EVM problems - Chiranjeevi and Dr. Swami have taken up the case
Hindu Human Rights
From: Satya D <hita...@gmail.com>
Date: Wed, Jun 17, 2009 at 2:06 PM
Subject: Re: Electronic Voting problems around the World - Why India should ban them?
To: hitaya <hita...@gmail.com>
Praja Rajyam Party has taken up the EVM case. Below are the links of news coverage that appeared in Telugu media Eenadu and Andhra Jyothy.
http://www.eenadu.net/panelhtml.asp?qrystr=htm/panel15.htm
http://andhrajyothy.com/mainshow.asp?qry=/2009/jun/15main26
Also, given , Dr. Swamy's article that appeared in Hindu newspaper:
http://www.hindu.com/2009/06/17/stories/2009061755160900.htm
(Full article is also given below).
Are electronic voting machines tamper-proof?
Subramanian Swamy
|
No, argues the author, because each step in the life cycle of a voting machine involves different people gaining access to the machines, often installing new software. But there are many ways of preventing EVM fraud. |
Is there a possibility of rigging electoral outcomes in a general election to the Lok Sabha? This question has arisen not only because of the unexpected number of seats won or lost by some parties in the recent contest. It is accentuated by the recent spate of articles published in reputed computer engineering journals and in the popular international press, which raise doubts about the integrity of Electronic Voting Machines (EVMs).
For example, the respected International Electrical & Electronics Engineering Journal (IEEE, May 2009, p.23) has published an article by two eminent professors of computer science, titled “Trustworthy Voting.” They conclude that although electronic voting machines do offer a myriad of benefits, these cannot be reaped unless nine suggested safeguards are put in place for protecting the integrity of the outcome. None of these nine safeguards, however, is in place in Indian EVMs. Hence, electronic voting machines in India today do not meet the standard of national integrity or safeguard the sanctity of our democracy.
Newsweek (issue of June 1, 2009) has published an interesting article by Evgeny Morozov, who points out that when Ireland embarked on an ambitious e-voting scheme in 2006, such as touch-screen voting machines, the innovation was widely welcomed. Three years and 51 million euros later, the government scrapped the entire initiative. What doomed the effort was a lack of people’s trust in the machines. Voters just didn’t like that the machines would record their votes as mere electronic blips, with no tangible record.
Mr. Morozov points out that, as most PC-users know, computers can be hacked. While we are not unwilling to accept this security risk in banking, shopping, and e-mailing (since the fraud is at the micro-level and of individual consequence, which in most cases is rectifiable), the ballot box is sacred. It needs to be perfectly safeguarded because of the monumental consequence of a rigged or faulty vote recording. It is of macro-significance, in the nature of an e-coup d’etat. At least that’s what voters across Europe seem to have said loud and clear.
Thus, a backlash against e-voting is brewing across the European continent. After nearly two years of deliberation, Germany’s Supreme Court ruled last March that e-voting was unconstitutional because the average citizen could not be expected to understand the exact steps involved in the recording and tallying of votes. Ulrich Wiesner, a software consultant who holds a Ph.D. in physics and who filed the initial lawsuit, said in an interview with the German magazine Der Spiegel that the Dutch Nedap machines used in Germany were even less secure than mobile phones!
In fact, the Dutch public-interest group ‘Wij Vertrouwen Stemcomputers Niet’ (‘We Do Not Trust Voting Machines’) produced a video showing how quickly the Nedap machines could be hacked without voters or election officials being aware (it took just five minutes). After the clip was broadcast on Dutch national television in October 2006, the Netherlands banned all electronic voting machines from use in elections.
Numerous electronic voting inconsistencies in developing countries, where governments are often all too eager to manipulate votes, have only fuelled the controversy. After Hugo Chavez won the 2004 election in Venezuela, it came out that the government owned 28 per cent of Bizta, the company that manufactured the voting machines. On the eve of the 2009 elections in India, I raised the issue at a press conference in Chennai, pointing out that a political party just before the elections had recruited those who had been convicted in the U.S. for hacking bank accounts on the Internet and credit cards.
In the U.S. too, there is a significant controversy on Elms. In fact, the Secretary of State of California has set up a full-fledged inquiry into EVMs, after staying all further use.
Why are the EVMs so vulnerable? Each step in the life cycle of a voting machine — from the time it is developed and installed to when the votes are recorded and the data transferred to a central repository for tallying — involves different people gaining access to the machines, often installing new software. It wouldn’t be hard for, say, an election official to paint a parallel programme under another password on one or many voting machines that would, before voters arrived at the poll stations, ensure a pre-determined outcome.
