[Updated 9-Dec-2006: The recommendations discussed below were later rejected by NIST. See the discussion of this insanity on /...]
A technical group sponsored by NIST, the US government's standard setting organization,
has issued a draft report condemning the use of electronic voting. The NIST report calls for paper trails and builds on an earlier paper by Ron Rivest (of RSA fame) and John Wack which defined the concept of "Software Independence" in voting systems: The idea that voting systems should allow election officials to recount ballots independently of voting machine' software. The Washington Post correctly points out that this report "repeats the contention of the computer security community that "a single programmer could 'rig' a major election."
The report states:
... the lack of an independent audit capability in DRE [Direct Recording Electronic] voting systems is one of the main reasons behind continued questions about voting system security and diminished public confidence in elections. NIST does not know how to write testable requirements to make DREs secure, and NIST’s recommendation to the STS [Security and Transparency Subcommittee] is that the DRE in practical terms cannot be made secure. Consequently, NIST and the STS recommend that VVSG 2007 should require voting systems to be of the SI [Software Independent] “class”...
NIST, as a government organization, probably needs to be a bit restrained in their criticisms of companies that produce the electronic voting machines in the market today, but they couldn't resist making it clear that:
... much evidence has been produced that voting systems in general are not developed according to rigorous models of secure code development nor tested with the rigor of other security-critical applications.
Those familiar with the issue will, of course, recognize this as a commentary on the oft-demonstrated incompetence and irresponsibility of companies like Diebold.
My hope is that this report will help remove software-dependent voting systems from the field as soon as possible. Democracy depends on accurate votes. But, the citizens of a democracy will only vote if they believe that the vote is accurate. All the evidence we have demonstrates clearly that even though it is unquestionable that accurate electronic voting systems can be built, it is essentially impossible to prove that these system actually are accurate. Given the importance of confidence in the vote, we must reject systems that don't inspire voter's confidence. We must have a paper trail. We must have software-independent voting systems.
bob wyman
Comments