In Carteret county in North Carolina, an electronic voting machine failed. As a result, 4,500 votes were never tabulated. Since some of the races in North Carolina were tight, it is possible that the lost 4500 votes could have a significant outcome on election results. For instance, the race for agricultural commissioner is still being decided. At this time, the candidates are separated by only a few hundred votes. Could the 4,500 votes lost in Carteret county have decided the race for agricultural commissioner? We will almost certainly never know.
This is a specific example of a general problem. In fact, accusations of e-voting failures were wide spread throughout the November 2004 elections. As a result, there will always be a doubt about the legitimacy of the election in many races throughout the country. As computer programmers, we know it need not be this way.
The failure in the North Carolina election occurred in Carteret County. One explanation of the error runs as follows: Officials were told by the manufacturer of the voting machine that it had the capacity to record 10,000 votes. Unfortunately, the model of voting machine delivered to Carteret County could only tally 3,005 votes. As a result, the last 4,500 votes cast in the county were never counted.
Everyone in the country is concerned about this kind of problem. But as computer programmers, a story of this kind leaves us stunned. What do they mean the machine could only handle 3,005 votes? In this day of 32 bit operating systems, where the standard limit for an Integer value is over 2 billion, exactly how did they manage to create a limit of 3,005 votes? A failure on this magnitude takes real work to achieve! It is something only a proprietary software company, intentionally trying to cripple their software, would be likely to achieve.
This story takes on yet another twist for those of us who are advocates for open source. This is the ultimate tale of proprietary software gone bad. Few people can review the software that is created by the companies that make proprietary voting machines. The whole endeavor is rife with opportunities for fraud, for carelessness, and for ill-planned cost cuts. In short, proprietary companies should not be allowed in the same room as a voting machine, let alone entrusted with the responsibility of building one.
The solution, of course, is open source software. All voting machines ought to run open source software that is freely distributed over the Internet. Computer scientists of all kinds could then download the source, compile it, and test it for errors. It is unlikely to the point of absurdity to claim that publicly reviewed open source software of this importance could ever have been so fatally flawed as the software in Carteret County.
Programmers who designed proprietary software are likely to be hired at the lowest possible price. In short, it is unlikely that top quality engineers would be used to create a product as simple as a vote counter. With open source software of this importance, however, it is almost certain that many of the greatest computer scientist in the world would review the code. The difference in quality between the open source and the proprietary version of e-vote software would, in most cases, be monumental.
The Specifics of How to Solve the Problem
I would now like to go out on a limb and offer a few more suggestions for how to clean up the crisis in our democratic system. I envision open source software that uses something like MD5 checksums, and a paper trail, to ensure a high level of voter security. Certainly the MD5 checksum for the compiled version of the open source code ought to be a well know, and publicly available piece of data. If possible, machines should be designed so that they will run only if the checksums for the software add up.
Secondly, the machines that are used should be off-the-shelf commodities, rather than custom made hardware. This would both guarantee the quality of the hardware, and greatly reduce the possibility of incompetence or fraud in the manufacturing process. For instance, there are various commodity handhelds that could be certified to run the software accurately, and they should be used exclusively during elections. If handhelds are not convenient, then a certain model of off-the-shelf PC should be used.
As each vote is cast, off-the-shelf hardware used for creating credit card receipts could be employed to create duplicate copies of a paper trail. One copy would stay with the voter, the other be kept by the voting commission. On each receipt would be an MD5 checksum, or some similar technology, which would be a unique number that could only be generated by a particular person, at a particular address, at particular date and time, voting in a particular way. It should be impossible to calculate (reverse-engineer) the vote based on the checksum alone, but the uniqueness of this number would be guaranteed by the high quality of the open source software. The software, of course, could be reviewed at any time by any member of the world population who had access to a computer.
Perhaps it could even be possible to post the checksum numbers on a national web site. Then the voter, and the voting commission, could compare the value on the paper trail with the value on the web site. Any discrepancies would be immediately apparent, and the vote could be either thrown out, or recast. This system would only work, however, if one could be sure that the numbers could not be reverse engineered so as to reveal the vote.
In most states, less than 10 million people cast votes. If this checksum could be guaranteed to be unique all but one out of a billion times, then the accuracy would probably be close enough for "government work." In fact, I would hope the best computer scientists could come up with a number that would be absolutely unique, or be unique all but one out of a trillion times. With that degree of accuracy, election results across the country could be considered reliable enough to dismiss e-voting failure as a serious problem.
I have described a specific crisis in our electoral system, and proposed a specific solution. Most portions of the solution proposed here are not unique to me, but emerged from discussions I have had with others, or from reading articles similar to this one. I am sure many of you can think of problems with my proposal, and others may have new ideas that they would like to put forward. If so, please reply to this article and share your views.
The more people who contribute to this kind of discussion, and who can come up with specific ideas about how to improve e-voting, the better. We live in an open society, and the preservation of our right to vote is entrusted not solely to our government, and certainly not to any corporation. Instead, it rests with us, the citizens of this country, and the citizens of democratic countries every where in the world. As computer programmers, we are the ones who can come up with solutions to this crisis, and the open source community should lead the way.
- Single Transferable Vote: http://stv.sourceforge.net/
- The Voting Software Project: http://vote.sourceforge.net/
- Electoral Voting Reform: http://www.electoral-reform.org.uk/
- Cambridge Election Commission: http://www.ci.cambridge.ma.us/~Election/