You’ve probably read about California’s frenzy over whether to start using computerized voting machines. Teams of computer-security experts examined California’s would-be voting system and concluded that attacking it would be quite feasible. State officials disagreed. Sensing that the notion of finding a better answer would require them to actually do their jobs, the officials challenged the security experts’ findings with the age-old technique of denial. “Bah!” they cried. “Those ‘experts’ used very improbable attack methods.” After all, what are the chances that a bad guy could get physical access to the machines clandestinely? Who could even imagine that a malicious user might access and modify the machine’s programs?
Now, you’d think that California—the state that virtually birthed the computer age—would be the absolutely last state to let computers handle something as important as vote-counting. Yes, of course, the memory of the hotly contested and still-disputed 2000 US Presidential election is still vivid, and no one ever wants to hear the phrase “hanging chad” again. But, really, how might computers make elections more reliable? Consider these few examples of the inadvisability of computer-based voting machines.
First, there’s the matter of the “butterfly ballot” that bedeviled some Floridians in the 2000 election. These people were confused by what we’d call a bad user-interface design. It’s just as easy—perhaps easier—to create a bad computer UI, as I’d imagine any IT pro can attest.
Second, there’s the fact that a computerized voting system is built on computer software, and to my knowledge, no one in the history of computing has ever built a non-trivial program that didn’t contain errors. Errors in human-based systems are transparent to any sensible adult, so for years, investigations of voting fraud have needed nothing more than a bit of detective work that any interested voter could undertake. (The processes are usually written in English, and voting officials can be interviewed.) But how many Americans will be allowed to examine the source code of electronic voting machines, and how many could make sense of a mountain of C++ code even if they could see that code?
Third, how would any statewide system tally votes? That’s a techie way of saying, “How does a state add up the tallies from polling place A, B, C, and so on?” Well, heck, that’s easy: Just hook them all up to a network and have them report to the election officials in the state capitol. But what network would be that ubiquitous? Why, the Internet, of course! It’s safe, right? Obviously, it’s not safe, so in the end analysis, what is the safest way to transmit and aggregate those numbers? The answer would probably be a system like the one we have now—a system that uses a variety of communications systems or, in other words, the same process of telephone calls, ballot boxes driven across a county, and so on. It would be no more reliable, and certainly no more cheaper.
Fourth, it seems to me that the ultimate argument against computerized voting and tallying is obvious: the multiplicative power of computers. Stealing an election conducted with paper ballots would involve the conspiracy and silence of thousands of people. I’m no expert on conducting conspiracies, but pulling off anything with so many participants sounds highly unlikely. However, implanting malicious code into computerized voting machines might involve no more than a handful of people.
Decades ago, some wag created a poster that read, “To err is human … but to really foul things up requires a computer.” We’ve all paid for the mass computerization of mundane tasks in the form of messed-up paperwork, fouled sales orders, and so on, and the price is usually nothing more than some wasted time and frustration. Sometimes, though, as in a few of the larger stock-market drops in the past 20 years, computer-related problems have translated to some serious failures. Are we really willing to risk the validity of our votes on that sort of thing?