Rule 3: Malice Trumps Balance
The Report concludes that, while there's no evidence of malicious vote tampering, the lack of control over memory cards and machines makes it impossible to be certain. As I said last month, deliberate vote tampering lies in the future, after we have deployed sufficient standardized machines to form a unified target.
An article in nytimes.com describes the peculiar relationship of the Venezuelan government to Sequoia Voting Systems, a Diebold competitor in the U.S. electronic voting machine market. Smartmatic, a company with no electronic voting machine experience before the Venezuelan government tapped it to provide machines for their 2004 elections, now owns Sequoia. The owners of Smartmatic also own a smaller, equally inexperienced, company that joined it to provide the Venezuelan machines, with that government owning 28 percent of the second company. I do not understand who owns what at this point, other than that Smartmatic bought Sequoia using the proceeds of their Venezuelan contract.
As with Cuyahoga County's elections, there is no evidence of foul play and Sequoia's machines have been through all the usual certifications. It should be obvious from the results to date, however, that certification has little effect on the reliability of the machines, their suitability for the job, or the adequacy of the infrastructure supporting them.
The election workers at each polling place can verify that voters are registered and that they cast their votes properly. A careful balance of Democrat and Republican workers prevents undue influence from either party. Unfortunately, those workers can neither prevent malicious software from affecting the results nor verify that such tampering has occurred.
Worse, because external certification inspections are essentially black-box tests, there's no way to examine the actual code base. Both Diebold and Sequoia claim to have good code (as do all vendors of all products!), but voting is one application area where those assurances simply aren't sufficient.