Touch Screen Voting Industry Circling Wagons

bhoman writes "Salon has an interesting article/interview with the author of a forthcoming book, Black Box Voting, by Bev Harris, that looks at electronic voting machines, especially Diebold touchscreens. The story includes incriminating internal memos, cease and desist orders from Diebold, transcripts of an industry teleconference where Harris Miller of the ITAA brags of his lobbying experience, and documentation of a backdoor via an Access MDB with no password. This is for software currently being used in 37 states. "

Access Database?

[16K Ram Pack (690082)]

In a voting system?

I wouldn't use an Access Database as a way of securing my list of CDs, let alone my democracy.

Then again, does Dubya have any more brothers who are governors?

wroooong

[Sean Clifford (322444)]

Nope. Nobody was "kicked off the list" because of the felon list. In fact, when the USCCR held hearings on the 2000 Florida elections, they couldnt find a single eligible voter that was kept from voting because they were incorrectly identified as a felon (and believe me- the Democrat majority in the commission looked VERY hard).

No, you're wrong. Greg Palast did extensive research [gregpalast.com] into what happened. Don't buy the party line from Fox News, CNN, and others who completely whitewashed what happened in Florida.

Now that Diebold has a lock on voting systems, expect more fraud and even less media acknowledgement of it.

the only solution...

[Lumpy (12016)]

It to open the source for these "voting machines" so they can continually undergo a public review.

Hell the hardware needs to be open for review also. It's not like there is any secret designs in there (Unless you are trying to hide something illegal)

All it takes is a tiny bit of off the shelf hardware components, a refrence design and the software to make it work easily... anyone could make an electronic voting system.

until it's all open for review by today's IS and IT experts I will not trust it or the companies making them. This isn't some silly toaster or PVR... this is the basis of the United States... voting..

Re:the only solution...

[JaredOfEuropa (526365)]

It to open the source for these "voting machines" so they can continually undergo a public review.

There are two things you need to secure against tampering: the voting and tallying process, and the resulting data. Open source inspection, while certainly useful to verify the priciples of operation of the voting machines, is not sufficient to prevent tampering with either the tallying process or the resulting data.

You will want to ensure that the machine accurately registers and tallies votes. Verifying the source alledgedly used in all the machines is not sufficient: you'd need to inspect the (sufficiently large) CRC of the binaries on each and every of the voting machines. You'll want to verify that they are indeed running the software that you have inspected, not some doctored version.

Even if all machines produce accurate data, that will do little good if anyone can edit the resulting data file, or if the totals are communicated to a central counting facility through a means which allows easy forgery of the results.

The problem with any electronic voting system is its intransparency, not of the program source, but of the voting and tallying process. Once the job of vote registration and counting is delegated to a machine, it becomes invisible. It is like handing a box of paper ballots to anyone in the streets and asking him to tally up the votes without any supervision. You'll have no idea of the accuracy of the resulting count, unless you are able to recount yourself... and for that, you need a paper trail.

I firmly believe that any electronic voting needs to be accompanied by a paper trail, and that the counts must be subject to verification of a recount using this paper trail. An electronic voting machine should either produce a paper ballot which the voter can inspect and post in a lockbox, or it should scan a paper ballot on which the voter has indicated his choice by hand. There arer very good reasons to trust paper ballots over electronic ones that are hidden inside some machine:
- The voter has tangible assurance that the vote that is deposited is the one that he has cast
- The counting rersults are verifiable: the counting can take place in a group of people from all stakeholders in the election, who will all watch each other.
- In case of doubt, a recount can take place using the original ballots counted by a different group of people.
- Most importantly: paper ballots are incredibly hard to forge in bulk, and it is very hard to introduce a significant amount of them into the counting process.

Re:the only solution...

[rossjudson (97786)]

It strikes me as incredible that the "technical" people writing these emails are engaged in such Mickey Mouse chatter, and so interested in just cranking out something, anything that will work. I just don't see how electronic voting is really all that hard to engage in...as long as you have your priorities straight.

There are two primary things we want to accomplish with EVotes -- first, we want to make the voting process easier to engage in. Second, we want to make the counting process more efficient (less costly). We would also like to reduce the error rate, to the extent that we are able.

A touch screen voting interface, big and clear and nice, is exactly what we need to help walk people through the process. We can't, though, rely on the software in these machines. One read through the memos above should convince you as to why -- these people just have no idea what they're doing. Basic? Access databases? Windows? My god.

