SocialText featured in the Economist

Ross Mayfield has a blog entry about it, complete with excerpts and a link to the complete article, here. Looks like a great piece -- congratulations, Ross!

I've started using SocialText recently along with a team at our foundation. We're in the midst of a whole bunch of strategic planning work, as we try to refocus our efforts for greater impact. We've had incredibly rapid adoption of this new tool, especially for group brainstorming and sharing learnings. This has been especially gratifying since most of the team are pretty agnostic when it comes to technology.

Again, nice job to Ross and his team. Thanks for helping me and my team be more productive during this important phase of our evolution.

Clinton, Graham introduce joint voting bill

Senator Bob Graham (D-FL) and Senator Hillary Clinton (D-NY) jointly introduced on March 10 legislation that updates Rush Holt's (D-NJ) H.R. 2239, and coordinates Senate efforts to move this legislation forward.

Senator Graham had previously introduced S. 1980, a companion bill to Holt's H.R. 2239. Senator Clinton had proposed S. 1986, legislation which did not explicitly require voter-verified paper records.

David Dill of VerifiedVoting.org had claimed that progress on Holt's legislation had been held up pending a clearer view of which Senate version would gain the most support. Clinton and Graham's joint introduction of a new version should help move things forward.

(Their legislation is tentatively titled "The Restore Elector Confidence in Our Representative Democracy Act (RECORD Act). The only reason it took so long for Senators Clinton and Graham to get together on this issue is the time it took to come up with a clever acronym. :-))

The bill is not on Thomas yet, but Senator Clinton's office provided me with a summary. Here are the key provisions:

1. Requires all voting systems to produce a voter-verified paper record for use in manual audits.
• Machines would print a receipt that each voter could verify as accurate and deposit into a lockbox for later use in a recount.
2. Increases security requirements for voting equipment and voting equipment manufacturers.
• Bans the use of undisclosed software and wireless communications devices in voting systems.
3. Requires all voting systems to meet these requirements in time for the general election in November 2004.
• Jurisdictions may use a paper system as an interim measure at federal expense if they feel their new computer systems may not be able to meet this deadline.
4. Requires that electronic voting systems be provided for persons with disabilities by January 1, 2006 -- one year earlier than currently required by HAVA.
5. Requires mandatory surprise recounts in 2% of domestic jurisdictions and 2% of overseas jurisdictions.

Importantly, the legislation also provides (at least some) federal funding for these provisions.

This looks like great progress. I am especially pleased with the acceleration of the deadline to November 2004, and the provision which would allow jurisdictions to use paper ballots as an interim measure rather than unproven computer systems. This should help relieve the pressure of the rush towards electronic systems that are flawed, as has been written extensively about.

Personally, I'd like to see a requirement of manual audits of a statistically significant portion of ballots in all jurisdictions. This is probably a very expensive proposition, but it's the only way I see to verify that an electronic system works as advertised. Maybe the law can provide for a way for interested parties to pay for an audit if election officials refuse to pay.

The political process is always one of compromise, which is a good thing. It usually ensures that progress is made in small steps. People in government should first do no harm, then act in the public interest, stepping as lightly as possible to avoid unintended consequences. We see what happens when people act precipitously, as they did after September 11th. It will probably take years to correct some of the imbalances created since then.

All in all, on the issue of ensuring that every vote is properly cast and counted, this joint bill seems like a good step forward. Given the emphasis on the November 2004 election, my guess is that it will be politicized and deferred until the next session. I hope not, and I am certainly not an experienced political observer, so I hope I'm wrong. If there are any Republicans out there following this issue, please act now to ensure it isn't your candidate who is harmed by a faulty system in November! This is not a partisan issue -- technology failures can harm any candidate or party. So take action.

Otherwise, I fear this November election will be decided by the courts, again.

Count your own votes, I always say

Adam Cohen of the New York Times writes another installment in his series on Making Votes Count.

In Georgia's 2002 senatorial election, Democratic incumbent Max Cleland was defeated by Republican Saxby Chambliss. Polls leading up to the election showed the incumbent in the lead, but he lost decisively.

According to someone who worked through the summer leading up to the election to prepare the Diebold voting machines for the election, there were constant problems with the hardware and software, and growing pressure as the "ship date," the election, drew near.

