Hi and welcome back to securing digital democracy. I'm Jay Alex Halderman. In the last lecture, we went through some of the evolution of voting technologies from the beginning of democracy in the United State all, all the way into the twentieth century. And our focus was, was on the security features and problems with the each Lets just quickly review some of those technologies we looked at. First there was voice polling. The voter would just announce how they wanted to vote and this provided pretty good integrity properties because every one around could just maintain their own separate totals but it almost entirely lacked any kind of voter privacy. So voters could be intimidated or coerced into voting a certain way or they coud very easily sell their votes. In response to those problems, we saw the introduction of the secret ballot. And, the, the ballot initially was just a piece of paper where people could write their choices. This provided some amount of privacy but it, it was still fairly weak in terms of overall ballot secrecy because parties learned they could just introduce colored paper ballots and easily see how a voter would vote. It also had integrity properties because there were ways to stuff the ballot box, there were ways to just if you had dishonest counters to announce whatever results you wanted. After that came the Australian secret ballot. This idea that the state would print up ballot papers for everybody to fill out that would all look almost identical. And voter's would get to vote from the privacy of a ballot booth. This was another step forward in terms of the secret ballot, in terms of protecting voters privacy from coercion and intimidation. But there were still concerns that if the people counting the votes were dishonest, the election results would have no integrity. After that, inventors devised new technology for the polling place. Machines like this, lever voting machines. These machines rolled up a total on a, a set of gears and counters providing what people at the time thought to be an impartial record of the vote. Unfortunately, these machines could break, or they could be sabotaged in ways that would add votes or, or subtract votes from a particular candidate. So they also were not a perfect solution to the problem of voting. Finally, we saw the introduction of punch cards, the mid-20th century new technology. And punch cards, once again, seemed like an improvement on the idea of the paper ballot. But they turned out to have some disastrous usability problems that were most famously noted in the 2000 presidential election in Florida. So we can see that every era seems to introduce it's own new voting technology that's promised to be the solution to the previous problems. But, in every case also we see new problems being introduced. Before we move on to the latest kinds of voting machines, I I'd like to, to step back a little bit and think about the different kinds of fraud that these technologies have to be designed to fight against. One kind of fraud is the retail attack. This is an attack on individual voters or their ballots. This is distinguished from what we'd call a wholesale attack. An attack on the counting process, that tries to change a large number of votes at once. This retail, wholesale distinction makes the difference between many of the, the kinds of attacks that we're going to talk about. The other distinction I'd like to note is between insider attacks and outsider attacks. So, insiders have some official role in the system. Whether they're the people who are designing and building the technology or the people who are operating the election. Outsiders are the rest of us. The public. People who do not have any kind of an official role. Insiders and outsiders are important an important distinction to draw because insiders have particular privileges in any kind of process like this. They have a special access to things. Attacks by election insiders are, are a serious concern for that reason. Now while again, I think that most election officials are absolutely honest and upright. But the threat remains that some dishonest election officials might abuse their power, and that's what an insider attach consists of. So if we think about different kinds of attacks we might face on these two axis retail, wholesale, outsider, insider, we can place some of the problems we have already seen into these categories. For instance, the chain voting scenario that we saw in the previous lecture. This is a kind of retail attack trying to change individual votes and its conducted by outsiders. To give another example think back to boss Tweed and his corrupt collaborators working in the election counting process. This is an example of an insider attack that's trying to change the election in a wholesale manner since they can just announce whatever counting result they want. So in the rest of today's lecture, we are going to be concentrating on two new kinds of voting technology and both of these rose to prominence in the last quarter of the twentieth century. One of these technologies is DRE voting, this is voting on computer devices that directly add up and total the votes. The other is optical scan. Optical scan voting involves us filling out a paper ballot, and then having a computer read that ballot and produce the election totals. Dre and optical scan voting both mark a significant departure from the kinds of election technology we've seen thus far. Because both of these kinds of voting systems fundamentally depend on computers and especially on, on computers at the polling place. Now, everyone here is watching the course on a computer. And I'm, I'm sure just about every one of you has some sense for how things can go wrong from time to time with computers. We're going to probe some of the problems that happen when you bring computers into the election process in the remainder of today's lecture. I'd also like to remind you to please keep up with the reading in Broken Ballots. We're going to post the chapters to read for this and all the other weeks on the course website.
