Upload
lewis-swindell
View
221
Download
0
Tags:
Embed Size (px)
Citation preview
Presented on 28 July 2009 by:Dr. Kirit Somaiya(Ex Member of Parliament)(All India Convener – BJP Committee on EVM)
Fool-proof Ballot/ Electronic Voting Machine (EVM) System
Introduction of the EVM concept in the world 1970
First use in 11 constituencies in India 1982-84
First Expert Committee to review EVM design 1990
Use of EVM in few Lok sabha Constituencies 2004
Appointment of another Expert Committee 2005
Expert Committee emphasizes use of EVM only after providing adequate “measures” for security, protection and upgradation.
2006
100% use of EVM during Lok sabha elections 2009
2 of 37
A snapshot of EVM
The EVM background story Electronics Corporation of India Ltd (ECIL) & Bharat Electronics
Ltd (BEL) have shipped their proprietary software to be fused into the chip, to their vendors Renesas (Japan) and Microchip (USA) ?.
Programming assembly code available to only a selected few. Plus there is no precise verification tool to check whether the EVM is manipulated.
New EVM purchases since 2006 (up graded) 2,53,400 from BEL and 1,94,600 from ECIL
The mode of shipment goes through many private contractors before it reaches the manufacturers or the polling booth.
The Election Commission or any political party does not have any system to check the transparency of the hardware or software and its security
ECIL and BEL also outsource including repair work to private contractors.
3 of 37
Live demonstration of hacking of the EVM
4 of 37
EVM hacked after a “successful” mock poll
Image courtesy: Mumbai Mirror (TOI), 24th July 2009
Possible ways of tampering EVM’s Tampering with the hardware chip or software by adding malicious
code like Trojan horse or mis-configuration, can alter vote totals or favour a particular candidate.Swaping of chips/boards enable trojans to favour a candidate
Cables of two controls units can be swaped to swap votes of Loksabha & Assembly if polling held simalteneously
Hacking can take place during transportation, handling, polling station, storing places, repair, maintenance etc.
There is ambiguity on the Prof. Indiresan Expert Committee review report 2006 on whether an OTP or a Masked ROM chip is used. Can we consider OTP to be a writable blank CD and Masked ROM is like a pre-written Movie CD?
Abusing the administrative access to the machine by election officials, might also allow individuals to vote multiple times.
Manipulated EVM’s can corrupt the entire memory as well as hang the Control Unit and rendering E2PROM unreadable
5 of 37
Details of abnormal behavior of EVM’s (Lok sabha 2009)
Malfacturing or Intentional faults Any button pressed, light/ vote registered to one particular
candidate EVM stopped functioning during the polling process Polling staff was not at all updated or aware about the security
measures EVM that was used in previous elections in a particular district were
used in the same district in the Lok Sabha 2009 EVM seal found open on counting day EVM got jammed and could not be opened on the counting day Independent candidate got over 500 abnormal votes in one booth
and major parties got none! The Candidate have no locus-standby in that areas.
There were differences between the polling figures declared by the Election Commission in the booths and the result shown in EVM in those booths
These candidate secured ‘O’ or single digit votes in other boots Candidate got 100% of pooled in several boots. In Simultaneous election of Lok Sabha-Vidhan Sabha Surprising – Abnormal Contradiction observed about the votes
secured by political party candidate s in the same boots.
7 of 37
No action taken on these malfunctions In Nutan School, Chandrapur (Maharashtra) Booth No.176 votes
given/ button was pressed for Candidate No.1, but vote/light flashed against another candidate. EVM replaced around 2.30 pm during polling on 16/4/09
In Ghaziabad (UP), Mr. Satish, an independent candidate, secured 998 votes in 24 rounds. But all 501 votes in booth no. 247 went to him, and BJP and Congress candidates got 0 votes each and BSP candidate Amar Pal Sharma got 1 vote. He has no locus-standy in theat boot.Rajnath Singh won by 80,000+ votes.
