Re: Draft Proposal Concept for California Secretary of State -- Feedback Wanted

From: Ron Crane <voting_at_lastland_dot_net>
Date: Tue May 10 2005 - 13:35:10 CDT

On May 10, 2005, at 5:49 AM, Arthur Keller wrote:

> Please note that the writing so far was done with the able help of Amy
> Pearl, who wrote:
> I think the missing section on what's wrong with existing systems and
> their inadequacies should be no more than one page. The purpose of
> this version of the proposal is merely to get them to say whether they
> are interested enough for us to pursue this. The section should be the
> motivation: as scary as possible to provide them with motivation and
> ammunition for pursuing this. It should not be a huge airtight case
> against Diebold or DRE vendors.
> Please help with this section if you can.

Draft 2:

Current systems use secret software and uninspected hardware, which
imperil security and undermine public confidence. While all systems
must pass certification testing, testing cannot find "back doors" that
could allow dishonest vendors to manipulate election results, nor can
it find most security-related errors which could be exploited by
dishonest officials or hackers. Much of the public backlash against the
deployment of DREs, and much of the public suspicion of elections
conducted using them, arises from their secret nature and from the very
real security risks that it creates. Public suspicions also has been
stirred by existing systems' numerous, serious documented errors
including vote loss, vote switching, and even a case in which 600
voters somehow "cast" 4,000 votes for a Presidential candidate.

Supporters of current systems frequently say that they have operated
for years with no proven fraud. What they don't say is that the
systems' secrecy makes it virtually impossible to discover fraud.
Elections routinely are decided by small single digit percentages, and
polls routinely fluctuate by similar percentages, so frauds that shift
such percentages of votes would be essentially undetectable. Nor do
such frauds require many individuals to collude: a few key developers
at a vendor could implement them.

Fearing similar frauds in electronic gambling systems, Nevada has for
years required gambling system vendors fully to disclose their software
and hardware, and has subjected gambling machines to random on-site
inspections. And it has, in fact, discovered such frauds, including one
in which a vendor rigged its poker machines to avoid giving royal
flushes; Nevada decertified the vendor and fined it $1 million.
Basically Nevada, understanding that dishonest gambling machines
undermine public confidence in gambling, requires vendors continuously
to prove that their machines are honest and accurate, much as the FDA
requires drug-makers to show that their drugs are safe and effective,
rather than requiring consumers (gamblers) to prove that they're deadly

No similar standards have ever been enacted for voting machines,
despite the fact that elections are vastly more important than
gambling. While the UCCS team urges the enactment of such standards, it
does not ask for that now. Rather, it proposes to build a system that
is entirely open to public review and inspection, and whose development
process guarantees that its publicly-reviewed software actually makes
it into its system on election day. Unlike existing systems, in which
the voter selects her candidate, clicks the "vote" button, and wagers
whether her vote will be counted, the UCCS system gives her solid
assurance that it will.


OVC discuss mailing lists
Send requests to subscribe or unsubscribe to
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Tue May 31 23:17:31 2005

This archive was generated by hypermail 2.1.8 : Tue May 31 2005 - 23:17:52 CDT