There is so much to respond to in this message I am afraid I do not know where to begin. It is a classic example of what I complained about earlier in this forum in Message 36, of election officials making arguments about software and security that are outside of their professional competence, and in this case completely wrong.

Michelle Townsend wrote:

With respect to the continued (rather than "new") issues which have been discussed at length on this forum about conspiracy theories, you still claim that it is likely such a scenario could happen. If you had spent the same four months in an Elections Department, I know you would have a different view.

My response:

I never characterized any of these issues as "new". And I have never claimed that any attack scenario is "likely". In fact twice in this forum I have said the opposite, once in Message 3, where I wrote "Although I believe that the production, testing, certification, and distribution of evoting software leaves voting machines profoundly vulnerable to many kinds of attack, the likelihood of a major successful attack in any one election, especially so early in the history of evoting, is relatively small", and then again in the last paragraph of Message 35 where I wrote "I am not saying electronic vote fraud has happened, or that it is even likely to have happened yet; it is still early in the history of e-voting."

But the fact that a major successful attack is "unlikely" in any one election does not mean it is unlikely over a decade or two. And in any case the proper metric of concern is not the likelihood (probability) of an attack at all, but the risk, which is the probability multiplied by the number of votes or races affected. Because the same code runs in all machines of a given type nationwide, the number of counties, votes, or races that can be affected by a single attack can be 1000 times greater than is possible in previous technologies, where the effect of an attack is generally confined to a single county.

I object to your use of the term "conspiracy theories", here and elsewhere, to smear tar on legitimate discussions of security concerns. That is the kind of disrespectful talk that earlier in your message, Message 80, you complained of others (but not me) engaging in. We critics of electronic voting are not "conspiracy theorists", inventing unbelievable, complex scenarios in which many people secretly plot to undermine an election. Of course there may be a difference of opinion about what scenarios are unbelievable or complex; but where software issues are concerned, I hope you would stipulate computer scientists are better judges of this than are nontechnical people.

I wish I thought a conspiracy was necessary to undermine an electronic election, because then our elections would be a lot safer. But, as I and others have repeatedly pointed out, the most dangerous vulnerabilities are undetected errors or attacks by single, well-placed individuals, such as vendor programmers, i.e. not conspiracies. I might add that conspiracies to commit election fraud are not unknown in this country, and there is nothing irresponsible about considering reasonable conspiracies when designing election systems. However, I don't know of any attack scenario that we critics have ever published that involved collusion of more than two people because, as you clearly understand also, such crimes get more unwieldy and harder to hide as the number of people involved grows.

Michelle Townsend writes:

There are approximately 200,000 voting precincts in the United States. It is not possible to move a constant fraction (such as your 1-2% example) of the votes from one party to another in each jurisdiction because of the political demographics of the precincts which are too individualistic and distinct. The software would have to be distributed with a database telling it how to alter the vote for each specific candidate in each precinct; and the database would have to contain at least the names of political parties and candidates and would have to know in advance the precise hours during which these future elections are to be conducted. There would be more likelihood of a meteor striking a specific elections department than the conspiracy scenario described that sounds more like a spy novel.

My response:

It is hard to respond to this and the next paragraph without sounding disrespectful. However, I do not know of any other way of characterizing them except as nonsense. They remind me of a profoundly misinformed piece by Doug Lewis that you introduced into the Task Force 18 months ago, which I rebutted in exhaustive detail at the time. (See Election Center piece.) As Prof. David Dill and I tried to explain to you back then, none of the considerations that you claim are barriers to attacks are even relevant.

The different demographics of the precincts in the United States have nothing to do with whether software can shift a few randomly chosen votes from one party to another in almost all of them. I don't understand why anyone might think precinct demographics is even germane.

No "database" is even remotely necessary. All that is needed is for the programmer to know which party s/he wishes to shift votes to, e.g. one whose name contains "Dem" (or "Rep").

A programmer does not need to know the names of the candidates. It is extremely simple to find all candidates of a particular party, and to swing votes to those candidates without any consideration as to the names..

It is also not necessary to "know in advance the precise hours during which these future elections are to be conducted". Time is irrelevant, except as one of many possible indicators of whether a real election is in progress as opposed to a test, and then no particular degree of “precision” is necessary, or even helpful. In any case I am truly puzzled as to why you would attempt to make such a point since everyone does know the hours during which general elections are conducted in virtually every jurisdiction in the U.S. Unless Congress changes the date, the polls are open between 8 AM and 6PM local time (or longer) on the Tuesday between Nov. 2 and Nov. 8 in every even-numbered year.

Michelle Townsend wrote:

As you know, different states have their own unique election codes with different voting systems, procedures, filing requirements and deadlines; and in California, we have random alphabet draws of candidates to determine placement on the ballot and rotation of candidates' names further beyond that. In addition, local elect ...[Message truncated]