
Fearful of Hacking, Dutch Will Count Ballots by Hand - wslh
https://www.nytimes.com/2017/02/01/world/europe/netherlands-hacking-concerns-hand-count-ballots.html
======
wila
This is due to a Dutch ethical hacker (Sijmen Ruwhof) investigating the way
that our elections work. He had posted a great research document [0] that
showed how bad our current system was. Two days later, we're back to paper.

Thanks Sijmen :)

[0] [https://sijmen.ruwhof.net/weblog/1166-how-to-hack-the-
upcomi...](https://sijmen.ruwhof.net/weblog/1166-how-to-hack-the-upcoming-
dutch-elections)

~~~
mladenkovacevic
Why does everyone think that hacking the DNC amounted to "hacking the
election".

Did anyone complain when Iceland PM resigned as a result of the Panama Papers
leak and the large-scale protests that ensued? You wouldn't say that that
somebody hacked Iceland's democracy. The truth came out and whatever happened
was a natural result of that.

~~~
vkou
> You wouldn't say that that somebody hacked Iceland's democracy.

No, you wouldn't. The wailing and gnashing of teeth over the DNC hacks are all
because the Democratic leadership is unwilling to accept responsibility for
putting forward a bad candidate. Better blame the Russians, instead! If only
the public didn't know the truth, we would have won!

~~~
mattnewton
You aren't wrong about the Democratic Party putting forth a weak candidate,
but it is concerning that there weren't similar actions on the other side. The
attacks were targeting a specific party alone and seem to be motivated by
foreign geopolitical interests, not in the American public's interest.

There is a reason we want equal time laws for example, because if I constantly
hear one side of the argument, it doesn't matter how true those arguments are,
I will come to biased conclusions.

~~~
vkou
If the press digs up dirt on a candidate, should they not publish it until
they dig up some dirt on their opponent? What if it's a foreign newspaper?
Should Deep Throat's leaks not been published, because they would influence
the election? What if he were a card-holding Democrat? What if he were a
reptilian agent?

I hate Trump as much as the next person, but there was no shortage of actual
dirt that was dug up on him. There was no democratic outrage over the source
of his comments about grabbing people's genitals... Or that one page of his
tax return.

~~~
rhcom2
The press "digging up dirt" is surely different than the illegal hacking and
wholesale release of all private email correspondence. Deep Throat provided
info on the current President's illegal actions to a journalist, not just
"dirt".

Even if we accept that it is better to know the info in the DNC leaks, it is
still a big problem if a foreign government can wield its influence so easily
through illegal computer intrusions. At least to me.

~~~
vkou
Leaking the Trump tax return was illegal. There was nothing illegal in the tax
return. The Snowden leaks were quite probably illegal. Many of the things he
leaked were not illegal. (Since this will never go to trial, we'll probably
never know.) Should the press only report on legally-sourced information? They
aren't a jury.

Good news for us, though - both illegal leaks, and illegal hacks are illegal.
We already have a mechanism to deal with bad behaviour in this space.

~~~
EdHominem
> The Snowden leaks were quite probably illegal.

Not at all. It was _required_ behavior. Until the government enacts a useful
whistleblowing program someone who witnesses criminal actions has literally no
legal choice but to leak. Ignoring it and hoping it goes away is the illegal
option.

I want my institutions to be fixable from inside but when they aren't, I
simply want them fixed.

Re Downvoter - I understand that you're upset but lashing out, especially
against the truth, doesn't help.

~~~
mixedCase
It _was_ illegal. Which does not stop it from being moral.

~~~
EdHominem
No, it was legal because it was a requirement which overrode all lesser
orders.

No law can compel you to break the law, or cover up abuses of it.

