Ex-MI6 Boss: When It Comes To Voting, Pencil And Paper Are 'Much More Secure' Than Electronic Systems

from the and-he-should-know dept

Techdirt has been worried by problems of e-voting systems for a long time now. Before, that was just one of our quaint interests, but over the last few months, the issue of e-voting, and how secure it is from hacking, specifically hacking by foreign powers, has become a rather hot topic. It’s great that the world has finally caught up with Techdirt, and realized that e-voting is not just some neat technology, and now sees that democracy itself is at play. The downside is that because the stakes are so high, the level of noise is too, and it’s really hard to work out how worried we should be about recent allegations, and what’s the best thing to do on the e-voting front.

What we really need is someone distant from the current US debate, and yet with a great deal of knowledge of how foreign intelligence services hack into computer systems. Maybe someone like Sir John Sawers, former head of MI6, the UK’s CIA. Here’s what he said recently to the BBC on the subject of e-voting:

“Bizarrely the stubby pencil and piece of paper that you put your cross on in the ballot box is actually much more secure than anything which is electronic.”

And added:

“The more things that go online, the more susceptible you are to cyber attacks.”

Since MI6 has probably been involved in quite a few of those attacks, Sir John speaks with a certain authority. He also has a good analysis of why there is this constant push for e-voting, even though security experts are pretty unanimous in their warnings of the dangers:

“The only trouble is, the younger generation of people expect to be able to do things remotely and through electronic devices.”

That also goes some way to explaining the naivety of most people when it comes to the Internet of Things. Many people just “expect” everything to be digital and online and linked to its own app, even when it’s just a hair brush.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: , , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Ex-MI6 Boss: When It Comes To Voting, Pencil And Paper Are 'Much More Secure' Than Electronic Systems”

Subscribe: RSS Leave a comment
Anonymous Coward says:

Re: Re:

Here where I live in CA. We had Electronic Voting machines for 1 year and never again!!! We’ve been doing what they’ve been doing in schools forever and that’s filling in bubbles. In school it was a #2 pencil, but for voting a pen is used. So you fill in the bubble for whatever person for Yes/No, etc that needs to be voted on.

So there’s no computer cheating possible. There’s no dumb hanging chad. Once you fill out the paper(s) you slip it right into the single machine where it add’s up the votes. So it’s simple. best of all, there’s a paper record right there for all those forms with filled in bubbles.

It’s been working great for schools in test taking and it works great in voting. You setup a bunch of stations for people to stand or sit that cost very little money. A screen to kind of block others from viewing what you’re doing and some pens. There’s just the single scanning machine so costs are much lower.

I just don’t see voting computers are a smart investment. They are used very little and get outdated fast where after so many years you can’t get parts at all to fix them. I know this in the food Industry I work in and the touch screen computers the machines use. They get outdated and you can’t fix them, you have to replace them at great cost. Replacing hundreds or thousands of voting machines maybe every 8-10 years seems costly!!! Why have a bunch of costly computer voting machines at one voting place when you can just have a single scanner and a real paper trail?

art guerrilla (profile) says:

been bitching about voting systems...

…for decades:
paper ballots
hand counted
locally reported

also, ranked choice voting will eventually -if not immediately- overturn the rethug/dem’rat duopoly of the one Korporate Money Party…
it is not that open source s/w and h/w could not be used to design a secure, AUDITABLE, and transparent computer-based voting system, it is just that under the current incarnation of Empire, that will NOT HAPPEN…
of course, there are a ton of ancillary issues to address beyond the actual vote mechanism, but unless that is secured, all the rest is meaningless…

jameshogg says:

Re: been bitching about voting systems...

“…for decades:
paper ballots
hand counted
locally reported”

Also, arguably the most crucial: shuffled. So that voter anonymity is protected.

When the votes are in that box, nobody knows who voted for who as they are all mixed up, not even the “shuffler”. Not even a good magician can pull off any sneaky zarrow techniques in these circumstances. This way you can’t tell who voted what by taking a note of the order voters walked into the booths.

Try making computers scramble the votes in the same way and you can’t do it. Because since the votes have to be stored in memory at some point, it is possible to record the order in which they were stored. Doesn’t matter if you entropy-shuffle it after: the damage of storing the order in the first place had already been done.

Digital voting is a utopia, even from a blockchain perspective. It doesn’t work, and the paper ballot is superior for this reason of shuffling alone.

The Wanderer (profile) says:

Re: Re: been bitching about voting systems...

Try making computers scramble the votes in the same way and you can’t do it.

What are you talking about? Of course it’s possible. It’s probably possible to design systems which don’t do it, but even assuming that the votes were cast on a system which doesn’t, it’s always possible to transfer the votes into a different system and then scramble them around there.

I’ve already thought of at least three ways to approach this just off the top of my head – one of which I could implement easily if you gave me access to a system that includes functions to load a data file containing already-cast ballots with unique sequential IDs, and functions to write out such a file, and a definition of the format of the data structure which contains the ballots. Copying the ballots across in random order into a new copy of the same data structure, leaving the original unique IDs behind and generating new ones at copy time, would be trivial; delete the original data file and just use the new one, and hey presto, your ballots are shuffled and there’s no way to reconstruct the original order.

I really don’t know where you’re coming from on this.

jameshogg says:

Re: Re: Re: been bitching about voting systems...

