NY TIMES FINALLY NOTICES ITS OWN STORY

||||||||||||||||||||||||||||||||||||||||||||||||||||||||

THE NY TIMES Magazine has finally run a major story on the problems with
computerized voting. As Brad Blog reports, "The massive Clive Thompson
article, titled 'The Bugs in the Machines,' is quite chilling. 'After
the 2000 election,' it opens, 'counties around the country rushed to buy
new computerized voting machines. But it turns out that these machines
may cause problems worse than hanging chads. Is America ready for
another contested election?' One key passage: 'The earliest critiques of
digital voting booths came from the fringe --- disgruntled citizens and
scared-senseless computer geeks --- but the fears have now risen to the
highest levels of government.'"

Which sounds good except for one thing: the NY Times ran a story raising
many of these issues over 20 years ago. On July 29, David Burnham's
story began:

"The computer program that was used to count more than one-third of the
votes cast in the Presidential election last year is very vulnerable to
manipulation and fraud, according to expert witnesses in court actions
challenging local and Congressional elections in three states. The
allegations that vote tallies calculated with the widely used computer
system may have been secretly altered have raised concern among election
officials and computer experts. That is because of the rapidly
increasing use of such systems, the lack of Federal or state standards
that mandate specific safeguards and the widespread lack of computer
skills among most local voting authorities. One expert says that "about
10 percent" of the devices fail in each election."

Twenty years ago, Ronnie Dugger addressed many of these issues in a New
Yorker article. And here is what we wrote the same year:

PROGRESSIVE REVIEW, 1988 - More than half the ballots cast on Election
Day were highly vulnerable to fraud and error according to two reports
recently released by the Urban Policy Research Institute and Computer
Professionals for Social Responsibility. These ballots were counted by
computerized systems that, according to UPRI, can be affected by
"various kinds of threats, error and manipulation." A single person can
alter the outcome of any computerized election by tinkering with the
computers, vote-counting software or machine readable ballots.

The UPRI report blames the vulnerability on inadequate procedural
safeguards and on the vote-tallying systems themselves. The systems
often prove to be too complex for local election officials to administer
and can conceal evidence of tampering. In addition, they lack audit
trails which would permit reconstruction of questionable election
results. There have been law suits in four states, each of which
involving vote-counting systems from the same vendor, whose products
dominate the market. IBM dropped out of the election computer market
after a 1970 election in Los Angeles using punch-card ballots was
challenged with allegations of fraud.

Today, most election systems, according to the CPSR report, are
purchased from small firms, some with just a few employees. CPSR points
out that "elections computer programs are not subject to design or
source code inspections by independent auditors outside the vendor, as
banking software is." Even if elections officials had access to the
source codes, "few would be able to obtain the resources to determine
its quality."

In fact, CSPR report authors Bob Wilcox and Enk Nilsson suggest that the
sloppy way in which some computer programs are created (and in some
cases subsequently discarded) makes it difficult for even professionals
"to determine if the program is designed correctly." The problem is not
theoretical. In 1980, a programming error during the president primary
count led California election computers in one county to give 15,000
votes belonging to Jimmy Carter and Ted Kennedy to Lyndon Larouche and
Jerry Brown. In Gwinnet County, Georgia, the results of a close race
were reversed after discovery of a computer hardware error. In Moline,
Illinois, a faulty timing belt slipped intermittently on one card
reader, leading to a miscount in which a candidate actually took office
and then had to give it up. And a National Bureau of Standards report
lists computer difficulties in 26 recent elections.

The possibilities for accidental or deliberate mischief are legion:

- Punch card ballots can be invalidated by adding an extra punch or two.

- Bogus ballots can be added or removed.

- Punched out dots can fall onto the next ballot in the stack, covering
a hole and erasing-a vote.

- Orientation marks on ballots, that tell the computer how to read the
ballot, can be misprinted or mispunched.

- Supposedly secret passwords can be leaked, allowing unlawful entry to
the system.

- "Trapdoors" can be surreptitiously opened within the system, causing
miscounts and then closing themselves with no record that they ever
existed.

- "Time bombs" allow a computer to act in a certain way at a certain
time, say election day, again with no record, but in this case the
practitioner doesn't even have to be present.

- "Trojan horses" do their mischief by hiding inside another program,
perhaps one that prints up election results as bar charts. According to
UPRI, "Once election officials open the gates by using the bar chart
program, the Trojan horse can let out its software soldiers and
manipulate the vote-counting procedure, first turning off the computer's
record-keeping system or audit trail.

Two Princeton computer scientists reviewed the most common computer
vote-tallying system and found the software so poorly designed that it
was virtually impossible to guarantee its functions. Another computer
scientist called the system "a bucket of worms" with over confusing,
badly written instructions, all of which must perfectly for the election
results to be properly tallied and reported. CPSR has come up with a
program for improving election accuracy and security. Its
recommendations include:

- Independent review of software

- Separation of functions and powers within the election system, so
that, for example, ballot creation, elections, and election analysis
would be done by different people with different software

- Making sure that citizens and not computer experts run elections.

- Checking ballots for validity before they leave a precinct.

- Reducing or eliminating human interaction with computers on election
day.

- A complete record of all elections with an adequate audit trail.

NEW YORKER ARTICLE
http://www.newsgarden.org/columns/dugger.shtml

NEW YORK TIMES ARTICLE
http://www.newsgarden.org/columns/burnham1.shtml

||||||||||||||||||||||||||||||||||||||||||||||||||||||||