Analytic Insight Net - FREE Online Tipiṭaka Research and Practice University and related NEWS through 
Paṭisambhidā Jāla-Abaddha Paripanti Tipiṭaka Anvesanā ca Paricaya Nikhilavijjālaya ca ñātibhūta Pavatti Nissāya anto 105 Seṭṭhaganthāyatta Bhāsā

December 2015
« Nov   Jan »
1705 LESSON Sun Dec 06 2015 FREE Online A1 (Awakened One) Tipiṭaka Research & Practice University (FOA1TRPU) & Social Transformation Volcano (STV) NEWS through 
 Email: The Completing Tipitaka:Sutta Pitaka suttapiṭaka; or Suttanta Pitaka-Vinaya Pitaka-Abhidhamma Pitaka conducts lessons for the entire society and requesting every one to Render
 exact translation to this GOOGLE translation in their Classical Mother
Tongue and in any other languages they know and PRACTICE and forwarding it to their relatives and friends will qualify them to be a faculty and
to become a STREAM ENTERER (SOTTAPANNA) and then to attain ETERNAL
BLISS as FINAL GOAL ! THIS IS AN EXERCISE FOR ALL THE ONLINE VISITING STUDENTS FOR THEIR PRACTICE email-0565.gif from Download & Greeting CardEmail: Politico-Social Transformation Movement Volcano (PSTMV) NEWS Vishwa Rathna Dr BR Ambedkar founding Father of Modern Constitution of Prabuddha Bharath Mahaparinibbana Diwas 2016 Thousands pay homage to Vishwa Rathna Dr BR Ambedkar founding Father of Modern Constitution of Prabuddha Bharath on death anniversary on 06-12-2016- Free Online Conference/Seminars/Symposiums /Debate through
Filed under: General
Posted by: @ 10:40 pm

1705 LESSON Sun Dec 06 2015 

FREE Online A1 (Awakened One) Tipiṭaka Research & Practice University (FOA1TRPU) & Social Transformation Volcano (STV) NEWS through




The Completing Tipitaka:Sutta Pitaka suttapiṭaka; or Suttanta Pitaka-Vinaya Pitaka-Abhidhamma Pitaka

conducts lessons for the entire society and requesting every one to
 exact translation to this GOOGLE translation in their Classical Mother
Tongue and in any other languages they know and PRACTICE and forwarding it to their relatives and friends will qualify them to be a faculty and
to become a STREAM ENTERER (SOTTAPANNA) and then to attain ETERNAL


email-0565.gif from Download & Greeting CardEmail:

Politico-Social Transformation Movement Volcano (PSTMV)


Rathna Dr BR Ambedkar founding
Father of Modern Constitution of Prabuddha Bharath

Mahaparinibbana Diwas 2016
Thousands  pay homage to Vishwa
Rathna Dr BR Ambedkar founding
Father of Modern Constitution of Prabuddha Bharath
on death anniversary on 06-12-2016

Free Online Conference/Seminars/Symposiums /Debate

Bhimrao Ramji AmbedkarBR Ambedkar
ambedkar animation photo: B R AMBEDKAR BuddhaWallpaper.jpg

ambedkar animation photo: Dr. Ambedkar giving speech at Deeksha Bhoomi on 14th October 1956 DrAmbedkar_SiddharthaC65.jpgambedkar animation photo: Dr. Ambedkar with his son and wife. DrAmbedkar_SiddharthaC15.jpgambedkar animation photo: Dr.Ambedkar with other leaders. DrAmbedkar_SiddharthaC52.jpgambedkar animation photo: Dr. Ambedkar along with V V Giri and others. DrAmbedkar_SiddharthaC53.jpg

President Obama recognized Dr. Ambedkar founding father of Modern Prabuddha bharath for his extraordinary
contributions in his address to the parliament in
November 2010. Here is the part of the speech.

ambedkar animation photo: Dr. Ambedkar passed away at his Delhi residence. DrAmbedkar_SiddharthaC11.jpg

26th January 2016 Republic Day to be Celebrated as Liberty, Fraternity and Equality Day as a tribute to  Vishwa
Rathna Dr BR Ambedkar founding
Father of Modern Constitution of Prabuddha Bharath
125th Birth Anniversary

this auspicious day the 99% Intellectuals of Sarvajans including
SC/STs/OBCs/Minorities/poor upper castes have resolved to Observe 26th
January 2016

Republic Day 
as Liberty, Fraternity and Equality Day as a tribute to Dr BR Ambedkar’s
125th Birth Anniversary

Free Online Conference/Seminars/Symposiums /Debate

will continue till 26th January 2016
and beyond till all the fraud EVMs are replaced with paper ballots
the CJI order for dismissal of Central and all State Governments
selected through these fraud EVMs and fresh elections conducted with
paper ballots.

CJI  SADHASIVAM, shirked its duty & committed a grave error of
judgment by allowing in phased manner Fraud Tamperable EVMs on the
request of CEC  SAMPATH because of Rs.1600 crore cost to replace them
and dealt a fatal blow to the Country’s democracy.

Ex CJI did not order
for ballot paper system to be brought in. No such precautionary measure
was decreed by the apex court. Ex  CJI did not order that till the time
this newer set of about 13,00,000 voting machines is manufactured in
full & deployed totally. All the people in 80 democracies in the
world who simply done away with fradulent EVMs should not recognise 
Modi & his Government. These Insecure EVMs must be scraped and Fresh
Lok Sabha and all the State Assembly elections conducted with these
EVMs must be scraped and Fresh elections must be ordered to save
Democracy, Liberty, Fraternity and Equality a Enshrined in the

This act of CJI and CEC helped the Murderer of
democratic institutions (Modi) remotely controlled by 1% chitpawan
brahmin Rowdy Swayam Sevaks gobble the MASTER KEY which goes against the
interest of 99% Sarvajans including SC/STs/OBCs/Minorities/poor upper castes’
liberty, fraternity and equality as enshrined in our Constitution
fathered by Babasaheb Dr BR Ambedkar.

And this
act is itself a proof that the EVMs are vulnerable to fraud for which
they must be punished because of their practice of hatred which is
madness requiring treatment of Insight meditation in mental asylum .

present CJI must dismiss the central and all the State Governments
selected by these fraud EVMs and order for fresh elections with paper
ballots which are followed by 80 democracies around the world.

Ms Mayawati who could not win even a single seat in the last Lok sabha
Elections because of the tampering of these fraud EVMs won more than 80 %
votes in the last UP Panchayat elections conducted through paper
ballots. That is another proof of vulnerability of these fraud EVMs.

All the future elections have to be conducted through paper ballots.
Then Ms Mayawati will not only become the CM of UP but also the next PM
of Prabuddha Bharath.

Behan Mayawati paid tribute to Lord Buddha on Buddha Purnima
will be the real tribute to the Vishwa
Rathna Dr BR Ambedkar founding
Father of Modern Constitution of Prabuddha Bharath on the occasion of his death anniversary on 6th

Keep sending all the materials collected with respected to
fraud EVMs which will continue to be published till the final goal is

Contribution No1

RSS favours paper ballots, EVMs subjected to public scrutiny

Joining the controversy regarding the reliablity of Electronic Voting
Machines (EVMs) which have been questioned by political parties, the
RSS today asked the Election Commission (EC) to revert back to tried
and tested paper ballots and subject EVMs to public scrutiny whether
these gadgets are tamper proof. In an editorial titled ‘Can we
trust our EVMs?’, The Organiser, the RSS mouthpiece, noted it was a
fact that till date an absolutely tamper-proof machine had not been
invented and credibility of any system depends on ‘transparency,
verifiability and trustworthiness’ than on blind and atavistic faith
in its infallibility. The issue is not a ‘private affair’ and it
involves the future of India. Even if the EVMs were genuine, there was
no reason for the EC to be touchy about it, the paper commented. The
Government and the EC can’t impose EVMs as a fait accompli on Indian
democracy as the only option before the voter. There were flaws like
booth capturing, rigging, bogus voting, tampering and ballot paper
snatching in the ballot paper system of polling leading the country to
switch over to the EVMs and all these problems were relevant in EVMs
too. Rigging was possible even at the counting stage. What made the
ballot papers voter-friendly was that all aberrations were taking
place before the public eye and hence open for corrections whereas the
manipulations in the EVMs is entirely in the hands of powers that
be and the political appointees manning the sytem, the paper
commented. The EVM has only one advantage — ’speed’ but that
advantage has been undermined by the staggered polls at times spread
over three to four months. ‘’This has already killed the fun of the
election process,'’ the paper noted. Of the dozen General Elections
held in the country, only two were through the EVMs and instead of
rationally addressing the doubts aired by reputed institutions and
experts the Government has resorted to silence its critics by
‘intimidation and arrests on false charges’, the paper observed,
recalling the arrest of Hyederabad-based technocrat Hari Prasad by the
Mumbai Police. Prasad’s research has proved that the EVMs were
‘vulnerable to fraud’. The authorities want to send a message that
anybody who challenges the EC runs the risk of persecution and
harassment, the RSS observed. Most countries around the world
looked at the EVMs with suspicion and countries like the Netherlands,
Italy, Germany and Ireland had all reverted back to paper ballots
shunning EVMs because they were ‘easy to falsify, risked eavesdropping
and lacked transparency’. Democracy is too precious to be handed
over to whims or an opaque establishment and network of unsafe gizmos.
‘’For the health of Indian democracy it is better to return to tried
and tested methods or else elections in future can turn out to be a
farce,'’ the editorial said.

– (UNI) — 28DI28.xml

This is a gesture to Ms
Mayawati who could not win even a single seat in the last Lok sabha
Elections because of the tampering of these fraud EVMs won more than 80 %
votes in the last UP Panchayat elections conducted through paper
ballots. That is another proof of vulnerability of these fraud EVMs
while the Murderer of democratic institutions (Modi) remotely controlled
by RSS paid just 29 secs Sarthanjali to
Rathna Dr BR Ambedkar founding

of Modern Constitution of Prabuddha Bharath. It is high time that the
RSS shred its hatred towards Scheduled Castes work for Ms Mayawati to
acquire the MASTER KEY by becoming the next PM od Prabuddha Bharath as
Hindutva minus untouchability is Buddhism. They must go around the
country to ptopagate this truth by having Saha Bandhi Bojhan etc.,
that will remove the sitgma on brahmins in general and the chitpawan
brahmins in particular. They must elect an untouchable as their Chief 
and representatives
of all castes and religions to form a collegium system as all of them
belong to a single smae race which is genetically proved and for
Prabuddha Bharath i.e., an AWAKENED ONE with AWARENESS Bharath and show a
good path to the entire Universe to form Prabuddha Prapanch i.e., an
Awakened Univers with Awareness.

Contribution 2

is not only a political party but also a movement of societal change.
Hence this technological game of 1% Chitpawan RSS plan has to be
defeated by strengthening the 99% intellectuals by exposing the
fradulent EVMs as done by 80 democracies of the world in the larger
interest of Sarvajan Hitaye Sarvajan Sukhaye i.e., for the peace,
happiness and welfare of all societies including SC/STs/ OBCs/
Minorities and the poor brahmins and baniyas for distributing the wealth
of this country among all sections of the society as enshrined in the
Constitution by making the Supreme Court to pass orders to replace all
fradulent EVMs and till such time to scrap all elections conducted by
these fradulent EVMs and then to conduct elections with tamper proof
voting system to save democracy, equality, fraternity and liberty.

is about time this country reformed its voting system to ensure that
the electoral verdicts reflect the true will  of the people of the

1. The Whole World has Discarded Similar EVMs 

2. Use of EVMs is Unconstitutional and Illegal Too! 

3. EVM Software Isn’t Safe

4. Nor is The Hardware 

5. EVMs are Sitting Ducks
6. “Insider” Fraud a Concern 

7. Storage and Counting are Concerns 

8. Vote of No Confidence

9. EC is Clueless on Technology 

0. Trust Deficit1.

The Whole World has Discarded Similar EVMs.

electronic voting machines used in this country’s  elections are
internationally known as Direct Recording Electronic (DRE) voting
 machines which record votes directly in electronic memory. 

voting machines have been banned in many countries such as Germany, the
Netherlands, Irelands etc. and such machines are allowed in most states
of the US only with a paper back up. Potential dangers of “vote fraud”
and more importantly, lack of transparency and verifiability associated
with them prompted ban or restrictions of their use. Developed nations
like the United Kingdom and France and advanced countries in our region
like Japan and Singapore have so far stuck to voting on paper ballots,
owing to their simplicity, verifiability and voter confidence in the
system. This country is an exception to this  international trend and we
continue to use these  voting machines long discarded by the world due
to lack of awareness and appreciation of the lay public of the concerns.

2. Use of EVMs is
Unconstitutional and Illegal Too! This country’s EVMs may also be held
unconstitutional because they infringe upon the fundamental rights of
the voters. In this country, Right to vote is a legal right but how that
vote should be exercised by a voter is his/ her individual expression
covered by Article 19 (1) (a) of the Constitution, which guarantees
fundamental rights to the citizens. In the 2002 case pertaining to
disclosure of assets and the criminal background of candidates, the
Supreme Court ruled that voters have a right to know the  antecedents of
the contesting candidates and this is fundamental and basic for
survival of democracy. Accordingly, a voter has the right to know that
his vote which he exercised as a part of freedom of expression has
really gone in favour of the candidate whom he/she has chosen. This
right, fundamental in nature, is absent in the electronic voting system.

In the traditional paper ballot system, that fundamental
right was preserve because a voter knew exactly how his/ her vote was
recorded and Universal use of EVMs in Indian elections is illegal too!
In 1984, the Supreme Court of India held that the use of electronic
voting machines in elections was “illegal” as the Representation of
People (RP) Act, 1951 did not permit use of voting machines in
elections. Later, the R.P. Act was amended in 1989 incorporating Section
61A. However, the amendment says voting machines “may be adopted in
such constituency or constituencies as the Election Commission may,
having regard to the circumstances of each case, specify.” Violating the
provisions of the R.P Act, the Election Commission has conducted 2004
and 2009 nationwide general elections only using  electronic voting
machines. Going by the 1984 judgment of the Supreme Court, parliamentary
elections of 2004 and 2009 may be held illegal.

3. EVM Software Isn’t Safe. 

The electronic voting machines are safe and secure only if the source code used in the EVMs is genuine.

the EVM manufacturers, the BEL and ECIL, have shared the ‘top secret’
EVM software program with two foreign companies, Microchip (USA) and
Renesas (Japan) to copy it onto microcontrollers used in EVMs. This
process could have been done securely in-house by the Indian Worse, when
the foreign companies deliver microcontrollers fused with software code
to the EVM manufacturers, the EVM manufacturers cannot “read back”
their contents as they are either OTP-ROM or masked chips. 

the software given to foreign companies is not even made available with
the Election Commission, ostensibly for security reasons. With such
ridiculous decisions, the Election Commission and the public sector
manufacturers have rendered security of the EVMs a mockery.  Adopting an
open standards policy by making the software public and allowing
parties to test the software installed in the EVMs would have offered

4. Nor is The Hardware. The danger for EVM manipulations is not just from its software.

the hardware isn’t safe. Dr. Alex Halderman, professor of computer
science in the University of Michigan says, “EVMs used in the West
require software attacks as they are sophisticated voting machines and
their hardware cannot be replaced cheaply.In contrast, the Indian EVMs
can easily be replaced either in part or as wholesale units.” One
crucial part that can be faked is microcontrollers used in the EVMs in
which the software is copied. EVM manufacturers have greatly facilitated
fraud by using generic microcontrollers rather than more secure ASIC or
FPGA microcontrollers. Not just only microcontrollers, mother boards
(cards which contain microcontrollers) and entire EVMs can be replaced.
Neither the Election Commission nor the manufacturers have undertaken
any hardware or software audit till date. As a result, such manipulation
attempts would go  undetected. To detect such fraud, the upgraded EVMs
have a provision to interface with an Authentication Unit that would
allow the manufacturers to verify whether the EVM being used in the
election is the same that they have supplied to the Election Commission.
The EVM manufacturers developed an “Authentication Unit” engaging the
services  of SecureSpin, a Bangalore based software services firm. 

Unit was developed and tested in 2006 but when the project was ready
for implementation, the project was mysteriously shelved at the instance
of the Election Commission. Several questions posed to the Election
Commission for taking this decision went unanswered. 5. EVMs are Sitting
Ducks. This country’s EVMs can be hacked both before and after
elections to alter election results. Apart from manipulating the EVM
software and replacing many hardware parts discussed above, discussions
with knowledgeable sources revealed that our country’s EVMs can be
hacked in many ways. I mention just two of them below. Each EVM contains
two EEPROMs inside the Control Unit in which the  voting data is

They are completely unsecured and the data inside
EEPROMs can be manipulated from an external source. It is very easy to
read (data from) the EEPROMs and manipulate them. The second and the
most deadly way to hack our country’s EVMs is by inserting a chip with
Trojan inside the display section of the Control unit. This requires
access to the EVM for just two minutes and these replacement units can
be made for a few hundred rupees. Bypassing completely all inbuilt
securities, this chip would  manipulate the results and give out “fixed”
results on the EVM screen. The Election Commission is completely
oblivious to such possibilities. A demonstration of these
vulnerabilities is on the cards.

6. “Insider” Fraud a Concern.
Personal accounts from some well placed political sources and experts
say that there are some “insiders” demanding vast sums (Rs. 5 Crore for
each assembly constituency) to fix election results. Who are these
insiders? Unlike in the traditional ballot system where only the
election officials were the “insiders”, electronic voting machine regime
has spawned a long chain of insiders, all of whom are outside the ambit
and control of the Election Commission of this country. There is every
possibility that some of these  “insiders” are involved in murky
activities in fixing elections. The whole world—except us in this
country–is alive to the dangers of insider fraud in elections. The
“insiders” include the public sector manufacturers of this country’s
electronic voting machines namely, the Bharat Electronics Limited (BEL)
and Electronics Corporation of India (ECIL), the foreign companies
supplying micro controllers, private players (some of which are
allegedly owned by some political leaders) for carrying out checking and
 maintenance of electronic voting machines during. 

7. Storage
and Counting are Concerns. The EVMs are stored at the district
headquarters or in a decentralized manner in different locations.
Election Commission’s  concern for EVM safety becomes apparent only
during elections, where as security experts say that voting machines
must remain in a secure environment throughout their life cycle. There
could be many malpractices associated with electronic counting.
“Everybody watches polling closely. Nobody watches counting as
closely),” says Bev Harris, an American activist. Our Election
Commission takes three months to conduct parliamentary elections but
wants counting to be over in just three hours! In the rush to declare
results and the winners, several serious lapses go unnoticed in the
counting process. As a result, parties cannot give it the kind of
attention that this activity deserves. 

Massive discrepancies
between votes polled and counted in a large number of polling stations
across the country raise serious concerns in this regard.

Vote of No Confidence.The political class cutting across all sides of
the divide has just one verdict: “we don’t trust the EVMs”. This vote of
“no  confidence” stems from the personal experiences of parties and
leaders as well as the nature of results thrown up by the EVMs. Parties
are looking at EVMs with great suspicion and dread the prospect of EVMs
“defeating” them.This mistrust in EVMs is not confined to any single
party and is all pervasive. Almost all mainstream political parties,
including the BJP, Congress, left parties, regional parties like the
Telugu Desam party (TDP), AIADMK, Samajwadi party, Rastriya Lok Dal
(RLD), Janata Dal (United) etc. have all expressed reservation about
EVMs in the aftermath of 2009 Lok Sabha polls. Even the Congress party
that decisively won the 2009 general elections alleged that the EVMs
have been manipulated in Orissa. Today, it is difficult to find parties
that vouch for the continued use of EVMs in Indian elections. On the
contrary, there is a flood of opposition to the EVMs from the political

9. EC is Clueless on Technology.The Election Commission
has adopted the EVM technology about which it has practically no

As a result, it has little  control over many
aspects of the election process. None of the election commissioners,
neither the present commissioners nor their predecessors, have proper
understanding of the EVM technology. The only source of technical
understanding for the Election Commission is a Committee of  experts led
by its chairman, Prof. P.V.Indiresan. Even the Expert Committee seems
very weak in its capacities and understanding. Alex Halderman, professor
of computer science at the  University of Michigan and an expert on the
security of voting systems who was present in New Delhi for the launch
of the book, Democracy at Risk, Can We Trust our EVMS? commented, “When I
read the 2006 technical report prepared by the Expert Committee of the
Election Commission. I scribbled on it that there was a cause for alarm
and quickly decided to agree to come here.” That speaks volumes for the
quality and rigor of security testing done on the Country’s  EVMs.

