An unidentified voting system hacker almost derailed South Africa's first democratic elections. Only a backup paper ballot system saved the historic 1994 election from sabotage, according to a new book from Peter Harris, the former head of the official election monitoring division. The hacking attempt involved trying to boost …
Electronic voting will never become safe, the temptation to tamper with it will always be there as
it is just to simple to do it. If not for every man on the street but always for those who run the election and for all those who have been taking part in the programming and installation of hardware.
All eggs in one fragile basket.
Er... Did you read the article? They did detect the fraud, in 1994, in South Africa. They had a "back system" in place. Why would it not be possible to do the same today? It's not like someone just comes up to the machines with a USB key and install the thing (or a patch), there is a large control system behind it (at least for the country I know), and an encrypted image is what gets installed before the machine gets sealed.
And what is so magical about any other possible voting system that "those who run the election" would not find a way to commit fraud anyway?
Those who run the election in Brazil, where 100% of the election is electronic, just suffered quite a blow in the first round of the election. They were expecting to win on the first round, but since the candidate did not get 50% +1 of the valid votes, a run off is required including just the top two candidates. Now, the system there is not as I would like it to be -- I wish there was a printed "receipt" that the voter could see before confirming the vote (receipt staying inside the machine), and then after the election a certain proportion of the machines would be "audited" to check for consistency of the electronic counting (although it is possible to conceive a way in which this would be cheated too). But it seems to be doing the job so far.
There was no electronic voting
South Africa was not using electronic voting in 1994. The country used paper printouts that were tallied electronically. It was this tallying up that was tampered with, and so the old style system of manual counting was used.
It is very similar to the electronic scanning of paper votes that occurs in several first-world countries today.
"It's not like someone just comes up to the machines with a USB key and install the thing "
Actually, it is exactly like that. Go away and read up on the various failings then come back. Ta.
Perhaps not all-electronic...
...but you could still use computer-assisted voting to perhaps help speed up initial counts and to help produce the actual ballots. The last time there was an election hack article here, I thought of an idea that a voting machine could print a ballot in human- and machine-readable text (using an OCR typeface or the like). The legible ballot can be easily read and verified before submitting and should ease concerns in the event of a recount (and in addition, being legible text rather than marks of holes, wouldn't be subject to misreads and the infamous "hanging chad" problems). Meanwhile, the OCR typeface, as well as having the votes themselves showing multiple characters, should still make the votes readable by machine quickly and with a high potential for accuracy.
This was the 1994 election in South Africa - no electronic voting.
Electronic counting to tally/total the votes though - that is different. I suspect that many democratic countries run elections with such systems without any problems.
@ASG and others
@ASG, yes of course, you are right.
@ Charles 9, nice thinking as long as nobody is able to fuck up the text to OCR table which actually would be a fairly simple hack.
@ J3, "They did detect the fraud, in 1994" Yes they did, but that detection was not built into the system and could have gone unnotified as well.
To me (a programmer since 1968) a computerised centralised system is like a equally centralised political system like North Korea or the old Soviet Union. To much centralised power. Too few at that power center.
Why do we actually strive towards a electronic (in some way) system.
Is it just because we think we have to be modern (still dreaming about the flying car) or do we
think we will save money or is it the speed we need to fulfill the needs of the media.
I still think the best and most reliable system is a pen and a paper.
You can screw that too locally, but you can newer screw that centralised.
I used to drive my grandmother, at gun point, to vote for my representative, but the funny thing
was that when she went behind that curtain to write my numbers, I just had to rely on her.
I think a pen and paper system is much more democratic and fairly safe.
And please no punch cards, and please no internet voting.
Thought about it.
Thus the need for the ballots to be human-readable, too. Thus you end up with a situation like the article states, where electronic counting can be compromised but the ballots are still highly usable for recounts: especially by humans.
Re: please no punch cards
That caused a slight snigger here.
It was the irony in the fact that these days punch cards are, if anything, rather more quaintly archaic than pencil and paper. After all, pencils and paper are still widely in use for other purposes.
Can't remember exactly when it was I last saw a punch card reader, but it was a very long time ago and even then it was a candidate as a museum piece.
Just shows that there needs to be...
