The Indian Electronic Voting Machines
It looks like my broadcast on Indian EVMs wasn’t enough. Via The Acorn’s twitter feed, I discovered that Rajeev Srinivasan has made the integrity of EVMs an issue. Here are the relevant paragraphs:
There is, of course, the possibility that the average voter did not in fact fall for the UPA’s charms, and that this election was subject to massive fraud. I am talking about Electronic Voting Machines (EVMs). Having spent many years in the high-tech world, I do not trust computers, especially embedded systems. Researchers in the US have shown how easy it is to break into EVMs, which is why they have not adopted them. They have realised how important it is to have a paper audit trail, hanging chads and all.
It would not be extraordinarily difficult to install a programme with a Trojan Horse in it. To outward appearances and to ordinary testing, the programme would appear normal. However, when it is fed a sequence of keystrokes by the agent of the party committing the fraud, the Trojan Horse wakes up, and then, regardless of what buttons the voter actually presses, it can assign a certain (non-suspicious-looking) percentage (not 90% but, say 45%) to the preferred party. The Trojan Horse can even be programmed to quietly delete itself when the voting is over. Nobody would know any better, as there is no paper trail.
Let me emphasise that I do not have any evidence that this happened in 2009, but it is worth investigating. There were too many surprising — almost miraculous — victories by certain candidates whom the casual observer would have written off. By Occam’s Razor, the simplest explanation is fraud. I would like to note in passing that in 2004, expecting the NDA to commit fraud, an Indian Communist in the US had prepared a suit alleging EVM fraud. Therefore it is clear that the thought has occurred to various people that there could be EVM fraud. [Rediff]
Firstly, let us do away with the stuff about Occam’s Razor and that the “thought has occurred to various people” and that some NRIs had “prepared a suit”. None of these things are relevant. Occam’s Razor is not an infallible law (just read at its Wikipedia entry, okay). There are plenty of phenomena where the simplest explanation is just plain bullshit. There are plenty of thoughts that occur to plenty of people, and those are also crap (OMG! NASA faked the moon landing). And for the very same reason, someone “preparing” a legal suit (leave alone actually filing it) is also no proof of the legitimacy of a claim (e.g. legal challenges to the Large Hadron Collider).
Now, we can come to the meat of the issue. Before I discuss it any further, I want you to read up a bit. The links were all cited in my previous post on the “issue”, but here they are again to get you up to speed on technical and other issues involved:
- Election Commission of India – FAQ on EVMs
- Slate – India has electronic voting; why can’t the US?
- Bharat Electronics Ltd. – Product Brochures (including some technical details)
- Rediff article on EVMs in 1999 (BJP’s highest-ever seat tally came in that election)
- Scribd – Prof. Indiresan Committee’s Report on Technical Evaluation of EVMs
Please note that some degree of comfort with technology is essential to understand this topic. Else, you’ll just fall for crappy logic like “it is electronic, so it must be hackable”. I am not going to rehash everything written in those articles and documents, but will restrict myself to answering some common questions that have been raised (will update this post, if required).
“Researchers in the US have shown how easy it is to break into EVMs, which is why they have not adopted them. They have realised how important it is to have a paper audit trail, hanging chads and all.”
This has already been answered in my previous post, and the links cited above should take care of this. If not, you should read this fairly detailed comparison of Indian EVMs against the American ones. There is no real parallel between the two situations, and it pains me to see a widely-read columnist raise this false flag.
As an aside, a “paper audit trail” for individual votes in India will, ironically, make the election less free and fair. Why? As of now, many voters screw several parties by accepting their freebies and then voting for whoever they want. So, paying someone 500 bucks does not guarantee that he will vote for you. But with an American-style paper-based confirmation of who you’ve voted for, the political “vote marshals” will simply ask the voter to show them his “receipt” before shelling out whatever price they are paying for his vote.
[Updated to add: Please see comment by Amit below for a clarification on the American process. I misinterpreted the paper audit trail system of US. It would, however, still be a less reliable system because of “hanging chads” and the headache of storing the receipts securely for a period of time till the possibility of recount is eliminated. Whatever else the US might have, the Indian voting system (not the entire electoral process, just the voting system) appears far more robust in comparison.]
“It would not be extraordinarily difficult to install a programme with a Trojan Horse in it.”
Actually, it will be extraordinarily difficult. The EVMs are not networked in any way. They are locked physically. To break open the physical seal, then break open the rest of the machine to access the chip, and then to do something with the chip will require an extraordinary amount of time. This not a trivial thing, because there are hundreds of thousands of EVMs. And they are not left outside without supervision. To allege that they can be easily tampered with, despite monitoring by a good number of security personnel and agents of various political parties, is to indulge in a conspiracy theory of the looniest sort.
