Touch Screen Voting Industry Circling Wagons 602
bhoman writes "Salon has an interesting article/interview with the author of a forthcoming book, Black Box Voting, by Bev Harris, that looks at electronic voting machines, especially Diebold touchscreens. The story includes incriminating internal memos, cease and desist orders from Diebold, transcripts of an industry teleconference where Harris Miller of the ITAA brags of his lobbying experience, and documentation of a backdoor via an Access MDB with no password. This is for software currently being used in 37 states. "
The story becomes more mainstream... (Score:2, Insightful)
Re:The story becomes more mainstream... (Score:4, Insightful)
Re:The story becomes more mainstream... (Score:4, Insightful)
Re:The story becomes more mainstream... (Score:4, Insightful)
Well, in theory it might be possible to do that, but most precincts have many (10+) booths, and you'd have to do some pretty clever record-keeping to keep track of which booth folks go into. AFAIK, its not legal to videotape voting rooms (basically it is considered intimidating, and thus in violation of the Voting Rights Act or some such thing - I remember reading a news story about it in the '96 election), so somebody's gonna have to keep track of which booth every single person votes in.
There are easier ways to intimidate voters. Indeed, optical scan could hold the same capacity for order-count, since there are multiple booths but only scanner, which will hold the ballots in a stack inside. With only a single scanner per precinct, it would be easier to reconstruct the sequence of voters & votes from that than from the black-box method.
"votes must be independently counted" black-box == !record there is no way for the representants of any party to check by hand.
Now the 'no-record' problem is a stickier wicket. Here's my theoretical solution, that also resolves some of the 'butterfly ballot' issues that were problems in the Florida vote. Basically, after the voter has completed the vote process, the machine would print a copy of their ballot. The voter is then asked to check it for any errors. If they think its OK, they run it through a slot that goes to a bin that stores the hard-copy record of all the votes, and triggers the vote to be counted by the machine. If they made a mistake, then they run the hard-copy through a different slot that shreds the ballot and re-starts the voting process. This gives a hard-copy record for any re-count, and provides for people to check and make sure they didn't vote for Pat Buchannan when they meant to vote for Ralph Nader.
It's a basic principle, all right (Score:5, Insightful)
There are at least two reasons why you want secret balloting, one of them rather subtle. The obvious one is to prevent voter intimidation; the other is to keep people from being able to bring evidence that they voted for a particular candidate outside the confines of the voting booth.
Otherwise, I can park across the street with a sign reading, "$1 Paid For Each Vote for Candidate X" and buy votes from people coming out of the polling place with proof of their vote. Some of the machines being discussed would enable corrupt voters to do exactly that.
You really don't want to have any way to associate individual voters with their votes during or after an election. I'm sure there are tons of potential exploits beyond the few that I've heard of or thought of myself. Dropping the voter-secrecy requirement would be a major step in the ongoing banana-republicization of America.
Re:It's a basic principle, all right (Score:3, Insightful)
Otherwise, I can park across the street with a sign reading, "$1 Paid For Each Vote for Candidate X"....
Could you explain why, exactly, this is a problem? If someone chooses to sell their vote, why shouldn't they be allowed to do so? This is a serious question.
Re:It's a basic principle, all right (Score:5, Interesting)
Could you explain why, exactly, this is a problem? If someone chooses to sell their vote, why shouldn't they be allowed to do so? This is a serious question.
Because it undermines the whole notion of voting for a candidate because of the things they promise to do once in power. Bad election practices such as these were common in parts of England until the nineteenth century. "Rotten boroughs" with small numbers of eligible voters could be used to ensure a candidate got into parliament. Even after the widening of the franchise a mixture of bribery and coercion was common, with small farmers and manual labourers expected to vote how their bosses saw fit.
Chris
Re:It's a basic principle, all right (Score:3, Informative)
You didn't mention that in one particular case, one of the "Rotten Boroughs" was actually under water yet there was an MP sitting in the House of Commons representing the submerged town. However, had I been the MP, I would've retorted that the underwater town was populated by Basques and thus the t
Re:It's a basic principle, all right (Score:5, Interesting)
Take a simple model of a non-secret ballot where everybody's vote is published in a newspaper the day after the vote. John Q. Public can check the paper, verify his vote was recorded correctly, and verify that all the votes add up to the reported total. There's no opportunity for fraud except for the case of vote buying but then the voter is a willing participant, and, in fact, can be done in the existing system through absentee ballots.
What's needed is a method where the voter can verify his vote and the reported totals without sacrificing his anonymity. Then it doesn't matter if the vote is cast on paper, electronically, or by smoke signals. It then becomes an argument over which system is more efficient (less mistakes, faster results, etc.) rather than which system is more open to fraud.
Re:It's a basic principle, all right (Score:5, Interesting)
Re:It's a basic principle, all right (Score:3, Funny)
I can just see it.
Billy joe: "I'LL FEED THE HOGS LATER MARY SUE! I'M CALCULATIN' MAH SH1 HASH CODE!".
Mary sue: "WELL SAVE ME SOME O THAT HASH BILLY JOE! I'M DANG TOOTIN STRAIT AS A POLE RITE NOW".
Re:It's a basic principle, all right (Score:3, Insightful)
Re:It's a basic principle, all right (Score:3, Insightful)
And when 5% of the voters forget their password and think it's something else, did they forget it or were 5% of the votes just stolen
One vote-buying scheme (Score:3, Interesting)
Here's one that supposedly happened quite a bit until systems were modified to defeat it:
You go to the polling place, and get stopped across the street by a couple of guys, who hand you a pre-filled ballot form. You put it in a pocket, walk in, get a blank form, go into the booth and dawdle for a few minutes. Before leaving the booth you pull out the pre-filled form and pocket the blank form. When you leave the booth you drop the pre-filled ballot into the box, walk back across the street and and give
Re:The story becomes more mainstream... (Score:4, Insightful)
Interesting that you quite correctly acknowlege the fact that every election result has a margin of error, but then fail to apply that fact to the 2001 result in Florida. I believe all the counts in that election were within a 2.6% margin.
The problem with the Florida 2001 election isn't that it got the results wrong. It is that we were forced to accept a statistically suspect outcome because of a lack of procedures for dealing with an extremely close count. Plus, whatever procedures might have been in place appear to have been hijacked by partisan entities. Whether you're Republican or Democrat, this is not a good thing for democracy.
Wow, Diebold can (Score:4, Interesting)
Re:Wow, Diebold can (Score:3, Funny)
North Canton is also the home to the Hoover vacuum cleaner company. Perhaps it's a matter where the technology from North Canton just sucks.
Also, the Diebold HQ in North Canton is pretty dinky...perhaps like their exec's wieners. Gee, that was just too low.
Quotes from the above article: (Score:4, Informative)
Quotes from the above article:
No official at Diebold or the Georgia Secretary of State's office has provided any explanation at all about the OTHER program patch files -- the ones contained in a folder called "rob-georgia" on Diebold's unprotected FTP site.
Inside "rob-georgia" were folders with instructions to "Replace what is in the GEMS folder with these" and "Run this program to the C-Program Files Winnt System32 Directory." GEMS is the Diebold voting program software.
Another quote:
- And assume that all 22,000 program patches did exactly what they said they did: Corrected a conflict between Windows CE and Diebold's firmware to prevent screens from freezing up.
Re:Another article by Bev Harris: (Score:5, Interesting)
Just as the Salon.com article was picked up here at Slashdot, Conspiracy Planet picks up articles from wherever it wants. It copied an article that was in Scoop Media. The Seattle Times reporter was somewhat misleading, and he was determined to get the word "conspiracy" into the article somehow.
I put him on notice that if he called me a conspiracy theorist, he would have to back that up with facts or I would require the editors to print a correction. Then he said "well, I'll just print what others say about you."
This guy did everything but stand on his head to slant the story, but I blocked most of the efforts. Something he fails to report in his story is that the Microsoft Access hack that is the subject of the Scoop Media article, the Ken Clark memo, and the Salon.com article (and was vetted out right here on Slashdot) -- well, I demonstrated that hack in front of the Seattle Times reporter, the IT guy for the Times, and a Seattle Times photographer, who commented, "Wow. This shows you can rig an election."
The reporter's use of the "Conspiracy Planet" reference was pretty disengenuous, when you realize that he knew damn well my work has also been covered in the Washington Post, AP Wire service, the San Francisco Chronicle, and CNN.
As you can see, I'm getting sick of the "conspiracy" label, since I've broken seven stories in a row on the voting issue and every one of them has checked out and, eventually, been picked up by the mainstream media, albeit haltingly. For a long time I just ignored it, but now, when reporters try to go there, I tell them to back it up or get hit with a correction, and if they don't correct, a libel suit.
Sad that it has to come to this -- printing facts is not the same thing as being a tinfoil hatter. What I do is scrutiny, and my facts check out.
Bev Harris
Re:Another article by Bev Harris: (Score:3, Informative)
Also, extra thanks to Bev for her recent efforts to post notifications and address issues on this site; because of this I'll be purchasing a copy of her book [got.net]. The publisher's iconogrpahy is unfortunate for promotion purposes, but ultimately irrelevant to the books' content.
Re:Another article by Bev Harris: (Score:3, Funny)
Perhaps you should a consider a journalist calling you a conspiracy theorist a compliment?
Much of the "journalism" I see/read/hear lately is utter trash, especially from the big TV and cable networks. The bias there is quite disgusting and appears to be motivated by its entertainment value rather than true newsworthiness (I cite the shark sightings stories, for example--sharks are irrelevant!).
Touch Screens are GOOD (Score:2, Interesting)
Bush in 2004 (Score:2, Informative)
http://www.infernalpress.com/Columns/election.h
Access Database? (Score:5, Funny)
I wouldn't use an Access Database as a way of securing my list of CDs, let alone my democracy.
Then again, does Dubya have any more brothers who are governors?
Re:Access Database? (Score:2)
Or scarier still, look at the drivel our kids are learning in school and ask me if educational experts are designing our kids' textbooks.
wroooong (Score:5, Informative)
No, you're wrong. Greg Palast did extensive research [gregpalast.com] into what happened. Don't buy the party line from Fox News, CNN, and others who completely whitewashed what happened in Florida.
Now that Diebold has a lock on voting systems, expect more fraud and even less media acknowledgement of it.
Re:wroooong (Score:4, Informative)
dated August 2002, includes the following:
If there were no voters purged incorrectly, why is this part of the settlement between the U.S. Government and the counties of Florida?
Why all the reports of African American voters turned away at the polls, as reported by the USCCR?
Trouble Brewing (Score:2, Interesting)
Re:Trouble Brewing (Score:3, Insightful)
If you call making sure all the votes are counted 'bickering' then we're in serious trouble.
the only solution... (Score:5, Interesting)
Hell the hardware needs to be open for review also. It's not like there is any secret designs in there (Unless you are trying to hide something illegal)
All it takes is a tiny bit of off the shelf hardware components, a refrence design and the software to make it work easily... anyone could make an electronic voting system.
until it's all open for review by today's IS and IT experts I will not trust it or the companies making them. This isn't some silly toaster or PVR... this is the basis of the United States... voting..
Re:the only solution... (Score:5, Insightful)
You will want to ensure that the machine accurately registers and tallies votes. Verifying the source alledgedly used in all the machines is not sufficient: you'd need to inspect the (sufficiently large) CRC of the binaries on each and every of the voting machines. You'll want to verify that they are indeed running the software that you have inspected, not some doctored version.
Even if all machines produce accurate data, that will do little good if anyone can edit the resulting data file, or if the totals are communicated to a central counting facility through a means which allows easy forgery of the results.
