current affairs

Norwegian Greens: Excluded from public TV

From Jarle Fagerheim:

Dear Green friends,

We’re having a general election in Norway on September 14, and the Green
party is doing better than ever. Our membership has more than tripled
since last time (2005), the number of visitors to our website is
skyrocketing, and a marvellous team of 8 people are now working
round-the-clock at the Oslo office (last year at this time, it was me

The last major hurdle to a Green breakthrough is getting coverage on
national television. The National Broadcasting Corporation has decided
to exclude us completely, there is no such thing as “party political
broadcasts”, paid TV adverts are prohibited by law. Our Minister of
Church and Culture Affairs, Trond Giske, earlier this year promised that
even the non-parliamentary parties were to be given a minimum of
coverage on public television during the campaign. Well, the campaign is
now in its final stages, and nothing is happening.

So I kindly ask you to visit and send a
message to Minister Giske urging him to take action. If we can
demonstrate a substantial amount of support from fellow Greens all over
the world, we might be able to get some very good media coverage during
these last three weeks of campaigning.

Please forward this as widely as possible!

Jarle Fagerheim
head of office
Green Party of Norway


Problems with the 2009 European Election Count

Errors displayed at the Southampton 2009 Euro count

This post is long overdue, I apologise, by-election campaigns and such like got in the way.

On Sunday June 7th the count for the South East region of the European Parliamentary elections was conducted at St Mary’s stadium, Southampton. In attendance were lots of media as well as candidates, agents and activists along with significant others.

I went along with my wife as one of the Green Party’s candidates and proceeded to experience a very long night with very little information and lots of frustration. What had to happen was for each local authority in the region to count its ballots and submit the results to the Southampton HQ. A few areas were delayed by recounts, mismatched ballot accounts (i.e. ballots lost or in the wrong pile) but there were clearly technical issues in Southampton also delaying matters.

I had learnt a few weeks earlier that the results from local authorities were to be transmitted to Southampton via a ‘secure website’. In essence, as I understand it because I never saw the system or any detailed specifications, returning officers would type the results (twice to verify) into an SSL form which was then emailed to Southampton and also stored in a database. I copy below the full response I received about my enquiries from the Regional Returning Officer Mark Heath.

I had concerns about this setup, what checks were being done and so on. So I ensured local Green agents texted us their results so we could check them against what the system claimed. I felt the returning officers should be collecting out-of-channel verification too via fax or telephone, but they weren’t interested in that idea — too quick and happy to trust the technology sadly.

On the night I saw the technology staffers and returning officer team looking tensely at a couple of computers. No surprise when all the informational displays were showing server errors, exceptions and so on. This left many unhappy candidates and agents who were quick to query the sense of these systems with the returning officer. How I wish they would remember these feelings in the weeks after… every election I observe with technology their are howlings about the problems on the night but a week later most are too busy celebrating their wins or analysising their losses to make the case about how the election was run.

Let’s run through the problems we had with the informational screens:

  • They crashed regularly, especially earlier in the night;
  • The colour coding was confusing as reds, greens, yellows were used in a non-political sense to inform what status various local counts had;
  • They were often difficult to read with too small text or windows not at full size;
  • The updates scrolled by so fast it was impossible to do much than see the top party on the first pass.

You can see the full range of problems screens on Flickr.

It’s worth noting that while they would have been detected in the end, someone could have caused chaos and mayhem by manipulating this results system either just the display (which was basically a webpage on a projector) or the tabulation/counting of results themselves. Given those possibilities I was concerned that the Electoral Commission had not had a role checking this software and that fairly serious failures were happening on the night.

I’m a technologist. I spend all day with computers, programming them, using them, talking about them. I remain deeply concerned by the use of technology in elections especially when it is done without the proper rigour of testing and certification. Things can and do go wrong, especially for high pressure events like elections.

I don’t think we would have been any worse off if in Southampton a fax had been received from every count with the results which was manually checked against the online results. These could have been tabulated in a public way the way ballots are checked. We have to be more cautious before jumping both feet first into a computer-only solution.

Responses from Regional Returning Officer to my queries prior to election day:

The system is secure, and has been fully tested already which has shown it to work fully  -and indeed without the potential errors that a system that requires data to be managed via Phone / FAX & re-inputted on several occasions – but I will let you know chapter & verse shortly. Thanks.