Trust Deficit. Election Commission’s conduct in the wake of the serious
reservations expressed by people has been unbecoming of a 
constitutional body. It has uttered many lies – our EVMs are “tamper
proof”, they are “different” etc. etc. It has refused to provide any
clarifications sought to the petitioners in the Supreme Court, despite a
reference from the Supreme Court of India. It has taken several
questionable decisions for which it has refused to offer any
explanations. For instance, it does not explain why old EVMs were used
in Lok Sabha elections despite the recommendations of its own Expert

It does not explain why as many as 4.48 Lakh new
EVMs (which are more secure as per the Expert Committee) were not used
in any Congress party or UPA ruled states? Why and where it had allowed
use of state government owned EVMs? The non-transparent conduct of
Election Commission in the use of EVMs and the farce of an “enquiry” it
has conducted following serious reservations on EVMs does not inspire
confidence in its unbiased functioning.

How EVM Works and how can changed it’s functionality Watch this video [youtube id=”ZlCOj1dElDY” width=”620″ height=”360″]

more at:
youtube id=”ZlCOj1dElDY” width=”620″ height=”360″ -

country’s EVMs are Vulnerable to Fraud-Contrary to claims by our
country,s election authorities, the paperless electronic voting systems
used in India suffer from significant vulnerabilities. Even brief access
to the machines could allow criminals to alter election results. 

this video, we demonstrate two kinds of attacks against a real Indian
EVM. One attack involves replacing a small part of the machine with a
look-alike component that can be silently instructed to steal a
percentage of the votes in favor of a chosen candidate. These
instructions can be sent wirelessly from a mobile phone. Another attack
uses a pocket-sized device to change the votes stored in the EVM between
the election and the public counting session, which in India can be
weeks later.

These attacks are neither complicated nor
difficult to perform, but they would be hard to detect or defend
against. The best way to prevent them is to count votes using paper
ballots that voters can see. - EVMs Can Be
Tampered - Says Net India - Net India company says that the Electronic
Voting Machines EVMs which are used in polling stations can be tampered
in favor of the candidates. Watch this to find out more…..To watch
live news, videos subscribe to CVR News @…- -

REALITY EXPOSED by Dr Subramanian
Swamy - EVMs can be tampered,
experts say - Electronic voting machines could be easily tampered to
manipulate elections results, a group of foreign experts said at a
seminar in Dhaka on Tuesday. A standing committee member of the main
opposition Bangladesh Nationalist Party, Abdul Moyeen Khan, in the
seminar said that the party would make some prototypes of the EVMs the
Election Commission made to show the people how the device could be

Non-governmental organisation Centre
for Sustainable Development organised the seminar, ‘Electronic voting
machines: use and abuse,’ at the Lake Shore hotel in the city. The
organisation’s secretary general Mahfuzullah conducted the seminar and
its president Anwar Hashim, also a former ambassador, presided over the
programme. Computer science professor in the University of California
Mathew Allen Bishop, senior software architect of Yahoo in India
Shashank Shekhar and research and development director of Hewlett
Packard of the United States Shawn Islam made presentation  in the
seminar highlighting how EVMs could be tampered. All the three experts
said the EVMs could be tampered in several ways in a short span of time
to manipulate the elections results in favour of a certain candidate if
the manipulators would get physical access to EVMs. Citing an example of
the flaws of the EVM used in the United States and in other parts of
the world, Bishop said the EVMs, electronic devices which need software
to function, could be easily tampered. Bishop, however, asked the
authorities concerned to look into certain issues before using EVMs.
‘When votes are counted, how do you know that the button pushed to vote
for scales on the ballot unit is in fact counted as a vote for scales?’
he said. Bishop also said, ‘How do you know that the software is
correct? There are no bugs that affect the vote counting? 

How do you know that the software on the EPROM chip is the version that is supposed to be used? There was no malware?’

said the security of the software running the EVM must be part of the
inbuilt design of the device. Earlier, Shawn Islam,m a
Bangladeshi-American, demonstrated how a vote cast for a candidate could
be stored for the candidate the voter did not vote for through software
manipulation effected beforehand. Both of the experts said that there
be a system of paper trail of the votes cast so that the voters could
see that their votes were stored for the candidate they voted for.’But,’
Shawn Islam added, ‘the EVMs developed by Bangladesh do not have any
option to add the paper trail system.’ He claimed that the EVM developed
in Bangladesh have plenty of problems. Shashank said that there was no
electronic device in the world which could not be tampered. All of the
experts said that the device must be tested by a third party before its

In reply to a question whether the EVM
can be manipulated with remote control devise without physical
intervention once EVMs are tested and certified by the experts of the
political parties just before the elections, Shawn said, ‘You must have
physical interventions to manipulate it if the EVM does not belong to
any wireless network.’

When a reporter
asked Abdul Moyeen Khan whether the BNP would accept it if EVMs were
tested by their experts, the BNP leader parried the answer saying that
the party would develop some EVM prototypes to show how they could be

Representatives from the Bangladesh Nationalist Party,
including its acting secretary general Mirza Fakhrul Islam Alamgir, the
chairperson’s advisers Iqbal Hasan Mahmud, Sabiuddin Ahmed, Ruhal Alam
and opposition chief whip Zainul Abdin Farroque, attended. Speaking on
the occasion, former Dhaka University vice-chancellor Moniruzzaman Mia,
BRAC University professor Piash Karim and Sushaner Janya Nagarik
secretary Badiul Alam Majumder stressed the need for building trust
among political parties before introducing any new device in the
elections process.The country’s two major political camps are now at
loggerheads over the introduction of EVMs in the next polls. The ruling
Awami League-led alliance said that it would extend all cooperation to
the E C in using EVMs in the next general elections while the opposition
Bangladesh Nationalist Party-led alliance vowed to resist the
move.Attachments area- Preview YouTube video India’s EVMs are Vulnerable
to Fraud 
-Preview YouTube video EVMs Can Be Tampered - Says Net India
Preview YouTube video EVM in INDIA REALITY EXPOSED by Dr Subramanian

American scientists ‘hack’ into Indian voting machines

India’s voting machines - considered to be among the world’s most
tamperproof - can be hacked, American scientists claim.
Researchers at
the University of Michigan connected a home-made device to a voting
machine and successfully changed results by sending text messages from a
“We made an imitation display board that looks almost exactly
like the real display in the machines. But underneath some of the
components of the board, we hide a microprocessor and a Bluetooth
radio,” the BBC quoted Prof J Alex Halderman, who led the project, as

He added: “Our lookalike display board
intercepts the vote totals that the machine is trying to display and
replaces them with dishonest totals - basically whatever the bad guy
wants to show up at the end of the election.”

Moreover, they added a
small microprocessor, which they say can change the votes stored in the
machine between the election and the vote-counting session.
No one’s
right mind would yet allow the use of absolutely antiquated, completely
out-dated, easily hack-able and highly tamper-able “high school
technology” based, obsolete EVMs (electronic voting machines) in
national elections, but it was used now — in 2014

More than 80
democracies in the world have simply done away with them, dumping them
in the trash, or simply declared the usage of this simplistic voting
system susceptible to fraud, and hence declaring the same as
illegal — as the Supreme Courts of Germany and Holland indeed have done.
Even Japan, from where EVMs originated, has long abandoned its rogue
babies, and is using paper ballot system since then. All the advanced
democracies in the West, except the most dull-headed ones, have reverted
to a voter verifiable system or the ballot paper. In Canada, even at
the ,most basic school level, ballot paper voting is in use.

year, the Supreme Court of India, having been convinced of an
undeniable, edible possibility of EVMs getting tampered with and that
easily hacked — even from afar — had ordered the imbecilic Election
Commission and the indolent Government of India to provide about 1600
crore (1600, 0000000) rupees — convert this into your respective
currency! — for manufacturing these VVPAT (Voter Verifiable Paper Audit
Trail) voting machines; which show a verifiable paper receipt to the

This is the Fundamental Right of a citizen of India, as per
the laws laid down by the Constitution. However, recent newspaper
reports tell us that only 20, 000 such voting machines have been
provided for the entire country in this, 2014 election! India has 29
states now — with Telagana being the latest. In most of them, depending
upon their size etc., either about 400 VVPAT machines are being
deployed, or some such similar ridiculous number — more or less — has
been made available in the length and breadth of the country. It’s an
asinine, bland, cruel, demeaning joke we 1.25 billion voters have been
“blessed” with by the powers that be.

All “patriotic” hackers of our motherland made hay in May!

to how EVMs can be hacked into, tampered with, and results favorably
manipulated via software interference and other means — from near and
from far, far away — this can easily be found by anybody by just going
to Google etc. and filling “EVM HACKING, TAMPERING” or something to this
effect in the Search. And lo, behold! a plethora of information will
just overwhelm your overly chilled-out, lesser employed, un-billed

However, the only solace for us naive fools is that quite a
few unscrupulous politicians and every other most “honorable” political
party worthy of its “salt”, would surely be playing this comic-tragic
game of hacking into and hijacking the votes of a billion people! Thus,
one who outsmarts the other such fine folks, armed with their hacking
forks in this merry-go-around, will win.
The rest — this or that
“tsunami” or wave in favor of one or the other, poll forecasts and the
“newbie”, the over enthused, seeming game changers in the making — well,
they may well fall flat on their dumb faces, if not on their smart

That the Supreme Court of India too, while passing the order
of putting new VVAT voting machines in use in a “phased manner”, has
unwittingly shirked its duty. In fact, it committed a grave error of
judgment. Perhaps dealt a fatal blow to Indian democracy. It should have
ordered, as a caution, that till the time this newer set of about
1300ooo voting machines is manufactured in full and so deployed
throughout India, ballot paper system would be brought in. No such
precautionary measure was decreed by the apex court.
Well, crib all you
want. But don’t cry, my dear countrymen. After all, the same model of
EVMs is yet very much in use in South Africa, Bangla Desh, Bhutan,
Nepal, Nigeria, Venezuela etc. These poor folks of the said “non-techy”
countries — millions of them — too cannot figure out as to what the hell
had, yet is happening, in their dear short-circuited “developed”
democracies. Nor will you.

Don’t worry, be happy! You are not alone “out there”.

by the way, the somewhat notorious lawyer who had brought in this
case — of the present lot of EVMs being tamper-able and hack-able — and,
who, had successfully fought it so, forcing the Supreme Court to order
the installation of a fail-safe voting mechanism (of Voter Verifiable
Paper Audit machines replacing the susceptible earlier Electronic Voting
Machines) to ensure a free and fair electoral process in India — well,
this oh-so-very honorable fellow too has fallen silent, like a demure
maiden. This most vociferous gentleman had openly declared on social
websites, especially Twitter, that in case VVPAT machines do not get
installed in time for 2014 elections, then, there would be a
“constitutional crisis” — putting it out there like an Indian
“pehalwan”, a la WWW wrestler, that he would challenge the same in the
apex court. He had most emphatically underlined he would ensure that
either the new fail-safe voting machines or the old time-tested paper
ballot system will be put in use during this general election in India.
However, recently, when asked specifically on Twitter about this
matter — as to what this lovely man is doing or is going to do about
this impending doomsday electoral scenario — there was a deafening
silence from his side. May be owing to the fact that since the Supreme
Court judgement late last year, this self-righteous rightist has joined
the ultra-rightist political bandwagon.

The latter has been
projected by pollsters to overwhelmingly sweep these elections — as a
direct result of the doings of the monstrous public relations firm hired
from the land of the let-it-be, oops! free. This US firm is the same
that was used fruitfully by President Bush and Hillary Clinton for their
respective political campaigns. It has — let there be no doubt about
it — successfully projected its client as the potential winner and the
next numero uno in Indian politics.

What the majority of the Indians
have missed in fine print is that the outgoing Chief Minister of the
state of Rajasthan, in the last year elections, had officially filed a
complaint with the election commission that the EVMs used in his state
were pre-programmed and tampered with — and that the same had come from
the state of which this presently hyped-up future Prime Minister of
India, is the current Chief Minister. Now, the lawyer who had gone to
the dogs to awaken India and the rest of the world about the mischief
and malfeasance possible with the old model of EVMs — and had in fact
written a book on this subject — is in a wink-wink deep-throat “smadhi”.
A silence that speaks truths we dumb billion idiots on this part of
slippery earth cannot fathom. Perhaps it’s a precursor of the things to

Let us hope the jolly good hackers of this-that party screw-up
each other’s devilish, outright evil plans. In a dog eat dog political
crap pit we hapless billion creatures have to walk through every
election, maybe this time the ape sitting by the side — the wide-eyed
hopeful citizen of India — at least gets a tiny part of the apple pie
this messy hacking cat fight will leave behind, on the side lanes.
Perhaps these little crumbs will be enough for us to stay afloat. though
not gloat.

In a nutshell, simply put, whosoever “out-hacks” the other, will win.

again, we are an ancient civilization of more than 33, 0000000 gods and
goddesses — some civilized, others not so civil. Let’s hope one of
these fancied deities has a soft corner for us dumbos. Otherwise, we are
going to get screwed. A billion times over.

Therefore, I made
doubly sure I did not vote. I sat on my ass on voting day — not that I
don’t do so everyday. This voting day, I absolutely did. Not only
figuratively and metaphorically, but literally. I may have many buts in
life, but at least today I have a little sore, yet not so sorry a butt.

We are a fool’s paradise.

Long live the banana republic of India!,195328/printable.html

Security Analysis of India’s Electronic Voting Machines

Elections in India are conducted almost exclusively using electronic
voting machines developed over the past two decades by a pair of
government-owned companies. These devices, known in India as EVMs, have
been praised for their simple design, ease of use, and reliability, but
recently they have also been criticized because of widespread reports of
election irregularities. Despite this criticism, many details of the
machines’ design have never been publicly disclosed, and they have not
been subjected to a rigorous, independent security evaluation. In this
paper, we present a security analysis of a real Indian EVM obtained from
an anonymous source. We describe the machine’s design and operation in
detail, and we evaluate its security, in light of relevant election
procedures. We conclude that in spite of the machine’s simplicity and
minimal trusted computing base, it is vulnerable to serious attacks that
can alter election results and violate the secrecy of the ballot. We
demonstrate two attacks, implemented using custom hardware, which could
be carried out by dishonest election insiders or other criminals with
only brief physical access to the machines. This case study contains
important lessons for Indian elections and for electronic voting
security more generally.

Full technical paper at


elaborate safeguards, India’s EVMs are vulnerable to serious attacks.
Dishonest insiders or other criminals with physical access to the
machines at any time before ballots are counted can insert malicious
hardware that can steal votes for the lifetime of the machines.
Attackers with physical access between voting and counting can
arbitrarily change vote totals and can learn which candidate each voter
selected. These problems are deep-rooted. The design of India’s EVMs
relies entirely on the physical security of the machines and the
integrity of election insiders. This seems to negate many of the
security benefits of using electronic voting in the first place. The
technology’s promise was that attacks on the ballot box and dishonesty
in the counting process would be more difficult. Yet we find that such
attacks remain possible, while being more difficult to detect.

is highly doubtful that these problems could be remedied by simple
upgrades to the existing EVMs or election procedures. Merely making the
attacks we have demonstrated more difficult will not fix the fundamental
problem: India’s EVMs do not provide transparency, so voters and
election officials have no reason for confidence that the machines are
behaving honestly.

India should carefully reconsider how to
achieve a secure and transparent voting system that is suitable to its
national values and requirements. One option that has been adopted in
other countries is to use a voter-verified paper audit trail (VVPAT),
which combines an electronic record stored in a DRE with a paper vote
record that can be audited by hand [43]. Existing EVMs do not have
updatable software, but it would be possible to add a VVPAT by
interposing on the cable between the control unit and the ballot unit.
option is precinct-count optical scan (PCOS) voting, where
voters fill out paper ballots that are scanned by a voting machine at
the polling station before being placed in a ballot box. Attacking
either of these systems would require tampering with both the paper
records and the electronic records, provided that routine audits are
performed to make sure these redundant sets of records agree [14]. A
third option is to return to simple paper ballots. Despite all of their
known weaknesses, simple paper ballots provide a high degree of
transparency, so fraud that does occur will be more likely to be

Using EVMs in India may have seemed like a good idea
when the machines were introduced in the 1980s, but science’s
understanding of electronic voting security—and of attacks against
it—has progressed dramatically since then, and other technologically
advanced countries have adopted and then abandoned EVM-style voting. Now
that we understand what technology can and cannot do, any new solutions
to the very real problems election officials face must address the
problems, not merely hide them from sight.

EVMs are not foolproof, says computer scientist
April 23rd, 2010
DC Correspondent, Kumar Chellappan
holes. A low-budget adversary armed with a small instrument can read
out votes cast, suppress the votes of one or several voters, and even
delete all the votes.
April 22: Electronic voting machines are
not as tamper-proof as the Election Commission of India would like us to
believe, going by the research of an Israeli comuter scientist who has
found flaws in the most advanced EVMs in the world.

“The Radio
Frequency Identification (RFID) EVMs developed in Israel are rated as
the most advanced machines in the world. But we have proved that they
are vulnerable to all kinds of tampering,” Avishai Wool, of the School
of Electrical Engineering, Tel Aviv University, told DC on Thursday.

can show how a low-budget adversary armed with a small instrument can
read out all votes already cast into the ballot box, suppress the votes
of one or several voters, rewrite votes at will and even completely
disqualify all votes in a single booth,” Prof. Wool says in the paper.
“These attacks are easy to mount and very difficult to detect.”
Prof. Wool refused to comment on Indian EVMs, several experts have
noted that most electronic polling devices are susceptible to tampering.
Prof. Wools’ comments follow a letter qritten by David Dill, professor
of computer science at Stanford University, to Chief Election
Commissioner Navin Chawla on Indian EVMs lacking credibility.

Swamy, former Union minister for law, said Bharat Electronics Ltd and
ECIL, who developed the Indian EVM , have withdrawn their application
for a patent for the device from the World Intellectual Property

Don’t stand on prestige, dump EVMs, save democracy Computer Science Prof. of Stanford Univ., Dr. David Dill’s statement on Indian EVMs (Videos, expert panel)

Election Commission concedes manipulation of EVMs

Election Commission of India has made an amazing confession: that the
security and integrity of the entire election system will be compromised
if the EVM software and the hardware design becomes known.

is what technologists, activists and political leaders have been saying
for many months now and the Commission had steadfastly refuted such
claims with a bizarre “our EVMs are fully tamper proof” claim.

above revelation was made by the Election Commission in a letter dated
March 30, 2010 to V.V. Rao, petitioner in the Supreme Court on the EVMs.
I quote below:

”…The Commission is concerned that commercial
interests could use the route of reverse engineering (a process by which
the original software and hardware configuration can be accessed) which
may compromise the security and sanctity of the entire election

“…It is once again made clear that any demonstration of
alleged tamperability cannot include reverse-engineering as it
compromises security and sanctity of the entire […]

Don’t stand on prestige, dump EVMs: Naidu

J. Balaji, The Hindu

Published: April 13, 2010 00:53 IST | Updated: April 13, 2010 02:54 IST

He seeks national debate to clear “doubts in the minds of voters”

Desam Party president N. Chandrababu Naidu doubts that electronic
voting machines (EVMs) are non-tamperable, and has sought a national
debate to “clear all the doubts in the minds of voters.”

“I am
convinced that there is scope for tampering with the EVMs,” he said here
on Monday after launching a website,, hosted by
election analyst G.V.L. Narasimha Rao and information technologist

Though he would not blame the Election Commission,
with the existing EVMs people were not sure whether the votes they cast
went to the candidates of their choice, Mr. Naidu said. When Germany,
Singapore and some European countries had gone back to the paper ballot,
as the EVMs could be tampered with and hacked, why should India alone
use such machines? “The EC should not stand on false prestige and
gracefully go in for a debate as the issue involved the fundamental
rights of the citizens.”

Mr. Naidu said he would take up the
issue with other parties. There would be nothing wrong in the country
going back to the old system of ballot votes if the machines were not
safe and susceptible to tampering.

The former Chief Secretary of
Delhi and IIT alumnus, Omesh Saigal, asked why the chip used in EVMs was
allowed to be written in the United States. “A Trojan horse is sitting
inside the machine.”

