Here’s some resources on the potential for new voting machines to be manipulated, compiled by Tom Atlee:
Date: Wed, 30 Jul 2003 11:57:41 -0700
To: email@example.com (undisclosed list)
From: Tom Atlee
Subject: More information on the hot voting machine issue
I have done further research on the problems with electronic voting and as I dig deeper, the situation has grown in complexity (surprise!). This is, once again, one of those times where I passionately wish we had the means to demand an official citizen jury, consensus conference or other citizen panel (randomly selected, with access to diverse experts) to review a critical problem like this and sort it all out from an ordinary citizens’ perspective.
(And I do think this is one of the most critical problems faced by US citizens — and by worldwide citizens, since the outcomes of US elections have impact around the world. And few things could skew elections more thoroughly than manipulatable election machines.)
As other issues in my life have been calling me away from this research, however, I am beginning to realize that it is not a good idea to delay getting to you the best info I’ve found so far. I keep hoping for sufficient time to summarize it. But things are developing faster than I can keep up, and I now believe the most important thing is to keep public outcry and dialogue on this subject alive and growing. The more people talking about it, the better the chance that something significant and timely will be done.
Unfortunately, the issue is not as clear as we would hope. Its complexity creates a political atmosphere in which citizens can be easily turned off, upset or misled by special interests and well-intentioned people with inadequate information and biased perspectives. The resulting debate among increasingly polarized positions necessitated by our adversarial political system, could delay action long enough to allow anti-democratic interests to manipulate the voting process. Again, citizen panels would help deal with this, but we don’t have them available yet. So we just have to settle for giving more people better information and keep our fingers crossed.
Here’s a central example of the complexity. Martin Luther King III and a progressive coalition, the Commonweal Insitute and their newsletter, have come out strongly in favor “voter verified paper trails”. However, Common Cause and another progressive coalition, the Leadership Coalition on Civl Rights , have come out strongly opposed to such paper verification. The LCCR position paper is critiqued by a leading Stanford researcher and voting security advocate. But the issues are admittedly complex, and the differences also surface in interesting ways in the recommendations of a California task force on this subject.
This issue became mainstream news when The New York Times and MSNBC both reported on recent investigations by computer experts at Johns Hopkins University and Rice University — whose findings were posted a week ago on the Web as a PDF file. One researcher said: “With what we found, practically anyone in the country – from a teenager on up – could produce these smart cards that could allow someone to vote as many times as they like.”
The following references included in this mailing contain a tremendous amount of useful information covering the debate on this topic.
a) The July 23 newsletter of David Dill, the Stanford researcher who is a key activist voice for voter verified paper trails. It has additional information on Diebold voting machines and HR 2239 — The Voter Confidence and Increased Accessibility Act of 2003 — including what you can do to support it.
b) MoveOn.org’s July 29th bulletin, “Voting and Democracy: The Challenges Ahead” which includes nine articles on voting rights, most of which include electronic voting issues.
c) Two well-referenced excerpts from the July 30 Demos newsletter.
More resources on all this can be found at the Commonweal Institute site.
Spread the word.
Voter Verification Newsletter — Vol 1, Number 7
David L. Dill (firstname.lastname@example.org)
July 23, 2003
The more news there is, the less time I have to work on newsletters.
So I’ll just send what I have.
NEWS FLASH: GROSS SECURITY FLAWS FOUND IN DIEBOLD TOUCH-SCREEN !
Since I entered the fray in January, I’ve been constantly challenged
to “prove that DREs can be hacked.” My answer was usually something
like the following:
“It is very hard to find out enough details about these systems to
determine what security flaws they have. However, we know it is
practically impossible to stop tampering by insiders.
Furthermore, any system that has not been designed and thoroughly
scrutinized by top-flight computer security professionals is
guaranteed to have major security holes.”
I believe this to be obvious to anyone with a casual acquaintance
with computer security (such as me).