What this says to me is that we simply cannot get away from paper. So what we want is a system that makes paper easier to use, leaves a paper trail for auditing and verification purposes, and provides ample opportunity for error checking by the voter and by election officials.

We use the touch screen to answer questions. At the end of the voting session, the system prints a "vote" and electronically tabulates the results. The voter verifies that his printed vote matches what's on the tabulation screen. The voter then folds his paper vote and deposits it with election officials in a good old fashioned ballot box.

We can then use the electronic tabulation to check quickly on the results -- this is quite efficient. We will also engage in a substantial amount of verification, by counting the paper votes by hand and verifying this against totals learned electronically. The paper always wins, in this system. We do not necessarily need to count all of the paper votes -- we can use random sampling.

It seems like a win in both directions, for me. Risks include unacceptable printout quality (printer wear), and insufficient random verification.

Re:the only solution...

[sjames (1099)]

ISO 9001 described manufacturing and processes.

The important thing to remember about ISO9001 is that it's perfectly OK for an ISO9001 shop to fling completed motherboards frisbee style across the warehouse so that it hits the wall and lands in the pile for packaging/shipping as long as that is the written procedure.

It says nothing about quality, it doesn't even assure consistancy (some boards may actually function after the above proicedure, it's random dumb luck). All it really assures is that somebody paid some ISO9001 auditors a hefty chunk of cash.

The real primary goal of ISO9001 is to remove all human thought from the process so that low paid unskilled labor can operate like expensive industrial robots.

Note that the original INTENT was to force a company to think about it's procedures in an organized manner and so make improvements in their process and in the process generate good solid and complete operational manuals. Unfortunatly, that rarely happens due to managers and ISO auditors taking what should be a manual of good ideas and raising it up to the status of holy scripture.

It is cynically amusing to listen to people in an ISO company talking about procedures in the manual. They sound EXACTLY like door-to-door bible thumpers quoting scripture. It's not at all unusual to find walls plastered with posters repeating the same 'inspirational' phrase everywhere. The phrase is so pervasive that it no longer carries meaning, but instead invokes conditioned response, not unlike a particularly dysfunctional religious cult.

It never once occurs to them that the outcome is what is important and that procedures should be re-written if/when they lead to a poor outcome.

Backdoor

[mopslik (688435)]

...documentation of a backdoor via an Access MDB with no password.

Well, it is called Access after all.

Land Of The Free (To Enter)

[Snarf (109692)]

Doesn't it make you glad to be in a country were your democratic views are stored in an unprotected Access Database!

Use open source in government

[miodekk (680870)]

The solution is simple: use open source software.
Every software in government, which is paid for from citizens taxes, should be open source. So that every citizen (at least the one which is a programmer) could check whether the code is good and fair, especially in elections.

Of course the code actually used in voting machines should be double checked by government professionals, but everyone should have an access to read the code.

Re:Use open source in government

[wfberg (24378)]

"Every software in government, which is paid for from citizens taxes, should be open source."

Maybe I'm being a little bit picky here, but I'd prefer the best tool for the job (yes, I am a gov't employee).

That's why, when ballots are counted by hand, no one is allowed to look how they are being counted. You see, when the ballots are counted behind closed doors, the result comes back in under a minute, but when people can inspect the counting, and insist upon a "procedure" being drawn up that everyone can rad, manual counting can take an hour!

Many countries prefer to manually count votes behind closed doors with no published counting procedure. For example, Iraq, China, etc. In fact, in these countries the election results are almost always known even before the elections, that's how efficient it is!

Re:Use open source in government

[11223 (201561)]

Not when public accountability is a prime concern. It doesn't matter how much better the closed-source voting systems are. I can't audit them; I can't see what's going on.

There is a vast difference between using some proprietary math program down at NASA and using a closed-source voting system. One of them results in a spacecraft that doesn't work; the other results in a government that doesn't work. You pick. :-)

Re:Use open source in government

[TedCheshireAcad (311748)]

He got in because of the 'old-sk00l' methods, and how reliable they are

I call bullshit on you.

George W. Bush won the 2000 election under the current American Electoral System. Sure, Gore may have won the popular vote, but that doesn't directly decide who the president is in this country.

The mix-up in Florida was because people couldn't figure out a simple ballot. It was decided by the powers that be that Florida's electoral votes would go to Bush (well, that's a generalization, but the same idea).

The moderators would have a better time with this if there was a Score: -1, Conservative.

Re:Use open source in government

[sg3000 (87992)]

> George W. Bush won the 2000 election under the current
> American Electoral System. ... The mix-up in Florida was because people couldn't figure out a simple ballot.