During August last, the EC said it gave
opportunities to political parties and individuals who claimed that EVMs
could be manipulated to prove their case. But “they either failed or
chose not to demonstrate,” it said.

“The EC would like to
underline that it always had a firm conviction and complete satisfaction
that EVMs could not be tampered with. Its faith in the machine has
never wavered through the conduct of elections in the last many years.”

was able to actually demonstrate that the EVMs used by the Commission
could be tampered with. “What has been demonstrated or claimed to have
been demonstrated is on a privately assembled lookalike of ECI-EVMs and
not the actual EVM, produced by the Electronics Corporation of India
Limited,” the Commission said.

EVM debate rages on, lets get rid of it.

EVM debate rages. Jump in and cast your vote on the spot poll on this blog.

personal take is that advanced countries with a longer history of
democracy like the US, UK, Australia, France, Netherlands, Norway,
Sweden and many other European countries don’t use a EVM but the good
old paper and ballot. Why should we move to a EVM.

1) The EVM
does not provide a physical evidence of a vote. Whereby a re count can
be demanded. In earlier elections it has been seen that after a re count
a loosing candidate has won. A recount in EVM will just mean adding up
of all votes which will always add up to the earlier number. How do we
know this is correct.
2) This machine does not allow for any audit
just because it has no physical evidence. So tomorrow we shall all do
corporate accounting on a calculator (no need for bills, invoice, chalan
etc) and show the auditors the final figure on the screen of the
calculator. This is what EVM amounts to.
3) This goes against the basic Right to Information Act. Where is the evidence.
4) A 10 std Physics student can rig up such a device. I wonder why you need a micro processor even.
please jump in and tell the govt that we don’t need the EVM. Why are
they scared of going back to the old system when there is a section of
the population that does not believe in the authenticity of this device.
Don’t believe in the impartiality of the EC, its fully corrupted by
congress ideologues.

भारत मैं सभ कुछ बिकता हैं हम कैसे मान ले की EC नहीं बीके, EVM यंत्र बनाने वाले नहीं बीके होवे हैं |  

UPA won a surprise victory in 2004 and left many stunned about NDA’s
loss. Many never expected this but it happened. Incidentally EVM were
first used in 2004.
: EVMs are prone to tampering by both external hackers and insiders.
The danger of insider fixing of elections is recognized the world over.
Hence mere faith in companies and a host of private players handling
EVMs cannot be the basis for election results. Elections can be trusted
only if the results are verifiable and auditable. Most developed
countries have rejected or reformed direct-recording EVMs. Election
Commission of India is persisting with the voting machines ignoring the
serious concerns. Hence this effort to mobilize public opinion.

the Philippines ballot papers are used. Counting is done through voting
machines by optically scanning the ballots into the machine. Still, a
manual audit is mandated. In computing, if things can go wrong, they
always will; this is Murphy’s law of computing. I hope you have read
Stanford Univ. Prof. Dill’s letter to

The nature of the electonic counting in the Philippines

kalyan 25 Feb. 2010

EVMs and cyberlaw of the Philippines: mandated manual audit

Article posted February 24, 2010 - 09:48 PM
on Elections (Comelec) chairman Jose Melo on Wednesday rejected the
idea of conducting the random manual audit before the declaration of the
winners in the May polls, saying that it will only cause unnecessary

“(We don’t want) a simple audit (to) deter proclamation,” Melo said in a press briefing.

poll body chief issued the statement after some groups asserted that
the random manual audit be done right after the election results are
transmitted and before the winners are proclaimed. (See: More voting
machines should be audited to ensure polls’ credibility)

24 of Republic Act 9369 requires a random manual audit to be conducted
in one precinct per congressional district in each province and city.

difference between the automated and manual count will result in the
determination of root cause and initiate a manual count for those
precincts affected by the computer or procedural error,” it further

But Melo said that conducting the audit before the
proclamation would cause a great delay because the auditors would still
have to “reconcile” the marks on a ballot that were recognized and not
recognized by the Precinct Count Optical Scan (PCOS) machine.

ng variation yan, magdedebate, madedelay yan. Ang mark na ganyan,
bibilangin ng manual, pero hindi binilang ng makina, sino paniniwalaan
mo (There will definitely be a variation, triggering debate, which would
delay everything. Marks like those that are counted manually, but not
counted by the machine—which would you believe),” he said.

further said that it would be fine if only the proclamation of the
winners of the local elections would be delayed, but he said that even
the national positions would have to await proclamation.

“If we
are going to delay the proclamation because of a simple concern of one
machine, bakit pa tayo nag-automate (why did we automate at all)?” he

Earlier, the National Citizens’ Movement for Free Elections
(Namfrel) and the Consortium of Electoral Reforms (CER) also asked the
poll body to increase the number of voting machines that will undergo

The groups said that at least 2.5 to 3 percent of the
82,200 PCOS units or five poll machines per congressional district
should be manually audited to give enough assurance that the results of
the elections are credible. —Kimberly Jane T. Tan/JV, GMANews.TV

‘EVMs illegally being used for a decade’

Sanjay Sharma, TNN, Feb 22, 2010, 03.44am IST
The electronic voting machines (EVMs) are being used in violation of
the Information Technology Act 2000, a research paper has revealed.

of the research paper, advocate Ajay Jagga, told The Times of India, on
Sunday that as per IT Act, 2000, a verifiable audit trail has to be
provided in case of any electronic record, which is now admissible as
evidence as per Evidence Act but in case of electronic voting, the voter
does not get any receipt with regard to his voting.

research paper recently attracted the attention of experts when a
conference on “EVMs: How trustworthy?” in Chennai passed a unanimous
resolution on February 13 asking Jagga to approach the Election
Commission of India (ECI) for bringing the electronic voting procedure
in tune with IT Act, 2000.

Jagga said he would soon approach ECI
seeking formation of legal committee to remove the illegality or will
knock the doors of court.

The lawyer said, “Unless the voter
gets a receipt like the one we get in ATM or after the use of debit or
credit cards, all electronic transactions including a vote, are
illegal.” What is the evidence that the vote cast has really been
recorded and that it has been recorded in the manner the voter intended,
he asked.

For the purpose and to protect the secrecy of ballot,
all such receipts, after the voter has checked his transaction, should
be put in a box which should remain with ECI to be produced as evidence
in case of a dispute, he said. The government amended the relevant laws
in 1989 to equate EVM with ballot and ballot box to facilitate
transition from ballot paper to EVM but the IT Act 2000 created a new
complication that has to be immediately resolved in the interest of
fairness of things, Jagga pointed out.

The lawyer also proved
that the machine can be tampered with which has been accepted by the
government itself in its letter to withdraw patent applications filed by
Electronics Corporation of India and Bharat Electronics Ltd, makers of
the machine. The PSUs withdrew their patent applications on the ground
that the machine may not be tamper-proof, he said, adding that America
and Germany had to return to ballot paper after their machines were
found wanting.

Linked on USA Today 23 Feb. 2010,+Geography/Countries/India/05zF4kBeFJ47y/1

Hackers can ’steal’ ballots from electronic voting machines- 2009 Electronic Voting Technology Workshop
Indo-Asian News Service
Washington, August 11, 2009
First Published: 16:48 IST(11/8/2009)
Last Updated: 17:06 IST(11/8/2009)

scientists have demonstrated how criminals could hack an electronic
voting machine (EVM) and ’steal’ votes using a malicious programming
approach that had not been invented when the voting machine was
The team of scientists from the Universites of California,
San Diego, Michigan and Princeton employed “return-oriented programming”
to force an electronic voting machine to turn against itself.

machines must remain secure throughout their entire service lifetime,
and this study demonstrates how a relatively new programming technique
can be used to take control of a voting machine that was designed to
resist takeover, but that did not anticipate this new kind of malicious
programming,” said Hovav Shacham.

Shacham is professor of
computer science at UC San Diego’s (UC-SD )Jacobs School of Engineering
and study co-author. His study demonstrates that return-oriented
programming can be used to execute vote-stealing computations by taking
control of an EVM designed to prevent code injection.

computer scientists had no access to the machine’s source code - or any
other proprietary information - when designing the demonstration attack.

using just the information that would be available to anyone who bought
or stole a voting machine, the researchers addressed a common criticism
made against voting security researchers: that they enjoy unrealistic
access to the systems they study.

“Based on our understanding of
security and computer technology, it looks like paper-based elections
are the way to go. Probably the best approach would involve fast optical
scanners reading paper ballots. These kinds of paper-based systems are
amenable to statistical audits, which is something the election security
research community is shifting to,” said Shacham.

“You can actually run a modern and efficient election on paper,” he said.

“If you are using electronic voting machines, you need to have a separate paper record at the very least,” he added.
There findings were presented at the 2009 Electronic Voting Technology Workshop.

has to answer for the holes in the bucket identified in the book edited
by Subramanian Swamy and Kalyanaraman, Electronic Voting Machines —
Unconstitutional and Tamperable (2010)
A private co. had a project to EVMs. Are look-alike EVMs available in the market?
are EVMs being manufactured abroad (with control units burnt-in with
programs in foreign countries using Indian agents)? How can BEL/ECIL
claim IP rights for such foreign-makes? How much money has been spent
for this foreign outsourcing?

 ECI should scrap EVMs which are
unconstitutional in any case and revert to paper ballots.Save democracy
which has flourished in India for over 1000 years since Uttaramerur
Inscription of Parakesari Varman of Parantaka Chola days. This was
mentioned in Constituent Assembly debates by the late T. Prakasham, CM
of composite Madras Presidency.
Editorial: E-voting needs a paper trail
Dec. 6, 2010
years after the “hanging chads” fiasco in Florida, and two months
before one of the most important presidential elections in U.S. history,
Congress still refuses to listen to the nation’s top computer
scientists and require a secure, auditable paper trail for all federal
elections. This despite the latest revelation of a serious problem with
the electronic voting machines used in 34 states — including Virginia
and Maryland — in addition to their well-publicized vulnerability to

In March, Ohio officials found a programming error that
dropped votes when the data on memory cards from multiple electronic
machines are electronically transferred to a central tabulator, as they
would be on Election Day. Dozens of lawyers are ready to file legal
challenges everywhere e-voting machines are used, even those declared
“qualified” by the National Association of State Election Directors.
Such litigation could tie up final election results far longer than it
would take to count paper ballots.

State and local government officials
have spent $1.5 billion on e-voting machines in recent years, most of
it federal funds under the 2002 Help America Vote Act. But instead of
ensuring a fast, secure way to count millions of votes, they got a
technological nightmare. Studies in Ohio and California confirmed that
e-voting machines currently in use can allow individuals to cast
multiple votes, load viruses that crash the system, produce fake tallies
and even change previously cast votes.

As recently as May, a spokesman
for Premier Election Solutions (formerly Diebold Election Systems)
blamed the Ohio glitch on state-installed anti-virus software, but
eventually admitted to a decade-old “logic error” programmed on all 19
of its touch screen and optical scan models. Computer experts say every
e-voting machine now in use has serious security vulnerabilities. Even a
piece of white tape on a scanner can block votes from being

“We don’t know how to make secure paperless voting,” says
Stanford computer science professor David Dill, founder of the Verified
Voting Foundation and author of Attackdog, a computer model that
simulates more than 9,000 ways to attack e-voting systems. Dr. Dill and
others like him have warned again and again that an auditable paper
trail is the only way to guarantee a secure election, the very bedrock
of democracy. Congress has less than two months to pass emergency
legislation requiring state election officials to add verifiable paper
trails to all voting in the November election. There is no more time to


Supreme Court asks Election Commission to implement paper trail in EVMs

Delhi:  The Supreme Court on Tuesday asked the Election Commission to
introduce in a phased manner the paper trail in Electronic Voting
Machines (EVMs) for the 2014 Lok Sabha elections, saying “it is an
indispensable requirement of free, fair and transparent” polls which
will restore confidence of the voters.

The Supreme Court, which
directed the Centre to provide financial assistance to the poll panel
for introduction Vote Verifier Paper Audit Trail (VVPAT) system with the
EVMs, said it will “ensure the accuracy of the voting system” and also
help in “manual counting of votes in case of dispute.”

‘paper trail’ is an indispensable requirement of free and fair
elections. The confidence of voters in the EVMs can be achieved only
with introduction of the paper trail,” it said.

“EVMs with VVPAT
system ensure the accuracy of the voting system. With an intent to have
fullest transparency in the system and to restore the confidence of the
voters, it is necessary to set up EVMs with VVPAT system because vote is
nothing but an act of expression which has immense importance in
democratic system,” the bench said.

“VVPAT is a system of
printing paper trail when the voter casts his vote, in addition to the
electronic record of the ballot, for the purpose of verification of his
choice of candidate and also for manual counting of votes in case of
dispute,” a bench comprising Chief Justice P Sathasivam and Ranjan Gogoi

The bench asked the Election Commission to introduce VVPAT
in EVMs in gradual stages or geographical-wise in the 2014 general

While asking the Centre to provide financial
assistance, the bench noted the submissions made by the Election
Commission in its affidavit that it has decided to increase the use of
VVPAT units in a phased manner and has already written to the Ministry
of Law and Justice to issue administrative and financial sanction for
procurement of 20,000 units of VVPAT (10,000 each from M/s BEL and M/s
ECIL) costing Rs. 38.01 crore.

The bench said, “Taking notice of
the pragmatic and reasonable approach of the Election Commission and
considering the fact that in general elections all over India, the
Election Commission has to handle one million (ten lakh) polling booths,
we permit EC to introduce the same in gradual stages or
geographical-wise in the ensuing general elections.”

“The area,
state or actual booth(s) are to be decided by the EC and the EC is free
to implement the same in a phased manner,” it said.

The bench passed the order on two similar petitions; one of those petitions was filed by BJP leader Subramanian Swamy.

that EVMs were open to hacking, Mr Swamy had sought directions to the
poll watchdog to introduce paper trail to easily and cheaply meet the
requirements of proof that the EVM has rightly registered the vote cast
by a voter.

Mr Swamy had moved the Supreme Court against January
2012 order of the Delhi High Court disallowing his prayer to direct
Election Commission to incorporate the system of paper trail in EVMs.

bench noted that though initially the poll panel was little reluctant
in introducing paper trail by use of VVPAT, pursuant to its directions,
the Election Commission contacted several expert bodies and technical
advisers and held meetings with national and state level political
parties and carried out demonstrations.

It noted that after a
thorough examination, VVPAT was successfully used in 21 polling stations
of 51-Noksen (ST) Assembly Constituency of Nagaland.

information furnished by the ECI, through the affidavit dated October
1, 2013 clearly shows that VVPAT system is a successful one,” the bench

comments (0)
Filed under: General
Posted by: @ 3:17 am

Contributor -3

India’s EVM are Vulnerable to Fraud

Overview. This site presents an independent scientific study about the security of the electronic voting machines (EVMs) used in India.

Contributor- 4

India’s EVM are Vulnerable to Fraud - Questions and Answers

Q: Why did you study India’s EVMs? A: The Election Commission of India has spoken of India’s EVMs as “infallible” and “perfect”, yet similar electronic voting …

Contributor - 5

India EVMs vulnerable to fraud | The Indian Express

prof behind EVM study deported on arrival. Written by Geeta Gupta | New
Delhi | Updated: December 13, 2010 at 3:46 am. An American computer
scientist,J …


India’s EVMs are Vulnerable to Fraud - YouTube

Apr 27, 2010 - Uploaded by ropgonggrijp
Contrary to claims by Indian election authorities, the paperless electronic voting systems used in India suffer …

EVMs vulnerable to fraud: Experts - IBNLive

Apr 29, 2010 - New Delhi: The electronic voting machines (EVMs) used in India are vulnerable to fraud, and it is important for votes to be counted in a manner …

India’s EVMs are vulnerable to fraud - Livemint

here to watch a video demonstration of two kinds of attacks against a
real EVM. Comment E-mail Print. First Published: Thu, May 20 2010. 05 20

Hacking Democracy: The Fraud of EVMs - Unofficial: Dr …

In 2009, it’s alleged, Congress won around 70 Lok sabha seats by manipulating theEVMs. and also P Chidambaram, of Congress Party won by an EVM fraud..

An EVM that ‘votes’ only for BJP stuns poll staff in Assam … › Lok Sabha Elections 2014

Apr 3, 2014 - It is a defective machine and it was noticed when EVMs were readied in front of representatives of all political … Saradha scam: CBI grills TMC l.

Contributor -6

Indian EVM

Most developed countries have rejected or reformed direct-recording EVMs. Election Commission of … India’s EVMs are Vulnerable to Fraud - Dr. David Dill …


Contributor -7


Use of EVMs is Unconstitutional and Illegal Too! 3. EVM Software Isn’t Safe. 4. …..Nor is The Hardware. 5. EVMs are Sitting Ducks. 6. “Insider” Fraud a Concern.


Electronic voting is the real threat to elections

J. Alex Halderman

Associate Professor of Computer Science and Engineering, University of Michigan

Director, University of Michigan Center for Computer Security and Society,,

Should Britain introduce electronic voting?

Paper ballots in the UK

for a second, that the concept of elections was new, and it was your
job to pitch them to the nation. You start off singing the praises of
democracy, and how it transfers power to the people like never before.

People are looking excited, so you then bring up the concept of a
legislature: all the elected representatives doing the important task of
scrutinising the government, as well as enacting new laws and debating
important national issues.

You’ve pretty much won them over, so now you turn to elections: those
momentous days when the whole nation marks their choices with a pencil
cross on small pieces of paper, which are gathered up, counted by hand
in their thousands, and used to determine who runs the country.

A deathly silence falls. Someone in the back mutters: “Paper?” You
decide that now is perhaps not the time to introduce the concept of
postal voting.

Face it: British elections are ever so slightly anachronistic.

Pencil and paper

The problems with our current, resolutely 19th-century method of
running elections should be obvious. Votes can be miscounted, misread,
or even simply misplaced. Counts consist of thousands of people across
the country, paid overtime to stay up all night manually sorting and
counting those votes. When they go wrong – as happened in Tower Hamlets
during the 2014 local elections – there’s no easy way to trace the
problems back to their source, and no easy way to fix them other than
simply restarting the count.

At this point, one might be forgiven for feeling trapped in the
“before” section of an infomercial. But yes: there is a better way.

Electronic voting machines are used in some of the world’s biggest
democracies, including Brazil, India, and the Philippines, to get around
some of these hurdles. The machines come in all shapes and sizes, from
small touchscreen devices to larger units with physical buttons and a
printed ballot paper on the front.

But those nations that have widespread adoption of electronic voting
are also developing nations with relatively short democratic histories
and their own unique challenges, from inaccessible rural populations to
low levels of literacy.

Addressing those concerns was a driver for the introduction of
electronic voting, but has also led to a perception that the technology
wasn’t necessary in developed nations, according to Antonio Mugica, the
chief executive of electronic voting firm Smartmatic.

“In western Europe, there isn’t a generalised perception that
integrity needs to be improved,” he says. But while it’s true that the
mature democracies of western Europe tend not to see outright stolen
elections, there is still the potential for mistakes. And, after all,
“the fact that there is no crime in this neighbourhood in London doesn’t
mean you’re not going to put a door and a lock.”


that’s not enough of a pitch for many, who – perhaps fairly – take the
view that voting with paper ballots isn’t broken, and doesn’t need to be
fixed. Mugica disagrees. “The reason to bring technology into the
election process is to increase integrity and security, but it has a
series of important collateral benefits.

“One is cost reduction: so I’m sure Britain could spend less per
election if it was using technology, and the security and integrity
would be 10 to a hundredfold better. So you have something that’s a
hundredfold better, and it’s going to cost less.”

The concept of electronic voting has garnered widespread political
support, seen as both a cost-saving measure and a possible way of
boosting turnout in an era of declining voter representation. A Labour
spokeswoman said: “Labour is committed to looking at radical ways of
encouraging more people to vote, by making the process easier and more
in tune with the way people live their lives … Labour will pilot secure
systems for electronic voting, including online voting.”

Not everyone agrees that electronic voting is dramatically better, or
even better at all. The switch does remove some problems inherent to
paper ballots – not least the cost of simply printing and distributing
the millions of ballots required to make an election happen. But it also
introduces its own.

The chief fear of many is that a switch to electronic voting would make electoral fraud easier, not harder.
In the worst-case scenario, rather than forging ballots individually, a
wannabe dictator could simply flip a switch and win the election with no
trail in sight.