The problem with any electronic voting system is its intransparency, not of the program source, but of the voting and tallying process. Once the job of vote registration and counting is delegated to a machine, it becomes invisible. It is like handing a box of paper ballots to anyone in the streets and asking him to tally up the votes without any supervision. You'll have no idea of the accuracy of the resulting count, unless you are able to recount yourself... and for that, you need a paper trail.
I firmly believe that any electronic voting needs to be accompanied by a paper trail, and that the counts must be subject to verification of a recount using this paper trail. An electronic voting machine should either produce a paper ballot which the voter can inspect and post in a lockbox, or it should scan a paper ballot on which the voter has indicated his choice by hand. There arer very good reasons to trust paper ballots over electronic ones that are hidden inside some machine:
- The voter has tangible assurance that the vote that is deposited is the one that he has cast
- The counting rersults are verifiable: the counting can take place in a group of people from all stakeholders in the election, who will all watch each other.
- In case of doubt, a recount can take place using the original ballots counted by a different group of people.
- Most importantly: paper ballots are incredibly hard to forge in bulk, and it is very hard to introduce a significant amount of them into the counting process.
Re:the only solution... (Score:5, Insightful)
There are two primary things we want to accomplish with EVotes -- first, we want to make the voting process easier to engage in. Second, we want to make the counting process more efficient (less costly). We would also like to reduce the error rate, to the extent that we are able.
A touch screen voting interface, big and clear and nice, is exactly what we need to help walk people through the process. We can't, though, rely on the software in these machines. One read through the memos above should convince you as to why -- these people just have no idea what they're doing. Basic? Access databases? Windows? My god.
What this says to me is that we simply cannot get away from paper. So what we want is a system that makes paper easier to use, leaves a paper trail for auditing and verification purposes, and provides ample opportunity for error checking by the voter and by election officials.
We use the touch screen to answer questions. At the end of the voting session, the system prints a "vote" and electronically tabulates the results. The voter verifies that his printed vote matches what's on the tabulation screen. The voter then folds his paper vote and deposits it with election officials in a good old fashioned ballot box.
We can then use the electronic tabulation to check quickly on the results -- this is quite efficient. We will also engage in a substantial amount of verification, by counting the paper votes by hand and verifying this against totals learned electronically. The paper always wins, in this system. We do not necessarily need to count all of the paper votes -- we can use random sampling.
It seems like a win in both directions, for me. Risks include unacceptable printout quality (printer wear), and insufficient random verification.
Important things with votes (Score:3, Interesting)
All these discussion about costs and speed usually leave out the primary goals of a democratic voting procedure, which should be:
The ballots are secret so that nobody can be persecuted for his vote.
The final tally reflects accurately the will of people having voted. For accountability
Re:the only solution... (Score:5, Insightful)
ISO 9001 described manufacturing and processes.
The important thing to remember about ISO9001 is that it's perfectly OK for an ISO9001 shop to fling completed motherboards frisbee style across the warehouse so that it hits the wall and lands in the pile for packaging/shipping as long as that is the written procedure.
It says nothing about quality, it doesn't even assure consistancy (some boards may actually function after the above proicedure, it's random dumb luck). All it really assures is that somebody paid some ISO9001 auditors a hefty chunk of cash.
The real primary goal of ISO9001 is to remove all human thought from the process so that low paid unskilled labor can operate like expensive industrial robots.
Note that the original INTENT was to force a company to think about it's procedures in an organized manner and so make improvements in their process and in the process generate good solid and complete operational manuals. Unfortunatly, that rarely happens due to managers and ISO auditors taking what should be a manual of good ideas and raising it up to the status of holy scripture.
It is cynically amusing to listen to people in an ISO company talking about procedures in the manual. They sound EXACTLY like door-to-door bible thumpers quoting scripture. It's not at all unusual to find walls plastered with posters repeating the same 'inspirational' phrase everywhere. The phrase is so pervasive that it no longer carries meaning, but instead invokes conditioned response, not unlike a particularly dysfunctional religious cult.
It never once occurs to them that the outcome is what is important and that procedures should be re-written if/when they lead to a poor outcome.
Backdoor (Score:5, Funny)
Well, it is called Access after all.
Land Of The Free (To Enter) (Score:5, Funny)
Use open source in government (Score:5, Insightful)
Every software in government, which is paid for from citizens taxes, should be open source. So that every citizen (at least the one which is a programmer) could check whether the code is good and fair, especially in elections.
Of course the code actually used in voting machines should be double checked by government professionals, but everyone should have an access to read the code.
Re:Use open source in government (Score:3, Insightful)
Maybe I'm being a little bit picky here, but I'd prefer the best tool for the job (yes, I am a gov't employee).
If that happens to be open source, so much the better, but I don't want to be forced to fumble around with an inadequate tool, and waste time and taxpayer dollars, just for the sake of using open source software.
Whether or not some people care to admit it (and there are pleny who still don't), someti
Re:Use open source in government (Score:5, Funny)
Maybe I'm being a little bit picky here, but I'd prefer the best tool for the job (yes, I am a gov't employee).
That's why, when ballots are counted by hand, no one is allowed to look how they are being counted. You see, when the ballots are counted behind closed doors, the result comes back in under a minute, but when people can inspect the counting, and insist upon a "procedure" being drawn up that everyone can rad, manual counting can take an hour!
Many countries prefer to manually count votes behind closed doors with no published counting procedure. For example, Iraq, China, etc. In fact, in these countries the election results are almost always known even before the elections, that's how efficient it is!
Re:Use open source in government (Score:5, Insightful)
There is a vast difference between using some proprietary math program down at NASA and using a closed-source voting system. One of them results in a spacecraft that doesn't work; the other results in a government that doesn't work. You pick. :-)
Re:Use open source in government (Score:3, Insightful)
I see some misunderstanding here.
Using the best tool, even commercial one, does not prevent you from releasing your sources.
You're only unable to release the tool's sources, but you don't have to.
There will allways be enough number of independent developers able to check your work.
Regards
Re:Use open source in government (Score:3)
In this case, part of the "job" is proving that the voting software doesn't have a back door that enables somebody to fix the vote. That's simply not possible unless disinterested third parties can examine the code.
