Please disable your adblock and script blockers to view this page

A Texas County Clerk?s Bold Crusade to Transform How We Vote


Profile
DeBeauvoir
Congress
C-SPAN
Pac-Man
Rice University
PCMCIA
NewmanJack
The Austin Chronicle
off?”“I
Lone Star
the University of Texas
Education
the LBJ School of Public Affairs
New Deal
Medicare
Eagle Scout
Supreme Court
Yale University
RSA
Scientific American
MIT
Rivest
the House of Representatives
ID
Benaloh
Chaum-Pedersen
Microsoft
VoteBox
Benaloh's
Google
UC Berkeley
the League of Women Voters
the Republican National Committee
the STAR-Vote
the Ford Foundation
the Pew Charitable Trusts
Texas Association of Counties
eSlate
STAR-Vote.”Finally
The STAR-Vote
DNC
ES&S
the Wharton School of Business
LLC
Legal and Policy Division
Microsoft Research
Goliath
ElectionGuard
Galois, STAR-Vote's
VotingWorks
Fulton
Washingtonian
Subscribe
Condé Nast
Affiliate Partnerships


Benjamin WoffordTo
Profile
Dana DeBeauvoir
Python
CherryPy
Benedict Arnold
Hal
Dan Wallach
Lily Hay
Josh Benaloh
Austin
Bush
Gore
it.”Dana DeBeauvoir
Wilbur Cohen
Ben Smithers
Ron Rivest
Adi Shamir
Leonard Adleman
Bella Abzug
Yea
Nay
Ben Adida
Bob
Alice
Adida—
Biden
Philip Stark
Joe
Lloyd Dogget
Mary
Willem Dafoe
Lisa Tollefson
understand?At
R. C. Carter
Carter—
Hacker


Southern
American
Greeks
North Koreans
binary—1
Russians
Chinese


West Coast
Silicon Valley


PhDs
Capitol
Guadalupe Street


San Francisco
Travis County
Texas
Austin
Florida
Washington, DC
Houston
Northern Ireland
DeBeauvoir
Fort Worth
Arlington
Australia
Connecticut
Homomorphic
Milwaukee
Germany
Luxembourg
California
Brussels
Belgium
US
Los Angeles
Hart
Travis County's
Darpa
Russia
Fulton
Wisconsin


the Peloponnesian War
World War I.
tombstone—‘Be

Positivity     39.00%   
   Negativity   61.00%
The New York Times
SOURCE: https://www.wired.com/story/dana-debeauvoir-texas-county-clerk-voting-tech-revolution/
Write a review: Wired
Summary