Oh, is that how it happened?

Even if we ignore the controversial Supreme Court ruling, the issue was much more complicated than that.

Jeb Bush and co. worked to get thousands of black voters disenfranchised by removing their names from the voting rolls if they had a name similar to that of a convicted felon ("Official: Florida disenfranchised minority voters", CNN, March 9, 2001).

Bush worked to maximize the number of overseas ballots in counties he won, he also worked to disenfranchise military ballots in counties Gore had won ("How Bush Took Florida: Mining the Overseas Absentee Vote", New York Times, July 15, 2001).

Of course, the problem was exasperated by Gore deciding to only have recounts in counties he won, rather than across the whole state.

So, the real issue was not just a complicated voting ballot, but also the way the votes were counted. And it's easier to verify how votes are counted (and recounted if necessary), if there's a paper trail. It doesn't help that Diebold's system is insecure.

Consider the fact that Diebold CEO Waldon O'Dell is a Republican who said in a fundraiser letter that he was committed to ""committed to helping Ohio deliver its electoral votes to [George W. Bush] next year." It is all the more important to make sure the way votes are cast and counted are transparent to the voters themselves.

And before I get lambasted by conservatives, consider the following: how would you react if you heard that the CEO of the company supplying voting equipment wrote in a Democratic fund raising letter that he was committed to helping Hillary Clinton win the presidency in 2004? You'd be a little nervous, and a lot pissed.

Re:Use open source in government

[sg3000 (87992)]

> NO! First of all, when the (Democrat majority) USCCR
> held hearings on the Florida election, they were not able
> to find a single person that was disenfranchised by the
> felon list.

You linked to the dissenting opinion, and not the original report. The majority opinion was 6-2. The U.S. Commission on Civil Rights found that the 2000 presidential race in Florida was marred by "injustice, ineptitude and inefficiency" that disenfranchised minority voters.

The report concluded that :

* "countless unknown eligible voters" were wrongfully turned away from the polls or purged from voter registration lists because of procedures and practices used by election officials.

* criticism of an an effort to purge convicted felons and other ineligible voters from registration roles. Lists of ineligible voters, compiled by a private firm, had an error rate of at least 14 percent, and black voters had a "significantly greater chance" of appearing on the inaccurate lists than white voters

* black voters were nine times more likely than white voters to have their ballots rejected during the counting process. Faulty voting systems were more likely to be used in areas with higher percentages of minority voters, but even in counties where the voting systems were the same, black voters still had a higher rejection rate than white voters

(Source: "Civil Rights Commission Approves Report Assailing Florida Vote", CNN, June 8, 2001.)

The sentence you cited from the New York Times article was incomplete and out of context. It was talking about the Democrats' accusation that the Republicans had organized an effort to seek votes after the deadline: "The Times study found no evidence of vote fraud by either party. In particular, while some voters admitted in interviews that they had cast illegal ballots after Election Day, the investigation found no support for the suspicions of Democrats that the Bush campaign had organized an effort to solicit late votes."

Earlier in the article, "the Republicans mounted a legal and public relations campaign to persuade canvassing boards in Bush strongholds to waive the state's election laws when counting overseas absentee ballots. Their goal was simple: to count the maximum number of overseas ballots in counties won by Mr. Bush, particularly those with a high concentration of military voters, while seeking to disqualify overseas ballots in counties won by Vice President Al Gore. ... In an analysis of the 2,490 ballots from Americans living abroad that were counted as legal votes after Election Day, The Times found 680 questionable votes. Although it is not known for whom the flawed ballots were cast, four out of five were accepted in counties carried by Mr. Bush"

Silly, Silly, Silly

[Tri0de (182282)]

I love high tech as much as anyone on Slashdot, but paper ballots make a whole lot more sense: with even a modicum of security you have the originals for recount (recounts being actually pretty straightfoward Florida FUD not withstanding).

Re:Silly, Silly, Silly

[Soko (17987)]

Interesting idea.

Perhaps the voting machine's purpose should be 2 fold - to do an electronic tally at the time of vote selection as well as print out a hard copy ballot recording the person's vote. Basically, the computer becomes a electronic front end to the usual system of voting with pen and paper, just replacing the pen, not the paper. This copy should be human readable so the voter can chack that the machine did indeed register his desired choices, as well as machine scannable to facilitate electronic re-counts. Heck, human readable means manual re-counts are available too. Technology has progressed far enough to do this reliably, hasn't it?

Nothing like a hard copy audit trail...

