Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
United States Government Politics

NIST Wants To Hear Your Ideas On Election Equipment 65

Joseph_Daniel_Zukige writes "I'm still trying to figure out who is doing what here. It looks like the typical bureaucratic mess, but it looks like NIST, operating under the Help America Vote Act has set up a Technical Guidelines Development Committee to advise the 'independent bipartisan' United States Election Assistance Commission. So, the TGDC is going to hold some public hearings, and they've invited members of the public to help them out: 'One hour will be reserved at the conclusion of each day for members of the public to provide up to five minutes of testimony.'" Read more below, including how to register (today is the deadline) for the meetings, which will take place in central Maryland later this month. Update: 09/15 18:04 GMT by T : Irvu writes "You can submit online comments to NIST's Technical Guidelines process. The link is here. Just click on the link marked 'Submit Comments or Position Statements.' Alternately you can e-mail your comments to vote@nist.gov."

Joseph_Daniel_Zukige continues "I can't make it. (Very long drive across a very deep ocean, or plane tickets I can't afford.) Twelve people per session is not going to allow a lot of people to testify. I'm sure Microsoft has someone going to sell a MSWxx based voting machine. I hope somebody from the EFF is going. Think it would be possible to pack this thing with enough Slashdot geeks to convince the government at least that electronic voting absolutely requires a human-readable ballot to be produced?" The meetings are taking place on the 20th through 22nd of this month; you have only until 5 p.m. today to register, though. From the linked PDF: "The meetings will be held at the National Institute of Standards and Technology North Campus, 820 West Diamond Avenue, Room 152, Gaithersburg, MD."

This discussion has been archived. No new comments can be posted.

NIST Wants To Hear Your Ideas On Election Equipment

Comments Filter:
  • by tod_miller ( 792541 ) on Wednesday September 15, 2004 @09:06AM (#10255822) Journal
    Although I bet if it were possible, vote by TV would increase the quantity of votes, but I can imagine TV ads running through the day, with scantily clad women with 'press the red button to vote for bush, and see *her* bush!'

    Seriously, getting people to vote for the right reasons.

    IT is less of a concern, I would preffer people vote responsibly, than use funky technology.
  • by tod_miller ( 792541 ) on Wednesday September 15, 2004 @09:10AM (#10255858) Journal
    then yes, usability and human factor issues are paramount, if a colour of an alert box can sway the vote by a percent, then we need to be careful.

  • PAPER BALLOTS! (Score:5, Insightful)

    by leftie ( 667677 ) on Wednesday September 15, 2004 @09:13AM (#10255888)
    The only election equipment I want to see are the sheet of paper theballot is printed on and a pen.

    Canada gets it's paper ballots counted extremely fast. They need to hire some election consulatants from Canada and find out how they process paper ballots so quickly, and follow their recommendations.
    • Re:PAPER BALLOTS! (Score:4, Informative)

      by rakerman ( 409507 ) on Wednesday September 15, 2004 @11:15AM (#10257105) Homepage Journal

      Canada's election consultants are doing their best to replace paper ballots with electronic systems.

      The Chief Election Officer of Ontario has issued a report in favour of trying out electronic and Internet voting, and has already issued an RFQ for a technology pilot project.

      You can read more about it on my blog Paper Vote Canada [papervotecanada.ca]

    • Re:PAPER BALLOTS! (Score:3, Insightful)

      by Jordy ( 440 ) *
      Actually, there is a easy compromise.
      1. First, take a paper ballot that can be read by a DRE machine (similar to a scantron).
      2. Next, build a electronic voting machine that has a nice menu system, comes in whatever languages you need, supports all those nice blind accessible features and allows people to preview their vote before commiting it.
      3. Insert paper ballot into machine.
      4. Have electronic voting machine print the vote onto the paper ballot. This can be as simple as using a LED printer or as fancy as using
      • Additionally this allows a person to vote even if all the "computerized ballot markers" are tied up. Just take a pen and sit down at a table... (subject to the individual voter's desire for privacy).

        Reserve the machines for those who need (or really want) to use the machine.

    • That's completely inefficient.

      The whole point of a computer to count, really really fast, and really really accurately. And at relatively low cost.

