Warm John writes to mention a short article on Doctor Dobbs Journal about the Hack that couldn't be done. "Hacking a Diebold voting machine was the focus of Cigital's Gary McGraw's keynote at SD Best Practices. He discussed 'Security Analysis of the Diebold AccuVote-TS Voting Machine,' a paper released by Edward Felten, Ari Feldman, and Alex Halderman of the Princeton Center for Information Technology Policy. 'The paper details a simple method whereby the Princeton team was able to compromise the physical security of a Diebold voting machine, infecting it with a virus that could change voting results and spread by memory-card to other machines of the same type.'"
You don't want to do any flashing around these machines. The little old ladies behind the voting table will be watching you like a hawk and they're swoop down on you so fast with their canes before you could even think about flashing anyone. If you want a safe voting experience, you must see no evil, hear no evil or speak no evil when the voting machine flashes you!
Man Diebold looks slimier and slimier every passing week, but I'm more disturbed by Joe Demma's, Salt Lake's chief elections officer, response to Bruce Funk's actions. Granted, Funk acted by going around Demma by calling in Black Box Voting to check the Diebold machines, when presumably Demma is supposed to be responsible for that (just my guess as he's the chief elections officer).
However, Demma seems more incensed at Funk because he may cost the state $40,000 for Diebold's astronomical recertification fee. He doesn't seem to be worried that people might not trust these machines. He doesn't seem to care that a state officer was worried enough to call in a non-profit third party to verify the integrity of these machines. I mean, these things could possibly affect the outcome of a vote, the foundation for a democratic republic! But instead of worrying about these machines he's clearly more upset about the $40,000 and Funk not talking to him about his concerns regarding the voting machines.
And of COURSE Diebold is going to tell you the machines are fine and fair. Sheesh, they want to make money don't they?
Isn't it great that chief elections officers have their priorities straight?
Give me a ballot sheet and a pencil any day over these closed, proprietary black box machines.
Nobody in their right mind who cares about the stability of our democratic republic could condone a continuation of these scandals. If we can't trust the vote, then we can't trust anything about the government, and when enough people feel that way in a democratic republic, bad things happen.
Nobody in their right mind who understands what's going on can condone the existence of closed-source software in the vote counting or vote taking process at all, whether by Diebold or otherwise.
If elections officials told the public, "We're going to count by a secret counting method and we won't tell you how we're going to count; you'll just have to trust us that we picked the right person for the job," the public would burn down city hall. Unfortunately, the public hasn't yet realized that this is exactly what is happening....
Anybody want to raise money for a front page ad in the NY Times? Maybe with a little extra money left over to donate to local fire departments?:-)
If elections officials told the public, "We're going to count by a secret counting method and we won't tell you how we're going to count; you'll just have to trust us that we picked the right person for the job," the public would burn down city hall.
If elections officials told the public, "To protect your Freedom we are going to count by an undisclosed counting method and we won't help terrorists by telling the evildoers how we're going to protect the public and count the votes; you'll just have to support our troops and the person we picked for the job," the public would greet you as liberators
Golly, do you people lack reading comprehension or just critical thinking skills?
Funny, I didn't get the feeling the poster mentioned closed source so much to advocate open source software, as to draw the clear paralell between that and a secret ballot counting method implementation. Let me re-read... Yep, he didn't mention using Open Source at all, he mentioned closed source and then followed it with the very valid, extremely painfully obvious paralell between that and a secret ballot counting procedure.
Do you see that now or is there a problem with YOUR reading comprehension or critical thinking skills?
The other funny thing about money and Diebolds in Utah is that because they are so expensive, some precincts have fewer voting machines than ever before.
http://www.kcpw.org/article/1719/ [kcpw.org]
However, Demma seems more incensed at Funk because he may cost the state $40,000 for Diebold's astronomical recertification fee.
Huh? Diebold is certifying its own machines? To say that this is like the fox guarding the henhouse would be a gross oversimplification...it's more like the fox has control of a large percentage of the henhouses throughout the country, and is working diligently to ensure this does not change.