They dug up voting machines whose encryption codes were “abcde,” and they cooked up malware that forced DREs to run Pac-Man or swing elections for Benedict Arnold. One professor and his grad students hacked the real-life voting system of Washington, DC—forcing the machines' auxiliary speakers to blast a school fight song and changing the ballot choices to “Bender” and “Hal 9000.”One of the earliest stuntmen was a Texas professor named Dan Wallach. Wallach lambasted the voting machine manufacturers for keeping their code secret instead of going open source. She told the paper that she was bending over backward to secure the machines—all for “appeasing a worry that is a little dubious.” She torched Wallach's rhetoric as “awful” and “unfair” and later called him “a rock-thrower.”By 2011 this history was well known to everyone assembled in the conference room of the San Francisco Westin—where Wallach himself sat in the audience, watching DeBeauvoir from a distance.Onstage, DeBeauvoir found her bearings and then turned up the heat. She was tired of seeing clerks “vilified by electronic voting critics who made broad sweeping statements”—attacks that denigrated not just machines but “the people who administered them.” Every year the broadsides continued, “without any advice to those of us who are in the field.” She accused the academics of doing little to quell the conspiracy theories their research tended to spawn, meaning that “academic papers and internet rumors were often given equal weight in the public discourse.” All this while she toiled endlessly just to convince citizens and politicians that elections were fair.DeBeauvoir was practically seething, and the audience shifted nervously. The paper was called “Verifiable Secret-Ballot Elections,” and its author was Josh Benaloh, then a 28-year-old grad student. Because of new techniques in cryptography, it began, mathematicians could now perform “tasks that seem to defy intuition.” Those techniques, he wrote, made it theoretically possible to construct an election in which everyone's ballot could remain completely secret, while, at the same time, the record of everyone's vote could be “verifiable by all participants”—like a rabbit that's pulled out of a magician's hat and stays hidden inside it at the same time. “It would be easy,” says Ben Adida, another acolyte of Rivest who has worked on cryptographic voting. You can never know if your vote was counted, or counted accurately—whether your ballot sailed through, got jammed in the machine, or was abandoned in a lobby with a sack full of other votes (as happened in Connecticut in 2010).In short, modern elections enshrine privacy at the cost of transparency, and try to compensate for the loss with a host of bureaucratic patches: voter-registration schemes to prevent people from voting twice, tally systems that ensure the number of voters matches the ballot total, and centralized polling places where rival election monitors can scrutinize the proceedings, all to impart legitimacy to a system of vanishing ballots. “If you want to understand why elections are hard, it's because of the secret ballot,” says Adida—that's the single variable “that introduces all of the operational complexity and trust.” Not for nothing did a leading technology conference recently declare voting the “hardest problem in IT security.”The moment your vote is cast, it becomes dissociated from you, vanishing into a stream of ballots.At MIT, Rivest tossed a paper onto Benaloh's desk that contained a clue to how that problem might be cracked. This homomorphic principle allowed you to encrypt those two numbers, then add them together without decrypting them, and the sum would be an encryption of the number 6.Benaloh's curiosity was set ablaze; he quickly understood that homomorphic cryptography, as it came to be called, had a perfect use case: voting in elections. Using a set of mathematical operations called Chaum-Pedersen protocols, auditors would be able to crunch all those ciphertexts to arrive at what cryptographers call a non-interactive zero-knowledge proof: “Proof that the vote is correctly captured,” Benaloh explained, but without any way to know whose ballot said what.But the thing that excited Benaloh most was what this scheme would mean for individual voters. For the first time, elections would not only be verifiable, but people could be certain whether their specific vote had been counted, all without violating the secret ballot.Crucially, Benaloh was not setting out to design an “unhackable” voting machine, an idea he regarded as a chimera. “Rather than ‘prevention,’ it's all about detection.”For the first time, elections would not only be verifiable, but people could be certain whether their specific vote had been counted, all without violating the secret ballot.His paper, he says, was “just a small step” in the broad scheme of cryptography. How was it that our voting technology was routinely hacked by grad students?A week later, DeBeauvoir called Wallach. “Can I bring some friends?”Rice University computer science professor Dan Wallach had been involved in some of the most damning research on direct-recording electronic voting machines, including a major investigation by the state of California.While news about the project spread in the elections world, Wallach started to assemble a posse. They called it STAR-Vote.The team that Wallach put together was like a fantasy sports roster of election security luminaries. “By the end of the weekend,” says Wallach, “we had a design.”That design looked a lot like a typical voting machine. Once the voter had finished at the machine and printed out their encrypted paper ballot, they could either cast it in the ballot box to be counted or they could “challenge” it by taking it to a poll worker who would mark it as “spoiled.” Then the citizen would vote again. After the election they could then look up their decrypted, spoiled ballot to see whether the machine had really recorded a vote for the right person.That design looked a lot like a typical voting machine. And the code would be entirely open source.Propagated across precincts on the scale of a national election, the cumulative challenges would add up: If 10,000 people out of 100 million spoiled their votes, the odds that an evil machine could swap your vote without being detected were 0.01 percent.STAR-Vote also took the idea of verification further. What's more, she told voters that Travis County could build STAR-Vote for cheaper than the machines the manufacturers were trying to sell. “Quite frankly,” she says, “they were a little intimidated by the level of math.”As the 2016 election loomed, DeBeauvoir was becoming desperate. Their core business model seemed to involve locking clients into relationships of “ongoing annual payments.” Small wonder, then, that the firms hadn't leapt to DeBeauvoir's idea of building a machine with open source code that aimed to liberate local governments with cheap, self-sustaining technology.Now things had turned dire for DeBeauvoir. STAR-Vote was effectively a dead letter.DeBeauvoir had been trying to build STAR-Vote for six years. “Even stubborn wasn't going to work.”During the middle of her negotiations for a new contract on voting machines, DeBeauvoir received a horrifying call. “Ben, mother, and STAR-Vote,” she says. “That losing STAR-Vote would be up there so high—that surprised me.”“Now I tell myself the truth,” she says. “There's no way that it makes sense for Microsoft to make a business out of elections,” Benaloh explains. Microsoft is a mass-market software company.” Nor had Benaloh's pathfinding work on STAR-Vote attracted anything more than a cursory thumbs-up as one of a million interesting things going on in a place like Microsoft.Then, all at once, something happened that completely reoriented Microsoft's stance. “What happened,” Benaloh says, “was 2016.”As the scope and fallout of Russia's meddling in the presidential election became clear, Microsoft had quietly initiated an elaborate fact-finding process, searching for anything it could do in elections that wouldn't clash with the company's business imperatives. In part, that may be because they know that what's free for them is also free for us—and for the next Dana DeBeauvoir who might come along to build a better voting machine. “The Fulton demonstration was the modern interpretation of STAR-Vote,” Wallach says. “STAR-Vote was not a failure,” he says, and DeBeauvoir's efforts hadn't been wasted. “If we get a significant use in 2022, 2024, and beyond—we're happy.” But this election makes it particularly easy to see the appeal of a voting system built for verification and trust.Of course, a complicated new homomorphically cryptographic reinvention of the franchise is not going to assuage this crisis of trust overnight. “They are fighting tooth and nail down to the last sick voter, trying to prevent people from voting by mail.” Requests for mail ballots have skyrocketed, and DeBeauvoir has been busy concocting ways to outmaneuver the obstacles to those votes. But just as quickly, her ardor returns: “I'm working on it.”As for STAR-Vote, DeBeauvoir seems content simply to know that her efforts were of use.

As said here by Wired