• Investment World
• eWorld
• Catalyst
• Mentor
• Life
• Canvas
• Praxis
• Urban Pulse
• Brand Quest

Pratap Ravindran

It's election time. With the Chair up for grabs, it is time to look up developments on e-voting. And if you're wondering about e-rigging, well, that's possible too. Here's more on the scene.

THE US, which seems to believe that it's the custodian of democracy the world over, is working its way through the issues generated by e-voting in its election year. It is only a matter of time before India, which fancies itself as something of a cyber super power and which claims to be the world's largest democracy on grounds of its signal failure to control the growth of its population, tries to migrate from electronic voting machines to e-voting through computers, at least in some of the urban constituencies. Such a migration, far-fetched as it may seem now, will not be without its advantages. For one, the middle class, traditionally reluctant to rub shoulders with the great unwashed at the poll stations, may be persuaded to exercise its franchise in greater numbers if allowed to do so with a personal computer. For another, out-of-work coders will be recruited in droves by those whose aspirations to public office are not matched by moral and other qualifications to work on e-rigging programmes.

E-rigging? Surely e-votes can't be rigged. The fact is that they can — which is why e-voting is always backed up on good old-fashioned ballot paper.

As poll contestants in India are already well versed in tweaking paper-based voting to their advantage, they will be able to devote all their resources to making e-voting work for them.

For those interested in this admittedly arcane subject, here's a quick and dirty update on the state of e-voting in the country that has pioneered it.

The update begins with Scott Ritchie, a 19-year-old political science and math student at the University of California at Davis, informing the California Secretary of State's Voting Systems Panel in late January his plans to develop a new electronic voting system based on open-source software created in Australia.

Scott Ritchie, one among the many activists who appeared before the panel in Sacramento to criticise the e-voting systems currently in use in the US, said he was planning to launch the non-profit Open Vote Foundation which would modify the Australian code to meet the California election standards and offer it free to vendors who want to incorporate it in their systems. The code is owned by its creator, Software Improvements, which has chosen to distribute the source code online under a general public licence... which basically means that anyone can use it. Tagged Electronic Voting and Counting System (eVACS), the Linux-based programme was deployed in an election in the Australian Capital Territory in 2001 and is expected to be used there again this year.

Ritchie says eVACS will be modified to include a voter-verified paper audit trail (VVPAT) which the California Secretary of State, Kevin Shelley, has mandated must be incorporated in all e-voting machines by July, 2006. The VVPAT allows voters to verify independently that the machine has recorded their vote correctly before the ballot paper receipt is placed in the secure ballot box which has been retained as a back-up.

According to the college student, many computer experts have pitched in and offered help in modifying and reviewing the code.

Actually, Ritchie's group isn't the first to develop an open-source voting system in the US. The credit for that goes to The Open Voting Consortium, led by Alan Dechert, a software test engineer and application developer. The consortium has been working since 2000 on a free software voting system that can run on the average personal computer.

However, Ritchie says he is confident that the Open Vote Foundation can create its system at a much lower cost than private vendors, primarily because it is using the services of volunteer programmers. The average cost of an e-voting terminal in the US is $3,000.

Be that as it may, analysts say that the market is big enough for the likes of Sequoia, Diebold and ES&S which happen to be among the top three manufacturers of voting machines.

But the problem, according to Rebecca Mercuri and others like her, is not the size of the market. The problem, they say, is the contention of some activists who insist that all voting systems should be based on open source code to enable the public to ensure that they don't contain security flaws. Rebecca Mercuri, a computing expert on e-voting machines and a research fellow at Harvard University's Kennedy School of Government, points out that open source alone will not guarantee that the software is doing what it's supposed to do — and nothing else — and that a bad open source system which can be tinkered around with is not much better that a closed source system. In fact, it could be worse in that open source systems give people a false sense of security.

Inevitably, she buttresses her position with a reference to the Diebold Election Systems snafu in California. Quite simply, two weeks prior to California's March 2 primary, it was found that the Ohio-based outfit had placed uncertified software in 17 counties... without the state knowing it! This is the reason why the system of voter-verified paper audit has been retained as a back-up.

Meanwhile, in a development that may be of interest to Non-Resident Indians hankering to participate in government selection in their native land, researchers have held out the warning that an Internet voting system designed for Americans overseas who wish to cast their votes in the November presidential election should be scrapped as security flaws could mess up the outcome. According to the researchers, the voting system that allows ballots to be cast through personal computers has been found to be vulnerable to viruses and worms, spoofing attacks (in which a hacker intercepts and changes votes using a fake site resembling the real voting site) or a denial of service (DoS) attack preventing voters from accessing the real site.

The US Government has pooh-poohed the researchers' fears and has endorsed the security of the Secure Electronic Registration and Voting Experiment, or SERVE, system.

But, as it happens, an incident in Canada is fresh in the minds of people.

The New Democratic Party (NDP) of Canada had hired the services of Election.com (now Election Services) to conduct the voting for its party leader. Under the Election.com system, members could cast their vote in advance by mail or on the Internet for several days beginning January 2, as also on the NDP's convention day, January 25.

However, on the convention day, a worm had hit computers around the world, slowing down or crashing some networks. The SQL worm had further made infected computers launch DoS attacks against other computers which were online. Mercifully, it did not affect the election server... .but, just before the convention voting began at noon on January 25, a new DoS attack that targeted the voting site was mounted, preventing voters from logging onto the election page and casting their votes. Election.com was quick on its feet and fixed the problem in 45 minutes flat — but a post-election study suggested that the NDP may have lost some votes in that time.

Picture by G.R.N. Somashekar

eworld@thehindu.co.in

Article E-Mail :: Comment :: Syndication

Stories in this Section
Storage drive

Copyright © 2004, The Hindu Business Line. Republication or redissemination of the contents of this screen are expressly prohibited without the written consent of The Hindu Business Line