I keep saying this but a lot of fools seem to think they really have a chance of changing things. One of my votes since 1998 has mattered. ONE.
Even then, I was #31.
My district is so gerrymandered. If I was a republican- my vote doesn't matter. If I was a democrat- my vote doesn't matter.
And then on top of that- I only get to vote for candidates that were pre-selected for me by the party (aka corporations, lawyers, and politicians (who are beholden to the corporations) ).
Actually, *all* corporations pay taxes. Some may not income taxes, but they certainly pay other taxes (or their members do). In fact, corporate taxes account for around 7% of the US's GDP. While that's somewhat concerning because as late as the 1960's, corporate taxation accounted for 25% of the GPD, it certainly isn't "no taxes".
Also keep in mind that the vast majority of corporations are small businesses (can't find a citation ATM). That's important because small businesses employ 52% of the workers in t
Then I don't know what can. We need more information like this to come out because when dealing with elections, the last thing we need--but apparently the opposition wants--is for some kind of shennanigans elecing the wrong person. If electronic voting is ever to be used, it darn well should be open source, and transparent as hell...with two paper receipts (one for the voter and one for the auditors.)
In Illinois we get a paper printout that you check for accuracy and put in a ballot box; we can actually have a real recount.
That's incredibly weird, considering this IS Illinois, where they say "vote early, vote often," where dead people still have a right to vote, and the last two governors who lost elections went to prison (or will, in the case of Ryan).
That's what they mean when the pundents screech "paper trail!". The "paper trail" isn't for the voter to take home but to verify before depositing it in a ballot box. The problem is the voting machines that are produced by and large don't print anything. The votes are recorded inside and transfered to a larger repository for counting. If the count is off, there is no way to recount other than the faulty data in the machine already.
When you consider the ease of simply printing a receipt like slip of paper one has to wonder why they refuse to make them all do it. There is more accountability when you go to the supermarket than when you go vote.
I bet either someone is going to have 100% votes for Fred Flintstone, or someone is going to have a 60% write in for some person. Both of which could never happen and would do nothing except expose the voting machines as tamperable. I doubt someone is going to be smart enough to make the election look close, but vote for someone on the ballot. The only way a good ol conspiracy vote could happen is if the hacker got a load of money from a candidate. Well I guess that could happen.
I'll get mod-bombed right back down to Good Karma for this- but I have to say that I'm not at all sure it didn't happen in Ohio and Florida in 2004. The exit poll numbers, which had previously been extremely accurate in just about every election I'd ever heard of, were way off in those two states on the Presidential race- but the numbers were close enough that everybody focused on recounts instead (where possible).
This entire thing comes down to the ability to pick a lock so someone can replace the flash card. So why not put more secure locks on the devices? The paper ballots that we all love are also stored in locking containers, and as such are subject to the same fate as the Diebold tablets.
There are certain locks that are extremely difficult to pick... that's the solution.
This entire thing comes down to the ability to pick a lock so someone can replace the flash card.
Now that we know the machine itself is virus-susceptable, the next steps are:
1) See if the smartcard reader code has a vulnerability. (Any bets on a buffer overflow bug?)
2) If so, design a virus that can do the initial infection via the smartcard slot.
Succeed at 2) and you can carry a bogus smartcard in, insert it while you "vote", and infect a voting machine. Since the machines are apparently capable of passing the infection during the post-election vote collection process, you can take over the precinct (either all the remaining machines or the one doing the totals) by infecting one voting machine.
Design the virus to self-destruct after doing its dirty work and you don't even leave tracks.
I found the FAQ interesting. I liked the way they set the tenor of the questions, and included such things as "you weren't supposed to say anything about this!" The research seems pretty clear-cut, and the precautions that the researchers took appears to have been well thought out.
I hope that I underestimate the American people on this (including me), because the next tack that will be taken by Diebold will be, "Well, who in their right mind would want to tamper with an election? Calm down, citizens, this is just scaremongering by the right/left/pedestrians..." Once this is followed up with a suggestion that such might be "fomenting a panic designed to cause a breach of the peace," vague threats of arrest for those involved, and nothing changing.
Well, if nothing else, this voter's going to try his hand at absentee balloting this time around. Just in case...
Sure hackers would be tempted as well, but look at it from a major terrorist network perspective. If they were able to alter the election outcome and prove it (or have it proven), think about the doubt this would cast in all future elections (and possibliy cast doubt on past ones as well if the same tech was used)...and not just for Americans, but world wide. "One man, one vote"....I could see the terrorists laughing as they played video of them voting of a candidate 1 million times or taking down the voting "network" entirely. They wouldn't even need to injure/kill anybody in the process and they would be able to make a major statement.
The Possible Future, Nov 4th, 2008 "While exit polls conducted by our station and others showed Sen. Hillary Clinton and Sen. John McCain neck-in-neck at nearly 50% in this highly contested state of Ohio, initial results from available precincts shows the winner of the state, and thus the country, as Osama bin Laden, with 107% of the vote. A tape allegedly featuring Mr. bin Laden was broadcast by the al Jazeera network just minutes ago, in which the terrorist mastermind said he was pleased by the clear mandate the capitalist pig masses had given him, and that he hoped his transition from a cave somewhere in Pakistan to the Oval Office would go smoothly. Back to you, Tom."
The paper details a simple method whereby the Princeton team was able to compromise the physical security of a Diebold voting machine, infecting it with a virus that could change voting results and spread by memory-card to other machines of the same type.
It's not who votes that counts, it's who counts the votes.
How come no one seems to be asking the slot machine manufacturers to make voting machines? They deal with millions - or billions - of dollars a day and seem to be able to account for every single penny accurately. As an added bonus, all they'd really have to do is change the 7's to donkeys and jackpots to republicans... Pull the lever for your new rep!
Seriously though - they're the people who should be making the machines...
Diebold is well known for banking systems, including ATMs, so they know a thing or two about accountability. For some reason, these lessons haven't been transferred to their elections division.
I have just finished watching the video on the Princeton site and I must say it is very well done. Any reasonably motivated alert person who watches this video will see the problem we're trying to highlight.
It isn't enough for computer software professionals to discover problems like this; we need to be able to communicate our results effectively to the non-technical public. Too often we find something disturbing and decend into technical jargon and lose our audience. The Princeton team has done an excellent job avoiding that pitfall and communicating this threat.
Now, if only we could find a reasonably motivated and alert politician to actually act on this.
by Anonymous Coward
on Thursday September 14 2006, @05:58PM (#16109560)
Welcome to democratic government, brought to you by Diebold(R)!
Please choose a candidate: (1) The incumbent guy who's against the terrorists. (2) The weasly other guy who likes terrorists and wants your child to
be gay.
[press 2]
You have chosen option (2), for gay marriage. Are you sure?
[press no]
Please choose a candidate.
[press 2]
Let's not be too hasty. We don't want the terrorists to feel good. Do you want the terrorists to feel good?
[press no]
You have chosen option (1), for the incumbent. Are you sure?
[press cancel]
This may forfeit your vote! Are you sure you wish to cancel not voting for option (1)?
[press yes]
Thank you for your participation in the democratic process! Printing receipt...
Ed Felten is also the guy who hacked the MS DLL that "integrated" IE into Windows to remove IE without destroying the OS, proving in court that Microsoft's defense of their illegal bundling, "it was technologically necessary", was a lie. Though Felten was not even a Windows specialist, and certainly didn't have the source code to delete IE cleanly, he was the the key to the court finding that MS had violated their antibundling consent agreement, the key to finding they'd violated their monopoly status.
Now he's the guy proving Diebold voting systems are insecure.
Isn't anyone else in our giant, brilliant "computer science" industry doing anything? Or are they all working for the bad guys?
Compromising Diebold machines seems to be a regular method of swinging elections in Florida ( UC Berkeley [berkeley.edu] )
The white hat community needs to start undermining vulnerable e-voting technologies whenever and wherever possible. Just put a few Democrats into office in the bible belt.
The CEO of Diebold is on record as a dyed in the wool Republican: "Our job is to deliver the election to George W Bush". Problematic for a vendor with so much trust. But once their machines start swinging votes for the other side, they'll soon start adding security.
I've seen plenty of pro-Microsoft and pro-Diebold posts get modded up. All you have to do is have a clear point, and show it. You didn't manage that. You said the fraud happens, and it doesn't make a difference if we can trace it or not.
It does make a difference. With a punch card, or a paper ballot, or even a mechanical voting both anyone can trace when fraud has occured. And in those cases we implement some security, track where the fraud came from (if we can) and redo the election.
With the current generation of electronic voting machines, we can't do that. I don't care who makes a good machine, but Diebold hasn't made one. And they've defended that design as if they think it is a good machine. Geeks don't like people who pretend a bad design is a good design. We'll tear into them. If they routinely defend bad design by saying it is good design and overlooking what we think are obvious flaws we'll notice, and start to expect that. Until they change, a group that decides who they like on the technical ability of a company won't like them. They are lying about their technical quality; at least in our eyes.
Geeks don't like people who pretend a bad design is a good design. We'll tear into them
it's called 'peer review' and in the science world it's not only expected but mandatory.
my question is this: has diebold's product undergone any sort of peer review? if it's important enough for someone studying the genetic inheretance of grey hair, it's important enough for someone entrusted with running an election for the most powerful person in the world, dontcha think?
It seems to me that write once media could be a partial solution here- a multisession CDR running packet write software, can be analyzed just like paper- but compresses the information.
It does make a difference. With a punch card, or a paper ballot, or even a mechanical voting both anyone can trace when fraud has occured. And in those cases we implement some security, track where the fraud came from (if we can) and redo the election.
Except that they won't. There have been numerous cases recently in which problems were confirmed beyond any doubt. In every case, even when the number of dubious votes would have been enough to potentially change the results of the election, the courts let the election results stand, and no reelections were called.
We don't need to be able to prove that fraud occurred. We need to be able to eradicate it. The only way that is even remotely possible is if the voting process is transparent. This means:
Every piece of software installed on the voting machines from the driver layer all the way up to the GUI must be open source and subject to public inspection.
Any changes to the code must be subjected to a thorough audit before they can be deployed.
Every single security bug reported that can be reproduced MUST be fixed prior to the date of deployment.
Every single security bug must be public knowledge.
The hardware must be commodity hardware underneath so that average citizens can test the software on their own systems.
The hardware must have additional physical security measures built into the case design.
The hardware must be under lock and key in a secure storage container from the moment that it has been certified up until the day of the election.
The usual security measures from there forward should probably be sufficient.
What is the obsession with machine voting anyway? The only advantage seems to be counting speed. Since by the time all the ballots are in, counting speed makes ZERO difference to the outcome of a fair election, it's an irrelevancy - what's a few more hours against an elected term that will go on for years?
The absolute requirement for me is that your voting system be comprehensible and auditable by the common man. Because it concerns us all. The system with the widest comprehensibility is pencil and paper.
While pencil and paper isn't flawless, the key difference is that it's a system that a lot of people understand. Irregularities are far easier to recognise by the common man. With a machine system, only someone who understands the machine can spot the system being subverted.
Print ballots. With boxes on. You make a mark in the box, you voted for that person. No chads, no hanging. And anyone who can count can see that the right thing is done.
Sure, introduce machine systems to help make it harder to subvert the voter system. But the basic counting mechanism should be a wet thumb and a box of rubber bands.
But paper systems do have problems. Things like smudges, stray marks, poorly marked ballots, lost ballots, etc. Plus, many hands on the ballots for all of these recounts doesn't help at all as far as adding smudges, introducing fraud, etc. Machines can increase the accuracy of the count, reducing the margin of error. Typically this doesn't really matter much, but every once in a while you have a national election decided by a couple hundred votes somewhere:) I think a nice compromise is a computer print-ou
firmware flash (Score:3, Funny)
Re:firmware flash (Score:5, Funny)
Parent
Re: (Score:3, Funny)
meme seems appropriate (Score:5, Funny)
America Has A Rootkit (Score:5, Funny)
Parent
Money more important than a fair vote? (Score:4, Insightful)
However, Demma seems more incensed at Funk because he may cost the state $40,000 for Diebold's astronomical recertification fee. He doesn't seem to be worried that people might not trust these machines. He doesn't seem to care that a state officer was worried enough to call in a non-profit third party to verify the integrity of these machines. I mean, these things could possibly affect the outcome of a vote, the foundation for a democratic republic! But instead of worrying about these machines he's clearly more upset about the $40,000 and Funk not talking to him about his concerns regarding the voting machines.
And of COURSE Diebold is going to tell you the machines are fine and fair. Sheesh, they want to make money don't they?
Isn't it great that chief elections officers have their priorities straight?
Give me a ballot sheet and a pencil any day over these closed, proprietary black box machines.
Re:Money more important than a fair vote? (Score:4, Insightful)
Parent
Re:Money more important than a fair vote? (Score:5, Insightful)
Nobody in their right mind who understands what's going on can condone the existence of closed-source software in the vote counting or vote taking process at all, whether by Diebold or otherwise.
If elections officials told the public, "We're going to count by a secret counting method and we won't tell you how we're going to count; you'll just have to trust us that we picked the right person for the job," the public would burn down city hall. Unfortunately, the public hasn't yet realized that this is exactly what is happening....
Anybody want to raise money for a front page ad in the NY Times? Maybe with a little extra money left over to donate to local fire departments? :-)
Parent
Re:Money more important than a fair vote? (Score:5, Funny)
If elections officials told the public, "To protect your Freedom we are going to count by an undisclosed counting method and we won't help terrorists by telling the evildoers how we're going to protect the public and count the votes; you'll just have to support our troops and the person we picked for the job," the public would greet you as liberators
There, corrected it for ya.
Parent
Re:Money more important than a fair vote? (Score:4, Insightful)
Funny, I didn't get the feeling the poster mentioned closed source so much to advocate open source software, as to draw the clear paralell between that and a secret ballot counting method implementation. Let me re-read... Yep, he didn't mention using Open Source at all, he mentioned closed source and then followed it with the very valid, extremely painfully obvious paralell between that and a secret ballot counting procedure.
Do you see that now or is there a problem with YOUR reading comprehension or critical thinking skills?
Parent
Re:Money more important than a fair vote? (Score:4, Interesting)
Parent
Re: (Score:3, Interesting)
http://www.kcpw.org/article/1719/ [kcpw.org]
Re:Money more important than a fair vote? (Score:5, Insightful)
Huh? Diebold is certifying its own machines? To say that this is like the fox guarding the henhouse would be a gross oversimplification...it's more like the fox has control of a large percentage of the henhouses throughout the country, and is working diligently to ensure this does not change.
Parent
Re: (Score:3, Interesting)
One of my votes since 1998 has mattered. ONE.
Even then, I was #31.
My district is so gerrymandered.
If I was a republican- my vote doesn't matter.
If I was a democrat- my vote doesn't matter.
And then on top of that- I only get to vote for candidates that were pre-selected for me by the party (aka corporations, lawyers, and politicians (who are beholden to the corporations) ).
Why vote when it is going to be 70/30
Re: (Score:3, Informative)
Also keep in mind that the vast majority of corporations are small businesses (can't find a citation ATM). That's important because small businesses employ 52% of the workers in t
If this can't finally nail the coffin lid shut (Score:3, Insightful)
Re: (Score:3, Funny)
Clarification please: Who are we? And who is the opposition
Just wondering...
Scary (Score:5, Informative)
That's incredibly weird, considering this IS Illinois, where they say "vote early, vote often," where dead people still have a right to vote, and the last two governors who lost elections went to prison (or will, in the case of Ryan).
Uh... (Score:4, Informative)
Ryan didn't lose an election - he won, all the way up until he (plagued with scandal) didn't run again.
Parent
Re:Scary (Score:4, Interesting)
When you consider the ease of simply printing a receipt like slip of paper one has to wonder why they refuse to make them all do it. There is more accountability when you go to the supermarket than when you go vote.
B.
Parent
The first person to do this is going to be stupid (Score:4, Interesting)
Re:The first person to do this is going to be stup (Score:5, Interesting)
Parent
More Secure Lock (Score:3, Interesting)
There are certain locks that are extremely difficult to pick... that's the solution.
Now that we know it is virus-susceptable... (Score:4, Interesting)
Now that we know the machine itself is virus-susceptable, the next steps are:
1) See if the smartcard reader code has a vulnerability. (Any bets on a buffer overflow bug?)
2) If so, design a virus that can do the initial infection via the smartcard slot.
Succeed at 2) and you can carry a bogus smartcard in, insert it while you "vote", and infect a voting machine. Since the machines are apparently capable of passing the infection during the post-election vote collection process, you can take over the precinct (either all the remaining machines or the one doing the totals) by infecting one voting machine.
Design the virus to self-destruct after doing its dirty work and you don't even leave tracks.
Parent
Unfortunately, "so what?" may be the response (Score:4, Interesting)
I hope that I underestimate the American people on this (including me), because the next tack that will be taken by Diebold will be, "Well, who in their right mind would want to tamper with an election? Calm down, citizens, this is just scaremongering by the right/left/pedestrians..." Once this is followed up with a suggestion that such might be "fomenting a panic designed to cause a breach of the peace," vague threats of arrest for those involved, and nothing changing.
Well, if nothing else, this voter's going to try his hand at absentee balloting this time around. Just in case...
Who would want to tamper? Terrorists (Score:4, Insightful)
Parent
Re:Who would want to tamper? Terrorists (Score:5, Funny)
"While exit polls conducted by our station and others showed Sen. Hillary Clinton and Sen. John McCain neck-in-neck at nearly 50% in this highly contested state of Ohio, initial results from available precincts shows the winner of the state, and thus the country, as Osama bin Laden, with 107% of the vote. A tape allegedly featuring Mr. bin Laden was broadcast by the al Jazeera network just minutes ago, in which the terrorist mastermind said he was pleased by the clear mandate the capitalist pig masses had given him, and that he hoped his transition from a cave somewhere in Pakistan to the Oval Office would go smoothly. Back to you, Tom."
I don't know, think that would wake people up?
Parent
as we all know (Score:4, Funny)
It's not who votes that counts, it's who counts the votes.
We've heard it before but... (Score:5, Interesting)
Re: (Score:3, Insightful)
They have had their problems with ATMs too (Score:4, Interesting)
Diebold ATM turned into jukebox [thetartan.org]
Diebold ATM infected with Welchia [windowsfordevices.com]
Parent
Re:We've heard it before but... (Score:4, Funny)
Parent
Re:We've heard it before but... (Score:5, Funny)
Parent
The video is excellent (Score:5, Insightful)
It isn't enough for computer software professionals to discover problems like this; we need to be able to communicate our results effectively to the non-technical public. Too often we find something disturbing and decend into technical jargon and lose our audience. The Princeton team has done an excellent job avoiding that pitfall and communicating this threat.
Now, if only we could find a reasonably motivated and alert politician to actually act on this.
FINALLY! (Score:3, Funny)
Now all we have to do is prove that it actually happened.
My experience with Diebold (Score:4, Funny)
Welcome to democratic government, brought to you by Diebold(R)!
Please choose a candidate:
(1) The incumbent guy who's against the terrorists.
(2) The weasly other guy who likes terrorists and wants your child to
be gay.
[press 2]
You have chosen option (2), for gay marriage. Are you sure?
[press no]
Please choose a candidate.
[press 2]
Let's not be too hasty. We don't want the terrorists to feel good.
Do you want the terrorists to feel good?
[press no]
You have chosen option (1), for the incumbent. Are you sure?
[press cancel]
This may forfeit your vote! Are you sure you wish to cancel not
voting for option (1)?
[press yes]
Thank you for your participation in the democratic process! Printing
receipt
Sorry! Out of paper.
Army of One (Score:5, Informative)
Now he's the guy proving Diebold voting systems are insecure.
Isn't anyone else in our giant, brilliant "computer science" industry doing anything? Or are they all working for the bad guys?
Diebold just needs an incentive .... (Score:4, Insightful)
The white hat community needs to start undermining vulnerable e-voting technologies whenever and wherever possible. Just put a few Democrats into office in the bible belt.
The CEO of Diebold is on record as a dyed in the wool Republican: "Our job is to deliver the election to George W Bush". Problematic for a vendor with so much trust. But once their machines start swinging votes for the other side, they'll soon start adding security.
hack? (Score:4, Funny)
Shouldn't these just be considered mods?
Re:The box was not production hardware... (Score:4, Interesting)
It does make a difference. With a punch card, or a paper ballot, or even a mechanical voting both anyone can trace when fraud has occured. And in those cases we implement some security, track where the fraud came from (if we can) and redo the election.
With the current generation of electronic voting machines, we can't do that. I don't care who makes a good machine, but Diebold hasn't made one. And they've defended that design as if they think it is a good machine. Geeks don't like people who pretend a bad design is a good design. We'll tear into them. If they routinely defend bad design by saying it is good design and overlooking what we think are obvious flaws we'll notice, and start to expect that. Until they change, a group that decides who they like on the technical ability of a company won't like them. They are lying about their technical quality; at least in our eyes.
Parent
Re:The box was not production hardware... (Score:5, Interesting)
it's called 'peer review' and in the science world it's not only expected but mandatory.
my question is this: has diebold's product undergone any sort of peer review? if it's important enough for someone studying the genetic inheretance of grey hair, it's important enough for someone entrusted with running an election for the most powerful person in the world, dontcha think?
Parent
Re: (Score:3, Insightful)
Unfortunately, yes. Many crooks and liars have deemed the system to be "just fine".
Re: (Score:3, Interesting)
Re:The box was not production hardware... (Score:4, Insightful)
It does make a difference. With a punch card, or a paper ballot, or even a mechanical voting both anyone can trace when fraud has occured. And in those cases we implement some security, track where the fraud came from (if we can) and redo the election.
Except that they won't. There have been numerous cases recently in which problems were confirmed beyond any doubt. In every case, even when the number of dubious votes would have been enough to potentially change the results of the election, the courts let the election results stand, and no reelections were called.
We don't need to be able to prove that fraud occurred. We need to be able to eradicate it. The only way that is even remotely possible is if the voting process is transparent. This means:
Parent
Re:With all due respect... (Score:4, Interesting)
What is the obsession with machine voting anyway? The only advantage seems to be counting speed. Since by the time all the ballots are in, counting speed makes ZERO difference to the outcome of a fair election, it's an irrelevancy - what's a few more hours against an elected term that will go on for years?
The absolute requirement for me is that your voting system be comprehensible and auditable by the common man. Because it concerns us all. The system with the widest comprehensibility is pencil and paper.
While pencil and paper isn't flawless, the key difference is that it's a system that a lot of people understand. Irregularities are far easier to recognise by the common man. With a machine system, only someone who understands the machine can spot the system being subverted.
Print ballots. With boxes on. You make a mark in the box, you voted for that person. No chads, no hanging. And anyone who can count can see that the right thing is done.
Sure, introduce machine systems to help make it harder to subvert the voter system. But the basic counting mechanism should be a wet thumb and a box of rubber bands.
Parent
Re: (Score:3, Insightful)
Re:The box was not production hardware... (Score:5, Interesting)
One customer wants a secure, hardened, auditable, time proven machine with a user verifiable paper trail.
The other doesn't need any of those features.
Therefore two entirely disparate product lines.
One is designed to protect $.
The other is designed to protect democracy.
Parent
Re:Could be modded as flamebait... (Score:5, Informative)
Parent
Re: (Score:3, Insightful)
Re:Soo.. (Score:5, Informative)
Thank you for stealing an earlier post of mine [slashdot.org] absolutely verbatim.
-the real jdm
Parent