Apparently Diebold updated the software at least three times while he was there. Diebold and the state of Georgia deny this claim: they say the software was only updated once, and not at the last minute.

Now, anyone that works with software knows that you're almost equally likely to introduce a new bug when fixing an old one. Last minute changes before shipping your software to customers is generally a bad idea. If Georgia allowed Diebold to make last minute changes, which they deny, then citizens ought to take their business elsewhere.

Any changes to the software or hardware configurations of a voting system should be completed six months prior to its use in an election, to allow time to test, publicly inspect, and certify the code. Of course, election data such as candidates and ballot measures should be loaded as early as possible, to allow final integration testing.

Now, on to Nebraska, and the idea of counting your own votes. Senator Chuck Hagel, who used to run a company that electronically counts paper ballots, defeated challenger Charlie Matulka. As Adam says in his editorial, "Mr. Matulka, suspicious of Senator Hagel's ties to the voting machine company, demanded a hand recount of the paper ballots. Nebraska law did not allow it, he was informed. 'This is the stealing of our democracy,' he says."

Whether or not there was foul play in counting these votes -- there probably wasn't -- our democracy depends on the appearance of fairness. People who run companies that count our votes shouldn't be running for office unless they clearly separate themselves from these companies -- they should advocate laws that provide greater voter confidence. And they shouldn't be out there raising money prominently for a particular candidate or party, as Diebold's chief executive has done quite publicly.

Adam says:

A healthy democracy must avoid even the appearance of corruption. The Georgia and Nebraska elections fail this test. Once voting software is certified, it should not be changed — not eight times, not once. A backup voting method should be available, so if electronic machines fail or are compromised shortly before an election, they can be dropped.

Votes must be counted by people universally perceived as impartial. States should not buy machines from companies that have ties to political parties, and recent company executives should not be running for elections on those machines.

The idea of a backup voting method is one I strongly endorse, to avoid the pressure and potential for failure and corruption of last minute changes.

There is far too much evidence showing that electronic voting systems are corruptible, whether intentionally or not. As voters, we should insist that our votes are properly counted. As Super Tuesday arrives tomorrow, and as November draws closer and closer, I feel we're headed towards a disaster of a crisis of confidence. If you're a public official in charge of running elections for your county, you should be concerned about this.

Adam closes by quoting Tom Stoppard: "It's not the voting that's democracy, it's the counting."

Thanks, Adam, for your continued diligence on this critical subject.

Emerging Technology Conference

I'm saddened that I can't get away to attend at least part of Tim O'Reilly's Emerging Technology Conference. Looks like a lot of great conversations are going on there.

But I can read all about it at Ross Mayfield's Weblog. Next best thing to being there.

Thanks, Ross!

Voting Machine Security Problems, First-Hand Account

I received the following information from someone I consider to be a reliable source, who is working on the installation of voting machines for a county that has used paper ballots until now.

The first e-mail I received piqued my interest with the following description of a supposedly tamper-evident seal:

Well, the security on the voting machines is a joke. For the next two to three weeks we'll be doing final software upgrades on the voting machines and 'securing' them with a safety sticker and a zip-tie. The zip-tie -- other than being blue -- is generic. The safety sticker isn't particularly unique. Give me a digital camera and a laserprinter and I could reproduce one. There are no security cameras in the warehouse. There is a samsonite padlock on the cages, except for the back route which is accessible through two locked doors.

On Saturday, they demonstrated the safety sticker to us. After applying a sticker, they opened the voting machine. It was supposed to tear in two or deform. The first time, the sticker came off clean. The second time it came off clean. The third time it bent a bit but didn't tear. They declared the trials a success.

We're supposed to swab down the contact area with alcohol and that's going to make all the difference.

It's murky but my understanding is that the only record kept is internal, a running tally of all votes cast. There is no individual paper record kept separately and compared to the machine tallies. An audit is only as good as the machine's integrity.

