Re: Ballot Validation and voting machine initializtion

From: Keith Copenhagen <K_at_copetech_dot_com>
Date: Tue Dec 14 2004 - 13:04:29 CST

I'm advocating separating the voter from the ballot, so the uniqueness of
the voter
is an aspect of casting the ballot, This would require identifying
yourself twice
at signing in (to get a (non-unique ballot id or ) ballot to vote ) and to
confirm
it's still you (matching signatures ?) when casting a completed ballot
into the box.

A voter card with the ballot info (precinct etc.) could have two places
for signatures and
a registrar mark. Get & sign the voter card in front of the registrar,
ocr the top of the
card to the evm and get the right ballot. vote & print your ballot. take
the card and the
ballot to the ballot box, resign the card in front of the ballot boxer
cast the ballot and
hand in the voter card, for cross-check with sign-in records.

Ballot is private, (or marked to trace with the voter card for
provisional).

Voter info is handled consistently with mail-in, provisional, in-person,
fall back pencil use.

Security is held since the EVM is not trusted, i.e. use matches a pencil
(human readable in, human readable out).
Data security is easier since the voter is also not a trusted entity (nor
unique).
Trust is held mainly at the ballot boxer, which makes sense to me.
Especially when data flow
is consistent across provisional and mailin options.

The registrar trust is important for some attacks.

-Keith

On Tue, 14 Dec 2004 10:09:27 -0800, Jim March <jmarch@prodigy.net> wrote:

> That's why your token is combo english/barcode on a piece of cash
> register tape. They hold it under the fixed-in-place barcode reader at
> a flat spot with "place voter validation slip HERE" on it. It doesn't
> contain anything personal, doesn't matter if anybody sees it, doesn't
> matter if they walk out the door with it or crumple it up and leave it
> on the floor.
>
> If somebody else picks it up and votes with it, votes timestamped after
> theirs with that slip won't count.
>
> It's sort of a "mini version" of the final ballot y'all are already
> planning: full vote info in english with barcode edges. The "voter
> login token" doesn't contain vote data or social security or anything
> else personal, just name, party and precinct.
>
> Jim
>
> Edmund R. Kennedy wrote:
>
>> Hello All:
>> Yep. I knew this topic would get people excited again. I remember
>> the last discussion. Yes, dumb cards might do it. My provisional
>> voter add on is just that, an add on and not needed for this generation
>> of system. As for the camera and OCR scheme:
>> How would you deal with privacy anonymity issues, not to mention voter
>> confidence if there is a camera staring at them? Sure I can tell you
>> that the camera is turned off after you start the voting process but
>> would you believe me? This is a chronic design issue, the tension
>> between ease of use and privacy. Also, if I'm Gomer Pyle, would I even
>> have a clue on how to use this? The hard token idea is at least kind
>> of like an ATM. It's got to be simple for the voter. Thanks, Ed
>> Kennedy
>>
>> */Keith Copenhagen <K@copetech.com>/* wrote:
>>
>> Make that "computer's camera" and "envelope".
>>
>> Pass the coffee, please.
>>
>> On Tue, 14 Dec 2004 08:38:41 -0800, Keith Copenhagen
>> wrote:
>>
>> > I claim there is a natural conflict between the "open" in OVC and
>> > information
>> > that is only readable by a machine.
>> >
>> > We are talking about an equally or more important data flow
>> parallel to
>> > the ballot
>> > which is the "voter qualified to cast" information.
>> >
>> > If you are specifying a mag card (barcode/intelligent token) why
>> not
>> > have a
>> > human readable voter registration paper-card that is "shown" to
>> a camera
>> > camera and
>> > OCR'd to determine the ballot to provide.
>> >
>> > The voter reg card could be printed on demand by the sign-in
>> station and
>> > collected synchronous with the ballot. The reg card could be *>
>> pre-printed or be the
>> > provisional ballot envelop.
>> >
>> > -keith
>> >
>> > On Tue, 14 Dec 2004 12:57:46 +0000, wrote:
>> >
>> >> I have an innate suspicion of using a smart card that contains
>> the
>> >> voter ID. It could be used to undermine the secret ballot.
>> >> --
>> >> Kurt
>> >>
>> >> This email sent using 100%
>> >> recycled electrons.
>> >>
>> >>
>> >> -------------- Original message from Jim March :
>> >> --------------
>> >>
>> >>
>> >>> Ed Kennedy wrote:
>> >>>
>> >>> > Hello Ken:
>> >>> >
>> >>> > I have come to believe that we do need intelligent tokens to
>> initiate
>> >>> > voting machines (surprise Arthur!). The purpose of these
>> tokens woud
>> >>> > be several fold.
>> >>> >
>> >>> > The biggest issue is how does one initialize a voting
>> machine for
>> >>> each
>> >>> > voter. Diebold and I suspect others handled this by using an
>> >>> > intelligent token that the voter inserted into the machine
>> to start
>> >>> it
>> >>> > up for each voter. I know we went round and round about that
>> last
>> >>> > winter and spring and came with at least 5 different methods
>> that had
>> >>> > issues around each one. Since I've been a poll worker I've
>> changed my
>> >>> > mind.
>> >>> >
>> >>> > To handle primary elections where voters must vote by party.
>> They
>> >>> > would declare their party preference to the poll worker at
>> the index
>> >>> > who would generate the proper token.
>> >>>
>> >>>
>> >>> Ummm...couple comments here.
>> >>>
>> >>> In the voter registration data collected by the SecState's
>> office,
>> >>> party
>> >>> affiliation is listed. They can output Comma Separated Values
>> data to
>> >>> the county, which your system then imports.
>> >>>
>> >>> The volume of data is small enough that every voting machine
>> can have
>> >>> the whole set. That means there's really no problem at all
>> with people
>> >>> voting at ANY precinct(!) because once they identify
>> themselves to the
>> >>> system, it "knows" where they live and what party they are,
>> and can
>> >>> present the ballot accordingly.
>> >>>
>> >>> The only remaining issue is "how do they identify themselves"?
>> >>>
>> >>> Avante's answer is a sixteen digit alphanumeric code for each
>> voter.
>> >>> They use the first eight digits to ID the human, the next
>> eight to ID
>> >>> the ballot style used (I think two or three of those digits is
>> a county
>> >>> ID unique in the nation). This code is on ! a "dumb card"
>> that's very
>> >>> tough and flexible. Once ANY of the systems records a voter
>> with that
>> >>> number as having voted at a specific time, when the totals are
>> all
>> >>> piled
>> >>> up, any duplicates result in a flag and all subsequent after
>> the first
>> >>> get tossed...copying an ID card doesn't allow fraud.
>> >>>
>> >>> But...we should remember that Avante was using such cards to
>> ID people
>> >>> coming in and out of buildings and trade shows. Their voting
>> system was
>> >>> originally an attempt to find a new use for the cards . So they
>> >>> were biased towards using said cards and hence we can't assume
>> that's
>> >>> the only way to skin this cat.
>> >>>
>> >>> However. They did prove that a "dumb token" can be used to ID
>> voters.
>> >>> And in their scheme, inserting the card cannot insert
>> extranous data or
>> >>> program file! s. In the Diebold touchscreens, the "smart
>> cards" have 128k
>> >>> RAM on board of which only 4k - 8k is needed for "voter ID" -
>> the rest
>> >>> is full of God only knows what. I cannot recommend highly
>> enough y'all
>> >>> do NOT do like that, or you'll have me outside your office doors
>> >>> protesting yer arses :).
>> >>>
>> >>> Jim
>> >>> _______________________________________________
>> >>> OVC discuss mailing lists
>> >>> Send requests to subscribe or unsubscribe to
>> >>> arthur@openvotingconsortium.org
>> >
>> >
>> >
>>
>>
>>
>> -- Keith Copenhagen
>>
>> _______________________________________________
>> OVC discuss mailing lists
>> Send requests to subscribe or unsubscribe to
>> arthur@openvotingconsortium.org
>> *
>>
>> *
>>
>> -- 10777 Bendigo Cove
>> San Diego, CA 92126-2510
>>
>> "We must all cultivate our gardens." Candide-Voltaire *
>>
>> *
>> *
>> ------------------------------------------------------------------------
>> *
>> _______________________________________________
>> OVC discuss mailing lists
>> Send requests to subscribe or unsubscribe to
>> arthur@openvotingconsortium.org*
>>
>
>

-- 
Keith Copenhagen
_______________________________________________
OVC discuss mailing lists
Send requests to subscribe or unsubscribe to arthur@openvotingconsortium.org
==================================================================
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
==================================================================
Received on Fri Dec 31 23:17:13 2004

This archive was generated by hypermail 2.1.8 : Fri Dec 31 2004 - 23:17:22 CST