Saturday, January 05, 2008

NYTimes: Can You Count On These Machines?

Sunday's New York Times Magazine has a 7800+ word feature story on electronic voting, "Can You Count On These Machines?" The column is already online, spanning ten pages on the NYT website. As I read it I excerpted many passages I thought I might want to comment on, collectively about 1/3 of the article. As I work through a second pass to lay it out for you here, I will try to limit that further. For starters I would say the article really doesn't provide much substantial new information and performs worse still as a matter of framing.

http://www.nytimes.com/2008/01/06/magazine/06Vote-t.html

January 6, 2008
Can You Count On These Machines?
By CLIVE THOMPSON

This article will appear in this Sunday's issue of the magazine.

...

For a while, it had looked as if things would go smoothly for the Board of Elections office in Cuyahoga County...Then at 10 p.m., the server suddenly froze up and stopped counting votes...No one could figure out what was wrong. So, like anyone faced with a misbehaving computer, they simply turned it off and on again. Voilà: It started working - until an hour later, when it crashed a second time. Again, they rebooted. By the wee hours, the server mystery still hadn't been solved.

...

Introduced after the 2000 hanging-chad debacle, the machines were originally intended to add clarity to election results. But in hundreds of instances, the result has been precisely the opposite: they fail unpredictably, and in extremely strange ways; voters report that their choices "flip" from one candidate to another before their eyes; machines crash or begin to count backward; votes simply vanish. (In the 80-person town of Waldenburg, Ark., touch-screen machines tallied zero votes for one mayoral candidate in 2006 - even though he's pretty sure he voted for himself.) Most famously, in the November 2006 Congressional election in Sarasota, Fla., touch-screen machines recorded an 18,000-person "undervote" for a race decided by fewer than 400 votes.
So opens the expose, providing a little background and clearly setting the stage for the no basis for confidence meme, which is never explicitly stated. In fact, for the appearance of balance, the article goes on to quote renowned electronic voting machine apologist Michael Shamos, who often gives the appearance of acknowledging real problems while simultaneously minimizing and discounting them with subtle reframing:
It's difficult to say how often votes have genuinely gone astray. Michael Shamos, a computer scientist at Carnegie Mellon University who has examined voting-machine systems for more than 25 years, estimates that about 10 percent of the touch-screen machines "fail" in each election. "In general, those failures result in the loss of zero or one vote," he told me. "But they're very disturbing to the public."
The majority of this article shows Shamos' quote to be ridiculous on its face. With such limited auditing of the machines we can't really know what percentage of them fail nor can we know the true extent of known failures. What we know is that our elections are unverifiable so the outcomes are necessarily inconclusive. Such inherent uncertainty is fueled by paperless electronic voting machines that prohibit the possibility of a recount:
During this year's presidential primaries, roughly one-third of all votes will be cast on touch-screen machines. (New Hampshire voters are not in this group; they will vote on paper ballots, some of which are counted in optical scanners.) The same ratio is expected to hold when Americans choose their president in the fall. It is a very large chunk of the electorate. So what scares election observers is this: What happens if the next presidential election is extremely close and decided by a handful of votes cast on machines that crashed? Will voters accept a presidency decided by ballots that weren't backed up on paper and existed only on a computer drive? And what if they don't?
What if they don't? What if, huh? Have we learned anything in the past seven years? Certainly a lot of information not immediately available to us in the aftermath of the 2000 election has since emerged to enable our understanding of a completely and intentionally broken process. Last August, Dan Rather presented an investigative report on HDNet (thanks BradBlog for the archive) that revealed Palm Beach County's ballots were knowingly foisted upon them with flaws. I noted the Times' failure to mention this at what seemed an opportune spot in the article (though it is mentioned toward the end of the piece):
The 2000 election illustrated the cardinal rule of voting systems: if they produce ambiguous results, they are doomed to suspicion. The election is never settled in the mind of the public. To this date, many Gore supporters refuse to accept the legitimacy of George W. Bush's presidency; and by ultimately deciding the 2000 presidential election, the Supreme Court was pilloried for appearing overly partisan.

Many worried that another similar trauma would do irreparable harm to the electoral system. So in 2002, Congress passed the Help America Vote Act (HAVA), which gave incentives to replace punch-card machines and lever machines and authorized $3.9 billion for states to buy new technology, among other things. At the time, the four main vendors of voting machines - Diebold, ES&S, Sequoia and Hart - were aggressively marketing their new touch-screen machines. Computers seemed like the perfect answer to the hanging chad. Touch-screen machines would be clear and legible, unlike the nightmarishly unreadable "butterfly ballot." The results could be tabulated very quickly after the polls closed. And best of all, the vote totals would be conclusive, since the votes would be stored in crisp digital memory. (Touch-screen machines were also promoted as a way to allow the blind or paralyzed to vote, via audio prompts and puff tubes. This became a powerful incentive, because, at the behest of groups representing the disabled, HAVA required each poll station to have at least one "accessible" machine.)
What a completely bogus and false premise: electronic voting results are conclusive. How so? Corporate trade secrecy says otherwise. This is a gigantic example of how the media continues to shape perceptions of fundamentally flawed aspects of democracy. Even before the no basis for confidence meme had crystallized in my mind and pervaded my writing, I had the basic notion down as early as November 28, 2000, right in the middle of the prolonged recount battle between Bush, Gore, and the intellectually dishonest Supreme Court.

