This morning I watch the Diebold documentary, “Hacking Democray”, on HBO or one of its affiliate networks. The basic information in the documentary was not news to me. Since I currently live in Maryland, the news that Johns Hopkins had obtained the source code to the voting machines was all over the place. I knew, even as I did my civic duty of voting this November that it was possible my vote would not count. I had also seen “Man of the Year”, a movie which has a similar theme as its main premise.
When I came home on Tuesday night I was on the #emacs channel on irc.freenode.net and was joking with others about how the Free Software Foundation should create a voting machine. This way it would be open source and we could see if there was truly any code which would give the victory to one side or the other. While this would certainly be a step in the right direction, I have read some articles online which suggest it would not be enough.
Before I get to that, I want to say that I believe strongly that our voting software should be open source software. Voting is a public action to elect a public government. The code to do so should, therefore, not be private. They claim it needs to be secret for security’s sake. They are just as arrogant as everyone else who has failed to learn that security by obscurity is no security at all. Any company serious about about security has learned that the best cypher systems are not unproven systems, they are code which we know how to break. Does this sound paradoxical? Well, if we know how to break a code, we also know what it would take to break the code.
So let’s say we have encryption A. We know exactly what needs to be done to break it – it has been tested and proven. We also would then know that encryption A requires a computer to work night and day for 40 years to break the encryption. This is a good thing because it means we don’t care if somone can break the encryption. By the time they break it, 10 election cycles will have gone by and the information will no longer be useful.
Let’s say we have encryption B, a new encryption scheme developed by, for example, Diebold. They keep it secret and proprietary. Some hacker, cracker, or samuarai finds the code and decides to reverse engineer it or brute force it. Perhaps they can crack it in just a few hours. Now we’re in trouble because they can hack the systems for good or evil and they can do it in a reasonable amount of time. Why? Since the company used a proprietary encryption scheme, the mathematicians weren’t able to go in and prove that it’s safe.
So these are all reasons to have open source voting software. We’ll know its secure and people can check for fradulent activity in the source code. However, this won’t be enough.
You see, the memory cards from these voting machines still need to be tabulated at a central computer. Along the way the votes can be tampered with or perhaps even “lost” to eliminate some votes. We need a process by which we know that the votes we have entered are the same votes we put in.
So, why did I vote, knowing all this? Because voter fraud is nothing new. We have had voter fraud in this country since its founding. One of the most famous elections in which fraud occurred was the 1876 presidential election between Rutherford B Hays and Samual J Tilden. Similar voting fraud was shown in the movie “Gangs of New York” when one gentleman asked, “How many times did you vote?”
“Two times already!”
To which the first replied, “Then get back in there and vote again!”
We can never truly be sure of our elections because of the paradox of free and fair elections. We have, you see, a large paradox in our voting system. The only way to ensure fair elections would be to make note of how each person voted so that we could double-check with him later if the machine recorded his vote as he intended. However, if we attached names to votes, we would be unable to have fair elections because the person would be liable to reprisal for the he voted. So, there paradox remains!
At least, it remains up to this point. Interestingly enough, technology may be able to help fix this problem. What we would need to do is create some sort of hash table whereby a voter could check how he voted, but no one else could check. Of course, this is not a perfect solution because how do we know exactly who is checking? If they do it over the computer – it could be anyone at the monitor. If they do it in person, we’d potentially know who they were. In fact, as I write this and my mind goes through the possibilities, it becomes tangled in itself in an attempt to resolve the issue. However, I seem to be stuck in a recursive loop. Let me give you a sample.
What if the person could go back to the polling station to check his vote? Well, we’d have to make sure that the machine did not log or keep track of who checked which votes. This would seem to be impossible because every encrypted password still exists in the heap because the computer needs to be able to operate on it. Not accessible to regular people, but a well-paid computer geek could do it. So how could we ensure the machine wasn’t going to do that. Ok, we make sure it’s not programmed to do that. How do we ensure that the programmer who says it’s ok hasn’t been paid off? If it’s open source, how do we ensure it hasn’t been changed from certification time to when it’s out on the floor? We have someone stand there and make sure and disconnect it from the web. If you have someone standing there, what if they’re paid to dissapear for a little bit. And it goes on and on….
So in the end it would appear that we are stuck. As both a software and photographic hacker, I regard anyone who says, “trust me” in a dubious way. I’m extra dubious of anyone making financial gain off of stuff such as Diebold. For, what incentive to they have to be honest? It is a disincentive since admitting problems will cause politicians to be forced to buy from the competition. At the very least, a non-profit should develop the software and hardware. They should be paid in equal part by both major political parties. That would be step one to make me trust the machines more. Step two would be to make the program open source. If I can’t read the source, I don’t trust it. Look at what happens when Microsoft says, “Trust us” – you get a virus. Look at what happens when the Pentagon says trust us – you have the Pentagon Papers during the Vietnam war. If you can’t read the source, you don’t know what’s going on.
As of right now, those two steps are the only ones that I can see nudging my confidence up, but as I point out above, I think it will be an impossible problem to ever completely solve. If they are taken, we may not be able to prove that “there is no cabal”, but at least we’ll know that the voting machine companies aren’t complicit.