Who We Are Press Packages Electronic Voting Machines Definitions FAQ NM Issues History Concerns Myths Hacks Act Now! For More Information

Frequently Asked Questions about
Touch Screen Voting

Is fraud the basic danger to an accurate vote?
    Lack of public confidence would constitute a more serious issue than fraud. In securing a reliable voting system on which voters can rely, it is important to avoid any situation where one is placing unnecessary trust in a person, business, or machine. The maker of Australia's touch screen system has said as much: "Why should you have to trust me?" A properly designed voting process can remove the need for blind faith. Fortunately, such a process is known and is available.

What are the two basic problems with implementing such a process?

1. Touch screen voting systems are currently designed in such a way that the software, hardware and operator training must be flawless.
2. The touch screen voting process unnecessarily makes us trust the manufacturer.

As every engineer knows, it is simply not possible to write flawless complex software and to know that you have done so. A system which must be flawless instead is designed to be fault tolerant, that is, to be fail safe and have a backup. In voting this means producing voter-verifiable, recountable hard copies of the vote.

Many say that the problems with voting machines are not serious. Are they right?
    No. Current analyses by the Library of Congress, General Accounting Office, Maryland's SIAC commission, and qualified technologists have found the Federal Election Commission and NASED certification and testing process to be outdated, and that touch screens bring new and unresolved vulnerabilities to the election process. Current certification and testing is not yet sufficient to eliminate design errors in complex systems. NIST has not revised its voting standards, and current machines don't qualify even for the lesser standards used in health care or military hardware applications. California, Louisiana and NY State Assembly, for example, have requested replacement/retrofits of current Touch Screens to permit voter verifiable balloting and other improved standards.

How is a vote recounted in the event of computer malfunction?
    When a voting machine malfunctions, do we trust its printout replicas of the cast ballots and trust those for hand-counting? By New Mexico law, the ballots are stored redundantly in the machine, if these two memory banks disagree, which should be believed? If the malfunction of the machine is too severe to permit a memory printout without intervention by technical repair persons, might this compromise the voting tally? Addressing this situation, the Republican party filed a lawsuit in November of 2003 in Fairfax County concerning unsupervised repairs during an election. Furthermore, ballots printed out from a machine at day's end reflect what the machine stored and was not reviewed for voter intent. Providing a voter-verified ballot as the only legally recountable source would resolve these problems.

Is it expensive to hand-count paper ballots?
    No, it is not expensive, because they can be manually run through an optical scanner rather than handcounted. In any event, federal law specifies that ballots must have a recountable manual audit trail.

Are optical scanners and paper ballots more error prone than electronic systems?
    Optical scanners are the most accurate method of counting votes ever devised. An MIT-Caltech report concluded, from a study of several years of records, that errors occur in DRE systems twice as frequently as in optical scanners. In fact, DREs tie with punch cards as the least accurate among all voting systems.
    Optical scanning of ballots produced by touch screen systems can be made virtually 100% accurate. They can be clearly printed without indistinct pen marks, and use auxiliary bar codes with redundant error checking and anonymous serial numbering to reduce their error rate to nearly zero, far better than current bar code scanners in reliable use everywhere. Rare errors tend to be observable rather than completely undetectable, as is the case in DREs. All electronic touch screens render mistakes permanent, with no way to recount.

Could paper ballots be more easily forged, stuffed or lost than computer memory cards?
    Computer generation of optical scan ballots can be made much safer than traditional, hand-marked, indistinguishable ballot forms. The addition of crypto-graphic signatures can render them virtually unforgeable and unstuffable. Use of checksums and error correcting schema can make ballots very difficult to discard maliciously.

What is open source?
    Computers run on source code, sets of instructions derived from readable text. These codes need to be examined for correctness. Source codes that a company keeps secret are called proprietary, whereas those made available for general examination are called open. A company which permits examination doesn't thereby lose its patents and copyrights.

If we have voter verified ballots, why do we need open source too?
    Neither code review nor voter verification is foolproof. Touch screens occasionally record a choice other than the button pressed by the voter. This might happen if the screen display and button sensors are misaligned, or if there is a source code bug. A sharp-eyed voter might catch this mistake on his voter verified ballot, but might not. Will every voter check? Open source review allows a better likelihood that bugs will be found; with closed source, we are entirely dependent on voter verification.

Isn't closed source more secure against hackers?
    No. Hackers routinely discover security holes in Microsoft's closed source software. There can be competitive business reasons to keep codes secret, but security is not one of them.

Won't all bugs be found by independent testing lab reviews?
    No. The authors of the SIAC report on Maryland's software problems conceded it is 99.9% certain that all security holes will not be caught in any source review - especially if deliberately placed there. And even if you did manage to eradicate them there is no way to be sure you did. Because touch screen systems are of necessity too complex to permit the sort of exhaustive inspecting simpler systems permit, the many-eyes approach of open sourcing, although it isn't perfect, is considered superior in eliminating bugs.

Examples of source code bugs

How can any voter or poll worker be sure that the source code is what is actually running on the computer?
    Certification of source code must be accompanied by means of verifying. If a computer is connected to a network or modem at any point, it is in communication with a remote computer outside the poll workers' ability to monitor. This is true even if the connection is only for data transmission as almost any direct electronic communication is potentially bi-directional. This capacity to send and to receive would compromise the integrity of the certified machine unless all communications are made to pass through a non-erasable, inactive medium, i.e., a CD-Rom which can be secured, duplicated, tagged, sealed and otherwise controlled by poll workers as warranted.