I am a Charlottesville native and UVa SEAS graduate (Computer Science class of 2000). I have been involved in electronic voting issues for the last few years, and was part of a panel at the Virginia Legislative Electronic Voting Committee on Monday. I was there for Mr. Sincere's comments, and saw the video of his comments on July 19th . ... [T]his link ... shows that the video ... is unedited and has his complete 8-minute testimony, from the time he approaches the podium to the moment he walks away: [Edited slightly for clarity].
This past Monday, Mr. Sincere presented testimony that was wrong on the facts, displayed a fundamental misunderstanding of the problems of source code quality assurance, displayed a fundamental misunderstanding of the important issues to consider when choosing a voting system, and presented a financial "study" that has since been discredited.
Mr. Sincere testified that an attacker would have to bribe nearly a dozen people -- if not more -- to hack into a voting system. This shows a lack of imagination as to how hackers actually get into computer systems. Last summer I created a write-up of how one might break into a voting system, with only modest means. This write-up was subsequently linked to in Bruce Schneier's monthly computer security newsletter, Crypto-Gram, required reading for any security professional.
Second, Mr. Sincere testified that the federal government, Virginia, and Charlottesville all examine and test voting machines, which catch all possible problems. As a computer scientist and North Carolina resident, I can attest that this is simply wrong. Many modern touchscreen systems are based on Windows XP or an embedded form of Windows (CE); the source code for these operating systems consist of between 15 and 45 million lines of source code, NONE of which is ever examined. Federal voting system standards explicitly exempt commercial off-the-shelf (COTS) products used in voting machines. Even though this software constitutes the bulk of the code on your modern paperless machine, it is never examined by the feds, and only tested to meet low standards; for example, the mean-time-between-failure for even the most recent voting system standards is 163 hours. This means that on election day in Virginia, nearly 10% of the voting machines can experience a failure and still meet federal standards; during the two-week early voting in North Carolina, over 90% of the machines can experience a failure and still pass federal standards.
On a more simple basis, every single voting machine failure to date -- including the permanent loss of 4,500 votes in Carteret County, North Carolina -- occurred on a voting machine that passed all stages of testing and examination. If Mr. Sincere was correct about the effectiveness of testing, we wouldn't be seeing these problems in the first place.
Thirdly, Mr. Sincere repeatedly pushed the fact that voters "liked" the new machines. Usability and reliability have nothing to do with each other. I'm sure there were many satisfied owners of Ford Pintos (well, right up until their car exploded in a crash). The question is not "do the voters like it?", but rather "will it work reliably?" Mr. Sincere wrote on his blog on Monday:
I would counter with this statement:
The above was said by Dr. Richard Feynman on April 3, 1986, during the Presidential Commission on the Space Shuttle Challenger Accident. That Commission concluded
This sentiment was echoed in 2003 by NASA Director Sean O'Keefe in the wake of the Columbia disaster.
The burden is to prove that electronic voting is safe, not for opponents to prove that it is unsafe.
Finally, Mr. Sincere submitted a financial report to the Committee, created by George Gilbert, the Director of Elections in Guilford County, North Carolina. This study has since been refuted by the state's own financial research on this issue, research that Mr. Gilbert himself helped perform:
This study was done with the help of Gary Bartlett, another advocate of paperless voting systems. However, Mr. Bartlett is more willing to have an honest discussion about the costs and tradeoffs of different systems.
Mr. Gilbert has a history of making wildly inaccurate statements and asserting that his opponents are lying, without provided any hard proof of his statements. Anyone looking to take advice from Mr. Gilbert -- or from anyone else, for that matter -- should be certain that statements are backed by facts and research, rather than simple assertion.
Justin Moore (electronic mail, August 24, 2005)
P.S. In his blog, Mr. Sincere cites a FAQ from the League of Women Voters in support of paperless systems. This FAQ runs contrary to the official position of the LWV, which is simply that any voting system must be "Safe, Accurate, Recountable, and Accessible." The FAQ is a remnant of the old pro-DRE position of the LWV leadership, which lead to a heated debate at the 2004 LWV National Conference, and the change of official position by the LWV. In short, Mr. Sincere is relying on yet another document that misrepresents the facts; in this case, the official position of the LWV.