Tonight's Debate and Where to Read the Live Blog Reports

Tonight's Democratic presidential debate on CNN was well run, and Anderson Cooper did a good job keeping the questions moving along. I'm sad they gave very little time to the issue of the environment, but I enjoyed some of the videos and curve balls. The candidates I thought did a good job responding with interesting answers as well. I had a lot of fun participating in the live blogging tonight, thanks to Morra Aarons for putting out the call to everyone in the BlogHer community. I think we had a pretty good discussion. Check it out for more about the debate content.

I was also hopping around the leading Democratic blogs while we were commenting here, and the Edwards thread was interesting, but I have to say a few of the commenters were off-base, like one that slammed Richardson on his response about the VVPATs (Voter Verifiable Paper Audit Trails) - he actually answered that very well. (I've studied e-voting issues for several years. It's tricky getting it right, but VVPATs are the only way to go.) But the Edwards blog had the most lively discussion by far. They have a very interactive online organization.

The Obama live blog included several threads supposedly by topic, but not a lot of responses. It would've been better just keeping them all in one place. I commented on the Clinton blog and it came up pretty quickly considering the comment moderation (which I must add is absoltely essential on a Presidential blog). Unfortunately, I don't think many bloggers or people involved in the Clinton campaign knew they were liveblogging there so there weren't very many people participating. (Of course, maybe they were all in SF partying!) Check out the HillaryClinton.com blog for a post about their 30 second video contest finalist ads.

Jerome Armstrong at myDD.com had a really good post and the comments there were interesting. With over a thousand comments in the collective Daily KOS threads, of course there were some echoing what we were saying on BlogHer, but it was a lot easier to follow all of the discussion on the BlogHer site with fewer participants. All in all, it was a great way to watch the debate.

...
Originally posted at sairy.com, the personal blog of FutureCampaigns founder, Sarah Granger.

A Preview of New Congress's Tech Policy Agenda

Here is what Cameron Wilson, the USACM Public Policy Director says about what the new Democratic-led Congress will be doing with respect to technology policy. He focuses on six big areas that have been in focus by recent administrations: innovation, offshoring, privacy, copyright, e-voting, and Internet regulation.

Here's what's not on that list. First, biometrics and national IDs. Even with conservatives in the minority, this probably won't go away. It's scary because those things don't actually give us greater security although we might think they will. But my guess is this will continue to be something that's discussed in the name of security. As to Homeland security, I think Democrats will step it up a notch as they're able. (I think a Democratic president or Guiliani or McCain would also do this after '08 though.) I also think that the Dems will put a stop to all of this wiretapping and over-the-top surveillance that's borderline unconstitutional.

As to the six main categories, I can only hope the VVPAT bill goes national so we can make sure that when (not if) e-voting machines fail we have some way of verifying the votes cast. In the globalization arena, yes - we must deal with these visa issues. All of the talk about immigration problems is always about illegals but what about the workers who are skilled who come to this country to take jobs and then can't get them because of visa problems on our end? That's just silly. And yes, education's a factor here - we need to be training more skilled tech workers here, but that's another issue. As to IP, I can only hope the DMCA is reduced to rubble but that may be a pipe dream since so many Hollywood are tied to the Democratic party.

...
Originally posted at sairy.com, the personal blog of FutureCampaigns founder, Sarah Granger.

E-Voting Dilemma? We Have Two Options Left

It's election time again and electronic voting machines are back on top in the news.  "Hacking Democracy" aired on HBO this week, articles are still surfacing about Maryland's problems with electronic voting machines in their primary, and already a plethora of problem reports from machine pre-tests are rolling in.  If you voted absentee already, you can sigh in relief that you're done.  For everybody else, read on.

In order to make sure this post is taken seriously, here's why I'm qualified to write about this topic:  I've worked in computer and network security for several years, I've written about a wide range of security topics for reputed publications, I have edited three books on computer security, and I'm a member of the U.S. Association for Computing Machinery Public Policy Committee.  I have also worked in the past with the Electronic Frontier Foundation and the Computer Professionals for Social Responsibility, both of whom have worked closely with the Verified Voting Foundation.

The organizations noted above have worked extremely hard to guarantee a voter-verifiable paper audit trail (VVPAT) in all future elections.  They succeeded in California but not every state has been so lucky.  And, I might add, here in California the machines we're using are not entirely without bugs, errors, or security concerns.  For example, San Mateo County is using eSlate (by Hart InterCivic) handheld devices not unlike PDAs.  In Calloway County, Kentucky, votes have been switched on straight tickets from all Democrats to all Republicans when the results were sent to the review screen.  This is happening across the country with machines made by all four major e-voting machine companies, flipping both ways.

The way I see it, we only have two options left as voters.

Option 1: If you have a machine that provides the option to verify your vote with a paper audit trail, you can do so at the end of the voting process.  This is the voter's responsibility, not the volunteers at the polls.  And it is still possible that the vote recorded is not the same as the vote printed.  Aside from that, most states do not have adequate processes in place for reporting errors.  Do this at your own risk, but if you decide to use an e-voting machine, please participate in Verified Voting's Election Transparency Project.

