Dancing on E-voting's grave

Any application, including e-voting applications, that run on programmable gear in user hands can be subverted. It may generally be difficult, the bad guys may usually get caught, but no auditor can ever prove that it has not been done - and that's why most states are now throwing away their investments in e-voting technology.

On August 20th of last week someone named Deborah Hastings produced an interesting story under the headline Election loser: touch-screen voting.

I'd quote it, but unfortunately the story is distributed by the Associated Press and they recently made so many announcements and counter-announcements about their own "fair use" policies with respect to copyright that I have no idea what the rules really are for quoting them - a mess, by the way, with its roots in the "fairness doctrine" the democrats want to impose to shut up right wingers like Glen Reynolds; the guy whose efforts to expose news fauxtography and AP's consistently biased political reporting started them scurrying for legal cover.

So, since I can't quote her directly, what I'll do instead is summarize key parts of her report:

  1. she talks about state and local governments warehousing tens of thousands of abandoned e-voting machines

  2. she quotes San Diego County Registrar Deborah Seiler as saying that the county had spent around $25 million on them, and puts that in the context of a $3 billion dollar federal Election Assistance Commission budget and a cumulative $253 million known to have been spent by 30 states on electronic voting gear.

  3. she mentions that one major vendor offered to buy back machines sold for thousands each at one dollar each; and,

  4. she lists disappearing votes, hardware and software failures, and concerns about hackers as driving state and county decisions to back off from electronic voting.

The truth is a lot simpler than this - and obvious to anyone with any computing experience at all: the whole e-voting thing has been a disaster because every system deployed uses programmable voting machines on which the voting application runs locally and it is not possible to guarantee the integrity of e-voting results obtained using programmable voting stations.

This is the fundamental client-server problem: since the client is programmable any expert dragged into court and asked directly whether it would be theoretically possible to cheat has to answer Yes. He can cavil and say doing so would be extremely difficult, talk about counter-procedures, waffle along about audit checks and paper records, and generally mutter into his beard about anything he wants to -but in the end he has to admit that any programmable device handling the vote data can also be programmed to mishandle it.

This problem wasn't limited to the United States - tax dollars around the world have been spent on laughably inadequate systems: many of them as bad as NT workstations with touch screens writing to easily modified or exchanged removable media without paper records. In contrast, the first steps toward dealing with this, warehousing the garbage pending the opportunity to quietly shuffle it off to recycling, has been largely an American phenonmenon - you'll never see Canadian electoral authorities, for example, either admit they spent anything or that most of it is so bad that they can't even trust gear that has been rigged to stay rigged.

So is the bottom line on this that e-voting can't be implemented? Not at all, it just means that client server technologies can not be used for this - and if we absolutely can't trust it for technically trivial jobs like collecting and counting votes, doesn't it make sense to ask why we're using it in corporate accounting and finance where billions are at stake every single day?