I received the following information from someone I consider to be a reliable source, who is working on the installation of voting machines for a county that has used paper ballots until now.
The first e-mail I received piqued my interest with the following description of a supposedly tamper-evident seal:
Well, the security on the voting machines is a joke. For the next two to three weeks we'll be doing final software upgrades on the voting machines and 'securing' them with a safety sticker and a zip-tie. The zip-tie -- other than being blue -- is generic. The safety sticker isn't particularly unique. Give me a digital camera and a laserprinter and I could reproduce one. There are no security cameras in the warehouse. There is a samsonite padlock on the cages, except for the back route which is accessible through two locked doors.
On Saturday, they demonstrated the safety sticker to us. After applying a sticker, they opened the voting machine. It was supposed to tear in two or deform. The first time, the sticker came off clean. The second time it came off clean. The third time it bent a bit but didn't tear. They declared the trials a success.
We're supposed to swab down the contact area with alcohol and that's going to make all the difference.
It's murky but my understanding is that the only record kept is internal, a running tally of all votes cast. There is no individual paper record kept separately and compared to the machine tallies. An audit is only as good as the machine's integrity.
With respect to how someone might gain illicit access to the machines, my source had this to say:
For example: the main building, including the offices of the Registrar and the warehouse area is run through by a long corridor, a kind of tunnel. It runs from front parking lot to back parking lot. Mid-way down the corridor, there is a 10-key keypad next to a ladies'/men's room which gives access to the building. Someone remarked to me, as we strolled down the corridor, that 4 of the 10 keys show smudges/heavy wear. That makes it pretty clear that there are 24 combinations (4 factorial) to come up with the proper combination. That corridor is always open and assuming the combination lock works at night (I'd bet my eye teeth on it) and that there is no alarm set at 10 pm (again, I'd bet on it), that gets you to the inside of the building, probably to the gated area, probably to the machines themselves. There is another route through the back which is also secured by two door locks. Neither is especially impressive as locks go. They look like the sort of thing my roommate in graduate school opened with a set of lockpicks, once, for fun, your basic tumbler locks. They are not the magnetic locks I saw in school for labs or rooms with expensive equipment. Either way, at this point you're a skip and a hop from the machines.
According to this source, the good news may be that election officials and contractors are so disorganized:
Ironically, the chaos in the program may be its best security measure. We don't know when the software will be added to the machines and we don't know exactly how much of a gap there is between final loading of software and the sealing the machines and their being rolled onto trucks, taken away, and showing up at precincts. If we load the software this Thursday, then send them out, they're physically *somewhere* and wherever they are, the seals can be broken, the software modified, the seals refashioned. I could tell you by glancing at some pouches we put on a table which machines will go to which precincts. So I know which machines I'd have to track down after they are updated if I want to affect certain precincts (say to change the balance of the House of Representatives). Where those machines will be, back in the warehouse where they are currently or on a truck somewhere, is unclear. Obviously that's important if you want to tamper with them but it's the uncertainty as to where they are that makes it difficult to get to them after this software update, not the machine security and not the building security.
This could be a problem: with no permanent paper record, shoddy software security, and shoddy physical security, it's going to be hard to assure that these elections aren't tampered with.
The picture being painted here is that with a few minutes in a back room somewhere, vote counts on a particular machine could be altered with no evidence of tampering.
It would be so simple to require a permanent paper record that would safeguard every vote, or at least be tamper-evident, in a way that only paper can be. For example, each voting machine could have a spool of tamper-evident paper to record each vote, verified by the voter under glass. These spools would easily show evidence of any tampering, and the spools themselves could be serialized, so you would know if an entire spool went missing. Just an idea -- I know, it'll take millions of dollars and years to implement this advanced technology.
(If you want to learn more and find out what citizens can do, see blackboxvoting.org and verifiedvoting.org. If you have more information on any of these issues, please contact me or speak up.)
hi mr pierre
i write this page from iran, can you help me find a job on tech ind. ?
or may be you like to make your e-bay branch in iran.
i am ready
iman razavi
Posted by: iman razavi | February 11, 2004 at 07:36 AM
Mr. Razavi,
I prefer not to respond to business requests on this blog. You can contact me via LinkedIn or through my office at eBay.
Best wishes,
Pierre
Posted by: Pierre Omidyar | February 11, 2004 at 09:23 AM
I was reading about this on http://action.truemajority.org/action/ and was utterly surprised by the fact that there are no checks in place for computerized voting machines. It's a pity that it will take one of these insecure systems screwing up and ten years before anything is changed.
Posted by: Alex Foley | February 11, 2004 at 07:07 PM
Hi Pierre,
My name is Baylea and I am almost 14 years old doing a speech on ebay, I havent found any helpful information quite yet, do you think you would be able to forward me some information to help me win the spech competition this year? Thanks a bunch!
~*Baylea*~
Posted by: Baylea | February 12, 2004 at 05:30 PM
I am a student of optimism; it pays to be optimisitic when the risks are low. If all you are risking is a non-smile when you smile at someone, its good to be optimistic. However, when the risks are high, things change. You don't want an optimisitic pilot "hoping" he can take off with an overloaded plane.
The risks we face with a corrupted voting system are about as severe as anything a democracy can face. Even if the system is valid, the *impression* of fraud can be as bad as the reality. Our vote counting system needs to be above reproach.
One of my first jobs out of college was doing the vote counting software for a county government. The first thing I did was write a cross-checking system to double check the ballot counts. This was a really disruptive thing to do; my boss thought I was a trouble maker, and I was soon transferred to another project.
I also spoke with voting machine sales folks (this was in the mid 1970's) who spoke freely about the difficulty in selling vote counting machines to Cook County - officials did not want to have a "reliable" count.
This is all three decades out of date, but I suspect that there are a lot of folks out there doing vote counting software who would have some tales to tell...
This is our democracy we are talking about, an incredibly precious and hard-won achievement accomplished over centuries! Whether or not there are nefarious schemes in progress, we should be guarding the integrity of the vote-counting process like we guard the gold in Fort Knox....
We need to be all over this issue, not as a conspiracy or political issue, simply as the right thing to do.
Tom
Posted by: Tom Munnecke | February 16, 2004 at 11:17 PM
This just in from the San Diego Union Tribune: "Diebold Knew of Voting Machine Fault, Tech Says"... I've posted an entry at http://www.munnecke.com/blog/archives/2004_04.html#000144:
"We are dealing with the foundations of our democracy, and we are entrusting it to an unaccountable approach controlled by a single company whose technicians laugh when they disenfranchises voters."
Posted by: Tom Munnecke | April 22, 2004 at 08:19 AM
I've just blogged another item about this at http://www.munnecke.com/blog/archives/2004_04.html#000149 "Our Compromised Voting System"
Posted by: Tom Munnecke | April 27, 2004 at 09:11 AM
All I will say is that the encumbent powers will pull all of our strings on day soon.
The writing is on the wall but not many see the correct spelling. As each decade passes so does 10% of existing freedoms.
Posted by: peter | May 15, 2004 at 09:20 AM