Thursday, June 18, 2009



Are electronic voting machines tamper-proof? Argues Dr. Subramanian Swamy

mrapsc Wed, Jun 17, 2009 at 11:41 PM

Are electronic voting machines tamper-proof? Subramanian Swamy No, argues the author, because each step in the life cycle of a voting machine involves different people gaining access to the machines, often installing new software. But there are many ways of preventing EVM fraud.

Is there a possibility of rigging electoral outcomes in a general election to the Lok Sabha? This question has arisen not only because of the unexpected number of seats won or lost by some parties in the recent contest. It is accentuated by the recent spate of articles published in reputed computer engineering journals and in the popular international press, which raise doubts about the integrity of Electronic Voting Machines (EVMs).

For example, the respected International Electrical & Electronics Engineering Journal (IEEE, May 2009, p.23) has published an article by two eminent professors of computer science, titled “Trustworthy Voting.” They conclude that although electronic voting machines do offer a myriad of benefits, these cannot be reaped unless nine suggested safeguards are put in place for protecting the integrity of the outcome. None of these nine safeguards, however, is in place in Indian EVMs. Hence, electronic voting machines in India today do not meet the standard of national integrity or safeguard the sanctity of our democracy.

Newsweek (issue of June 1, 2009) has published an interesting article by Evgeny Morozov, who points out that when Ireland embarked on an ambitious e-voting scheme in 2006, such as touch-screen voting machines, the innovation was widely welcomed. Three years and 51 million euros later, the government scrapped the entire initiative. What doomed the effort was a lack of people’s trust in the machines. Voters just didn’t like that the machines would record their votes as mere electronic blips, with no tangible record.

Mr. Morozov points out that, as most PC-users know, computers can be hacked. While we are not unwilling to accept this security risk in banking, shopping, and e-mailing (since the fraud is at the micro-level and of individual consequence, which in most cases is rectifiable), the ballot box is sacred. It needs to be perfectly safeguarded because of the monumental consequence of a rigged or faulty vote recording. It is of macro-significance, in the nature of an e-coup d’etat. At least that’s what voters across Europe seem to have said loud and clear.

Thus, a backlash against e-voting is brewing across the European continent. After nearly two years of deliberation, Germany’s Supreme Court ruled last March that e-voting was unconstitutional because the average citizen could not be expected to understand the exact steps involved in the recording and tallying of votes. Ulrich Wiesner, a software consultant who holds a Ph.D. in physics and who filed the initial lawsuit, said in an interview with the German magazine Der Spiegel that the Dutch Nedap machines used in Germany were even less secure than mobile phones!

In fact, the Dutch public-interest group ‘Wij Vertrouwen Stemcomputers Niet’ (‘We Do Not Trust Voting Machines’) produced a video showing how quickly the Nedap machines could be hacked without voters or election officials being aware (it took just five minutes). After the clip was broadcast on Dutch national television in October 2006, the Netherlands banned all electronic voting machines from use in elections.

Numerous electronic voting inconsistencies in developing countries, where governments are often all too eager to manipulate votes, have only fuelled the controversy. After Hugo Chavez won the 2004 election in Venezuela, it came out that the government owned 28 per cent of Bizta, the company that manufactured the voting machines. On the eve of the 2009 elections in India, I raised the issue at a press conference in Chennai, pointing out that a political party just before the elections had recruited those who had been convicted in the U.S. for hacking bank accounts on the Internet and credit cards.

In the U.S. too, there is a significant controversy on Elms. In fact, the Secretary of State of California has set up a full-fledged inquiry into EVMs, after staying all further use.

Why are the EVMs so vulnerable? Each step in the life cycle of a voting machine — from the time it is developed and installed to when the votes are recorded and the data transferred to a central repository for tallying — involves different people gaining access to the machines, often installing new software. It wouldn’t be hard for, say, an election official to paint a parallel programme under another password on one or many voting machines that would, before voters arrived at the poll stations, ensure a pre-determined outcome.

