LinkBack URL
About LinkBacksThe Second report of the Commission for Electronic Voting has reported that while it can recommend the hardware for future use in Irish elections, it cannot recommend the use of existing election management software.
Source: Full report
The Second report of the Commission for Electronic Voting has reported that while it can recommend the hardware for future use in Irish elections, it cannot recommend the use of existing election management software.
Source: Full report
Under Review.
Line 2.
That's good news. One noticable quote in the report was that the paper system is "moderately superior" to the electronic system. At least the idea that an electronic system is innately better has been dumped.
In fairness it says that electronic voting has "the potential to be superior to the paper system in many significant respects concerning accuracy"Originally Posted by krayZpaving
While the Commission has recommended changes to the software which are going to cost a pretty penny it seems to me that they are stating clearly that if this is done then the electronic voting system we will have will indeed be innately better than the paper one.
I've just read the summary conclusions. It looks like the Commission put some thought into how it could save the Government's blushes, by accentuating positive aspects of the system. However the "election management software" is comprehensively damned as being unsuitable, buggy, poorly documented, unfinished and generally shoddy.
This is the software which is used to programme the voting machines (via their ballot modules) with the candidates and criteria for the poll. It is also used to aggregate the data from the ballot modules after the poll and prepare a "results file" which is transmitted (via sneakernet, i.e. somebody physically carrying a CD from one PC to another) to the counting computer. In other words it's an absolutely fundamental component of the system and if it is amenable to compromise and/or error then the entire system is effectively insecure.
I had the opportunity of a hands-on experience with this software and posted my findings to the ICTE mailing list (Irish Citizens for Trustworthy E-Voting). I got in a bit of trouble for doing so, as I was only supposed to have access to the system for the purposes of setting up a demonstration of one of the machines. I do regret that I didn't clear this with the people I was working with at the time, but I also feel that this information should have been in the public domain in any case. How are we supposed to have confidence in a system if we're not allowed see how it works?
In short, the software sucked, and I'm delighted to see the Commission has now endorsed this view.
However, I still hold to the view held by ICTE, which is that the notion that a totally "secure" system can be achieved is a misconception. The Commission may have established to their satisfaction that certain elements of the system are adequately secure, but this required lengthy and costly testing. Such an exercise would really have to be carried out before every election, unless there was some way of guaranteeing that absolutely no changes had been made to the hardware or software between elections. As the software is in continuous development, this is unlikely to be possible.
The Government really needs to accept that a Voter-Verifiable Audit Trail is an absolute precondition for any electronic voting system. I take it from Bertie's comments in the Dáil last week that this still hasn't happened.
Only if the vote-counting rules are changed to allow proportional distribution of surpluses. This could also be achieved in a paper system - they do it in the North.
They're saying it "has the potential" to be more accurate, but this is not the only criterion for a "better" voting system, especially as any improvements in accuracy will be marginal. If marginal improvements in accuracy come at the expense of a major loss of trustworthiness, then I wouldn't see such a system as "better".While the Commission has recommended changes to the software which are going to cost a pretty penny it seems to me that they are stating clearly that if this is done then the electronic voting system we will have will indeed be innately better than the paper one.
No ganted, but I get the feeling that you see to believe that the paper system is a completly safe system. The whole point of the exercise is to compare it to the paper system, you are right when you say that a completly safe electronic system is impossible, but equally a completly safe paper system is impossible.Only if the vote-counting rules are changed to allow proportional distribution of surpluses. This could also be achieved in a paper system - they do it in the North.
They're saying it "has the potential" to be more accurate, but this is not the only criterion for a "better" voting system, especially as any improvements in accuracy will be marginal. If marginal improvements in accuracy come at the expense of a major loss of trustworthiness, then I wouldn't see such a system as "better".While the Commission has recommended changes to the software which are going to cost a pretty penny it seems to me that they are stating clearly that if this is done then the electronic voting system we will have will indeed be innately better than the paper one.
in fairness to the CEV the have brought out a very good and balanced report, im sure the government wont be happy that money has to be spent to get the software right, but in fairness I think they have dispelled the idea also that the paper system is flawless and cannot be improved on by a good electronic system.
I think its conclusions are quite clear, the current electronic machines are fine, but the software is not, however if the software is upgraded as recommended then the electronic system should be recommended for use (after testing) and would represent a significant improvement. Especially given the fact that for all the dodginess of the current software, still the paper system only came out marginally better, and even that is arguable.