Soko

Re:Silly, Silly, Silly

[EvilTwinSkippy (112490)]

Nuclear power plants dump a line on a printer for every event that happens. At the steel mill I worked at, the massive forge shat telemitry out to a WORM drive. The running joke in the air force is that that a plan can't fly until the paperwork exceeds that weight of the aircraft. Law firms dump email into giant logs for litigation.

And yet "industry" doesn't seem to grock record keeping. Methinks' not. They just don't like keeping records about what they don't think is important.

Receipts should be treated as ballots for audits

[hey! (33014)]

Not necessarily. The idea would not be for the voter to take the receipt with him, but to put it into a locked "ballot box" where it would provide an independent audit trail. Machines would be randomly audited after each election to ensure that fraud did not take place.

I would say that the system could be made even better this way: separate out the voting and tallying machines, using the paper as a medium of transfer.

It would work like this:

(1) Voter makes choices on the voting machine.
(2) Voting machine prints out paper ballot with text and barcode representation of the votes.
(3) Voter confirms that text matches his wishes; if so he places the vote in the tallying machine which scans the bar code, puts it into a database, prints the database serial number on the ballot and deposits it into a locked box. If the ballot is unreadable,the machine spits the ballot back out and the voter can try a different machine. If for some reason the tallying machine will not accept a voter's ballot, the ballot is placed in a separte locked box for manual tallying.
(4) After the election, database records are randomly audited to compare with paper ballots; paper ballots are likewise randomly audited to ensure that the bar codes correctly. The locked "ballot boxes" should have a mechanical counter which indicates the number of times they are opened; a proper log should be kept every time of every time the ballot box was opened and why.

Such a system would have the auditability of a paper system, with an electronic system's rapid and accurate tallying and ability to handle complex balots.

So many databases

[cubicledrone (681598)]

What is the fascination with Access? Why does every company seem to use Access for important data when there are so many other databases that are not only higher quality, but less expensive at the same time?

There is nothing funnier than companies that try to use Access as the database for 150,000-pageview-a-day websites. Middle management at its most entertaining.

Fingerprints ?

[kaamos (647337)]

Ok, I admit it, I really thought of fingerprints when I say touchscreen voting. Would anyone care to tell me what kind of screens are used for these touchscreens ? Would anyone with a little will be able to capture your fingerprint on the screen ? I mean, someone comes in, votes, wipes the screen real clean, you come in and vote, next guy comes in and uses that powder the police uses on the screen ? I see no real use for this informations, but still, privacy is privacy ...

screensavers

[Spetiam (671180)]

and these touchscreens can have marquee screensavers saying, "This whole thing is wildly inaccurate. Rounding errors, ballot stuffers, dynamic IPs, firewalls. If you're using these numbers to do anything important, you're insane."

why are they fighting a printing machine?

[asmithmd1 (239950)]

If the touch screen prints out a ticket that confirms your vote and you put half of the ticket into a locked box all the votes are completely auditable. The ticket could even have a long random number on it that you could use to confirm your vote was counted correctly. If there is a re-count they put all the neatly printed, voter confirmed ticket stubs through an optical reader. No pre-preinted ballots are needed, just a roll of ballot stock. Something is fishy here, must business want to supply a materials to a customer on an ongoing basis. Here they are fighting the customer telling them you don't want to mess with paper.

Re:why are they fighting a printing machine?

[Baron_Yam (643147)]

You can't have voting receipts... because that would make it too easy to corrupt the voting process.

Imagine a candidate with 'connections', who insists that you provide him with the opportunity to view your receipt the day after the vote - and if you don't show him a receipt with his name on it, his 'connections' hurt you, your family, or your property.

no system checks?

[vsync64 (155958)]

What really got me was the bit where one of their "engineers" was explaining how the "system test" is merely the normal POST. I'm currently in the process of writing a very simple inventory / cash flow management system for my employer, and I started building strict integrity checks and reports into it as one of my first steps. Meanwhile, the people making our voting machines can't be bothered?

I would never trust a machine...

[ferratus (244145)]

... for anything important such as voting. I'm a programmer, I do that for a living I've *never* seen a software project that didn't include quick hacks, known vulnerabilities by the dev team, ,a lazy programmer and a PHB.

The fact the matter is, EVERY software project has stuff like that.

I wouldn't trust a software (much less a closed source software) written by anyone (including NASA, govs, whatever) to do anything like this. And personally, I can't believe anyone who has worked in the industry would.

And that is, regardless of the project management techniques, reviews, whatever.

Re:I would never trust a machine...