With respect to how someone might gain illicit access to the machines, my source had this to say:

For example: the main building, including the offices of the Registrar and the warehouse area is run through by a long corridor, a kind of tunnel. It runs from front parking lot to back parking lot. Mid-way down the corridor, there is a 10-key keypad next to a ladies'/men's room which gives access to the building. Someone remarked to me, as we strolled down the corridor, that 4 of the 10 keys show smudges/heavy wear. That makes it pretty clear that there are 24 combinations (4 factorial) to come up with the proper combination. That corridor is always open and assuming the combination lock works at night (I'd bet my eye teeth on it) and that there is no alarm set at 10 pm (again, I'd bet on it), that gets you to the inside of the building, probably to the gated area, probably to the machines themselves. There is another route through the back which is also secured by two door locks. Neither is especially impressive as locks go. They look like the sort of thing my roommate in graduate school opened with a set of lockpicks, once, for fun, your basic tumbler locks. They are not the magnetic locks I saw in school for labs or rooms with expensive equipment. Either way, at this point you're a skip and a hop from the machines.

According to this source, the good news may be that election officials and contractors are so disorganized:

Ironically, the chaos in the program may be its best security measure. We don't know when the software will be added to the machines and we don't know exactly how much of a gap there is between final loading of software and the sealing the machines and their being rolled onto trucks, taken away, and showing up at precincts. If we load the software this Thursday, then send them out, they're physically *somewhere* and wherever they are, the seals can be broken, the software modified, the seals refashioned. I could tell you by glancing at some pouches we put on a table which machines will go to which precincts. So I know which machines I'd have to track down after they are updated if I want to affect certain precincts (say to change the balance of the House of Representatives). Where those machines will be, back in the warehouse where they are currently or on a truck somewhere, is unclear. Obviously that's important if you want to tamper with them but it's the uncertainty as to where they are that makes it difficult to get to them after this software update, not the machine security and not the building security.

This could be a problem: with no permanent paper record, shoddy software security, and shoddy physical security, it's going to be hard to assure that these elections aren't tampered with.

The picture being painted here is that with a few minutes in a back room somewhere, vote counts on a particular machine could be altered with no evidence of tampering.

It would be so simple to require a permanent paper record that would safeguard every vote, or at least be tamper-evident, in a way that only paper can be. For example, each voting machine could have a spool of tamper-evident paper to record each vote, verified by the voter under glass. These spools would easily show evidence of any tampering, and the spools themselves could be serialized, so you would know if an entire spool went missing. Just an idea -- I know, it'll take millions of dollars and years to implement this advanced technology.

(If you want to learn more and find out what citizens can do, see blackboxvoting.org and verifiedvoting.org. If you have more information on any of these issues, please contact me or speak up.)

Secrecy News Roundup

One of the things I've been reading regularly is Steven Aftergood's excellent Secrecy News e-mail newsletter. Mr. Aftergood runs the Federation of American Scientists Project on Government Secrecy.

He's had quite a lot to do recently. The following are excerpts from recent issues of his newsletter that have caught my eye. (The section titles are mine.)

The Boy Who Cried Wolf

This item has to do with the recent political storm over how intelligence information was mis-used by the Bush Administration in order to gather support for the Iraq war. It reminds me of the fable of the Boy Who Cried Wolf.

January 30, 2004

Yet Congress was told as a factual matter that Saddam Hussein had weapons of mass destruction and the means to deliver them even to the United States, recalled Sen. Ben Nelson (D-FL) this week.

"I was looked at straight in the face and told that [Iraqi] UAVs could be launched from ships off the Atlantic coast to attack eastern seaboard cities of the United States," he said. "Is it any wonder that I concluded there was an imminent peril to the United States?" See:

   http://www.fas.org/irp/congress/2004_cr/s012804b.html

---

The More Things Change, the More They Stay the Same (Sadly)

A sadly familiar military intelligence analysis from 1946 on the state of the Muslim world, titled Islam: A Threat to World Stability.

January 30, 2004

Out of miles of declassified files, an old U.S. Army publication called "Intelligence Review" recently surfaced. Intelligence Review was a classified journal published after World War II and prepared by the Army's Military Intelligence Service.

The first issue, dated 14 February 1946, explored a diversity of topics and regional conflicts.

One paper with current resonance, bluntly entitled "Islam: A Threat to World Stability," examined the dynamics of Islamic politics as perceived at the time. Another paper, "Wheat: Key to the World's Food Supply," addressed a global food shortage in 1946.