UPDATE: Adrian Windisch, Chair of Reading Green Party, writes to say Thanet Borough Council’s website reported 6,001 Green votes, but the South East region count recorded 3,001 votes. This was later corrected on the Thanet website following Adrian’s enquiries. Which goes to show these things do need checking!

On your question, the suppliers have advised us that:

“The European Regional Returning Officers Managements System (ERROMS) application along with the application databases reside on high powered servers within defined security level segments.

All hardware devices within ERS’ live hosting environment are duplicated to facilitate a highly redundant and resilient network. Market leading security appliances at the perimeter provide rich stateful inspection of traffic flows protecting the web servers from malicious activity. A further layer of security has been added to the servers using Anti-Reconnaissance software. The web servers are load balanced to enhance performance, should one of the servers fail the other will automatically service the entire load until the offending device is returned back to its functioning state. The database servers are hosted within an isolated network forcing database requests to be inspected by the firewall a second time. All databases using live replication software are replicated to a secondary offsite server which provides redundancy and disaster recovery.

Databases are further protected with database level passwords and access-granting security features. Intrusion Detection and Prevention Systems detect suspected efforts at server intrusion. A 24×7 automated monitoring system using specially designed intrusion detection parameters detects and blocks attempts at security breaches. The system logs all intrusion attempts, and these logs can be preserved to aid in prosecution of attackers, should such action be warranted.

All servers have been hardened to remove any non-essential code and are subject to strict operating system security such as permissions and password access. The hosting network and Web Applications are scanned weekly to ensure our web sites, servers, and internet-connected devices are free of known vulnerabilities. It also determines whether our site passes the SANS Top 20 Internet Security Vulnerabilities list as defined by SANS, the FBI and FedCIRC.”

The key elements to reduce error include;
• Initial entry of  results are submitted twice to reduce keying errors and are only accepted when both sets of results match.
• Additionally, submitted data is emailed to provide an electronic paper trail that can be used for confirmation of data submitted by both the RRO and LRO’s
• Declaration of Local Results is generated from the system with results authorised by the RRO and can be checked by the LRO’s against local records to ensure that the submitted values are correct.

Effectively this means the submitted results by the LRO are checked 3 times before local declaration and will help eliminate the transposing of figurers received via phone/fax which has been experienced before.
There are now 6 regions using this. We wouldn’t be doing it unless we were satisfied that it was secure. The risk of transposing figures data is one of the reasons for moving away from the phone/  fax route, although that remains available as a contingency / fall back option.


The complexity of e-voting

It’€™s well known that I’€™m opposed to the introduction of e-voting and e-counting in the UK. This is fundamentally because the technology of today cannot deliver on the unique requirements of democratic elections. Elections require secrecy, accuracy, anonyminity and verifiability. This is an incredibly difficult combination of requirements to meet. Banks or online shops don’€™t meet all the requirements – while others may not know what you bought (secrecy) unlike voting your identity is known to the bank or vendor (anonyminity) so that they can deliver their services and check if you are a fraudster. By checking your bank statements you have an element of verifiability not available in voting.

While many very clever people are working hard on a variety of cryptographic solutions to these problem, I think they miss the point. I’m not saying that their work isn’€™t interesting or clever. It€’s just that their proposals are usually very complicated and hard to administer. The result is that they suffer from a lack of transparency as voters and candidates struggle to understand what is going on. Recent demonstrations of promising cryptographic election methods descended into farce when the inventors couldn’€™t administer their mock elections due to the complexity of the procedures.
I just can’t see any pressing, convincing reasons to be spending large sums of money and introducing new levels of risk to our voting systems by making them electronic. There are bigger, more important challanges such as climate change or caring for our aging population.

A hundred years from now there may well be a technology or a theoretical breakthrough which makes it trivial to implement e-voting that conforms to the requirements of secrecy, accuracy, anonyminity and verifiability. I can’€™t see such developments on the horizon, but I can’€™t rule them out. I very much doubt I’€™ll still be here in a century, but I rather do hope we’€™ll have been wise enough to focus our brightest on more pressing issues than just making our votes electronic.

(Cross-posted from Our Kingdom)