Federal Panel [not NIST] Rejects Paper Trail For E-Voting 191
emil10001 writes "The National Institute of Standards and Technology (NIST) has rejected a proposal suggesting that electronic voting have a paper trail. The draft recommendation was developed by NIST scientists, who called out electronic voting machines as being 'impossible' to secure." From the article: "Committee member Brit Williams, who opposed the measure, said, 'You are talking about basically a reinstallation of the entire voting system hardware.' The proposal failed to obtain the 8 of 15 votes needed to pass. Five states — Delaware, Georgia, Louisiana, Maryland and South Carolina — use machines without a paper record exclusively. Eleven states and the District either use them in some jurisdictions or allow voters to chose whether to use them or some other voting system." So ... accountability in voting will be a joke for the foreseeable future because it costs too much?
Update: 12/11 03:20 GMT by KD : Correction: It was not NIST that rejected NIST's recommendations, it was a federal panel chartered by Congress, the Technical Guidelines Development Committee.
Update: 12/11 03:20 GMT by KD : Correction: It was not NIST that rejected NIST's recommendations, it was a federal panel chartered by Congress, the Technical Guidelines Development Committee.
It shouldn't only be about cost. (Score:5, Interesting)
I have no idea who I voted for in any election. I know who I thought I voted for, but I have no idea if it was counted that way. Where can I go to find that out? Let's say there is some way for me to determine if my vote was counted in a certain way. What about everyone else? Is there a way to make sure the vote they think was mine was exclusively mine?
I'd rather have the problems associated with receipts with ids on them that I can log online to see who I voted for instead of the current system.
Bad math or uncounted votes? (Score:3, Interesting)
How do you deadlock 6 to 6 on a 15 person committee? Were the other 3 votes just not counted?
Re:Story is out of date! (Score:3, Interesting)
That's interesting, I submitted the story yesterday at noon, and hadn't seen anything new on it. But reading the update is also quite interesting, because the issue remains that the voting machines which are currently in place, and have no paper trail, will stay there as they are. The proposal that passed leaves it to the "next generation" of machines, and does not seem to affect the ones currently in place. So, this story is still relevant, because those problematic machines are still in place, and will stay there.
Secure tallying (Score:3, Interesting)
Whatever scheme we dream up, such as punch-card voting, or a paper trail, the fact remains that we really don't know whether our vote will affect the *tally*. A paper trail only comes into play when the official tally is suspect for some reason. What we really need to know is that our vote is counted. Even if we have a bar-code on a paper receipt that shows exactly who we voted for, we have no way of knowing whether or not our little bar-code verified data gets in to the official tally.
Here's what I wrote [slashdot.org] the last time this discussion came up on slashdot:
"What I'm envisioning is some kind of method where votes can be tallied, and the running tally can be periodically published during the count. I imagine it would have some kind of hashing technology, like PGP, where tallies are perhaps encoded in a string, and the string is published. The hashing token, or whatever mechanism allowed a vote to be legitimately added to the tally, would be passed from one voter to another, after they voted. This puts the power to count votes into the hand of the voters, rather than a poorly-trained election volunteer, a partisan, or a hackable machine. Because of the constraints of the token and hashing, a voter can only vote as they are allowed, without destroying the tally hash string."
One problem with secure tallying is that you want to make sure that your vote is counted in the official tally, but you don't want others to deduce how you voted from the official tally. At this point, I imagine one voter passing the official tally to the next voter. That way you can be certain you have affected the tally, and the design of the system constrains you to only one vote. Periodically, perhaps every hour, the official tally is publicly released. Nobody can then figure out how you voted; they only know how the crowd voted in the past hour.
To satisfy the choke point of one voter passing the official tally to the next person, there can be multiple official tallies that are running concurrently, and at the end of voting, they are all added together in a master tally.
Re:It shouldn't only be about cost. (Score:3, Interesting)
- You could sell your vote, and use the website to verify it to the purchaser.
- Your boss or someone else could intimidate you into voting a certain way, and you would keep your job by showing your boss how you voted on the website
- The fact that you cast a ballot and your receipt number shows a certain vote on a website may have nothing at all to do with the official tally.
See this post [slashdot.org] for my solution..Re:It shouldn't only be about cost. (Score:2, Interesting)
You gotta be kidding me if you think they aren't already buying votes.
Let them attempt to buy elections, make it illegal, put out "honeypots", catch the rats and disqualify them from the race! Even if they could directly buy votes, think of how much money you'd need to spend just to sway an election... and there's no way you could do that without getting caught.
I sure hope someone's vote is worth more then a buck. Personally I wouldn't sell mine for less then a grand. Go ahead, buy the indigent! Hell, at least they'd actually improve their meals for a day, which is the best thing those politicians will ever do for them anyways... How sad is that?
Re:Wasted money going electronic (Score:3, Interesting)
This is absolutey not true. Electronic voting done right works in many places, most notably Brazil. Theyve had some scandals but now they have paper verified voting. You vote and it prints out a slip of paper. The paper goes in a bag in case of contestment. (is that a word?) Not to mention Brazil is HUGE country. Its almost 200 million. We're at 300 million and we dont even have compulsory voting. So if those cats can get it right so can we. There is also cost savings here.
I believe Australia (or was it new zealand) had to open their voting machine code to satisfy a transparency law. From what I remember security researchers got to analyze it and produce a report to the government.
At the end of the day -some- machine will be reading a voet. Be it a simple scanner that reads dots and outputs its count onto some piece of paper. The idea that involving more humans into the process is good is questionable, to me at least. There has always been x amount of spoilage be it due to incompetence and fraud. Electronic voting isn't much better or much worse. In fact with better logging it could show us who is messing with the votes. Lets not be luddites here.
The problem here is the cronyism. You cant make voting machines in the for-profit/old boys club. These machines (or least their designs) need to be first developed by the government, tested by the government, open to the people, then sent to manufacturers. The top down approach of business approaching government with a machine designed in-house is terrible for this kind of application. There's more transparency in the defense industry than in the voting industry. The American implemention is just flawed . Better to address the flaws than dismiss electronic voting. The genie is out of the bottle.