Belgium goes e-Voting

Interesting. During the elections our entire country was up in arms because the election results came in a few hours later than with the (black-box, readily hackable, completely non-transparant) computers we had before. Somehow nobody complains when forming a government takes months, but election results must come in immediately.

But when neighboring Belgium introduces new voting computers, nobody here wonders how they are doing. I collected some headlines, just so the people currently screaming for new voting computers know what to look forward to. It’s an incomplete collection, from Dutch language papers in Belgium. In case you don’t read Dutch: it looks like a LOT more trouble than our current paper-based elections.

26 thoughts on “Belgium goes e-Voting”

  1. And there has also have been the elections in Venezuela. Despite of Chavez results being much better than expected, nobody seems to challenge the results and media report that “tampering has not been possible due to to the electronic voting systems” in place. How bizarre. I surprised that Putin has not yet resolved his election issues by introducing e-voting.

  2. I was the chairman of a local polling station. Although we had fears for technical problems in our voting booths, everything went really smooth and we really liked all the support and documentation we received for managing our new voting computers and possible problems. Also, our city started installing and testing the new computers a day before the elections which resulted in a well-tested and problem-free voting environment. I believe that the new system is a really good one. I also believe that the reported problems are representative of a minority of the polling stations.

    Also, as a fellow hacker and beta tester of the new computer systems, I have been putting the voting computers and protocols through some technical tests which they succeeded very well. The government has been really helpful in perfectly answering all my requests for information, documentation, samples of votes, and great openness in disseminating the live results.

    Being a sceptic, I believe that this election has been a success, rather than what has been sensationally reported!

  3. Congratulations for Anthony! It is nice to see folks who have such faith in computers. On the other hand not everybody will be able to put his or her trust in complex machines – most people don’t understand the workings of them. So most people can not understand the workings of democracy in Belgium. Trust in Belgian democracy can only be based on faith, in computers and their elite servicemen, not on controllable facts.

  4. Ulrich: funny you should mention that: the new Belgian machines were made by Venezuelan-owned Smartmatic. From one great democracy to another…

  5. Anthony: ” I believe that the new system is a really good one.”

    I’m glad you do. Because lacking adequate transparency, that belief may be all you have.

  6. It’s unfortunate that all these articles seem to focus merely on the technical issues that occurred on the day itself.

    In one of the links it’s even stated by a minister that 80 to 90 percent of the trouble is due to operator error. This implies that with more experience and some more explanations, next year these troubles will be gone. And I’m sure the creators of the devices will stress that these are just some “minor bugs”. And it’s probably true; bugs get fixed, and things *will* go much smoother next time.

    But the fundamental flaws will still be there, lying hidden waiting for someone to abuse them.

  7. Peter: You’re absolutely right. I just noticed that for some reason the (much more central) issue of whether anyone can observe the count somehow doesn’t seem relevant and all the mayors are screaming for ease of use and an end to the ‘headache’ of paper ballots. Looks like they might not even get that.

  8. Anthony: It’s nice that they publish source code on a website that does something similar as the voting machines do. But how can you know that it is exactly this software that is running on that machine? And that the hardware has no modifications?

    Tampering with voting machines is not very difficult.
    Tampering with paper ballots is also not very difficult.
    But with with machines you can quite easily do this on a large scale. Large scale tampering with paper ballots is an awful lot harder.
    Democracy is too important to leave to machines.

  9. Anthony: I respect that you think that means something. But Tom is right I’m afraid. How does the voter verify that that software runs on the voting machines that are fielded?

    Point is: if you buy your voting machines from me (or let me have them for a while), I can ALWAYS mess with any automated vote count IN ANY OF THE FIELDED SYSTEMS THAT HAVE EVER BEEN INDEPENDENTLY STUDIED, making such counts meaningless in the face of an adversary that controls the machines. It doesn’t matter what detection methods are deployed, the attacker always wins because his mission (“hide one exploit in a complex system”) is so much easier than the defender’s mission (“detect/foil all possible exploits in a hostile environment”).

    Have a look at as it provides a nice background on e-Voting. You may want to read the scientific paper as well. It’s a boring field, scientifically that is, as all papers about all e-Voting systems are almost exactly the same.

    You may not be a techie, which is OK if so. But then if the vast, vast majority of techies that don’t work for e-Voting vendors say something is a really bad idea, does that mean something to you?

  10. Anthony: just looked at your blog. So you _are_ a techie. Good. Chances are you’ll understand. There is a _lot_ to read out there. Check out Alex Halderman’s other voting work, as well as my papers on Nedap and RIES. You may also want to read the old issues of the “Wij vertrouwen stemcomputers niet” newsletter. The scientific world has been through all the usual pro and con e-Voting arguments at great length…

  11. I’m very interested but I’ll have to find some time for all that reading material.

    But before I start reading, I have an extra question. In the new Belgium voting system, a paper trail is created as all the votes are printed by the voting computers and dropped in a well guarded voting. This is done by the voter himself who can easily check the validity of the printed vote.