TWO separate systems. One for "voting", and one for "counting". The voting system needs to be private and have the voter verify their vote. The counting system needs to be VERY public so we can all verify the final outcome. To combine these two systems is fraud waiting to happen. It appears that we never learn this lesson, and continue to "improve" things at our peril! (*SIGH*)
This is the old technique of fudging the numbers when they are counted in the system, nothing to do with electronic voting. This is what happened in Mexico back in 1988, and probably again in 2006. Back in 1988, the system "crashed", and when it came back online, the numbers had gone topsy-turvy. Then in 2006, the counted numbers followed a strange pattern after a large % of votes had been counted; the brother-in-law of the "winning" candidate owned the company involved with the IFE's vote-counting software. Both of these cases could've been proved true or false with a simple recount, which was never done.
Good to see that South Africa actually proceeded to do that. Looks like they fare better than Mexico in that aspect.
This sounds like it was almost successful as the bloke who changed a cheque for $100 into one for $1M and was successful up to the point where he presented the cheque at the bank.
Multiplying the SA vote tallys for the right-wing by a non-obvious amount (say 1.2) would have had no difference in a landslide election as that was.
To have had a tiny chance of manipulating the outcome, the scaling factor would have had to be quite large, say 1.5 or more. Such gross manipulation would have been a dead giveaway.
The defence force might have been planning to cause chaos, but they certainly would not have been involved in any computer shenanigans. There were less than twenty programmers in the defence force at the time, most of whom would not have been very pro-right.
Rivest, the R in RSA, came up with an ingenious scheme that satisfied a number of properties: it was verifiable, it was private, and votes could not be sold. It was also a bit complicated, and I wondered exactly how well the retirees who commonly staff US polling places could explain it. But I believe that it has been tried in Maryland.
The rage for electronic voting systems comes almost entirely from politicians, who imagine that it's new, cool, and infallible, and hardly at all from the computing community.
But election fraud is as old as elections, and unlikely to go away.
Perhaps this can explain.
This URL explains the supposed systems, which I'll summarize. It involves 3 systems that could be used. The idea is to make the votes public, publicly verifiable, AND secret all at the same time. The published votes have no names attached to them but the public gets copies of either incomplete ballots (with two systems) or someone else's (in the third) and so can verify against ballot tempering (supposedly; I smell a few gaps, though). Since the voter does not hold their entire ballot/their own ballot as receipt, they cannot be coerced/bought outside the voting booth--no way to verify. But with those receipts, the public can get in on the paper trail.
Rivest also happens to be against using programmable computers to count votes for already-noted reasons: preferring votes be counted by dumb machines whose mechanisms are well-understood.
Would anyone have ....
... believed a result that did not return Mandela?
Still I suppose it's a lesson that democracy should always be rigorously proteced and elections scrutinised.
Speaking personally I will always be in favour of pencil nad paper voting with a public counting process. It may be expensive but free elections are worth the price.
Even if I always seem to vote for the losing party.
20-30% of US voters will use non-auditable machines
Now isn't this relevant:
The Faith-Based Vote
As we barrel toward Election Day, Direct Recording Electronic voting systems—usually touch-screen, always entirely unverifiable—are still being used by 20 percent to 30 percent of U.S. voters.
I'm rather uncomfortable with that...
...especially since (1) I'm in one of those districts, and (2) I may be inclined to perform write-in votes this election: seeing as how I've seen enough mudslinging from ALL sides to make me fed up with the whole bureaucracy.
In NAZI Germany, according to Chritabel Bielenberg's memoir "The Past is Myself", although in some of the referenda on anti-Jewish legislation the votes tallied by her husband were 99% against, the declared result was 99% in favour. So there is recent experience of subversion of a supposedly democratic vote.
We certainly need a voting system which inculdes both the voter being able to verify their vote, and the opportunity to hold an independent re-count. Although I understand the reluctance of people to accept electronic counting schemes because of their vulnerability to being hacked or even subverted by the manufacturers (see the el Reg archive on electronic voting), the fact is that paper ballots counted by people are often out by as much as 5%, and rarely produce the same tally for any option on a recount.
Not directly on topic...
...but Peter Harris's last book, In a Different Time, is excellent. It's the history of the deployment, arrest and trial of four MK (ANC armed wing) operatives. Frankly, they didn't achieve much in the way of terrorism (Mandela's description of the MK, btw, see his Autobiog) although they were a bit more successful in intimidating/assassinating black collaborators with the police but the interesting part of the affair was the subsequent trial, in which they demanded to stand trial as PoWs and refused to plead innocent.