The Election Commission of India has known of these dangers since 2000. Dr M. S. Gill, the then CEC, had arranged at my initiative for Professor Sanjay Sarma, the father of RFID software fame at the Massachusetts Institute of Technology (MIT), and his wife Dr Gitanjali Swamy of Harvard, to demonstrate how unsafeguarded the chips in EVMs were. Some changes in procedure were made subsequently by the EC. But the fundamental flaws, which made them compliant to hacking, remained.
In 2004, the Supreme Court’s First Bench, comprising Chief Justice V. N. Khare and Justices Babu and Kapadia, directed the Election Commission to consider the technical flaws in EVMs put forward by Satinath Choudhary, a U.S.-based software engineer, in a PIL. But the EC has failed to consider his representation.
There are many ways to prevent EVM fraud. One way to reduce the risk of fraud is to have machines print a paper record of each vote, which voters could then deposit into a conventional ballot box. While this procedure will ensure that each vote can be verified, using paper ballots defeats the purpose of electronic voting in the first place. Using two machines produced by different manufacturers decreases the risk of a security compromise, but doesn’t eliminate it.
A better way, it is argued in the IEEE article I have cited, is to expose the software behind electronic voting machines to public scrutiny. The root problem of popular electronic machines is that the computer programmes that run them are usually closely held trade secrets (it doesn’t help that the software often runs on the Microsoft Windows operating system, which is not the world’s most secure). Having the software closely examined and tested by experts not affiliated with the company would make it easier to close technical loopholes that hackers can exploit. Experience with web servers has shown that opening software to public scrutiny can uncover potential security breaches.
However, as the Newsweek article points out, the electronic voting machine industry argues that openness will hurt the competitive position of the current market leaders. A report released in April by the Election Technology Council, a U.S. trade association, says that disclosing information on known vulnerabilities might help would-be attackers more than those who would defend against such attacks. Some computer scientists have proposed that computer codes should be disclosed to a limited group of certified experts. Making such disclosure mandatory for all electronic voting machines will be a good first step for preventing vote fraud. It will also be consistent with openness in the electoral process.
Now several High Courts are hearing PILs on the EVMs. This is good news. I believe the time has arrived for the Supreme Court to transfer these cases to itself, and take a long, hard look at these riggable machines that favour a ruling party that can ensure a pliant Election Commission.
Else, elections will soon lose their credibility and the demise of democracy will be near. Hence evidence must now be collected by all political parties to determine the number of constituencies in which they suspect rigging. The number will not exceed 75, in my opinion. We can identify them as follows: any 2009 general election result in which the main losing candidate of a recognised party found that more than 10 per cent of the polling booths showed fewer than five votes per booth should be taken, prima facie, as a constituency in which rigging took place. This is because the main recognised parties usually have more than five party workers per booth, and hence with their families will poll a minimum of 25 votes per booth for their party candidate. If these 25 voters can give affidavits affirming who they voted for, the High Court can treat this as evidence and order a full inquiry.
(The writer is a former Union Law Minister.)The following section taken from a paper by 'Open Rights Group' based in UK:
http://www.openrightsgroup.org/wp-content/uploads/org-evoting-briefing-pack-final.pdf
e-Voting tales of woe from around the world
Electronic voting has been introduced in many countries worldwide, only for
serious doubts to be raised about the security, accuracy, reliability and verifiability
of electronic elections.
Italy has announced its intention to no longer pilot e-voting methods. Making
the announcement, Italian Minister of the Interior Guiulano Amato said that
“We decided to stop the electronic voting machine … It will be the triumph of
our ancestors … Let’s stick to voting and counting physically because [it is]
less easy to falsify.”9
Security researchers in The Netherlands have discovered serious flaws in a
model of e-voting machine widely used by the Dutch government and purchased
by the Irish. The flaws, which included being able to remotely detect
how a vote was cast from the machine’s radio emissions, were confirmed
by the Dutch Intelligence and Security Service. Subsequently a government
review led to the withdrawal from elections of e-voting machines from a competing
supplier.10
The Republic of Ireland has a moratorium on its e-voting machines after an
Independent Commission, created after repeated cross-party criticism,
uncovered serious technical and procedural flaws. One telling finding from
the Commission’s second report was that “the testing of the [e-voting] system
as a whole carried out to date, as well as the investigation, analysis and independent
testing and certification of its individual components, [was] insufficient
to provide a secure basis for the use of the system at elections
in Ireland.”11 According to Freedom of Information releases, Ireland spent
€110.4 million on e-voting between 2002 and May 2004.12
The Canadian province of Quebec has an indefinite moratorium on the use of
its e-voting machines following the investigation of troubled municipal elections.
