Content owners need to review the designer art, too

Date:November 9, 2005 / year-entry #343
Orig Link:
Comments:    14
Summary:The Washington State Association of County Auditors have a web site explaining steps people need to take to ensure their vote is counted properly. Unfortunately, the auditors didn't review what the web design team came up with, because their page on how to mark your ballot is illustrated with a cute graphic with a check-mark....

The Washington State Association of County Auditors have a web site explaining steps people need to take to ensure their vote is counted properly. Unfortunately, the auditors didn't review what the web design team came up with, because their page on how to mark your ballot is illustrated with a cute graphic with a check-mark. Too bad the check mark is the wrong way to cast your vote in every single county in Washington. For written ballots, you're supposed to fill in the square or circle completely, not use a check-mark.

You'd think after all these years I'd eventually get this voting thing down. Most years, I make a wrong turn looking for my polling place. This year, I focused and managed to get there without any mistakes, only to find that I forgot to bring my voting registration card. (Actually, I usually forget my card most years. I've gotten pretty good at looking up my name in the book.)

Comments (14)
  1. Mark Encarnación says:

    You don’t need your voting registration card to vote. Other forms of ID, for example, your driver license, should do. Even if you don’t have an ID on you, you can "vote a provisional ballot".

  2. FWIW, I was a poll judge, and our instruction manual had the same problem. The instructor salvaged the situation by using it as an example of what not to do.

    Also, a canvassing board could still have counted your vote.

  3. (sorry for the double post – I wanted to reply to Mark)

    Mark – that’s a great example of the security faux-paus, "security by harassment". The ID requirement offers no additional security protection. To the end-user, it just changes which table you vote at.

    I find this theme often comes up in security reviews. Somebody will propose some security measure, which upon closer inspection, only harrasses the user and doesn’t actually provide any security wins. Stuff like "let’s protect all our data by xoring it with some constant." Like that’s going to stop a hacker…

    I think it would be very educational to take the security review procedure we use for software and then apply it to every day things (like shopping at a grocery store, or our election process).

  4. Vince P says:

    This is voting we’re talking about right? Well in Chicago (where I live) jmstall’s message would have no applicabilty to our ID requirements because from what I can tell, other than being used to maintain the mailing list it seems like computers have almost no role on the actual day of voting.

    You walk into the polling place, you show them your card, they look at their printout and cross your name off.. you go to ballot "machine", punch your holes (we still use punchcards) and then put the thing in the box.

    Then you go down to the next polling station and do it all again.

  5. Jeff says:

    Or be like me, skip all the security procedures and not vote at all, because there’s nobody you want to vote for.

    On the original topic, I remember the SuSE Linux boxes that had some sort of abstract mathematical figure on them, and people were going "what the hell is this?" – very poor design.

  6. AlexK says:

    Why not use Internet for voting? All have SN, right? Set up the SQL Server backed site and that is all!

  7. Cooney says:

    Oh great, botwars determining the next president – with any luck, it’ll be Mitnick ;)

  8. mikeb says:

    That’s a good catch, Raymond.

    Now, what’s up with those ‘arrow’ style ballots (

    I can’t imagine that anyone designing a ballot would think that that’s an intuitive way to mark a ballot.

    At least with the oval or box style ballots, someone has a good chance of actually filling the thing out correctly without having to resort to instructions. But I don’t think anyone would have a clue how to correctly mark the ‘arrow’ ballot without first studying the instructions.

  9. Bryan says:

    Hey! We use arrow-style ballots, and they work just fine! :-P

    They give us a fairly thick marker to use (not pencil or pen), and the people working there usually ask us if we’ve voted before (if not, they give a quick overview of what to do — "just fill in the arrow next to the candidate you wish to vote for, and if you change your mind, X out your first choice"). So it’s extremely obvious after you’ve done it once, and before that, it’s still fairly obvious due to the oral instructions.

  10. Bryan – it may be obvious, but it’s not secure.

    Someone handling your ballot (eg, a corrupt state worker doing a recount) could go cross out your original vote and mark a new vote.