I don't believe the paper system is 100% safe, but the point about the paper system is that the security measures in place are verifiable by the citizen, i.e. the entire process can be observed from polling through to counting and declaration of results. A great deal of trust in this system has been built up over the years and I think it is reasonable to be prejudiced in its favour, in other words to demand a greater level of assurance from any proposed replacement system.
If the proposed e-voting system were brought in, the vast majority of the processes involved in conducting an election would no longer be observable by the citizen. The point we've been making in ICTE is not that the paper system is inherently superior to electronic voting, but that any electronic voting system has to provide the same level of verifiability as the paper system. This means VVAT.
ICTE has never disputed that - after all we are "Irish Citizens for Trustworthy E-Voting".in fairness to the CEV the have brought out a very good and balanced report, im sure the government wont be happy that money has to be spent to get the software right, but in fairness I think they have dispelled the idea also that the paper system is flawless and cannot be improved on by a good electronic system.
They don't recommend that the software be upgraded, they recommend it be scrapped and replaced. Also I don't believe they make the case that it would represent a "significant improvement" - they say it "has the potential to deliver greater accuracy than the paper system and can provide similarly high levels of secrecy".I think its conclusions are quite clear, the current electronic machines are fine, but the software is not, however if the software is upgraded as recommended then the electronic system should be recommended for use (after testing) and would represent a significant improvement.
They say the paper system is "moderately superior overall" and only marginally superior in some respects.Especially given the fact that for all the dodginess of the current software, still the paper system only came out marginally better, and even that is arguable.
Given that the Manufacturers of the system were allowed to influence the content of the report, while the independent IT professionals and Academics were not allowed to see it until the final version (v6.3) turned up today, I fail to see how you can call it "balanced".No ganted, but I get the feeling that you see to believe that the paper system is a completly safe system. The whole point of the exercise is to compare it to the paper system, you are right when you say that a completly safe electronic system is impossible, but equally a completly safe paper system is impossible.Only if the vote-counting rules are changed to allow proportional distribution of surpluses. This could also be achieved in a paper system - they do it in the North.
They're saying it "has the potential" to be more accurate, but this is not the only criterion for a "better" voting system, especially as any improvements in accuracy will be marginal. If marginal improvements in accuracy come at the expense of a major loss of trustworthiness, then I wouldn't see such a system as "better".While the Commission has recommended changes to the software which are going to cost a pretty penny it seems to me that they are stating clearly that if this is done then the electronic voting system we will have will indeed be innately better than the paper one.
in fairness to the CEV the have brought out a very good and balanced report, im sure the government wont be happy that money has to be spent to get the software right, but in fairness I think they have dispelled the idea also that the paper system is flawless and cannot be improved on by a good electronic system.
I think its conclusions are quite clear, the current electronic machines are fine, but the software is not, however if the software is upgraded as recommended then the electronic system should be recommended for use (after testing) and would represent a significant improvement. Especially given the fact that for all the dodginess of the current software, still the paper system only came out marginally better, and even that is arguable.
The conclusions of the report are that the system doesn't work, that the hardware has the potential to do what it was designed to do, but it will have to be heavily modified to do what we actually need it to do.
The software is complete cr4p - it is still complete cr4p three years after we paid for it. If they haven't figured out how to make it work by now, what makes you think they can do it in the future?
The paper system works. It has flaws, but from both a security and secrecy perspective it is still better than the eVoting system.
The eVoting system has the POTENTIAL to be better than the paper system, but it isn't there yet.
I doubt the 1,294 voters in Dublin North whose votes were "lost" by the eVoting machines in the 2002 GE would agree with you that the "dodginess" of the current system is acceptable!
"Always do right. This will gratify some people and astonish the rest." Mark Twain
“When a government is dependent upon bankers for money, they and not the leaders of the government control the situation, since the hand that gives is above the hand that takes. Money has no motherland; financiers are without patriotism and without decency; their sole object is gain.” Napoléon Bonaparte
Well the manufacturers should have been allowed to contribute but not to influence the report.
I'd really like to see an explanation of the abilities of those who assessed the system initially. I wonder if these people had any published expertise on systems security.
And according to Part 3 Page 60, there was no line by line analysis of the code. That is worrying.The software is complete cr4p - it is still complete cr4p three years after we paid for it. If they haven't figured out how to make it work by now, what makes you think they can do it in the future?
I don't think that an eVoting system can ever be totally secure. Just reading the report, a number of immediate attacks that would work spring to mind.The eVoting system has the POTENTIAL to be better than the paper system, but it isn't there yet.
Regards...jmcc
From the CEV Report:
Under paper voting, both the method of expressing preferences and the point at which the ballot is cast are more easily understood and implemented; these features of the paper system are thus likely to deliver a more accurate expression of voter preferences, considering the full range of voter abilities. The paper system is superior in this respect.Tests carried out previously by the Commission for the purpose of its first report suggest that [the error rate in respect of the manual entry of pre-determined votes into the chosen system is 0.1% under “laboratory” conditions and 0.34% in the field. Significant also in this respect is that the Commission’s tests involved a three-way check on each ballot before it was cast. Although the number of postal votes is small relative to the total electorate, it is nonetheless likely that a small proportion of these votes would be entered incorrectly under the chosen system. The paper system is superior in this respect.Given the transparent conditions under which Irish elections are currently conducted in open public view using the paper method, the likely occurrence of major counting errors is extremely low, while
the likelihood of a widespread occurrence of such errors in such a way as to affect the overall outcome of an election is virtually nil. The chosen system does not offer the same levels of transparency in the gathering, translocation, sorting and counting of votes since these processes are
carried out by electronic means largely out of sight.Having regard to the fact that relatively minor programming and other errors in the design of electronic systems can have disproportionately large impacts on the tasks those systems have been
designed to carry out, it is clear that the potential for an inaccuracy in the counting of votes to go unnoticed is greater under an electronic system than under the paper system.
The likelihood and significance of widespread counting errors is magnified further by another characteristic of electronic systems that are made up of identical distributed devices running identical software, namely, that if a programming error is present in one device then, by definition,
it is more than likely to be present in all of them.Although these weaknesses of electronic systems generally can be largely overcome by rigorous design, testing and assurance stages, combined with the implementation of appropriate audit measures within such systems, the Commission’s work in relation to technical aspects of the chosen system suggests that these conditions are not met in respect of the chosen system at this time. The paper system is superior in this respect.C.10: Audit: Vote Recording
The vote recording process is audited under the paper voting system in the sense that the voter can physically inspect the ballot paper that will actually be counted by election officials before depositing it in the ballot box. Election observers at the count station then physically observe the
emptying of ballot boxes; these are opened by election officials facing towards the observers, to show they are fully empty so that all recorded votes cast are seen to be counted.
Under the chosen system, the voter sees a display on the voting machine showing the preferences that have been registered, and can check that these preferences correspond to the buttons pressed.
However, the voter has no way of verifying that what appears on the display is what is actually recorded electronically on the ballot module within the voting machine, transmitted to the count centre, loaded onto the count computers, and actually counted in the correct manner. This is because what is counted, the electronic vote, cannot physically be observed.
Although it is possible to audit the vote counting process of the chosen system by re-counting the same set of votes that were included in the original count (see below), this provides no assurances with regard to the vote recording process that has gone before. In response to this problem, laws have been enacted in the United States, where electronic voting is becoming increasingly widespread, requiring some form of paper audit trail to be implemented by electoral authorities who use electronic voting systems. This involves using voting machines that generate a printed version of the ballot. Where a voter verifiable paper audit trail is required, this paper ballot is typically kept behind a screen so that the voter cannot touch it. The voter must review the paper version and approve it as part of the act of casting a vote before it is deposited by the voting machine in a traditional ballot box at the same time as it records the vote electronically.
Similarly, in other countries that have adopted electronic voting, the vote is recorded on paper by the voter themselves in the first instance but in a format that is “machine-readable” and can subsequently be scanned or
otherwise read in by a machine, recorded electronically and thus incorporated in an electronic count.
In either case, the paper ballots are retained by election officials, with the consequence that an election can be fully audited with reference to manual vote records if required, using printed ballots that voters have seen and approved as reflecting their intentions. While the paper ballots may not necessarily require to be referred to in this way in every case, such a requirement may arise from a contested result, or it may be a sample count that is audited as part of routine checks to ensure the
system is working accurately.
Since the chosen electronic system does not have this facility, and while it does provide features to facilitate a degree of independent audit in its vote counting function, together with features that facilitate audit at the administrative level and confirmation of statutory compliance, it is not subject to any meaningful independent audit of its vote recording function. Thus the paper system is superior in this respect.
"Always do right. This will gratify some people and astonish the rest." Mark Twain
“When a government is dependent upon bankers for money, they and not the leaders of the government control the situation, since the hand that gives is above the hand that takes. Money has no motherland; financiers are without patriotism and without decency; their sole object is gain.” Napoléon Bonaparte
Reply With Quote