Delivering his report on e-voting, Quebec’s Chief Electoral Officer said
that e-voting systems “[do] not offer sufficient guarantees of transparency
and security to ensure the integrity of the vote.”13
The United States, which has been a pioneer in using technology for elections,
has a long history of problems with e-voting, some of which raise doubts as
to the legitimacy of results. In 2004, a group of experts issued a report critical
of a planned internet voting system for US soldiers overseas, resulting in the
project being cancelled. They wrote that “the vulnerabilities … cannot be
fixed by design changes or bug fixes to [the system]. These vulnerabilities are
fundamental in the architecture of the internet and of the PC hardware and
software that is ubiquitous today. They cannot all be eliminated for the foreseeable
future without some unforeseen radical breakthrough.”14
In November 2006, America’s influential National Institute of Standards &
Technology stated that electronic voting machines “in practical terms cannot
be made secure.”15 This is a view shared in prominent journals by leading
computer science and elections academics around the world.
Doubts over the veracity of election results in the United States — including
the 2000 Presidential count in Florida, the 2004 Presidential count in Ohio
and the 2006 mid-term elections —have all revolved around failings or manipulations
of e-voting systems. By January 2007 one Congressional seat was
still in limbo due to 18,000 questionable votes cast with an e-voting system16.
The flimsy e-voting certification process in the US has also been called into
question after one of the key testing labs was secretly suspended in 200617.
These international experiences have shown that when electronic and software
technologies are introduced into the election process, significant and
worrying problems arise.
e-Voting is a black box system
Voting technology is what is known as a ‘black box’: voters, candidates and
even officials cannot see the inner the workings of the machines. Only a small
group of technology experts has any hope of understanding how the election
is being conducted and counted. Because the votes are invisible, made up
of ones and zeroes, it is extremely difficult even for experts to be certain that
what vendors claim is happening really is happening.
Manipulating bits in a computer is much easier than copying paper ballots,
so there is potential for undetectable vote manipulation on a scale never seen
before: a hacker could hide a tiny piece of code in the voting software that
could invisibly, but significantly, modify an election’s results. But putting aside
undetectable hackers, vote stealing and other manipulations, we must also
remember that these systems are built by ordinary, fallible people.
Like all computers, e-voting systems go wrong and usually do so on election
day because this is the only time they are used. And the problems that come
to light are not trivial. There have been cases where selecting one candidate
stored a vote for another, or where the system failed completely, depriving
people of their right to vote. Problems are often not discovered until the election
is over, when it is impossible to say how the votes should have been cast.
Because the votes are stored as bits, there is nothing for election officials to
study when problems occur, as there is with paper ballots. There is nothing
to audit except some memory cards, which cannot shed any light upon what
happened but can only provide a final tally. There is no way for the voter, candidates
or officials to know whether the voter’s intent was accurately stored
and then correctly counted by the e-voting system. Everything happens
inside the black box.
With a paper ballot the voter can see their mark and has immediate feedback.
That mark is stored, unchangeable, in the ballot box until it is time to be
counted. If a recount is required, that ballot can be examined a second time.
It would be trivial for an e-voting system to report that it has stored a vote for
Ms X when in fact Mr Y gains one vote in the memory card. Under these circumstances,
a recount is no help, as the computer adds the same numbers
up again and will arrive at the same result each time. With paper, new people
can be called in to count and judges can debate each ballot paper, but with
e-voting the election is nothing but the numbers on the screen.
These fears are not just theoretical. Activists in the United States worked with
a Finnish computer security expert and a respected election official in Florida
to show how manipulation of a memory card before an election started
would allow results counted by an optical vote scanner to be altered without
trace. The successful manipulation is shown as the conclusion of Hacking
Democracy, a film documenting the many problems with e-voting based
elections in the United States18.