In Nimasahi, Cuttack (Orissa), Booth No.160 – Any button pressed, light/ vote flashed in favour of BJD. Presiding Officer/ polling officials had no explanation for the same, but Election Commission had to accept the manipulation/ malfunctioning of EVM. Re-polling was held in this booth, after Congress and BJP protests.
In Khammam Constituency, Polling Station 198, EVM could not read data and the votes were discounted by the officer. As per data collected by the District Collector, this booth data is missing.
In Pedakurapadu (Guntur, AP) Booth No. 2, after a total of 122 votes were polled, the EVM malfunctioned and had to be replaced.
8 of 37
No action taken on these malfunctions
• The following points may be considered to justify the suspicion.
• NANDED EVM Failure • votes given to any candidate in booth no. 265 of Mukhed Vidhansabha in the
Nanded Parliamentary Constituency in Maharashtra were transferred to Congress. • South Mumbai EVM Failure • votes given to any candidate in booth no. 183 of Shivadi Assembly ( No 161) in the
South Mumbai Parliamentary Constituency in Maharashtra were transferred to Congress.
• According to Rediff news, May 16, 2009: “The Shiv Sena’s Mohan Rawale alleged that there was a problem with some EVMs wonder’s ‘how I got only 5 votes from an area that is a Shiv Sena stronghold,”
9 of 37
Booth No.
Name of the Area
BJP BSP Congress SP Others (IND)
No. of votes polled
60 Sector 25 282 7 145 2 1 437
61 Sector 25 Jalvayu Vihar Block M
1 0 0 1 415 417
62 Sector 25 Jalvayu Vihar Block L,K,M,N
264 19 158 3 5 449
63 Sector 25 Block N,K,L,K,QJ
247 27 125 1 1 401
64 Sector 25 Block N
241 24 102 3 9 379
10 of 37
NOIDA Assembly (Booth 61)
How did an Independent candidate get so many votes from an area where he has no connection? In all other areas, he got 0 or 1 vote.
Voting Pattern of Rellivalasa village (Parliament)
Booth No.
TDP BSP INC BJP PRP Pyramid Party
Lok Satta
BSSP IND Total votes polled
70 320 06 140 08 57 04 01 14 09 559
71 289 14 169 16 50 09 07 08 07 569
72 313 10 223 14 90 05 07 27 12 701
73 133 07 11 319 71 07 02 03 03 556
74 369 10 288 21 68 11 07 24 15 813
11 of 37
For the same booth, voting for Assembly is total contradiction (see next Table)
Voting Pattern of Rellivalasa village (Assembly)
Booth No.
INC BJP BSP TDP PRP Pyramid Party
Lok Satta
IND I
IND II
IND III
IND IV
Total votes polled
70 129 7 5 332 79 4 2 0 1 0 0 559
71 170 10 8 308 41 9 6 1 4 4 8 569
72 227 23 16 326 77 9 3 3 4 6 6 700
73 332 3 115 10 71 4 3 15 3 0 0 556
74 276 31 8 370 91 7 6 2 7 6 11 815
12 of 37
List of Booths were EVMS could not read data (AP)Assembly Code Booth Code Assembly Name Booth Name
23 60 Ramagundam Medipalli
23 61 Ramagundam Medipalli
70 197 Secunderabad Osmania University
80 60 Alampur (SC) Leeza
80 69 Alampur (SC) Leeza
84 128 Shadnagar Kesampet
104 185 Parkal Katrapally
104 197 Parkal Nallabelly Yelugur
104 209 Parkal Semgem
104 212 Parkal Gavicharla
104 221 Parkal Bollikunta
104 224 Parkal Ramachandrapuram
112 198 Khammam Kothagudem
198 142 Vijayawada West Mallikarjuna Petta
231 31 Giddalur Kandulapuram