The Times' article next turns attention to Ohio, describing the use of Diebold TSx touch-screen machines, confusing paper trails with paper ballots and also wrongly concluding (with no evidence) it would take weeks to count:
Under Ohio law, the paper copy is the voter's vote. The digital version is not. That's because the voter can see the paper vote and verify that it's correct, which she cannot do with the digital one. The digital records are, in essence, merely handy additional copies that allow the county to rapidly tally potentially a million votes in a single evening, whereas counting the paper ballots would take weeks.

...

[Referring to the May 2006 primary in Cuyahoga County]...poll workers complained that 143 machines were broken; dozens of other machines had printer jams or mysteriously powered down. More than 200 voter-card encoders - which create the cards that let voters vote - went missing. When the machines weren't malfunctioning, they produced errors at a stunning rate: one audit of the election discovered that in 72.5 percent of the audited machines, the paper trail did not match the digital tally on the memory cards.

...

Still, the events of Election Day 2007 showed just how ingrained the problems with the touch-screens were. The printed paper trails caused serious headaches all day long: at one polling place, printers on most of the machines weren't functioning the night before the polls opened. Fortunately, one of the Election Day technicians was James Diener, a gray-haired former computer-and-mechanical engineer who opened up the printers, discovered that metal parts were bent out of shape and managed to repair them. The problem, he declared cheerfully, was that the printers were simply "cheap quality" (a complaint I heard from many election critics). "I'm an old computer nerd," Diener said. "I can do anything with computers. Nothing's wrong with computers. But this is the worst way to run an election."

He also pointed out several other problems with the machines, including the fact that the majority of voters he observed did not check the paper trail to see whether their votes were recorded correctly - even though that paper record is their legal ballot. (I noticed this myself, and many other poll workers told me the same thing.) Possibly they're simply lazy, or the poll workers forget to tell them to; or perhaps they're older and couldn't see the printer's tiny type anyway. And even if voters do check the paper trail, Diener pointed out, how do they know the machine is recording it for sure? "The whole printing thing is a farce," he said.

...

The Nov. 6 [2007] vote in Cuyahoga County offered a sobering lesson. Having watched Platten's staff and the elections board in action, I could see they were a model of professionalism. Yet they still couldn't get their high-tech system to work as intended. For all their diligence and hard work, they were forced, in the end, to discard much of their paper and simply trust that the machines had recorded the votes accurately in digital memory.

THE QUESTION, OF COURSE, is whether the machines should be trusted to record votes accurately...One might expect computer scientists to be fans of computer-based vote-counting devices, but it turns out that the more you know about computers, the more likely you are to be terrified that they're running elections.
The article mentions that Diebold voting systems are built on notoriously buggy Windows platforms on which unanticipated voter behaviors have caused system crashes. And the REAL QUESTION, (OF COURSE), is not whether any specific machine is worthy of trust but rather whether it is appropriate for election results to require our trust, as opposed to providing verifiable outcomes reflecting an actual rational basis for voter confidence in the reported results.
In the infrequent situations where computer scientists have gained access to the guts of a voting machine, they've found alarming design flaws. In 2003, Diebold employees accidentally posted the AccuVote's source code on the Internet; scientists who analyzed it found that, among other things, a hacker could program a voter card to let him cast as many votes as he liked. Ed Felten's [Princeton University] lab, while analyzing an anonymously donated AccuVote-TS (a different model from the one used in Cuyahoga County) in 2006, discovered that the machine did not "authenticate" software: it will run any code a hacker might surreptitiously install on an easily insertable flash-memory card.
That graf sent up a red flag for me because I remember the report of Felton's hack, and recall that BradBlog was the supposedly anonymous machine donor. Sure enough, in his own coverage of the Times story, Brad Friedman calls out Felton for continuously depriving him of due credit.