Re:Use open source in government (Score:3, Interesting)
Whether or not some people care to admit it (and there are pleny who still don't), sometimes the only/best tool for the job is closed-source commercial software.
But let's stay on the topic of elections. Perhaps here the best tool is a paper ballot (gasp)? Of course you'll need machines to count the millions of ballots, and that should probably be open-source software (how can you build public trust in the process
Re:Use open source in government (Score:3, Informative)
Re:Use open source in government (Score:4, Insightful)
Maybe I'm being a little bit picky here, but I'd prefer the best tool for the job (yes, I am a gov't employee).
If that happens to be open source, so much the better, but I don't want to be forced to fumble around with an inadequate tool, and waste time and taxpayer dollars, just for the sake of using open source software.
Whether or not some people care to admit it (and there are pleny who still don't), sometimes the only/best tool for the job is closed-source commercial software.
I'm sorry, but you are full of it. The amount of money that the federal government spends on software procurement and maintenance is staggering. In many cases, the federal government is the only customer of some firms. Thus, all Uncle Sam has to do is say, "form now on, if you sell to us, its open source." If they company doesn't like it, then tough, they can find others to sell to (the federal government should not be in the business of propping up other businesses).
In the other case, where the federal government is the only customer, then they stand to lose absolutely nothing by opening the source, unless there is something they are trying to hide.
As far as the best tool for the job: I would hardly call an end-to-end MS desktop, running MS Office, hooked to MS Servers solution that croaks everytime a new virus comes out and paralyzes entire military installations and federal departments, the best tool for the job. I have seen that exact thing happen so many times that I cannot fathom why we still see things like the recent procurement deal the Army signed for ~$900 million that only included MS OSes.
Re:Use open source in government (Score:5, Insightful)
I call bullshit on you.
George W. Bush won the 2000 election under the current American Electoral System. Sure, Gore may have won the popular vote, but that doesn't directly decide who the president is in this country.
The mix-up in Florida was because people couldn't figure out a simple ballot. It was decided by the powers that be that Florida's electoral votes would go to Bush (well, that's a generalization, but the same idea).
The moderators would have a better time with this if there was a Score: -1, Conservative.
Re:Use open source in government (Score:5, Informative)
> American Electoral System.
Oh, is that how it happened?
Even if we ignore the controversial Supreme Court ruling, the issue was much more complicated than that.
Jeb Bush and co. worked to get thousands of black voters disenfranchised by removing their names from the voting rolls if they had a name similar to that of a convicted felon ("Official: Florida disenfranchised minority voters", CNN, March 9, 2001).
Bush worked to maximize the number of overseas ballots in counties he won, he also worked to disenfranchise military ballots in counties Gore had won ("How Bush Took Florida: Mining the Overseas Absentee Vote", New York Times, July 15, 2001).
Of course, the problem was exasperated by Gore deciding to only have recounts in counties he won, rather than across the whole state.
So, the real issue was not just a complicated voting ballot, but also the way the votes were counted. And it's easier to verify how votes are counted (and recounted if necessary), if there's a paper trail. It doesn't help that Diebold's system is insecure.
Consider the fact that Diebold CEO Waldon O'Dell is a Republican who said in a fundraiser letter that he was committed to ""committed to helping Ohio deliver its electoral votes to [George W. Bush] next year." It is all the more important to make sure the way votes are cast and counted are transparent to the voters themselves.
And before I get lambasted by conservatives, consider the following: how would you react if you heard that the CEO of the company supplying voting equipment wrote in a Democratic fund raising letter that he was committed to helping Hillary Clinton win the presidency in 2004? You'd be a little nervous, and a lot pissed.
Re:Use open source in government (Score:5, Informative)
> held hearings on the Florida election, they were not able
> to find a single person that was disenfranchised by the
> felon list.
You linked to the dissenting opinion, and not the original report. The majority opinion was 6-2. The U.S. Commission on Civil Rights found that the 2000 presidential race in Florida was marred by "injustice, ineptitude and inefficiency" that disenfranchised minority voters.
The report concluded that
* "countless unknown eligible voters" were wrongfully turned away from the polls or purged from voter registration lists because of procedures and practices used by election officials.
* criticism of an an effort to purge convicted felons and other ineligible voters from registration roles. Lists of ineligible voters, compiled by a private firm, had an error rate of at least 14 percent, and black voters had a "significantly greater chance" of appearing on the inaccurate lists than white voters
* black voters were nine times more likely than white voters to have their ballots rejected during the counting process. Faulty voting systems were more likely to be used in areas with higher percentages of minority voters, but even in counties where the voting systems were the same, black voters still had a higher rejection rate than white voters
(Source: "Civil Rights Commission Approves Report Assailing Florida Vote", CNN, June 8, 2001.)
The sentence you cited from the New York Times article was incomplete and out of context. It was talking about the Democrats' accusation that the Republicans had organized an effort to seek votes after the deadline: "The Times study found no evidence of vote fraud by either party. In particular, while some voters admitted in interviews that they had cast illegal ballots after Election Day, the investigation found no support for the suspicions of Democrats that the Bush campaign had organized an effort to solicit late votes."
Earlier in the article, "the Republicans mounted a legal and public relations campaign to persuade canvassing boards in Bush strongholds to waive the state's election laws when counting overseas absentee ballots. Their goal was simple: to count the maximum number of overseas ballots in counties won by Mr. Bush, particularly those with a high concentration of military voters, while seeking to disqualify overseas ballots in counties won by Vice President Al Gore.
Silly, Silly, Silly (Score:5, Insightful)
paper trail (Score:2, Insightful)
Paper receipts make it easy to pay for votes. (Score:2)
Re:Paper receipts make it easy to pay for votes. (Score:2, Interesting)
lack thereof makes it easy for a corrupt company (diebold) to steal votes. hmm... to have the votes bought, or stolen? it's a tough choice. however, it seems like it would be easier to affect the election on a much larger scale without a paper trail.
Receipts should be treated as ballots for audits (Score:5, Interesting)
I would say that the system could be made even better this way: separate out the voting and tallying machines, using the paper as a medium of transfer.
It would work like this:
(1) Voter makes choices on the voting machine.
(2) Voting machine prints out paper ballot with text and barcode representation of the votes.
(3) Voter confirms that text matches his wishes; if so he places the vote in the tallying machine which scans the bar code, puts it into a database, prints the database serial number on the ballot and deposits it into a locked box. If the ballot is unreadable,the machine spits the ballot back out and the voter can try a different machine. If for some reason the tallying machine will not accept a voter's ballot, the ballot is placed in a separte locked box for manual tallying.
(4) After the election, database records are randomly audited to compare with paper ballots; paper ballots are likewise randomly audited to ensure that the bar codes correctly. The locked "ballot boxes" should have a mechanical counter which indicates the number of times they are opened; a proper log should be kept every time of every time the ballot box was opened and why.
Such a system would have the auditability of a paper system, with an electronic system's rapid and accurate tallying and ability to handle complex balots.
Re:Receipts should be treated as ballots for audit (Score:3, Insightful)
There's no limit to how good such a system can be if it matters enough to the people buying it.
And, we're talking about a freshly minted piece of paper with markings designed to be machine readable.
Re:Silly, Silly, Silly (Score:5, Insightful)
Perhaps the voting machine's purpose should be 2 fold - to do an electronic tally at the time of vote selection as well as print out a hard copy ballot recording the person's vote. Basically, the computer becomes a electronic front end to the usual system of voting with pen and paper, just replacing the pen, not the paper. This copy should be human readable so the voter can chack that the machine did indeed register his desired choices, as well as machine scannable to facilitate electronic re-counts. Heck, human readable means manual re-counts are available too. Technology has progressed far enough to do this reliably, hasn't it?
Nothing like a hard copy audit trail...
Soko
Re:Silly, Silly, Silly (Score:4, Insightful)
And yet "industry" doesn't seem to grock record keeping. Methinks' not. They just don't like keeping records about what they don't think is important.
Electronic voting scares me (Score:3, Insightful)
-Jeff
So many databases (Score:4, Interesting)
There is nothing funnier than companies that try to use Access as the database for 150,000-pageview-a-day websites. Middle management at its most entertaining.
Seattle Times Artcile (Score:2, Informative)
http://seattletimes.nwsource.com/html/localne
Re:Seattle Times Artcile (Score:4, Informative)
Fingerprints ? (Score:4, Insightful)
digital fingerprint (Score:2, Interesting)
screensavers (Score:4, Funny)
Open Source Voting Kiosks? (Score:2)
More issues (Score:2)
And don't forget the REAL problem that plagues touch screen voting...
Fat fingers.
What if the fewest number of candidates you can vote for is three at a time?
why are they fighting a printing machine? (Score:5, Interesting)
Re:why are they fighting a printing machine? (Score:4, Informative)
You can't have voting receipts... because that would make it too easy to corrupt the voting process.
Imagine a candidate with 'connections', who insists that you provide him with the opportunity to view your receipt the day after the vote - and if you don't show him a receipt with his name on it, his 'connections' hurt you, your family, or your property.
You can have voting receipts (Score:4, Interesting)
There's a lot to the white paper at that link, but here's the part that makes voting receipts possible: The receipts are given out and are identical to an entry in the published "first stage" election results, so you can verify that your vote was counted. The receipts have been repeatedly encrypted with different election officials' public keys, so nobody who wants to buy/blackmail your vote can tell who you voted for (but you can, by examining the original "2-ply" receipt which you pull apart before leaving the booth). Election officials scramble the order in which results are published after each decryption stage, so nobody can trace your vote from first stage to final cleartext results, but half of the published decryptions are randomly checked so any corruption on the part of the election officials will be caught. You still need to have poll watchers to make sure that a polling site doesn't report more votes than there were voters (since the vreceipt process protects against lost or altered votes, but not illegitimately added votes), but that's much easier than attempting to make sure that even an open source voting machine is doing it's job right.
Flame Away... (Score:3, Insightful)
After voting is complete, another program could open the PDFs and parse them out (is this possible?) and compare the results with the database. I don't know what to do in case of a discrepancy, haven't thought that through.
Oh, and whatever happens, no Windows allowed.
What's all the fuss about? (Score:2)
I dare to doubt the average US citizen would notice the difference if CowboyNeal would get elected president... (Finally. I thought that poll option would never come in handy!)
:D
Oh well, back to the drawing board I guess
no system checks? (Score:5, Insightful)
I would never trust a machine... (Score:5, Insightful)
The fact the matter is, EVERY software project has stuff like that.
I wouldn't trust a software (much less a closed source software) written by anyone (including NASA, govs, whatever) to do anything like this. And personally, I can't believe anyone who has worked in the industry would.
And that is, regardless of the project management techniques, reviews, whatever.
Re:I would never trust a machine... (Score:4, Insightful)
However you can't do this on normal comodity systems. You have to control everything about the design, including all hardware and software to make sure no un expected interations occur. You have to test to the extreme, which means a slow dev cycle, and because of all the time and money and control, you can't release new versions often.
So an electronic voting system could be designed to that level of relibility. I mean think about the electronic banking systems. You just can't fuck up when billions of dollars are at stake. However there is a difference, with banking there is plenty to keep people honest. There are multiple banks, and they are overseen by governments. Any backdoors would hurt only the bank who implemented them. With a voting system, this isn't the case. There would be an intrest for the developers to be able to get in and manipulate the system, even (or perhaps espically) if the developer was the government for which it would vote.
Bigger Than Watergate? (Score:5, Informative)
Seminole County Florida (Score:5, Interesting)
You have Diebold and you should read the memos (Score:3, Insightful)
The problem is, no one looks at the paper ballots, even in a recount -- they just run them through the machines again.
In the Diebold memos is a fascinating bit about Volusia County. Diebold machines apparently gave Al Gore MINUS 16,022 vo
There seems to be a prevading impression that.... (Score:3, Insightful)
I'm not saying that a state-of-the-art computerized, hi-tech voting booth can't be rock-solid secure. However, I do see the potential for companies to sell hi-tech voting machine soley on the *impression* that the added technology automatically makes them more secure.
I think the focus should be solely on the standard of security. Whatever system can meet that; be it punch card, touch screen, whatever, is the system we use. Sadly, I suspect such a standard will put internet voting a long way off.
When The Usual Lousy Programming Makes Headlines (Score:3, Insightful)
The truly sad part is that, from what I can tell, even if there's nothing suspicious in the realm of vote-fixing, we're still dealing with terrible software design and security.
And, sadly, that terrible design and security is all too common.
I'm hoping articles like this turns peoples eyes towards the fact that we've got lots of terribly made computer systems, applications, databases, websites, and so on doing very vital roles. In my IT career I've seen hospitals brought to a crawl by lousy patient software, websites with databases so bad that they had to be shut down for maintenance reguarly, simple applications delayed for months by bad planning and inappropriate technology, and far more.
So, sadly, in the area of voting, it's business as usual. But business as usual is pretty bad for the usual business as is . .
EFF.org petition for electronic voting standards (Score:5, Informative)
http://www.eff.org/Activism/E-voting/IEEE/ [eff.org]
"EFF supports the IEEE in taking on the issue of setting standards for electronic voting machines. We also support the idea of modernizing our election processes using digital technology, as long as we maintain, or better yet, increase the trustworthiness of the election processes along the way. But this standard does not do this, and it must be reworked."
Open Source isn't the answer (Score:5, Insightful)
Predictably, a bunch of /. responses focus on the fact that the source isn't available for public review as the primary problem, but that's irrelevant, and Bev Harris explained the correct solution quite clearly in the article.
Open source wouldn't be a bad thing, mind you, but why bother auditing the code? What you really want is to audit the *results*, and the easiest, best solution to that is also the simplest: Have the touch screen machines print paper ballots with a nice list of races and selected candidates. Then the voter can verify that they actually voted the way they wanted to, and the paper ballots can be counted and compared with the computerized tallies by anyone who wants to question the system.
As Harris points out, the fact that the manufacturers sem so dead-set on avoiding paper printing seems almost sinister... the solution is so obvious, and so simple that it makes you wonder what their true motivations are. They make a lot of noise about printers being too error-prone and difficult to operate, but that's just silly. Take a look at the thermal printers used by retail systems -- they work day in and day out for years with no more maintenance than replacing rolls of paper. Designing a workable printer for a voting booth wouldn't be trivial, but neither would it be an impossibility. The requirements are very simple: Be able to run for an entire day without jamming or running out of consumables, and print paper ballots that are easy to read and remain clear and legible for at least three years.
There are various minor improvements that can be made to this idea, such as a machine-readable section of the ballot to make automated verification easier, etc., but at bottom paper achieves a level of transparency and reliability that no purely automated system can ever achieve, no matter how many geeks have pored over the code.
Re:Open Source isn't the answer (Score:3, Informative)
Printer ARE the spawn of Satan. They are the single most error prone piece of hardware that exists.
Certainly they're more likely to fail than non-mechanical devices. However, they're not as bad as you say. Running a helpdesk actually gives you a skewed perspective, because you're typically supporting dozens, if not hundreds of printers, or else you're supporting super high-speed printers (which are much more failure-prone), and so it seems like one of them is always broken. In this case, however, the
Keep the touchscreens, but... (Score:5, Insightful)
Open Source Is Not THe Answer (Score:5, Insightful)
Not the whole answer, at least.
We need to check, not only that the software has no obvious backdoors, but that
I'm not that paranoid; there are probably any number of other things that could be screwed with and still have the code pass any kind of review with flying colors.
Paper ballots are the only answer.
Voting Machine Requirements (Score:5, Funny)
Requirements:
1: Allow government to edit results
2: Make sure logs can be altered
3: Provide false sense of security
About access control.... (Score:5, Interesting)
Note however that even if we put a password on the file, it doesn't really prove much. Someone has to know the password, else how would GEMS open it. So this technically brings us back to square one: the audit log is modifiable by that person at least (read, me). Back to perception though, if you don't bring this up you might skate through Metamor.
There might be some clever crypto techniques to make it even harder to change the log (for me, they guy with the password that is). We're talking big changes here though, and at the moment largely theoretical ones. I'd doubt that any of our competitors are that clever.
I seem to recall that, back in the Dark Ages of the 70s, RACF was able to handle this kind of access control quite nicely. To say a log file can't be protected from the sysadm is either dishonest or incompetent. Either reason should be enough to disqualify a company employing someone like that in that position from anything requiring the public trust.
Re:About access control.... (Score:3, Informative)
Single use passwords are one way to do this, and you can use them under *nix at the moment.
Diebold appear to be trying to avoid difficult questions from anyone that is even partially technically competent.
The thing that worries me is why the hell are people even considering electronic voting? What's wrong with OCR'ing the big cross from the ballot card in a controlled environment?
This is really going to be the acid test, I think. (Score:3, Insightful)
I mean, Bush himself recently declared that there were no WMD's in Iraq, but it only made news deep within the covers of the various big journals which even bothered carrying the little item.
But this one, voting corruption in the world flagship of 'Democracy', is going to be the real indicator.
I mean, it seems this voting machine problem is in fact well known and understood by millions. People have time to raise a proper stink and prepare. I very much look forward to seeing if America will DO something about it or if they'll just grunt and roll over to a new sleeping position.
Unfortunately, it doesn't really matter very much in a political sense. At this point, it doesn't matter who gets into office. They're all a bunch of dangerous bastards who can be expected to play ball to the New World Order agenda. Those who can actually make a difference have a strange tendency to die tragically in King Air A-100 plane crashes.