    From a security review perspective, it’s lacking defense-in-depth against corrupt handling. A more secure oriented goal would be: "assuming somebody can hack your program (eg, tamper with your ballot), how can we design it such that they can’t do any damage."

    In computer-speek, we do things like run as low-privilege user. In ballot-speek, you could do things like require a new ballot instead of allowing X’s, or even having some sort of ballot checksum.

  11. Bryan says:

    Yes, that’s true, it’s not secure. Then again, neither is any ballot type at all that allows the voter to change their minds.

    Even with a checksum, if the checksum isn’t write-once (i.e. non-correctable), then it’s not secure. A corrupt state worker doing a recount could just change the checksum to match their vote changes. Adding a private key owned by the voter into the checksum would be one way to fix this — but as much as I like PKIs, PGP, etc., I doubt that’d be practical.

    (I was responding to mikeb, where he said "I can’t imagine that anyone designing a ballot would think that that’s an intuitive way to mark a ballot." It is actually fairly intuitive: you have a big thick black line, broken in the middle, and a big thick black marker in your hand — "Gee, I wonder what to do? Maybe fill in the rest of the big thick black line, using my big thick black marker? Naah, that’d be too obvious." ;-) Plus, there are the instructions the workers give you.)

  12. Nick Lamb says:

    "neither is any ballot type at all that allows the voter to change their minds."

    If you change your mind or make a mistake, return the marked paper to the official, it is placed in a separatey identified box and you receive another paper. The separate box is retained for a time after the election in case any party disputes the result.

    If you change your mind after you’re finished, that’s tough luck.

    On the one hand I’m amused that the supposed "champion of democracy" spends a huge amount of money to run elections so poorly, disenfranchises its citizens, can’t run a fair election, and so on. On the other hand it’s hardly important, in my country everyone knows the fix is in, if your representative is from the ruling party they must toe the government line, if they’re from an opposing party they have no effective power. So decisions are really made by an elite, but a lot of money is wasted on the set dressing of a democracy.

    Most decisions are made by consensus. Good or bad, they’d be the same in almost any system of government. It’s only in the rare cases where there is no consensus that any opportunity arises for your system of government to have an effect. Mostly, the effect will be a negative one, regardless. So by all means make your opinion known, but learn to enjoy the ride.

  13. Why do you cerr-razzzy Americans have such a strange set of voting procedures?

    Here in the good old UK, we have a simple piece of paper, printed with some names. You put a mark in the box.

    It’s so simple it’s very difficult to get wrong. If you do, you just tell the officials, and they give you a new voting form.

    How we’ve laughed in recent years at all the coverage of how the "world’s greastest democracy" can’t even come up with a reliable, simple, trustworthy system to elect their leaders!

    (BTW, this isn’t general bashing of the US – just bashing your political problems…)

  14. I needed to correct an error on the California touchscreen ballot. I touched "review" and sure enough, there was the "yes" circle with my erroneous checkmark through it. But no "no" circle. What to do? I was about to ask for help, but fir some reason I touched my "yes" and wonder of wonders, the space was replaced by unchecked yes and no circles. Radio buttons gone mad!

Comments are closed.

*DISCLAIMER: I DO NOT OWN THIS CONTENT. If you are the owner and would like it removed, please contact me. The content herein is an archived reproduction of entries from Raymond Chen's "Old New Thing" Blog (most recent link is here). It may have slight formatting modifications for consistency and to improve readability.

WHY DID I DUPLICATE THIS CONTENT HERE? Let me first say this site has never had anything to sell and has never shown ads of any kind. I have nothing monetarily to gain by duplicating content here. Because I had made my own local copy of this content throughout the years, for ease of using tools like grep, I decided to put it online after I discovered some of the original content previously and publicly available, had disappeared approximately early to mid 2019. At the same time, I present the content in an easily accessible theme-agnostic way.

The information provided by Raymond's blog is, for all practical purposes, more authoritative on Windows Development than Microsoft's own MSDN documentation and should be considered supplemental reading to that documentation. The wealth of missing details provided by this blog that Microsoft could not or did not document about Windows over the years is vital enough, many would agree an online "backup" of these details is a necessary endeavor. Specifics include:

<-- Back to Old New Thing Archive Index