Jim Killock, the executive director of the Open Rights Group, says that voting has to be secret, secure and accountable.


is a very hard problem to solve and so far nobody has managed it.
Accountability in most software systems means a clear audit trail of who
did what, which of course would violate the basic question of secrecy.”

And even without ascribing malicious intent, a bug in an electoral
machine’s operating system could alter the vote result systematically.
That’s why many observers, such as ORG, prefer that the machines only
run on open source code, so that independent observers can check the
programming is bug-free.

Smartmatic doesn’t go that far, citing the need to protect trade
secrets, but typically encourages nations to perform a fully independent
code review in the runup to an election, inviting all political parties
and representatives of civil society to check for bugs. The code is
compiled then and there, with a digital signature that individual voters
can use to check that their machine is running the correct software.

As for the audit trail, it’s something that the company takes very
seriously. “We bring, along with the technology solution, a
recommendation to perform 17 different audits, before, during and after
the election,” says Mugica.

Keyboard and mouse

But if those problems are tricky to solve, they’re nothing compared
to the other major form of electronic voting, online voting. Casting
votes over the internet seems like the natural progression of democracy
to the 21st century, but it requires a fairly fundamental rethink of how
the electoral process should work.

In order to let people cast votes from home over the internet, we
have to decide to give up some of the most important principles of our
electoral system, like guaranteeing that a vote cannot be given away,
stolen or forced, and ensuring secrecy of the ballot.

Those problems are so fundamental that, to date, only one country has
really cracked the problem: Estonia, where almost a quarter of all
votes cast in the 2011 parliamentary elections were made online. In
March, the country heads to the ballots again, for its sixth election
where online voting is allowed. And the proportion of votes cast online
is expected to rise even further.

How have they solved the problems? With a mixture of hard work and
smart solutions. On the one hand, Estonian civil society is the most
connected in the world: every citizen has an online ID card, which has
biometric information about them and digital signing capabilities. The
card can be used with a chip-and-pin machine to prove to government
agencies online that its user is a citizen of Estonia.

That solves half the problem, letting voters sign and encrypt their
votes as they transmit them to the polling office, in order to prevent
them being intercepted or fraudulently cast.

But what Estonia can’t do is control the conditions in the home of
the voter. So instead, they get around it another way, explains
Smartmatic’s Michael Summers, who works with the Estonian government to
provide the voting solution. After voting, “a copy of the vote is also
sent to a verification server”. The voter can then check that their vote
has been correctly registered at any time, to ensure that it wasn’t
changed by malware on their computer, for instance.

“If you think about an internet application, the environment which is
hardest to control is the voters’ computer. Anyone who has a laptop
runs the risk of downloading malware, so the purpose of verification is
that we give the voter an opportunity to check that their vote has been
correctly recorded by the server.”


voters can also change their votes throughout the polling period, and
if they vote in person as well, that “overwrites” their online vote. The
idea is to limit the opportunities for coercion, so that even if
someone demands to watch a citizen cast the “correct” vote, they can
easily vote according to their conscience later.

All the same, the opportunities for funny business are higher than
in-person voting. But, argues Summers, that’s the wrong comparison;
instead, online voting should be compared to postal votes, used by 15%
of the electorate in Britain in 2010. That comparison is much more
favourable. When you make a postal vote, after all, “your mechanism for
securing that ballot is a piece of gummed paper. As opposed to a robust
RSA certificate which is significantly harder to crack than steaming
open an envelope by putting it over a kettle”.

But regardless of the correct comparator, the ORG’s Killock argues
that the potential downsides of internet voting are just too great. “You
have the complexity of making sure that internet systems are secure,
that the voting equipment can be trusted despite being attached to the
internet, and that every voter’s machine is not being tampered with.

“Given the vast numbers of machines that are infected by criminally
controlled malware and the temptation for someone to interfere in an
election, internet voting is a bad idea.”

But the tide seems to be turning in the concept’s favour. In January, the Speaker of the House of Commons published a report on digital democracy, which concluded that “online voting has the potential greatly to increase the convenience and accessibility of voting”.

“In the 2020 general election, secure online voting should be an
option for all voters,” said the report. In response, the Electoral
Commission’s chair, Jenny Watson, said: “We will consider carefully the
balance between maintaining the security of the system, whilst making it
as accessible as possible for voters as part of this.”

But Killock remains unconvinced, and uneasy with turning to a digital
solution for what remains a societal problem. “The real driver of voter
participation,” he says, “is the belief that elections are important
and that voting will make a difference”.
    •    OPPOSING VIEW: Paper voting system is broken
not entirely a fantasy. In many states, some voters can already do
both. The process is seductively simple, but it’s also shockingly
vulnerable to problems from software failure to malicious hacking. While
state lawmakers burn enormous energy in a partisan fight over in-person
vote fraud, which is virtually nonexistent, they’re largely ignoring
far likelier ways votes can be lost, stolen or changed.
How? Sometimes, technology or the humans running it simply fail:
March, malfunctioning software sent votes to the wrong candidate and
the wrong municipal election in Palm Beach County, Fla. The mistake was
corrected only after a court-approved hand count.
•In an election in Pennington County, S.D., in 2009, a software glitch almost doubled the number of votes actually cast.
Carteret County, N.C., 4,530 electronic votes simply disappeared in
2004 when the voting machine ran out of storage capacity and no one
noticed until too late.
•In 2010, a University of Michigan assistant
professor of computer science and three assistants hacked into
Washington, D.C.’s online voting system during a test. They manipulated
it undetected, even programming it to play the Michigan fight song.
While inside, the hackers blocked probes from Iran, India and China.
Washington officials canceled plans for online voting.
like these argue for great caution about expanding electronic voting,
but too many states are choosing convenience over reliability. Sixteen
states, for example, use electronic voting devices with no paper backup,
according to a study by the Verified Voting Foundation, Common Cause
and the Rutgers School of Law.
This means there’s no way to know
whether the machine has recorded a vote accurately or, for that matter,
recorded it at all. And there’s no way for elections officials to
conduct a verifiable recount if things go wrong.
It’s far better to
have, as many other states do, machines that generate a simultaneous
paper record that voters can see when they vote, and that officials can
audit to make sure the machines are getting the votes right.
At least
for now, the next frontier in electronic voting seems to be way too
wild. Twenty-five states allow online voting, chiefly for military
personnel and others overseas, which means 3 million people or more
could cast ballots via the Web this fall. But Alex Halderman, who led
the successful penetration of Washington’s online system, warns that
current technology just can’t keep votes safe.
Home computers are
frequently infested with malware, and central systems such as
Washington’s are notoriously hard to secure. Those who claim otherwise
overlook the fact that hackers have penetrated or shut down systems at
the Pentagon, FBI, Department of Homeland Security and CIA. All these
agencies have cybersecurity budgets that dwarf those of any local
elections board.
The danger is as troubling as it is obvious.
Elections can be stolen, without anyone noticing. Some things are best
done the old-fashioned way.
Opposing view: Paper voting system is broken
the 2010 election, 200,000 military voters failed to cast their
absentee ballots, the vast majority because the mail either failed to
get their ballots to them on time, or failed to get them back home in
time to count. That’s no surprise: Mail to remote military outposts and
ships at sea can easily take three weeks each way. It’s bound to fail.
    •    Whitney Curtis, for USA TODAY

Whitney Curtis, for USA TODAY

Sponsored Links
    •    OUR VIEW: Electronic voting still too wild
that same election, though, 46,000 military voters did manage to vote
through electronic voting systems, either receiving their ballot online,
returning it online or both. The number of military personnel using
online systems was triple what it was in the 2006 election, a sign of
the growing effectiveness and availability of Internet voting.
electronic voting systems introduce new risks? Of course. But the
current mail-based system perpetuates a far greater risk of
disenfranchisement. And the most common risks associated with electronic
systems can easily be mitigated.
For example, the military’s
Internet system is constantly monitored for intrusions and infections,
which can significantly reduce the risk of viruses changing voters’
votes. Transmitting the ballots over virtual private networks can ensure
that ballots are not changed by hackers en route.
Washington, D.C.’s
system referenced in USA TODAY’s editorial did not have any of these
protections. It was simply a test by a not-for-profit, not a system
deployed by one of the leading online election vendors.
About Editorials/Debate
expressed in USA TODAY’s editorials are decided by its Editorial Board,
a demographically and ideologically diverse group that is separate from
USA TODAY’s news staff.
Most editorials are accompanied by an
opposing view — a unique USA TODAY feature that allows readers to reach
conclusions based on both sides of an argument rather than just the
Editorial Board’s point of view.
Finally, the sheer diversity and
local control of our electoral system, with more than 7,800 election
jurisdictions, make the payoff of trying to hack these votes unfeasible
given the small number of ballots received electronically in each
election jurisdiction.
In 2002, Congress mandated that the Defense
Department deploy an electronic voting system for military voters. The
department’s Federal Voting Assistance Program presented a plan to
Congress for a secure, reliable electronic voting system by the 2018
President Obama’s 2013 budget cut $20 million for research
on electronic voting; restoring that money might bring such systems
online in time for the 2016 presidential election, 14 years after
Congress ordered it done.
Would such a system be perfect? No. But it would be far better than the broken paper-based system we have now.
Carey is president of the Abraham & Roetzel government affairs
firm. Until May of this year, he was director of the Defense
Department’s Federal Voting Assistance Program.
About Editorials/Debate
expressed in USA TODAY’s editorials are decided by its Editorial Board,
a demographically and ideologically diverse group that is separate from
USA TODAY’s news staff.
Most editorials are accompanied by an
opposing view — a unique USA TODAY feature that allows readers to reach
conclusions based on both sides of an argument rather than just the
Editorial Board’s point of view.
Editorial: Electronic voting is the real threat to elections

how easy voting would be if Americans could cast ballots the same way
they buy songs from iTunes or punch in a PIN code to check out at the
grocery store: You could click on a candidate from a home computer or
use a touch screen device at the local polling place.
Whitney Curtis, for USA TODAY
Election workers in Maplewood, Mo., train
on touch-screen machines in 2010. Sixteen states use electronic voting
devices with no paper backup.
Whitney Curtis, for USA TODAY
workers in Maplewood, Mo., train on touch-screen machines in 2010.
Sixteen states use electronic voting devices with no paper backup.
Sponsored Links
    •    OPPOSING VIEW: Paper voting system is broken
not entirely a fantasy. In many states, some voters can already do
both. The process is seductively simple, but it’s also shockingly
vulnerable to problems from software failure to malicious hacking. While
state lawmakers burn enormous energy in a partisan fight over in-person
vote fraud, which is virtually nonexistent, they’re largely ignoring
far likelier ways votes can be lost, stolen or changed.
How? Sometimes, technology or the humans running it simply fail:
March, malfunctioning software sent votes to the wrong candidate and
the wrong municipal election in Palm Beach County, Fla. The mistake was
corrected only after a court-approved hand count.
•In an election in Pennington County, S.D., in 2009, a software glitch almost doubled the number of votes actually cast.
About Editorials/Debate
expressed in USA TODAY’s editorials are decided by its Editorial Board,
a demographically and ideologically diverse group that is separate from
USA TODAY’s news staff.
Most editorials are accompanied by an
opposing view — a unique USA TODAY feature that allows readers to reach
conclusions based on both sides of an argument rather than just the
Editorial Board’s point of view.
•In Carteret County, N.C., 4,530
electronic votes simply disappeared in 2004 when the voting machine ran
out of storage capacity and no one noticed until too late.
•In 2010, a
University of Michigan assistant professor of computer science and
three assistants hacked into Washington, D.C.’s online voting system
during a test. They manipulated it undetected, even programming it to
play the Michigan fight song. While inside, the hackers blocked probes
from Iran, India and China. Washington officials canceled plans for
online voting.
Experiences like these argue for great caution about
expanding electronic voting, but too many states are choosing
convenience over reliability. Sixteen states, for example, use
electronic voting devices with no paper backup, according to a study by
the Verified Voting Foundation, Common Cause and the Rutgers School of
This means there’s no way to know whether the machine has
recorded a vote accurately or, for that matter, recorded it at all. And
there’s no way for elections officials to conduct a verifiable recount
if things go wrong.
It’s far better to have, as many other states do,
machines that generate a simultaneous paper record that voters can see
when they vote, and that officials can audit to make sure the machines
are getting the votes right.
At least for now, the next frontier in
electronic voting seems to be way too wild. Twenty-five states allow
online voting, chiefly for military personnel and others overseas, which
means 3 million people or more could cast ballots via the Web this
fall. But Alex Halderman, who led the successful penetration of
Washington’s online system, warns that current technology just can’t
keep votes safe.
Home computers are frequently infested with malware,
and central systems such as Washington’s are notoriously hard to
secure. Those who claim otherwise overlook the fact that hackers have
penetrated or shut down systems at the Pentagon, FBI, Department of
Homeland Security and CIA. All these agencies have cybersecurity budgets
that dwarf those of any local elections board.
The danger is as
troubling as it is obvious. Elections can be stolen, without anyone
noticing. Some things are best done the old-fashioned way.
Hacker infiltration ends D.C. online voting trial
week, the D.C. Board of Elections and Ethics opened a new
Internet-based voting system for a weeklong test period, inviting
computer experts from all corners to prod its vulnerabilities in the
spirit of “give it your best shot.” Well, the hackers gave it their best
shot — and midday Friday, the trial period was suspended, with the
board citing “usability issues brought to our attention.”
Here’s one
of those issues: After casting a vote, according to test observers, the
Web site played “Hail to The Victors” — the University of Michigan
fight song.
“The integrity of the system had been violated,” said Paul Stenbjorn, the board’s chief technology officer.
said a Michigan professor whom the board has been working with on the
project had “unleashed his students” during the test period, and one
succeeded in infiltrating the system.
The fight song is a symptom of
deeper vulnerabilities, says Jeremy Epstein, a computer scientist
working with the Common Cause good-government nonprofit on online voting
issues. “In order to do that, they had to be able to change anything
they wanted on the Web site,” Epstein said.
Because of the hack,
Stenbjorn said Monday, a portion of the Internet voting pilot — which
was expected to be rolled out this month — is being temporarily
The program, called “digital vote by mail,” is intended to
allow military or overseas voters to cast secure absentee ballots
without having to worry whether the mail would get them back to
elections officials before final counting. Those voters, about 900 of
them, still will be able to receive blank ballots via the Internet for
the Nov. 2 general election, but they will not be allowed to submit
their completed ballots via the DVM system, Stenbjorn says. Instead,
they’ll have to put them in the mail or send them unsecured via e-mail
or fax.
The security hole that allowed the playing of the fight song
has been identified, Stenbjorn said, but it raised deeper concerns about
the system’s vulnerabilities. “We’ve closed the hole they opened, but
we want to put it though more robust testing,” he said. “I don’t want
there to be any doubt. … This is an abundance-of-caution sort of
Last week, Common Cause and a group of computer scientists
and election-law experts warned city officials that the Internet voting
trial posed an unacceptable security risk that “imperils the overall
accuracy of every election on the ballot.” But board officials said the
system provides security and privacy upgrades over a method of Internet
voting that’s already legal: filling out a paper ballot, then scanning
it and attaching it to an e-mail.
Stenbjorn says he hopes that the
Web-voting system’s security vulnerabilities will be addressed in time
for a D.C. Council special election expected next spring. The board has
spent about $300,000 in federal grant money on the project.
A D.C. Council hearing on elections issues, which will include the Internet voting test, is set for Friday.
5:30 P.M. Verified Voting, another nonprofit concerned with election
integrity, has released a statement that “applauds” BOEE’s decision to
cancel the digital vote return. The release details the hack: “The test
pilot was apparently attacked successfully shortly after it began by a
team of academic experts led by Prof. J. Alex Halderman at the
University of Michigan. The attack caused the University of Michigan
fight song to be played for test voters when they completed the
balloting process.” The group promises “[f]ull details of the hack and
its impact on submitted test ballots … in the coming days.”
group also identifies a separate issue, which it calls a “very serious
vote loss problem that caused voters to inadvertently return blank
ballots while believing that they had submitted complete ballots.” This
affected users of “at least two widely used computer/browser
configurations.” Stenbjorn said Monday that the problem had been
identified as affecting certain browsers using the Macintosh operating
system, which do not support inline PDF forms. Mac users, he said, can
download the file and open it in a standalone PDF reader instead.
CORRECTION, 10/7: The Michigan fight song is “The Victors,” not “Hail to the Victors.” Mea maxima culpa.
By Mike DeBonis  | October 4, 2010; 2:14 PM ET 
Categories:  DCision 2010, The District  

Save & Share:                            
Previous: DeMorning DeBonis: Oct. 4, 2010
Next: For Rhee, staying in D.C. is a ‘hard question’


Hail to the Victors Valiant!
Um…yay alma mater for cyberhacking?
Posted by: gopoohgo | October 4, 2010 3:21 PM | Report abuse
Hail to the Redskins would have been far better!
Posted by: jeffcoud2 | October 4, 2010 4:01 PM | Report abuse
Michigan’s fight song is “The Victors,” not “Hail to the Victors.”
Posted by: Catholepistemiad | October 4, 2010 5:27 PM | Report abuse
this is the right approach. I’m glad to see they’re not just
approaching the problem in the right way through open testing, but also
are acting cautiously about what they do. Combined with robust review
and flaw remediation, secure voting ought to be possible.
In the meantime, it might be worthwhile to set up something for military members to use through nipernet…
Posted by: Nymous | October 5, 2010 1:48 AM | Report abuse
test that is supposed to run over the weekend is shut down by mid day
on Friday due to “usability issues brought to our attention.”? This
shows an apalling lack of awareness of the problems inherent in such a
voting system.
No, the right approach would be to fire the idiots on the
board of elections and hire the students from Michigan.
Posted by: lcollar | October 5, 2010 8:14 AM | Report abuse
consider how often and consistently online systems of all kinds are
successfully hacked. Why would voting systems be different?
The thought of government by those who get into the position by hiring hackers is truly frightening.
Posted by: observer31 | October 5, 2010 8:21 AM | Report abuse
You think you might mention who the vendor is? That seems kind of important.
Posted by: pj_camp | October 5, 2010 9:28 AM | Report abuse
look - it’s DC. You KNOW who’s gonna be elected even before the first
ballot is cast. Why worry about hackers? They won’t make ANY difference
in the outcome. Of course, it’s also obvious that the hacking wasn’t
done by ANYONE who is a District resident. Even WITHOUT the fight song,
it’s clear that the capability is JUST NOT there. Now maybe some folks
in nearby Maryland or Virginia have the capability, but surely not DC!
Posted by: matism | October 5, 2010 11:29 AM | Report abuse
unclear to me that “We’ve closed the hole they opened…” accurately
quotes Mr. Stenbjorn. If it does, he should be fired immediately for his
illiteracy in this matter.
The students did not “open” a hole in this
online voting system. They discovered one that the Mr. Stenbjorn’s inept
staff did not secure.
If Mr. DeBonis is accurately reporting the quote
then this may also indicate a pathological attempt to shift blame from
where it belongs - the morons at DCBOEE - to the students that did them a
Posted by: Megadan | October 5, 2010 11:45 AM | Report abuse
How great is this? So let’s pretend there’s an 800lb gorilla in the room…his name is Acorn, and he’s a hacker.
Care to wager what percentage of e-voters will be shown to be cast for Democrat candidates?
is a huge problem, but not just with e-vote systems. Jokes about dead
people voting isn’t a joke; our voter roles are full of fraud - 3%, 5%,
20%? ID’s should be needed to vote (as in my district), every voter role
should be purged, validated and maintained before every election.
Without it, the gorilla is going to have his way every time.
Posted by: BarryBinInhalin | October 5, 2010 11:49 AM | Report abuse
[and I mean ANY] system can be hacked, and I have no doubt have
electronic [and even mechanical] voting is a gamble. Paper ballots
are also subject to fraud. 
Choose your poison.
Posted by: news41 | October 5, 2010 12:00 PM | Report abuse
I’m really going to trust the vote coming out of DC. Maybe they can
show Chicago how to do it during Rahm’s coronation, oh, I mean election.
Posted by: AnnieP1 | October 5, 2010 12:12 PM | Report abuse
is it that I can safely access my bank accounts, investment accounts,
Ebay, etc. from virtually anywhere on the planet, but I cannot vote
online? Maybe it’s because having found a proven set of tools to rig
elections, the Left is terrified that new technology will erase their
advantage. Seems odd that such a hotbed of political neutrality like DC
would be “proving” the “danger” of online voting. Remember -vote early
and vote often!
Posted by: snipelee | October 5, 2010 12:16 PM | Report abuse
Use of electronic voting is a hideous error.
Posted by: KPosty | October 5, 2010 12:16 PM | Report abuse