[Sycraft-fu (314770)]

No, there are projects that aren't like that. Critical systems are engineered to a higher standard. Thats why they take so long, cost so much, and are infrequently updated. You can do a fully verified design where you control all teh hardware, all the I/O paths, etc. You make sure everything woks together as expected, check all I/O, test and retest and so on. You see this sort of thing in life saving devices like in hospitals, important communication devices like satalites, and for large cirticial finincial systems and so on.

However you can't do this on normal comodity systems. You have to control everything about the design, including all hardware and software to make sure no un expected interations occur. You have to test to the extreme, which means a slow dev cycle, and because of all the time and money and control, you can't release new versions often.

So an electronic voting system could be designed to that level of relibility. I mean think about the electronic banking systems. You just can't fuck up when billions of dollars are at stake. However there is a difference, with banking there is plenty to keep people honest. There are multiple banks, and they are overseen by governments. Any backdoors would hurt only the bank who implemented them. With a voting system, this isn't the case. There would be an intrest for the developers to be able to get in and manipulate the system, even (or perhaps espically) if the developer was the government for which it would vote.

Bigger Than Watergate?

[non (130182)]

these people [scoop.co.nz] think so.

Seminole County Florida

[glenrm (640773)]

I live in Seminole County Florida and we used optically scanned paper ballots, like those answer sheets in school that required a number 2 pencil (of course for voting pens are used). They are easy to use with the names on the ballot right next to the box you fill in. The results are read instantly when inserted in the box that holds the ballots, when a recount was ordered they just ran all of the ballots through again and had the results ready in a few hours. We have had this system for years (at least 10) and have had no problems, it is an easy answer to all of the issues that we are seeing with low-tech and high-tech voting machines. It provides a physical record and does not produce hanging chads.

EFF.org petition for electronic voting standards

[gdesignrr (710134)]

The EFF is organizing a petition to encourage IEEE to set trustworthy standards for electronic voting. Read about it and join the petition here:

http://www.eff.org/Activism/E-voting/IEEE/ [eff.org]

"EFF supports the IEEE in taking on the issue of setting standards for electronic voting machines. We also support the idea of modernizing our election processes using digital technology, as long as we maintain, or better yet, increase the trustworthiness of the election processes along the way. But this standard does not do this, and it must be reworked."

Open Source isn't the answer

[swillden (191260)]

Predictably, a bunch of /. responses focus on the fact that the source isn't available for public review as the primary problem, but that's irrelevant, and Bev Harris explained the correct solution quite clearly in the article.

Open source wouldn't be a bad thing, mind you, but why bother auditing the code? What you really want is to audit the *results*, and the easiest, best solution to that is also the simplest: Have the touch screen machines print paper ballots with a nice list of races and selected candidates. Then the voter can verify that they actually voted the way they wanted to, and the paper ballots can be counted and compared with the computerized tallies by anyone who wants to question the system.

As Harris points out, the fact that the manufacturers sem so dead-set on avoiding paper printing seems almost sinister... the solution is so obvious, and so simple that it makes you wonder what their true motivations are. They make a lot of noise about printers being too error-prone and difficult to operate, but that's just silly. Take a look at the thermal printers used by retail systems -- they work day in and day out for years with no more maintenance than replacing rolls of paper. Designing a workable printer for a voting booth wouldn't be trivial, but neither would it be an impossibility. The requirements are very simple: Be able to run for an entire day without jamming or running out of consumables, and print paper ballots that are easy to read and remain clear and legible for at least three years.

There are various minor improvements that can be made to this idea, such as a machine-readable section of the ballot to make automated verification easier, etc., but at bottom paper achieves a level of transparency and reliability that no purely automated system can ever achieve, no matter how many geeks have pored over the code.

Keep the touchscreens, but...

[Space Coyote (413320)]

Instead of storing the vote electronically, have the voting machine print off your ballot once you've voted, which you would then place into the ballot box. Increased accessibility and usability, no spoiled / ambiguous ballots, and no chance for loyal party members to control the electronic voting.

Open Source Is Not THe Answer

[StormyMonday (163372)]

Not the whole answer, at least.

We need to check, not only that the software has no obvious backdoors, but that

• The source code that is used corresponds to the source code that is audited (no "last minute fixes")
• The object code that is linked corresponds to the source code
• The executable that is in the machine is the same as the code that has been autited
• The compiler hasn't been screwed with
• The system libraries haven't been screwed with
• The OS hasn't been screwed with
• The BIOS hasn't been screwed with
• The hardware hasn't been screwed with
• There isn't any extra info hidden in any nonvolatile memory

I'm not that paranoid; there are probably any number of other things that could be screwed with and still have the code pass any kind of review with flying colors.

