Indispensable EVMs
While a review of the hardware and software will ensure quick fixing of bugs, the confidence of voters in the electoral process can also be restored
Every election is preceded by a debate about EVMs (Electronic Voting Machines). Given the scale of Indian elections, EVMs are indispensable. But the technology is opaque and hence, open to accusations of rigging. The Election Commission of India (ECI) has consistently denied that it is technically impossible to hack an EVM. This is absurd — any electronic computer can be hacked.
The EVMs are manufactured by the PSUs, Bharat Electronics Limited (BEL) and the Electronics Corporation of India Limited (ECIL). The EVM is a computer, with a specialised chip embedded in the motherboard, and a memory unit to store votes. It’s supposed to be a stand-alone, non-networked, programmable unit. The chip that controls operations has the program code etched into it. It cannot be read, or tampered with. This creates potentially severe issues.
The candidates’ names are listed in alphabetical order with their symbols. Each machine can store around 3800 votes and cater for 64 candidates. A new system has been implemented where voter-verifiable paper audit trails (VVPAT) are available.
In VVPAT-enabled systems, a slip of paper is printed and displayed, with the voter’s candidate name and symbol, after the EVM button is pressed. The voter has about 7 seconds to verify that her vote is correctly recorded before the paper slip is deposited into a sealed box. The VVPAT tally can later be matched versus EVM records, if required.
A voter who sees a mismatch between vote and VVPAT slip, should inform the polling officer. Then there is a “test vote”. If this is incorrect, the EVM may be withdrawn and replaced. If this test vote has no mismatch, the complaint is rejected.
Every EVM has a control unit, and a balloting unit (the VVPAT is a separate machine). The two units are joined by a cable. The voting buttons are on the balloting unit while the control unit stores votes and can display results. Each button-press leads to a single vote being recorded, and the machine is then locked. The control unit is used to unlock it to record the next vote.
In January, a man who calls himself Syed Shuja made absurd and sensational claims. Addressing journalists in London over Skype while wearing a mask, Shuja said he worked for ECIL from 2009-2014. Shuja claimed he was in a team, which designed and tested the EVMs used in the 2014 elections. He said he was forced to seek asylum in the USA. He also said that Reliance Jio used low-frequency signals to manipulate EVMs in 2014, on behalf of the BJP. (Jio only launched commercial services in September 2016.) “Shuja” gave no evidence for these incredible assertions.
Also in January, the Aam Aadmi Party MLA Saurabh Bharadwaj did demonstrate how it was possible to very quickly replace EVM hardware. Other researchers have also demonstrated hacks, showing how chips or circuit boards could be easily replaced, to allow hacking. The big problem with the chip that cannot be tested or verified: there is no way for the ECI to tell if it has been replaced by another chip.
Security experts have pointed out repeatedly that the ECI’s refusal to share source code makes it much more insecure. Any code that is secret and contains bugs, can be exploited, without fear of detection. There is an excellent reason why giant corporations release source code for their programs: Independent security researchers can test it to detect bugs, and patch buggy code. Indeed, companies reward indy researchers for pointing out bugs.
Obviously, the ECI is not going to replace either EVMs, or VVPATs, at this late date. One demand that has been put forward is that 50 per cent of EVMs be matched with VVPATs, with mandatory re-polling if there’s a high error in tallies. Another suggestion is that there should be mandatory VVPAT counts if there’s a narrow victory margin.
Random sampling of EVMs and VVPATs should be done to ensure high confidence in the voting process. The process for identifying VVPAT errors also needs review. A clever hacker would ensure that consecutive votes are not interfered with, in order to pass the VVPAT test vote process. For example, every third vote could be rigged and the VVPAT test vote process would show the system was working fine.
The original EVM design was done in the 1980s. It’s high time there was a review of the hardware and software, and the source code should also be released. That way, bugs can be fixed quickly and the confidence of voters in the sanctity of the electoral process can be restored.