Forgot your password?
typodupeerror
Censorship United States Your Rights Online

Diebold Issues Cease and Desist to Indymedia 421

Posted by michael
from the speak-no-evil dept.
h0mee writes "Diebold, manufacturer of election equipment, has issued a Cease and desist notice to the upstream provider of San Francisco Indymedia for having links to mirrors of a leaked internal diebold memo. More than just a case of a leak, Diebold has been raising a lot of questions about the fairness and security of elections in the United States. (Perhaps it's time for peer reviewable software like gnu.free? ;)"
This discussion has been archived. No new comments can be posted.

Diebold Issues Cease and Desist to Indymedia

Comments Filter:
  • Only in America (Score:2, Insightful)

    by Anonymous Coward

    could the goverment actually convice its people that by pressing a button on an ordinary computer you have a democracy
  • Support Indymedia! (Score:5, Interesting)

    by quigonn (80360) on Saturday October 18, 2003 @08:06AM (#7247640) Homepage
    Indymedia is a very important platform in the current world where most people are influenced by mass media. So, support them by giving them webspace outside of the USA, so that they will be able to continue exercising their right to free speech!
  • Given the current overly coroprate friendly environment in US-Justice and vice-versa, I would like to take a bet that this will not be resolved and that Diebold will be free to win elections for it's favourite party.
    • I don't seem to recall this many investigations, procescutions, and leaks since the days of Reagan near the time of the S&L crisis.

      Seems to me a lot of companines are now coming under scrutiny from a combination of things. Public sentitment, investor anger, and a Justice department that does act.

      Yes they allow some things to slip by, but do the other 3 groups.

      Remember, the DOJ just isn't in Washington. Ashcroft is a favorite whipping boy because he is the most visible part. He gets credit for some
  • by Little Brother (122447) <kg4wwn@qsl.net> on Saturday October 18, 2003 @08:09AM (#7247651) Journal
    Guys, like always, you're jumping the gun a little bit in favour of Free Software. I do not deny that an open project could be usefull in voting machine technologies, but that is far from the only solution. All that is truly needed is accountability built into the system. If a commercial product created a paper-trail that could appeald to in case of a challenge of the voting results (and the voters could see their vote choice printed) it would solve the major problems the diebold systems were designed to have. True, a GPL'd solution could do this as well, but when we start saying that no commercial product will work, we start to look like zealots who's primary goal is to get Free Software out everywhere. The issue this time isn't free vrs non-free software, it is free vrs. non-free elections: if such is possible this is a more important issue than Free Software proliferation.
    • by DAldredge (2353)
      Just use paper! Is it really that hard?
      • If you use paper, then you actually have to LIE about the election results to make them in your favor instead of just altering them in the database.
      • Just use paper! Is it really that hard?

        Yes.

        It adds a whole new set of problems. Adding an electromechanical device like a printer would greatly reduce system reliability and increase maintenance and operation costs. Making things worse, these systems sit in storage for months between elections. What are the environmental controls, if any, in the storage facility? The customer expects to pull these units from storage, power them up, and have them work. The customer is not going to have a dedicated gro

        • No. Paper and A pen. Nothing that uses electricity.

        • You know, pencils are really cheap.
        • I'm sorry, but that sounds like hogwash. Have you ever played the lotto? Don't they give you a print out on your bet? The information goes to a central database, but you DO get a paper receipt. Of course... but we are talking something very important here: money.
    • GPLed software does not rule out a commercial solution. You can still pay someone for writing the software and since it is linked to the hardware anyway, what speaks against opening the source. It does not even have to be GPLed, you just need to be able to verify the software.
      I for one would like to have a system, where I get some kind of receipt (maybe a chipcard or a code number) which I can use to verfy my vote anonymously on the internet or at a verification station.
      All this is possible and can be done
    • Now, michael didn't say Free Software is the only way to go, he just suggested it as one possible solution. I don't see a problem with that. Interestingly, if you actually follow the link he provided to free-project.org, it contains this statement:

      We used to develop the GNU.FREE Internet Voting software and we retain a strong interest in electronic voting issues, primarily through advocating why we feel it's an undesirable advance. Apparently, they're no longer fully interested in developing internet

    • by nagora (177841) on Saturday October 18, 2003 @08:36AM (#7247724)
      All that is truly needed is accountability built into the system. If a commercial product created a paper-trail that could appeald

      Which means open-source of some sort. Anything else can be rigged, including the paper trail it produces. No part of the election process should be hidden from the electorate, whether comuterised or mechanical. Is that zealotry? It sounds like Common Sense to me.

      TWW

      • Anything else can be rigged, including the paper trail it produces.

        Open source can be rigged too. In order to rig a simple system of printed paper ballots (where for example a touchscreen voting system prints out a ballot which only has the desired candidate names printed, in easily scannable fonts, and the voter then folds this ballot to hide the vote from view and places it through a slot into a transparent case), one would have to physically interfere with the ballots at many separate polling places.

        • Closed source software suffers from those same problems, but on a much larger scale.

          If we have to have electronic voting, open source is the only good solution -- it's the only OPEN system. Combine it with a signed build which can be verified by the local operators, and that's about as good as e-voting will get.