Paper ballots are the only answer.

Voting Machine Requirements

[kmahan (80459)]

Obviously these people are masters at gathering and implementing requirements from the various governmental entities that would use this.

Requirements:
1: Allow government to edit results
2: Make sure logs can be altered
3: Provide false sense of security

About access control....

[Polymath Crowbane (675799)]

I can't believe the Diebold folks actually said this:

Note however that even if we put a password on the file, it doesn't really prove much. Someone has to know the password, else how would GEMS open it. So this technically brings us back to square one: the audit log is modifiable by that person at least (read, me). Back to perception though, if you don't bring this up you might skate through Metamor.

There might be some clever crypto techniques to make it even harder to change the log (for me, they guy with the password that is). We're talking big changes here though, and at the moment largely theoretical ones. I'd doubt that any of our competitors are that clever.

I seem to recall that, back in the Dark Ages of the 70s, RACF was able to handle this kind of access control quite nicely. To say a log file can't be protected from the sysadm is either dishonest or incompetent. Either reason should be enough to disqualify a company employing someone like that in that position from anything requiring the public trust.

mechanical voting!

[goon america (536413)]

I don't know how you guys do it, but in my district we use these large mechanical voting machines. There is a wide board of switchs, you flip the switches for the candidates you want and then pull a big lever that resets all the switches to a neutral position and records your vote.

I don't have a verifiable paper trail, but I've never worried about something "hacking" a big box of gears, "bugs" in the gears, the big box of gears going on the fritz, or the gears being made to somehow fit some nefarious purpose. You can't "patch" the gears remotely.

I see no ways that this system is inferior to a touch screen system. THEY SHOULD USE WHATEVER VOTING SYSTEM WORKS THE BEST, NOT THE ONE THAT'S THE MOST "ADVANCED" AND EXPENSIVE.

Thank you.

Apparently the Diebold machines screwed up in FLA

[rsheridan6 (600425)]

lifted from a blog [blogspot.com]:

A remarkable exchange concerning Diebold's voting machines in Volusia County, Florida. On January 17, 2001, Lana Hines, a county elections official sends out an inquiry as to how Al Gore ended up with a vote-count of -16,022. That's NEGATIVE 16,022--which just happens also to have been the total number of votes cast for various independent and third-party candidates who also ran. (It was the largest number of such votes cast in Volusia County's history.)

Pay close attention to the final entry, from "Tab"--that is, Talbot Iredale, Vice President of Research & Development at Global/Diebold. The most troubling of his statement is in bold below. Iredale writes: ...the error could only occur in one of four ways:

1.Corrupt memory card. This is the most likely explaination for the
problem but since I know nothing about the 'second' memory card I have
no ability to confirm the probability of this.

2.Invalid read from good memory card. This is unlikely since the
candidates['] results for the race are not all read at the same time and
the corruption was limited to a single race.There is a possib[ili]ty that
a section of the memory card was bad but since I do not know anything
more about the 'second' memory card I cannot validate this.

3.Corruption of memory, whether on the host or Accu-Vote. Again this is
unlikely due to the localization of the problem to a single race.

4.Invalid memory card (i.e. one that should not have been
uploaded). There is always the possib[i]lity that the 'second memory card'
or 'second upload' came from an un-authorised source.

And that's only the tip of the iceberg.

When will this all-important story break out in the US mainstream press?

And Diebold has been sending cease-and-desist letters out to people who have covered this. This particular mistake looks like a screw-up rather than fraud, but either way I want no part of it.

This is ludicrous

[brunes69 (86786)]

You can check fingerprints on paper too you know. And with paper, you have the ability to say "This ballot was held by X and he voted for Y", whereas with a screen with some 5000 people touching it in 1 day, good luck finding any useable prints.

Re:This is ludicrous

[LilJC (680315)]

Not to mention that someone only need pull their sleeve over their finger if they're really that paranoid.

MDB? Are these people serious? They think Access has a chance of holding this number of records? I bet a single machine would be crawling by the end of a day.

And if they're going to export to a more suitable db anyway, why not just stick postgres or mysql on there to start? They need only be configured once, same as Access.

Not to mention the incredible drop in required hardware resources, which times all the voting machines to be used is tax money much better spent.

It seems to me that these voting systems should be given to a bidder, and then whatever system they consider can be scrutinized. Faster, cheaper, better, safer...