to your PUBLIC education YOU are missing the OBVIOUS … VOTING sites
are referred to as POLLING STATIONS … Why you ask? 
Because for
decades now, the government only POLLS THE OPINIONS of ITS public …
Your VOTE has absolutely NO MERIT in the election process … the
Electorial College does ALL the deciding for you - you only convey your
opinion - which is ignored!! This is the just the tip of the iceberg
when it comes to deceiving Americans! Sorry to burst your patriotic
bubble - wake up people - this isn’t your country anymore!
Posted by: ScatScat | October 5, 2010 12:21 PM | Report abuse
is almost nothing more important than insuring the integrety of our
elections. It is sure that it isn’t 100% free of fraud but to allow it
to go on-line kills all hope of keeping the system safe at all.
morons in charge of this test either 1.have NO IDEA how computers work
2. are actively trying to steal elections 3. are just plain stupid or 4.
have NO sense of what their country is about
I don’t see any good on that list!
rlls need to be continuously scrutinized (by people with brains) and
ballot need to be paper only. The last bit of the puzzle? Honesty
Posted by: rleored1 | October 5, 2010 12:23 PM | Report abuse
bad idea beat down. Voting online, Missile defense systems, etc. can
only be truly tested when the real world comes into play. SO, never go
IF banks etc. are not hack-proof, why would we ever want our
elections and our country to be vulnerable by depending on a computer
program which can never be truly tested before it is used.
That’s a
hard way to learn. We should NEVER go there. There are no hack-proof or
bug-free programs when they are as elaborate as would be required for
voting or missile defense. NEVER! Ask any programmer or QA Tester.
Posted by: tojo45 | October 5, 2010 12:27 PM | Report abuse
many D.C. voters that actually VOTE are there serving over seas for our
country? It can’t be more than a hand full. So, I’d love to see how
much the cost per vote is in this $300,000 waste of money.
Posted by: arbogastd | October 5, 2010 12:30 PM | Report abuse
In 2012 a hacked voter system in favor of Obama is the only way he’ll win reelection…
Posted by: mrcyberdochotmailcom | October 5, 2010 12:30 PM | Report abuse
YOU, HACKERS! I can think of few greater threats to liberty than, even
assuming no technology-based corruption or mischief (HA!), by allowing
lazy, livin’-off-the-taxpayer-dime, do-nothings to be able to sit on
their indolent butts while electing their welfare patrons as they watch
another episode of Judge Mathis.
Posted by: jnsesq | October 5, 2010 12:30 PM | Report abuse
d@amn it, there is such a thing as making it too easy to vote. Just as
all in-person voters should be required to present a valid
government-issued ID card in order to vote, so should we also be
carefully review all absentee ballot procedures to maintain the security
of the voting process and the integrity of our democracy. Many of us
Republicans have been screaming about ballot security for years, and
those of us who have actually run campaigns have witnessed real, live
voting fraud around the country. I don’t care if you’re a Republican,
Democrat, Libertarian or Martian, we should all agree that the integrity
of our democracy must be paramount. If we can’t agree on that, and any
party, candidate or interest group can cheat, then we’re on a slippery
slope to becoming Venezuela.
Bottom line: we should put aside on-line
voting until its iron-clad security can be assured. If this debacle had
occurred in a hotly contested swing state in the middle of a
presidential election, this could have caused a national, if not a
constitutional crisis. Think clearly, people.
Posted by: Dirtlawyer1 | October 5, 2010 12:36 PM | Report abuse
Every lab geek at M.I.T. is now on the case. Winner of the next presidential election: Oliver R. Smoot
Posted by: floyddabarber | October 5, 2010 12:37 PM | Report abuse
I figured it would have been CalTech or MIT that would have pulled this one off.

My thoughts are this-
Election Day is Election Day. No “Early Voting” or “provisional ballots.” Absentee balloting is allowed.
Either people do their “Civic Duty” and appear, on Election Day or they don’t deserve to vote.
Casting one’s ballot is serious and these lazy bums that are trying to “reach-out,” for more time, are way out of line.
Posted by: Computer_Forensics_Expert_Computer_Expert_Witness | October 5, 2010 12:43 PM | Report abuse
could understand why liberals want this system.
As republicans
investgate Dem voter fraud they will need a new method to cheat.
Posted by: jpalm32 | October 5, 2010 1:06 PM | Report abuse
All hail online voting! What could possibly go wrong?!?!?
Posted by: Armed_Texan | October 5, 2010 1:12 PM | Report abuse
pretty sure most of Maryland’s votes are rigged, because most of the
state is actually republican bu the democrats always win
Posted by: interloper5 | October 5, 2010 1:27 PM | Report abuse
Can D.C. do anything right?
Posted by: COOLCHILLY | October 5, 2010 1:28 PM | Report abuse
Every lab geek at M.I.T. is now on the case. Winner of the next presidential election: Oliver R. Smoot
Posted by: floyddabarber
As a Harvard alum, I appreciated this posting. LOL.
Posted by: WashingtonDame | October 5, 2010 1:36 PM | Report abuse
state has different laws… In one of the presidential elections I
voted in here in Michigan, we had a machine that reads your pencil marks
on a ballot. I noticed while waiting in line, 2 out of 3 ballots
scanned were rejected as miss-votes - meaning some of their votes would
not be counted. Everyone accepted this. So, when it was my time, I was
extra - extra - extra careful that I did it perfectly. Mine was rejected
too. I took back the ballot and checked again. Everything was still
perfect, so I had them scan it again. This time it took When I quested
this, the election officials said they only test the machine at the
start of voting, so if some dirt gets on the lenses of the scanner, they
will never know. Also, as a voter I was not allowed to request a
re-count. Only a person on the ballot.
Posted by: arbogastd | October 5, 2010 1:37 PM | Report abuse
Since when were Democrats worried about the integrity of the vote???
Posted by: CapsNut | October 5, 2010 1:52 PM | Report abuse
want the internet voting so they can assure their coming wins by
fraud………….dems know that America has had it with their damage to
America and the American way of life
Posted by: M_Algore | October 5, 2010 1:52 PM | Report abuse
security. The only thing you can prove is its “secure” as you are
writing this very sentence. Ten secs from now, it may be hacked. And we
spend hundreds of millions on this.
Wouldn’t a low tech solution be
better, like maybe dipping our fingers into purple dye? It would stop
voter fraud, and would also be env friendly, since you wouldn’t need all
those “I voted” stickers.
Posted by: jcl154 | October 5, 2010 1:56 PM | Report abuse
even bother having elections in DC? If there’s a black candidate, award
the office to him. If both candidates are black, pick the one who’s
most liberal. The outcome will be the same as if they had wasted time
with an election, which would be stolen by ACORN and SEIU operatives
Posted by: p3orion | October 5, 2010 2:06 PM | Report abuse
for God’s sake another idiot who doesn’t understand the electoral
college.It’s more fair, you fool, not less fair. If you allowed only the
popular vote to determine the outcome of a presidential election then
only the most populous states would elect the president. It would be
whomever California wanted as president not whomever the country wanted.
Congressional seats are apportioned by population so that larger
populations can be represented properly in congress but each state gets
two senators to balance that out. Mob rule is dangerous. There has to be
checks and balances.
Posted by: haunches | October 5, 2010 2:08 PM | Report abuse
Of course the internet program was open to being hacked. Don’t these elections officials ever listen to the experts?
Posted by: dubious1 | October 5, 2010 2:15 PM | Report abuse
is a joke, systems can be secured, our banking system is secure enough.
Put some republicans in charge of this and I bet they’ll get the job
done. Anybody notice the Democrats are the only ones trying to shoot
down electronic voting, as if it’s less reliable than a gang of
Posted by: zardinuk | October 5, 2010 2:20 PM | Report abuse
of the voter fraud is in favor of Republicans. Look at Ohio in 2004
when all the votes were run through a computer in Tennessee that was
running GOP software before being sent back to Ohio. Look at the hack in
Florida that nearly caused Gore to concede on election night before it
was revealed. Almost all hacks benefit Republicans. Check it out.
And using the internet is to invite the hackers to have great fun.
Posted by: dubious1 | October 5, 2010 2:24 PM | Report abuse
print the ballots on rolls of free toilet paper so the totally
uninformed, and uninvolved can more easily cancel out your vote.
Posted by: borntoraisehogs | October 5, 2010 2:31 PM | Report abuse
ACORN… really? lol
at least the testing of this system is more transparent than the
testing done on the Diebold systems that are actually in use.
Posted by: AJohn1 | October 5, 2010 2:33 PM | Report abuse
E-Voting was brought to US by Al Goron & the Dims.
Welcome to hanging e-chads!
Posted by: harpotoo | October 5, 2010 2:37 PM | Report abuse
@ dubious1
if the voter fraud is all republicans, why not use electronic voting?
It’s your best bet at eliminating fraud. I know I want to see the fraud
eliminated, tired of seeing the bag of votes someone forgot about
magically appearing, I want electronic voting because it will solve all
of the problems. They leave a paper trail, it’s as good and better than
your preferred paper ballot.
The DNC is afraid of electronic voting
machines because they have relied on the fraud that goes on in the
voting locations for so long. It’s quite clear to me. Your argument
makes no sense whatsoever.
Posted by: zardinuk | October 5, 2010 2:37 PM | Report abuse
Yes one would THINK there should be a way to vote on line for at least
our Military.. however, while they allowed anyone to GIVE IT THEIR BEST
SHOT.. did that include CHINA who seems to LOVE to hack our Pentagon? It
is not just hackers HERE but elsewhere that we have to watch for..
Posted by: lcky9 | October 5, 2010 2:46 PM | Report abuse
God this crack attack has stopped the overseas military from voting.
Everyone knows that those people are the best possible representatives
of their city, and so they shouldn’t be allowed to vote, because they
might cause something good to happen if they could.
In another way,
this is more proof that the District of Columbia is going to get about
another $100 million to “improve its systems.”
Posted by: Extempraneous | October 5, 2010 2:51 PM | Report abuse
Yeah, baby! Saw off another chunk of that federal cash log!
Posted by: Extempraneous | October 5, 2010 2:53 PM | Report abuse
a city so replete with disfunction, where under every rock there is a
corrupt politician and/or contractor, who in their right mind thought
the government could implement a HACKER PROOF on line voting system?
Posted by: Curmudgeon10 | October 5, 2010 2:57 PM | Report abuse
is an easy way to eliminate any voting fraud. Simply require a
biometric when a voter registers and each time he or she votes, with a
system that verifies the biometric. A fingerprint is provided at
registration and the same fingerprint is given when the voter votes.
It’s not rocket science, but the Party of Illegal Voters would fight it
to the bitter end… I’ll leave it to the reader to figure out what
party THAT is.
Posted by: danny70000 | October 5, 2010 3:04 PM | Report abuse
get the money back!!
stop paying these con artists…
seize their assests …
give to my charity…
Posted by: wingdingluey | October 5, 2010 3:08 PM | Report abuse
have never understood the rationale behind changing the voting process.
It worked. The new systems are fraught with the potential for mischief
and criminality. Voting by mail - a terrible idea. How does anyone know
that the ballots counted are truly the ballots received? There’s nothing
equivalent to a precinct where votes are tallied in a public way. And
voting machines? How do we know that they haven’t been hacked (as in
this story), except worse: to provide one party or another with an
advantage - whoever the hacker happens to favor?
Worse - how do we know that the hackers aren’t in the employ of one of the political parties?
want America to go back to the good old paper ballot (no chads). And a
requirement that you be intelligent enough to complete a ballot and live
with whatever careless mistakes you make after you drop the ballot in
the box. The time to correct your mistakes is before you drop it in the
We OUGHT to be a nation of adults instead of winy entitled
spoiled brats who think that the sun shines up their a$$es and makes the
world a better place just because they have the wonderful decency to
show up.
Posted by: harrygett | October 5, 2010 3:12 PM | Report abuse
was a time when the washington post had enough clout to stop something
such as this fiasco long before the taxpayer ever got clobbered. and
internet access from jails and prisons keeps convicted felons actually
serving time from being disenfranchised. i gather the dc experiments are
off limits i.e. politically incorrect targets of the wash post. no
wonder your profits continue to drop. retro back 40 - 50 years if you
intend to remain in business. ps - when are you going to expose the
money pit known as pretrial services. possibly the biggest waste of tax
money on the planet.
Posted by: anonymoose1990 | October 5, 2010 3:22 PM | Report abuse
long as systems can be hacked no vital system - like voting - can be
entrusted to online technology. Even with manual systems if voter
tampering is discovered AFTER an election the results are not
overturned. The perpetrators are prosecuted (maybe) but the election
results are not overturned. Moreover, with cyber tampering it is
extremely difficult to find and prove direct links to the guilty. Add to
that how long it takes to move thru federal courts.
Posted by: aceswild1 | October 5, 2010 3:38 PM | Report abuse
wheelchair bound and have been for a couple years, I was on a chicago
thread yesterday about absentee ballots saying this same thing;
If I
can drag my tired broken azz to the local elementary school like I did
even before while becoming crippled from MS and did to vote against
Obama anyone else can too.
We know online voting is nuts as
we can’t even keep dead liberals from voting the old way ;( , now we
want the CHICOMS, Ruskies and all to be able to as well, because THEY
WILL if they OK this anytime in the near future.
Posted by: chicagoray40 | October 5, 2010 3:50 PM | Report abuse

Wrap a band aid around the nose piece of those geeky glasses, then DeBonis can claim he did it.
Posted by: screwjob21 | October 5, 2010 4:06 PM | Report abuse
it would be fitting to use the anthem of the peoples republic of Ann Arbor
Posted by: jibreelriley | October 5, 2010 4:09 PM | Report abuse
@snipelee, what makes you think that your online access to banking and financial services are safe?
to the hacker.. Go Blue!
Posted by: SpecTP | October 5, 2010 5:07 PM | Report abuse
is nothing in the US more sacred than voting. If one cannot get off the
couch to go to the polls, they should lose their vote!! However, power
is enticing and the Left will not go down quietly!!
Posted by: MadonnaDJ88 | October 5, 2010 5:28 PM | Report abuse
Not good. These were just students. Real pros would have ZERO problem breaking that system.
Posted by: illogicbuster | October 5, 2010 5:39 PM | Report abuse
North Carolina is satisfied and is willing to buy the software unchanged for the November election.
Posted by: James10 | October 5, 2010 6:21 PM | Report abuse
only truly secure system is one that can be audited by the voters.
Voters should be able to log in at any time afterwards and confirm their
vote the same way they confirm their bank account balance.
Posted by: c094728 | October 5, 2010 6:53 PM | Report abuse
any of the students could hack it to change all repub votes to dems and
keep all dem votes, then it would have been a go for
Obomba/Pelousy/Reed express.
The student who hacked needs protection now.
Forget the young men who were murdered so Obama could run for
Donald Young, Nate Spencer, Larry Bland, Lt. Quarles Harris, Jr.
Posted by: LaVie | October 5, 2010 7:05 PM | Report abuse
Non-Taxpayers should not vote
Posted by: LaVie | October 5, 2010 7:11 PM | Report abuse
you Hacker! This just shows how dangerous and vulnerable online voting
is. This person did us a favor. Just think if he can do it what is to
stop the government or a candidate hiring someone to do it. Ever hear of
black ops? These a..holes have the key to every server. Thank you very
Posted by: sdchanman | October 5, 2010 7:24 PM | Report abuse
This is old news. How do you think the Obama Mafia got Barack elected?
Posted by: DigitalBob1 | October 5, 2010 7:41 PM | Report abuse
all you dopes who thought online voting could be relied upon, raise
your hands. Now, put your hands down and go stand in the corner.
JM (Electronics/Computer Systems Engineer with decades of experience)
Posted by: JMinSanDiegoCA | October 5, 2010 7:59 PM | Report abuse
can only imagine Obama sitting up late with his laptop at his side,
trying to figure out how to enlist these folks to rig the 2012 vote. He
should be banging Michelle but have you taken a good long look at her
Posted by: dougonesko | October 5, 2010 8:41 PM | Report abuse
The Democrats will hack the voting process, whether or not computers are involved.
Posted by: Jack64 | October 5, 2010 8:50 PM | Report abuse
I don’t care what song they played to hail the voting system, that’s some funny $hit!
Posted by: jayesouthworth | October 5, 2010 8:56 PM | Report abuse
When will people figure out anything that involves a computer can be
compromised? Especially if it’s online, since the guy doing it doesn’t
have to be anywhere near the actual machines. Some things are just best
kept offline.
At least they tested it openly rather than hoping a
flimsy attempt at security through obscurity would save them, unlike
*some* electronic voting efforts.
Posted by: CppThis | October 5, 2010 11:30 PM | Report abuse
The “system” was compromised in 2008 when DUH WON.
Posted by: LoneWolf1 | October 5, 2010 11:41 PM | Report abuse
Why is it that I can safely access my bank accounts, investment
accounts, Ebay, etc. from virtually anywhere on the planet, but I cannot
vote online?
For one thing, because voting includes a “secret ballot”.
are a number of commercial startups addressing the on-line voting
“market”. Their sites generally contain white papers explaining the
problems and their solutions. Read a few.
Secret ballots are an
example of voting system problems eBay and banks don’t have. The voting
system must be able validate that each counted vote comes from one and
only one voter. But the system cannot know who that voter is. And, at
the same time, the system must be able to prove to you that your vote
was counted one and only one time - and it was for who you voted for.
Except, again, the voting system cannot know who you voted for. Take a
minute to think of a way to do this. :)
That said, it sounds like the
problem with this site had nothing to do with voting and everything to
do with running a secure web site. That also said, it’s one thing for a
few thousand, full time, highly paid, expert specialists to run a secure
web site, and quite another for 10’s of thousands of amateurs to do so.
That means that, unlike a paper system run by amateurs and subject to
the sorts of controls a normal person can understand (try not to let
dead people vote, don’t lose the ballots, etc), on-line voting systems
will either be run centrally by pros (do you trust them? why?) or be
turn-key products produced by pros (do you trust them? why?). And, in
either case, they’ll run like the dozens of computers running in your
new car - outside your knowledge and vision.
And, as another example
of why eBay and banks are not like voting systems: eBay and banks tend
to have custom systems. You break one, the others still stand. Every
county ain’t gonna roll their own, custom on-line voting system. If all
counties buy the same system - well, you break that system, you can
pretty much count on getting that paving contract anywhere you bid for
Posted by: bar_washington_post | October 6, 2010 3:54 AM | Report abuse
are people going to learn that NOTHING online is secure. My god Hugo
Chavez could be elected president with this system. Or worse BHO might
get re-elected.
Posted by: backliner | October 6, 2010 4:57 AM | Report abuse
is very likely a test of the DNC ability to hack the system in
preparation for Massive cheating in the coming elections. NAAAHHH
couldn’t be….thats much too far fetched!
Posted by: rabiddog9 | October 6, 2010 7:05 AM | Report abuse
this online voting ploy be another misguided attempt by Obama’s people
to once again by way of deception insure a victory in the upcoming
November elections? After all, that is the only possible explanation for
Posted by: hindsight2040 | October 6, 2010 7:16 AM | Report abuse
Go Blue!
Posted by: gb11231 | October 6, 2010 1:21 PM | Report abuse
is shameful that the scientific community allows ego driven agendas to
impede efforts to secure the vote counting process. We know open source
and paper ballots are minimal mandatory requirements. Hopefully OVC will
address oversea ballot issues- as they have effectively demonstrated
open source / paper ballot systems for precinct use.. We don’t need
licensing schemes and ego games.. we need election system security !!
Posted by: UnderdogUSA | October 10, 2010 10:22 PM | Report abuse
only ones that seems to be seeing this correctely are JMinSanDiegoCA
and c094728 with a few other interspersed good ideas. There is a world
of difference between an excellent computer scientist and one that
specializes in security. Even if they do correct the problems in the
system it still has excised the most important element - people who can
monitor to make sure things are progressing fairly. There is a reason
polling places have at least both a Republican and a Democrat running
them. Both are there to assure as much as possible voting fairness. If
you don’t like the system then get involved in how to correct it by
being one of these polling control people or blogging about where you
have actual proof the system is failing. It would be nice to also have a
post check to make sure what you voted for actually happened.
As to
the people complaining about the absentee ballot, shame on you. The
people in the armed forces in Iraq, Afghanistan, and other parts of the
globe, many in harms way have just as much right to vote as you do. They
maybe have even more right to vote than you do. I for one want to make
sure they have that right and opportunity to vote. If I was a Democrat
and they were all Republicans I would still want it. Ditto for
vice-versa. This is not a partican issue.
Please, lets keep this
central to the point at issue, which is whether we can trust online
voting. As one of those computer security analysts I have to say the
answer is no. If you see it differently my answer will still be no. The
instant something is open to attacks from the entire world then the more
likely it is to be successfully attacked. Really, they didn’t have the
sucker protected from a shell injection attack? Bad. REALLY BAD!
Posted by: hhhobbit | October 11, 2010 1:22 PM | Report abuse
Post a Comment
encourage users to analyze, comment on and even challenge’s articles, blogs, reviews and multimedia features.
reviews and comments that include profanity or personal attacks or
other inappropriate comments or material will be removed from the site.
Additionally, entries that are unsigned or contain “signatures” by
someone other than the actual author will be removed. Finally, we will
take steps to block users who violate any of our posting standards,
terms of use or privacy policies or any other policies governing this
site. Please review the full rules governing commentaries and

You must be signed in to to comment. Please sign in.