      Hiring a whole bunch of expensive, failable humans to count is a not a good alternative.
    • I like my city's system. They use a "connect the bars" paper sytem then scan them into the "safe" for counting. It's electronicly able to be done quickly and privately so results can be read by phone [modem?] to the state office, but if the need for a recount arises, the ballot boxes are kept in storage several months sealed and unopened since election day.

      The forms are a little goofy to get used to, but it's nearly impossible to make a mistake because you have to make a 1/2" mark on the paper...and if

  • by Dr. Bent ( 533421 ) <ben.int@com> on Wednesday September 15, 2004 @09:28AM (#10256019) Homepage
    (In order of importantance)
    1. Publicly accessable source - Whatever licening terms you use, the source code must be easily available to anyone and everyone who wants to read it.
    2. Verifiable binaries - Election inspectors must be able to verify the binaries installed on the machine by generating an MD5 (or equivelent) hashcode and comparing it to the published source.
    3. Paper Trail - The voting machine must keep a human-readble printed record of every vote cast. This is the only meaningful way to do recounts. In case of a discrepancy, the paper record should act as the real ballot...the electronic vote is just a fancy method of counting.
    One thing I am opposed to is a "voting receipt" that the voter gets to confirm that thier vote has been cast. While this sounds good in theory, it's too easy for powerful organization (unions, corportations, etc...) to sway elections by paying people for voting by having them turn in thier voting receipts after an election.
    • I agree with your list of safeguards.

      Who is proposing a "voting receipt"? That would be a terrible idea. I don't think any political party would support that.
    • Yes a 'voting reciept' would be a bad idea; I don't believe that under any circumstance a voter would be allowed to leave the polling station with the paper. However a 'paper trail' is needed to hedge potential (eventual) problems with an electronic vote. The idea is usually to have them drop it back into a ballot box.

      I think that this box should accept the ballot kinda like a vending machine accepts a dollar bill. This way both the touchscreen system and the ballot box will keep a tally, if the results

    • Verifiable binaries - Election inspectors must be able to verify the binaries installed on the machine by generating an MD5 (or equivelent) hashcode and comparing it to the published source.

      How can you be sure that function hasn't been tampered with? If the machine has it's own "self-check" program, if you were going to tamper with the box, wouldn't that be the first thing you'd fix? The only way to be sure is to have a computer engineer with hardware-level access manually check the thing out.

      Electronic
      • The only way to be sure is to have a computer engineer with hardware-level access manually check the thing out.

        And that's exactly what the election inspector would do.

        Depending on exactly how the device is designed, the inspection should consist of two parts: Checking the hardware, and checking the software.

        The hardware would be checked in the same manner that current voting hardware is checked. It's not all punch-cards out there, you know. There's lots of old school equipment that is used to collate th
        • So we just have to make election officials all computer engineers. Simple.

          Needless to say (I thought) the costs of doing this would totally outweigh a tradional voting system. Every attempt trying to make computer voting more reasonable only ever shows how innately infeasible the whole idea is. The benefits (what benefits?) do not outweigh the costs.
    • by nine-times ( 778537 ) <nine.times@gmail.com> on Wednesday September 15, 2004 @11:56AM (#10257521) Homepage
      One thing I am opposed to is a "voting receipt" that the voter gets to confirm that thier vote has been cast.

      Yes, I think a voting recipt that the voter leaves with is a silly idea. However, I would be in favor of some kind of window that lets the voter see the paper copy as it's printed out. I mean, what if someone tampered with the code in such a way that you could vote for candidate A, it would get counted for candidate B, and the printout said you voted for candidate B?

      So, not only should there be a paper trail, but the voters should be able to visually confirm that the printout was correct.

    • I have been swayed to think that a receipt is a bad idea, too. I've tried to imagine a system that would A) allow a voter to verify that his vote was counted correctly and B) maintained the secrecy of the voting booth, but I can't.

      There is a maxim that goes, "A man with one watch knows the time; a man with two watches is unsure."

      What's going to happen when the electronic count and the paper count are wildly different? Suppose the electronic tally has candidate A over B by X number of votes. What happen
      • by Anonymous Coward
        Why would the paper ballots be destroyed? Isn't that a risk in all elections up until recently?

