Few people — the security expert Rebecca Mercuri being the notable exception — thought much about the mechanics of voting before the Bush-versus-Gore presidential election in 2000. A few weeks of watching diligent poll workers holding up ballots to look for hanging chads changed all that. The timing — coincidental with both the rise of the internet and the dot-com bust — suddenly put voting technology on everyone’s agenda. … A number of earlier books have examined computer-based voting and concluded that it’s a supremely bad idea. Primarily, these have focused on explaining the basic security issues and the contemporary context for the popular market. In Broken Ballots: Will Your Vote Count?, Douglas W. Jones, a computer scientist at the University of Iowa, and Barbara Simons, a retired IBM research scientist and former president of the Association for Computing Machinery, have written the book that’s really needed: a comprehensive historical and technical account of just why it’s dangerous to place the control of our democracy in the hands of a few technology vendors. It doesn’t make for exactly light reading, and it’s definitely a US-centric account, but as a worked example of the interactions among technology, policy and security it can’t be beaten.
Most of the details of how voting is managed now are in response to some previous fraud. The US’s love for anonymous voting, for example — which complicates the technology enormously — is to ensure that votes can’t be bought or bullied. Those shots of hanging chads might have worked to convince people of the importance of the ability to audit elections. Instead, coupled with HAVA, they inspired a fundamental controversy over voting system design: should the machines produce printed paper ballots that voters could verify and that could be recounted? In a curious twist, voter-verified ballots became the subject of protests from disability activists, who argued that paper-based verification discriminated against the blind.
Full Article: Book review: Broken Ballots | ZDNet.