The Touch-screen "Trust Fall"
[Take action: click here]
Team-building events are difficult for computer software test groups. One of the major problems is trying to find corporate trainers that are willing to forego all those wonderful activities designed to foster trust between team members. Blind-folded walks are problematic, and the famous “trust fall” - wherein a team member free-falls backwards into a colleague’s arms – is out of the question. The reason for this, of course, is that those who test computer programs base their entire career on being suspicious. “How do you know that works?” “How will that work with your current business processes?” and “Yeah, right – just one little change – no need to re-test. We’ve heard that one before!” are phrases the typical software tester utters every single day of the week.
Unfortunately, these phrases never cross the mind, let alone pass the lips, of Florida’s election officials. Whether merely naïve, or willfully ignorant, even former Hillsborough County election supervisor, Pam Iorio (who no longer has a vested interest in promoting touch-screen technology - aside from saving face, that is), still stands by her purchase of the decidedly not-ready-for-prime-time touch-screen voting machines. And it seems that this mindset is not confined to Florida, home of the stolen election.
Before I go any further, allow me to explain that I am a software tester by trade. I have tested software for almost twenty years now, and the stories I am hearing from the computerized voting experts is enough to make me want to storm the local election officials' offices, screaming like a banshee and demanding that everyone back slowly away from the machines. And today’s broadcast program on our local public radio station did not improve my state of mind. The subject was the National “Computer Ate My Vote Day of Action.”
Now the problems with computerized voting are nothing new. This is very old ground indeed for those of us who have been speaking up about the issue ever since the specter of paperless voting machines first reared its ugly head. That was way back in 2001. Yet here it is July of 2004 and our local, well-meaning radio host is asking why the issue is only now coming to the forefront. The answer is – it isn’t.
For example, here is a piece co-authored by Bill Sterner, a computer programmer, and yours truly, way back in the golden days of the hanging chad, well before Ms. Iorio purchased her first vote-eating computer. Rebecca Mercuri, a computerized-voting expert, sited it in a work she published during the same time-period. (Click here.) Simultaneously, David Dill, another expert in the field, was raising the issue, as were numerous other computer professionals.
The fact is that potential problems with computerized voting were noted insistently and incessantly three long years ago. But when those of us who opposed the use of the touch-screen machine aired our concerns based on technical issues, we were given answers that might as well have come straight from a glossy software vendor’s brochure. And the election officials providing the answers were no more qualified to give these answers than I am to milk a cow.
You could tell they had seen the dog-and-pony show, courtesy of ESS, et al, because I have sat in on countless software demos and I know the rosy picture a clever vendor can paint – audit logs, redundant databases, thorough testing, impossible to over-vote or under-vote, user-friendly, blah, blah, blah, blah, blah, blah. This jargon came back to us nay-sayers in spades. Sure, the system looks really swell when the vendor is at the wheel. Throw in a few technical-sounding acronyms and a knowing nod or two and pretty soon everyone is bobbing their heads and smiling like a Stepford Wife.
Ask any computer professional how bad voting on the wrong version of the computer program is. This is what happened in Marion County and it is not an insignificant problem. Ask anyone in the industry what problems can arise when you apply a “patch” consisting of just one line of computer code that, we are assured, has nothing to do with the actual vote-tabulating code. If it is malformed or incorrectly placed, whether by accident or by design, it can have a cascading effect that invalidates all previous testing and certification. Such was the case in Georgia). A change to one line of code can cause discrepancies that would be the equivalent of driving away in an aging Yugo when you were absolutely certain you had purchased a brand new Cadillac. But you wouldn’t know it to talk to our election officials who keep assuring us that “yes there are small problems, but nothing that would affect the outcome of the election.” Or how about corrupted audit logs, another issue that has surfaced in Florida)? If the audit logs are incorrect, it is impossible to say whether the votes were tabulated correctly. If the machines were faulty, obviously it could not be proven one way or the other. I guess that’s one way to have a flawless election.
And as Bev Harris’ work has so elegantly shown, the database that stores your votes can be opened with MS Access. Is that a big deal? You bet it is.
Just by way of illustration, let’s talk about some of the changes most financial institutions are experiencing in the wake of the Enron accounting scandal. Due to both strict federal regulations in the form of the Sarbanes-Oxley legislation, and stiff penalties levied by credit card providers like Visa, companies that process financial transactions must now prove that their financial data cannot be manipulated by the likes of malicious hackers and Arthur Andersen. As a result, many firms are shedding any financial processing done using MS Access. Why? Because it is difficult - if not impossible - to make the product secure enough to meet regulatory requirements. So – and let’s be clear about this – financial transactions cannot be made secure on systems that run on, or can be manipulated using, MS Access, but our voting transactions are another story? How would our election officials answer that question? Obviously, they could not - nor would they think to ask the question. For the most part, even the most well-intentioned election supervisor with many, many years of experience conducting the voting process, simply doesn’t have the background to know when to question or what to question. In short, the current crop of election officials don’t know what it is they don’t know.
But they do know enough to be dangerous. Their words of comfort generally follow this path: “We understand that many people are uncomfortable with these new-fangled computers – especially the elderly and the newly-immigrated who may hail from places that still use an abacus to count their votes – but these machines are thoroughly tested and certified. We think it is just that people are resistant to change, but we are sure that voter education is the solution to this problem. Once people understand how easy these machines are to use, they will embrace the new technology as readily as they have other recent innovations like electricity and Post-it notes.”
Our fearless election supervisors, of course, conveniently leave out the fact that Harvard-educated Luddite, Rebecca Mercuri, and equally as quaint Dr. David Dill (educated at M.I.T. and Carnegie-Mellon, and currently teaching at Stanford), oppose the use of this technology in its current, un-verifiable state. Pam Iorio, by contrast, has a degree in Political Science and a long and impressive public service career, but I am still looking for her Computer Science credentials. And this is true for the majority of election officials serving today.
The other truism that we hear as a justification for the touch-screen voting machine is, “Well, heck…no voting process is fraud-proof.” And that’s a fact, however the difference is that the election officials in place today have experience dealing with the things that can go wrong with punch cards, paper ballots and optical scanners. They may have handled things poorly when these systems went south, or they may have handled them well, but the fact is they have seen the problems that arise with these methods and perhaps developed checks and balances to counteract fraudulent activity. If they haven’t, hopefully they have been removed from office as either incompetent or corrupt. Their experience lies with the election process itself, and with the technologies they have been employing for the last umpteen years – but not with computerized voting. They have no experience at all with the discipline known as Information Technology – not as a profession, not as a degreed expert, not as someone who makes their living creating or deconstructing computer technology day-in and day-out, rain or shine, sleet or hail. And until we have election supervisors who know when they are being sold an aging Yugo by a software vendor who is willing to “cut a few corners” and make reassuring chit-chat if it means boosting their bottom line, our elections – and our democracy, itself – is in serious jeopardy.
I would think twice about hiring a software tester who didn’t peek behind their shoulder when doing the “trust fall” at a corporate team-building event. And yet our election supervisors are doing the equivalent of this with their faith-based voting technology. If your election supervisor is one of these credulous souls, please send them a clear message when they run for re-election. And in the meanwhile, keep insisting on that paper trail. The democracy you save might be your own.