        How is printing a paper ballot a risk to the secrecy of the vote, any moreso than it is now?

        How is printing a receipt with a checksum of some random token (user-generated passphrase, some unique identifier of the user, etc.) + their vote choices, and allowing the user to keep that receipt a vulnerability? By "checksum" I mean a cryptographically secure hash like SHA1. Maybe you could reverse it with NSA hardware
        • Why would the paper ballots be destroyed? Isn't that a risk in all elections up until recently?

          They could be destroyed by accident or otherwise. While ballot security has always been important, under a dual count system an attacker who hacks the electronic system to add votes for a candidate calls into question whether some ballots were destroyed. We wouldn't be sure.

          How is printing a paper ballot a risk to the secrecy of the vote, any moreso than it is now?

          Did I say printing a paper ballot

        • How is printing a receipt with a checksum of some random token (user-generated passphrase, some unique identifier of the user, etc.) + their vote choices, and allowing the user to keep that receipt a vulnerability?

          <example 1>
          So Bob, me and this nice, big, gentelman with the Colt .45 would like to see your receipt after you vote. Also, if you don't mind, we'd like the pass phrase you used. You see, we just want to make sure that your vote was counted for the correct candidate. Afterall, we know
          • Goddamit, I'd like to have the nice big gentleman with the Colt shoot the moron that first thought of calling these little slips of paper "reciepts".

            The whole point of having them is for the voter can confirm her vote, and then put it in a ballot box as with current election technology. Of course, people are stupid, and some of them would carry their "recount chit" off with them, or in fact use it as proof of voting for candidate X, so we put the printer behind a piece of glass and don't let the voter t

      • There is a maxim that goes, "A man with one watch knows the time; a man with two watches is unsure."

        What's going to happen when the electronic count and the paper count are wildly different? Suppose the electronic tally has candidate A over B by X number of votes. What happens if the total number of paper ballots is less than the electronic count by an amount O(X)?

        This raises a question in my mind. I don't think I can put it concisely, but please bear with me. It's starting to convince me that we should

      • I have been swayed to think that a receipt is a bad idea, too. I've tried to imagine a system that would A) allow a voter to verify that his vote was counted correctly and B) maintained the secrecy of the voting booth, but I can't.

        Voter goes into a booth, and enters his votes in the computer. He presses the "done" button, and the computer prints out his vote and displays the resulting printout to the voter under a sheet of glass. If the voter likes what he sees, he presses an "OK" button, the printout
    • don't ship with binaries installed, compile source at the precinct, it should be compiled first thing in the morning or the day before with an audience of interested citizens. Much easier to verify the source, you never know if a precompiled binary matches, it's too easy to fake a checksum or a hash.
  • by PerlDudeXL ( 456021 ) <(moc.liamg) (ta) (ekcideul.snej)> on Wednesday September 15, 2004 @09:59AM (#10256278) Homepage
    I'm all for new techologies, but I don't trust electronic voting. I'm happy to live in a country where voting is done with a ballot made of paper and a pen to make a cross-mark.

    You have a paper-record with valid or un-valid votes that are easy to count. No interpretation of punch-cards needed because the voting machine was too complicated or otherwise flawed.
  • the 'independent bipartisan' United States Election Assistance Commission.

    Good use of scare quotes. As a member of a third party, I've learned to be wary of any "independent" organization that calls itself "bipartisan". The very name implies that they will be offering "election assistance" to plans that entrench the current R-D duopoly.

    So don't look for them to advocate any sort of Instant Runoff Voting (or Condorcet Voting, for those who want to require higher mathematics to understand the results).
    • I hate the term bipartisan. when I hear a politician say it, it makes me think he's forgotton the rest of us. I tend not to like people who say it too much, especially if they equate it with being fair and unbiased. They should know better and treat the public as if it should know better.
  • by StevenMaurer ( 115071 ) on Wednesday September 15, 2004 @11:53AM (#10257498) Homepage
    Really folks, this isn't so hard.

    All you need to do is have the voter machine print the voter's response on a cash-register-type tape roll that is visible under glass (but not accessable - so as to prevent the kind of dirty tricks that Bejing is putting on Hong Kong's pro-democracy advocates). That way you have a hard, difficult to falsify record of every voter's preference.