~~~
mixedCase
The way he went about it _was_ (and is) illegal. The legal way would have
gotten him nowhere, though.

~~~
EdHominem
That's not true though. No law can override your _requirement_ to report a
crime. If one does, it obviously isn't valid.

He had every reason to think this was the minimum he had to do. Which has been
shown to be true.

------
kordless
I live in Contra Costa County, California. When my wife and I went to vote
during the election, my wife's name "had a problem". A lady came out with a
binder to compare to the roll where people sign before grabbing their forms. I
got my forms, but my wife was told she had to take an absentee ballot because
her name was not in the binder, but was on the roll list. Her name was
highlighted in the list on the roll that I signed, just above my name. My name
was not highlighted and I was allowed to sign the roll and then get my ballot
to vote. I only saw a few pages of the roll, but there were at least three
people highlighted on the two pages that were open to signing. The other pages
definitely had highlighted entries and my comment to my wife was something
along the lines of "why is a substantial number of people highlighted?" when
we first walked up.

After a bit of back and forth, someone in charge agreed to let her vote given
she was in the roll book, which is the "truth" of who can vote and who cannot.
One lady was still somewhat insistent she be given an absentee ballot. I'm
still wondering about it today given all the claims around "hacking".

~~~
DrScump
But an "absentee" ballot and a conventional paper ballot are processed the
same.

Could you instead mean to say a _provisional_ ballot?

------
Jraf
In France we count all ballots by hand.

As every ballot station count only his ballots, it's quick.

For a presidential election, maybe 30 minutes.

The counting is done by the citizens, so no (easy) frauds are possible.

All ballots are visible, the process is transparent, no suspicion.

I personally think that a 30min delay to get the election results is worth the
wait.

~~~
kordless
How are the results transmitted and tabulated by hand?

~~~
mantas
Not the OP, but my country runs a similar system. Each election station counts
the ballots by hand. Anyone can signup for counting and/or watch the counting.
It's mostly reps from all participating parties. Sometimes few independent
citizens show up as well. After all people in the station agree on their total
count (they can recount if needed), they phone in their numbers to the central
station.

Raw numbers of each station are available publicly. The people who did the
counting can check if their numbers were transmitted correctly. Parties
usually have preliminary results from their people at stations way before the
centralised system processes & publicises them. They'd easily spot any issues.
Paper ballots are stored in secured bags and can be recounted if there is a
need.

------
kome
I participated in the experimental deployment of digital ballot box in a rich
north Italian region, during regional elections.

The system worked, and worked well. But overall, it was a failure. Putting the
digital in something as simple as voting, just increase the risks at all
levels: security, deployment, rechecking, etc.

Pen and paper it's just so much better: simple, cost-effective, safe and
understandable by anyone.

~~~
bmj
I develop software and devices used for data collection during clinical drug
trials, and our single biggest "competitor" is the old paper diary. Despite
evidence showing that electronic data collection for certain types of trials
provides better data, people just don't "trust" anything but pen and paper
(never mind the fact that patients could sit in their cars before an
appointment and fill in a month's worth of data by just "remembering" how they
felt two weeks ago, or how much of a particular medication they took).

~~~
detaro
> _people just don 't "trust" anything but pen and paper_

Who is people here? Participants, scientists, people in other roles?

~~~
bmj
Typically sponsors, or clinical research organizations. Sometimes
investigators themselves, but that will only affect us if they have the ear of
the sponsor.

------
pepve
The article confuses two things. First there is voting by paper ballot and
manually counting them. We have been doing that for about nine years now.
Second is aggregating the votes from all the polling stations, this used to be
done with software, but with this decision it will be done manually. The
immediate reason for this is an investigation into the security of that
software which concluded that it was not safe, and the resulting media
attention.

It is yet unclear what "manual aggregation" exactly means. Electronic
calculators and Excel were suggested.

~~~
mulmen
Excel would be a terrifying proposition. Much like you should assume the
network is always compromised you should also assume the spreadsheet is always
broken.

------
stretchwithme
We only every needed technology to make sure ballots get encoded correctly.

We could do that with open source software, commodity PCs and card punch
machines and readers.

Then validating that your choices were encoded correctly would be easier. So
would counting.

You could count at the voting location to get fast results and recount once
the ballots arrive at the central office to confirm that the reported count
was correct.

You could keep the initial counts at the polling place. Then later compare
those numbers with the second count's to confirm that nothing happened to the
ballots.

You also should have a unique number on each ballot that you can later use to
look up how your ballot was recorded.

