In recent years, citizens throughout the United States have expressed concern about the legitimacy of machine counts. Voting systems that do not provide a paper audit trail require that citizens trust the company that has provided the voting system. Voting systems such as that used in Humboldt County, which use optically scanned paper ballots, do leave an audit trail of all cast ballots. This audit trail becomes far more valuable if it is actually used to verify the count.
The Humboldt County Election Transparency Project aims to provide images of each counted ballot, so that any person or organization wishing to do an independent count will have access to a complete set of ballot images.
Project members are writing our own software to count and sort the images, and this software is open-source, meaning that our programs' "source code" will be available to anyone. Anyone who wants to rebuild the programs and run them on their own computer can do just that without buying a thing. Also, by November, we expect that we will be scanning using Linux, an open-source computer operating system. And we'll be using open-source code to run the scanner at the county Elections office. Finally, the scanner itself is not special election-related hardware -- it's just a high-speed, general purpose office scanner.
The project was initiated by Humboldt County County Clerk and Registrar of Voters Carolyn Crnich, former Green party Presidential candidate David Cobb, local citizens Kevin Collins and Parke Bostrom, and Tom Pinto of the Humboldt County District Attorney's office. The custom scanning and counting software, along with the technical procedure used by the project, has been developed pro bono by Humboldt-based freelance programmer Mitch Trachtenberg, who may be contacted at mjtrac@gmail.com. The scanning software will use the SANE ("Scanner Access Now Easy") protocol, and is built on top of the SANE command line program "scanimage". These programs run on top of the Debian Linux Etch release, downloaded from a debian mirror in June 2008. All software used is available for download free of charge. (Download site TBA.)
Our first run was on the June 2008 election, and we have scanned the roughly 30,000 ballots cast. This scan was run using Microsoft Windows to drive the scanner, which captured the images at a resolution of 150 dots per inch. We used Windows while we wait for modifications to the SANE scanner driver which will allow it to control the imprinter that prints serial numbers on the scanned ballots. The images have now been provided to Dr. David Dill of Stanford, Joseph Lorenzo Hall of Berkeley, and Bev Harris of Black Box Voting. We expect they will be available soon for anyone to view or download. The images are also available on 3 DVDs from the Humboldt County elections office.
Subscribe to:
Post Comments (Atom)
1 comments:
Can't ballot images be faked?
Yes, it's easy to fake digital images. Here's the process by which we ensure that isn't happening.
Our scanner is not a special piece of elections equipment, it is a general purpose office scanner.
The scanner will be controlled by a computer that is running an open source operating system,
(Debian Linux "Etch"). All computer programs that control the scanner are available for inspection
by anyone who would like to see how they operate. The counting and sorting software will
always be available for inspection as well.
The Linux system is not configured for networking.
The ballot images from the scanner are archived into a single large file. This large file is then digitally signed
using a technology known as public key encryption. This generates a small signature file, which can be
printed or emailed. Public key encryption works with pairs of keys -- one key is secret and the other
key is public. The secret key is used to sign the ballot file. To sign the ballot file, a person needs
to be in the room with the scanner computer, have the password to the elections account, and know
the "passphrase" that unlocks the signature program. The public key is available on the Internet.
Anyone wanting to ensure that the ballot file they've received has not been altered can run a free
program called GPG ("GNU Privacy Guard") to validate that the ballot file and signature go together,
and that the signature was generated by someone with access to the elections office private key.
A change of even one bit in the entire file will prevent the file from being validated.
This gives us a very high degree of confidence that, if you validate our file with GPG, the images
we scanned are the images you get.
Post a Comment