Like I said, this is a long article. Toward the end, the Times gets around to talking about the secrecy of electronic voting systems:
But the truth is that it's hard for computer scientists to figure out just how well or poorly the machines are made, because the vendors who make them keep the details of their manufacture tightly held. Like most software firms, they regard their "source code" - the computer programs that run on their machines - as a trade secret. The public is not allowed to see the code, so computer experts who wish to assess it for flaws and reliability can't get access to it. Felten and voter rights groups argue that this "black box" culture of secrecy is the biggest single problem with voting machines. Because the machines are not transparent, their reliability cannot be trusted.
Secrecy is indeed at the heart of the issue, but not because the lack of transparency makes the machines untrustworthy. Again, it is because trust is not an appropriate part of the equation. This is the most basic element of the election integrity message.
If the machines are tested and officials are able to examine the source code, you might wonder why machines with so many flaws and bugs have gotten through. It is, critics insist, because the testing is nowhere near dilligent enough, and the federal regulators are too sympathetic and cozy with the vendors. The 2002 federal guidelines, the latest under which machines currently in use were qualified, were vague about how much security testing the labs ought to do. The labs were also not required to test any machine's underlying operating system, like Windows, for weaknesses.

Vendors paid for the tests themselves, and the results were considered proprietary, so the public couldn't find out how they were conducted. The nation's largest tester of voting machines, Ciber Inc., was temporarily suspended after federal officials found that the company could not properly document the tests it claimed to have performed.
Testing, like trust, is a red herring. A test on one machine is not indicative of the performance of any other machine, even if they are the same make and model. Further, testing of any given machine is not proof of how that same machine will perform in an actual election. Yet more context:
The upshot is a regulatory environment in which, effectively, no one assumes final responsibility for whether the machines function reliably. The vendors point to the federal and state governments, the federal agency points to the states, the states rely on the federal testing lab and the local officials are frequently hapless.

This has created an environment, critics maintain, in which the people who make and sell machines are now central to running elections. Elections officials simply do not know enough about how the machines work to maintain or fix them. When a machine crashes or behaves erratically on Election Day, many county elections officials must rely on the vendors - accepting their assurances that the problem is fixed and, crucially, that no votes were altered.

In essence, elections now face a similar outsourcing issue to that seen in the Iraq war, where the government has ceded so many core military responsibilities to firms like Halliburton and Blackwater that Washington can no longer fire the contractor. Vendors do not merely sell machines to elections departments. In many cases, they are also paid to train poll workers, design ballots and repair broken machines, for years on end.

"This is a crazy world," complained Ion Sancho, the elections supervisor of Leon County in Florida. "The process is so under control by the vendor. The primary source of information comes only from the vendor, and the vendor has a conflict of interest in telling you the truth. The vendor isn't going to tell me that his buggy software is why I can't get the right time on my audit logs."
The Times article makes further Florida reference, finally connecting the dots between Dan Rather's HDNet report, known problems with ES&S voting machines reported by the vendor but ignored by election administrators, and the 18,000 undervotes in the November 2006 Jennings/Buchanan election for Florida's 13th district Congressional seat. Smoothly segueing to Pennsylvania...
But what's notable about Centre County is that it uses the iVotronic - the very same star-crossed machine from Sarasota [County, FL]. Given the concerns about the lack of a paper trail on the iVotronics, why didn't Centre County instead buy a machine that produces a paper record? Because Pennsylvania state law will not permit any machine that would theoretically make it possible to figure out how someone voted. And if a Diebold AccuVote-TSX, for instance, were used in a precinct where only, say, a dozen people voted - a not-uncommon occurrence in small towns - then an election worker could conceivably watch who votes, in what order, and unspool the tape to figure out how they voted. (And there are no alternatives; all touch-screen machines with paper trails use spools.) As a result, nearly 40 percent of Pennsylvania's counties bought iVotronics.
Unverifiable conditions in any location leave no basis for confidence in federal election results, which therefore justify protest and rejection of results in every location. Finally bringing the article to a close, optical scanners are mentioned with barely a perfunctory caution for their known flaws.
GIVEN THAT THERE IS NO perfect voting system, is there at least an optimal one? Critics of touch-screen machines say that the best choice is "optical scan" technology. With this system, the voter pencils in her vote on a paper ballot, filling in bubbles to indicate which candidates she prefers. The vote is immediately tangible to the voters; they see it with their own eyes, because they personally record it. The tallying is done rapidly, because the ballots are fed into a computerized scanner. And if there's a recount, the elections officials can simply take out the paper ballots and do it by hand.

...