See Issue 1 of Intelligence Review (80 pages, 3.7 MB PDF file) here:

   http://www.fas.org/irp/agency/army/intelreview1.pdf

Some excerpts from the report that I've selected:

The Moslem world sprawls around half the earth, from the Pacific across Asia and Africa to the Atlantic, along one of the greatest of trade routes; in its center is an area extremely rich in oil; over it will run some of the most strategically important air routes.

With few exceptions, the states which it includes are marked by poverty, ignorance, and stagnation. It is full of discontent and frustration, yet alive with consciousness of its inferiority and with determination to achieve some kind of general betterment.

...

The net result of all these intrigues [referring to a series of self-proclaimed defenders of the Muslim faith throughout history] has been that the Moslems are properly suspicious of their leaders. The moment a new leader appears he is tempted by various European Powers to accept their "assistance," and almost inevitably his loyalty and discretion are eventually sold to one of them.

...

If the Moslem states were strong and stable, their behavior would be more predictable. They are, however, weak and torn by internal stresses; furthermore, their peoples are insufficiently educated to appraise propaganda or to understand the motives of those who promise a new Heaven and a new Earth.

Because of the strategic position of the Moslem world and the restlessness of its peoples, the Moslem states constitute a potential threat to world peace. There cannot be permanent world stability, when one-seventh of the earth's population exists under the economic and political conditions that are imposed upon the Moslems. [emphasis added]

This was written in 1946.

---

Silence of the Lambs

Congress has been curiously missing in action (or AWOL?) since September 11th. Thankfully, people are beginning to notice.

January 5, 2004

At a time when crucial matters of national policy are at stake, the current Congress has in important respects been missing in action.

"[E]ver since it passed the USA Patriot Act after the events of Sept. 11, 2001, Congress has stood by in an alarming silence while a fabric of new law governing the balance between liberty and security has been woven by the other two branches of government," observes the Washington Post in a penetrating editorial today.

See "Silence on the Hill...," January 5:

   http://www.washingtonpost.com/wp-dyn/articles/A54807-2004Jan4.html

But this Congress has done worse than just stand by. It has also acted recklessly and without due diligence to dismantle some of the existing checks and balances that wiser legislators imposed after careful consideration.

See, for example, "Too Much Power," another Washington Post editorial, dated January 4:

   http://www.washingtonpost.com/wp-dyn/articles/A50806-2004Jan2.html

Even conservative analysts sympathetic to the Bush Administration sense that something is awry.

"The American people cannot be expected simply to give the government the benefit of the doubt forever, agreeing that seemingly extralegal measures are justified," writes law professor Thomas F. Powers. "Open, robust, and if necessary prolonged debate of the issues is not to be feared."

See his article "Due Process for Terrorists?" in The Weekly Standard, January 12, 2004 here:

   http://tinyurl.com/22gq2

---

Thank you, Mr. Aftergood, for your excellent work.

iVoyeurism

So, I'm in a hotel room in Boston, listening to some Moby in my iTunes, and I happen to notice a little blue icon in my list of playlists that I haven't seen before... it says: Joe Below's Music (name changed to protect the identity of the innocent).

And now, I can't help myself but to scan through his list of tunes. It looks nothing like mine. It's like the obsessive/compulsive scanning of friends of friends on Orkut, except here, I can listen to Air Supply, or Gloria Estefan, or Sha-Na-Na, or something called "conjugal visit" which looks suspiciously like it might be a voice memo, so I'm staying away from it.

I look in my iTunes preferences, and I notice that I have sharing enabled too... so he might be perusing my collection of music at the same time. Anonymous intimacy.

There's something creepy about this experience. Hotel rooms when you're by yourself are already a little creepy, since you don't really know what's going on behind that wall. But now, thanks to WiFi and Rendezvous, the walls become virtual and I have a glimpse into one of my neighbors' soul. Or Pop, or Disco, or whatever. Now, I wonder, is he next door? Or above? Or below?

I check the lock on my door. But I also feel a little bit like a Peeping Tom. Is there a word for this phenomenon yet?

In Gun Owners We Trust. All Others Get Tracked.

I've written briefly on the fact that the Bush Administration has dramatically and sometimes inexplicably expanded the level of secrecy in our country. I've claimed that this is bad for our democracy.