          Of course, good old low-tech paper ballots are still better. You know, the kind where the voter draws a line between arrows with a permanent marker, rather than relying on a machine to correctly re
      • My favorite is a large piece of paper and a bingo marker. If you MUST, you could put it on heavy paper and run it through an optical scanner, but it's easy to count by hand. And cheaper. And probably more reliable. And harder to cheat at.

        • My favorite is a large piece of paper and a bingo marker. If you MUST, you could put it on heavy paper and run it through an optical scanner

          This is more or less what we do in Iowa (and it's been this way for a long time). The ballots are marked with a No. 2 pencil, and scanned by machine. The results of our elections are available within minutes of the election's end. But, the ballots are very clear and easy to hand-count, should it be necessary. Here [johnson-county.com] is an example of what the ballots look like.
      • A voter-verified paper trail should be hard to rig, unless you tampered with the rest of the process (allowing non-registered voters to vote, multiple votes, deliberately invalidating votes, putting up police roadblocks in front of some voting stations, etc). All of these are possible in any system, and are done. (It's disgraceful that people paid so much attention to hanging chads in Florida, when black voters were much more maliciously and deliberately denied their right to vote in 2000)

        Voter-verifie

    • True, a GPL'd solution could do this as well, but when we start saying that no commercial product will work, we start to look like zealots who's primary goal is to get Free Software out everywhere.

      There is no conflict between Free Software and commercial products. In fact, it's very likely that any Free Software-based voting system would be a commercial product. The point here is that voting machines are a major component in the engine of democracy and that there is absolutely no reason why they should
    • by kfg (145172) on Saturday October 18, 2003 @08:57AM (#7247777)
      Please see Ken Thompson's totally moby hack of Unix, providing a back door even if a system was built from audited code.

      http://catb.org/~esr/jargon/html/B/back-door.htm l

      A "Paper Trail" is worthless with computer based voting machines unless the entire system is completely transparent to outside observers.

      When it comes to elections no one, no one company and no one thing can be trusted without massive public oversight.

      And most specifically the governement itself is the entity least trustable to "certify" that an election process is fair and properly conducted. I'm an American but I've lived through "democratic" elections in a third world country.

      If the the press cannot hire its own experts to completely examine the system and freely publish its results there is no democracy.

      KFG

      KFG

      KFG
    • I'm usually considered a moderate bordering on Microsoft apologist but this time I whole-heartedly side with the zealots.

      Transparency is the key to this. Any hidden source code is a bad thing.
    • The useful half of this really matters. This is a case where I don't care if we can sell competing products, but I do care very much that the source open for review.

      Even a Microsoft-style shared source license would be better than the status quo, though it pains me to say so.
    • True, a GPL'd solution could do this as well, but when we start saying that no commercial product will work, we start to look like zealots who's primary goal is to get Free Software out everywhere.

      That's not the first time a comercial software advocate has stooped to name calling. I'll ignore it because it adds nothing.

      I'd like you to name one advantage of closed source software and tell me how this outwheighs the need for public transparency in the electoral process. I can easily show that closed sourc

    • but when we start saying that no commercial product will work, we start to look like zealots who's primary goal is to get Free Software out everywhere.

      I could be wrong, but from what I've read here on Slashdot for the past 4 or 5 years, that IS the goal of a lot of people here...

      -- Dr. Eldarion --

    • An open solution is the ONLY solution. With paper ballots, the system is open to inspection and review. With closed software OF ANY TYPE, it is not.

      Like always, you're jumping the gun a little bit in favour of Commercial Software.
    • A lot of the respondents below are missing Little Brother's point. Salon had a great interview [salon.com] with Bev Harris disussing this. Anytime there is no paper trail, there's always going to be a question about the veracity of the audit log. For example, the machines could be tampered with at the point of voting. Yes, I'm sure the open-source wizards would come up with the perfect solution, because we all know there are no vulnerabilities in Linux, right?

      The solution is simple. Touch screen voting. The machine
  • We need someone to come up with a GPL'd project that is an OS that does ballots on the x86 platform which is open source and workable, freely downloadable and testable then get people together to demand that it be put on election systems instead of using questionable ones.
  • by johannesg (664142) on Saturday October 18, 2003 @08:11AM (#7247658)
    E-voting is simply a bad idea. Voting needs to be done using paper, in order to keep accountability. Paper, once written, cannot be changed and can always be recounted. Software offers no such guarantee, not even if a thousand 'experts' all proclaim the software to be safe.
    • No, e-voting can make things much simpler. But for reasons of security, these machines must also print a audit trail on paper, so that the votes counted eletronically can be checked against the audit trail, and it must be written in a way that the voter can check whether it was written correctly. The Diebold machines do not meet these criteria, writing an audit trail only into an Access database.
      • these machines must also print a audit trail on paper, so that the votes counted eletronically can be checked against the audit trail,

        So why bother with the electronic counting? If you are going to count the audit trail there's no point in the electronic count and if the audit trail isn't counted then the electronic system can happily push the vote 2 or 3 percent towards the paying candidate, while printing a fake paper trail, and no one will ever know.

        TWW

    • by harriet nyborg (656409) on Saturday October 18, 2003 @08:46AM (#7247752)
      E-voting is simply a bad idea.

