Bill Wishon's News and Views

You’ve been extremely helpful, so bugger off: What started out as a routine study of group behavior ended up turning a bit surreal. According to the authors of a new paper, they started out trying to find out how long a group would tolerate members that abused the common good. In the process, they found that members who put the most into the common good were quickly expelled from the group. Not entirely believing it, they replicated the findings—twice. Some of the hate comes from the overly officious group members, who viewed those who gave more than they needed to as breaking the rules. But some of it also comes from people who think that altruistic behavior like this simply raises expectations unnecessarily.

Bonus points go to the people who put the press release together for the best two opening sentences I’ve probably read all year: “You know those goody-two-shoes who volunteer for every task and thanklessly take on the annoying details nobody else wants to deal with? That’s right: Other people really can’t stand them.”

Read the comments on this post

Via Sean Bonner’s tumblr, no idea where it’s from.
Update: This photograph was taken by Carlton Reid, and the stencil street art it documents is the work of Peter Drew of Adelaide, Australia.

Whenever a game is previewed, a writer is going to ask about the length. Whenever the length of a game is given in a review, there is bound to be someone in the comments wailing about the state of modern gaming, and it’s always the same gripe: “Since when is it okay to release a game at X price that’s only Y hours long?” Last week a group of developers wrote a series of articles arguing that more isn’t always better, and that a focus on length is destructive.

Read the comments on this post

Updates:	8/28	Alex Halderman: Indian E-Voting Researcher Freed After Seven Days in Police Custody
	8/26	Alex Halderman: Indian E-Voting Researcher Remains in Police Custody
	8/24	Ed Felten: It’s Time for India to Face its E-Voting Problem
	8/22	Rop Gonggrijp: Hari is in jail

About four months ago, Ed Felten blogged about a research paper in which Hari Prasad, Rop Gonggrijp, and I detailed serious security flaws in India’s electronic voting machines. Indian election authorities have repeatedly claimed that the machines are “tamperproof,” but we demonstrated important vulnerabilities by studying a machine provided by an anonymous source.

The story took a disturbing turn a little over 24 hours ago, when my coauthor Hari Prasad was arrested by Indian authorities demanding to know the identity of that source.

At 5:30 Saturday morning, about ten police officers arrived at Hari’s home in Hyderabad. They questioned him about where he got the machine we studied, and at around 8 a.m. they placed him under arrest and proceeded to drive him to Mumbai, a 14 hour journey.

The police did not state a specific charge at the time of the arrest, but it appears to be a politically motivated attempt to uncover our anonymous source. The arresting officers told Hari that they were under “pressure [from] the top,” and that he would be left alone if he would reveal the source’s identity.

Hari was allowed to use his cell phone for a time, and I spoke with him as he was being driven by the police to Mumbai:

The Backstory

India uses paperless electronic voting machines nationwide, and the Election Commission of India, the country’s highest election authority, has often stated that the machines are “perfect” and “fully tamper-proof.” Despite widespread reports of election irregularities and suspicions of electronic fraud, the Election Commission has never permitted security researchers to complete an independent evaluation nor allowed the public to learn crucial technical details of the machines’ inner workings. Hari and others in India repeatedly offered to collaborate with the Election Commission to better understand the security of the machines, but they were not permitted to complete a serious review.

Then, in February of this year, an anonymous source approached Hari and offered a machine for him to study. This source requested anonymity, and we have honored this request. We have every reason to believe that the source had lawful access to the machine and made it available for scientific study as a matter of conscience, out of concern over potential security problems.

Later in February, Rop Gonggrijp and I joined Hari in Hyderabad and conducted a detailed security review of the machine. We discovered that, far from being tamperproof, it suffers from a number of weaknesses. There are many ways that dishonest election insiders or other criminals with physical access could tamper with the machines to change election results. We illustrated two ways that this could happen by constructing working demonstration attacks and detailed these findings in a research paper, Security Analysis of India’s Electronic Voting Machines. The paper recently completed peer review and will appear at the ACM Computer and Communications Security conference in October.

Our work has produced a hot debate in India. Many commentators have called for the machines to be scrapped, and 16 political parties representing almost half of the Indian parliament have expressed serious concerns about the use of electronic voting.

Earlier this month at EVT/WOTE, the leading international workshop for electronic voting research, two representatives from the Election Commission of India joined in a panel discussion with Narasimha Rao, a prominent Indian electronic voting critic, and me. (I will blog more about the panel in coming days.) After listening to the two sides argue over the security of India’s voting machines, 28 leading experts in attendance signed a letter to the Election Commission stating that “India’s [electronic voting machines] do not today provide security, verifiability, or transparency adequate for confidence in election results.”

Nevertheless, the Election Commission continues to deny that there is a security problem. Just a few days ago, Chief Election Commissioner S.Y. Quraishi told reporters that the machines “are practically totally tamper proof.”

Effects of the Arrest

This brings us to today’s arrest. Hari is spending Saturday night in a jail cell, and he told me he expects to be interrogated by the authorities in the morning. Hari has retained a lawyer, who will be flying to Mumbai in the next few hours and who hopes to be able to obtain bail within days. Hari seemed composed when I spoke to him, but he expressed great concern for his wife and children, as well as for the effect his arrest might have on other researchers who might consider studying electronic voting in India.

If any good has come from this, it’s that there has been an outpouring of support for Hari. He has received positive messages from people all over India.

Unfortunately, the entire issue distracts from the primary problem: India’s electronic voting machines have fundamental security flaws, and do not provide the transparency necessary for voters to have confidence in elections. To fix these problems, the Election Commission will need help from India’s technical community. Arresting and interrogating a key member of that community is enormously counterproductive.

—
Professor J. Alex Halderman is a computer scientist at the University of Michigan.

Sent to me by my sister–a first, I think–is a neat animation that fronts a talk on the subject of human empathy. I must admit that I’ve always felt that the human instincts of aggression (based in a strong sense of self-preservation) are more fundamental than those of group well-being, but the speaker makes a decent case for empathy as the stronger organizing principle.

I think it’s worth noting that the “group identification” he discusses is a double-edged sword. While it can conceivably lead to a global state of harmony, it’s also a powerful tool used by those who market goods, services, and dogma to the masses. But I think it can be argued that the ability of humans to remotely perceive what’s happening across the world (with television, the internet, etc.) is one of the keys to making the speaker’s vision a reality. However, the dark side is that these technologies also have the ability to rapidly subdivide groups based on their members’ strongest feelings and create echo chambers that have the pernicious effect of insulating them from understanding the global human experience.

Telesensing is something that could dramatically alter this equation, and it’s a subject that I think about often. But that’s for another post. Without further rambling, here’s the video:

“A committee can make a decision that is dumber than any of its members.”

Last week at the EVT/WOTE workshop, Ari Feldman and I unveiled a new research project that we feel represents the future of DRE voting machines. DRE (direct-recording electronic) voting machines are ones where voters cast their ballots by pressing buttons or using a touch screen, and the primary record of the votes is stored in a computer memory. Numerous scientific studies have demonstrated that such machines can be reprogrammed to steal votes, so when we got our hands on a DRE called the Sequoia AVC Edge, we decided to do something different: we reprogrammed it to run Pac-Man.

As more states move away from using insecure DREs, there’s a risk that thousands of these machines will clog our landfills. Fortunately, our results show that they can be productively repurposed. We believe that in the not-so-distant future, recycled DREs will provide countless hours of entertainment in the basements of the nation’s nerds.

To see how we did it, visit our Pac-Man on the AVC Edge voting machine site.