    The software to do this is almost immaterial, but the source code needs to be accessable to anyone for review.

    • The biggest problem I forsee with this ballot under glass scheme (and it's ilk) is what do you do if the ballot is wrong?

      Sure you can look at it and see that it says Nader instead of Kerry but unless the system includes some way to correct the mistake we havn't solved the problem.

      That is why I'm in favor of separate vote/count machines. If the voter has to physically carry their ballot to a counting machine, they have a chance to verify what it says (and if necessary get it corrected) before the vote is
  • I don't see any provision for it in the announcement, but does anyone know if the NIST committees will look at written submissions?

    Or at any rate, maybe they could be asked to do that?

    -wb-
  • You can send Online comments here [nist.gov] by clicking on the "Submit Comments or Position Statements" link. Alternately you can e-mail your comments to vote@nist.gov [mailto].

    I spoke to one of the committee members Allan Eustis. He stated that their mandate is to provide "Initial Recommendations of Voluntary Guidelines" this coming April. These guidelines will likely follow and overlap with the FEC2000 Guidelines and will apply to all parties in the "voting community" (States, Vendors, etc.). He stated that they would
  • The Palm easter egg [eeggs.com] should be easy enough to display in a portable manner, and there should be some number of panel members who will have their own palm that they can test it on.

    Then point out that, instead of running an Easter Egg and Taxi across your screen, if you were dealing with a E-ballot box, it could have brought up a screen allowing you to modify the vote count.

    This cannot be tested for after delivery because, no matter what testing regime you come up with and execute, I can come up with an ea

  • The online registration form was not working. I had to email the contact Allen Eustis with my information to get registered. He emailed me back saying I would be set to attend. I am only planning to attend the first two days (if my work and wife will let me!) since they seem to deal more with the specific aspects of electronic voting I am concerned with.

    Also, Mr. Eustis did indicate that though the draft agenda said they would have an hour for public comment each day, he was going to try to allocate more t
  • Look, I figure it this way. If we really, really want to stick with an electronic voting system, we need to authenticate using a standard issue identification card, disconnect the card from the vote, and code something together using something along the lines of perl, FooSQL, and some seriously heavyweight encryption - and then stick it onto a bunch of diskless workstations set to run LOAF on a character display, with some CIA type encryption on a spare hard disk for the box to continually save its state o
  • by JimMarch(equalccw) ( 710249 ) on Wednesday September 15, 2004 @03:08PM (#10259542)
    We'll formalize this later but in "rough draft" form, here's our recommendations:

    1) Open source. Not necessarily GNU licensed, but the source code of all voting systems must be publicly available on the vendor's website plus at least one gov't website if not multiple - choices include the county elections department's websites, the Federal Election Commission, state SecState sites, etc. ALONG WITH the compiler and operating system makes and versions under which the code was compiled; that will allow us geeks to do our own compiles and generate our own hash results so that we can compare with "in the field" binaries. (I have to disagree with Dr. Dent on his point #2 in that I don't want to have to trust somebody else's hash numbers...I want to roll my own.)

    2) Voter verifiable paper trails. The best such schemes are similar to the one Avante developed - your vote is printed on a paper strip "behind glass". You get to look at it, make sure it's OK and if you like it, hit "OK" on the touchscreen. A "robot snipper" clips off that piece of paper, it drops to the bottom of a sealed bucket and it's the official vote of record in case of recount. You don't use a take-up reel because then you can cross-ref the voter order with the vote order and figure out who voted for what. The voter cannot later prove who they voted for (it's not a "reciept") - that way "Guido" can't breaka you legga for voting "wrong" or pay you for voting "right". Oh, and the paper vote of record has an encrypted bar code strip to ID false "extra bits of paper", and minor mistakes in the dot-matrix print that are hard to spot but form their own second tamper-code.

    3) This is the major piece that Bev Harris has contributed. Harris used to be a forensic accountant, meaning she dug into financial fraud for a living. In any accounting system, there are auditing procedures and steps at EVERY step of the way as cash is handled. Votes need to be handled the same way - there's documentation every time they change hands, there's a REAL audit trail, and similar steps that need to come from the CPA community. As one example: in a real audit trail, if data entry was done wrong and needs to come out, it isn't erased. It's MARKED (and datestamped) as "not valid" but it's still in there so you can see what happened. None of the current systems do this, with the possible exception of Avante (I'd have to take another look on that point.) Diebold, Sequoia, ES&S and Hart sure don't!

