serve.

It is a tenet of computer science that computers can be programmed to do anything, including play “Jeopardy!” and steal votes…

The Princeton hacks are not unique. Studies commissioned by the secretaries of state of California, Ohio, Maryland and Connecticut outline in great detail the many vulnerabilities of various computerized voting systems.

The University of Connecticut and Professor Appel in New Jersey have produced several excellent reports on the vulnerabilities of voting machines and the lack of physical security provided by “tamper evident” seals in common use. Yet, as Professor Venetis points out, having paper ballots and knowing the risks is not enough:

But voter verified paper ballots, in and of themselves, cannot detect fraud. To fully ensure that the voting computers are not cheating, it is necessary to audit a certain percentage of voting machines in each election precinct by manually counting the paper ballots and comparing the hand-counted results with the computer-generated results. This system worked marvelously in Minnesota, when millions of voter verified paper ballots had to be hand-counted to determine the winner of the 2008 Senate race. Studies showed that the tally was 99.99 percent accurate.

Finally, to ensure that votes are counted accurately, it is imperative that totals be counted and announced at the precinct level. This protects against tampering with voting machines and paper ballots while they are being transported to centralized tabulation locations.

New Jersey falls short because they do not have paper ballots or paper records. Connecticut has paper ballot and audits, yet our audits fall far short. Our law has several glaring exemptions and flaws, including: Only polling place optical scanned ballots are audited – omitting most absentee ballots and hand counted ballots, like those copied ballots in Bridgeport; exemptions for districts that have recanvasses or contested elections; results audited against are not published; there is no deadline for publishing results of the audits which are not binding on the election; random drawings have not met the requirements of the law; audits showing differences that have been investigated behind closed doors; and the audit reports have dismissed all differences as human counting errors. <See: Inadequate Counting, Reporting,  and Reporting Continue>

As we have said, many times, with regard our audits in Connecticut: “If we dismiss all differences as human counting errors, if there ever was error or fraud it would not be recognized.”

Virtual war a real threat…to water and democracy

LATimes reports on cyber threats to a Southern California water system. This is why we have been testifying against “online” voting and highlighting that even good size cities cannot protect their systems. Clearly each of Connecticut’s 169 towns could not afford even the expense of threat assessment of online voting systems. A good start would be vulnerability assessment of our existing paper ballot and voting machine security.

LATimes reports on cyber threats to a Southern California water system.  This is why we have been testifying against “online” voting and highlighting that even good size cities cannot protect their systems.  Clearly each of Connecticut’s 169 towns could not afford even the expense of threat assessment of online voting systems. A good start would be vulnerability assessment of our existing paper ballot and voting machine security. Virtual war a real threat <read>

When a large Southern California water system wanted to probe the vulnerabilities of its computer networks, it hired Los Angeles-based hacker Marc Maiffret to test them. His team seized control of the equipment that added chemical treatments to drinking water — in one day…

“There’s always a way in,” said Maiffret, who declined to identify the water system for its own protection.

The weaknesses that he found in California exist in crucial facilities nationwide, U.S. officials and private experts say.

The same industrial control systems Maiffret’s team was able to commandeer also run electrical grids, pipelines, chemical plants and other infrastructure. Those systems, many designed without security in mind, are vulnerable to cyber attacks that have the potential to blow up city blocks, erase bank data, crash planes and cut power to large sections of the country.

Update: New York Times post reviews several recent attacks on businesses by individuals. Clearly no reason to be assured by the by the above article’s assertion that “Terrorist groups such as Al Qaeda don’t yet have the capability to mount such attacks”. The Asymmetrical Online War <read>

“It’s a completely surreal realization that nation states can be seriously confronted by teenagers, but that’s where we’re at,” said John Perry Barlow, the Grateful Dead lyricist who co-founded the Electronic Frontier Foundation in 1990 to help defend young computer hackers. “One very smart person can take on an entire nation state.”

One can take on the security apparatus of the Web as well. In the space of a little more than a month, two computer security firms have been publicly humiliated, one by an anonymous computer hacker who claimed in an e-mail interview with a Forbes columnist to be a 16-year-old girl and a second by someone who is apparently a 21-year-old Iranian…

Hardly a week passes when there isn’t some new incident underscoring the fundamental imbalance of power in cyberspace between attacker and defender, where a highly motivated and reasonably skilled intruder, operating in secrecy from almost anywhere in the world, can with apparent ease unravel digital fortifications intended to offer banking-grade security.

In February, an executive at HBGary, a Sacramento, Calif., security software and consulting firm, made the mistake of publicly boasting that he had unmasked the identities of the members of Anonymous, a secretive collection of cyber-vigilantes who had attracted attention by launching Internet denial-of-service attacks in defense of Wikileaks. The security company, which was engaged in a series dubious business propositions, soon found that the details of its business were exposed to the world. Anonymous, whose ringleader was possibly a teenager, tricked one of the company’s systems administrators into giving them password information, making it possible to steal more than 50,000 of HBGary’s e-mail messages and placing them on a Russian web site.

Update: Man hacks Federal Reserve and other financial institutions <read>

According to court documents, Poo found a security vulnerability in the Federal Reserve’s network in June 2010, resulting in thousands of dollars worth of damages. However, it is believed that he stole the huge booty of credit card numbers and other account information from other financial institutions.

The American government claims to have also obtained extensive evidence of how Poo’s alleged criminal hacking activity targeted the US’s national security, military and financial sectors.