About Bruce Schneier

Bruce Schneier

I’ve been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998. I write books, articles, and academic papers. Currently, I’m the Chief Technology Officer of Resilient Systems, a fellow at Harvard’s Berkman Center, and a board member of EFF.

Schneier on Security

Amtrak “Security”

Amtrak will now randomly check IDs:

Amtrak conductors have begun random checks of passengers’ IDs as a precaution against terrorist attacks.

This works because, somehow, terrorists don’t have IDs.

I’ve written about this kind of thing before. It’s the kind of program that makes us no safer, and wastes everyone’s time and Amtrak’s money.

Posted on November 19, 2004 at 10:03 AM



Jeremy HillikerNovember 19, 2004 3:04 PM

“It is a ticket verification program, which is not intended to
determine a person’s identity, but to make sure the person who’s
traveling with the ticket is the person whose name is on the ticket,”
Black said.

It’s a business move to stop the resale of tickets by people who
don’t want them anymore. Now you can’t buy the tickets from someone who
needs to dump their’s in the classifieds. This is the same reason that
they check IDs on airlines. It’s not for security, it’s to increase

mindwarpNovember 19, 2004 3:18 PM

Random? My ID gets checked every single time I board an Amtrak bus or
buy an Amtrak ticket. When I buy a ticket after boarding a bus, my ID
is checked TWICE. When are IDs *not* checked?

NickNovember 19, 2004 9:52 PM

So, if you want to travel on AmTrak, you have to have your papers
with you, so you can present them when the guard says “Show me your

Patrick BerryNovember 20, 2004 1:46 AM

Just more of the “look we are doing something” mentality. The
theory that by doing anything, even something incredibly dumb, you have
a non-zero chance of catching a bad guy/gal is just too irresistible I

Bruce, is it just that Amtrak is ignorant of how to enact useful
security measures or do they really think this will a) work or b) be
good PR?

Zak BravermanNovember 21, 2004 2:26 AM

Bruce, you’ll love this.

I live in Japan and whenever I get money wired to me from the US
someone from the Japanese bank branch calls me and asks what I’m going
to use the money for. This is (I’ve asked) to prevent the money from
going to things like the Red Army, N. Korea, or terrorists.

All the Americans I tell about this roll over laughing, but it has never occurred to Japanese people just how stupid this is.

“Darn, I guess you caught me!! I was going to give it to the Red Army. How come you bank people are so crafty?”

SteNovember 22, 2004 4:08 AM

This is probably just another case where “doing something against
terrorism” is used as an excuse to pursue another, completely unrelated
goal (a commrecial one?).

johnNovember 22, 2004 6:50 AM

i am reading ‘the outlaw sea’ now, and the author there, in a similar
situation, points out that if someone were to get found without an ID,
that would probably better demonstrate innocence, since someone up to no
good is obviously going to take care of the details like ID

OliverNovember 22, 2004 9:33 AM

When I recently took Amtrak through Montana, border patrol cops
boarded the train outside Glacier. They claimed to be looking for
illegal Canadians, but as far as I can tell they just wandered up and
down the train glancing at people. I guess they know what Canadians look
like compared to Americans.

pigletNovember 22, 2004 11:31 AM

So it seems that Amtrak tickets are personalized, like plane tickets?
That’s sad. Of course, it only makes sense to put passengers’ names on
the tickets if you intent to verify the ticket holders’ identity, so you
shouldn’t be surprised at all. But why do they put your names on the
tickets? Maybe that’s what you should complain about.

In Europe, at least, where many people travel by train than in North
America, a train ticket is still a train ticket, proof that you have
paid the fare. You have a valid ticket, then you can take the train,
usually any time you like within its period of validity. Many tickets
are nowadays bought at ticket machines. The transaction takes a few
seconds. The idea to put passengers’ names on their tickets hasn’t yet
sugested itself to train operators. Let’s hope they’ll never try to
imitate the American way.

AlisonNovember 23, 2004 7:23 PM

Hey, I was wondering if they are doing this only to give the
“perception of security” which you mentioned in Beyond Fear. Perhaps I
am giving them too much credit.

oyvingNovember 23, 2004 9:17 PM

I took the train from Albany to New York City right after they
implemented this measure. There was a call over the calling system
telling us to keep ID ready in case the conductor would ask for it. The
conductor then proceeded to ask, “If there are any terrorists here,
please tell me now.” Then he proceeded to check our tickets and never
asked for ID.

DaveLNovember 29, 2004 3:10 PM

Very good, but I still haven’t seen anything to match one of the
“security” programs instituted at the Honolulu airport after 9/11, which
still seems to show up every now and then: a couple of security guards
sit outside the parking garage and check the trunk of every incoming
car. Apparently they’re looking for large red boxes that say “BOMB” in
3-inch letters. If you’re smart enough to put your bomb in a suitcase,
no problem, because they’re not doing anything more than taking a
cursory look into the trunk. And don’t even get me started wondering
why a terrorist would choose to bomb the airport parking garage as
opposed to, say, a shopping mall.

Tyree Currie Jr.`December 14, 2004 9:45 PM

Please advise me; How can I receive an application to apply for work
with AMTRAK? I have 30 years of experience in Law Enforcement and

Thank you in advance

Scott MaceDecember 22, 2004 6:06 PM

What’s MOST shameful is that our vigilant U.S. press totally
overlooked this story for 15 days, until I posted a message to Dave
Farber’s mailing list, that I myself was subjected to one of these I.D.
checks November 9 on board an Amtrak train in California, after a stern
warning “papers please” lecture delivered to all passengers on board.

I was only thankful that my father had died the day before and hadn’t
lived to see the liberties he fought for in two wars so thoroughly
trampled upon. “Your papers please” has landed — no one even wanders
the aisles of airliners asking for I.D. It’s not far from here to roving
random law enforcement checks of anyone on foot, anywhere in the U.S.

mattJanuary 1, 2007 10:19 PM

As a former Amtrak employee allow me to provide insight…the purpose
of checking ID’s has a few important purposes: 1 in case of a tragic
event there will be a passenger list with actual names and phone numbers
of pax, 2. as many are unaware amtrak’s many many employees have the
ability to recieve unlimited train tix as a contracted right through
thier union agreements, amtrak is doing this as a means of keeping
employees honest and not allowing the employees to give away and or sell
these free tix to non employees - amtrak does not have any one in
buissiness withem!

keeplosingmoneyMay 28, 2007 8:23 PM

They’re already losing money. Now, people who don’t want to be
harassed won’t ride, so they’ll lose even more money. Good for them.

barbAugust 10, 2007 8:46 AM

as i sat on a amtrak train looking over the beautiful sites of dc, i
suddenly thought how easy could it be to put a bomb on the train! i got
off in philly, had a friend drive two hours to pick me up! I cancelled
my return reservation and had my friend drive me to the cape may ferry,
where I went thru security and had my husband drive 4 hours up and 4
hours back- no moore trains for me!

barbAugust 10, 2007 8:46 AM

as i sat on a amtrak train looking over the beautiful sites of dc, i
suddenly thought how easy could it be to put a bomb on the train! i got
off in philly, had a friend drive two hours to pick me up! I cancelled
my return reservation and had my friend drive me to the cape may ferry,
where I went thru security and had my husband drive 4 hours up and 4
hours back- no moore trains for me!

YONICKFebruary 28, 2008 12:02 AM


CarolineApril 29, 2010 9:12 PM

If it’s for security purposes, let’s say a person has a foreign
passport, would they look at the picture and the name only or would they
check for a Visa too? Someone said terrorists don’t have IDs, but they
would probably still have a passport (assuming they’re foreign, because I
believe there have been terrorists who were born here, which in case
they WOULD have an ID).

AlexMay 30, 2010 2:02 AM

Even if there ARE terrorists in a train, what are they going to do? Hijack the train and crash a skyscraper with it? Hahaha

KeithNovember 28, 2010 4:12 PM

I realize this is and old article but showing ID is meaningless. You
should be able to buy your ticket at a kiosk in any airport or bus
terminal by cash or credit and hop on in less than 5 minutes. This
security theater is a useless waste of time. Checking to see the name
on an ID matches a ticket is moronic and another waste of time. Lock
the cockpit, lock the conductor doors and be done with it. Stop taking
away my right to travel freely by encroaching on the 4th amendment.

LisaMarch 7, 2013 8:02 PM

Actually, amtrak is very generous when it comes to refunding tickets.
So there’s really no need to “dump” tickets on someone else.

New Voting Technology: Problem or Solution?

United States addressing the need to improve its election process

05 October 2007

Polling officer (© AP Images)

In India, a polling officer checks the electronic voting machines before the election in May 2007.

By Paul S. DeGregorio

Like many
other democracies, the United States is addressing the need to improve
its election process to ensure that all citizens can vote freely,
easily, and securely. An election expert describes the actions the U.S.
government has taken to facilitate the casting of ballots across the
country, and he discusses the promise and pitfalls of electronic voting
systems, as technology moves into the mainstream of election
administration. Paul S. DeGregorio is the former chair of the U.S.
Election Assistance Commission, and he has worked for 22 years as an
election expert in more than 20 countries.

During the past
decade the world has experienced a significant focus on the process of
voting. Many countries, rich and poor, developed and not-so-developed,
are using new technologies to select their leaders. Voters in India, the
world’s largest democracy, cast their ballots using electronic
push-button technology, while voters in Haiti, the poorest country in
the Western Hemisphere, present a modern identification card with photo
and thumbprint when obtaining their ballot. Indeed, in Estonia
(E-stonia, as they like to be known) voters can now use a smart card to
cast their ballot over the Internet from anywhere in the world.

the United States more than 90 percent of votes are cast or counted
electronically. Every polling place is now required by law to have a
voting device that allows people with disabilities to vote privately and
independently. Thus, a voter who is blind can put on earphones and
touch a screen or buttons to advance and vote the ballot — in private.
The United States is the only country in the world with this type of

Voters with other special needs, such as those who do
not speak English as a first language, are also helped by this new
technology. In Los Angeles County, California, ballots are provided in
eight languages. It is clear that new technologies can be a major
enabler for those voters who are challenged by physical handicaps or
language barriers.

The majority of these new election
technologies, and more, have been introduced within the past 10 years.
And each year more countries introduce new methods to make voting
accessible to all segments of society.

Do these new technologies
help to achieve greater voter access and to curb poor turnouts? Are they
trusted by all segments of the population? Or do they introduce new
problems and provide an unfair advantage for certain voters? These are
important issues now being debated within individual countries and in
the international community.

Improving the U.S. Election Process

the United States the election process received dramatic attention at
home and abroad after the 2000 presidential election when, during a
six-week period, no one was sure who won the presidency. The terms
“hanging,” “pregnant,” and “dimpled” chad became part of the worldwide
lexicon. The administration of elections in the United States has come a
long way since that watershed event. In 2002 the U.S. Congress passed
the historic Help America Vote Act, known as HAVA, which, for the first
time, provided significant federal assistance to the 50 states, the
District of Columbia, and U.S. territories to improve the election
process. In fact, there have been more election laws and regulations
promulgated in the United States during the past seven years than in the
previous 200 years of American history.

Much like the
Netherlands, England, Japan, and several other countries, all elections
within the United States are local; that is, they are administered by
local officials who make most of the decisions on what method of voting
is to be used by voters in their jurisdiction. HAVA gave state election
officials more authority to oversee and regulate local entities. In most
states, a secretary of state, a state official elected on a partisan
ticket, is the chief election authority. In a few states, including New
York and Illinois, a bipartisan board of elections oversees the voting
process. The United States is unique in the fact that more than 70
percent of local election authorities are elected on a partisan basis,
with job titles such as county clerk, county auditor, and supervisor of
elections. These officials are held accountable by the voters every four

The Help America Vote Act created a federal agency, the
U.S. Election Assistance Commission (EAC), to provide a national focus
on election administration and, for the first time in American history,
appropriated more than $3 billion in federal funds to improve the voting
process. The EAC [], which began its work in late
2003, is a four-member body of two Democrats and two Republicans,
appointed by the president and confirmed by the U.S. Senate. I was among
the first appointees to the EAC and served as chairman in 2006.

New technology helps voters with disabilities (© AP Images)

As required by the Help America Vote Act, new technology helps voters with disabilities to cast their ballots.

In addition to distributing funds, the EAC also set new
standards for the use of technology in voting, standards that are being
followed closely by other countries. Working with the National Institute
of Science and Technology [], the EAC
established significant new voting system guidelines that focused on
security and human factors. These guidelines are helping the states
ensure the integrity and usability of the electronic devices that are
utilized by millions of voters in every election. In addition, the EAC
has focused on the management side of election technology and is
producing several important documents designed to help election
officials manage the important elements of e-voting systems, including
logic and accuracy testing. In recent years the Council of Europe
[] also has embarked on a project to provide similar
standards for e-voting systems, since many European nations are moving
toward the use of electronic voting devices.

Perhaps one of the
biggest challenges for all election officials is the training of poll
workers and voters on the new voting technologies. In the United States,
where the average age of poll workers is 72, the introduction of
electronic devices that have computer memory cards that have to be
checked and moved has resulted in a shortage of the 1.3 million workers
that are required to conduct a nationwide election. Perhaps the United
States might follow the lead of Belgium, where 18-year-olds are
conscripted to run the polls.

Is Internet Voting in Our Future?

the increasing penetration of the Internet throughout the world, and
certainly within many countries, e-democracy is a concept that is
beginning to take hold and spread rapidly. Like the private sector,
candidates, political parties, and governments all are utilizing the
Internet to get their message to the public — and to have the public
respond to them. Several countries, including Estonia, the Netherlands,
Switzerland, and England, now allow their citizens to cast ballots via
the Internet. In local elections held in May 2007 in Swindon, England,
using secure technology developed by Everyone Counts
[], voters could cast their ballot by
telephone, over the Internet, at public libraries, by mail, by paper
ballot, or by using any one of 300 laptop computers placed at 65
locations throughout the borough. It was one of the most ambitious — and
successful — voting pilots ever sponsored by the British government.

in a global and mobile society, citizens of any country who are living
abroad face difficult challenges to participate in elections. This fall,
to meet that challenge, Australian military voters will cast their
ballot for parliament over the Internet. The estimated 6 million
Americans abroad have had a difficult time casting their ballots, with
most having to use a cumbersome postal process to exercise their right
to vote. The Overseas Vote Foundation
[] and the EAC have estimated that
more than one in four of these citizens who attempt to vote are not
having their ballots counted. Efforts by the U.S. Federal Voting
Assistance Program [] to improve the process have
helped, but a recent report by the U.S. Government Accountability Office
[] indicates much more needs to be done.

the United States’ most popular television show, American Idol,
experiencing more votes cast in four hours (73 million) than the number
cast for the winner of the 2004 U.S. presidential election (62 million),
it is not hard to figure that younger Idol voters will demand the use
of some type of mobile technology when they are old enough to cast
presidential ballots.

Along with the increased use of technology
in elections have come increased scrutiny and skepticism about
electronic voting. While Americans have been using electronic voting
devices to cast their ballots since the late 1980s, it has only been
since the passage of HAVA and the spread of e-voting across the United
States and the world that many groups have organized to question or even
oppose the use of electronic voting devices, particularly those without
any type of paper trail []. In Ireland,
where the hand-counting of preferential ballots can take up to a week,
an attempt to introduce e-voting to speed the process ended in failure.

institutions and other organizations involved in monitoring and
assessing elections, such as the Office of Democratic Initiatives and
Human Rights of the Organization for Security and Cooperation in Europe
[]; IFES, formerly the International Foundation for
Election Systems []; the Carter Center
[]; and Electionline
[], have had to develop new methodologies to
determine whether elections involving e-voting are free and fair. It is
one thing to watch paper ballots counted by hand; it is entirely another
to monitor the electronic capture of a vote.

The new election
technology sweeping across our collective democracies has certainly
empowered voters, led to increased participation, and, in many cases,
enhanced transparency by reporting results before they could be changed.
However, has it increased trust in the results? That is a question that
remains to be answered as election reform and the use of new technology
continue to be debated throughout the world. There is no question,
however, that technology will continue to enhance the way we vote — as
it continues to enhance our daily lives.

The opinions expressed in this article do not necessarily reflect the views or policies of the U.S. government.

Read more:

Electronic Voting

Rebecca Mercuri,

Updated 9/1/10
P.O. Box 1166 — Dept.

Philadelphia, PA  19105

notable AT
notablesoftware DOT com
215/327-7105 or

10AM-6PM U.S. Eastern Time, Mon.-Fri.  (Please
try the 609 number first)

contents of this webpage and website are Copyright ©
2000 - 2010 by
Rebecca Mercuri. All Rights Reserved. All material is protected by
copyright attributed to Rebecca Mercuri where she is the sole author,
the original sources otherwise.

I am
for comment, consultation, expert testimony, and lectures on electronic
vote tabulation, and can be contacted via the information at
the top of this page.  Members of the press and researchers
seeking interviews and quotation permissions may find it helpful to
at the guidelines posted here. I
would appreciate it greatly if calls can be limited to the hours of
- 6PM, U.S. Eastern Time, weekdays.

Follow links
to full text of papers and articles. Papers not linked may be available
on request. As this website is rather long, I’ve highlighted certain
“must read” papers and articles using red asterisks (*). For a good overview of the subject, search
for these first and read the text at their adjacent links.


I am
opposed to the use of fully electronic or Internet-based systems for
use in anonymous balloting and vote tabulation applications.  The
for my opposition are manyfold, and are expressed in my writings as
well as those of other well-respected computer security experts. 

At the
present time,
it is my strong recommendation that all election officials REFRAIN from
procuring ANY system that does not provide an indisputable, voter
verified paper ballot.

have gradually discovered that manually prepared paper balloting
systems, augmented with assistive paper ballot-marking devices for use
by the disabled and those with literacy and language issues, can
typically be procured and maintained for considerably less than half of
the price for a Direct Recording Electronic (DRE) with touch-screen or
push-button input, or DRE/VVPAT (DRE with ballot-printer) system.
Ballot-marking devices do not need to be
electronic or computer-based. Opscan-style ballots can (and should) be
hand-counted. Paper ballots increase voter confidence by offering the
best in terms of reliability, usability and recountability, as well as
being highly cost-effective.

Since 2003,
because of unresolvable problems with the implementation and deployment
of the DRE/VVPAT systems, and the difficulties experienced in using the
VVPATs in recounts, I have recommended AGAINST the purchase of these

A detailed
explanation of these points, along with my suggestions regarding the
selection of appropriate voting equipment, is provided in the full text
of this statement, available *here*.

