Friday, December 24, 2010

Happy Holidays

May the human spirit prevail.

(n.b.: Jonathan is no relation, nor is the composer.)

Wednesday, December 1, 2010

Some Preliminary Results for November 2010

I've run the set of Transparency Project scans through the counting software and have preliminary results. More precise results will need to wait until I've had an opportunity to go through things much more carefully, but I feel comfortable releasing the percentages I've calculated for some of the races.

For some close races which had substantial interest, here are my preliminary percentages compared with the official results. Please keep in mind that the variances of 1/10 of a percent are very reasonable given that my count still needs to properly resolve over-votes -- where there were too many votes in a contest -- and is still missing approximately 150 sheets which were refused by the counting software. There are also a small number of very-lightly-marked ballots from which a very few additional votes will be harvested, but these should have little effect on the percentages.

DA
Gallegos 52.0 vs county 52.08
Jackson 47.7 vs county 47.61

Eureka Ward 3
Newman 44.3 vs county 44.18
Kuhnel 42.0 vs county 41.95
Manns 13.5 vs county 13.59

Supervisor District 5
Cleary 49.1 vs county 49.04
Sundberg 50.5 vs county 50.38

Progress Update 4

Complete sets of ballot scans are now available from the Humboldt County Elections office. Even when compressed, the data takes up six DVDs, so it is more than I plan on posting to the 'net (others might, though). The uncompressed, higher quality images take up something like a dozen DVDs.

As I mentioned in an earlier update, our percentages track the official percentages, which is what you'd expect. I will post my calculations of initial race percentages here, probably later today, so any interested parties can compare them with the official results.

As the Transparency Project only received the very last of the ballots on Tuesday, I don't plan on posting absolute numbers until at least a few days from now, after I've had a chance to rerun counting software, go through ambiguous votes, and look at some of the 350 images (out of 207,000+) that didn't get processed automatically.

Sunday, November 28, 2010

Progress Update 3

Humboldt County released the remaining ballots for us to scan late last week. As of Sunday night, we have fewer than 1500 ballots remaining to be scanned (each ballot is two sheets). That means we're 97% done with the scanning.

We hope to have our preliminary counts available by Tuesday, when the elections office certifies their results. Our incomplete results do not disagree with the official results in who has won and who has not.

Wednesday, November 17, 2010

Progress Update 2

Scanners will complete the initial set of ballots later today. We will now have to wait until the Elections Department is ready to provide us with the remaining ballots, roughly 12,000. That will likely take a week or so, after which it should take only two days of further scanning.

Friday, November 12, 2010

Progress Update

Scanners have now reached the 100,000 images count for the November 2010 election.

Because this election used a ballot with two sheets, that represents 25,000 complete ballots.

Friday, October 29, 2010

Frightening Experiment with Touch Screen Voting

Professor Doug Jones of the University of Iowa experimented with setting up a touch screen voting machine to flip votes for Obama and McCain. He then had people "cast their votes" on the machine, and interviewed them about the experience.

Click here for complete paper.


One thing we did in our experiment was to ask a number of user satisfaction questions as a followup. An important question in this batch was: "Are you confident that the machine correctly recorded your vote?" The majority of voters were very confident. Curiously, this confidence did not go down much when we rigged the machine to flip the votes for McCain and Obama.

Why? First, note that half the voters did not notice this switch (emphasis added). People felt strongly about their presidential preference, but people, in general, are not very good at proofreading. The summary screen that comes up at the end of the voting session clearly showed McCain for the Obama voters and visa versa, yet they did not notice.

Among people who did notice, the usual reaction was "Huh?" and then they went back to fix the problem. In general, people assume that the machine is right and assume that it was their error, not the machine's dishonesty. Only a small fraction of our voters
(or more properly, experimental subjects) commented on the fact that we'd flipped their votes.

This has important consequences for the real world. Most people do not complain when there is a problem. They assume that it was their mistake and go back and fix it. I assume that things would be different if the machine did not let them fix the vote flip, but if the machine lets them fix it, the fact that some voters are complaining suggests that there may be far more voters who notice the problem and are silent, and that even more voters may have had their votes flipped but didn't notice the problem.

Friday, October 8, 2010

Absolutely Devastating

Absolutely Devastating Testimony on Internet Voting

Prof. J. Alex Halderman of the University of Michigan describes his group's ability to take complete control of Washington, DC's test of internet voting security.

Wednesday, October 6, 2010

Internet Voting comments by David Jefferson of Verified Voting

(Feel free to forward in full with attribution to David Jefferson of Verified Voting.)

University of Michigan Prof. Alex Halderman has now released some details about his successful attack on the District of Columbia's proposed Internet voting system which has been under test for the last week. (See www.freedom-to-tinker.com.) It is now clear that Halderman and his team were able to completely subvert the entire DC Internet voting system remotely, gaining complete control over it and substituting fake votes of their choice for the votes that were actually cast by the test voters. What is worse, they did so without the officials even noticing for several days.

Let there be no mistake about it: this is a major achievement, and supports in every detail the warnings that security community have been giving about Internet voting for over a decade now. After this there can be no doubt that the burden of proof in the argument over the security of Internet voting systems has definitely shifted to those who claim that the systems can be made secure.

