Thursday, November 09, 2006

City of Ottawa voting machines unhackable?

The recent voting machine controversies/disasters in the US (and Quebec) have, finally, woken Canadians up to the potential problems from the use of electronic vote counting machines.

The response from government and thought leaders is, as far as I can tell "don't worry, can't happen here, completely different, hey, look, is that a pony?"

a computer is a computer is a computer
Go take a computer science course and learn about Mr. Turing, if you don't understand that. Any computer can be hacked. You can change the software, you can alter the firmware, you can compromise the hardware. Plus which, you can't tell through external inspection whether a machine has been altered. Which means you need a perfect chain of custody for the machine, 24x7x365.

Now of course, auditing every single machine down to the assembly code level, and securing them in an e-voting machine Fort Knox for the thousands of days when they're NOT being used, just to ensure that they work for about 12 hours on one day, would be enormously, prohibitively expensive. This would also be the actual cost of voting machines.

But that would interfere with the bulls--t about voting machines being modern and efficient and cost-saving. So no one actually does it. At best, some machines are sort of checked by someone, and we sort of trust the people who are handling them on election day, and then they go to some warehouse somewhere and we forget about them.

With that in mind, read the incorrectly cheerful Ottawa Citizen editorial comment City of Ottawa Technology gets my vote, November 6, 2006, page A14 (not available online)

David Reevely, The Ottawa Citizen

Sometimes the old ways are the best, and that's never been truer about anything than it is about voting.

Tick a paper ballot, drop it in a box, wait for it to be counted. Simple. It's worked for as long as we've had democracies. Efforts to update it have largely been failures.


Under its old name [Global Election Systems, now part of Diebold], the company made the machines that Ottawa uses to count ballots in municipal elections. Ottawa's elections manager Shane Kennedy, who has overseen civic elections since 1994, is on his third using a tabulator called the Accu-Vote OS.

"We've used the same equipment all that time and it's been entirely successful," Kennedy says.

The machine looks a little like a fax: you slide your ballot in and it gets scanned and counted and spat out again. When the polls close, results are available in minutes, not the hours it used to take to count several hundred thousand pieces of paper. For the candidates, one way or the other, the drinking can begin immediately.

Although they're from the same manufacturer, Ottawa's machines bear none of the weaknesses the American critics point out.

"The hacking relates to touch-screen technology, primarily," Kennedy says in defence of Ottawa's machines. "It's a totally different animal."

None of the weaknesses? NONE OF THE WEAKNESSES? Wrong.
Did I mention that any system running computer code can be hacked?
Maybe not as easily as the crappy Windows touch-screens, but it's still possible.

Quebec's director-general of elections, Marcel Blanchet, examined Diebold's ES 2000, an updated version of the machines Ottawa uses, when he reviewed the province's municipal elections last year. Those elections saw an unprecedented deployment of e-voting machines across Quebec, and an unprecedented number of problems with them.

Things weren't bad enough to nullify any elections, Blanchet concluded, but he still advised that Quebec's cities stop using e-voting machines at least until the province sets standards of accuracy and security.

This is almost certainly overkill, especially for the simple tabulating machines. They need electricity and memory chips and they can jam, which ballot boxes don't, but other than that they're just fancy counting machines -- they don't replace the ballot itself, as touch-screen machines do.

Oh I see, they're just "simple tabulating machines". Sure, they have memory chips, but they're just "fancy counting machines".

What the f--k do you think a computer is?

If they're so simple, why not have humans count the votes? Why do we need simple technology to replace humans? But wait, they're fancy? If they're so complicated, aren't they vulnerable?

Machines have gears and levers and you have to be a mechanical engineer to compromise them, if you can alter their behavior at all. COMPUTERS have code. Any code can be changed.

In Ottawa's elections, the machines sit on tables out in the open, guarded by clerks and scrutineers. Before the machines could be hacked all the overseers would have to go bad together, and if that happened, the technology would be the least of our problems.

Another criticism of Diebold's touch-screen machines is that they don't make a paper trail. The only record that a voter has been in the booth is in the ephemeral form of electrons on a microchip: if somebody did crack open a machine and go to work on it, there'd be no other record to check the machine's results against. In Ottawa, Kennedy's returning officers at each poll keep the ballots in traditional boxes. If every tabulator failed, each ballot could still be counted by hand.

So, they machines are out in the open... during election day. And the other THOUSANDS OF DAYS they are unused? Where are they exactly? Are there clerks and scrutineers and overseers watching them, 24x7x365?

If every tabulator failed?
And how, exactly, are we going to know if the tabulator failed?
Will there be a flashing red light indicating "tabulator now failing to count ballots correctly"?

No. In fact, these "simple machines" betray no evidence of their internal workings.

Their only, ONLY saving merit is that IF YOU CHALLENGED THE COUNT, you could count the paper.

But if counting the paper is the last word in confidence, then


But wait, there's more
CFRA - City Defends Voting System - November 8, 2006

The City of Ottawa insists the electronic voting system for Monday's Municipal Election is safe.

Ottawa's Elections Office has issued a memo to all councillors and candidates after a recent documentary into the electronic tabulation system used in the United States.

The HBO documentary raises the possibility that an election system could be accessed with intent to alter the outcome of the vote tabulation.

The City Clerk says Ottawa's preparations for the municipal election by electronic vote have met the standards imposed by an independent third party auditor in the past and those standards are in place for this year's election.

The clerk adds security standards put in place by the municipal election administration make it impossible to hack into the system to access memory cards.

1. What standards? What auditor? Who decided the auditor was qualified and trustworthy? For this election? What about previous ones?
2. "impossible to hack"? hahah ahahahahahahaaha

I challenge the City of Ottawa to invite teams of actual computer security experts, using actual computer security standards, to openly do a threat-risk assessment on the voting system. I can guarantee it is not "impossible to hack".

Plus which, an auditor is a lot of extra expense, then re-assuring citizens reduces confidence in the elections, gee, this is a lot of hassle and money.

You know what would be cheaper and easier?


I will be writing to both the Ottawa Citizen, CFRA and to my city councilor (before and after the election).
Comments: Post a Comment

Links to this post:

Create a Link

<- Older Posts - Newer Posts ->

This page is powered by Blogger. Isn't yours?