    4) Mandate Read-Only-Memory storage of votes at the terminals! This is another thing Avante got right - and no, they ain't paying me or BBV.org a red cent. Their voting terminals burn the vote data to CD-ROM. Diebold, ES&S and Sequoia burn data to PCMCIA memory cards...which can be stuck in a laptop, encryption cracked and the data messed with as happened in Volusia County FL, Nov2000.

    ---------------

    This is PRELIMINARY and should be viewed as such, but it's a pretty good guide to where our heads are at. Blackboxvoting.org [blackboxvoting.org] (not just a website, we're a non-profit public interest educational/research foundation) will be meeting to discuss a formal proposal ASAP.

    Jim March
    Member of the BBV.org [blackboxvoting.org] board of directors (Bev Harris is our Executive Director)
    I'm also a co-plaintiff (with Bev Harris) in the current lawsuit against Diebold in California which State Attorney General Bill Lockyer just joined.
    • I like that!

      #3...working in IT though I'd say corperate accounting is still in the stone ages using IT... but mearly because it's time consuming and difficult to set up such structures...and the CEO's are always making a "moving target" by changing minor things on an almost quartely basis.

      #4...I think you meant to say WORM...Write Once Read Many storage. Again, it would do just what you Want in #3...because it can only Add records it would add the stamp to void #34567 rather than simply deleting it..ver

      • It's #3 that basically nobody else is talking about except Bev Harris and her immediate supporters, of which I'd classify myself as one :).

        Think about how a bank deals with cash: there's a paper trail AND electronic trail every step of the way, including use of publicly available encryption algorythms - NO use of "security by obscurity".

        There are decent PC accounting programs today that meet these standards (business grade programs that is...) which proves this is doable.

        Too many of the people advocating
    • From your blog:

      While paper is invaluable in testing, it becomes a more complex issue in actual voting, because now you have 60,000,000 pieces of paper to deal with. Which means machine counting of those pieces of paper, which brings us back to square one...machines we might not trust.

      Only if you assume that the paper has to be counted by machine. If the paper is countable by hand, it is verifiable by hand in the event of a recount.

      Recently, they had a recall election in Venezuela. Because of the long

      • Paper: All things have error rates. People have an error rate of about 2.8%, plus a "bias" rate, plus a maximum throughput. All of which are issues that need to be addressed. Pro-paper advocates love to talk about the error rate of paper, and ignore the bias issues. Paper also makes secrecy harder.

        Venezuela: Well, it was a report based on a study from a group at MIT not the WSJ particularly. Go read up on the Venezuelan election and you'll see what I mean. The election results strongly disagreed with the
  • Politics v. YRO (Score:1, Offtopic)

    by Kalak ( 260968 )
    If this was under a YRO section, and not Politics, I'd almost guarantee that there would me more than 30+ commnets by now, and a larger readership. That readership could then effectively be mobolized to comment to the board. Weren't voting machines under YRO and not Politics? Judging by the number of comments, the number of readers has probably dropped too. While YRO and Politics are intertwined, if something was under YRO it should probably be left there, as people know where to find it.

    Slashdotting t
  • by fiannaFailMan ( 702447 ) on Wednesday September 15, 2004 @03:45PM (#10259893) Journal
    Excuse me, but has anyone actually stood up and listed the benefits of electronic voting? I have yet to see any tangible benefits. The only advantage I can think of is that the news networks get the result a little earlier. Potentially losing democratic control is a bit of a high price to pay for satisfying the impatience of.... whoever it is that wants to see the election results a few hours sooner. What's the ruch to see the results so soon anyway? It's more fun to sit there overnight watching the results come in as they are counted by hand. Hell, election night in the UK is great entertainment. I remember getting the beers in and holding an overnight vigil with my brothers, watching the 'safe' Tory seats drop one by one as tony Blair was swept to victory for the first time. Nice!

    However, I digress.