240 250 Sullurpeta (SC) MPP School Ramapuram Kuppam
257 44 Panyam Bollavaram
257 45 Panyam Bollavaram13 of 37
SNo Assembly (Andhra Pradesh)
Mandal Panchayath Booth TOL TDP % INC %
1 Rajam (SC) Vangara Vangara 30 11 0 0 11 100
2 Yerragondapalem Dornala Dornala 135 27 0 0 27 100
3 Jammalamadugu Jammalamadugu Gandikota 120 555 0 0 555 100
4 do do Goriganur 75 712 0 0 712 100
5 do do Dharmapuram 74 458 0 0 457 99.8
6 do do Devagudi 69 776 0 0 774 99.7
7 do do K. Sirigepalli 119 782 0 0 780 99.7
8 do do Devagudi 70 920 0 0 917 99.7
9 do do Peddandlur 118 822 0 0 818 99.5
10 do do Jammalmadugu 73 398 0 0 396 99.5
11 do do P.Sugumanchipalle 72 391 0 0 389 99.5
12 Mydukur Khajipet Khajipet 144 776 0 0 772 99.5
13 Punganur Sadam Yarrathivaripalle 166 640 0 0 635 99.2
14 Jammalamadugu Jammalamadugu Goriganur 76 695 0 0 685 98.6
15 Kamalapuram Kamalapuram Kokatam 3 445 0 0 437 98.2
14 of 37
Polling booths show a particular voting pattern (AP)
Congress candidate got almost 100% votes in these booths, pointing to a possible manipulation.
Assembly Total Voters Total Votes polled
Votes counted on EVM
Difference
60-Tumsar 251,813 177,786 177,116 670
61-Bhandara 294,139 201,173 201,171 2
62-Sakoli 265,588 198,450 198,343 107
63-Arjuni/Morgaon
199,932 154,757 155,037 280
64-Tiroda 195,340 141,411 141,299 112
65-Gondi 241,090 155,496 155,698 202
TOTAL 1447,902 1029,073 1028,664 1,373
15 of 37
Actual votes polled v/s votes counted by EVM
11 – Bhandara Gondia (Maharashtra) Lok Sabha 2009
Difference observed in 61 booth,in the figure published by Returning Officer/ Election Commission,in the vote polled & the votes counted by EVM
Political parties protesting BJP, Congress, SS, CPM, TDP, ADMK, RJD, LJP, INLD, MDMK,
Trinamool Congress have all raised issues about malfunctioning of EVM
Leader of Opposition Shri L.K. Advaniji demanded a transparent fool-proof system (an EVM system with paper backup) in future elections.
Congress’ Mr. Gulam Nabi Azad, Union Minister has charged EVM malfunctioning in the recently held Orissa 2009 elections.
Punjab Congress President Mr. Amrinder Singh has made public demonstration of malfunctioning of EVM
Dr. Subramanian Swamy, former Law Minister, alleged in April 2009 that a group of people who had been convicted in the US for hacking bank accounts and credit cards had been recruited by a certain political party to possibly rig the elections through EVM’s
16 of 37
Former Bureaucrats Experts raise concernHave raised the issue of EVM malfunctioning:
Omesh Saigal (ex-Chief Secretary, Delhi Govt. & ex-Secretary, Govt. of India)
Dr. Krishan Saigal (ex-Chief Secretary, Assam)
Ravi Kathpalia (ex-Controller General of Accounts, GOI)
Ms Asha Das (ex-Secretary, GOI)
KP Fabian (ex Ambassador)
SK Agnihotri (ex-Chief Secretary, Assam)
AR Lall (Advocate, Supreme Court)
Shri Vihay Mukhi,IT Security-Expert.
17 of 37
Petitions filed in the Supreme court
Retired Computer Science professor Satinath Choudhary stated, “producing doctored EVMs is child’s play”, as early as 2004 in the Supreme court which directs Election Commission to take note.