      Hear, hear.

      The important thing in democracy is not the voting, it's the counting.

      Any technology introduced to improve the act of voting cannot make the act of counting less transparent or democracy suffers.

      It is apparent that Diebold's systems (not to mention Diebold's paranoia for secrecy) render the act of counting less accountable and less transparent. Ergo, democracy suffers.

      If used in a close election - where exit polling and other secondary measurements are unable to confirm the results of the counting - the wrong person might actually get elected President of the United States of America.

      With no sense of responsibility to the coutry at large, this illegitimate President might launch a series of Napoleonic wars to to compensate for his own feelings of inadequacy.

      I digress into fantasy... the little blue ones I washed down with all those adult beverages must be kicking in.

      • If used in a close election - where exit polling and other secondary measurements are unable to confirm the results of the counting - the wrong person might actually get elected President of the United States of America.

        That probably happened in the last election for US President. I say "probably" because so much spin surrounded the shenanigans over postal ballots and turning away of registered voters (erroneously barred as former felons) that I may have misinterpreted the evidence.

      • The important thing in democracy is not the voting, it's the counting.

        I think that really, voting is as important as the counting, and neither can be had without the other.

    • E-voting itself is not a bad idea (the convenience of not having to deal with reams of paper ballots, fewer counting mistakes ("hanging Chad"), etc.). However, there needs to be a better audit trail left. If the voting machine simply reports the count, then it is noy good. It should be hooked up to a printer, where it can print out a little cards with a 2-D barcode (like PDF417, with lots of error-correction) on them, which can be counted with high accuracy on a scanner, in case of a dispute.

    • Paper, once written, cannot be changed and can always be recounted.

      This matters only in theory. Apparently, the US voting system is so flawed that electronic voting is "good enough", compared to the other irregularities. Please keep in mind that the result of the last US presidental election in Florida was determined by (re)counting, but by a decision of the locall state parliament, and also that voter registration seems to introduce quite a bias in who is eligible to vote.
      • I agree that there were irregularities in Florida, but disagree with this statement:

        . . . and also that voter registration seems to introduce quite a bias in who is eligible to vote.

        Voter registration, per se, does not introduce any bias (abuses like erroneous felon lists in Florida notwithstanding). It does cause a self-selection--that is, those who vote are those willing to take the time to register. This is why I oppose laws like "Motor Voter" and other efforts to make registration automatic. I also ve

    • I agree 100% on accountability, BUT e-voting is like any other technology something that can make the system much quicker and more efficient.

      It takes a lot of time, effort and man power to count thousands or millions of votes. eVoting would defintely speed up and cheapen that process...

      but again, I agree that before e-voting takes off there must be accountability on par with or better than our current system.
    • I hear that. If I'm going to fight and be dragged through the muck, let it be over an RFC or IEEE spec about secure vote tallying over an open network, and documenting standards for electronic machines.

      The government has standardized the diameter of fire hoses, the output of a voting machine should be cake.

    • Right, cause there is NEVER any fraud using paper.

      Paper ballots can be conveniently lost or stolen, altered, miscounted by biased observers, or a affected by a whole host of bad behavior.

      With a free and open source e-voting system, we can elminiate much of the bias by having a neutral, unemotional party tally the vote. And hopefully in the future we can cross reference voters with databases so insure they haven't voted twice, are legal citizens, aren't dead, and aren't felons.

      Brian Ellenberger
    • Can't you provide the best of both worlds, i.e. computer enter and automatically tabulate results, but still provide multiple paper copies of each vote (one for voter and one for electoral commission) that can be verified later? And yes, the voters themselves need to verify that the audit trail copy to be saved for recounts matches their actual intentions, so a Write Once Read Many (WORM) drive or any other media that is not directly readable by a human being is worthless.
  • by asmithmd1 (239950) * on Saturday October 18, 2003 @08:24AM (#7247687) Homepage Journal
    Here [scoop.co.nz] is a link to the memos thaty actually works
  • Simple System (Score:2, Interesting)

    by sjlutz (540312)
    How about just an electronic voting system that has redundancy. Example:
    1) User votes for who they want to and it is recorded
    2) Machine prints out card with users vote
    3) Card is checked by user for accuracy
    4) Card is then re-inserted into machine to generate the backup tally.

    If the tallies from 1 and 4 don't match, the cards are "certified" and then rerun.

    • 3) Card is checked by user for accuracy

      How often do you think this actually happens? Generally, you're lucky if you can get people out to vote for Tweedledum or Tweedledee, asking them to do some work when they get there is going too far.

      Even if they do check I can think of a couple of ways to rig it anyway if you just need or want a few percent onto your candidate/brother's vote.

      Just get a piece of paper, put a mark on it, get a bunch of people to count the marks.

      TWW

      • Re:Simple System (Score:2, Insightful)

        If people are put off by putting in a little effort, it's just fine with me that they don't vote. People who are willing to put forth effort will decide elections, and everyone will benefit.
        • People who are willing to put forth effort will decide elections, and everyone will benefit.

          Which is, of course, an argument for not having any electronic voting. Which is fine by me.