Table of Contents

  • State


Danger to Democracy #1

Popular Vote (NPV) legislation has been creeping into state after
state. Fot those of you who don’t know what it is, NPV, when fully
enacted, would MANDATE that states cast their electoral votes, NOT how
the voters of those states intended, but rather to the winner of the
NATIONAL popular vote. Yup, YOUR electors would be REQUIRED to cast
their Presidential votes to the AGGREGATE US highest vote-getter,
REGARDLESS of who the winner was in the state itself. I can’t imagine
how this could even remotely be deemed Constitutional (remember the
concept of States’ Rights?) but it would likely take a team of
Harvard-educated lawyers to argue this point before the U.S. Supreme
Court. If enough states (they only need a total of 270 electors) are
stupid enough
to allow
their legislatures to pass the bill and their Governors sign it, then
we’re ALL hosed, even if your own state doesn’t sign on.

Here’s what it really means and why it’s on my evoting website –
states that have unauditable voting will be incentivised to increase
their bogus vote totals for President well beyond what they need to do
to win their own state, enough so that they can shift the national
total to the candidate of their choice! This is no problem for places
like Ohio, where observed variations in the number of persons who sign
the polling book from the number of ballots recorded on the machines,
in over 80% of precincts, is somehow considered “normal” — or in
Florida where the citizens vote on paper ballots read by
optical scanners but prohibited from review via manual
recounts. Basically, if NPV becomes law, then the Crooks
are in Control
for sure. To find out the status of NPV in your
state, check
– if it does not say “enacted” yet, then let your State Senator, State
Representative and Governor all know RIGHT AWAY that this is a HORRIBLE
idea that should not become law.

Danger to Democracy #2

The same group that
has been
promoting NPV is also hawking Instant Runoff Voting (IRV). Certainly
not coincidentally, the key founder of the organization behind both of
these absurdities is none other than John “the spoiler” Anderson. IRV
is getting a foothold with naieve communities who would like to believe
the snake oil salesmen’s claims that by making the voting selection
process harder (not easier) this somehow further enfranchises
beleaguered minority groups and third party candidates. The reason why
I’m mentioning IRV here is again because of the voting machines. Heck,
we can’t even prove that these devices (whether DREs or scanners) are
adding 1+1=2 properly. It’s all a trade secret and we’re not allowed to
check the algorithms. How can we ever hope to verify that the
complicated math needed to generate the IRV totals has been programmed
correctly? If you find yourself in a conversation with anyone
supporting IRV, just ask them to show you ON PAPER how to tally the
election and then watch them squirm. Make sure your municipality,
county, and state does not fall for IRV. For more on how to help oppose
IRV, check out

Danger to Democracy #3

Perhaps because Americans are considered to be
notoriously lazy, our election officials would rather find excuses for
not hand-counting all of the ballots in order to verify the results
produced by the computers. Of course, the reasons given for not
checking the totals at each precinct (before the ballots are removed
and have a chance to mysteriously wander away) are often ones of cost
or expedience. As it turns out, a small team of vote counters (perhaps
drafted as for jury duty), using a simple bin (not binary) method
should be able to hand-tabulate all but the most complex ballots in
time for the 11 o’clock news (assuming that the polls close at 8PM).
(For the computer scientists, it helps to recall that a bin sort is
O(n).) Of course there are plenty of mathematics wonks, and even a few
Congressfolk, who would like us to believe that a random percentage
audit is all that is necessary to confirm the electronic tallies. This
is provably untrue. Even so, such formulas require that increasing
percentages be audited if anomalies are detected, so you might as well
just count all the ballots from the get-go to avoid the further hassle.
For a detailed explanation of why partial audits don’t work, see my
post on the CNET Defensive Computing blog at
. Oh, and if someone tells you that if people touch the ballots they’ll
change the votes, just explain that page feeders could be used with
opaque projectors to display the papers without human handling.

Voter Verified Paper Ballots — An
Informational Brochure:

explanatory brochure has been prepared in response to the myths and
misinformation that are currently being circulated by those who are
opposed to independent election auditing.  ”Facts About
Voter Verified Paper Ballots
” can be downloaded, printed on
double-sided paper, and freely distributed (if in its entirety and
Although DREs with
VVPBs are an improvement over DREs without them, because of numerous
issues related to the construction and use of VVPBs (some of which are
noted below), since 2003 I have recommended AGAINST the purchase of
these devices. Ballots should be prepared on paper (not computers) and
counted from the paper (preferably by humans).

Act that did not help
America Vote:

The 2002
Help America Vote Act
(HAVA) legislation authorized $3.8B in
federal spending, with a substantial portion of these funds allocated
to US states and territories for the purpose of replacing their punch
card and lever voting machines and making voting systems accessible to
the disabled.  To obtain the money, an implementation plan had to
be submitted to the Election Assistance Commission by January
1, 2004. States were NOT required to purchase fully computerized
voting systems, they could obtain mark-sense (optically scanned)
products that use paper, but in order to receive certain of the
equipment funds, the
plan had to indicate that the state would replace all of its lever and
punch card machines by the first election for Federal office held after
January 1, 2006. New York was the only state that decided to retain its

Presidentially appointed 4-member HAVA Election Assistance Commission,
addition to approving each of the state plans, was also to be
for administering a host of other tasks, not the least of which
overseeing a 14-member Technical Guidelines Development Committee and a
110-member Standards Board, and making provisions
for “testing, certification, decertification, and recertification
of voting system hardware and software by accredited
The Technical Guidelines Committee was to have produced a set of
voluntary voting system guidelines nine months after appointment,
and it was understood that these guidelines would be the ones used by
the laboratories in their certification and testing processes.

actually occurred was that the members of the HAVA Commission were
appointed nearly a year late and the establishment of HAVA Committees
and Boards were similarly delayed. Thus, the Technical Guidelines were
NOT available by the time that
state implementation plans were due. This resulted in 9
states requesting HAVA extensions, and many others contracting to
purchase voting systems that could not possibly be HAVA compliant,
since no official HAVA standards yet existed. A
further setback occurred at the beginning of 2004, when the National
Institute of Standards and Technologies (NIST) announced that it had to
curtail all work related to HAVA (despite their named role in the
due to Federal budget cuts (funds were later reinstated for the
election project).

Those of us
(including myself) who had worked hard for this bill were sorely
disappointed that the most salient aspects of its implementation were
stalled, while initial equipment purchases were allowed to proceed
under grandfathered and obsolete standards. Many municipalities
(including in California, Florida and elsewhere) purchased voting
equipment that subsequently had to be replaced due to non-compliance,
system failures, and security and auditability concerns. It has taken
years to only partially unwind the many problems caused by the feeding
frenzy generated by overzealous voting system vendors seeking the HAVA
funds, fueled by gullible election officials who were intimidated into
the money out for products that were not yet ready for prime time. Some
of this unnecessary waste of funds could have been avoided, had
Congress merely extended the HAVA deadlines, or had the appointments
and work proceeded on schedule.

vendors said their voting machines were certified:

systems, beginning in 1990, have been certified under a system
originally established by the
Federal Election Commission (FEC) and a private group, the National
Association of State Election Directors (NASED). Testing fees are paid,
by the vendors, to
certain qualified Independent Testing Authorities and examinations are
conducted secretly without any results (other than a final passed
status) issued publicly. This certification was, at first, based on the
FEC guidelines adopted by only 37 of the states and criticized by
technologists as flawed.  (See my detailed comment The FEC Proposed Voting Systems Standard
.)  According to their website, even “the FEC
recognizes that the Help Americans [sic] Vote Act of 2002 will
alter the long term application of the Standards, including
testing.” Some problems with the FEC standard included the lack
of a requirement
that vote tallies be independently auditable, the allowance of
trade-secret code that may not be able to be inspected should an
election contest
question the proper functionality of a voting system, the use of
commercial software products in balloting and tabulation systems
any inspection at all, and no provision for re-examination or
decertification when problems are later identified. Even when
additional state certification inspection has been performed, there may
be no guarantee that any particular system has been appropriately
configured prior to deployment. Revelations that uncertified software
was used in at least two California elections (including the
Gubernatorial recall) led to the mandate that voter verified paper
ballots be added to their fully-electronic voting

Under HAVA,
the certification program was restructured under the Election
Assistance Commission (EAC) and Thomas Wilkey, the
individual formerly
responsible for this task under NASED, was appointed as the EAC’s
Executive Director, where he has continued to perform oversight of the
testing and certification tasks. The EAC generated a new set of
Voluntary Voting System Guidelines, which was approved in December
2005, far too late to have any systems tested and deemed compliant in
time for the 2006 HAVA deadline for replacement of lever and punch card
systems. Though there were some slight improvements, these guidelines
suffered from most of the same problems as did the FEC standard (as
noted above and in my
comment to the EAC
). A proposed revision (including
the MIT/NIST-proposed Orwellian concept of Software Independence –
that a voting machine could contain software but somehow be independent
of it) was issued for public comment in 2009 as VVSG 1.1, but portions
harshly criticized (including
earlier by myself
) and it has not yet been approved.

Many of the voting systems that have been certified under the 2005 EAC
standard were subsequently found to be faulty in actual elections or
via independent studies (reports commissioned by state or local
governments are posted at
). The list of certified voting systems can be found at
these are only the current certifications. Obsolete certifications
cannot be easily checked, nor is the older equipment recalled.

about Internet voting?

voting is risky due to its sociological and technological problems.
Absentee balloting does not provide the safeguards of freedom from
coercion and vote selling that are afforded via local precincts.
Internet voting creates additional problems due to the inability of
service providers to assure that websites are not spoofed, denial of
service attacks do not occur, balloting is recorded accurately and
anonymously, and votes are only cast by the authorized voter themself.
government’s website warned that “it is the citizen’s responsibility to
maintain the latest anti-virus software for their computer” in order to
assure safety, yet they failed to acknowledge the fact that anti-virus
software can only protect against known malware (new ones appear
constantly, and could occur during an election season) and server-based
are still possible. Certainly citizens overseas should have an
opportunity to vote, but perhaps this could be handled by setting up
remote balloting precincts at the U.S. Embassies, or by creating
poll-worker teams on military bases?

Back in
when the U.S.
Department of Defense first tried Internet voting
they spent $6.2M
so that 84 voters could cast ballots.  Subsequently, the DoD
Accenture, the Bermuda-based consultancy arm of the former Arthur
(can we spell Enron?) group at a cost of $22M
to oversee its SERVE project for military personnel and overseas
citizens. Following issuance of an analysis by four computer
who were members of the SERVE Security Peer Review
Group, the Pentagon decided to scrap plans for the use of this
technology to cast ballots in the 2004 Presidential election.  But
it’s far from gone — the DoD dabbled with the concept of Internet
voting prior to the 2008 election and was shot down again
by the same scientists on many of the same grounds. We’ll likely see
some variation of this project surface again as we near 2012.

Need I say
more? (If so, see the World Democracies and Press Quotes sections.)

created the Voter Verified Balloting concept?

the phrase in her comment: “Explanation
of Voter-Verified Ballot Systems
” in The Risks Digest, ACM
Committee on Computers and Public Policy, Volume 22, Issue 17, July 24,
first addressed this concept in her paper:
Verifiability of
Computer Systems
” presented at the 5th International Computer
and Security Conference in March 1992, and a more detailed description
appeared in
her Doctoral Dissertation, defended October 27, 2000. An artist’s
rendering of a “Mercuri Method” voting system
(they need not be so elaborate) appeared in her October 2002 IEEE
Spectrum article, “
A Better Ballot Box.”

The earliest description of a “ballot behind glass” was provided by Tom Benson in The Risks Digest, Volume 2,
Issue 22, March 4, 1986 and elaborated on by Kurt Hyde in
Risks Digest, Volume 2, Issue 24, March 8, 1986. The difference between
these methods and Mercuri’s involves her requirement for a deliberate
verification step, and also the recognition of the paper ballot as the
authoritative record of the voter’s choices (in the event of a dispute,
the paper version would prevail over any electronic data).

design concept was deliberately never patented by any of the inventors
that it could be freely incorporated into election systems. Shortly
after the November 2000 Presidential election, the Avante company
submitted a patent application that incorporated much of this prior art
(including block diagrams very similar to those displayed at Mercuri’s
October 2000 dissertation defense and at a subsequent publicly-attended
ACM talk she presented in November 2000, at the Sarnoff Center,
situated just a few blocks down the road from Avante’s offices). Avante
has tried (largely unsuccessfully) to pursue infringement claims
against some of the vendors who have implemented ballot printers.

Note that a “voter verified paper ballot” (VVPB) is not the same as
a “voter verifiable audit trail” (VVAT). Many vendors and some
scientists believe that an audit trail of electronically recorded
ballots can be made secure (possibly through encryption or other
mechanisms), but no such systems have yet been validated through
rigorous mathematical proofs, nor can they be independently confirmed
for correctness by non-technical poll workers, election officials or
ordinary citizens.

A great demonstration showing why electronic audits
and pre-election testing are inadequate
can be viewed at:
Simply adding paper “receipts” as some have proposed, to
the system, is not sufficient.
The voter must be required to perform an action that confirms that
their choices have been recorded correctly on the paper, hence making
it a verifiED (rather than just “verifiABLE”) ballot in a legal sense.
The paper ballot must not provide any feature that could be used to
violate voter privacy or encourage coercion and vote selling. These
voter verified paper ballots must be used to produce the certified vote
totals and be available for scrutiny in case of election contest or

about it:

  • Scientists had been warning
    for years
    about the devastation that might result from a major
    hurricane on the Gulf Coast. But the U.S. Congress failed
    to provide $35M
    to fully fund previously approved projects to build
    and improve levees, floodwalls and pumping stations in the Lake
    Pontchartrain region. The federal government did (prior to Katrina) allocate
    some $37M
    to Louisiana under the Help America Vote Act, primarily
    for the purchase and upgrade of fully electronic voting systems that
    provide no mechanism for independently auditing ballots and vote totals.
  • The Civil
    Rights Division of the U.S. Department of Justice issued a memorandum opinion
    affirming that voting systems that include contemporaneous paper
    records, allowing voters to confirm that their ballots accurately
    reflect their choices, do not violate HAVA or ADA laws, so long as a
    similar capablility (such as can be provided by audio equipment) is
    for use. This could include tactile
    , an inexpensive (non-computer) alternative for the
    visually-impaired that has been used successfully in Rhode Island,
    Canada, Peru, and Siera Leone.

Mark your

will be conducting a computer forensics seminar/workshop for the
Princeton ACM/IEEE Computer Society on November 13, 2010. One of the
sections of this short-course will overview voting system
investigations. Further information is available at
. Advance registration is required and there is a fee for attendance.

The articles
linked below in my writings section provide an
illustration of the magnitude of problems encountered with electronic
voting equipment
and offer some suggested solutions. My analyses are based on computer
and engineering facts, and are not politically motivated. Please try to
read some of the
*red starred* materials before contacting me
for further
clarification or assistance.

World Democracies

officials in world democracies often want to believe that the
situations in the USA are dissimilar to those in their own countries.
laws and procedures may be different, the computer introduces universal
vulnerabilities to privacy, accuracy, and security in elections.
All democratic nations should be advised to use caution in their
deployment of new systems, and avoid those products that do not produce
a voter-verified paper audit trail.

The United
Kingdom and other European countries have begun initiatives to convert
all or part of their voting to electronic balloting (kiosk/DREs and/or
Internet-based) systems. Europe appears to be rushing ahead to deploy
computer voting technologies with serious sociological
and technological downsides, such as lack of auditability, and
increased opportunities for vote selling, monitoring, coercion, and
denial of service attacks. During mid-October, 2002 I visited England,
on the invitation of the Foundation for
Information Policy Research
, to meet with and brief members of the
UK Cabinet and Parliament regarding this subject, and to provide
technical lectures at the Royal Academy of Engineering and Cambridge
University. My comments to the Cabinet are posted *here.
I also formally submitted an additional
follow-up comment
as part of their “In the Service of Democracy”
consultation, which explains why Internet voting is not appropriate for
UK democratic elections.  Media coverage of my UK tour can be
found over in my press section.
Information on the electronic voting project in Ireland can be found
Thanks to the unflagging efforts of this group and others (including
myself) who strongly protested the change from paper and pencil voting,
in 2009 it was announced that “the Government has decided not to
proceed with electronic voting in Ireland.” Over in the Netherlands,
the Dutch group “We Don’t Trust Voting Computers” successfully hacked a
NEDAP voting machine, turning it into a chess-playing device. On
October 1, 2007, the District Court of Amsterdam decertified all NEDAP
voting computers currently in use there. Further information at .

The Brazilian
government converted to fully electronic voting in 2000, deploying over
400,000 kiosk-style machines.  Although their elections are often
compared to those in the US, they are actually quite different because
the voters cast ballots by using numbers assigned to each candidate
(this is necessary because of a high degree of illiteracy in the
country). Concerns regarding accuracy of the self-auditing systems
caused the legislature to mandate a retrofit of 3% (some 12,000
machines) to produce a paper ballot that the voter could peruse and
deposit in a box for recount (the first large-scale use of the “Mercuri
Method” — described more fully in “A
Better Ballot Box?
“). These paper-trail machines were
successfully used during the October 6, 2002 election, and it is
believed that the rest of their machines will eventually be retrofitted
as well. Further discussion on this subject can be found in the
article: *The importance of
recounting votes
” by Michael Stanton (originally published in
Portuguese as “A importância da recontagem de votos“, on
website of the Agência O Estado de São Paulo, November
13, 2000). There is also an informative website: Brazilian Electronic Voting Forum
by Amilcar Brunazo Filho.

US Voting Rights Act

In the wake
the Florida 2000 election, a number of voting rights bills were
proposed in Congress. On May 22, 2001, the U.S. House of
Representatives Committee on Science convened a Hearing on Improving
Voting Technology: The Role of Standards.  I was joined on the
invited panel by Dr. Stephen Ansolabehere (MIT), Mr. Roy Saltman (NIST
- retired), and Dr. Doug Jones (University of Iowa).

  • A report issued by NIST,
    overviewing the session, is available at
  • The transcript, “Full
    Committee Hearing on Improving Voting Technology: The Role of
    Standards” should be available from the House Science Committee. 
  • Press coverage of the
    hearing can be found here.

These hearings
resulted in House Bill H.R. 2275, the Voting Technology Standards Act
of 2001, issued from the Subcommittee on Environment, Technology, and
Standards on June 27, 2001, which was presented with the bipartisan
co-sponsorship of Congressman Vern Ehlers and Congressman Jim Barcia.
Eventually this bill was incorporated into H.R. 3295, the Help America
Vote Act of 2002. The final version can be
found at
this bill authorized spending of over $4B on new voting systems, it
failed to provide for a voter-verified audit trail, available for
independent recount, of ballots cast. (This is discussed further in the
California section below.) It was hoped that the
related voting system standardization efforts created by the EAC/TGDC,
as authorized by the bill, would provide additional safeguards, but
sadly, the application of these controls has not been universally
mandated in the United States, leaving it up to the states (and in some
cases, municipalities within the states) to decide whether or not paper
ballots should be used or even allowed to be recounted (see Florida below).


The California
State Elections Code
contains a number of sections that are
directly relevant to US and international electronic voting issues.

requires that there be “a public manual tally of the ballots tabulated
by those devices, including vote by mail voters’ ballots, cast in 1
percent of the precincts chosen at random by the elections official.”
This section also notes: “In resolving any discrepancy involving a vote
recorded by means of a punchcard voting system or by electronic or
electromechanical vote tabulating devices, the voter verified paper
audit trail shall govern if there is a discrepancy between it and the
electronic record.” Curiously, Section 15627 on recounts states: “If in
the election which is to be recounted the votes were recorded by means
of a punchcard voting system or by electronic or electromechanical vote
tabulating devices, the voter who files the declaration requesting the
recount may select whether the recount shall be conducted manually or
by means of the voting system used originally, or both.” Section
15629 notes that “The recount shall be conducted publicly” and Section
15630 says that “All ballots, whether voted or not, and
any other relevant material, may be examined as part of any recount
if the voter filing the declaration requesting the recount so
requests.” Given all of this, one would think that the paper ballots
(either the original ones that were scanned, or in the case of the
DRE’s, the VVPATs) would be consulted in all recounts. Unfortunately,
occurred in Nguyen v. Nguyen, Case No. 07CC00407 (2007), Orange County
California Superior Court, the Judge ruled that the Election Code’s
allowance for the selection by the voter requesting the recount, means
that the requirement that the VVPAT always trump any discrepancies can
be disregarded if the requestor chooses to use the recount produced “by
means of the voting system used originally.” This loophole in the law
will likely be opportunistically exploited again until it is closed.
(Numerous YouTube courtroom videos from my 2 days of testimony in this
matter can be found by using the search string: rebecca mercuri

As well,
Proposition 41, California’s Voting
Modernization Bond Act
, passed in 2002, mandates that “a voting
system that does not require a voter to directly mark on the ballot
must produce, at the time the voter votes his or her ballot, or at the
time the polls are closed, a paper version or representation of the
voted ballot; this version shall  not be provided to the voter,
but shall be retained by election officials for use during
a manual recount or other recount or contest.” The key phrase here is
or at the time the polls are closed” — this has been
by vendors and election officials to permit the voting system to
self-generate ballot images from the internal data stored by the
computer during the election, for use in public manual tallies or
recounts. Using such systems, the voter has no way to confirm that the
ballot they intended
to cast is identical to the one recorded by the machine. Hence, such
recounts are only procedural in nature, and not truly validatory. 
Sadly, the U.S. Congress was similarly vague in their definition of
“manual audit
capacity” in the Help America Vote Act of 2002 (Section 301 a. 2), so
court rulings will play an important role in determining the
implementation of when the “permanent paper record” must be produced
(at the time of voting, or after the election is over). 