Option 2: If you have an electronic voting machine that does not request a paper ballot.  These are real ballots, not provisional ballots.  They will be counted on election day and verified.  It's old tech and it won't work for some people with disabilities, but it's safe and it's proven.  For those of you who are not lucky enough to have real paper ballots available but instead are granted provisional paper ballots only, file a complaint.

I don't think anyone needs to be reminded that our democracy is at stake here.  To see up-to-date results on errors being reported around the country, goto VotersUnite.org.  For more information about the importance of VVPATs or to participate in the Election Transparency Project, check out VerifiedVoting.org.  HBO's documentary, "Hacking Democracy", will be aired again Tuesday morning.

...
Originally posted at the Silicon Valley Moms Blog.

Errors Reported in E-Voting Machines Across the Country

It's started. The reports are coming in - errors in many kinds of electronic voting machines around the country are occurring and they're major. VotersUnite.org has a great Election Problem Log page where they report any problem noted in the media.

Florida, Kentucky, Ohio, Texas, California, Indiana, Kansas, New Mexico, South Carolina, Tennessee, Colorado, Illinois, Pennsylvania, Arkansas, Washington, Michigan, Maryland, Virginia and Nevada have all reported errors so far.

Do what you can - request a paper ballot.

And check out HBO's documentary, "Hacking Democracy" airing Tuesday.

...
Originally posted at sairy.com, the personal blog of FutureCampaigns founder, Sarah Granger.

Fixing E-Voting

Thursday, two esteemed colleagues from the USACM Public Policy Committee, Barbara Simons and Ed Felten, two experts on computers and voting machines, testified in a Congressional hearing on electronic voting. More specifically, they stressed that we need a voter verifiable paper audit trail (VVPAT) or a or voter verified paper ballot (VVPB) for these machines. This isn't anything new; unfortunately, it just takes this long for Congress to start listening to this type of concern when it's already been a serious problem for a few years.

Two weeks ago, Dr. Felten and his staff at Princeton, released a report based on a study they conducted on the Diebold AccuVote-TS, a Direct Recording Electronic (DRE) device, that proved that this particular machine could be hacked in under a minute with "little if any risk of detection."

So yes, when the Diebold people (a company run by active, known Republicans) told Bush they would "deliver Ohio", they could have meant they would make sure he won there. Felten noted that "injecting a virus into a single computerized voting machine can affect an entire election." In other words, the people who were out there on the fringe saying Bush stole two elections could be right. (I'm not saying they are; I'm only saying it's now been scientifically and technically proven that it was a possibility.)

Here's a simple scenario on how it would work (so easy a dog could be trained to do it):

1) E-Voting machine is delivered to polling place and/or poll worker the week of the election.
2) Machines are initially tested to make sure they work. Someone is given one physical key. Then they leave.
3) Any time over the next few days, that person or another person (most likely a poll worker - they are unsupervised but would have easiest access) with the same key (there are only a few versions for over ten thousand machines, like hotel minibars) comes in, unlocks the back of one machine.
4) That person inserts a memory card and the card automatically uploads a virus. The person (or dog) then removes the card, locks the machine and leaves. Boom - done. Election won. The whole process takes under one minute.
5) The machine is given its pre-election test the day before or day of the election with no detection of the virus.
6) As the votes are processed, the virus changes them.
7) The virus then deletes itself in order to remove the evidence that it was there. The program is simple enough to write that even I could do it (and that's saying something).

So in order to prevent this sort of thing from happening (again?), here is what needs to be done in order to create machines and process that are truly secure and can provide a system that we can be reasonably sure produces accurate results:

- Collaboration of technical and election communities
- Increased use of independent technical security experts
- Further research to improve the voting systems
- More accessibility to companies designing these products
- More secure physical and crypto keys
- More robust hardware and software design
- Rigorous testing by third party experts
- Removed/reduced and/or encrypted access for random memory cards
- Stricter certification process
- Deployed with safeguards against failure
- Heightened security training and processes for poll workers
- Routine random manual audits
- Policies and procedures that guarantee the integrity of the paper and the quality of the printers used for printed paper trails
- Mandatory manual recounts
- Increased accountability

This may still seem like a complex problem and it is, but the best way to circumvent continued issues is with a verifiable paper trail, regardless of the system used. That's all we can hope for with one month until election day.

See also: RFK Jr's article in Rolling Stone.

...
Originally posted at sairy.com, the personal blog of FutureCampaigns founder, Sarah Granger.

Listen to Ed Felten Re: Voting Technology

Ed Felten, Princeton Professor of Computer Science and Public Affairs, also known for Felton v. RIAA and Freedom-To-Tinker, spoke with Scott Simon on NPR about an voter verifiable paper trail for electronic voting systems today.

A lot is happening right now with respect to e-voting with recent and upcoming elections, particularly with recent problems in Maryland. Check out the recording. He also spoke on "Science Friday" on voting technology yesterday.

Aside: I just found out that Ed Felten and Barbara Simons both been invited to testify at a Congressional hearing on voting technology Thursday at 10am (in room 1310 LHOB if you are in DC) and will be webcast. See also: USACM weblog.

...
Originally posted at sairy.com, the personal blog of FutureCampaigns founder, Sarah Granger.