Jana Chaitanya Vedika (NGO) moved the Supreme Court, under Article 32 of the Constitution, to ensure that the votes cast by the voters, are registered properly and without any tampering/ manipulation of the EVM’s .NetIndia, renowned Company in EVM technology, submited observation regarding lack of security measures, transparency and hacking of EVM
Mr. Mohan Rawale, 5-time Shiv Sena MP, has filed a Petition in the Supreme Court on EVM malfunctioning
18 of 37
Other Petitions against EVM’s
Dr. Jagtap and Dr. Jadhav have moved the Mumbai High Court regarding malfunctioning of EVM’s
Shailendra Pradhan filed a PIL , in the Madhya Pradesh High Court
Activists have raised issues of EVM malfunctioning at the Orissa High Court; Tamil Nadu High Court and Andhra Pradesh High Court
Banwarilal B. Purohit v/s Election Commission of India, 2004
The PMK, which suffered a shock defeat in Virudhunagar constituency, TN, in 2009 Parliamentary election, has filed an appeal to the Election Commission (“while counting, the votes increased by 23,000 more than the polled votes”).
The MDMK has filed a PIL in Madras High Court.
19 of 37
EVM’s around the world The Federal Constitutional Court of Germany declared EVM’s
unconstitutional, in March 2009.
In 2006 in Netherlands, licenses of 1,187 voting machines were withrawn, after a citizen’s group named ‘We Do Not Trust Voting Machines’ demonstrated that in five minutes, from up to 40 meters away, they could hack into the machines with neither voters nor election officials being aware of it.
The Supreme Court of Finland declared invalid the result of a pilot electronic vote in three municipalities of 2009.
United Kingdom’s The Open Rights Group declared it could not express confidence in the election results, citing “problems with the procurement, planning, management and implementation of the systems concerned”, in 2007.
Ireland abandoned an e-voting scheme, in 2006.
There were serious discrepancies in the Diebold systems EVM’s predominantly used in Brazil’s 2006 elections.
20 of 37
EVM’s in USA In April 2004, California banned 14,000 EVMs because the
manufacturer (Diebold Election Systems) had installed uncertified software that had never been tested, and criminal prosecution initiated against the manufacturer.
During 2004 Presidential elections, in Gahanna, Ohio, only 638 votes were cast, but EVM result declared Bush received 4,258 votes to Kerry’s 260.
A study by UC Berkeley’s Quantitative Methods Research Team reported that irregularities associated with EVMs may have awarded 130,000 - 260,000 votes to George Bush in Florida in 2004.
Various relevant bills proposed in the US House/ Senate:- HR 550 (2005); HR 774 and S 330 (2005); HR 939 and S 450 (2005); HR 533 and S 17 (2005); HR 278 (2005); HR 5036 (2008)
21 of 37
The Machine denies the right to know, violation of fundamental right & right to recount German Supreme Court
March 2009
• Electoral voting machines as untrustworthy and unconstitutional. Every voter should be able to understand whether their secret votes cast are recorded in an unadulterated and wholly transparent manner. The said judgment by Germany’s Supreme Court currently reflects the scientific doubts that other countries now hold about conducting elections through the EVMs. The essence of the judgment leaves voters with the knowledge that the risks associated with electronic electoral fraud is not compulsory to accept.
22 of 37
Report of Expert Committee appointed by the Election Commission
Recomendation of the committee
EC noted that the EVM of 1990 has become outdated and needs to be replaced. Hence in 2006, EC appointed an Expert Committee headed by Prof. P.V. Indiresan with Prof. A.K. Agarwala and Prof. D.T. Shahani as Members, with reference to suggest amendment and additional features
Before every election, the manufacturers may be asked to check, certify and ensure that all the units are functioning as designed (can be done very fast through a very simple exercise ‘the self test signature of Machine’).
24 of 37
Recommendations of the committee
Election Commission to maintain a register of the voters in the sequence of their voting, not only the process of recount is possible but also verification of the recount against any possible tampering is also possible. Each role and key press is time/data stamped
Any system can be tested randomly by ‘mock poll’ to prove this performance. Further as each key press in EVM units whether valid or invalid is date-time stamped and recorded no activation of a possible “Trojan Horse” by any specific key press sequence on EVM during poll can possibly go unnoticed.
