Plain Talk Series on Election Security #5: Why Not to Trust a Computer With Your Vote (Part 2)

A six-part series about Election Security

This is the 5th of a 7-part series of election security vignettes intentionally kept as brief as possible to stick to the main point of the title above. Its intended to acquaint relatively new-comers to election integrity and security, and that includes anyone and everyone from concerned citizens, to journalists, to policy makers. Trusting computers with ballots is a wee bit more complicated than we’d like, so here is the rest of the last installment.

In Part 4 of this series, I wrote about why you shouldn’t 100% trust a computer with your vote, because a vote counting computer is a computer not fundamentally different than the computers on your desk or in your pocket. And they all occasionally seize up, mangle your document, or lose your eMail, or glitch up your fun computer game.

But what does that really mean, “not fundamentally different?” Here’s just a short list of all the reasons that nearly all computers can (and do) mess things up. Computers have hardware, software, and exist in a world that’s sometimes hostile. To be specific …

  • Computer hardware components are just fancy manufactured goods, and units with manufacturing errors do get used. And they have a limited lifetime. So, yes, at the most awkward times, hardware failures happen, and in some cases important data can get corrupted irretrievably. (We don’t want that data to be votes! Or safety signals on train lines, or danger alerts in cockpits, or …)
  • Computer hardware is manufactured in a global supply chain, and believe it or not there are cases where it is manufactured to do bad things on purpose. We don’t want malicious hardware in our voting machines, but it’s next to impossible to detect, and so nobody tries. (Military systems are constructed from purpose built components rather than trying to detect bad hardware from potentially untrusted suppliers.)
  • Then there’s the software. As you know from your PC crashing or your word processor losing your work, stuff happens. But that’s because of a fundamental reason that any computer science person will tell you: all software has bugs; some bugs can mess up the crown jewels that the software is working on; some bugs create cyber-security vulnerabilities; some vulnerabilities can be exploited to completely hack the system, in some cases down to the hardware, and there is no way to recover.
  • And then, of course, these are just machines that live in the real world. High temperatures can mess up a computer (think voting machines in a truck in July in Arizona), or high humidity (think rainy election days with paper jams of damp paper ballots in ballot counting machines), or unusual electrical conditions (think golf shoe spike in a power strip), or even just a big magnet that can scramble code and data, invisibly and irretrievably.

So for all of these and other reasons, we have to accept that our computers are as fallible as people, though in different ways, and by themselves can’t be trusted to do anything truly important, perfectly, reliably, all the time.

And we do accept it, because they’re so darn useful, and because in many cases we can take precautions to limit damage.

As for basic precautions, in elections it is pretty easy.  Election officials can detect and correct when ballot counting computers make mistakes, by doing spot checks of the computers’ results, via comparison with human examination of sampled paper ballots.

Does that mean that all’s well, at least in places that have stamped out paperless voting? Not entirely.  Having a paper ballot from every voter is great way to enable the spot checks, but then election officials have to actual do an audit process, and do it right. That’s especially true in large jurisdictions that have to do it right at a very large scale, and in small jurisdictions with very limited resources.

And even then voting machines are subject to slander and propaganda.

Because voting machines (as they are designed and built today) are easily hackable, it’s easy for adversaries to make spurious claims that they did real hacks to steal votes.

Until we have practically hack proof machines (not quite “just around the corner”), our vote counting computers have to also be operated to the highest standards of public trust, with audits that produce the evidence of true election results, to counter false claims of election hacking.

Next: Three Kinds of Election Security That You Should Already Know

To read more, here are all of the articles in this Election Security Plain Talk Series.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.