Computer security and election experts have been saying for over 10 years that the transmission of voted ballots over the Internet cannot be made safe with any currently envisioned technology. We have been arguing mostly in vain that:

1) Remote attack: Internet voting systems can be attacked remotely by any government, any criminal syndicate, or any self aggrandizing individual in the world.

2) Effective defense virtually impossible: There are innumerable modes of attack, from very easy to very sophisticated, and if anyone seriously tried to attack an Internet election the election officials would have essentially no chance at successfully defending. The election would be compromised

3) Attackers may change votes arbitrarily: An attack need not just prevent people from voting (bad as that would be), but could actually change large numbers of votes, allowing the attackers to determine the winner.

4) Attacks may be undetected: An attack might go completely undetected. The wrong people could be elected and no one would ever know.

Prof. Halderman demonstrated all of these points:

1) Remote attack: His team of four conducted their attack remotely, from Michigan, via the Internet, without ever getting near Washington, D.C.

2) Effective defense virtually impossible: Although they were restricted from most modes of attack (which would be illegal even in this test situation), they still succeeded in completely owning (controlling) the voting system within about 36 hours after it was brought up, even though they had only 3 days of notice of when it would start. They happened to use one particular small vulnerability that they identified, but they are quite confident that they could have penetrated in other ways as well. Most likely they were the only team to even attempt to attack the system seriously; yet in a real election with something important at stake multiple teams might attack. The fact that the only team that even tried succeeded so quickly is a demonstration lots of other groups from around the world could also have done it.

3) Attackers may change votes arbitrarily:They not only changed some of the votes, they changed them all, both those cast before they took control of the system and those cast afterward. There is no way that officials can restore the original votes without the attackers' help.

4) Attacks may be undetected:The attack was not detected by the officials for several days, despite the fact that they were looking for such attacks (having invited all comers to try) and despite the fact that the attackers left a "signature" by playing the Michigan Fight song after every vote was cast!

This successful demonstration of the danger of Internet voting is the real deal. It doesn't get any better than this, people.

Alex Halderman, his graduate students Eric Wustrow and Scott Wolchok, and their colleague Dawn Isabel, all deserve enormous credit, congratulations, and thanks.

Saturday, July 3, 2010

Scanning Completed, Results Match Well

The county finished processing its last ballots last Thursday, and the transparency project scan was completed yesterday. Preliminary results for a few races show county vote percentages and independent vote percentages varying by no more than 0.05% (one vote in two thousand). The independent results are still missing about fifteen ballots that could not be processed automatically, and there may be other minor adjustments.

No contests are at issue.

It may be a while before the scans are available. For many precincts, only one or two ballots were cast for some parties. Because these ballots could be used to identify an individual voter, we will need to remove them before releasing the set of scans.

Wednesday, June 23, 2010

Scanning Update

The project's volunteer scanners caught up last week with available ballots.

We will scan the last ballots as they are made available to us from the elections office, which is still doing operations like checking provisional ballots.

Ballot scans and an independent count should be available around the end of June.

Sunday, June 13, 2010

June 2010 Primary

The transparenteers started scanning last Tuesday's ballots on Thursday. Some folks came in on Saturday, as well. Twelve thousand are now scanned, and another sixteen thousand should be scanned by mid-week. We will then pause until the Elections Department makes available the final batch of seven or eight thousand. I believe these are composed mostly of provisionals and absentee ballots received close to the election.

These are 8.5 x 17 ballots. Although the scanner processes them at a rate of 2,500 or so double sided ballots per hour, we're finding a typical throughput of 1,000 per hour.

Saturday, February 20, 2010

Two Legal 'Situations'

These news items aren't directly related to the Humboldt County Election Transparency Project, but may be of interest to those who are interested in election integrity.

First, New York state recently awarded a voting machine contract to the nation's largest voting machine supplier, ES&S. According to Dominion, another bidder, New York originally ranked Dominion's solution higher. Dominion was also a substantially lower priced bidder. But New York then raised ES&S' ranking after the company added an "ease of use" feature that would, according to Dominion, be illegal in New York due to its compromise of security. Information can be found at Bo Lipari's blog -- http://www.bolipari.com/boblog/2010/02/dominion-sues-to-stop-new-york-city-contract-with-ess/.

Also this morning, news from Clay County, Kentucky, where, according to the Lexington Herald Leader, a former precinct worker has testified in court about how she stole votes from voters using voting machines. She testified that she was instructed in her technique by County Clerk Freddy Thompson, the chief election officer in that county.

The vote-buyers took advantage of some confusion caused by new voting machines the county had that year, White said. The machines had a "Vote" button that people could push to review their choices, then a second button they had to push to record the choices and finish voting.

Meanwhile, here in Humboldt County, CA, we use optically scanned paper ballots with no helpful "Vote" buttons to push but not vote. And, with the cooperation and assistance of County Clerk Carolyn Crnich, the Transparency Project has made available independent scans of every ballot cast in the last three elections, enabling independent recounts.

Monday, January 18, 2010

Cybergate article by Simon Worrall

I'll be very interested in the story this well-respected reporter has in the newest Maxim magazine. I haven't read it yet, but here's his blog entry: