Diebold Sued (Again) Over Shoddy Voting Machines

icypyr0 writes "Computer programmer Jim March and activist Bev Harris have filed suit in California state court against Diebold under a whistle-blowing statue. This is another in a series of blows dealt to the ailing company. March and Harris allege that Diebold 'used uncertified hardware and software, and modems that may have allowed election results to be published online before polls closed.' They are seeking full reimbursement for all of the voting machines purchased in California. March and Harris could collect up to 30% of the reimbursement, under the whistle-blower statute. In an interesting turn, the two are requesting that the state of California join the lawsuit. State officials have spent millions on the paperless touch screen machines; Alameda County has spent at least $11 million alone."

Vaporware and voting don't mix.

The concept is classic in the computer software industry... sales sells a vaporware product that hasn't been built yet, and then the R&D people have to take shortcuts in order to get a product shipped by the date it was promised.

Governments don't take well to such practices. When dealing with a state government, you must cross every t and dot every i in the system. Any bugs, flaws or failures is simply delivering a product that wasn't to spec.

Diebold appears to have their hands caught in the cookie jar here. They've already been caught installing a "patch" on machines that were supposed to be "sealed" and in their final ready-for-voting state. Bev Harris has been the collector in chief of all of Diebold's other mistakes that they've tried to cover up... seeing what they have ready to present at trial should be fun.

Re:Vaporware and voting don't mix.

This doesn't realate to the article but it relates to your post.

Long story short: I was at a company that sold vaporware. When we bitched about the stupid deadlines and what the fuck were the salesguys and upper management thinking, we were told that, "If we don't do it, someone else will and make the sale."

What a rationalization.

Re:Vaporware and voting don't mix.

The concept is classic in the computer software industry... sales sells a vaporware product that hasn't been built yet, and then the R&D people have to take shortcuts in order to get a product shipped by the date it was promised.

The problem here is deeper than that. The simple truth is that voting software is a relativly simple project. EVEN with VB (which is what Dibold is using for their software), it would be simple to build a secure system. The fact is, they don't have the expertise to do so with any tool.

Re: :-(

Writing software with VB makes baby Jesus cry.

Re: :-(

Baby Jesus? Hell, writing critical software with VB would make adult Jesus cry!

A little worse then that

Voting machines need to be certified, basically this means someone needs to inspect it and make sure it works correctly, is tamper-resistant, etc. hardware and software is certified together. but Diebold treated their software like many IT products. release what you have and patch, patch, patch. Unfortunately, in the case of election this meant uncertified software (and allegedly uncertified modems as well) was used. Diebold could have put anything in that code.

Of course, whoever did the certification job on the Diebold certainly wasn't doing their jobs very well.

A good model for EVM would actually be the Navada Gaming commission for slot machines and the like. Software updates need to digitally signed and encrypted by both the company, and the commission. Running slot machines without approved software is illegal.

Re:A little worse then that

I agree that the model used by the Nevada Gaming Commision would be perfect. Additionally, the Gaming Commission will from time to time, do random audits of machines to make sure that they're up to snuff, and there's big fines for those that don't meet the requirements.

Of course, there's a lot of money to be made or lost, and that's why they're so anal about it. Given that there's apparently discussion of suspending the November elections in the event of a terrorist attack, hey, what's this voting thing, and why is it so important? ;)

-- Joe

Re:A little worse then that

I thought you were joking until I looked it up. The Independent [independent.co.uk] has an article.

Anyway, if they wanted to make voting machines more like slots, why not put a seal on them over the screws, floppy, CD, USB, network ports. etc from the time they're certified until after the election? Tampering subject to criminal penalty. They can do it on every gas pump and supermarket scale, why not on voting machines?

Re:A little worse then that

Like I said, with the other things, there's money involved. If the gas pump or scale are tampered with, that's measurable losses (or gains) for the tamperer, or tamperee (probably not a word, but hey, the context makes sense).

Maybe the problem here is that there doesn't seem to be any measurable effect to the voting machines not being secure (well, you and I know that there is, but maybe the mass public doesn't). I get the feeling that until there's something that costs a lot of people something (maybe money), people won't really care about how secure the voting machines are.

Voter apathy is at an all-time high right now, nobody cares about voting. Because of that, I suspect that most people, even if they hear of this, figure, "Well, I'm not voting, why do I care?"

-- Joe

Re:A LOT worse then that

Here's a snippet from CNN [cnn.com]. Their quote is, 'In August, O'Dell said in a fund-raising letter for the Ohio Republican Party that he was "committed to helping Ohio deliver its electoral votes" to Bush.'

I'm sorry I don't have a paper copy to hand to you; ironically this is one of the issues that we are discussing on this thread.

Here's instructions for the future if you need information.
1. Type "www.google.com" in the location bar of your browser (you might refer to it as "that fancy web thing I've done been hearing so much about").
2. Press the "enter" key. This submits the "location" you typed in to the "web".
3. When the "web page" appears, type in the words "diebold deliver ohio" in the little rectangular box.
4. Once, again, you need to press the "enter" key.
5. A list of "web pages" appears. Click on one of them using the "left button" of your "mouse". Try and choose a respectable source like "FOX News" or "Monster Truck Week".