An even realer link

[Futurepower(R) (558542)]

An open invitation to election fraud [salon.com]

The U.S. government seems to me to be becoming more and more corrupt. As David Letterman recently said, "When you make out your check for the Iraq war, there are two Ls in Halliburton."

Money seems to be everything, the health of the country nothing. McCain is right, we need campaign finance reform.

Re:The story becomes more mainstream...

[AllUsernamesAreGone (688381)]

Depends how much they try to overlook it.

Re:The story becomes more mainstream...

[aqfoo (686118)]

I' waiting for this to happend, but it seems americans (USA americans, that is) don't give a damm for basic democratic principles. "The vote is secret" but a black box can record the order in which votes were cast, and *anybody* in the room knows the order in which voters came to the booth. "votes must be independently counted" black-box == !record there is no way for the representants of any party to check by hand. I was born in Costa Rica, the original banana-republic, but every costarrican child can explain to you why electronic voting in its present form is an invitation to electoral fraud. Do you trust the goverment of Florida to count the no-longer-exixting-ballots the right way?

It's a basic principle, all right

[John Miles (108215)]

No, that's not a basic democratic principle. That's a current principle used to encourage everyone to vote without fear of reprisal, but it's hardly a fundamental aspect of the system.

There are at least two reasons why you want secret balloting, one of them rather subtle. The obvious one is to prevent voter intimidation; the other is to keep people from being able to bring evidence that they voted for a particular candidate outside the confines of the voting booth.

Otherwise, I can park across the street with a sign reading, "$1 Paid For Each Vote for Candidate X" and buy votes from people coming out of the polling place with proof of their vote. Some of the machines being discussed would enable corrupt voters to do exactly that.

You really don't want to have any way to associate individual voters with their votes during or after an election. I'm sure there are tons of potential exploits beyond the few that I've heard of or thought of myself. Dropping the voter-secrecy requirement would be a major step in the ongoing banana-republicization of America.

Re:It's a basic principle, all right

[tsg (262138)]

The major flaw in a secret ballot, however, is that the only person who knows for sure how he voted can't verify his vote was counted correctly. The people who can verify the vote don't know what the vote is. There's no check. Even in a simple summation, You can't verify the output without knowing all the inputs.

Take a simple model of a non-secret ballot where everybody's vote is published in a newspaper the day after the vote. John Q. Public can check the paper, verify his vote was recorded correctly, and verify that all the votes add up to the reported total. There's no opportunity for fraud except for the case of vote buying but then the voter is a willing participant, and, in fact, can be done in the existing system through absentee ballots.

What's needed is a method where the voter can verify his vote and the reported totals without sacrificing his anonymity. Then it doesn't matter if the vote is cast on paper, electronically, or by smoke signals. It then becomes an argument over which system is more efficient (less mistakes, faster results, etc.) rather than which system is more open to fraud.

Re:It's a basic principle, all right

[87C751 (205250)]

What's needed is a method where the voter can verify his vote and the reported totals without sacrificing his anonymity.

Dead simple. Take a SHA1 hash of the voter's name and address, a secret string Joe entered at the polling place and the candidates he voted for. Publish the list of hashes in the paper. Joe Voter calculates the hash himself and looks for it in the list. If it's not there, someone is playng games. You need the secret string because Joe's name and address are public knowledge.

Re:It's a basic principle, all right

[LizardKing (5245)]

Could you explain why, exactly, this is a problem? If someone chooses to sell their vote, why shouldn't they be allowed to do so? This is a serious question.

Because it undermines the whole notion of voting for a candidate because of the things they promise to do once in power. Bad election practices such as these were common in parts of England until the nineteenth century. "Rotten boroughs" with small numbers of eligible voters could be used to ensure a candidate got into parliament. Even after the widening of the franchise a mixture of bribery and coercion was common, with small farmers and manual labourers expected to vote how their bosses saw fit.

Chris

Wow, Diebold can

[Futurepower(R) (558542)]

Quote from the article: While seeking information last January about a voting-machine company for a book she was writing, she found a Web site "on about the 15th page of Google." The open, unprotected site held some 40,000 files that included user manuals, source code and executable files for voting machines made by Diebold, a corporation based in North Canton, Ohio.

Quotes from the above article:

[Futurepower(R) (558542)]

Quotes from the above article:

No official at Diebold or the Georgia Secretary of State's office has provided any explanation at all about the OTHER program patch files -- the ones contained in a folder called "rob-georgia" on Diebold's unprotected FTP site.

Inside "rob-georgia" were folders with instructions to "Replace what is in the GEMS folder with these" and "Run this program to the C-Program Files Winnt System32 Directory." GEMS is the Diebold voting program software.