Now I can “prove that the machines can be hacked” by citing the
following paper which just appeared on the web. Computer security
researchers an Johns Hopkins and Rice Universities have inspected the
Diebold code that appeared on a web site in New Zealand a few weeks
ago. The report appears at: http://avirubin.com/vote.pdf.
My understanding is that this analysis took about a week. Very
serious security blunders were discovered in a matter of hours. While
I still believe that insider attacks are still the hardest to stop and
potentially the most damaging, it is now clear that there are serious
security holes that can be exploited by election workers and even
voters. Unlike insider tampering, most of these problems could have
been easily avoided had competent computer security people been
involved in the system design and implementation.
For, example, it appears that it is easy to make counterfeit “voter
cards,” which can be used to vote as often as you like. One can
easily make a fake “administrator” card. Hackers could rearrange the
candidate order on the ballot so that votes are credited to the wrong
We’ve been told by voting machine vendors, regulators, and election
officials that “hacking” DREs is almost impossible because the
machines are designed carefully, use cryptography, and have
proprietary software; that there are stringent Federal regulations;
that Independent Testing Authorities (ITAs) scrutinize every line of
code; that states have exhaustive certification processes; and
localities do extensive Logic and Accuracy Tests.
It’s just not true. That was obvious before the report, but now
it should be undeniable.
There is no reason to believe that Diebold’s system is less secure
than other vendors. Their code just happened to be available.
All the other vendors are implementing the same indadequate
security requirements and satisfying the same inadequate reviews.
There is also no reason to assume that the worst problems have
been found. The authors felt that it was important to get the
information out quickly. Additional weeks or months of review
might reveal even worse problems.
I hope this settles the debate on DRE security. They’re not secure.
There needs to be an independent audit trail.
LCCR POLICY ANALYSIS
The most recent negative development was that the Leadership
Conference on Civil Rights produced a policy analysis arguing against
a voter verifiable paper trail requirement. The Leadership Conference
on Civil Rights is a coalition of 180 civil rights organizations,
including (for example) the ACLU, Common Cause, and the NAACP.
A “policy analysis” is not a “position”, I hope. Indeed, few of the
member organizations of the LCCR have take an official position one
way or the other on voter verifiable audit trail issue. At least one,
the Southern Christian Leadership Conference, is circulating a petition
through “ActforChange” expressing concern about “fault-prone and
fraud-susceptible touch-screen voting machines” which has garnered
more than 39,000 signatures (To add your signature.)
The LCCR policy analysis.
We disagree with this policy analysis. In fact, we believe that the
LCCR and it’s member organizations should be asking for a voter
verifiable audit trail, to protect the rights of all voters.
I don’t know what political reasoning is behind the LCCR analysis and
the similar position taken by the League of Women Voters of the U.S. a
few weeks ago. However, I do know that this is a difficult issue for
major civil rights organizations because they have worked through
complex negotiations on the Help America Vote Act and other
legislation and they are not eager to re-open the issue. The current
plans to upgrade DREs will replace problematic voting equipment and
will increase access for many voters.
Unfortunately, the computer risks are real and must be dealt with.
We need to be able to work with these organizations to solve the
problem with a minimum of disruption to other plans.
If you are a member of one of the LCCR organizations, it might help
to express your views on this issue. I know that a number of
these organizations are trying to figure out what to do.
Recently, a report appeared on the tabloid web site “scoop”
claiming to deconstruct some of the Diebold system.
It was accompanied with some over-hyped prose
(It’s not “Bigger than Watergate”, at least yet.)
At worst, what is described is a security hole, not actual
wrong-doing or election fixing. At best, it is harmless.
The technical discussion appears to me to be sound (although some
readers will know more about this than I do). However, the
implications are unclear to me.
The discussion is about the process of adding up vote counts at a
central office. For example, a county has many precincts. Vote
totals for each candidate are calculated at the precincts and sent in
to the main office, where they are tallied, along with absentee
votes to get vote totals for the county. From the discussion, it
seems clear that a malicious user could modify vote totals.
How bad is an insecure tally system? It depends on what election
procedures are in place. In California, the parties get precinct data
before the election is certified and analyze it to death (I just
talked to the guy who does this for the Democratic party). They feel
confident that they would catch any problems in the tally system.
This illustrates the advantage of having an independent audit trail:
the vote totals can be reconstructed from the original precinct data,
independently of whatever happens in the central office.
On the other hand, I have also heard that candidates do NOT have access
to timely precinct totals in some parts of the country, and cannot
compute their own vote totals. If this is true, it is a very bad
situation because tally systems probably have lots of other holes.
What does this have to do with voter verifiable audit trails? It is
independent, but illustrates some points: For a system to be
trustworthy, you have to have meaningful audit trails, and you have to
use them. If similar problems were found in the DRE software
(for example, if someone could modify the recorded votes in the
DRE), it would be a fatal flaw, because there is no independent
I’d like to hear from people who know how things really work
whether candidates have timely access to trustworthy precinct
When I wrote the “Resolution on Electronic Voting,” I didn’t
explicitly address Internet voting, because I knew that every
technical study had said it wasn’t safe now, or possibly ever.
Especially when you have people voting on everyday PCs, there are
multiple unsolvable problems, including viruses and denial of service
attacks. Even people we’ve been arguing with about DREs, like R. Doug
Lewis of the Election Center, have denounced internet voting.
Unfortunately, the idea just won’t die! Several European countries
are embracing Internet voting on an experimental basis. The Michigan
Democratic party is planning to use it in a primary. The most
disastrous proposal is the SERVE program, which makes it possible for
Americans overseas, especially military voters, to vote over the
Internet. To make it worse, the contractors for the program are
election.com, which was recently bought by mysterious Saudi
investors, and Accenture (via it’s new “eDemocracy business unit”), which was
recently accused of violating the Corrupt Practices Act (which bans
bribing foreign officials). And do we really want the Department of
Defense running elections? There must be a better way to facilitate
overseas voting (for example, mailing in ballots that are printed on
demand, with electronic ballots for unofficial early counts if we need
The program is initially for 200,000 overseas Americans (enough to
have an impact on election results). But the big threat is that it
will be the foot in the door for more widespread adoption of Internet
HR 2239 — The Voter Confidence and Increased Accessibility Act of 2003.
The paper trail bill introduced by Rep. Rush Holt now has 26 cosponsors,
which is great! If one of your representatives is listed here, please
take a moment to let them know you are pleased with their action.
If your representative is NOT on the list, please contact him or her
and asking them to do so — and please send me an email letting me know what their position
Rep Baird, Brian – 6/17/2003 [WA-3]
Rep Brown, Corrine – 7/9/2003 [FL-3]
Rep Brown, Sherrod – 6/24/2003 [OH-13]
Rep Case, Ed – 7/21/2003 [HI-2]
Rep Conyers, John, Jr. – 6/17/2003 [MI-14]
Rep Davis, Danny K. – 7/21/2003 [IL-7]
Rep Eshoo, Anna G. – 6/24/2003 [CA-14]
Rep Farr, Sam – 7/21/2003 [CA-17]
Rep Fattah, Chaka – 7/21/2003 [PA-2]
Rep Filner, Bob – 7/9/2003 [CA-51]
Rep Frank, Barney – 6/24/2003 [MA-4]
Rep Hinchey, Maurice D. – 6/17/2003 [NY-22]
Rep Hoeffel, Joseph M. – 6/24/2003 [PA-13]
Rep Jones, Stephanie Tubbs – 7/21/2003 [OH-11]
Rep Kaptur, Marcy – 6/17/2003 [OH-9]
Rep Lantos, Tom – 7/9/2003 [CA-12]
Rep Lee, Barbara – 6/17/2003 [CA-9]
Rep Owens, Major R. – 6/24/2003 [NY-11]
Rep Rothman, Steve R. – 7/9/2003 [NJ-9]
Rep Schakowsky, Janice D. – 6/24/2003 [IL-9]
Rep Scott, Robert C. – 6/24/2003 [VA-3]
Rep Strickland, Ted – 6/24/2003 [OH-6]
Rep Van Hollen, Chris – 6/17/2003 [MD-8]
Rep Wexler, Robert – 6/17/2003 [FL-19]
Rep Woolsey, Lynn C. – 6/17/2003 [CA-6]
Rep Wynn, Albert Russell – 7/21/2003 [MD-4]
NEW YORK PAPER TRAIL BILL
Commissioner of the New York Board of Elections
Douglas Kellner writes:
The New York State Assembly has passed A-8847 “The Voting Systems
Standards Act of 2003.”