I hope this helps.

Lawsuit(s) making GOP nervous ...

The Bush administration and the GOP dominated
Congress were very quick to earmark $6 Billion
for eVoting upgrades, after the "hanging chad"
problems in the 2000 elections. The push to
"use it, or lose it" for this money meant a
rush to adopt some very badly implimented
solutions from corporate friends of the Bush
administration.

So now that the word is out about these crappy
eVoting machines (WITH NO PAPER AUDIT TRAIL),
and the Bush administration is now "floating
trial balloons" in the press about DELAYING
the November national elections. As well as
preparing the public to EXPECT terrorist acts
similar to the Madrid train bombings that would
be designed to disrupt these elections.

Doesn't anyone else besides me see a conspiracy
theory in the making? Like: if the GOP feels
that they will not win the November elections
using the SOP of FUD, that there WILL be some
major terrorist attacks here AND there WILL be
a delay in the national elections.

(Pardon me while I put on my tin-foil hat ...)

Re:Vaporware and voting don't mix.

This statement hardly seems like what's been reported...

Governments don't take well to such practices. When dealing with a state government, you must cross every t and dot every i in the system. Any bugs, flaws or failures is simply delivering a product that wasn't to spec.

Seems like many of the reports so far have shown great support for Diebold at the local and state level. Time and time again, state officials have brushed off complaints and critisms. Even in California, this went on for quite a while. Withness the condition in Florida. The issue is being pressed not be gov't officials, but by grassroots citizen's groups, the ALCU and other non-governmental groups.

Looks who's filing the lawsuit. The plaintifs are Jim March and Bev Harris... activists, not gov't officials. In fact, the lawsuit has been sealed for at least 7 months while the government tried to decide if they wanted to join the plaintifs.

The state of California has STILL not decided if they want to join the plainfits in this lawsuit. That's hardly needing to cross every t and dot event i in the system. It's more a case of needing to hide problems well enough from activists. It's clear the election officials are apathetic and would rather keep any problems swept under the rug than admit they were cheated, purchased shoddy products, and failed to detect accuracy problems.

Who was the statue of?

The whistle blowing statue, that is.

Re:Who was the statue of?

Steve McQueen, from "The Great Escape." (You know, the whistling scene...)

Re:Who was the statue of?

'...against Diebold under a whistle-blowing statue.'

Would this [ucar.edu] be it?

FINALLY!

Whether this goes anywhere or not, Diebold's abuses are finally going to the mainstream. The number one weapon that people have on their side to affect a change in an unfair system is information, and this information hitting major news outlets with some degree of regularity is happening just in time to ensure that this nonsense DIES.

Remember, when your friends ask what this is all about, you have everything from blackboxvoting.com to the damning Diebold memos themselves to point to as evidence of the abuse and incompetence plaguing such a vital issue.

Re:FINALLY!

The problem here is the only body with the ability to fix this mess across the entire nation before the November election is Congress and they've already refused. So you are stuck tryng to fix it state by state.

There is a bill with more than a hundred sponsers that would require a paper trail in November but it is being sat on by the same people who wrote HAVA which is the bill that started this mess in the first place.

Here [house.gov] is the statement from the bipartisan representatives and senators that have bottled it up in committee.

It contains some disturbing statements, this one in particular:

"Most importantly, the proposals requiring a voter-verified paper record would force voters with disabilities to go back to using ballots that provide neither privacy nor independence, thereby subverting a hallmark of the HAVA legislation. There must be voter confidence in the accuracy of an electronic tally. However, the current proposals would do nothing to ensure greater trust in vote tabulations"

Not sure how they can claim a recountable paper trail, "would do nothing to ensure greater trust in vote tabulations".

They also want the same agency that is apparently responsible for the current mess to sit on the problem and do nothing in time for this election:

"Questions regarding voting systems security, as well as many others, need to be examined by the entity responsible for doing so under existing law, the Election Assistance Commission, before Congress begins imposing new requirements, just months before the 2004 presidential and congressional elections, that have not been fully considered. The security of voting technology is a non-partisan issue. We encourage you to allow HAVA to be implemented as enacted and provide those who are charged with ensuring the security of voting systems the time and flexibility needed to get the job done effectively. "

As if this whole situation wasn't disturbing enough this same commission is exploring give the Bush administration, and Homeland Security power [washingtonpost.com] to postpone the election in the event of a terrorist attack, especially if it looks like Bush might lose in its wake the same way the Spanish government did, if it becomes apparent he may not have made America safer.

Re:FINALLY!

Not sure how they can claim a recountable paper trail, "would do nothing to ensure greater trust in vote tabulations".

I wonder if they'd let me take control of their personal finances without a paper record - because the paper record would do nothing to ensure greater trust in the financial calculations.

In unrelated news...

Diebold has offered to supply test voting machines for use in jury trials in California.

Diebold

Diebold == Dieslow.

Somebody save e-voting... before it's too late. Looks like Florida is going to be in a worse position than in 2000. I know I keep saying this, but someone should create a good Internet voting mechanism, and keep it anonymous yet feasible. I'd like to be sure my vote was counted, and the only way to really do that is by the old fashioned SQL count() function. :-)

At least then I'd know that my vote is my say. Nowadays, you're either black, hispanic, poor, criminal, or you look like these groups so you're unable to vote. It's a crying shame, and in all its flaws, Moore's Fahrenheit 9/11 actually does demonstrate the problems with the 2000 election quite intricately.