I have
always maintained that the intention of HAVA, as well as the
California Code, is to allow the voter to view the printed ballot prior
to casting it. Finally, in 2004, California’s Secretary of State agreed
(but only after discovering that uncertified software was used in their
Recall and General elections in 2003) with this interpretation. Your
is needed here — if you are a voter living in a municipality that uses
DREs (with or without VVPATs), request an absentee
ballot prior to the election so that you can cast your vote on paper.
That is the only way you can be assured that a) your vote was submitted
as you
intended and b) the ballot you prepared will be available for a manual
recount. I have been voting absentee since DREs replaced the lever
machines in my County in 2004.

In 2001,
Marie Weber, a citizen of Riverside County, CA, decided to protest
the use of the recently purchased Sequoia Voting Systems’ AVC Edge
direct recording electronic (touch-screen) voting machines in her
She filed a Complaint for
Injunctive and Declaratory Relief
against CA Secretary of State
Jones and Riverside County, CA Registrar of Voters Mischelle Townsend,
under 42 U.S.C. §1983 and the Fourteenth Amendment to the United
States Constitution. This appeared as Case No. CV 01-11159-SVW(RZx)
before the Honorable Stephen V. Wilson in the United States District
Court for the Central District of California.  Weber obtained
testimony (at name links here) from experts Rebecca
, Peter Neumann
and Kim Alexander. The
on September 3, 2002 in favor of the State on the basis of
only written testimony without deposition or cross-examination, and
without providing an opportunity to inspect the voting systems in
question (although he criticized
one witness for not having done so, even though it would likely have
been a felony to perform such an examination in the absence of a court
order), and various appeals also failed. The ruling allowed other
counties to proceed with their purchases of self-auditing voting
equipment. Despite this ruling, the subsequent Secretary of State,
Kevin Shelley, decided
on November 21, 2003 to require that all computerized voting equipment
be equiped with an accessible voter verified paper trail by July 2006.
The next Secretary of State, Deborah Bowen, decided to conduct a “Top
to Bottom Review” of California’s voting systems, which resulted in the
decertification of most of the DREs. Currently only Orange and San
Mateo Counties use DRE with VVPAT. All other Counties in CA use opscan.

Proposition 23, the None of the Above Ballot Option, failed to achieve
enough votes to pass in the March 7, 2000 election. The lack of
a “none of the above” choice for each ballot race (in all states)
creates a dubious dark hole for election auditing. Traditionally, when
one totals all votes cast in each race, these fall short of the
total number of votes eligible to be cast (usually by around 3%). The
“lost vote” (also called “undervote” or “residual vote”) rate tends
to differ depending on equipment and other factors, but it is often
also an indicator of malfunction or tampering. The lack of a definitive
“no vote” allows vendors and election officials to assert that votes
were “not cast” when in fact votes have actually been lost. This
is becoming more prevalent with the introduction of multiple recording
devices within the voting machines, and no real way to determine which
storage unit has the “correct” data. It is unfortunate that the U.S.
Green Party believes that the “none of the above” option is contrary
to their interest in promoting proportional balloting, since they are
among the most vocal opponents of this effective auditing requirement.

See for further
information on initiatives and election equipment data.U.C. Hastings
College of the Law Library maintains a search engine for its extensive California Ballot Propositions
, which is also helpful.


I was
requested by the Democratic Recount Committee to provide a sworn
affidavit regarding the necessity of a hand recount in the disputed
Florida precincts.  The testimony was presented as part of the
brief in the 11th Circuit Court of Appeals, Atlanta, November
17, 2000. The document is linked here
as a pdf file, and can also obtained through direct request to the
11th Circuit Court.  Reference to this affidavit was made in Brief
in opposition for respondents Gore et al. in Nos. 00-836 and 00-837 to
the U.S. Supreme Court.

In August of
2002 I testified in behalf of the Plaintiff requesting a recount in
Florida 15th Circuit Court Case No. CA-02-3667-AE Emil P. Danciu v.
Theresa LePore in her Official Capacity as Palm Beach County Supervisor
of Elections, Boca Raton City Canvassing Board, Palm Beach County
Canvassing Board, Susan Haynie, and Bill Hager. Footage of my
demonstration showing that a selection could inadvertently be made
without actually pressing the touchscreen at the candidate’s name
location, aired on 60 Minutes. Also revealed during the warehouse
investigation was the fact that these voting machines were never
manually checked for all combinations of candidate selections during
the pre-election testing process.

During 2007,
Florida outlawed the use of touchsreen voting (having previously
outlawed the hanging chad punchcard systems) and now uses optical
scanning throughout the state. Unfortunately, in 2004, Florida also
outlawed the right of voters or candidates to be allowed to audit the
electronically-generated results via a manual recount. (This may have been
partly in response to a federal lawsuit by their 19th District
Congressman Robert Wexler
and Palm Beach County Commissioners Burt Aaronson and Addie Green,
citing the equal protection clause of the U.S. Constitution and
claiming that it was unconstitutional for 52 counties in Florida to
a means to conduct a recount, while the 15 touchscreen counties could
not perform one.)
Thus there is no way to
independently confirm that the scanners have been programmed correctly,
are not experiencing anomalous conditions (such as treating certain
types of ink as invisible), and have not been tampered with (as Hari
Hursti showed can alter vote totals). See
for further details. For all of these reasons (plus others related to
voter disenfranchisement), Florida continues to get an F in election

New Jersey

2004-2006, I provided pro bono assistance for the Guciora v. McGreevy
lawsuit, which protested the use of paperless DRE voting machines in
the State of New Jersey on constitutional grounds. The Plaintiff’s Complaint
and Brief
can be found at the links here. I submitted extensive written
on October 16, 2004 that described numerous flaws with
electronic voting systems (lack of provability, malfunctioning that
disenfranchises voters, less accuracy, vulnerability to insider
attacks, lack of transparency, improper vendor responses to software
flaws, inadequate certification, lack of independent ballot audit, and
vendor misrepresentation). My testimony in the remand hearing before
Hon. Linda Feinberg, Superior Court of New Jersey, Law Division, Mercer
County, largely focused on the inability of the vendors to provide a
voter verified paper ballot add-on to the DRE equipment that could be
Federally certified for use, in time for compliance with the newly
enacted New Jersey law requiring same by January 1, 2008. Based on
Feinberg’s findings, the Appellate Division decided to remand the
matter to the Law Division in order to monitor compliance with the new
legislation. Although testimony by numerous individuals was presented
by Plaintiffs, the only comments noted in the Appellate
Division Opinion
were mine, pertaining to the issue that there were
factors independent of the VVPAT that would make it unlikely that the
AVC Advantage DRE would meet the 2002 FEC standards requirements by
December 2007. As I had predicted, and despite monitoring by the Court,
the VVPATs indeed were not ready by 2008 and the Attorney General
issued two 6-month extensions for compliance, also to no avail.

In the
meanwhile, a trial was scheduled and the Court ordered the State and
vendor to supply voting machines and source code for examination.
Information about the review and testimony in the 2009 (and earlier)
hearings can be found at Professor Andrew Appel’s website
and also at the Freedom
to Tinker blog
. On February 1, 2010, Judge Feinberg ruled that the
voting machines must be reevaluated to determine whether they are
“accurate and reliable” and required that additional safeguards should
be put in place to discourage tampering. The statement, which noted
“there is simply no evidence to conclude that absent complete access,
coupled with malicious intent to alter the results of an election, the
voting machines have failed to correctly and accurately count every
vote cast” also indicated that all voting systems have vulnerabilities,
so New Jersey’s unauditable machines seem (at least to the Court) to be
no worse than other methods (such as those involving paper ballots).
Unfortunately, the ruling did not go far enough to require that the
VVPAT law in the state be complied with, so that there might be some
actual proof that the machines were correctly and accurately counting
every vote cast (or not). And so it goes. Personally, I have felt
strongly that the Plaintiffs’ team was missing the boat by focusing on
hacking rather than the Constitutional aspects of assuring verification
and transparency in the election process. Nothing is really proven by
such attack demonstrations, other than that they could potentially
occur — since independent examinations of the equipment directly
following the elections are routinely
prohibited, we’ll never be able to show that tampering was afoot. The
greater likelihood is that malfunctions and misprogramming actually
will (and do) occur. These we have plenty of evidence of, and only with
voter verified paper ballots is it possible to recover from and
mitigate such problems. Perhaps someone else will try to sue on these
grounds, when evidence of machine failure eventually surfaces.

I was asked
to provide comment on New Jersey’s draft Criteria for Voter-Verified
Paper Records for DRE voting machines. My response is attached here.
The final version of the State Criteria is posted at
. The Attorney General’s reports, also available via this website, in
which she (perhaps conveniently?) declines to certify the VVPRS (paper
ballot attachments) for the Sequoia Advantage and Edge DREs, is very
curious, since the AG’s office argued in behalf of Defense in the
lawsuit noted above. The Sequoia Advantage DREs are used in 18 of NJ’s
21 Counties. You might think that since the AG did certify VVPRS for
two other vendors’ voting machines, the Judge might have required that
these be used instead of the Sequoias, but no. Hmmm.

If you vote
in New Jersey, here’s what you can do. NJ has a absentee
where citizens can register to receive paper ballots in the
mail. You will need to re-register as an absentee each year, but it is
a great alternative to using the paperless DREs. Don’t trust the Post
Office? If you take your ballot to the County Election Office and drop
it off there (in its sealed envelopes) during their business hours
(extended to the close of polls on election day), you’ll know that at
least your vote choices have reached the tabulation center, which is
something that the DREs cannot assure. In case of recounts (which do
happen in NJ) these ballots are the only ones that can actually be
checked without computer intervention.

Writings by Rebecca Mercuri
This section includes formal papers, commentary, articles, and other
relevant materials on voting and computer security.  The PDF
versions for some of these writings may be more suitable for producing

Electronic Vote Tabulation Checks
& Balances
,” Ph.D. dissertation, defended October 27, 2000 at
the School of Engineering and Applied Science of the University of
Pennsylvania, Philadelphia, PA. The title link here takes you
to the thesis defense announcement and abstract. UPenn’s Computer and
Information Science Department has (without permission) archived the
University Microfilms version of my thesis at
and it can be downloaded (for free) there. You can also obtain a copy
the thesis through UMI/Proquest by sending an email to  — the thesis number is 3003665.  They
various archival quality formats (hardbound, softbound unbound,
microfiche, and microfilm) of the original double-spaced 235-page
document, they can take credit-card orders, and I’ll receive a small
royalty. Those who are manufacturing or evaluating voting systems will
find it helpful to consider two additional
lists of questions I
developed as part of this thesis research. Some of the wording closely
follows the Common Criteria, whose Level 4 assessment I have
recommended as a minimum benchmark for voting system
security.  Further information about the Common Criteria can be
found at

2002: Sluggish Systems, Vanishing Votes
,” (PDF) Rebecca Mercuri, Inside
Risks, Communications of the Association for Computing Machinery,
Volume 45, No. 11, November 2002.

for Electronic Balloting Systems
,” Rebecca T. Mercuri and Peter G.
Neumann, Chapter 3, Secure
Electronic Voting
, Dimitris Gritzalis, ed., Advances in Information
Security, Volume 7, Kluwer Academic Publishers, Boston, November
2002.  ISBN 1-4020-7301-1

*A Better Ballot Box?,”
(PDF) Rebecca Mercuri, IEEE
Spectrum, Volume 39, Number 10, October 2002.

Computer Security: Quality rather than
,” (PDF) Rebecca
Mercuri, Security Watch, Communications of the Association for
Computing Machinery, Volume 45, No. 10, October 2002. (Note: The
footnote numbering is incorrect in the PDF version.)

vs Mercuri
,” Rebecca Mercuri, The Risks Digest, ACM Committee
on Computers and Public Policy, Volume 22, Issue 26, September 25,
2002. Archived at:

Primary 2002: Back to the Future
,” Rebecca Mercuri, The Risks
Digest, ACM Committee on Computers and Public Policy, Volume
22, Issue 24, September 11, 2002. Archived at:

of Voter-Verified Ballot Systems
,” Rebecca Mercuri,
ACM Software Engineering Notes (SIGSOFT), Volume 27, Number 5,
September, 2002.  Also published in The Risks Digest, ACM
Committee on Computers and Public Policy, Volume 22, Issue 17, July 24,
Archived at:

Voting Interfaces
,” Rebecca Mercuri, Usability Professionals
Association Conference, Orlando, FL, July 11, 2002.

Uncommon Criteria,” (PDF) Rebecca Mercuri, Inside Risks,
Communications of the Association for Computing Machinery, Volume 45,
1, January 2002.

*The FEC
Proposed Voting Systems Standard Update
,” a detailed comment
by Dr. Rebecca Mercuri, submitted to the Federal Election Commission on
September 10, 2001 in accordance with Federal Register FEC Notice
2001-9, Vol. 66, No. 132.

Integrity Revisited
,” (PDF)
Rebecca T. Mercuri and Peter G. Neumann, Inside Risks, Communications
of the Association for Computing Machinery, Volume 44, No. 1,
January 2001.  This was reprinted in the CPSR Newsletter, Winter
2001, Volume 19, No. 1.

and Electronic Voting
,” Peter Neumann, Rebecca Mercuri, Lauren
Weinstein, The Risks Digest, ACM Committee on Computers and Public
Volume 21, Issue 14, December 12, 2000.  Archived at:
This article was also printed in ACM’s Software Engineering Notes
(SIGSOFT), Volume 26, No. 3, March 2001.

Automation (Early and Often?)
,” (PDF) Rebecca Mercuri, Inside Risks,
Communications of the Association for Computing Machinery, Volume 43,
No. 11, November 2000.

,” (PDF) Rebecca
Inside Risks, Communications of the Association for Computing
Volume 36, No. 11, November, 1993.

Suffrage Security
,” Rebecca Mercuri, 16th National Computer
Conference, September, 1993. (See Conference Panels below.)

Business of Elections
,” (PDF)
Rebecca Mercuri, 3rd Conference on Computers, Freedom and Privacy,
March, 1993.

,” (PDF) Rebecca
Mercuri, Inside Risks, Communications of the Association for
Computing Machinery, Volume 35, No. 11, November, 1992.

Verifiability of Computer Systems
,” (PDF)
Rebecca T. Mercuri, 5th
International Computer Virus and Security Conference, March, 1992.

Related Writings by Other

into Vapor
,” Craig Lambert, Harvard Magazine, November-December
2004, Volume 107, Number 2. This succinct piece provides insight into
the mathematics behind the voting system problem, in terms that a
layperson can readily understand.

*“Election Reform and Electronic Voting Systems
(DREs): Analysis of Security Issues,” (PDF),
Eric A. Fischer, Congressional
Research Service, The Library of Congress, November 4, 2003. A
well-balanced overview of voting security threats and vulnerabilities
along with an assessment of strengths and weaknesses of potential

Review of the Diebold DRE system for Four Counties in the State of
Maryland,” (PDF),
Benjamin B. Bederson, Paul S. Herrnson, University of Maryland, 2002.
This study, conducted prior to the Fall primaries, provides an early
indication of machine failures with the Diebold equipment (used in
Georgia as well as Maryland).

*“Secret-Ballot Receipts and Transparent
Integrity,” (PDF),
David Chaum, Draft, May 2002. Chaum, the inventor of eCash, describes a
unique method where voters can positively confirm their ballots, both
at the polling station and also after the election, to be sure
they are correctly entered into the tallies, without revealing their
choices. This groundbreaking work may eventually form the basis
of secure and auditable future elections.

*Opening a Can of
Electronic Chad
,” Bill Sterner, Carol Schiffler. A position piece
against touch-screen voting from the Citizens for Legitimate

How to
Make Over One Million Votes Disappear: Electoral Slight of
Hand in the 2000 Presidential Election
,” Democratic Investigative
Staff, House Committee on the Judiciary, August 20, 2001. (A 50
state report prepared for US Representative John Conyers, Jr., Ranking
Member, House Committee on the Judiciary, and Dean, Congressional
Black Caucus.)

*Voting and
,” Bruce Schneier, Crypto-Gram, December 15, 2000.
(Also read his explanation in the 2/15/01 issue about why Internet
voting is not possible, and his scathing comments about’s
proprietary voting technology claims in the 3/15/01 issue. In the
issue, this expert again confirmed his opposition to Internet

*No voting
machine is going to be perfect — and not just in Florida
,” Rick
Malwitz, Home News Tribune, November 30, 2000. (If you think
that direct-entry computerized voting machines are the answer
to hanging chad, read this.) A confirming follow-up on this story:
says booth proved not so fail-safe
,” Jeff Gelles, Philadelphia
Inquirer, January 15, 2000.

Democracy Under Stress,” Ronnie
Dugger, Los Angeles Times, November 19, 2000.

*“Disenfranchised by design: voting systems and
the election process,” Susan King Roth, Information Design Journal,
Volume 9, No. 1, 1998. (This early study examines usability issues in
various election systems, with the conclusion that newer technologies
are not necessarily an improvement for voters.) The pdf can be accessed

*Security Criteria for
Electronic Voting
,” Peter G. Neumann, 16th National Computer
Security Conference, September, 1993.  *Risks in Computerized Elections,”
Peter G. Neumann, Inside Risks, 5, CACM 33, 11, p. 170, November
1990. (Dr. Neumann has expressed his opposition to fully-electronic
and Internet-based democratic elections since the early days
of this debate. His Risks newsgroup frequently prints reports
of election problems, issues are archived at:

Integrity, and Security in Computerized Vote-Tallying
,” Roy G.
Saltman, U.S. Department of Commerce, National Bureau of Standards
Special Publication 500-158, August 1988. (This classic document
contains highly relevant material for anyone researching or dealing
with voting systems.)

*Reflections on
Trusting Trust
,” Ken Thompson, Communications of the
ACM, Vol. 27, No. 8, August 1984. This important Turing Award lecture
explains precisely how it is possible to conceal nefarious programming
such that it will never be found in a source code inspection.

A Bit of Levity

Digital Democracy,”
Mark Fiore, February 4, 2004. (A fun animation depicting what we are
getting with paperless voting systems. Wait a minute or so for it to
load, don’t press back or next.)

guarantee the outcome
,” Summer, 2003. (If someone told
me I’d be referring folks to Larry Flynt’s website, I would have
laughed, but this parody is great, and G-rated to boot!)

A Renegade Reciprocal Miracle Chad,”
Joel Achenbach, Washington Post, November 17, 2000. (A lighter view of
the punch card problem)

Join My Email Group

I have
a private email group which I am using to send messages regarding
updates to this website and other announcements about relevant
conferences, legislative activities, election litigation and my
talks and media appearances. The group is “send-only” so replies go
to me, not to the other group members. Announcements are sporadic,
only a couple per month. If you are interested in joining, send an

Then follow
the instructions in the reply message that you will receive, and I will
place you on the list. If you join topica (although you don’t need to
do this to be a mailgroup member), you can review all of the prior
messages in the NotableVoting history list at their
website. If you tire of the list, you can remove yourself from it by
sending a message to and your
address will be deleted.

Additional Links

The wealth of materials at these
sites may be helpful to those who are interested in voting technology.
The links here are in no particular order and should not be construed
as endorsements. As web pages and hosts can change rapidly, I take
absolutely no responsibility for the content and/or reliability
of these links.

       - Inside Risks
   - Risks
Forum Newsgroup

comments (0)