“and there’s no way to reconstruct the original order.”

Except the hidden script that would record the order in memory. If this were an attempted magic trick shuffling cards, an audience would be quite right to assume something else is going on inside that CPU and it would be a lousy trick, because computers can’t be trusted to really shuffle the cards.

With an empty tangible box that can be witnessed to be locked in that empty state beforehand, not even the most sophisticated trick-boxes in the world would be able to tell from hundreds of folded, concealed papers which order they went in.

People can see empty boxes, they can’t see empty bits.

The Wanderer (profile) says:

Re: Re: Re:2 been bitching about voting systems...

What “hidden script” are you talking about?

I’m working from the assumption that the ballots have been recorded in a data file, and I’m writing a program which will read in the contents of that data file. Nothing other than what is in the data file is available.

That seems like a valid assumption, because if the data isn’t recorded into a file rather than being stored in memory, there’s no way to get it off the voting machine where the vote was tabulated to begin with.

Once the ballots are in the data file, if the hidden record of their original order isn’t stored there, it’s lost – and if it is stored there, it’s visible to whatever program I’m writing, and my program is capable of storing whatever values it wants in that field when it writes out a shuffled version of the file.

(Yes, the original file still exists, but it can be deleted.)

If you’re arguing “we can’t trust that what the computer says it’s doing / recording is what it’s really doing/recording”, that’s an argument for open-source, community- and professionally-audited voting-system software – but it doesn’t support the idea that it’s impossible to make a computer shuffle votes into a storage order that has nothing to do with the order in which they came in. (It’s even trivially possible to design a program which would store them in random order in the first place.)

DannyB (profile) says:

Electronic Voting is okay

Electronic Voting is okay as long as the electronics are only used to quickly and easily count the pencil and paper ballots.

Having the artifacts of the pencil and paper ballots mean that recounts can be done, either electronically or manually.

One could even do manual random statistical recount sampling to see if anything smells funny.

The electronics are there to assist, not to make it possible to subvert the entire process.

Anon says:

Of course!

Canada mainly uses paper ballots, and guess what? The results are pretty well tabulated within a few hours for a country of 34 million; and recounts are simple and reliable.

The biggest reason why is simple. In a federal election, like Britain, we only have one vote- “Who do you want for Member of Parliament of your riding?”

None of this American stupidity of so many votes, you even elect judges, sheriffs and dog catchers; ballots so big you need a butterfly ballot and a serious concern is that people can’t follow a line across a page because the print is so small.

My ideal electronic system would be simple too – you select your votes on a computer, the computer then spits out paper ballots marked accordingly with both machine readable and bar-code values. You can count the votes using sheet feeder and barcode reader, but can validate any results by comparing bar-codes and text. (Or use a sorter – if you suspect hacking, sort all the ballots for A by bar code into one bin, then flip through them to look for incorrect text). Paper is solid and indelible. Unregistered people who sign in could have their ballot coded to allow for retroactive (in)validation of their vote, while registered voters retain anonymous ballots. Time-stamp ballots to a 5-minute range or 20-voter range to allow tracking of ballots watching for box stuffing.

However, the biggest problem with US elections? NOT ENOUGH POLLING STATIONS. In Canada, typically every neighbourhood school is a polling place. American polling stations seem to have several times more people in line at any one time than my whole polling station is set for.

DannyB (profile) says:

Re: Seems like pen and paper would be better.

As long as you have paper ballots, it is possible to ensure that there are always enough people present (excluding massive collusion) to ensure nothing suspicious is going on.

Like with nukes, no lone person alone with the nuke, er . . . ballot box. Maybe it should take multiple local officials to unlock the ballot box, etc.

I trust these kinds of measures more than pure electronic voting. The electronics can assist with real time counting as you pass your ballot through a counter as it drops into the sealed ballot collection box.

The more transparent, the better.

David says:

Pen and paper are by no means more secure.

You can tamper with them easily enough. But the effects are proportionate to the tampering, and the controls are proportionate to the ballots. That makes it a really hard proposition to swing a vote that is not already split on a hair.

A successful attack on an electronic voting system is quite harder. But if you succeed, the payoff is ludicrous. We are not talking about tampering with a single ballot or a single ballot box or a single court house here.

MailItInDummies says:

"The only trouble is, the younger generation of people expect to be able to do things remotely and through electronic devices."

“The only trouble is, the younger generation of people expect to be able to do things remotely and through electronic devices.”

Mail in ballots, a week or more to decide and pencil in your vote. When done, drop it in the mail or an official dropbox.

That is convenience, secure and gives voters a a week or more to cast their vote with no time off from important appointments or work or school.

crade (profile) says:

“The only trouble is, the younger generation of people expect to be able to do things remotely and through electronic devices.”

IMHO The trouble has everything to do with the cost of scaling pencil and paper compared to scaling a web site and nothing to do with what young people expect. Since when does anyone care what the vastly outnumbered young people think anyway 🙂

tom (profile) says:

My state of Oklahoma uses a thick paper ballot that is scanned and counted. Even when there are 20-30 different things to vote on, it doesn’t take long to fill in the boxes with the provided ink pen. The ballot is scanned when you feed it in and kicked back if the scanner can’t read the ballot. The few hand recounts we have had have been within a few votes of the original scanned tabulations.

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...