Re:Diebold

Somebody save e-voting... before it's too late.

Why? What is the benefit? Ultimately, you have to have a certain level of trust. Current paper methods reduce the necessary level of trust -- because independent (and non-independent) observers are watching what happens for me.

Frankly, what happened in Florida was not good, but let's face it, when elections get that close, you may as well toss a coin! When things like weather could affect a result, is the accuracy of the count that important?

What is really important, though, is to prevent any person, organization or company getting into a position whereby they can systematically skew the results of multiple elections.

Until someone comes up with an electronic voting scheme that guarantees that no one can fix an election then we should forget about electronic voting and stick with paper.

Even if you consider the problems in Florida to be more of an issue than I do, they don't require electronic voting to fix them -- let's look for simpler, more foolproof solutions.

Re:Diebold

You mean like here in Canberra, Australia [act.gov.au]?

Linux desktop computers running open source (GPL) electronic voting software, burning the votes AND keystroke logs (to verify each vote if necessary) to CD-ROMs providing an "electronic" paper trail?

It is at least as safe, if not safer, than paper-and-pencil voting. As society continues to move towards staring at computer displays 24/7 electronic voting becomes an inevitability out of inertia, so it may as well be done right.

Barto

Re:Diebold

Computer voting has the potential to become more reliable, but I don't think we are going to see it from Diebold.

There has always been some element of trust in the elections. We've all seen the T-Shirt "I'm from Chicago, Two ballots please." but at this point I still think that paper ballots are more reliable. If you put the paper ballots in a lock box, and the lock box is opened under the supervision of all sides involved in the election as well as the media, then it becomes a lot more difficult to defraud an election.

(Although changing voting locations at the last minute, putting up National Guard roadblocks, and disqualifing thousands of people who happen to have the same first and last name as convicted felons in other states are potential abuses in this scenario. But computer voting wouldn't fix those problems either.)

Even if we did have a verifiable open-source voting system I still think it would be a good idea to have paper ballots. What would be best is after you vote, the machine prints out a paper ballot that is both machine and human readable. The voter can then examine their ballot and confirm all their choices are correct, and place it in the lock box.

When the elections are over you tally both the electronic voting machines and the paper ballots, and if there is a significant difference you know at least one of the numbers is wrong. Since the methods involved in defrauding an election via paper balots and computers are different, I imagine it would be very difficult to make the results come out the same.

Now, ultimately, I think that an open-source voting solution that uses both encryption and digital signatures would be best. Peer review can confirm that the system is nih impossible to rig. The average person won't understand this, but then the average person is not involved in the old fashioned voting sytem anyway.

Oh, interesting story I heard a few years ago about paper ballots on talk radio. Someone was at the place where the machine reads the ballots. The caller said that he suggest they test the reliability of the machine by taking a stack of ballots, and running them through the machine twice and seeing if the results come out the same both times.

I forget if they actually did it and there were different results, and the voting people didn't like him, or if they just didn't like him without even trying. Some people just don't like you to question them, and it seems the bigger their responsibility, the less they like to be questioned.

Re:Diebold

Unless I get a paper certificate that I can verify for myself, and that counts as "my vote" in cases where a recount is called for, I am not interested in switching to a new technology.

There are plenty of tricks that can be played unless the voter can verify a hard copy ballot themselves. In nearly all cases these ballots wouldn't be used, but they would allow for recounts of suspicious votes. Keystroke logs are a nice touch. Unless, of course, the keystroke logger is tampered with. hard copy receipts, on the other hand, can be verified on the spot by the voter, and are much more difficult to modify successfully after the fact.

Secret ballot

I don't see how that CD-ROM system leaves the secret ballot intact. If you watch the polls and see that Fred is the 37th voter that day, then examining the 37th vote on the CD-ROM tells you how Fred voted, right? With paper ballots, the ballots all get shuffled before being counted.

More to the point, how does the voter know that the data written to the CD-ROM is the same as how he actually voted? I can show you a computer and a printout of a GPL program, and claim that the GPL program is what's actually running on the computer, but how do you verify that?

Re:Diebold

"someone should create a good Internet voting mechanism, and keep it anonymous yet feasible"

Someone's creating a good eVoting mechanism, the Open Voting Consortium. Go to http://www.openvotingconsortium.org and help out!

I'll also point out that internet voting is fundamentally insecure, but any vulnerability can be exploited infinitely. When voting takes place in polling stations (i.e. offline and under observation), the poll workers can limit the damage of any vulnerability, because they can see who comes in, control who goes into voting stations, for how long, and can stop anyone doing anything too obvious (e.g. unscrewing the voting stations and modifying their internals, for example). Also, internet voting makes any a reliable audit impossible, because there's no voter verified physical record of a vote.

Re:Diebold

You are under the mistaken assumption that a good Internet voting mechanism is possible and a good idea.

Right now, it probably isn't. Would you want your average PC to be controlling your life support system, where if it dies, you do? The wrong guy in the white house could unleash a nuclear holocaust upon us all; is that any less important?