References (more in the article link given in the beginning)
9 See: http://www.jasonkitcat.com/?be_id=320
10 See: http://www.wijvertrouwenstemcomputersniet.nl/English
11 Source: http://www.cev.ie/htm/press/press040706.htm
12 Source: http://fiasco.ie/evoting/resources/CostofElectronicvotingAsOfMay.pdf
13 Source: http://www.electionsquebec.qc.ca/en/nouvelleDetail.asp?id=2153&typeN=2
14 Source: http://servesecurityreport.org/paper.pdf
15 Source: http://vote.nist.gov/DraftWhitePaperOnSIinVVSG2007-20061120.pdf
16 House Seat Hangs by a Byte, Kim Zetter, Wired News (11 Jan 2007)
http://www.wired.com/news/technology/0,72452-0.html
17 Source: http://www.nytimes.com/2007/01/04/washington/04voting.html
18 Hacking Democracy, http://www.hbo.com/docs/programs/hackingdemocracy/
On Fri, Jun 12, 2009 at 2:06 PM, Satya D <hita...@gmail.com> wrote:
All recognise EVM's are a serious problem for free and fair elections, but from Andhra Pradesh perspective, we need to look at some factors that are very revealing:
1) How can Andhra Pradesh Congress Party declare so precisely how many central seats they are going to win so consistenly for last six months and the elections results match exactly to the last digit?
For e.g, Six months ago YSR mentioned Congress will win 230 in state assembly and 33 in Centre. One month before he said 180 in state assembly and 33 in center. Soon after elections, his closest aide Mr. Lagadapati Rajagopal said they will win 156 in state and 33 center. The center matched the outcome exactly for last six months and state matched with the last predictions almost exactly. See the links below.
News coverage of declaration of elections results by Congress soon after elections (before results announced)
http://www.youtube.com/watch?v=SFs-D2p_goo
(Note: Detailed AP state elections data is in Telugu at
http://www.eenadu.net/archives/archive-17-5-2009/story.asp?qry1=1&reccount=40)
No where in history we know, a party could predict an election outcome so precisely. Even in US where there is elaborate analysis can any news agency, Pew Studies etc could predict out come of election, leave alone one but both state and central so precisely? How can this be possible from six month prior to elections a ruling party predict the outcome of elections exact to last digit? Especially when the race is 3 way and the outcome is so unpredictable?
This only show that the elections results are predetermined. Could EVM's played a role into that? Let us look into some more pointers.
2) EVMs are banned in Netherlands, Ireland (after spending 51 million pounds), Germany (considered e-voting unconstitutional), Italy. Dr. Swamy once mentioned how he demonstrated many years to election commissioner with a MIT Professor (his relation) how easy it is to manipulate the EVM's. Please see attached powerpoint presentation.
3) EVM's are developed in ECIL in Hyderabad. A rumor going around is Mr. N. Prasad head of ECIL is a Christian who is a friend of Christian evangelist Andhra CM YSR.
4) Are EVM's preprogrammed? Some pointers. Karimnagar and Nizamabad are well known backward districts of Andhra Pradesh. Each district have 2 seats each for center and all 4 are won by Congress. Now, in both districts combined out of 22 state assembly seats, only 4 assembly seats (out of 22) are won by Congress. How can it be possible the uneducated class of people would distinguish which party they would give their vote between State and Center?
5) Are EVM's preprogrammed? In Pulavendu constituency it is believed to be constituted by 80% of Kapu Vote which should go in a big way for Mr. Chiranjeevi but he lost that election. Is it to cut Mr. Chiranjeevi to size and send him a message? There are several such examples.
6) Andhra Pradesh is a cash cow for Congress where every Govt. license is believed to require paying 10% to Congress. There is so much news/data on the high level of corruption (as well as large scale looting of temples). This is a state which Congress would not want to lose and Congress is committed to win under any circumstances (hook or crook).
7) Add to this factor, Andhra CM is known to be a goonda that is known from his rise from Pulavendu constituency to Cuddapah district to Andhra Pradesh state where he has accumulated great record for notorious criminal activities. He is unscrupulous in nature and will go to any lengths to get desired objective.
What can be done?
Will the parties come together and take a stand against EVM and declare that they will not participate even one more election until we go back to paper process, like many other countries did?
Will the parties like TDP, Praja Rajyam, Communists and even BJP contest the seemingly blatantly rigged Andhra Pradesh elections before 30 days (since election announcement) runs out (in 3 or 4 days)?
What is at stake here is democracy, people's will to elect their leaders? It is what the country fought for many years and sacrificed their lives. Will we drag the country back to Emergency era and perhaps even backward to imperialism.
Regards,
Satya