No doubt Los Angeles County’s VSAP (“Voting Solutions for All People”) rollout will not be covered as a debacle. The real question is: If there were a debacle — like, say, a case of election fraud — would we even know? Doubtful.
Just what we want in a voting system! In this post, I’ll give a brief overview of issues with electronic voting. Then I’ll look at VSAP as an institution. Next, I’ll show why the VSAP system is not only insecure, but likely to make money-in-politics even worse than it already is.
We’ve covered electronic voting before — see here, here, and here — and if you want to understand why hand-marked paper ballots, hand-counted in public (HMPBCP) is the world standard, you can read them, especially the first. In this overview, I’ll make a few high-level observations about electronic voting in general.
Digital systems can never be shown not to have bugs. As Computer Science Elder God Edgers Dijkstra wrote: “Program testing can be used to show the presence of bugs, but never to show their absence!” Many bugs in many important programs persist for years before they are discovered. A list would include Flash in IE6 (persisted 12 years), OpenSSL (15 years), LZO data compression (18 years), and bash (25 years). None of these examples are outlier programs or trivial; they are all used by millions, essential to enterprises, networks, etc. Each of these bug is an insecurity waiting to happen. And that’s before we get to Trojan Horses, which are bugs introduced deliberately by a developer for purposes of their own. In fact, I would go so far as to argue that any voting system decision maker who advocates electronic voting is doing so for reasons other than security, given that HMPBCP is available, which amounts to saying that such a decision maker regards a certain amount of exploited bugs — election fraud — as acceptable.
Now, of course we all use programs all the time: We have programs to turn on our lightbulbs, call cabs, download pr0n, etc. I’m using a program now to write this post! However, if we put voting machine software on the same plane as commercial software, we’re arguing that a central-to-mission function of democracy — the vote — is on the same plane as the very convenient ability to check the contents of our refrigerator from our cellphone. Lest I be thought curmudgeonly in this, recall the example of Bolivia, where one reason the vote was challenged was the use of an unauthorized server for data transmission of the count. Contrast that with the recent vote in Hong Kong, where there were many images of people marking paper ballots, and of people counting them, in public (in fact, of people demanding to be let in to observe). Imagine if electronic systems had been used: First, the Mainland would have had every incentive to have compromised the software, and might well have done so successfully; second, electronic systems, because they are always buggy, are always open to challenge. The fallout could have been extremely ugly at the geopolitical level. Nor would the people’s will have been respected.
With that, lets turn to Los Angeles County and VSAP. As with any software project, we need to understand the requirements. Here is what I can find on the extremely spiffy and well-budgeted VSAP site: “The Design Concepts“:Read the rest of the story HERE.
If you like what you see, please "Like" us on Facebook either here or here. Please follow us on Twitter here.
No comments:
Post a Comment