Still, optical scanning is hardly a flawless system. If someone doesn't mark a ballot clearly, a recount can wind up back in the morass of arguing over "voter intent." The machines also need to be carefully calibrated so they don't miscount ballots. Blind people may need an extra device installed to help them vote. Poorly trained poll workers could simply lose ballots. And the machines do, in fact, run software that can be hacked: Sancho himself has used computer scientists to hack his machines. It's also possible that any complex software isn't well suited for running elections. Most software firms deal with the inevitable bugs in their product by patching them; Microsoft still patches its seven-year-old Windows XP several times a month. But vendors of electronic voting machines do not have this luxury, because any update must be federally tested for months.
That may be the letter of the law, but there may be no such vendor compliance. In 2004, a CA Secretary of State investigation of Diebold revealed the company had illegally installed uncertified software in all 17 CA counties using its machines.
There are also serious logistical problems for the states that are switching to optical scan machines this election cycle. Experts estimate that it takes at least two years to retrain poll workers and employees on a new system; Cuyahoga County is planning to do it only three months. Even the local activists who fought to bring in optical scanning say this shift is recklessly fast - and likely to cause problems worse than the touch-screen machines would. Indeed, this whipsawing from one voting system to the next is another danger in our modern electoral wars. Public crises of confidence in voting machines used to come along rarely, every few decades. But now every single election cycle seems to provoke a crisis, a thirst for a new technological fix. The troubles of voting machines may subside as optical scanning comes in, but they're unlikely to ever go away.
This just plainly leaves a false impression. Optical scanners have been proven every bit as vulnerable to tampering as touch-screen machines and operate in just as much secrecy. Further, no mention is made of touch-screen opponents who also reject optical scanners and prefer instead to count paper ballots by hand.

As I mentioned last night, this lengthy article, while offering some reasonable context for newbies to election integrity issues, serves only to reinforce the inherent uncertainty of election results produced under current election conditions. We have no reason to expect anything different from a newspaper that lead the cheerleading for war in Iraq, suppressed its own reports of criminal activity in the White House, and continues daily to treat the horse race of political theater as a legitimate campaign for votes that can never be tallied with certainty. Perhaps the final nail in the coffin of credibility for the Times was the recent announcement that neocon spokesliar Bill Kristol has been hired as an opinion columnist. Backlash commentary is widespread.

Permalink:
http://wedonotconsent.blogspot.com/2008/01/nytimes-can-you-count-on-these-machines.html


Labels: , , , , , , , , , ,

Posted by Dave Berman - 6:50 PM | Permalink
Comments (0 So Far) | Top of Page | WDNC Main Page
As shown on
Dave's new blog,
Manifest Positivity

We Do Not Consent, Volume 1 (left) and Volume 2 (right), feature essays from Dave Berman's previous blogs, GuvWurld and We Do Not Consent, respectively. Click the covers for FREE e-book versions (.pdf). As of April 2010, paperbacks are temporarily out of print. Click here for the author's bio.

Back Page Quotes

"Give a damn about the world you live in? Give a damn about what you and I both know is one of the most shameful and destructive periods in American history? If so, do something about it. You can start by reading We Do Not Consent."

— Brad Friedman, Creator/Editor, BradBlog.com; Co-Founder, VelvetRevolution.us


"If in the future we have vital elections, the "no basis for confidence" formulation that GuvWurld is popularizing will have been a historically important development. This is true because by implicitly insisting on verification and checks and balances instead of faith or trust in elections officials or machines as a basis for legitimacy, it encourages healthy transparent elections. It’s also rare that a political formulation approaches scientific certainty, but this formulation is backed up by scientific principles that teach that if you can’t repeat something (such as an election) and verify it by independent means, it doesn’t exist within the realm of what science will accept as established or proven truth."

— Paul Lehto, Attorney at Law, Everett, WA


"Dave Berman has been candid and confrontational in challenging all of us to be "ruthlessly honest" in answering his question, "What would be better?" He encourages us to build consensus definitions of "better," and to match our words with actions every day, even if we do only "the least we can do." Cumulatively and collectively, our actions will bring truth to light."

— Nezzie Wade, Sociology Professor, Humboldt State University and College of the Redwoods


"Dave Berman's work is quietly brilliant and powerfully utilitarian. His Voter Confidence Resolution provides a fine, flexible tool whereby any community can reclaim and affirm a right relation to its franchise as a community of voters."

— Elizabeth Ferrari, San Francisco, Green Party of California


"This is an important collection of essays with a strong unitary theme: if you can't prove that you were elected, we can't take you seriously as elected officials. Simple, logical, comprehensive. 'Management' (aka, the 'powers that be') needs to get the message. 'The machines' are not legitimizers, they're an artful dodge and a path to deception. We've had enough...and we most certainly DO NOT consent."

— Michael Collins covers the election fraud beat for "Scoop" Independent Media


"What's special about this book (and it fits because there's nothing more fundamental to Democracy than our vote) is the raising of consciousness. Someone recognizing they have no basis for trusting elections may well ask what else is being taken for granted."

— Eddie Ajamian, Los Angeles, CA


"I urge everyone to read "We Do Not Consent", and distribute it as widely as possible."

— B Robert Franza MD, author of We the People ... Have No Clothes: A Pamphlet for every American