Re: logic and accuracy tests

From: Ron Crane <voting_at_lastland_dot_net>
Date: Fri Aug 25 2006 - 17:31:57 CDT
Jerry Lobdill wrote:
At 02:00 PM 8/25/2006, you wrote:

From: Paul Malischke <>
Date: Aug 24, 2006 8:11 PM
Subject: logic and accuracy tests

One major arguement that the clerks make against post-election
audits of vote counts is that they do logic and accuracy
pre-tests.  How can we counter this argument?

To me the best answer to this is that L&A tests and even parallel 
testing cannot reveal the presence of Trojan Horse software. 
Tests--of any kind--can only test the advertised functionality of 
software. There is no possibility of uncovering inserted software 
that is designed to permit manipulation of the legitimate functions. 
It's like trying to prove a negative--it can't be done.

Your conclusion is incorrect. But L&A testing is not security testing, and is unlikely to discover a competently-designed fraud, such as one engineered to operate only on election day. Parallel testing can do better, since it is performed on election day and is meant to determine whether the machines are cheating. For example, parallel testing could determine whether a given machine flipped votes from candidate A to candidate B by comparing the ballots the testers voted with the "ballots" the machine recorded. That said, there are a host of ways a well-designed attack might try to escape detection during parallel testing, most of which involve determining whether the machine is, in fact, being tested. Unless the testers are exceedingly careful to make the testing exactly simulate actual voting -- from randomly selecting the machines to test right before the polls open, to casting a realistic assortment of votes at a realistic rate, to using varying amounts of pressure on the touch-screen to cast them, etc. -- it's quite likely that some well-designed attacks will escape detection during parallel testing.
Post election audits are conducted to ascertain whether any kind of 
irregularity occurred in the election. This is a completely different 
function than testing.  
Both audits and parallel testing aim to find irregularities and fraud. L&A testing mostly aims only to discover whether the machines appear to be setup correctly (e.g., to display the appropriate races and to allow voters to select the right number of candidates).


OVC-discuss mailing list

= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Thu Aug 31 23:17:09 2006

This archive was generated by hypermail 2.1.8 : Thu Aug 31 2006 - 23:17:10 CDT