Really, I'm not sure that it's worth it to do electronic voting anyways. A properly designed machine-assisted paper voting system (big ballots in your choice of languages, mark-sense sense system with no chad, etc) is pretty economical and reasonably hard to mess with -- especially because its functioning and potential for fraud is easier to perceive.

Re:Diebold

You can't currently have a secure internet vote.

What they should be doing is making sure the voting machines are NEVER able to remotely connect to anything. Once voting is done for the night election officials should have to PHYSICALY connect or transfer votes from the machines to a device that sends the tally to the central counting.

Once a voting machine is "certified" it should be LOCKED, taped, and completely inaccesible to remote or phyical tampering.

This excellent article at the Register [theregister.co.uk] explains what a good voting system needs.

They're inviting the state of CA into the lawsuit

because if the state joins in, the state will pay for and handle the case, and the two who started it won't have to do much. If this happens, they'll only get 20% by the way. They'll get 30% if they handle the case themselves and win though...

Condorcet Voting

As long as we're screwing ourselves with these electronic voting machines, why don't we at least switch to Condorcet voting at the same time? Computers could make Condorcet voting really easy.

Then, of course, put in that paper trail thing.

Microsofts cue?

used uncertified hardware and software
Lets hope Microsoft doesn't use this as a cue to move thier OS onto those machines. Hell, next thing we know, we'll be able to vote on our X-boxes!

Steep penalties...

Catching Diebold's products actually being in violation of the law may be a technical matter that might result in lawyers talking for days, but should that burden ever be meant, the penalty is huge, especially in California.

Diebold promised their equipment would be up to spec. If it's found that it's not, then that's just plain simple basic fraud. In CA, the whistleblower law we're talking about makes the company have to refund 100% of the money the state gave it, and 30% goes to the citizens who started the case. More or less, Diebold will have lost all of the revenue it got from CA, plus all of the losses incured due to the fact that they already tried to deliver a product that they now aren't getting paid for...

This is the kind of thing that sends a company pretty close to bankruptcy... good thing Diebold has its ATM product line to fall back on.

I've always wanted...

...a whistle blowing statue. It'd look nice next to my tuba playing lawn gnome.

Money Trail

Going after the money trail is cleaner than going after proper procedures.

common && !commonsense

CC.

50/50 nation means every vote really matters

Part of the reason why there was such a big deal over the counting of the Florida votes last year was because Florida's electoral votes were enough to give either candidate the victory in the overall election.

In many past presidential elections, isolated incidents of corruption or other flaws weren't as important because the overall result was a clear landside for one candidate or the other. Even if the irregularities in a state got so bad it tipped their electoral votes in the wrong candidate's direction, that state worth of votes usually isn't enough to tip the entire national election.

This year, with the nation split so tightly, and last time's close call fresh in everybody's mind, the tolerance for such flaws is going to be lower than it's ever been. The smallest election scandal is going to get magnified now.

Re:50/50 nation means every vote really matters

The smallest election scandal is going to get magnified now.
Unless if is in favor of the incumbent president. In that case it would be unpatriotic to talk about it.

Statistical Error

One thing I think people fail to realize is that voting is not exact. If we recounted the vote last election, the number would have changed every single time. The two were so close that statistically, they were tied. Voting is not exact and there is always error. This is the reason why when there was a recount I didn't really care what the outcome was. Sure, I wanted my canidate to win, but the simple fact of the matter was that the two tied and all that was left to do was to play according to the rules of the game to decide who won the tie breaker. Who won the tie breaker had little to do with who actually had more votes.

My biggest concern with voting is that the occasional ballot will be lost or miscounted. This will happen, and so long as it is random it probably is not going to have much of an effect. The real concern is that someone can break into these machines and really mess up the numbers they spit out. A few hanging chads here and there don't mean anything and are just an excuse to keep recounting until one guy likes the result. Someone maliciously changing votes with one of these e-machines on the other hand can cause some serious damage.

Personally, I would rather they simply stick to simple paper ballots. True, they get miscounted, but a few random miscounts are a small price to pay prevent real election fraud. People need to keep things in perspective. The real fear is not that every vote isn't counted. The real fear is that votes are counted that are faked. Our goal should be to eliminate voting fraud and work towards reducing voting miscount, but never at the expense of making fraud easier.

Re:50/50 nation means every vote really matters

No they don't, if you aren't in one of the most populous state, your vote isn't worth shit. It's like a contest where California, Texas, and New York count, and Florida is the tie breaker. If they need another tie breaker, that's Illinois and they work their way down the list. Due to the winner takes all nature of most states, little states (all but the top 10) don't count. States with a clear majority aren't compaigned in. It's a bite being in a populous state and not be worth an ad compaign.

55 California
34 Texas
31 New York
27 Florida
21 Illinois
21 Pennsylvania
20 Ohio
17 Michigan
15 Georgia

Something very misleading in the writeup

dealt to the ailing company.
Diebold as a company isn't ailing, it's doing pretty well from what I gather making ATMs...Diebold as an electronic voting manufacturer is ailing. In fact, it's so bad that some people in the company have suggested dropping it altogether because it is making the company look bad. But they persist, which may even bring further question to Diebold's CEO's political motives...