I had no idea that Arnie was royalty! He's married to a Kennedy, his mom is married into high-level Austrian politics, and his pappy was in the SS. The boy terminator declared himself the loyal friend of a convicted Nazi war criminal, no less. --Oh yes, and the all-white, all-male, all-billionaire Bohemian Club which has a habit of determining who gets to be the president of the United States, (among other things), has agreed to make Arnie a king of some standing, possibly THE king. Sheesh. Thank goodness California put the brakes on when they did!
My only hope is that if America does manage to wake up enough to fix this voting machine horseshit, that it'll take the next step and realize that the current administration, and all current potential administrations, are corrupt to the core, put ALL of them in jail, and start fresh. I mean, sure, they'll have no functioning government for the next year, and people will panic, and the dollar will vaporize, and the really evil bastards will all hide out until everything blows over, but. .
Who am I kidding?
More likely? This voting machine problem will be looked and:
1. People ignore it, and what difference does it make after that?
2. People 'fix' the problem and then wait patiently to see which monster gets properly elected to continue the destruction of the universe.
Americans don't have the awareness or the spine for a real revolution.
-FL
mechanical voting! (Score:5, Insightful)
I don't have a verifiable paper trail, but I've never worried about something "hacking" a big box of gears, "bugs" in the gears, the big box of gears going on the fritz, or the gears being made to somehow fit some nefarious purpose. You can't "patch" the gears remotely.
I see no ways that this system is inferior to a touch screen system. THEY SHOULD USE WHATEVER VOTING SYSTEM WORKS THE BEST, NOT THE ONE THAT'S THE MOST "ADVANCED" AND EXPENSIVE.
Thank you.
An interesting article on all of this (Score:3, Interesting)
Also, has an extensive bibliography of other links at the bottom.
This is just a way for some companies to profit. (Score:4, Insightful)
So, the actual paper ballot was retained if a recount was necessary...and the electronic part was just scanning the marks I made on the ballot. Granted, write-in candidates needed to be verfied manually.
That's all that needs to be done for ANY electronic voting system. None of this touchscreen bullshit, source code fiasco, or questions of verification. The miracles of OCR are something not to be overlooked!!
Diebold memos explanation of minus 16,022 votes (Score:3, Informative)
Sent: Wednesday, January 17, 2001 8:07 AM
"Hi Nel, Sophie & Guy (you to John), I need some answers! Our department is being audited by the County. I have been waiting for someone to give me an explanation as to why Precinct 216 gave Al Gore a minus 16022 when it was uploaded. Will someone please explain this so that I have the information to give the auditor instead of standing here "looking dumb".
"I would appreciate an explanation on why the memory cards start giving check sum messages. We had this happen in several precincts and one of these precincts managed to get her memory card out of election mode and then back in it, continued to read ballots, not realizing that the 300+ ballots she had read earlier were no longer stored in her memory card . Needless to say when we did our hand count this was discovered.
"Any explantations you all can give me will be greatly appreciated.
Thanks bunches,
Lana
"
followup:
Date: Thu, 18 Jan 2001 15:44:50 -0500
"There are two separate issues/problems that are getting combined in this stream.
"- a check sum error occurred which the poll worker reset and continued counting the card "did not" require downloading before be reset. She never reran the previously counted ballots and this resulted in some negative PR post election. So that is Lana's primary question, how did this happen? Ken explanation sounds like a good one and will not require a line for VTS if we can ever get to GEMS.
"- the negative numbers on media display occurred when Lana attempted to reupload a card or duplicate card. Sophia and Tab may be able to shed some light here, keeping in mind that the boogie man may me reading our mail. Do we know how this could occur? "
NOTES
Sophia was the Diebold tech involved with the San Luis Obispo vote tally that appeared on the Internet five hours before poll closing.
Sophia is also the King County tech rep -- note the Ken Clark alter the audit log memo, talking about doing "end runs" around the voting system -- "King County is famous for it"
followup: possibility of "unauthorised source
Date: Thu, 18 Jan 2001 13:31:04 -0800
"John,
"Here is all the information I have about the 'negative' counts.
"Only the presidential totals were incorrect. All the other races the sum of the votes + under votes + blank votes = sum of ballots cast. The problem precinct had two memcory [sic] cards uploaded. The second one is the one I believe caused the problem. They were uploaded on the same port approx. 1 hour apart. As far as I know there should only have been one memory card uploaded. I asked you to check this out when the problem first occured but have not heard back as to whether this is true.
"When the precinct was cleared and re-uploaded (only one memory card as far as I know) everything was fine.
"Given that we transfer data in ascii form not binary and given the way the data was 'invalid' the error could not have occured during transmission. Therefore the error could only occur in one of four ways:
"Corrupt memory card. This is the most likely explaination for the problem but since I know nothing about the 'second' memory card I have no ability to confirm the probability of this.
"Invalid read from good memory card. This is unlikely since the candidates results for the race are not all read at the same time and the corruption was limited to a single race. There is a possiblilty that a section of the memory card was bad but since I do not know anything more about the 'second' memory card I cannot validate this.
"Corruption of memory, whether on the host or Accu-Vote
Apparently the Diebold machines screwed up in FLA (Score:5, Interesting)
And Diebold has been sending cease-and-desist letters out to people who have covered this. This particular mistake looks like a screw-up rather than fraud, but either way I want no part of it.
Rant: Time to Start a Blacklist (Score:3, Interesting)
I want the names of all the Diebold technical personnel involved with these machines so I can add them to our hiring blacklist.
Perhaps I've been living in an idyllic career vacuum, where everyone is competent and of good character -- and perhaps that's why I'm completely, jaw-droppingly astonished beyond words after reading Scoop's copy of the internal Diebold memos. With the possible exception of $(MUMBLE_SALTPILE_MUMBLE), I've never witnessed such opaque incompetence. These "engineers" not only don't know what they're doing, they clearly don't want to know what they're doing.
