Why you can never totally trust electronic voting. I'm a CS major, I'm not some luddite who's afraid of technology.
Please read
this. If it's confusing just skip down to the "Moral" section.
I'd like to take a step back and explain how exactly a computer program is made.
Computers do not understand English like we do, they speak in electricity and know two "words": on, and off. To let a computer know what we want it to do, we must translate our instructions from English into strings of 0s and 1s, this result is called machine readable code. The way this happens is we write out exactly what we want the computer to do as explicitly as possible. This is called the "source code." This source code is then fed into a program, called a compiler, which translates the source code into the strings of 0s and 1s that a computer uses to know what we want it to do.
The compiler is not hand written in 0s and 1s by programmers, this would be madness. It has itself been compiled from source code into machine readable code. Remember Issac Newton's famous saying that he "stood on the shoulders of giants"? This is exactly how compilers are made. Each compiler is an incrimental evolution using the previous version to create itself.
There is no realistic way to convert machine code back into English. Once it's converted into machine code you cannot know what it was before, it's simply too complicated.
Many of you I'm sure have heard of "backdoors." These are passwords, logins, etc, which allow you to gain access to programs through other than normal means. Sometimes this is a good thing. Accidently set a password in the BIOS which prevents you from changing something? Enter the backdoor password and you're good to go. However backdoors are usually used for less than noble purposes. A disgruntled employee can regain access to a corporate network to load porn (thankfully Ashcroft will be ridding us of porn here soon) onto his boss's computer. Want to change your bank account? Use the backdoor password and you can.
Let's go back to compilers and the creation of machine readable code. Imagine this scenario: you have the source code to the compiler, you want to give yourself backdoor access so you can muck around. All you need to do is add some code to the source code of the compiler which goes something like this:
function LetMeIn(){
if user == Cracker
then grantAccessToCracker();
}
function InsertCrack(){
add InsertCrack() to machine readable code;
add LetMeIn() to machine readable code;
}
Now you compile the compiler source code to make a new version of the compiler. This new compiler now has the code to let the cracker into any program which is compiled with the new version of the compiler. Now delete function LetMeIn() and function InsertCrack() from the compiler source code.
Still with me?
Now we have a compiler which will insert code to allow the cracker access to any new program. New versions of the compiler will keep this "feature" of adding in a backdoor for the cracker. You cannot audit the compiler's machine readable code to see if either InsertCrack() or LetMeIn() exist, it's too hard to read the strings of 0s and 1s. Sense a problem?
This means simply having access to the source code of ballot counting software is not enough. You don't know if anything malicious was inserted into the program by the compiler.
Does this mean we shouldn't have electronic voting? I don't know. But it's something to keep in mind. Humans are also not perfect, ballots can be stuffed, Chicago and Kennedy, Spain and Franco.
Now it's time to preach to the choir, not the liar choir of which Rice is the current soloist, but you the kos choir. Having printed receipts placed into a box might be one solution to this. This "syngery" of old fashioned voting and modern fast counting would give us a "best of both breeds" solution. It would allow recounts in close races and it would give the media their fast results.
However, let's talk about the receipt a bit.
Do you prevent the voter from leaving the polling place unless they have placed their receipt into the box? How do you know they are placing their receipt and not something resembling it into the box? After all we don't want people to sell their votes. Holographic receipts which allow the precinct workers to know the receipt is being placed in the box without actually being able to see the vote? These might help though I have no idea how expensive holograms are. There has to be someway to prevent people from leaving the polling place with their actual receipt. Using simple paper ballots prevents this since their vote isn't counted unless the ballot is placed into the box whereas with computer voting their vote is in the computer and only if there is a recount would their vote not be counted.
If you've kept attention this long I salute you, I ramble too much.