Re:Something very misleading in the writeup

Unfortunately, that's not true. I bank with Provident [provbank.com] Bank of Maryland, which is extends through Maryland and some of Pennsylvania. Last year I sent a packet with printouts of a dozen articles about Diebold ATMs, voting machines, and other funny business. I provided the material in PDF form on a CD, and included a letter about how I didn't trust Provident ATMs since they use Diebold. I sent it certified mail to their customer service department, and I heard nothing. A year later, and not even a form letter in reply. They just don't care.

It's because

The banks audit the shit out of the ATMs. The bank wants the ATM to dispense the amount someone asks for, no more no less, all the time. The bank wants that ATM to accurately fetch and send customer and transaction information, all the time. The bank wants the ATM to dispense money ONLY for the customer to whom it belongs.

Well, if Diebold made it where there was an override code ot just come and steal money, the bank would find out in a big hurry (there'd be a discrepancy between physical audits and transaction longs, and camera tapes to see who did what). If Diebold made ATMs that screwed customers for fun, the bank would be pissed (since the customer and secret service would be pissed). Basically, it is in the bank's financial intrest to make sure the ATMs work like they are supposed to and are well audited, so they do.

This isn't to say they never fuck up, everything fucks up. However the bank watches for that and corrects it. The idea is these things need to be accurate and reliable almost all the time (and they are) so customers trust and use them.

Now that you don't trust them because of the name on them, doesn't really matter to the bank. The bank knows how well they do or do not work, and presumably they are happy.

The difference is all in oversight. The banks police their machines for accuracy since the must do so to remain in bussiness. Those involved in the voting process do not necessairly do likewise since it can be to their advantage to rig an election.

A solution in search of a problem

We had the mess in Florida, but instead of identifying the real problem (plurality voting, where voting for two people ruins the ballot and a spoiler can throw the election to the overall loser) we instead looked at one of the symptoms (hanging chads, and whether or not a hole was completely punched through).

Want to fix the real problem? Use Approval voting or a ranked method like Condorcet. Overvotes don't hurt either methon (two "Approvals" or first place votes are easily counted), undervotes are tossed like normal, and a third party candidate won't throw the election to the guy at the other extreme of the political spectrum.

As it is, even if Diebold had an absolutely perfect system, Nader could still throw the election to Bush, overvotes would still be tossed out, and then you *add* the problem of having an untraceable vote that can't be recounted.

Re:A solution in search of a problem

You forget that, really, any voting system is unfair and ends up ruining it for somebody. Well, that, and it would require a constitutional amendment to make it happen.

The real, easy, workable solution is a sanity check at vote-time. They do this out where I live. Once you fill out your large-print paper ballot, they put your ballot in the machine. The machine scans your ballot and lets you know if something's wrong. However, you still have real paper ballots that can be checked for accuracy to make sure that none of the machines have been tampered with.

Re:ot: splitting the vote

According to Kenneth Arrow no voting system can be perfect

Yes, but some argue that Arrow's requirements of a perfect system were excessively stringent.

Basically, Arrow took his intuitive ideas about how an ideal system would behave, codified them into well-defined requirements and then proved that they're mutually incompatible. Some argue, however, that one of his requirements was stated more strongly that is intuitively reasonable.

The criterion in question is the "Independence from Irrelevant Alternatives", which states that addding or removing non-winning candidates should not affect the winner. This seems like a good idea until you consider sufficiently complex situations, in which it becomes clear that there *is* no intuitive right answer and that it is, in fact, reasonable to expect that the introduction of other candidates into a deeply divided electorate may change the outcome, even if the introduced candidates don't win.

Some variants of the Condorcet system do satisfy a slightly relaxed form of Arrow's Independence from Irrelevant Alternatives criterion. If you're willing to accept the relaxation as "intuitive", then those variants are, indeed, perfect.

It's also worth noting that the circumstances under which these Condorcet variants fail to meet Arrow's original criterion would occur very, very infrequently in the real world. Even if someone doesn't want to accept the relaxed form of IIA, they still have to admit that, in practice, Condorcet is perfect very nearly all of the time.

we *could* do a lot better than plurality

Absolutely.

New business plan

1)Get job at dodgy company.
2)Find out all about their dodgy dealings.
3)Blow whistle.
4)Profit!

Now correct me if I'm wrong, but I thought the whole reason for the whistle blowing law was to protect employees who want to come clean, not for them to make a profit.

Re:New business plan

Once you're labelled as a whistleblower you may never work (for a large faceless corp.) again. So the reward may have to last you into retirement.

Money is a great 2x4

The OpenVoting folks in the article complained about using the Whistle Blower/Money type lawsuit. But having read a lot of articles on Diebold and its "tactics" it seems like the only thing Diebold will listen to is an argument (court case) that affects its bottom line. That whole "follow the law and do it right" concept is lost on them. Maybe if Diebold has to cough up $100M or more they might consider doing it right. Either that or they'll pay off with vouchers for free voting machines!

Democracy...

... A system of government whereby the people get the rulers they deserve.

Seriously though, I'm generally an advocate of using IT to automate boring and repetitive tasks, but as far as elections are concerned I think it's a very bad idea. The outcome of the last US election was effected by the use of 'voting technology', and they (I'm not a US citizen, thank god) ended up having a president appointed by a panel of judges.

If elections are run in the more traditional way of putting an X in a box on a piece of paper and then having an army of people count the ballots then the whole process becomes transparent. Election fraud is made difficult by having many people involved in it's administration, the reverse is also true.

My tinfoil hat is beginning to itch, but if I wanted to rig an election using voting machines I'd like to leave myself an alibi. After all, one should never attribute to malice what can be adequately explained by incompetence. Think about it.

This has to happen in many states to be effective

The whole electronic voting setup in the U.S. is just begging to be exploited by the unscrupulous. All they have to do is "convince" the companies that make these machines to put code in them that will randomly change a vote here and a vote there, until the numbers favor whoever "paid" them off.

That's not hard for someone who is unscrupulous and is also already in power to do. Someone who is already in power can grant "favors" to the people in these companies that make decisions, whereas a challenger can only promise future favors. Considering how "business friendly" and "wealth friendly" the current administration has proven itself to be, a promise by said administration to grant favors would be taken very seriously. And since the government today basically answers only to the corporations (especially those that own the media), I think it's unlikely that such "payoffs" would get very much media attention. Furthermore, the administration is in control of a number of agencies that can "guarantee" that anyone at those companies who works on the software in question will not talk. If they try, they'll have an "accident".

Any system that can be exploited ultimately will be, and the more incentive there is to exploit the system the sooner it will happen. In the case of a voting system that is unauditable and easily manipulated, I think there is every reason to believe that it will be exploited in the upcoming election.

The only way to counter it is to make sure that the number of states using them is few enough that they cannot have a meaningful effect on the election.

But so far, only a few states have taken any action against electronic voting machines to my knowledge, and only California has banned their use outright (again, to my knowledge). That's not nearly enough to ensure that the upcoming election is truly fair.

That's why I think Bush will win the upcoming election no matter what the voters actually think -- the current administration is the most ruthless and underhanded I've heard of, and that kind of approach is all that's needed to exploit the obviously vulnerable electronic election system in the U.S.

Tinfoil hat stuff? You bet. But 20 years ago, anyone who suggested that software would be patentable in the future would have been dismissed as a conspiracy theory nutcase. But it happened. 30 years ago, anyone who suggested that the U.S. would pass a law like the USAPATRIOT act would have been laughed out of the room. But it passed anyway. Tinfoil hat stuff is hard to dismiss if it is internally consistent, agrees better with all the facts, and explains current events better than everything else. As is, I believe, the case here.

This is what we need...

Here's what we need...

A touch screen voting booth that lets voters select the canidates they want.

After the voter casts their vote the booth prints out a ballot that's machine readable yet understandable to the naked eye.

The voter checks to make sure that the canidates they selected are recorded on the ballot and then feeds it into a reader. It's this machine that actually records the voter's vote.

This way not only do we get the benifit of a machine count but a paper trail to boot.

Jim March's Comments

Jim March broke the news last night over on The High Road [thehighroad.org]; I submitted the story last night, but was rejected. Anyhow, follow the link, and you can read Jim's commentary, and discuss the case with him (he's a senior member and very active participant over at THR). All sorts of little tidbits over there--the suit has been in the works since November, but a gag order was just lifted yesterday. Somebody else mentioned that the plaintiffs get a 30% bounty on the damages, or 20% if the state provides legal assistance (that should be 15%, not 20%, BTW). He also discusses the basis for the fraud suit, and the somewhat unique method (Qui Tam) they've chosen to fight Diebold; he likens it to the tax evasion case against Al Capone. Definitely a good, lively discussion over there; well worth a read.

All forms of voting are imperfect

All forms of voting are imperfect on a large scale.

Old-fashioned paper ballot boxes can be stuffed a la "Box 13" of LBJ's Senate (D-TX) election of '48.

Mechanical ballots like Florida's 2000 punch-card ballots are vulnerable to designs which make incorrect voting likely, and this can be engineered to favor a particular candidate.

All-Electronic ballots vulnerable to software and hardware errors.

All of the above are vulnerable to catastrophies like fire, tornado, and other extreme circumstances.

Our best bet is to combine the best of the available technologies:
1) The actual ballot is a human-readable, voter-verified ballot that, barring corrupt poll workers and observers, cannot be easily tampered with after the vote is cast. This physical ballot will be counted on election night and used in any recounts.
2) machines are used to assist the blind and other handicapped voters in casting their votes and verifying their ballots, and to make a "clean" ballot which can be read quickly with almost zero errors by a counting machine or human counter.
3) machines keep a secondary count of vote totals so news media can have a good, unofficial, estimate of the actual vote totals within a short time after the polls close. Barring error, the unofficial count will match the official count exactly.

Oh, of course any machines used in voting or counting votes would be "open for inspection" - that is, the hardware design, manufacturing processes, source and object code, would be published information and open to scrutiny. The actual hardware and object code would be audited to make sure it matched the published specifications, and if not, the difference would be documented for all to see.

As machines aren't perfect, human poll workers, election judges, and observers will be allowed to observe all parts of the election process.

In related ? news

Diebald issued a stream of no less then 3 patches in 3 days to fix their flaming new counting software release. "This will seal the problems while the machines are sealed until SP2 is out" said a pointy haired spokeperson. "We're proactively seeking the achievement of market leadership by deploying retroactive patches to updated software. Nation trust us." he said in a stunning wordplay worth of Nostradamus fame.

Opposers of the Diebald software proposed an open-source alternative , but their open attitude apparently is preventing them from ideologically sealing anything. "Let me patch it realtime while you vote ! Hey watchout I'm patching here !! wait just another minute ... " an unidentified supporter said ; a few seconds later an angry queueing sweating roaring mob introduced him to the concept of releasing by due date. No penguin was harmed in the process.

Another angry flash mob quickly assembled in streets chanting praises of the aging, but reliable paper and pen voting system.

And as usual..

This is probably just the tip of the iceberg.

*sigh*

not a programmer

BTW, Jim March is not now a programmer, he's a full time lobbyest for a gun owner's rights group.

"Simple" completely-workable E-Voting Scheme Here!

A voting station consists of:

1) touch-screen computer.
2) printer.
3) scanner-fed shredder.

Polling place consists of:

1) one-or-more voting stations.
2) one scanner-fed lock-box "ballot box".
3) one computer conected to ballot box.
4) one lable/sticker printer attached to the ballot box computer.
5) one scanner-fed lock-box "errata box".
6) one computer conneced to errata box.
7) one or more trained poll staffers.

By "scanner fed" I mean a contraption such that an optical scanner reads a document and, after all the barcodes are scanned, if they make sense, the physical document prodeeds to the fed device.

-- ALL Printers (etc) print on a "reasonably heavy" card stock.

-- The errata bin scanner, unlike all the other scanners, will not reject/return an unscannable document. The Errata box also has a slot for truly mangled debris sheets. This errata bin should score or deface the ballots so inserted (have a roller splash "void" over their face etc.)

-- There is no "network", wireless or otherwise, connecting the voting stations to anything.

How voting procedes:

1) before polls open the voting system is used to print-up a bunch of "blank" ballots that have psudo-random or sequenced or whatever "GUIDS" and the big black words "this side down" in several languages, and these printed blanks are set up in bins. Blank ballots are printed at (any of) the voting stations using an administrative key or there could be a dedicated blank printer.

2) The voter aproaches the human who checks the voters ID etc.

3) The voter the selects, at random, one of the
"blank" ballots and takes it to a voting station.

4) The voter scan-and-shred(s) the "blank" ballot to start the touch-screen process.

5) The voter navigates the touch-screen process in the language of their choice.

6) When the voter selects "done voting" the card-stock printer prints a completed ballot with (JUST) the name-office or initiative-selection pairs (e.g. President: Bob, or Issue 167: NO) selected by the voter for the issues he wishes vote, the GUID from the "blank" original, an encoded barcode/dotcode splash containing all the votes in machine readable form, the GUID, the "voting station serial number", the "voting station voter-session sequence number" and a checksum.

7) The voter then leaves the voting station.

8) The voter visually reviews their ballot print-out.

9) The voter may then either proceed to the ballot box or back into any voting station to ammend their vote via a scan-and-shred operation.

9a) If the voter elects to change their vote, they return to any voting station and, do the scan-and-shred operation as in step 3, but the station has read the barcode/dotcode splash and brought up what it read from the splash as the reviewable and changable defaults. The voter carries on.

9b) If the voter elects to cast his ballot, he takes it to the ballot box, where it is scanned and the ballot is stored in the lock-box.

10) The voter is given an "I voted" sticker with an MD5 (etc) checksum of their ballot printed on it as produced/recorded by the ballot-box.

-- Any ballot that is cast into the ballot box should be scored (e.g. roller stamped) with a scanner-cookie barcode that would make the voter stations reject it so that somone couldn't just open the box with a key/pry-bar and take the ballots over to a voter station, and edit them.

-- The ballot box would reject scanning/honoring a duplicate GUID, preventing all sorts of tampering/stuffing schemes.

-- A successful post-casting edit attack would be revealed by the mismatch of the nubmer of ballots in the box (physically counted) compared to the number scanned by the box, so there is a check-and-balance.

-- Any ballot that cannot be scanned by any of this equipment because of dammage (dropped, stepped on, torn, etc) or when a voter decides that something is "queer" is scan-and-stored by (or just p

Why bother with DREs?

Let me see if I get this straight.

The 2000 election was supremely screwed up, particularly in Florida, because people were voting with some old-timey machines that made holes in paper ballots, which could then be counted by machine. Only sometimes the holes didn't punch all the way through, or sometimes the ballots themselves were a little bit confusing.

The ballots had to be recounted by hand in Florida, with the help of a lot of volunteers and quite a bit of state money in order to deal with these problems -- also that Florida state law (as in most other states) requires a manual recount in case of extremely close races.

So the solution from the Federal Government is the Help America Vote Act (HAVA) that says states need to have secure, accurate voting machines that meet stringent guidelines for security and accuracy (not to mention accessibility by the disabled). If these machines are electronic, so much the better.

Under HAVA, the Federal government will grant the states buckets of money ($861 million so far, and plenty more to come) to get their voting machines compliant.