Post-Poll: Carrying out on a sample basis, recounting of votes in certain booths at an appropriate administrative level, to act as a deterrent against potential mischief-makers, to generate a climate of confidence about the infallible nature of electoral process
25 of 37
Conclusion of the committee It was agreed by the manufacturers that recommendations could
be implemented and that it primarily involved some alterations in the software, while hardware design would remain the same. Once the software was modified by the manufacturers to meet the above recommendations, only a detailed check of functional working of the modified EVM would be needed, which EC as the user could do on its own or get done before inducting the upgraded EVM’s
With the system as designed by the agencies has built-in security, the Election Commission and the Government only need to ensure the security of the equipment, to safeguard the sanctity of the electoral process. The procedural safeguards should be implemented.
The Committee unanimously recommends the use of the upgraded EVM’s in elections, after due modifications stated in this report.
Committee also recommends strongly that bio-metric method of voter ID is pursued by EC and tested for feasibility in large population and integrating this sub-system with EVM in the future.
26 of 37
Implimentation of Recommendations ?
The Committee unanimously recommends the use of the upgraded EVM’s in elections, after due modifications stated in this report.
EC implemented these recommendations ? In fact Total 13.78 lacs EVM used in loksabha
2009 elections Only 4.48 lacs were New Up graded EVM 9.30 lacs were Old EVM ( without Upgraded) These 9.30 lacs vulnerable to Hacking ? Vulnerable to EMI i.e. Electro Magnetic
Interference ? Maharashtra all EVM used were of prior to 2005 Maharashtra EVM used were made during 1998 to
200427 of 37
Independent team raises doubts on this report
No evidence to support the fact that the suggestions made the expert committee were implemented subsequently, thus leaving enough room for security breach
Source code (software) was not fused in India at the manufacturer’s premises under stringent security, but it was sent over to the vendor outside the country and delivered through various delivery channels to the manufacturer and so can be prone to any kind of tampering at various stages of the shipment.
No evidence of how many number of EVM’s upgraded with modifications suggested by the Experts Committee and how many old EVM’s were re-used for this elections.
Age,replacement ,up-gradation of EVM’s. Adpotion of most modern technology.Implimentation of security measures in reality.
28 of 37
Technical issues not answered There is no diagnostic check available for checking the sanctity of
the embedded program in the EVM.
No verification program developed to cross check every chip for genuine code before mounting on to the circuit board of EVM. No manufacturer in a position to define whether chips are original due to lack of thorough verification tool.
Technically not clear how any embedded device without any processor or microcontroller or any chip transfer data with encryption.
The E2PROM being replaced while polling operations being conducted due to E2PROM malfunctioning, should have made EVM inoperative.
Software modification not possible due to hardware design as the chips used are masked Chips and technically unalterable and require a complete new Circuit Board with a new chip mounted on it with proposed modifications to the software
29 of 37
Trojan issues not answered None of the Control Unit Circuit Boards were sealed and there is no
mention of a modification to the existing Ballot Units. A new Ballot unit can be swapped at any time as there is no encryption between Ballot Unit and Control Unit, giving immense opportunity for running Trojans
As the entire lot has the same Unique ID and is sent along with the source code to the vendor for fusing into the Chip, there is a possibility of ‘Trojan’ being added into the chip with the ID already existing.
Pre-poll: The allotment of keys on the Ballot Unit is done through the Control Unit by pressing the “CANDIDATE SELECTION” button. Trojan can be activated to favour a particular key by means of adding percentage over other key or by deducting a set of votes polled for all other keys and adding to the favoured key. It cannot be detected.
While Poll – Trojan can be activated by anybody going in as a voter entering the sequential key code on the Ballot Unit. This can go absolutely undetected.
Even if few EVMs were upgraded with Dynamic Key Coding, the program is incapable of recording every key pressed and key sequence when pressed activates the ‘Trojan’. Also to test each EVM with such a number of key sequences would be highly impossible.