    In the case where a result is disputed, we can open the sealed bags with these votes (I sealed the bag of our polling station myself ) and recount the votes. I’m assuming this is great as there is a way for disputes to be checked, parallel to the e-voting system. This seems like a big plus for our new system, it helps the counting but guarantees a paper backup. Is that correct?

    I’ll check whether I can request to count my polling station’s paper votes manually to make sure the voting computers (at least in my polling station) weren’t rigged or making other mistakes.

  12. Anthony: Here’s my problem with paper trail systems. Everyone always says we can recount when there is any doubt/dispute. At the same time, I now live in a country where polls have ever increasing margins of error and where the electorate swings by 10 or 20 percent in a matter of weeks. (Just this last election here, seriously.)

    The fraud code we wrote for the Nedap machines that were used here was quite subtle. It would only ever defraud in real elections, and it would steal a selectable percentage for one party, from all the other parties in the proper ratio. Our modified software would never trigger any kind of dispute, guaranteed.

    But one step back first… Are we then in agreement that an adversary with access to the machines can always (almost always trivially) mess with the electronic result? (Warning: If you don’t agree you’ll have to read all these papers… 🙂

  13. An election system that requires you to trust the one who is running the election doesn’t sound like a very robust design.

    “You may not be a techie, which is OK if so. But then if the vast, vast majority of techies that don’t work for e-Voting vendors say something is a really bad idea, does that mean something to you?”

    I think this is a really bad argument and is comparable with “You might not be in a city council, which is OK if so. But then if the vast, vast majority of mayors, the people that actually run the elections, say something is a really good idea, does that mean something to you?”

    It’s about not having to trust any small group of people compared to the number of people that are voting and the power you authorize with your vote.

    With a pencil every voter, wheter technical or not, is always able to validate his or her own vote without ever having to trust anyone else.

  14. Ps. please substitute “the people that actually run the elections” with “the people that know all about the practical problems of running an election”, since otherwise I contradict my own point about not trusting the one who runs the election. :S

  15. Tim: Thing is, computer security experts keep proving these really really serious and fundamental issues, and they are consistently ignored. I have no problem disagreeing about the relative weight of various risks and benefits. But I too frequently find myself arguing with people that have not the slightest beginning of a clue about a whole range of risks. Call me ever so slightly frustrated when it comes to this topic, and I wouldn’t disagree… 🙂

  16. How are paper ballots counted in the Netherlands? Using people or machines?

    I ask this because I don’t trust people counting paper votes. The risks for manipulation are immense. All the counts I have attended were influenced by the present political witnesses, at the expense of parties that didn’t have witnesses present.

    A classic technique for manipulating paper vote counts arises from discussions about the validity of votes because a big chunk of the population seems incapable of correctly coloring a circle with a pencil and witnesses are very keen on disputing these votes where they see fit, introducing a significant bias. Again, I’m interested in learning how votes are counted in the Netherlands and how it can be guaranteed to be safe from such subjective disputes.

    With the printed votes in the last Belgian election, there is no room for disputing the validity or interpretation of these printed votes and votes can be recounted if the machine is not trusted.

    I’m just stating that if we cannot trust the humans or machines that are counting the votes, I’m wondering where to start building a voting system that is safe from attack.

  17. @rop: I think asking from someone not to trust the authority but a bunch of security experts instead (people they probably know less than their own government) is not the solution but more of the same problem, namely asking someone to trust some other group of people.

    My point is that I don’t think you need or should have to be a security expert to understand the fundamental problem of not being able to validate your own vote.

  18. @Anthony Liekens
    Every citizen is allowed to stay and watch while the votes are being counted. If a vote is disqualified you can ask the chairman to show the vote. This way you can sort of decide for yourself if the counting is exercised in fairness or not.

    Furthermore you can rise any points that have to be written down and officially reported.

  19. In essence it seems like you want the vote to be handled and counted by several parties.

    So what if you make people vote a bunch of times at several different voting booths, that are a few streets apart?

    Now you can compare the results of all the booths. Of course these results will always be slightly different, and this only tells you that some votes *might* be tampered with. But… if the amount of tampered votes is not large enough to reflect a change in the distribution of power at the end, then you will know with a higher amount of certainty that voting went sufficiently honest to not influence the outcome.

    Of course I am no expert, and only looked at the problem very briefly, but it is an important one, and it might be useful to learn about how a noob in the field thinks and forms an opinion.

    This video was indeed quite good Rop

  20. The problem with any electronic voting system is the way it stores information centraly in its memory by electronic bits.
    If it get manupulated/corrupted ther is no way to recover the original result.
    Even by new elections you will not get the same results It’s just a proces you should not automate.
    Counting votes by hand is protected by the number of poeple handeling the decentral voting proces by recounting if needed.


Comments are closed.