Another quote:

- And assume that all 22,000 program patches did exactly what they said they did: Corrected a conflict between Windows CE and Diebold's firmware to prevent screens from freezing up.

Re:Another article by Bev Harris:

[BevHarris (700957)]

Just so you know: I have never "published articles in Conspiracy Planet."

Just as the Salon.com article was picked up here at Slashdot, Conspiracy Planet picks up articles from wherever it wants. It copied an article that was in Scoop Media. The Seattle Times reporter was somewhat misleading, and he was determined to get the word "conspiracy" into the article somehow.

I put him on notice that if he called me a conspiracy theorist, he would have to back that up with facts or I would require the editors to print a correction. Then he said "well, I'll just print what others say about you."

This guy did everything but stand on his head to slant the story, but I blocked most of the efforts. Something he fails to report in his story is that the Microsoft Access hack that is the subject of the Scoop Media article, the Ken Clark memo, and the Salon.com article (and was vetted out right here on Slashdot) -- well, I demonstrated that hack in front of the Seattle Times reporter, the IT guy for the Times, and a Seattle Times photographer, who commented, "Wow. This shows you can rig an election."

The reporter's use of the "Conspiracy Planet" reference was pretty disengenuous, when you realize that he knew damn well my work has also been covered in the Washington Post, AP Wire service, the San Francisco Chronicle, and CNN.

As you can see, I'm getting sick of the "conspiracy" label, since I've broken seven stories in a row on the voting issue and every one of them has checked out and, eventually, been picked up by the mainstream media, albeit haltingly. For a long time I just ignored it, but now, when reporters try to go there, I tell them to back it up or get hit with a correction, and if they don't correct, a libel suit.

Sad that it has to come to this -- printing facts is not the same thing as being a tinfoil hatter. What I do is scrutiny, and my facts check out.

Bev Harris

Re:Seattle Times Artcile

[corbettw (214229)]

Why is this so hard to do? I mean, really, if you're gonna provide a link, at least make it a link! [nwsource.com]

Re:PORKY PIG DAVIS CLINTON BLACK HELICOPTER

[hey! (33014)]

I'm inclined to agree with you on the punch card issue delaying the CA election. However, I think punch card systems should be replaced with better systems if possible.

Pray that Queen Hillary the First doesn't make it into the white house in 2004, because if that happens who knows, we may see judges deciding elections from now on.

Isn't that what happened in the last presidential election? As a Democrat, I'm not bitter about it. The bottom line is that FL was a statistical tie; the margin of victory was smaller than the margin of error for ballot tallying. Nobody really knows what the intent of the electorate was with sufficient precision to state with true confidence who "actually won". Both parties were playing games with recount methods to try the skew the results in their favor. The irony is that subsequent analysis suggests that both parties were wrong about which method would have supported their candidate best.

I take away some different lessons from FL than most.

(1) The electoral college has some usefulness. The president is elected by electors, not popular votes. Therefore there is no question that Bush received the electoral votes of FL and that therefore he is the legitimately president of the US. There is a question whether the electors voted as they ought to have; however they are not really bound to vote in any particular way. If they voted with what was, in their opinion, the plurality of the electorate, then they really can't be criticized.

(2) Electronic voting machines would have helped, provided there was no fraud. The problem is of course it is impossible with current generation machines to prove this. There is no doubt that in the absence of fraud electronic machines would provide a more precise count. However,

(3) Concern about precision of tallying is misplaced. The real problem is that the method of the election, plurality voting, is so bad. Suppose Bush won the plurality of voters; this is by no means certain, but it doesn't really matter. Gore would have won by a clear margin in a head to head race, but Nader spoiled the election for him. I don't want to get into an argument about whether Nader should have taken this into account. No candidate should ever have to take the possibility of election spoiling into account, because we should have an electoral system which handles multi-way races better.

In short, electronic voting machines are a "quick fix" to a broken system; however they're fixing an aspect of the system that really is not so terribly bad. Even if they were perfectly secure, auditable and accurate, which they are definitely not, they wouldn't make much difference at all, especially in the CA recall election.

The real reason that the CA recall election should not go forward is that plurality elections with over a hundred candidats are nearly bound to produce a capricious result. Virtually the only system that is workable in this scenario is approval voting. Under approvial voting voters would check off all the candidates they would consent to have as governor. The candidate most widely approved of wins. Approval voting is simple to understand, requires only a single round, doesn't require the voters to rank candidates in an enormous field where they may not be familiar with most of them.