30 of 37
Concluding remarks
Clarification expected from the Election Commission
Why is it that? EC has implemented the recommendations and security measures
as suggested by the 2006 Expert committee ? EC refused to share any information on software or hardware, with
any political party or candidate. Is it because the Election Commission itself does not know what is inside the EVM ?
Expert Committee of 1990 and 2006 had Prof. Indiresan as member and Chairman respectively. Surprise that 90% of the Report of 1990 and 2006 is same, including the language
Consultation with any other bright IT experts EVM used in India – hardware, software is same since 1990. EC
refused to accept modern technology, i.e. EVM with paper back-up ? Non-transparency creates suspicion. But still no standard guideline,
programme, procedure implemented by EC No audit (pre-poll, during poll, post poll) of EVM has been done till
date by the EC. Plus no records studied or published of how and when’s of the failure of EVM’s
Repairs, maintenance, storage, transportation is not foolproof. EVM code itself is installed by a private company/ foreign MNC
EVM in the same area is repeatedly used in the same area The polling staff on duty for the election day and counting day, has
no knowledge about the EVM technology or security measures.32 of 37
Government ask for Open Standard Programs
33 of 37
The Government of India has released an open standardspecification inviting any competent technology developer to develop SCOSTA – Smart Card Operating Systemfor Transport Application for the purpose of issuing Driving Licenses for Drivers, Registration Cards for the VehiclesThe adoption of open standards enables proprietary ownership of any such development, as it is meant of the use of the common public. Immense Security, eliminates Vendor Lock-ins, allows Third Party / Neutral Technical team evaluation / verification Etc.,
IT Security expert Vijay Mukhi’s suggestions
After spending years in the security industry, we believe that in principle, an EVM can be tampered with. There is no such thing as 100%.
What we recommend to the Government and the Election Commission is to make public the entire EVM eco-system, which includes the hardware schematics and the software that control the EVM. Today, we cannot say that the EVM is safe or unsafe from being tampered with because like the rest of the country, as we have no information whatever on the EVM.
We want EC/ Government to follow international best practices and hence to put an end to this controversy it would be better to have a paper trail of the vote caused.
34 of 37
Ways to reduce EVM Frauds A Printer added to the EVM can give print out of every vote to the
voter which he/she can verify whether the vote was cast properly
Independent standard Verification/ testing tool can be developed and be made available to all political parties/ candidates. Can use code signatures to ensure software is identical on all EVM’s.
Use of Open-source software and transparent hardware system
Pre-poll, during poll and post-poll full-fledged tests, audit tests, parallel tests of EVM, must be conducted
All EVM’s which found malfunctioning in Lok Sabha 2009 should be checked, verified and studied by independent machinery/experts and reasons for malfunctioning should be published
BEL, ECIL and any Government person, staff of election duty including the Election Commission should not be allowed to touch all these machines
EVM should be part of E-governance of Government of India
35 of 37
Conclusion In light of all the above discussions, it is clear that there is
reasonable doubt about the reliability of EVMs.
Tripura recently held elections of local bodies EVM were not used
Local Bodies Elections EVM with Detachable Memory used. Need to correct it.
Tamilnadu CEO – Election Commission MR Gupta announced ‘Only new upgraded EVM shall be used in bye elections of 5 assembly constituencies
Supreme Court now stated ‘ We are not under estimating the issues & concern raise. Election Commission are the Authority to handle this issue. If they don’t than The Supreme Court can be approached’
36 of 37
Conclusion In light of all the above discussions, it is clear that there is
reasonable doubt about the reliability of EVMs.
Given the poor experience with EVM’s worldwide, it is difficult to believe that India EVM’s are somehow far superior to those used elsewhere, and somehow immune to fraud.
It is entirely possible that the election machinery has taken every possible step in good faith, but that clever criminals have subverted the system for their own ends.
Use technology which can be understood by common-literat/illiterate voters & un-trained polling staff.
Improved transparency, and public scrutiny of the system, including an analysis of ways in which it can be made more secure, are urgent and imperative before any future elections.
Use EVM with paper Back-up.
Thank you
37 of 37