None of this should require advanced technology, new inventions or secrecy.

~~~
cynwoody
>You also should have a unique number on each ballot that you can later use to
look up how your ballot was recorded.

The standard objection to such a practice is that it facilitates vote buying /
selling / coercion by giving the voter a means of proving how he voted.

However, I think it's a good idea nonetheless. All the ballots, randomly
numbered, should go into a file available for download. That way, anyone can
count them, and any voter can verify that his particular ballot was recorded
correctly.

~~~
stretchwithme
Good points all.

People could use their phone to record the entire time they are in the booth.

------
gumby
At least they interviewed a computer scientist. I was amazed in 2001 and have
continued to be amazed at "civilians'" (i.e. those not in the industry) faith
in all things electronic.

I remember this also from when I was on the school board. The parents and the
administration were eager to augment the young kids' curriculum with
"technology skills" \-- by which they meant Word and Powerpoint. The only
opposition was from board members and parents in the computing industry.

Of course now my teenager doesn't even use those tools and had to learn actual
technical skills on his own. None of those kids learned anything about what a
computer is, or even what "technology" is.

------
gunnihinn
Some more context: [https://sijmen.ruwhof.net/weblog/1166-how-to-hack-the-
upcomi...](https://sijmen.ruwhof.net/weblog/1166-how-to-hack-the-upcoming-
dutch-elections)

------
derefr
There are options beyond "hand counting" and "computer software."

IBM was founded, way back when, on what were basically electrical (but not
electronic!) census-punch-card-tabulating machines. One could use a similar,
or slightly improved, design just as easily, along with correspondent
electrical "polling machines" that are essentially a grid of buttons hooked up
to pre-patterned card punches.

The whole design could be done by one or two electrical + mechanical engineers
in a couple of days (based on previous designs whose patents have long
expired) and then given months of testing.

~~~
kens
Note that you're reinventing the Votomatic voting machine [1] which is used to
punch holes in a standard-sized IBM punched card. It was invented in 1963 and
has been used in multiple US elections.

I like IBM punched card equipment as much as anyone [2], but I feel obligated
to point out that punched-card voting led to big problems in the 2000 election
when ballots in Florida had "hanging chad" and the election ended up being
decided by the Supreme Court. (I wonder what fraction of HN readers remember
this, and what fraction consider this ancient history.)

[1]
[http://americanhistory.si.edu/vote/resources_votomatic.html](http://americanhistory.si.edu/vote/resources_votomatic.html)

[2] [http://www.righto.com/2016/05/inside-card-
sorters-1920s-data...](http://www.righto.com/2016/05/inside-card-
sorters-1920s-data.html)

~~~
DrScump

      ballots in Florida had "hanging chad"
    

To clarify, those were not machine punched, they were pre- _perforated_ with
the appropriate hole to be punched _by the user_ , using a stylus, via a
printed template that contained the card (holes not referenced directly).

We still use the same mechanism in Silicon Valley, sad to say.

------
secfirstmd
This is total, total aside. But having been in vote counting centres for hours
on end during elections here in Ireland. You really feel the democratic
process (also how badly educated some people are about how to fill out
something basic like a ballot). A shift to digital methods would really change
that, and it's something I will miss. Sometimes, tradition, like Prime
Ministers Question time in the UK, is something that has important effects
worth keeping. You really see the democracy in action!

------
John23832
Learning from the mistakes of others is a good thing.

Though counting by hand has it's own issues ( _waves at Florida_ )

~~~
vkou
The problem in Florida was not hand-counting - but rather, an absolutely
insane (One could almost say 'deliberately sabotaged.') ballot design.

------
redether
Can someone eli5 how an entire country that includes (big-fat assumption here)
n > 0 computer scientist(s) is "fearful of hacking."

Are we really at this point giving up on technology and becoming luddites?

~~~
John23832
A couple things.

1) Not all computer scientist are security experts.

2) The security experts came to the conclusion that hardening the system to
the point where you could depend on its integrity (and the system still be
widely usable) wasn't feasible.

3) Making one process manual in order to protect the outcome != giving up on
technology and becoming a luddite.