That whole "explanation" as to why a password on the database would be "pointless", since GEMS needs a password to add vote records... <*shaking head*> It's crystal-fscking-clear that they want an anonymous database user/account (the voter) that can only append records (votes) to the database; it must not be allowed to read or modify records. Read-only accounts are given to the vote counters and, if you really need to, a single strongly-passworded read-write account is given to the election commissioner. Once you establish these requirements, you then look for software that will do this for you. If MSAccess won't do it, junk it and move on. If no existing databases will do it, then My God, you're going to have to do some actual engineering! .
These idiots are trying to fudge the requirements because, apparently, they don't want to have to use any software they can't scoop up at Fry's (and, apparently, writing their own software is an anathema). I mean, yeah, their incompetence has placed the integrity of the Republic at risk, yadda yadda yadda, but am I the only person who sees their behavior as a kind of disinterested laziness? I can sort of understand people who are disinterested in the act of voting because the hiring roster has been stacked. But I mean, for God's sake, what kind of self-respecting person -- never mind software engineer -- would demonstrate such a profound lack of interest and respect in designing a fundamental instrument of democratic principles? If it were me, I'd be lying awake at night, worrying that I wasn't dilligent enough, wasn't smart enough to take on work of such profound importance. It would probably eat me alive, because any screw-up could be disasterous, because doing an excellent job would be so absolutely critical . But no, these guys are just phoning it in, tossing aside crucial security concerns with utterly stupid aphorisms such as, "Passwords actually don't matter much..."
Blacklist them. The software screwup you avoid may be your own.
Schwab
DIEBOLD: Cease & Desist THIS: (Score:4, Interesting)
Here is what I have been doing all day:
Reporter: Why is Diebold sending cease and desists?
Me: Because they don't want anyone to see their memos
Reporter: Oh. What is in the memos?
Me: Oh, things about security flaws and using uncertified software and using cell phones to intercept and transfer votes and discussions of how to fake things...
Reporter: Wow. Where can I download these?
Me: At this web site [211.117.160.48]
Reporter: Okay I'm going there now, okay, it's downloading, when I'm done will you give me a guided tour?
Me: Sure. And here is a neat little web page [globalfreepress.com] where you just enter any search term and it instantly searches and find you the Diebold memos that match
Reporter: What search terms should I start with?
Me: Try "boogie man" and also "hack" "cel phone" "broken" "fake" and one of my personal favorites, "What good are rules"
Reporter: I'll try that "what good are rules" one. Found it. Gosh, what is he doing? Is that legal?
Me: No.
And so it goes. Excellent plan, Diebold. Yes, shut down a web site, that'll help.
Besides reporters, the memos were downloaded today by the U.S. House of Representatives.
This is ludicrous (Score:4, Insightful)
Re:This is ludicrous (Score:4, Informative)
MDB? Are these people serious? They think Access has a chance of holding this number of records? I bet a single machine would be crawling by the end of a day.
And if they're going to export to a more suitable db anyway, why not just stick postgres or mysql on there to start? They need only be configured once, same as Access.
Not to mention the incredible drop in required hardware resources, which times all the voting machines to be used is tax money much better spent.
It seems to me that these voting systems should be given to a bidder, and then whatever system they consider can be scrutinized. Faster, cheaper, better, safer...
An even realer link (Score:5, Insightful)
An open invitation to election fraud [salon.com]
The U.S. government seems to me to be becoming more and more corrupt. As David Letterman recently said, "When you make out your check for the Iraq war, there are two Ls in Halliburton."
Money seems to be everything, the health of the country nothing. McCain is right, we need campaign finance reform.
You silly peasant (Score:3, Insightful)
Unwashed masses that THINK they were somehow involved are much easier to abuse. THAT is the purpose of putting on an election performance.
--
Re:ATMs (Score:2, Interesting)
Re:PORKY PIG DAVIS CLINTON BLACK HELICOPTER (Score:4, Interesting)
Pray that Queen Hillary the First doesn't make it into the white house in 2004, because if that happens who knows, we may see judges deciding elections from now on.
Isn't that what happened in the last presidential election? As a Democrat, I'm not bitter about it. The bottom line is that FL was a statistical tie; the margin of victory was smaller than the margin of error for ballot tallying. Nobody really knows what the intent of the electorate was with sufficient precision to state with true confidence who "actually won". Both parties were playing games with recount methods to try the skew the results in their favor. The irony is that subsequent analysis suggests that both parties were wrong about which method would have supported their candidate best.
I take away some different lessons from FL than most.
(1) The electoral college has some usefulness. The president is elected by electors, not popular votes. Therefore there is no question that Bush received the electoral votes of FL and that therefore he is the legitimately president of the US. There is a question whether the electors voted as they ought to have; however they are not really bound to vote in any particular way. If they voted with what was, in their opinion, the plurality of the electorate, then they really can't be criticized.
(2) Electronic voting machines would have helped, provided there was no fraud. The problem is of course it is impossible with current generation machines to prove this. There is no doubt that in the absence of fraud electronic machines would provide a more precise count. However,
(3) Concern about precision of tallying is misplaced. The real problem is that the method of the election, plurality voting, is so bad. Suppose Bush won the plurality of voters; this is by no means certain, but it doesn't really matter. Gore would have won by a clear margin in a head to head race, but Nader spoiled the election for him. I don't want to get into an argument about whether Nader should have taken this into account. No candidate should ever have to take the possibility of election spoiling into account, because we should have an electoral system which handles multi-way races better.
In short, electronic voting machines are a "quick fix" to a broken system; however they're fixing an aspect of the system that really is not so terribly bad. Even if they were perfectly secure, auditable and accurate, which they are definitely not, they wouldn't make much difference at all, especially in the CA recall election.
The real reason that the CA recall election should not go forward is that plurality elections with over a hundred candidats are nearly bound to produce a capricious result. Virtually the only system that is workable in this scenario is approval voting. Under approvial voting voters would check off all the candidates they would consent to have as governor. The candidate most widely approved of wins. Approval voting is simple to understand, requires only a single round, doesn't require the voters to rank candidates in an enormous field where they may not be familiar with most of them.