    Electronic voting does not encourage more people to vote, they still have to get off their backsides and go to a polling station regardless of whether they are greeted by a CRT or a pencil and paper. This idea that electronic voting is better for democracy is nothing but a myth.

    • Electronic voting does not encourage more people to vote, they still have to get off their backsides and go to a polling station regardless of whether they are greeted by a CRT or a pencil and paper. This idea that electronic voting is better for democracy is nothing but a myth.

      Totally agreed. Oregon's on a much better track- if we ever have electronic voting, it will be over an SSL connection, because we already have no polling places left. Yes, folks, all the voters of Oregon are on the equivalent of
      • by fiannaFailMan ( 702447 ) on Wednesday September 15, 2004 @04:52PM (#10260502) Journal
        It's a nice idea, but it brings its own problems. There was an experiment at the last local elections in the UK where some councils were elected exclusively by absentee ballot. There was anecdotal evidence that some people (mostly Indian/Pakistani women) were pressured by male family members in which way to vote. The advantage of a polling booth is the privacy of it.
        • Working fine here- but then again, here in Oregon, women are so independant that they threatened to sue Multnomah County to be able to marry each other instead of men. The four women on the County Council got together in secret, excluding the one man- and the next day gay marriage licenses were avilable in Multnomah County.

          We'll see if THAT survives the next election- Measure 36 ammends the State Constitution to forbid it- but one thing you can be sure of, no husband is presuring his wife to vote a certai
      • Totally agreed. Oregon's on a much better track- if we ever have electronic voting, it will be over an SSL connection, because we already have no polling places left. Yes, folks, all the voters of Oregon are on the equivalent of permanent absentee voting; ain't no such thing as a polling place in the entire state, and we get two weeks to vote (ballots start going out October 13th). In the comfort of our homes, as Bill Bradbury says. And guess what- no discernable problems as of yet except for a few hanging
        • Not to mention that in some elections under some State and Municipal rules, absentee ballots are only counted IF THERE IS A RECOUNT. Sometimes even having the votes fall within a certain percentage of each other is not enough to trigger the tallying of absentee ballots in certain locales.

          Many people who use absentee ballots don't check their local laws and election rules, and are surprised when you mention they should check into this possibility. And severely disappointed that their votes haven't been co
          • Where in Oregon, with all of the ballots being absentee, all of them get counted. We have had the problem with people going door-to-door to collect ballots, with a big question as to whether those ballots are ever turned in- but by and large there have been no problems.
        • Voter turnout in Oregon HAS increased- but there's some question as to whether vote-at-home has helped or hindered that, we've had a lot of high-profile measures on the ballot in the last 6 years that make people want to vote anyway. Heck, Measure 36 may just eclipse the Presidential Election in causing turnout this time around. A lot of people care about marriage- even if the so-called "rights" the gays are getting are only valuable to the rich, except for the visiting people in the hospital part and tha
  • But won't be complete until we can vote in our homes and have the vote instantaneously and securly posted to the election center.

    But a far easier and cheaper democratic tool lies on the horizon, thanks to computer technology: taxpayer (as opposed to legislative) control of the budget. Many of us already file our tax returns electronically- it wouldn't be hard at all to add a few thousand questions to te form on how the government is allowed to spend the money.
    • I can imagine how that would go:

      [x] Defense spending
      [x] Education
      [ ] Public funding for obscene art
      [ ] Congressional Pay raise
      [ ] Internal revenue service
      [ ] HUD
      [x] Saving cute endangered creatures
      [ ] Saving endangered vultures

      It'll all be in the wording.
      • Yep- and since Congress would control the wording, to some extent, they'd still be somewhat in control.

        In the sci-fi novelette I stole this from, if you had money left over at the end of the list, you got to add a new category that you wanted the government to work on. The main guy in the story, who had lost several family members to war, added "Everlasting World Peace", and it attracted so much money it was accomplished within 12 months.
  • How about explicitly reminding NIST that letting a convicted embezzler add a backdoor to eVoting software, that creates insecure, editable "double books" that are reported instead of the official counts, should disqualify that vendor from bidding on eVoting contracts? And should probably earn jailtime and corporate dissolution? And is actually practiced by Diebold?

"I'm a mean green mother from outer space" -- Audrey II, The Little Shop of Horrors

Working...