[CAVO] Auditing electronic voting

Lawrence Rosen lrosen at rosenlaw.com
Sun Jun 5 23:57:30 UTC 2016


David Webber wrote:

> With a digital system you want built in verification and auditing.

 

Sure. Our credit union had that too! Nothing wrong with letting the system check itself also.

 

> We just need the State to produce its digital elector registration database - ready to be imported into the voting system.  That we can provide software to assist with.

 

No way! There is no reason for a state to publish a list of voters. As long as I get my unique ballot from them just because I'm registered, and I can vote it anonymously and electronically, and the process is verified, you don't need to publish my name at all. I also pay my taxes without the IRS publishing anything! My emails with the IRS are private.

 

Since this CAVO list was created, I've been bothered that we're trying to create some grand, secure, open source voting system that will magically replace the current system. NO. That's not my goal. I want a simple, secure, open source voting system, no magic required, to allow more people to vote without paper ballots stuffed into boxes and scanned by proprietary machines.

 

I can register the copyright for that elections software with the Library of Congress with a simple online transaction. But you won't let me run it without three levels of independent record in every county elections office. That's over-kill.

 

/Larry

 

 

From: David RR Webber (XML) [mailto:david at drrw.info] 
Sent: Sunday, June 5, 2016 4:06 PM
To: CAVO <cavo at opensource.org>
Subject: Re: [CAVO] Auditing electronic voting

 

Larry,

 

All those same statistical tools are in play for election results "auditing" today that States perform and hire independent experts to perform.

 

I don't like any of them.  It's too much fishing and hoping.

 

With a digital system you want built in verification and auditing.

 

That is why I mentioned 3 independent systems of record.

 

Now imagine (sigh I hate all these financial system comparisons - but what the) that your Credit Union accounts had 3 systems of record - one internally, a second held by the State, and a third held by an independent 3rd party (non-profit service provider).  Transactions are triple blind integrated into each system and mirrored.

 

Now if someone is doing something shady - they have to corrupt all three systems - not just one.

 

You want all 3 systems to agree on balance totals. You run a batch query against all accounts once a month (or more). If not - you audit to find out why.  Notice this is much more effective than annual guessing - by which time the digital horse could have left 100 barns not just 1!

 

BTW - money laundering is not detected by your annual audit either - in this case money is deposited in one State - then withdrawn in another routinely.  This would be akin to ballot stuffing.

 

I'm glad you were reassured by the annual hand-holding exercise at your Credit Union - frankly I view that as pure window dressing and legal liability avoidance.  Oh we lost your money? Sorry, but we have all these safeguards (cough worthless) in place but it looks and sounds great.  Welcome to America.

 

Cheers, David

 

 

 

-------- Original Message --------
Subject: [CAVO] Auditing electronic voting
From: "Lawrence Rosen" < <mailto:lrosen at rosenlaw.com> lrosen at rosenlaw.com>
Date: Sun, June 05, 2016 3:05 pm
To: "'CAVO'" < <mailto:cavo at opensource.org> cavo at opensource.org>
Cc: Lawrence Rosen < <mailto:lrosen at rosenlaw.com> lrosen at rosenlaw.com>

Sometime after an election, before the votes are certified or perhaps only after a candidate has raised an express challenge to the posted results, electronic voting systems will need to be audited by an independent agency.

 

I was once chair of a federal credit union whose tens of thousands of accounts needed to be audited every year. That required sampling and confirmation procedures by a federal auditor. That required intelligent comparisons between cash deposited and cash distributed. And random credit union members were asked specifically – by the auditor – to verify their bank balances by comparing the credit union's records to their own. (This is like randomly comparing a voter's printed ballot with the vote actually counted.) The auditors had account numbers to work with, not personal names or individual wealth/poverty data. Even we board members didn't have access to individual account data.

 

This was a required process. It was local, in our own offices. It was relatively brief every year. And it was thorough and reassuring to everyone. But it wasn't rocket science.

 

/Larry

 


  _____  


_______________________________________________
CAVO mailing list
 <mailto:CAVO at opensource.org> CAVO at opensource.org
 <https://lists.opensource.org/cgi-bin/mailman/listinfo/cavo> https://lists.opensource.org/cgi-bin/mailman/listinfo/cavo

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/cavo_lists.opensource.org/attachments/20160605/ae26a18e/attachment.html>


More information about the CAVO mailing list