Only there's a few problems. States don't yet know what being compliant means, because the standards and definitions are still being worked out by the Election Assistance Commission (eac.gov) and the National Institute of Standards and Technology (nist.gov).

The EAC has got as far as appointing a subcommittee, but they're not due to meet again until Jan 2005, at the earliest.

What you're left with is states looking for machines they THINK will be compliant with HAVA -- particularly with the Americans with Disabilities Act (ADA), which calls for private, unassisted voting by blind people -- meaning that the voting machines will have to have audio components that read a person's choices and, before casting a vote, read a person's selections.

Direct recording electronic (DRE) voting machines are very good in this regard -- they can be very easily customizable at the state level to work at the precinct (or school board district) level.

But the problems with DREs are well documented -- inaccurate counts, easy (relatively) to manipulate, hackable, etc. And without a hard-copy record, impossible to do a recount.

So the solution proposed by California Sec of State Kevin Shelly, among others, is to have DREs create a 'voter-verifiable paper audit trail' (his term). Which means that the electronic machines have to print a paper record of the ballot which is then kept securely for recount, if neccessary.

Now this begs a couple of questions.

If a jurisdiction uses these fancy new machines to record, tabulate, and transmit vote results electronically, but at the same time has to keep paper copies of the votes for recount, then the paper ballots will surely be subpeonaed after any vote that is reasonably close (say within 5 percent).

It is a given that the paper ballots are going to be counted anyway, especially considering the number of races (town, county, school district, congressional district, senate, etc.) that are 'close' in any given year.

What this means is that HAVA is asking states to trash existing, functional machines that produce machine-readible paper ballots, machines that originally cost maybe $300 each and are already paid for, and replace them with new machines that cost more than $1000 each, and produce ballots that will have to be counted by hand.

Another issue that the press has not yet gotten wind of is the large number of election officials who have retired, gone on early retirement, or changed jobs since 2000. An unprecendented number of chief election officers in counties and states across the country will be supervising their first general elections this November. A comforting thought.

The outgoing officials saw sense -- that there is a train wreck approaching. An awful lot of people will be voting on machines untested in an actual election environment, and those machines are by many measures inferior to the

The pied piper of Hameln?

under a whistle-blowing statue

Is this like the pied-piper of Hameln - the statue plays its whistle, and everybody's votes disappear... and then if the piper isn't paid, he releases some of the votes back, and George W. Bush is re-elected?

Whistle blowing STATUE?

Where is this statue located? Did it get pooped on by pigeons?

In the "KNOW" roadblocks

In this article [toledoblade.com] by the Toledo Blade an alleged "computer expert" and state rep candidate Mr. Myers expresses his views as it pertains to paper trails and EVM's as "I liken this part of the bill to adding a ladder to an elevator. We had something good. Now it is just made more complex."

I guess adding a printer COULD make these pesky things a little more complex AND prone to failure, but I fail to see why. If a system can't pipe data to more than one output/storage device it's not worth having IMHO.

When we have up and coming wanna-be politicians whom are supposed to know better (you would think someone claiming to be a bonna-fide computer expert would) and we still get drivel from them like this I really feel they don't want honest elections. Trust being the core component behind most large issues in life, such as money, relationships, voting, driving...trust this : to error is human, to really screw something up takes a computer.

Heres the solution..

Why not just wait until election day and call out names and then ask everyone in the state to put their hands up if they want that person? I think it would just about be better than Diebold.

software

I write test stand software and firmware for instrumentation. I just don't understand why this is so damn difficult. It seems like a no-brainer to me.

It's rather incredible that anyone would accept

... software for an election system with standards for validation and verification that don't achieve a quarter of the reliability that MilSpec achieves. Is there a more ubiquitously 'mission critical' an application? I don't think so. Yet they don't even have requirements for end-to-end error detection, let alone correction. It's a classic one-way communications channel, and there's virtually nothing to ensure the information isn't corrupted, either deliberately or systemically.

If I'm required to vote electronically...

...and I don't receive a paper confirmation of my vote, can I sue claiming that my electronic ballot was counted wrong, and force them to prove it's been counted correctly?

If they can't, it means their system may be compromised. If it can, then my privacy has been compromised. Either way, without a paper trail they should lose.

Bev Harris is a f=== whore

Bev Harris and her attorney are suing so they can get rich. Diebold is probably more innocent than not, and what you have here is a partisan Democrat looking to smear a corporation and get rich quick at the same time.

Critical thinking usually means that accusations filed in court should be taken with the grain of salt they deserve.

"State officials have spent millions...

...on the paperless touch screen machines"?

Well, fair enough. Those paper touch screen machines don't work too well, after all...

Re:Code

unfortunately, to you, it is. there's no one running by the name of 'Kerri'. sorry, mate.

and why is vote a boolean? if you were trying to make a joke, shouldnt it be if(true)...?

sigh...tell your manager at diebold i said hello.

Re:Code

Ah, thank god you have me to debug your code. Here ya go:

private void countvotes(bool vote,SSN){
if(vote){
Kerri+=1;
alert_SS("$SSN");
alert_IRS("$SSN");
}
else{
bush+=1;
echo "thank you, citizen, now go play somewhere else";
}
}