Oh, almost forgot, the chip is actually hardcoded with the voting program. If you try to modify the program or install anything on it, the chip will get damaged and the EVM will not function anyway.
“To outward appearances and to ordinary testing, the programme would appear normal. However, when it is fed a sequence of keystrokes by the agent of the party committing the fraud, the Trojan Horse wakes up, and then, regardless of what buttons the voter actually presses, it can assign a certain (non-suspicious-looking) percentage (not 90% but, say 45%) to the preferred party. The Trojan Horse can even be programmed to quietly delete itself when the voting is over.”
So, what if the chip is manipulated at the manufacturing plant itself? How do you prevent “fraud” then? First of all, most voting machines are reused. Which means that most of them have been produced several years ago. In fact, many of them must have been produced while the NDA was in power as well. How can anyone ensure “reliable” fraud in such a scenario?
But leave such practical considerations aside, let us just assume that a chip has been altered at the manufacturing plant to do the kind of thing Rajeev is insinuating. Well, if you’ve read the articles and documents cited above, by now you know that the EVMs are not hardcoded with the names of political parties. They are merely hardcoded with the voting slot numbers. Which party will be assigned which number, is not something that is uniform across India either. It varies from one constituency to another, and of course, from one election to another. Further, the assignment itself is not electronically coded in the machine. The election officials do it manually. This is important: there is no electronic connection between a party’s slot assignment and the machine’s vote registration mechanism. The machine only knows that a vote has been cast for Slot No. 2 (for example). It has no clue as to the Party for which this vote has been cast.
[Updated to add: The slot assignment, AFAIK, is done at constituency level and the numbers are in alphabetical order of candidates’ names. This is essentially the same as the ballot papers were done under the paper-based system earlier. If you think about it, if it was done in the parties’ names, there will be a huge fight over who will get Slot No. 1 or some other “lucky” number etc. so this is a fair system.]
So, even if there was the world’s largest conspiracy ever and a political party managed to get a malicious piece of code into the EVMs, it will still not be able to ensure that it benefits from the malicious code more than other parties.
That takes care of Rajeev’s flights of fancy. I wanted to highlight one valid point, which was made by Gautam John over Twitter:
But you’re still assuming the source code is clean. Why would I make that assumption? [Twitter]
Two issues. In field gaming and pre-field gaming. In field is very hard to do. Pre-field, who knows? Open code for everyone! [Twitter]
I have, of course, not assumed that the source code is clean. I have merely concluded that even if a political party were to be successful in manipulating the code at the time of chip production, it would still not be able to reap the benefits.
However, the valid point, which he doesn’t explicitly state is this: if the source code is not clean, the machine could malfunction. In practice, this is taken care of (partially) by tallying the number of votes cast at a polling booth (which is counted on paper-based electoral rolls) and the number of votes counted by the EVMs (which is an electronic count). If these numbers tally, it means that the EVMs have neither missed out a vote, nor inflated the vote count in any way.
However, this does not ensure that the machine has counted the votes correctly. For example, assume that 1000 votes were cast at a polling booth and the paper count tallies with the EVM count. Does this mean that the EVM could not have counted – by some technical mistake – 100 Congress votes for BJP? Such mistakes can arise for a variety of reasons: temperature or humidity fluctuations could affect the chip, or some bug in the code could cause it to mis-assign the vote etc. True, since it is virtually impossible for the political parties to wilfully manipulate the EVMs, such technical errors will probably even out on average. Nonetheless, such inaccuracy is indeed theoretically possible and undesirable for the health of a democracy.
There has been a technical evaluation of the EVMs by a committee chaired by Prof. Indiresan (the report has been linked above, and you have read it, right?), so I am not unduly worried about such possibilities. I would, however, be a bit more comfortable if the source code was in public domain.
To conclude, as a simple analogy, consider that you have to make an uncomplicated calculation (which is pretty much what Indian EVMs do). You can do it over a non-programmable cheap calculator, or in Microsoft Excel on a networked computer. Which one do you think is easier to manipulate by outside agents? Which one do you think is more prone to hackers?
Low-tech solutions may have fewer features, but it is easier to make them quite sturdy. That’s one of the reasons why my family’s 25+ year old Kelvinator fridge is still going strong, and so is the EC-TV (it is lying in the basement, but it still works) purchased when Ramayana started on Doordarshan, while our later purchases have not been so long-lasting.
It is nobody’s case that Indian EVMs, by themselves, can ensure a free and fair election (old-style booth capturing can still be done, though at a much higher risk and a much lower reward). But, those who come up with all kinds of conspiracy theories should have some shred of proof or technological feasibility to support their case before casting aspersions over the legitimacy of Indian elections.
Note: This post has been typed in a hurry. Sorry for the typos, and if I missed out on some issue.