Re: Fwd: [Votingtech] UK Register: E-voting security, looking good on paper?

From: Edward Cherlin <cherlin_at_pacbell_dot_net>
Date: Fri Jul 16 2004 - 23:19:13 CDT

On Tuesday 13 July 2004 03:02 pm, Arthur Keller wrote:
> --- begin forwarded text
> From: Jim Adler <>
> To:
> Date: Tue, 13 Jul 2004 13:25:25 -0700
> Subject: [Votingtech] UK Register: E-voting security, looking
> good on paper?

It doesn't look very good to me. It misses completely the idea
that the paper is the ballot.

" Numerous types of attack could produce an accurate record of
voter choice on paper, yet still tweak the electronic results."

Certainly it is true that paper as an audit trail for inherently
flawed electronic systems is woefully inadequate, but so what?

"On the other hand, if voters neglect to examine their receipts
carefully before submitting them, they're worthless - there's no
basis for trusting them more than any other result. A paper
recount where perhaps thirty per cent of voters have actually
bothered to verify their ballots is hardly the basis for

Again, this completely misses the point. If even 30% of voters
examine their ballots, any systematic errors or attacks will be
revealed, at least if even the minimum Statistical Quality
Control methods are used.

"Furthermore, there is no guarantee that the paper record will be
the one recounted. Many jurisdictions require that a recount be
performed in the same manner as the original election, which
might mean simply reading the machine's memory or storage
devices again, unless specified by law. If local regulations
don't require that the paper printouts be recounted, there is
little reason to collect them - except to create an illusion of

So the paper has to be the ballot.

"And if, during a re-count, some discrepancy between the
electronic and paper results should emerge, the paper record
would have to be paramount according to law to be of any use."

Finally! Yes, that is the point. Duh.

"But as we noted, unless voters are scrupulous about reviewing
the printouts, there is no logical reason why they ought to be
paramount. In fact, they probably should not be."

Dead wrong, as explained above.

"However, if the paper receipt is to be used in a recount, it
would be necessary for each voter to review it before the next
voter would be allowed to use the terminal. "

Well, yes. Of course. What's the objection?

"Furthermore, if it were possible for one person to clear any
result from a DRE terminal, this would be a monumental security
hole in itself. Thus it would be necessary for two election
supervisors (preferably with different party affiliations) to
perform the electronic equivalent of turning the keys needed to
launch a nuclear missile, perhaps with different passwords, or
with two smart cards, or some means of authentication along
those lines."

Well, yes. Of course. What's the objection?

"Imagine the delays caused by careless voters puzzled by their
own choices, needing perhaps two, perhaps three, turns at the
terminal to get things right."

And you propose instead...? We have that problem now.

"But what of good e-voting security? Is it even possible? The
short answer is yes, and the long answer follows in tomorrow's
companion story: E-voting security: getting it right."

Actually, no, but I'll dissect his bright ideas in another

> <
>8084969630>UK Register: E-voting security, looking good on
> paper?
> A good
> <>ar
>ticle in the UK Register by <>Thomas C
> Greene which logically discusses the flaws of adding a
> contemporaneous paper replica (CPR, referred to in this
> article as the voter's receipt or paper record) to an
> electronic voting machine or DRE.
> Jim Adler
> Founder
> VoteHere, Inc.
> 425.450.2745 (direct)
> 425.450.2845 (fax)
> Weblog:
> <>
> _______________________________________________
> votingtech mailing list
> --- end forwarded text

Edward Cherlin
Generalist & activist--Linux, languages, literacy and more
"A knot! Oh, do let me help to undo it!"
--Alice in Wonderland
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
Received on Sat Jul 31 23:17:05 2004

This archive was generated by hypermail 2.1.8 : Sat Jul 31 2004 - 23:17:15 CDT