05-31-2009, 05:36 PM
<b><span style='font-size:14pt;line-height:100%'>EVMs are not tamper-proof
</b></span>
<b>* Jayalalithaa, Chandrababu Naidu want to return to ballot papers.
* In Orissa, parties are approaching EC with dozens of complaints.
* Nowhere in Europe or US are EVMs used.</b>
By Dr Subramanian Swamy
JUNE 07, 2009
Numerous electronic voting inconsistencies in developing countries, where governments are often all too eager to manipulate votes, have only added to the controversy. After Hugo Chavez won the 2004 election in Venezuela, it came out that the government owned 28 per cent of Bizta, the company that manufactured the voting machines.
Now Madras High Court is hearing a PIL on the EVMs. This is a good news. I believe time has arrived for taking a long, hard look at these riggable machines that favour the ruling party which has ensured a pliant Election Commission. Otherwise, elections would soon become ridiculed and lose their credibility. The demise of democracy would then be near.
There is much talk today about the possibility of rigging of the electoral outcome in the recent general elections to the Lok Sabha. These doubts have arisen from the unexpected number of seats won by the Congress nation-wide, and these doubts are accentuated by the recent spate of articles published in reputed computer engineering journals as also in the popular international press which raises doubts about the EVMs.
For example, the respected International Electrical & Electronics Engineering Journal (The IEEE, May 2009, p.23) has published an article by two eminent professors of computer science, titled: âTrustworthy Votingâ in which they conclude that while electronic voting machines offer a myriad of benefits, these cannot be reaped unless nine suggested safeguards are put in place for protecting the integrity of the outcome. None of these nine safeguards are in place in Indian EVMs. Electronic voting machines in India today do not meet the standard of national integrity and safeguard the sanctity of democracy.
Newsweek magazine issue (dated June 1, 2009) has published an article by Evgeny Morozov, who points out that when Ireland embarked on an ambitious e-voting scheme in 2006, such as fancy touch-screen voting machines, it was widely welcomed: Three years and Euro 51 million later, in April, the government scrapped the entire initiative. What doomed the effort was a lack of trust: The electorate just didnât like that the machines would record their votes as mere electronic blips, with no tangible record.
Morozov points out that one doesnât have to be a conspiracy theorist to suspect the fallibility of electronic voting machines. As most PC-users know by now, computers can be hacked. We are not unwilling to accept this security risk in banking, shopping and e-mailing since the fraud is at the micro-level, and of individual consequence which in most cases is rectifiable. But the ballot box needs to be perfectly safeguarded because of the monumental consequence of a rigged or faulty vote recording. It is of macro-significance much like an âe-coup dâetatâ. At least thatâs what voters across Europe seem to have said loud and clear.
Thus, a backlash against e-voting is brewing all over the European continent. After almost two years of deliberations, Germanyâs Supreme Court ruled last March that e-voting was unconstitutional because the average citizen could not be expected to understand the exact steps involved in the recording and tallying of votes. Political scientist Ulrich Wiesner, a physicist who filed the initial lawsuit, said in an interview with the German magazine Der Spiegel that the Dutch Nedap machines used in Germany are even less secure than mobile phones! The Dutch public-interest group Wij Vertrouwen Stemcomputers Niet (We Do Not Trust Voting Machines) produced a video showing how quickly the Nedap machines could be hacked without voters or election officials being aware (the answer: in five minutes!). After the clip was broadcast on national television in October 2006, the Netherlands banned all electronic voting machines.
Numerous electronic voting inconsistencies in developing countries, where governments are often all too eager to manipulate votes, have only added to the controversy. After Hugo Chavez won the 2004 election in Venezuela, it came out that the government owned 28 per cent of Bizta, the company that manufactured the voting machines. On the eve of the 2009 elections in India, I had in a press conference in Chennai raised the issue and pointed out that those who had been convicted in the US for hacking of bank accounts on the internet and credit cards had been recruited just before the elections. In the US, the Secretary of State of California has now set up a full-fledged inquiry into EVMs, after staying all further use.
Why are the EVMs so vulnerable? Each step in the life cycle of a voting machineâ from the time it is developed and installed to when the votes are recorded and the data transferred to a central repository for tallyingâinvolves different people gaining access to the machines, often installing a new software. It wouldnât be hard for, say, an election official to paint a parallel programme under another password, on one or many voting machines that would ensure one outcome or another pre-determined even before voters arrived at the poll stations.
These dangers have been known to the Election Commission since 2000, when Dr MS Gill, the then CEC, had arranged at my initiative for Professor Sanjay Sarma of Massachusetts Institute of Technology (MIT) and Dr Gitanjali Swamy of Harvard to demonstrate how unsafeguarded the chips in EVMs were. Some changes in procedures were made subsequently by the EC, but not on the fundamental flaws that make it compliant to hacking. In 2004, the Supreme Court First Bench of Chief Justice VN Khare, Justices Babu and Kapadia had directed the Election Commission to consider the technical flaws in EVMs put forward by Prof. Satinath Choudhary, a US-based software engineer, in a PIL. But the EC has failed to consider his representation.
There are many ways to prevent EVM fraud. One way to reduce the risk of fraud is to have machines print a paper record of each vote, which voters could then deposit into a conventional ballot box. While this procedure would ensure that each vote can be verified, using paper ballots defeats the purpose of electronic voting in the first place. Using two machines produced by different manufacturers would decrease the risk of a security compromise, but wouldnât eliminate it.
A better way, it is argued in the above-cited IEEE article, is to expose the software behind electronic voting machines to public scrutiny. The root problem of popular electronic machines is that the computer programmes that run them are usually closely held trade secrets (it doesnât help that the software often runs on the Microsoft Windows operating system, which is not the worldâs most secure). Having the software closely examined and tested by experts not affiliated with the company would make it easier to close technical loopholes that hackers can exploit. Experience with web servers has shown that opening software to public scrutiny can uncover potential security breaches.
However, as the Newsweek article points out, the electronic voting machine industry argues that openness would hurt the competitive position of the current market leaders. A report released by the Election Technology Council, a US trade association, in April this year says that disclosing information on known vulnerabilities might help would-be attackers more than those who would defend against such attacks. Some computer scientists have proposed that computer code be disclosed only to a limited group of certified experts. Making such disclosure mandatory for all electronic voting machines would be a good first step for preventing vote fraud, and also be consistent with openness in the electoral process.
Now Madras High Court is hearing soon a PIL on the EVMs. This is a good news. I believe time has arrived for taking a long, hard look at these riggable machines that favour the ruling party which has ensured a pliant Election Commission. Otherwise, elections would soon become ridiculed and lose their credibility. The demise of democracy would then be near. Hence evidence must now be collected by all political parties to determine how many constituencies they suspect rigging. The number would not exceed 75 in my opinion. We can identify them as follows: In the 2009 general elections, any result in which the main losing candidate of a recognised party finds that more than 10 per cent of the polling booths showed less than five votes per booth, should be taken prima facie a constituency in which rigging has taken place. This is because the main recognised parties usually have more than five party workers per booth, and hence with their families would poll a minimum of 25 votes per booth for their party candidate. Hence if these 25 voters can give affidavits affirming who they had voted for, then the High Court can treat it as evidence and order a full inquiry.
(The writer is a former Union Law Minister.)
http://www.organise r.org/dynamic/ modules.php? name=Content&pa=showpage&pid=294&page=2
</b></span>
<b>* Jayalalithaa, Chandrababu Naidu want to return to ballot papers.
* In Orissa, parties are approaching EC with dozens of complaints.
* Nowhere in Europe or US are EVMs used.</b>
By Dr Subramanian Swamy
JUNE 07, 2009
Numerous electronic voting inconsistencies in developing countries, where governments are often all too eager to manipulate votes, have only added to the controversy. After Hugo Chavez won the 2004 election in Venezuela, it came out that the government owned 28 per cent of Bizta, the company that manufactured the voting machines.
Now Madras High Court is hearing a PIL on the EVMs. This is a good news. I believe time has arrived for taking a long, hard look at these riggable machines that favour the ruling party which has ensured a pliant Election Commission. Otherwise, elections would soon become ridiculed and lose their credibility. The demise of democracy would then be near.
There is much talk today about the possibility of rigging of the electoral outcome in the recent general elections to the Lok Sabha. These doubts have arisen from the unexpected number of seats won by the Congress nation-wide, and these doubts are accentuated by the recent spate of articles published in reputed computer engineering journals as also in the popular international press which raises doubts about the EVMs.
For example, the respected International Electrical & Electronics Engineering Journal (The IEEE, May 2009, p.23) has published an article by two eminent professors of computer science, titled: âTrustworthy Votingâ in which they conclude that while electronic voting machines offer a myriad of benefits, these cannot be reaped unless nine suggested safeguards are put in place for protecting the integrity of the outcome. None of these nine safeguards are in place in Indian EVMs. Electronic voting machines in India today do not meet the standard of national integrity and safeguard the sanctity of democracy.
Newsweek magazine issue (dated June 1, 2009) has published an article by Evgeny Morozov, who points out that when Ireland embarked on an ambitious e-voting scheme in 2006, such as fancy touch-screen voting machines, it was widely welcomed: Three years and Euro 51 million later, in April, the government scrapped the entire initiative. What doomed the effort was a lack of trust: The electorate just didnât like that the machines would record their votes as mere electronic blips, with no tangible record.
Morozov points out that one doesnât have to be a conspiracy theorist to suspect the fallibility of electronic voting machines. As most PC-users know by now, computers can be hacked. We are not unwilling to accept this security risk in banking, shopping and e-mailing since the fraud is at the micro-level, and of individual consequence which in most cases is rectifiable. But the ballot box needs to be perfectly safeguarded because of the monumental consequence of a rigged or faulty vote recording. It is of macro-significance much like an âe-coup dâetatâ. At least thatâs what voters across Europe seem to have said loud and clear.
Thus, a backlash against e-voting is brewing all over the European continent. After almost two years of deliberations, Germanyâs Supreme Court ruled last March that e-voting was unconstitutional because the average citizen could not be expected to understand the exact steps involved in the recording and tallying of votes. Political scientist Ulrich Wiesner, a physicist who filed the initial lawsuit, said in an interview with the German magazine Der Spiegel that the Dutch Nedap machines used in Germany are even less secure than mobile phones! The Dutch public-interest group Wij Vertrouwen Stemcomputers Niet (We Do Not Trust Voting Machines) produced a video showing how quickly the Nedap machines could be hacked without voters or election officials being aware (the answer: in five minutes!). After the clip was broadcast on national television in October 2006, the Netherlands banned all electronic voting machines.
Numerous electronic voting inconsistencies in developing countries, where governments are often all too eager to manipulate votes, have only added to the controversy. After Hugo Chavez won the 2004 election in Venezuela, it came out that the government owned 28 per cent of Bizta, the company that manufactured the voting machines. On the eve of the 2009 elections in India, I had in a press conference in Chennai raised the issue and pointed out that those who had been convicted in the US for hacking of bank accounts on the internet and credit cards had been recruited just before the elections. In the US, the Secretary of State of California has now set up a full-fledged inquiry into EVMs, after staying all further use.
Why are the EVMs so vulnerable? Each step in the life cycle of a voting machineâ from the time it is developed and installed to when the votes are recorded and the data transferred to a central repository for tallyingâinvolves different people gaining access to the machines, often installing a new software. It wouldnât be hard for, say, an election official to paint a parallel programme under another password, on one or many voting machines that would ensure one outcome or another pre-determined even before voters arrived at the poll stations.
These dangers have been known to the Election Commission since 2000, when Dr MS Gill, the then CEC, had arranged at my initiative for Professor Sanjay Sarma of Massachusetts Institute of Technology (MIT) and Dr Gitanjali Swamy of Harvard to demonstrate how unsafeguarded the chips in EVMs were. Some changes in procedures were made subsequently by the EC, but not on the fundamental flaws that make it compliant to hacking. In 2004, the Supreme Court First Bench of Chief Justice VN Khare, Justices Babu and Kapadia had directed the Election Commission to consider the technical flaws in EVMs put forward by Prof. Satinath Choudhary, a US-based software engineer, in a PIL. But the EC has failed to consider his representation.
There are many ways to prevent EVM fraud. One way to reduce the risk of fraud is to have machines print a paper record of each vote, which voters could then deposit into a conventional ballot box. While this procedure would ensure that each vote can be verified, using paper ballots defeats the purpose of electronic voting in the first place. Using two machines produced by different manufacturers would decrease the risk of a security compromise, but wouldnât eliminate it.
A better way, it is argued in the above-cited IEEE article, is to expose the software behind electronic voting machines to public scrutiny. The root problem of popular electronic machines is that the computer programmes that run them are usually closely held trade secrets (it doesnât help that the software often runs on the Microsoft Windows operating system, which is not the worldâs most secure). Having the software closely examined and tested by experts not affiliated with the company would make it easier to close technical loopholes that hackers can exploit. Experience with web servers has shown that opening software to public scrutiny can uncover potential security breaches.
However, as the Newsweek article points out, the electronic voting machine industry argues that openness would hurt the competitive position of the current market leaders. A report released by the Election Technology Council, a US trade association, in April this year says that disclosing information on known vulnerabilities might help would-be attackers more than those who would defend against such attacks. Some computer scientists have proposed that computer code be disclosed only to a limited group of certified experts. Making such disclosure mandatory for all electronic voting machines would be a good first step for preventing vote fraud, and also be consistent with openness in the electoral process.
Now Madras High Court is hearing soon a PIL on the EVMs. This is a good news. I believe time has arrived for taking a long, hard look at these riggable machines that favour the ruling party which has ensured a pliant Election Commission. Otherwise, elections would soon become ridiculed and lose their credibility. The demise of democracy would then be near. Hence evidence must now be collected by all political parties to determine how many constituencies they suspect rigging. The number would not exceed 75 in my opinion. We can identify them as follows: In the 2009 general elections, any result in which the main losing candidate of a recognised party finds that more than 10 per cent of the polling booths showed less than five votes per booth, should be taken prima facie a constituency in which rigging has taken place. This is because the main recognised parties usually have more than five party workers per booth, and hence with their families would poll a minimum of 25 votes per booth for their party candidate. Hence if these 25 voters can give affidavits affirming who they had voted for, then the High Court can treat it as evidence and order a full inquiry.
(The writer is a former Union Law Minister.)
http://www.organise r.org/dynamic/ modules.php? name=Content&pa=showpage&pid=294&page=2