Now, in a twist, they've limited information available to the federal government about private citizens. But only private citizens who buy guns.

As this article in the National Review explains, records of lawful (as opposed to unlawful? how do they know?) gun purchasers must be destroyed within 24 hours.

Now, I support limiting unreasonable government access to private information. That's why I opposed the provisions of the so-called Patriot Act II, which Ross Mayfield covered quite well. (In case you missed it, President Bush recently signed into law an act giving law enforcement the right to force certain private companies to disclose private records on their customers, without a warrant or any other judicial review. I think this is the first time the "warrant" process has been legally circumvented.)

But this law doesn't apply to gun purchasers.

Reading the National Review article cited above, I was surprised to learn that there is a system of regulation designed to prevent the collection of information on gun owners in this country. I'm not sure what the theory is -- we collect information on car owners, for instance, and even home owners, even though not all car and home owners are criminals -- but for some reason gun owners feel that it would be unreasonable for the government to know who they are. The implication seems to be that the government should only track unlawful gun owners. But what is a gun purchaser supposed to do? Fill out a form which says "check here if you intend to commit unlawful acts with this gun"? But, I digress.

This Administration seems to feel that certain invasions of privacy without judicial review are warranted for reasons of national security. But that doesn't extend to people who buy guns. In the interests of national security, an American citizen who goes to Las Vegas for the weekend can be tracked to their room number without a judge's order. He can be detained in secret indefinitely without public review and without access to an attorney (yes, Mr. Ashcroft, you've said you've only done this to two American citizens -- but without proper Judicial Branch review, how can we believe you?) But you can own a gun in complete privacy, assuming you pass the fool-proof background check.

This doesn't seem terribly consistent. I suppose gun owners could be more likely to be law-abiding citizens and less of a threat to national security. That could be -- though the Oklahoma City Bombing by domestic terrorists might be a counter-example. Maybe the NRA has stats on crimes committed by gun owners versus those committed by non-gun owners. Who knows? It's probably not that relevant, anyway.

This is a complicated issue, and I know I haven't done it justice here. But I guess the good news is that when federal agents knock at your door to take you away, they'll have no idea that you're heavily armed. Since you don't know if you're about to be detained under Executive authority potentially and legally for the rest of your life, without access to an attorney or public notice, what is the incentive to cooperate?

I guess the "black helicopters" we kept hearing about from survivalists (who are generally gun owners; though not all gun owners are survivalists) in the 80s and 90s might exist after all. So it's a good thing for them that they've been so effective in protecting their own rights to privacy. Now for the rest of us: a little help, please?

(Thanks to Mike Tsao for the pointer to the National Review article.)

Boiling a Frog

Bruce Schneier has an excellent piece (Slouching toward Big Brother) in news.com about how we are gradually letting our civil liberties slip away without a whole lot of discussion.

Reminds me of the story about boiling a frog: if you drop a live frog in boiling water, it will leap out immediately. But if you drop a frog in tepid water and gradually turn up the heat, it won't notice and will eventually be frog soup. I don't know if that story is true, but it's certainly apocryphal.

That's what Bruce argues is happening to us. We're the frog, by the way.

This is also related to the point I just made about the tax cut debate, or lack thereof: we seem to have been doing a lot of things in this country since September 11th without a whole lot of discussion. That's understandable, but it's not right.

Don't Cut My Taxes, Please!

President Bush will unveil his budget next week. During his State of the Union address, he said he wants Congress to make his earlier tax cuts permanent. Remember those? Remember the $1.35 trillion tax cut?

They're the ones that helped take our country from a budget surplus of more than $200 billion in 2000 to a budget deficit of almost $500 billion in 2004.

The good news was that the tax cuts were due to expire in 2010. The bad news is that President Bush wants to make them permanent, at a cost of adding another $2.2 trillion to our deficit over the next 10 years.

Now, let's be clear. Lowering taxes for those that need the most relief is a good idea. But for people like me, tax cuts are a waste of money that could go to worthier causes. Bush's tax cut gave the top 1% tax relief nearly 90 times larger than those in the middle 20%. That's not only unfair, it's a waste.

If you want to have a real impact on real people, shift the cuts toward those that need them most. Not to people like me.

UPDATE: Here is the ad from Bush in 30 Seconds that most closely matches this topic.