The Election Commission of India has known of these dangers since 2000. Dr M. S. Gill, the then CEC, had arranged at my initiative for Professor Sanjay Sarma, the father of RFID software fame at the Massachusetts Institute of Technology (MIT), and his wife Dr Gitanjali Swamy of Harvard, to demonstrate how unsafeguarded the chips in EVMs were. Some changes in procedure were made subsequently by the EC. But the fundamental flaws, which made them compliant to hacking, remained.

In 2004, the Supreme Court’s First Bench, comprising Chief Justice V. N. Khare and Justices Babu and Kapadia, directed the Election Commission to consider the technical flaws in EVMs put forward by Satinath Choudhary, a U.S.-based software engineer, in a PIL. But the EC has failed to consider his representation.

There are many ways to prevent EVM fraud. One way to reduce the risk of fraud is to have machines print a paper record of each vote, which voters could then deposit into a conventional ballot box. While this procedure will ensure that each vote can be verified, using paper ballots defeats the purpose of electronic voting in the first place. Using two machines produced by different manufacturers decreases the risk of a security compromise, but doesn’t eliminate it.

A better way, it is argued in the IEEE article I have cited, is to expose the software behind electronic voting machines to public scrutiny. The root problem of popular electronic machines is that the computer programmes that run them are usually closely held trade secrets (it doesn’t help that the software often runs on the Microsoft Windows operating system, which is not the world’s most secure). Having the software closely examined and tested by experts not affiliated with the company would make it easier to close technical loopholes that hackers can exploit. Experience with web servers has shown that opening software to public scrutiny can uncover potential security breaches.

However, as the Newsweek article points out, the electronic voting machine industry argues that openness will hurt the competitive position of the current market leaders. A report released in April by the Election Technology Council, a U.S. trade association, says that disclosing information on known vulnerabilities might help would-be attackers more than those who would defend against such attacks. Some computer scientists have proposed that computer codes should be disclosed to a limited group of certified experts. Making such disclosure mandatory for all electronic voting machines will be a good first step for preventing vote fraud. It will also be consistent with openness in the electoral process.

Now several High Courts are hearing PILs on the EVMs. This is good news. I believe the time has arrived for the Supreme Court to transfer these cases to itself, and take a long, hard look at these riggable machines that favour a ruling party that can ensure a pliant Election Commission.

Else, elections will soon lose their credibility and the demise of democracy will be near. Hence evidence must now be collected by all political parties to determine the number of constituencies in which they suspect rigging. The number will not exceed 75, in my opinion. We can identify them as follows: any 2009 general election result in which the main losing candidate of a recognised party found that more than 10 per cent of the polling booths showed fewer than five votes per booth should be taken, prima facie, as a constituency in which rigging took place. This is because the main recognised parties usually have more than five party workers per booth, and hence with their families will poll a minimum of 25 votes per booth for their party candidate. If these 25 voters can give affidavits affirming who they voted for, the High Court can treat this as evidence and order a full inquiry.

(The writer is a former Union Law Minister.)



At 8:12 PM, Anonymous Anonymous said...

Dear Sir,
after having read mr. swami's very informative blogg on how EVM can be rigged, i have a few a few points to make, especially to him.
1.sir you have painstakingy collected the various relevant information on the subject to prove your point as to how and whether EVM can be mnipulated.i congrajulate you for your efforts.
these efforts should come from the main losing party the BJP, whose leaders are today busy in running each other down and putting the blame of the defeat (in the lok-sabha elections) on each other, rather than going for a thorough and a logical analysis and ground survey of their poll debacle. Had they done the analysis, the would be thinking on your lines.
2.Now you having shown as to how to collect the evidence and approach the court, it is for them to swing into action. If they do not, DEFEAT is what they deserve with or without tampered EVMs.

At 1:06 AM, Blogger Unknown said...

This comment has been removed by the author.

At 1:09 AM, Blogger Unknown said...

Your blog article is nicely described and very informative. Yes I agree with your point in which you have shared authentic description.

Election Ink Manufacturer | Electronic Voting Machine Manufacturer


Post a Comment

<< Home