The bill authorizes procurement of new electronic voting machines that
will comply with HAVA.
Most significantly, the law specifically requires that the new machines
“produce and retain a voter verified permanent paper record with a
manual audit capacity which shall record each vote to be cast and which
shall be presented to the voter from behind a window or other device
before the ballot is cast.”
You can get the full text of the bill.
You can also check the bill memo and status.
The Legislature is scheduled to adjourn Friday or Saturday and it is
unclear whether the Senate will take up the bill before then. There is
discussion, however, of a special session in September to iron out any
legislation necessary to implement HAVA. The Assembly has clearly
defined its position on this issue.
From the Palm Beach Post, Thursday, July 10:
Florida Representative Robert Wexler has called on the state to spend
federal dollars on voter verifiable printers.
“Without the ballot, we will place unfounded trust in touch-screen voting
machines to properly record each ballot correctly,” he wrote Tuesday in a
letter to Secretary of State Glenda Hood. “Florida cannot afford another
A few years ago, I read in the newspaper that diesel engine manufacturers
had to pay a huge fine for lying about the pollution generated by
It turns out that the details of the story are interesting, and relevant
to voting machines (surprisingly).
The engines are computer-controlled, and the computers were programmed
to produce low emissions, at lower efficiency, under test conditions.
However, the computer control could sense when the engines were NOT
being tested and increase efficiency at the cost of higher emissions
on the open road.
I’ve heard of similar fraud with gasoline pumps. The weights and measures
people would test the pumps by pumping exactly a gallon of gasoline.
So, the computer-controlled pumps would measure the first gallon exactly
and a little less for subsequent gallons. (Sorry, I have no reference.
Maybe someone can send me one.)
But no one would ever consider doing something like this with voting
From: “Wes Boyd, MoveOn.Org”
Subject: Voting and Democracy: The Challenges Ahead
VOTING AND DEMOCRACY: THE CHALLENGES AHEAD
Tuesday, July 29th, 2003
Co-Editors: Tai Moses and Don Hazen, AlterNet
http://move on.org/s?i=1548-1255454-AuvczAAQur4_cejIhjWwpw”>unsubscribe at any time.
1. Joan Blades and Wes Boyd: <>We Need Modern and Secure Voting Systems
2. Don Hazen: <>A Voting and Democracy Primer
3. Miles Rapoport: <>Beyond Voting Machines
4. John Schwartz: <>Computer Voting is Open to Easy Fraud, Experts Say
5. Thom Hartmann: <>The Theft of Your Vote is Just a Chip Away
6. Kim Alexander: <>The Voting Rights Struggle of Our Time
7. LCCR: <>Advocates’ Guide to the Help America Vote Act
8. Greg Palast, Martin Luther King III: <>Jim Crow Revived in Cyberspace
9. John Moyers, Elizabeth Ready: <>Ballots can Keep Bullets from Flying
10. <>About the Bulletin
Here’s some resources on the potential for new voting machines to be manipulated, compiled by Tom Atlee: