Ex-MI6 Boss: When It Comes To Voting, Pencil And Paper Are 'Much More Secure' Than Electronic Systems

from the and-he-should-know dept

Techdirt has been worried by problems of e-voting systems for a long time now. Before, that was just one of our quaint interests, but over the last few months, the issue of e-voting, and how secure it is from hacking, specifically hacking by foreign powers, has become a rather hot topic. It's great that the world has finally caught up with Techdirt, and realized that e-voting is not just some neat technology, and now sees that democracy itself is at play. The downside is that because the stakes are so high, the level of noise is too, and it's really hard to work out how worried we should be about recent allegations, and what's the best thing to do on the e-voting front.

What we really need is someone distant from the current US debate, and yet with a great deal of knowledge of how foreign intelligence services hack into computer systems. Maybe someone like Sir John Sawers, former head of MI6, the UK's CIA. Here's what he said recently to the BBC on the subject of e-voting:

"Bizarrely the stubby pencil and piece of paper that you put your cross on in the ballot box is actually much more secure than anything which is electronic."

And added:

"The more things that go online, the more susceptible you are to cyber attacks."

Since MI6 has probably been involved in quite a few of those attacks, Sir John speaks with a certain authority. He also has a good analysis of why there is this constant push for e-voting, even though security experts are pretty unanimous in their warnings of the dangers:

"The only trouble is, the younger generation of people expect to be able to do things remotely and through electronic devices."

That also goes some way to explaining the naivety of most people when it comes to the Internet of Things. Many people just "expect" everything to be digital and online and linked to its own app, even when it's just a hair brush.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cybersecurity, e-voting, evoting, john sawers, mi6, security, uk


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Jordan Chandler, 5 Jan 2017 @ 1:15pm

    surveillance

    Rich coming from a surveillance state

    link to this | view in thread ]

  2. icon
    Roger Strong (profile), 5 Jan 2017 @ 1:18pm

    Pencil and paper works perfectly fine too, here in Canada.

    But then we only vote on a single issue; a choice of candidates for one (1) position. From what I've heard from election officials in the US, - where citizens are often voting on multiple issues at once - counting pen and paper ballots can become a nightmare.

    link to this | view in thread ]

  3. icon
    art guerrilla (profile), 5 Jan 2017 @ 1:23pm

    been bitching about voting systems...

    ...for decades:
    paper ballots
    hand counted
    locally reported

    also, ranked choice voting will eventually -if not immediately- overturn the rethug/dem'rat duopoly of the one Korporate Money Party...
    it is not that open source s/w and h/w could not be used to design a secure, AUDITABLE, and transparent computer-based voting system, it is just that under the current incarnation of Empire, that will NOT HAPPEN...
    of course, there are a ton of ancillary issues to address beyond the actual vote mechanism, but unless that is secured, all the rest is meaningless...

    link to this | view in thread ]

  4. icon
    DannyB (profile), 5 Jan 2017 @ 1:24pm

    Electronic Voting is okay

    Electronic Voting is okay as long as the electronics are only used to quickly and easily count the pencil and paper ballots.

    Having the artifacts of the pencil and paper ballots mean that recounts can be done, either electronically or manually.

    One could even do manual random statistical recount sampling to see if anything smells funny.

    The electronics are there to assist, not to make it possible to subvert the entire process.

    link to this | view in thread ]

  5. identicon
    Anonymous Coward, 5 Jan 2017 @ 1:25pm

    Re: been bitching about voting systems...

    Security Theater is your friend! It works wonders and keeps the mice busy.

    ~Government(s)

    link to this | view in thread ]

  6. identicon
    Anon, 5 Jan 2017 @ 1:25pm

    Of course!

    Canada mainly uses paper ballots, and guess what? The results are pretty well tabulated within a few hours for a country of 34 million; and recounts are simple and reliable.

    The biggest reason why is simple. In a federal election, like Britain, we only have one vote- "Who do you want for Member of Parliament of your riding?"

    None of this American stupidity of so many votes, you even elect judges, sheriffs and dog catchers; ballots so big you need a butterfly ballot and a serious concern is that people can't follow a line across a page because the print is so small.

    My ideal electronic system would be simple too - you select your votes on a computer, the computer then spits out paper ballots marked accordingly with both machine readable and bar-code values. You can count the votes using sheet feeder and barcode reader, but can validate any results by comparing bar-codes and text. (Or use a sorter - if you suspect hacking, sort all the ballots for A by bar code into one bin, then flip through them to look for incorrect text). Paper is solid and indelible. Unregistered people who sign in could have their ballot coded to allow for retroactive (in)validation of their vote, while registered voters retain anonymous ballots. Time-stamp ballots to a 5-minute range or 20-voter range to allow tracking of ballots watching for box stuffing.

    However, the biggest problem with US elections? NOT ENOUGH POLLING STATIONS. In Canada, typically every neighbourhood school is a polling place. American polling stations seem to have several times more people in line at any one time than my whole polling station is set for.

    link to this | view in thread ]

  7. identicon
    Anonymous Coward, 5 Jan 2017 @ 1:25pm

    Seems like pen and paper would be better.

    Aren't pencils generally erasable?

    link to this | view in thread ]

  8. icon
    DannyB (profile), 5 Jan 2017 @ 1:28pm

    Freedom to Choose is important

    Do you want a tyrant or do you want a dictator?

    Do you want a liar or a clown?

    Do you want someone who will ruin the country for their own personal agenda, or who will sell out the country for their own personal profit?

    Your vote should count!

    link to this | view in thread ]

  9. icon
    DannyB (profile), 5 Jan 2017 @ 1:31pm

    Re: Seems like pen and paper would be better.

    As long as you have paper ballots, it is possible to ensure that there are always enough people present (excluding massive collusion) to ensure nothing suspicious is going on.

    Like with nukes, no lone person alone with the nuke, er . . . ballot box. Maybe it should take multiple local officials to unlock the ballot box, etc.

    I trust these kinds of measures more than pure electronic voting. The electronics can assist with real time counting as you pass your ballot through a counter as it drops into the sealed ballot collection box.

    The more transparent, the better.

    link to this | view in thread ]

  10. identicon
    kallethen, 5 Jan 2017 @ 1:44pm

    Re: Seems like pen and paper would be better.

    I think the key point is having that hard copy paper ballot, but yes, indelible ink pens would be more secure than pencils. That's what we use in Connecticut.

    link to this | view in thread ]

  11. icon
    wereisjessicahyde (profile), 5 Jan 2017 @ 1:45pm

    Re: Seems like pen and paper would be better.

    Don't go thinking using a pen will help either. MI6 has 1000's of gallons of Tipp-ex (Liquid Paper) and teams of specialists trained in its use. No vote is save!

    link to this | view in thread ]

  12. identicon
    David, 5 Jan 2017 @ 1:57pm

    Pen and paper are by no means more secure.

    You can tamper with them easily enough. But the effects are proportionate to the tampering, and the controls are proportionate to the ballots. That makes it a really hard proposition to swing a vote that is not already split on a hair.

    A successful attack on an electronic voting system is quite harder. But if you succeed, the payoff is ludicrous. We are not talking about tampering with a single ballot or a single ballot box or a single court house here.

    link to this | view in thread ]

  13. icon
    Roger Strong (profile), 5 Jan 2017 @ 2:02pm

    Re: Re: Seems like pen and paper would be better.

    Nonsense. I've been an election scrutineer here in Canada. Ballot counting starts the moment the polls close, with the counters from each party and the scrutineers gathered around. There's no opportunity for erasing or liquid papering.

    link to this | view in thread ]

  14. identicon
    MailItInDummies, 5 Jan 2017 @ 2:11pm

    "The only trouble is, the younger generation of people expect to be able to do things remotely and through electronic devices."

    "The only trouble is, the younger generation of people expect to be able to do things remotely and through electronic devices."

    Mail in ballots, a week or more to decide and pencil in your vote. When done, drop it in the mail or an official dropbox.

    That is convenience, secure and gives voters a a week or more to cast their vote with no time off from important appointments or work or school.

    link to this | view in thread ]

  15. identicon
    Michael Evans, 5 Jan 2017 @ 2:42pm

    Re: Electronic pre-COUNTING is okay

    Human readable paper ballots.

    Electronic voting provides a QUICK pre-count for the news.

    MANDATORY human re-counting provides the official tally.

    That is how you have a secure election that also had fast (pre) results.

    link to this | view in thread ]

  16. icon
    art guerrilla (profile), 5 Jan 2017 @ 5:12pm

    Re: Re: Re: Seems like pen and paper would be better.

    1. seriously, thank you for your observations/contribution...
    2. Scrutineer ! ! ! is that for real ? do you get a badge ? *i* want to be a Scrutineer ! ! !
    (still get bonus points if it is a neologism, good one...)

    link to this | view in thread ]

  17. identicon
    Anonymous Coward, 5 Jan 2017 @ 5:33pm

    Re:

    The paper is to have data for review later, several types are capable of being scanned by computer.

    link to this | view in thread ]

  18. identicon
    Anonymous Coward, 5 Jan 2017 @ 8:38pm

    pencil and paper

    what are you 200021 years old? I don't understand your primitive Luddite obsession truth and accuracy, diabolical has money to make, thanks bandar bush

    link to this | view in thread ]

  19. icon
    wereisjessicahyde (profile), 5 Jan 2017 @ 10:45pm

    Re: Re: Re: Re: Seems like pen and paper would be better.

    Why they fuck is that only us Brits can understand irony?

    link to this | view in thread ]

  20. icon
    wereisjessicahyde (profile), 5 Jan 2017 @ 10:47pm

    Re: Re: Re: Re: Re: Seems like pen and paper would be better.

    Oh, and Canadians. Sorry Roger.

    link to this | view in thread ]

  21. identicon
    Anonymous Howard II, 6 Jan 2017 @ 2:51am

    Re: surveillance

    While our intrusive mass surveillance is rightly condemnable, I'm not sure that it's terribly relevant to the issue of voting security.

    Now, if we were a country with a history of electoral fraud, or maybe we used voting machines with questionable security...

    link to this | view in thread ]

  22. icon
    Ninja (profile), 6 Jan 2017 @ 4:58am

    "Many people just "expect" everything to be digital and online and linked to its own app, even when it's just a hair brush. "

    Two words: smart vibrator.

    Don't underestimate the bs.

    link to this | view in thread ]

  23. identicon
    Anonymous Coward, 6 Jan 2017 @ 5:08am

    Re: pencil and paper

    Gotta love those who misuse the term, sorta cute.

    link to this | view in thread ]

  24. identicon
    Anonymous Coward, 6 Jan 2017 @ 5:40am

    "Bizarrely the stubby pencil and piece of paper that you put your cross on in the ballot box is actually much more secure than anything which is electronic."

    I wonder if he's aware of something called an eraser...

    link to this | view in thread ]

  25. icon
    crade (profile), 6 Jan 2017 @ 8:14am

    "The only trouble is, the younger generation of people expect to be able to do things remotely and through electronic devices."

    IMHO The trouble has everything to do with the cost of scaling pencil and paper compared to scaling a web site and nothing to do with what young people expect. Since when does anyone care what the vastly outnumbered young people think anyway :)

    link to this | view in thread ]

  26. identicon
    Peter, 6 Jan 2017 @ 8:21am

    In the Netherlands we still vote with with pencil and paper, as a result of protests. "We don't trust voting machines".

    link to this | view in thread ]

  27. icon
    tom (profile), 6 Jan 2017 @ 10:54am

    My state of Oklahoma uses a thick paper ballot that is scanned and counted. Even when there are 20-30 different things to vote on, it doesn't take long to fill in the boxes with the provided ink pen. The ballot is scanned when you feed it in and kicked back if the scanner can't read the ballot. The few hand recounts we have had have been within a few votes of the original scanned tabulations.

    link to this | view in thread ]

  28. icon
    ECA (profile), 6 Jan 2017 @ 11:21am

    So.

    A voting system that has to be ON THE NET??
    Does not have a verification system?
    And all the Cheap tech they can PUT in a box?

    ISNT secure?

    And a BOX full of paper ballots? could be safer? As it has to be taken and traveled to a location to be counted?

    link to this | view in thread ]

  29. icon
    Ed (profile), 6 Jan 2017 @ 11:59am

    Some of us don'tunderstand this new fangled technology

    For those of us who don't know how pencils and paper are made or used, the pencil and paper system is definitely not secure.

    Bring back chisels and stone tablets.

    link to this | view in thread ]

  30. icon
    jameshogg (profile), 6 Jan 2017 @ 6:55pm

    Re: been bitching about voting systems...

    "...for decades:
    paper ballots
    hand counted
    locally reported"

    Also, arguably the most crucial: shuffled. So that voter anonymity is protected.

    When the votes are in that box, nobody knows who voted for who as they are all mixed up, not even the "shuffler". Not even a good magician can pull off any sneaky zarrow techniques in these circumstances. This way you can't tell who voted what by taking a note of the order voters walked into the booths.

    Try making computers scramble the votes in the same way and you can't do it. Because since the votes have to be stored in memory at some point, it is possible to record the order in which they were stored. Doesn't matter if you entropy-shuffle it after: the damage of storing the order in the first place had already been done.

    Digital voting is a utopia, even from a blockchain perspective. It doesn't work, and the paper ballot is superior for this reason of shuffling alone.

    link to this | view in thread ]

  31. icon
    The Wanderer (profile), 7 Jan 2017 @ 2:06pm

    Re: Re: been bitching about voting systems...

    > Try making computers scramble the votes in the same way and you can't do it.

    What are you talking about? Of course it's possible. It's probably possible to design systems which _don't_ do it, but even assuming that the votes were cast on a system which doesn't, it's always possible to transfer the votes into a different system and then scramble them around there.

    I've already thought of at least three ways to approach this just off the top of my head - one of which I could implement easily if you gave me access to a system that includes functions to load a data file containing already-cast ballots with unique sequential IDs, and functions to write out such a file, and a definition of the format of the data structure which contains the ballots. Copying the ballots across in random order into a new copy of the same data structure, leaving the original unique IDs behind and generating new ones at copy time, would be trivial; delete the original data file and just use the new one, and hey presto, your ballots are shuffled and there's no way to reconstruct the original order.

    I really don't know where you're coming from on this.

    link to this | view in thread ]

  32. identicon
    Anonymous Coward, 9 Jan 2017 @ 10:18am

    Re:

    Here where I live in CA. We had Electronic Voting machines for 1 year and never again!!! We've been doing what they've been doing in schools forever and that's filling in bubbles. In school it was a #2 pencil, but for voting a pen is used. So you fill in the bubble for whatever person for Yes/No, etc that needs to be voted on.

    So there's no computer cheating possible. There's no dumb hanging chad. Once you fill out the paper(s) you slip it right into the single machine where it add's up the votes. So it's simple. best of all, there's a paper record right there for all those forms with filled in bubbles.

    It's been working great for schools in test taking and it works great in voting. You setup a bunch of stations for people to stand or sit that cost very little money. A screen to kind of block others from viewing what you're doing and some pens. There's just the single scanning machine so costs are much lower.

    I just don't see voting computers are a smart investment. They are used very little and get outdated fast where after so many years you can't get parts at all to fix them. I know this in the food Industry I work in and the touch screen computers the machines use. They get outdated and you can't fix them, you have to replace them at great cost. Replacing hundreds or thousands of voting machines maybe every 8-10 years seems costly!!! Why have a bunch of costly computer voting machines at one voting place when you can just have a single scanner and a real paper trail?

    link to this | view in thread ]

  33. icon
    jameshogg (profile), 9 Jan 2017 @ 10:30am

    Re: Re: Re: been bitching about voting systems...

    "and there's no way to reconstruct the original order."

    Except the hidden script that would record the order in memory. If this were an attempted magic trick shuffling cards, an audience would be quite right to assume something else is going on inside that CPU and it would be a lousy trick, because computers can't be trusted to really shuffle the cards.

    With an empty tangible box that can be witnessed to be locked in that empty state beforehand, not even the most sophisticated trick-boxes in the world would be able to tell from hundreds of folded, concealed papers which order they went in.

    People can see empty boxes, they can't see empty bits.

    link to this | view in thread ]

  34. icon
    The Wanderer (profile), 9 Jan 2017 @ 7:53pm

    Re: Re: Re: Re: been bitching about voting systems...

    What "hidden script" are you talking about?

    I'm working from the assumption that the ballots have been recorded in a data file, and I'm writing a program which will read in the contents of that data file. Nothing other than what is in the data file is available.

    That seems like a valid assumption, because if the data isn't recorded into a file rather than being stored in memory, there's no way to get it off the voting machine where the vote was tabulated to begin with.

    Once the ballots are in the data file, if the hidden record of their original order isn't stored there, it's lost - and if it _is_ stored there, it's visible to whatever program I'm writing, and my program is capable of storing whatever values it wants in that field when it writes out a shuffled version of the file.

    (Yes, the original file still exists, but it can be deleted.)

    If you're arguing "we can't trust that what the computer says it's doing / recording is what it's really doing/recording", that's an argument for open-source, community- and professionally-audited voting-system software - but it doesn't support the idea that it's impossible to make a computer shuffle votes into a storage order that has nothing to do with the order in which they came in. (It's even trivially possible to design a program which would store them in random order in the first place.)

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.