          TWW

      • Re:Simple System (Score:3, Insightful)

        by Bronster (13157)
        3) Card is checked by user for accuracy

        How often do you think this actually happens? Generally, you're lucky if you can get people out to vote for Tweedledum or Tweedledee, asking them to do some work when they get there is going too far.

        It doesn't matter if it's only 1% of people who are doing that - if they notice that the machine hasn't printed what they asked for, they'll kick up a stink. More than a couple of people do that and the whole system will be called into question.

        It's the same basis on
        • It doesn't matter if it's only 1% of people who are doing that - if they notice that the machine hasn't printed what they asked for, they'll kick up a stink. More than a couple of people do that and the whole system will be called into question.

          Which is why you don't do it on every ballot and you allow a "re-try" option which is programmed to work correctly and various other methods of alaying suspicion.

          TWW

    • Let's use your admirable system, but assume that DiBold implements it. DiBold can change the results within the accuracy of a hand count and change the result of an election. The memos leaked indicate that this was not only possible, but that it was easy to do.

      The attitude of DiBold's staff is unacceptable. Here's two outright shockers:

      Ken Clark, dismmising a concern about no password being needed to modify the audit logs, "Of course everyone knows perception is reality." The idiot then goes on to des

    • Of course, anyone can still go in there afterwards and open the unprotected databases with Excel and change the contents of them...

      -- Dr. Eldarion --
    • 4) Card is then re-inserted into machine to generate the backup tally.
      If the tallies from 1 and 4 don't match, the cards are "certified" and then rerun.


      And the software has a routine in it to report a 'match' between the real and the backup tally, no matter what the actual result.

      At any point in the stream, the s/w could be made to report whatever the people who wrote want.
      Unless there is a LOT more stringent pre-election auditing and security.
    • Re:Simple System (Score:3, Interesting)

      by ca1v1n (135902)
      I am reminded of an old adage, paraphrased here because I cannot find the exact text. "When headed to sea, take 1 compass or 3, but never 2."

      To make matters worse, having a card printed out allows for chain voting. This is a scheme in which one voter sneaks their card out of the polling place, shows it to someone who pays them for their vote, and hands it to the next person who drops it in after they're done voting, and brings their card to get paid, and so it goes and so it goes. The first person can s
  • by Anonymous Coward
    This isn't the only site that Diebold has shut down. I guess it just finally went far enough to get posted here. blackboxvoting.org is another one.

    No educated person can believe that these systems are anything but a predesigned plan to subvert elections. It is impossible to make computer voting secure without compromising the secret ballot. Even the most basic steps to make these systems secure have not been taken.

    There's no way to fix computer voting. Diebold will "fix" their security problems and it wi
  • A hash is made based on the votes selections, voting location, vote submittal time, etc. Basically everything but the voters name (one (wo)man, one vote doesn't mean traceable).

    This hash is printed and/or emailed to a voter-defined email address (which could default to a 3rd party organization if the voter has no email). This email would contain a link that when clicked would query the central database of tallied votes. If the user-passed hash string is contained within the tallied votes, all is A-OK. If i

    • Not anonymous (Score:5, Insightful)

      by Effugas (2378) on Saturday October 18, 2003 @09:57AM (#7247999) Homepage
      The fundamental problem is that it needs to be impossible for me to prove to a vote buyer that I voted one way or another.

      If I can prove to myself my vote was counted a certain way, so too can it be proved to others. And then votes get bought.

      This is a _hard_ problem, and alot of it comes from misunderstanding the nature of it.

      --Dan
  • by Anonymous Coward on Saturday October 18, 2003 @08:56AM (#7247776)
    Internal Memos: Diebold Doing End-Runs Around Certification

    Friday, 12 September 2003 (PDT)
    By Bev Harris - blackboxvoting.org

    http://www.blackboxvoting.com

    If certification isn't being done properly, the whole house of cards falls. Below are actual copies of internal Diebold memos which show that uncertified software is being used in elections, and that Diebold programmers intentionally end-run the system.

    Quick backgrounder first, scroll down to see the memos.

    BACKGROUND

    Our voting system, which is part of the public commons has recently been privatized. When this happened, the counting of the votes, which must be a public process, subjected to the scrutiny of many eyes of plain old citizens, became a secret.

    The computerized systems that register voters, will soon sign voters into the polling place using a digital smart card, record the vote we cast, and tally it are now so secret they are not allowed to be examined by any citizens group, or even by academics like the computer scientists at major universities.

    The corporate justification for this secrecy is that these systems adhere to a list of "standards" put out by the Federal Election Commission, and that an "ITA" (Independent Testing Authority) carefully examines the voting system, which is then provided to states for their own certification.

    As it turns out, the states typically do not examine the computer code at all, relying instead on a "Logic and Accuracy" test which will not catch fraud and has frequently missed software programming errors that cause the machines to miscount.

    A Diebold message board has been used since 1999 to help technicians in the field interact with programmers to solve problems. The contents of this message board were quietly sent to reporters and activists around the world, most likely by a Diebold employee. In a letter to WiredNews, Diebold has acknowledged that these memos are from its own staff message boards.

    Without further commentary, judge for yourself whether Diebold has been following certification requirements:

    From Nel Finberg, Technical Writer, Diebold Election Systems

    (Note: Metamor/Ciber is the ITA assigned to certify the software)

    alteration of Audit Log in Access

    To: "support"
    Subject: alteration of Audit Log in Access
    From: "Nel Finberg"
    Date: Tue, 16 Oct 2001 23:31:30 -0700
    Importance: Normal

    Jennifer Price at Metamor (about to be Ciber) has indicated that she can access the GEMS Access database and alter the Audit log without entering a password. What is the position of our development staff on this issue? Can we justify this? Or should this be anathema?
    Nel

    Reply from Ken Clark, principal engineer for Diebold Election Systems

    RE: alteration of Audit Log in Access

    To:
    Subject: RE: alteration of Audit Log in Access
    From: "Ken Clark"
    Date: Thu, 18 Oct 2001 09:55:02 -0700
    Importance: Normal
    In-reply-to:

    Its a tough question, and it has a lot to do with perception. Of course everyone knows perception is reality.

    Right now you can open GEMS' .mdb file with MS-Access, and alter its contents. That includes the audit log. This isn't anything new. In VTS, you can open the database with progress and do the same. The same would go for anyone else's system using whatever database they are using. Hard drives are read-write entities. You can change their contents.

    Now, where the perception comes in is that its right now very *easy* to change the contents. Double click the .mdb file. Even technical wizards at Metamor (or Ciber, or whatever) can figure that one out.

    It is possible to put a secret password on the .mdb file to prevent Metamor from opening it with Access. I've threatened to put a password on the .mdb before when dealers/customers/support have done stupid things with the GEMS database structure using Access. Being able to end-run the database has admittedly got people out of a bind though. Jane (I think it was Jane) did some fancy footwork on the .mdb file in Gaston recently. I know our dealers do it. King County is famous for it. That's why we've never put a password on the file before.

    Note however that even if we put a password on the file, it doesn't really prove much. Someone has to know the password, else how would GEMS open it. So this technically brings us back to square one: the audit log is modifiable by that person at least (read, me). Back to perception though, if you don't bring this up you might skate through Metamor.

    There might be some clever crypto techniques to make it even harder to change the log (for me, they guy with the password that is). We're talking big changes here though, and at the moment largely theoretical ones. I'd doubt that any of our competitors are that clever.

    By the way, all of this is why Texas gets its sh*t in a knot over the log printer. Log printers are not read-write, so you don't have the problem. Of course if I were Texas I would be more worried about modifications to our electronic ballots than to our electron logs, but that is another story I guess.

    Bottom line on Metamor is to find out what it is going to take to make them happy. You can try the old standard of the NT password gains access to the operating system, and that after that point all bets are off. You have to trust the person with the NT password at least. This is all about Florida, and we have had VTS certified in Florida under the status quo for nearly ten years.

    I sense a loosing battle here though. The changes to put a password on the .mdb file are not trivial and probably not even backward compatible, but we'll do it if that is what it is going to take.

    Ken

    Reply by Nel Finberg

    RE: alteration of Audit Log in Access

    To:
    Subject: RE: alteration of Audit Log in Access
    From: "Nel Finberg"
    Date: Wed, 17 Oct 2001 14:48:16 -0700
    Importance: Normal

    Thanks for the response, Ken. For now Metamor accepts the requirement to restrict the server password to authorized staff in the jurisdiction, and that it should be the responsibility of the jurisdiction to restrict knowledge of this password. So no action is necessary in this matter, at this time. Nel

    From Tyler to Ken Clark, Diebold Election Systems

    Re: Nichols Lab

    To: >,
    Subject: Re: Nichols Lab
    From: "Tyler"
    Date: Mon, 15 Feb 1999 14:04:19 -0600

    In point of fact, the user documentation MUST be completed before attempting certification. It is my understanding that the documentation is a certification requirement. I don't know how closely Nichols will scrutinize the documentation, but I wouldn't feel comfortable going forward with certification with what we have for GEMS. Ostensibly, the documentation we submit to Nichols will become the "certified" documentation and we ostensibly shouldn't provide anything but that to customers. But then again, with regards to the entire NASED certification process, I can never quite get a handle on the relationship between "ostensible" and "reality."... :-)

    From Ken Clark

    RE: AVTS - Diagnostics & Installation

    To: "Support Team (E-mail)"
    Subject: RE: AVTS - Diagnostics & Installation
    From: "Ken Clark"
    Date: Tue, 6 Jul 1999 16:41:56 -0500
    Importance: Normal

    > From: owner-support@gesn.com On Behalf Of > Juan Rivera

    > > I do not feel that it is necessary or desired to do this on each and every > election. We, the manufacturer, are supposed to set the > procedures to follow > for this equipment since we build it.

    I hate more than anyone else in the company to bring up a certification issue with this, but a number of jurisdictions require a "system test" before every election. I just helped Knecht yesterday with an RFP from Riverside that required this. That is why the AccuVote displayes the silly ***System Test Passed*** message on boot up instead of "memory test passed", which is all it actually tests.

    No argument from me that it is pointless. You could probably get away with a batch file that prints "system test passed" for all I know. We will do something along those lines with the new unit after a memory test or whatever.

    Ken

    From Ken Clark

    RE: Testing sb100 database 1.14.2 (asap please)

    To: "SUPPORT (E-mail)"
    Subject: RE: Testing sb100 database 1.14.2 (asap please)
    From: "Ken Clark"
    Date: Fri, 7 Jan 2000 09:38:52 -0600
    Importance: Normal

    > Do you all think it would be a good idea to get Jeff Dean to send us 10 or > so precincts by eight parties with pre-printed test decks from one of the > California sites for Jane to test AccuVote and CC???? If so, > I'll call Jeff > Dean and set up asap.

    *Any* testing we can do on 1.14 is a good idea. With the risk of sounding alarmist, 1.14 really needs more testing. Even though much of GEMS looks the same from the outside, the guts changed substantially between 1.11 and 1.14. That's why you see all kinds of things completely unrelated to shadow races broken in the early 1.14 releases.

    Hats off to everyone posting 1.14 bug reports.

    Ken

    (The above memo is important because it documents that the "guts" of GEMS 1.14 are substantially changed from the certified version, 1.11 -- it was then used in elections, but according to Diebold's own chart of which versions were certified, version 1.14 was never certified.)

    From Steve Knecht

    1.14 vs. 1.15 GEMS versions

    (uncertified versions used.)

    To: "Global Support"
    Subject: 1.14 vs. 1.15 GEMS versions
    From: "Steve Knecht"
    Date: Fri, 14 Jan 2000 17:10:34 -0800

    Is it the intention of development staff that California March election will be run on some version of 1.14 or will we end up in the 1.15 range. Can you comment on the following: Are the changes being made now to 1.15 GEMS things that are in the ballot layout realm, and will not impact ballot processing, or tabulation issues?? In other words, is it possible that changes made from now on will break things we're starting to test, such as memory card up/download, central count, etc. We are beginning testing of 1.14.4 this week. Should we be testing with something else?

    I guess a little summary picture of what you expect over the next 3 weeks of testing would be helpful. I'd say we will have to lock down GEMS by mid - February, AVTS ballot station is to go on-line, along with a pollbook function by Feb. 7, but we are supposed to do testing and L&A prior to this. No panic yet, just wondering where we're going to lock some of this down for the March primary.

    Here is the related memo from Ken Clark:

    Needless to say, the changes were extensive. The paint is still wet, and I expect people will want some tweaks in functionality as well as the obligatory bug fixes. We'll treat the early 1.15 series as "prereleases" for LHS testing so California does not have to suffer. Once 1.15 looks at least as solid as 1.14 though, we'll end the 1.14 branch. 1.14 and earlier Databases will upgrade to 1.15 without harm as usual. People testing 1.14 are encouraged to try out 1.15 to avoid any surprises when they are forced to upgrade.

    Ken

    (Here is a whole series of odd memos pertaining to how they should handle the inconvenience of an uncertified version number popping up on the screen in Florida)

    From Greg Forsythe

    Florida Certified Versions

    To: "Support"
    Subject: Florida Certified Versions
    From: "Greg Forsythe"
    Date: Thu, 17 Feb 2000 11:12:02 -0500
    Organization: Global Election Systems, Inc

    Just received a call from Beverly Hill, Alachua County. She has a survey form from the state regarding versions and things. She is at the SA screen and the version is 1.92-15. Saturday, Feb. 12 she created a screen test database. This copy has 1.92-14. 1.92-14 is certified, 1.92-15 is not. SOLUTION REQUIRED! Greg Forsythe

    Re: Florida Certified Versions

    From Nel Finberg

    To:
    Subject: Re: Florida Certified Versions
    From: "Nel Finberg"
    Date: Thu, 17 Feb 2000 09:51:10 -0800

    I am currently looking into the problem with Beverly. Nel

    From Greg Forsythe

    Re: Florida Certified Versions

    To:
    Subject: Re: Florida Certified Versions
    From: "Greg Forsythe"
    Date: Thu, 17 Feb 2000 12:55:09 -0500
    Organization: Global Election Systems, Inc
    References: 1.14 qualifies as long haul or not. That really depends on your comfort level. There is never any harm in ordering a CD. Other frequently asked questions while I am here:

    Features are always propagated forward. I suppose one day we might remove a feature, but I've never seen it happen.

    Baring bugs, artwork and memory cards are still compatible after GEMS upgrade unless there is a big announcement to the contrary. Its only happened once that artwork was incompatible after upgrade, and memory cards have never been incompatible.

    The database changes between major releases (1.15->1.16) but not minor releases (1.16.1->1.16.2). You can downgrade out of trouble between minor releases, but a major release upgrade is a one way trip.

    Ken

    From Jeff Hintz

    Software for Los Angelas, CA

    To: "Support Team (E-mail)"
    Subject: Software for Los Angelas, CA
    From: "Jeff Hintz"
    Date: Thu, 31 Aug 2000 12:31:06 -0500
    Importance: Normal

    I am going out to LA next week, and I would like to know what software version of Gems & AVTS is being sent out on their equipement. Thanks, Jeff Hintz

    (uncertified versions used.)

    From Rodney D Turner

    RE: Software for Los Angelas, CA

    To:
    Subject: Re: Software for Los Angelas, CA
    From: "Rodney D Turner"
    Date: Thu, 31 Aug 2000 13:31:55 -0500
    References:

    Is this a "testing" release or not? (Ashamed to ask). I think the hallucinations ought to be resurfacing with Steve already. Ken

    From Talbot Iredale

    (uncertified versions used.)

    RE: GEMS-1-17-1

    To:
    Subject: Re: GEMS-1-17-1
    From: "Talbot Iredale"
    Date: Thu, 31 Aug 2000 16:14:23 -0700
    References:

    This is no more of a test release than 1.16.9 was though I would not be surprised if we have to make more changes to fully support LA and Alameda. Tab Re: Software for Los Angelas, CA

    To:
    Subject: Re: Software for Los Angelas, CA
    From: "Steve Knecht"
    Date: Fri, 1 Sep 2000 09:10:49 -0700
    References:

    (uncertified versions used.)

    Jeff, I think my thread may be out of sync, but discussion with Tab yesterday indicated that you'd be at least at 1.17.1 or higher to provide you with the "import" capability with their database. I believe Rodney / Mike would have to tell you what they loaded onto AVTS. Tab is still working on several programs that may affect what AVTS Rev and GEMS rev we both end up with.

    From Tari Runyan

    1-17-7-5 testing

    To: "SUPPORT (E-mail)"
    Subject: 1-17-7-5 testing
    From: "Tari Runyan"
    Date: Mon, 23 Oct 2000 08:21:16 -0600

    (uncertified versions used.)

    I have tested this version to the extent I am able - twice even and unless anyone else has discovered anything - i think it can be released to the Ca Counties - Let me know if anyone else has any concerns as I would like to get this out this morning. Thank you

    (There are dozens more memos like this, and hundreds that document the use of uncertified versions of the voting system, spanning a period from 1999 to 2003.)

    Bev Harris is author of Black Box Voting: Ballot Tampering In The 21st Century ... See http://www.blackboxvoting.com/ and it's activist arm http://www.blackboxvoting.org/

    homepage: http://www.scoop.co.nz/mason/stories/HL0309/S00150 .htm
  • >what this means is the software used in these elections was never looked at by ANYONE except a handful of programmers in Canada.

    Don't you guys trust us Canadians? :)

    Seriously, isnt't there something legalwise that any private citizen can do to stop or correct this sort of crap from happening?
    • Sure, raise hell at our representative's office.

      A phone call to your Federal/State representative is a) welcome and b) useful. A dead-tree letter is even better. And no, a form letter is NOT effective. Write your ideas in your own words, take the 2 minute out to track down where your representative's office is, lick a stamp, and send your thoughts on its way.

      Use this republic for what it's designed for!

  • Re: Diebold machines (Score:5, Interesting)

    by blibbleblobble (526872) on Saturday October 18, 2003 @09:35AM (#7247905)
    Quote from the leaked email
    "It is possible to put a secret password on the .mdb file to prevent Metamor from opening it with Access. I've threatened to put a password on the .mdb before when dealers/customers/support have done stupid things with the GEMS database structure using Access. Being able to end-run the database has admittedly got people out of a bind though. Jane (I think it was Jane) did some fancy footwork on the .mdb file in Gaston recently. I know our dealers do it. King County is famous for it. That's why we've never put a password on the file before.


    Note however that even if we put a password on the file, it doesn't really prove much. Someone has to know the password, else how would GEMS open it. So this technically brings us back to square one: the audit log is modifiable by that person at least (read, me). Back to perception though, if you don't bring this up you might skate through Metamor.

    There might be some clever crypto techniques to make it even harder to change the log (for me, they guy with the password that is). We're talking big changes here though, and at the moment largely theoretical ones. I'd doubt that any of our competitors are that clever."

    Oh come on! It's as if the last 30 years of cryptographic knowledge never happened. Of course it's possible to digitally sign electronic data, and nobody with a clue about electronic voting would even consider not doing it.

    These people are supplying voting machines, and they don't even know how to create tamper-evident databases? They even have the gall to assume their competitors are using the same simpleton technology as they are.

    I suggest that anyone involved with these systems read Peter Wayner's Translucent Databases [wayner.org] for a primer on how databases can be made secure, even against those who know the root password. [not that Diebold machines seem to have a root password]

    For further reading, Diebold might want to read some of Bruce Schnier's books [amazon.com], which are an interesting read on what can be done with cryptography, and what are its limitations. They might even consider hiring a competant expert, e.g. some of Schneier's peers.

    p.s. I claim the quote above as fair use, under english copyright law.
    • by rthille (8526) <.web-slashdot. .at. .rangat.org.> on Saturday October 18, 2003 @11:33AM (#7248359) Homepage Journal
      Of course it's possible to digitally sign electronic data, and nobody with a clue about electronic voting would even consider not doing it.

      Why bother? If you don't trust the system that does the signing, or the people who created the key it's signed with, then why bother to sign the data? It just gives a false sense of security.

      Unless the system produces a human readable, physical record of votes that the voter can verify before submitting then the system is open to fraud.
    • You are being charitable. You say:

      These people are supplying voting machines, and they don't even know how to create tamper-evident databases? They even have the gall to assume their competitors are using the same simpleton technology as they are.


      But I see no reason to believe that the security flaws were because they couldn't do better rather than just because they didn't want to bother. Whether actively or passively.

      I've USED MSAccess, and I will certify that it is one of the stupidest decisions p
    • Re: Diebold machines (Score:3, Interesting)

      by budgenator (254554)
      Being able to end-run the database has admittedly got people out of a bind though. Jane (I think it was Jane) did some fancy footwork on the .mdb file in Gaston recently. I know our dealers do it. King County is famous for it. That's why we've never put a password on the file before.

      Oh really is the above aluding to :
      A. election-fraud.
      B. just plain bad software from Diebold.
      C. piss-poor administration by some local-yocal election officials
      D. All of the above
  • by TheRealStyro (233246) on Saturday October 18, 2003 @09:57AM (#7248001) Homepage
    All evidence at this point stands to up to reason and makes clear the implications for a high level of vote taking, accounting, and tabulation fraud. The evidence presented should be enough to warrant any reasonable governments to bring the processes, in detail, into question and to suspend use of this voting platform until a grand jury can form an opinion and/or verdict on the continued use of these types of voting platforms.

    OK, the above possibly being true, why haven't voters caused an uproar over this potentially corrupt system being used? Simple - apathy. Most citizens are too worried about other things to care about the government. Most people want the government out of their lives and in exchange they will stay away from government functions. This plays right into the hands of those willing to put a system, such as this, into production. What can be done about the citizenry? Very little. A possible route is to find a way into the mass media and announce this fraud to the world. But the world already knows and can't change our system so what is your point already.

    The only way to attack this system and initiate change is to use the power of government against the system. Find a politician that has power and is willing accept reason. Convince him/her to find a way to present charges of vote process fraud, and hope like hell that a committee will suspend the use of the process until a full investigation by independent panels can write an opinion. This will be time-consuming, and the result may not be what is desired, but as I see it, the only way to stop this potential fraud and abuse of the voting system.
  • Inform Diebold that vote tampering will now be considered a form of terrorism and treason... punishable with sanctions up to and including the extreme and permanently extreme.

    Add further that experts in technology from each of the parties represented in the election (including itty-bitty parties), will be appraising the results and the process by which votes have been counted.

    Let them know that fraud will result in harsh and immediate reprisals against the company and more importantly it's CEO and Boa
    • Can you say "Salem Witch Trials" and "McCarthyism"? One of the reasons the Patriot is so dangerous is that there is the potential for it to be perverted and twisted to meet the objectives of the administration who enforces it. I'd be very careful about branding everyone a "terrorist" for common criminal activity or for having unpopular political/religious ideologies. That's not the road I think we want to head down.
  • We have been concentrating too much on the post-election auditing, and not enough on the pre-election requirements, design, build test cycle.

    A short proposal:

    A) A vendor is chosen (Not Diebold, because they obviously cannot do it)
    B) Vendor designs the system, chooses the tools, and builds it.
    C) 3 validation teams are chosen. 1 commercial entity, 1 university entity, and one independant team chosen by 2 or 3 of the major parties. Maybe even us, the general public as well.
    D) The teams audit and validat
  • So there's a debate raging on about the security of the nations voting systems, and Diebold claims copyright ownership of some leaked evidence? Is it even possible for correspondence to be copyrighted? If so, isn't the security of the nation just a little bit more important?

    Does it matter that the correspondence seems to have been intentionally leaked by someone at Diebold? It just seems ludicrous for Diebold to claim copyright ownership of correspondence, especially correspondence that was made public

    • Under current copyright law, all correspondence is copyright by the author. Sorry about what seems reasonable to you. There essentially *is* no new public domain work. Merely work of unknown authorship. Declaring a work to be public domain doesn't make it public domain, even if you are the author, although I believe that it does cause you to lose the right to sue over uses that you disapprove of.

      I believe that new public domain works can still be created in countries outside the system...but most count
  • Why doesn't the government simply become a CA, issue public-private key pairs to every voter, and have each voter create a "vote" document by signing it? All the votes could be posted publicly anywhere, and counted ad nauseum by anyone who felt the urge. If ever more than one vote from the same voter in the same election were found, that vote would be invalidated (the guy didn't keep a careful enough watch over his private key).

  • http://emdx.org/r.php?U=BBV [emdx.org].

    As my mother said, mirror early, mirror often.

  • Things to do (Score:3, Interesting)

    by Animats (122034) on Saturday October 18, 2003 @12:30PM (#7248566) Homepage
    Print out the site. Send it to your Congressman. Ask that it be added to the Congressional Record as an "extension of remarks".
  • The information contained in this notification is accurate as of the time of compilation and, under penalty of perjury, I certify that I am authorized to act on behalf of Diebold.

    >snip<

    Very truly yours,

    Ralph E. Jocke

    Sounds vaguely like something Bart Simpson would use over the phone to Moe's Tavern. I wonder if he has a partner named Strappe? "Jocke Strappe and Associates" would be a great name for a law firm.

    No, I didn't have anything to add, I just wanted to mock the lawyer's name.

If you think nobody cares if you're alive, try missing a couple of car payments. -- Earl Wilson

Working...