Saturday, May 17, 2014

"Barred" in several countries, top international media group questions reliability of EVM machines in India

An EVM tag found by AAP candidate Medha Patkar's workers on roadside
in Mumbai, about which she complained to the Election Commission
By Our Representative
World’s powerful online media chain “Huffington Post”, two days ahead of the Lok Sabha poll results, had said that the electronic voting machines (EVMs) in Indian polls could be easily manipulated. In an authoritative blog by Cleo Paskal, adjunct faculty, Manipal University, India, the HuffPost, as it is popularly called, said EVMs were unsuccessful in several countries of the world, including the Netherlands, Germany, and Ireland, after they were found to manipulate poll results. Interestingly, Paskal said, the exit polls had predicted Narendra Modi would win the polls, and “the only thing that might stand in his way is an electronic voting machine (EVM).”
What makes HuffPost’s concern especially important is, this is the first major attempt by anyone to bring to light what is wrong with the EVMs, at a time when all political parties in India have “accepted” it as foolproof. Paskal says, “The problems with EVM security have been widely known since the large-scale irregularities in Florida during the 2000 elections. Many countries have moved to get rid of them.”
The write says, “As Florida voters (and watchers of Scandal) know, often elections come down to just a few precincts in a few constituencies. Those wishing to swing an election need only manipulate a few well-chosen machines. Less than that if the goal is just to ensure specific people gain or maintain their seats.” She quotesto CIA cybersecurity expert Steve Stigall to say, “wherever the vote becomes an electron and touches a computer, that's an opportunity for a malicious actor potentially to . . . make bad things happen.”
According to Paskal’s blog, titled “How Secure Are India’s Elections?”, “In 2006 Dutch TV aired a documentary showing how easy it was to hack the EVMs that were about to be used in their general election. The machines were subsequently withdrawn and the Netherlands went back to paper ballots. Germany has declared EVMs unconstitutional. And, after spending close to $75 million on its EVMs, Ireland found them to be so insecure they literally scrapped them.”
Paskal further says, “In 2009, Steve Stigall, a CIA cybersecurity expert, told the U.S. Election Assistance Commission there were concerns over electronic vote-rigging in Venezuela, Macedonia and Ukraine. According to the McClatchy report on his testimony: '[Stigall] said that elections also could be manipulated when votes were cast, when ballots were moved or transmitted to central collection points, when official results were tabulated and when the totals were posted on the Internet.”
Coming to India, Paskal says, “Concerns about the Indian EVMs were raised during the 2009 election in part as a result of an astounding discovery on the Elections Commission of India (ECI) website. Dr Anupam Saraph, at the time Chief Information Officer for the city of Pune, and Prof MD Nalapat, Vice-Chair of the Manipal Advanced Research Group, discovered files on the ECI website that seemed to show election results days before votes were actually cast and counted.”
The writer says, “India's 2009 elections were held in 5 phases, running from April 16 to May 13. Counting was not supposed to begin until all the phases were complete. Before the voting started, Saraph and Nalapat decided to track the elections and create a wiki for constituencies and candidates, with data sourced from Excel files on the ECI website.
The ECI spreadsheets contained what you would expect: candidate's name, gender, address, party, etc. But, starting May 6, the spreadsheet changed and something unexpected was added.”
Paskal explains, “From May 6 onwards, the candidate's name was 'coded', based on their position on the EVM, and the number of 'votes polled' were added, even though voting had yet to take place in many constituencies and, even where voting had taken place, votes were yet to be counted. Even more confounding, the 'votes polled' numbers were adjusted in subsequent spreadsheets before the results were announced.”
“The team immediately alerted the National Informatics Centre (NIC) and the ECI that it looked like their website was posting results before voting had been completed. The NIC responded within an hour confirming the observation and itself alerting the ECI. There was no response from the ECI”, Paskal says.
“On May 16, the election results were declared. On that day the spreadsheet on the ECI website contained candidate's name, gender, address, party, etc. just like on April 16, but with no votes cast data at all -- making pre and post election comparison with the peculiar 'votes polled' numbers impossible”, Paskal points out.
“Subsequently”, the writer says, “a team of IT specialists, including J. Alex Halderman from the University of Michigan, Electronic Frontier Foundation's Pioneer Award winner Hari K. Prasad, and Dutch Internet pioneer Rop Gonggrijp, used an actual Indian EVM to demonstrate two ways it could be hacked.”
Pointing out that “only 8 of 543 constituencies in this election have a Vote Verifier Paper Audit Trail (VVPAT) system”, the HuffPost blog says, “There have already been reports of serious EVM malfunction, with two machines reportedly transferring all votes cast to Congress. This is apart from the separate issue of inaccurate voter lists, which saw at least hundreds of thousands of voters being disenfranchised, resulting in an apology from the Election Commission, but no re-vote.”
The blog says, “Whatever happens with this election, there is going to have to be a serious rethink about how the ECI, and elections, are run in India. Those who have the upper hand this time, may not be so lucky next time. Do they really want to open that box? There can't even be the whiff of impropriety. In a country that believes in democracy, EVM rigging isn't stealing an election, it's stealing the soul of a nation.”

No comments: