California Panel Recommends Dumping Diebold

sdw3u writes "Wired reports that a voting panel urged California officials to stop using a voting machine made by Diebold Election Systems, and recommends that the state consider filing civil and criminal charges against the company." There's also an AP story. We covered the hearing yesterday, with Diebold admitting that their machines had numerous problems.

Versions

[thebra]

The latest version of Diebold's GEMS software that was certified in California is 117.17; the audit revealed that counties were using other versions, such as 117.20, 117.22, 117.23, 118.18, and 118.18.02. The audit also revealed that three counties -- Los Angeles, Trinity and Lassen -- were using software versions that had not been approved for use at the federal level.

Diebold in FL

[G27 Radio]

Here in Florida we are getting Diebold voting machines. Right now the democrats in the state are fighting to have ticket printers installed on the machines so there will be a paper trail of votes. Governor Bush and the republicans are completely against this for some reason. I'm worried that the coming presidential election is going to make the last fiasco look like a minor glitch. I'm seriously concerned that my vote isn't going to be counted properly.

You have never met someone with Parkinson's

[mfh]

> Election wardens at each polling place are allowed to enter the booth to assist physically-challenged voters

Let me just say that anyone I've known with Parkinson's (and that's at least three people) have all become quite angry when anyone tries to help them. That doesn't stop them from spilling milk all over the floor, but it gives them the dignaty to clean it up after.

Re:Versions; Are you sure? Source?

[David Hume]

The latest version of Diebold's GEMS software that was certified in California is 117.17; the audit revealed that counties were using other versions, such as 117.20, 117.22, 117.23, 118.18, and 118.18.02. The audit also revealed that three counties -- Los Angeles, Trinity and Lassen -- were using software versions that had not been approved for use at the federal level.

Are you sure? Do you have a source?

The reason why I ask is because the National Association of State Election Directors [nased.org] has an Updated List of NASED Certified Systems [nased.org]. According to the Updated NASED List of Qualified Voting Systems (12/05/03 - Current) [nased.org], the following Diebold voting systems qualify:

• Company: Diebold
• Voting System/System Component: GEMS 1-18-18
• Software: GEMS 1-18-18
• Hardware/Firmware: AccuVote-OS Precinct Counter (formerly ES-2000) Firmware version 1.94W
  
  AccuVote-OS Precinct Counter Firmware version 1.96.4
  
  AcuVote TS Precinct Counter Rev 6 version 1.0.2 (Touch)
• System ID # / Qualified to '90 or '02 VSS: N03060011818
• Final Report Date: 7/8/2003

Further, the Federal Election Commission [fec.gov] has a FAQ About The National Voluntary Voting System Standards [fec.gov]. The FAQ [fec.gov] indicates that to meet the standards, an election system must satisfy either "FEC's voting system standards" *OR* pass tests "by independent testing authorities (ITAs) designated by the National Association of State Election Directors." Thus, the Diebold systems approved by NASED [nased.org] should satisfy the voluntary voting systems requirements for federal elections. [fec.gov]

Defy Mediocrety

[pangian]

The thing is that electronic voting doesn't have to be done poorly. It can be done in a way that is open, transparent, verifiable and has some notable advatages over paper voting (such as granting the blind and minority language speakers a truly secret vote.) It just isn't being done that way... except perhaps for the OVC voting projest dicussed recently [slashdot.org].

The real concern

[colinduplantis]

As the election approaches, there's been a lot of discussion about e-voting, here on /., on the radio, newspaper, etc. All this is good and proper; the more public gets involved, the better the system will be.

Largely, the non-slashdot concerns about e-voting seem to center around unintentional inaccuracies, like those mentioned in the FA. In other words, the worst problem typically mentioned is about errors causing disenfrachisement or delays in voting. While I don't want to discount these problems, they are fixable, either by a paper backup system or timely software or hardware repairs, likely getting better and better as the machines become more widely used.

Personally, my real concern is about intentional vote fixing by the makers of the machines. I know this has been talked about at great length on /. [slashdot.org] and elsewhere [blackboxvoting.org], but I think it needs more attention in the real world.

I know I'm naive, but the thought that somebody would try to steal the election infuriates me. There is no pit deep and black enough for someone so unpatriotic and dishonest. We must fight to protect one of the greatest experiments in personal freedom in the history of humanity.

Please, take the time to write your CongressCritters [congress.org] about e-voting in the House [theorator.com] and Senate [theorator.com].

Re:View of a Pollworker

[demachina]

"As a pollworker in Georgia, which was the first state to use electronic voting equipment statewide, I can say unequivocally that electronic voting machines have made our precinct's elections run more smoothly."

Would this be the same Georgia where the two democratic candidates for Governor and the Senate were leading by 10% margin in the polls in 2002 and managed to lose the election. Unless there was some dramatic news from the time of those polls to the election its kind of hard to explain a swing that big unless the election was rigged.

With a few seconds in Google I found this article that suggests Diebold did exactly the same thing in your 2002 Georgia election they just did in California and patched 22,000 machines at the last minute, and apparently got away with it:

http://www.scoop.co.nz/mason/stories/HL0302/S000 95 .htm

Just because your elections seem to "run more smoothly" doesn't mean they weren't being stolen.

The Diebold people in California appear to be very incompetent. They had every advantage in rigging the elections in California, first and fore most they had no paper trail and no way to do a recount and they still got caught.

It appears their people in Georgia must be a much better team. They appear to have blatantly stolen an election in 2002 and people like you are singing praises of them for no obvious reason other than things "ran smoothly" and how easy it was to cast an apparently meaningless vote.

Unless you have really high confidence all the source code in those machines was meticulously audited and that the binaries were built from that exact source under supervision of knowledgable independent parties, not Diebold, the binaries were signed and the signs were checked in every machine at the start of the election day (using signing software that is also rigorously verified) all those other security measures you are placing so much confidence in are meaningless. If Diebold slipped in code that checked for the date of the election, and on election day flipped some percentage of the votes(say 15%) from the party they wanted to lose to the party they wanted win they could steal the election from under your nose and you would still be singing praises of their equipment.

Re:It is our fault.

[__aanebg9627]

The security holes were already being used, when they were exposed on the Internet (publication of internal Diebold memos). This made them available to everyone, and put pressure on Diebold to fix the problems....

It wasn't code, it was bad design. One that allowed the vote totals to be fudged in untraceable ways. Vote totals kept in MS Access databases without a password; audit logs that could be edited without leaving a trace; three sets of the vote totals, with different uses, so that one could edit the set that reported totals, without changing the set that gets shown for the detailed precinct report. Inside A U.S. Election Vote Counting Program [scoop.co.nz]

Re:Diebold voting machines

[Anonymous Coward]

The military votes which were being blocked were postdated. They were either mailed after the election (likely) or the post office screwed up. If those can be counted then why should the absentee ballots which were late? But Bush didn't want that. The story was that there was a big push for people to vote in Germany after the realization that the election was so close. There were even reports of people passing out pre-filled ballots to send in.

Re:Why

[Ichijo]

How many people do you think would have switched from a 3rd party to Gore after they learned Bush was gonna win by such a small margin?

You've made an excellent case for switching from plurality elections (most votes to win) to majority elections (at least 50% of the votes to win). Two election styles that accomplish this include Instant Runoff Voting [wikipedia.org] and Condorcet [wikipedia.org].

Note that neither of these require doing away with primary elections (although they both reduce the need for them) or the electoral college.

Re:Diebold in FL

[Ian Bicking]

The 2000 election was only a fiasco because they were able to do a recount. Electronic votes mean there will be no confusion, no recounts, no ambiguity. See this article [scoop.co.nz] about a claim that 2002 was already fixed, but this time with no checks.

They messed up in 2000, they made the fraud too obvious. Of course, people still didn't pay attention to it -- they paid attention to hanging chads and that bullshit, but not to the disenfranchisement of black voters [gregpalast.com] which was far worse.

Re:Many many problems

[GaelenBurns]

Putting pressure on the press is something that I feel is incredibly important on this and every issue (The $700 million theft is my favorite). Without forcing our message out to the mainstream press, we're just preaching to the choir here. I mean, what are free long-distance cell phone minutes for? Here are the numbers, followed by the extensions required to reach the comment line. For extensions not listed, you have to ask the human to leave a comment. ABCNews - 818-460-7477 ... 4 CBSNews - 212-975-4321 CNN - 404-827-0234 ... #, 1 FoxNews - 888-369-4762 ... 7, 1 MSNBC - 201-583-5000 NBCNews - 201-583-5222 Unleash the blog-hordes.

Re:Which problems do you want?

[TMB]

I'm sure this has been mentioned before, but I don't know where to find original sources for this. Are there reputable sources that quote or describe the diebold ceo saying he would give the election to Bush?

How about on Diebold's own website [diebold.com]? :-) From the article:

In an invitation to a Republican fund-raiser at his suburban Columbus mansion, O'Dell said he was "committed to helping Ohio deliver its electoral votes for the president next year."

[TMB]

Re:Vote-From-Home is NOT a good idea!

[LithiumX]

Yes, but that's the fault of the people. No political system is perfect, and democracy is no exception.

The democratic process works in cycles... people get lazy, vote poorly, fewer people vote... government gets bad, corrupt or incompetant. People eventually get fed up with it.

Anger is one of the most powerful forces in democracy. It drove people to action when they decided to back the unofficial Patriot party as a political power back in the mid 1770's... it drove people to clean house in the late 1800's (remember Tammany Hall anyone? or Grant's Cabinet).

And it seems to be starting to go to work now. Admittedly, things are nowhere near as bad in terms of government as they have been for most of our history, but people are more aware of it. Information and resources are starting to go up all over the place, letting you know as much as possible about what your leaders are doing.

The sheep are aware of the wolves... and whenever they get mad enough, they deal with them. The wolves always creep back, but that's just how things are.

Taking that analogy any further would require that I bring in images of armed sheep, metal armadilloes, and aliens... so I'll leave it at that.

Press the Media

[GaelenBurns]

Putting pressure on the press is something that I feel is incredibly important on this and every issue (The $700 Million is my favorite). Without forcing our message out to the mainstream press, we're just preaching to the choir here. I mean, what are free long-distance cell phone minutes for?

Here are the numbers, followed by the extensions required to reach the comment line. For extensions not listed, you have to ask the human to leave a comment.

ABCNews - 818-460-7477 ... 4
CBSNews - 212-975-4321
CNN - 404-827-0234 ... #, 1
FoxNews - 888-369-4762 ... 7, 1
MSNBC - 201-583-5000
NBCNews - 201-583-5222

Unleash the slash-hordes.

Re:Which problems do you want?

[Anonymous Coward]

Computer errors, damaged punch card ballots, broken voting machines, bad optical scanners, or good old fashioned human error

Let's review the Diebold record from the last few months:
1. Diebold admitted today that 'thousands' of voters were turned away from the polls during the Super Tuesday Presidential Primary because of flaws in Diebold's machines
2. Diebold knowingly used uncertified software in California elections.
3. The law firm's memos reflect a corporate defense firm on a $500,000-a-month campaign to protect Diebold. So rather than fix their problems, they just spin PR.
4. an audit of the Diebold E-Voting machines revealed that the company installed uncertified software in all 17 counties that use its electronic voting equipment.
5. at least five convicted felons secured management positions at a Diebold, including one who served time in a Washington state correctional facility for stealing money and tampering with computer files in a scheme that 'involved a high degree of sophistication and planning.'
6. a direct quote from one of Diebold's leaked memos: "If voting could really change things, it would be illegal."
7. and, as a poster to this thread commented: "Would you trust Diebold with anything after their CEO promised to deliver his state(Ohio) to Bush in 2004?"

This is not just a list of "problems" that might occur with any voting system. It is a complete disregard for the terms of the contract they signed, contempt for the very system that they planned to milk a lot of money out of AND contempt for the voting process which is central to the USA itself!

These people should be taken out and shot for treason! not forgiven because they had a few minor problems.

I'm in Orange County, CA and I vote

[rjamestaylor]

During the last election, the one after we elected the doing-better-than-anticipated Arnold Schwartzanegger (I can't spell) Governor, I voted in Rancho Santa Margarita and our polling location used electronic voting machines. Exiting the booth one of the 4 or 5 volunteers asked if I liked the new machines, clearly expecting a hearty "Hell yeah". Since no one else was in the polling area at the time I stopped and told them the truth: I did not and I was worried about my vote, other's votes and the potential for loss or after the vote manipulation, present company excepted. They were shocked and the leader asked me to please explain. I gladly told them that

• the user interface was different than the punch cards we'd used for so long; that meant confusion, especially since there was no way to "train" on the new equipment before casting the actual vote(!),
• there was no physical record of the vote
• being that there was no physical record changing the vote count would be simple.
• there was no "receipt" showing me my vote so I knew I voted correctly.

I did not get into the hacking issues, since these were not the brightest people; which was another problem in itself. They responded that they did indeed have a record of each vote -- on a central machine controlled by a lady who had a running tally of votes and could print a vote audit trail for each machine. But each machine depended on that central one to hold its votes and there was no corroborrating (I can't spell) record from each machine. I asked what would happen if the central computer failed. I don't rememeber the precise details but it was clear that there was one backup and if it was also lost, all was lost. What is a recount? Re-print the vote total you just printed. There is no way to recount the counted votes. They thought this was a feature ("no need to recount") instead of a flaw ("no way to recount").

Then I told them I was responsible for databases. At different times I have been responsible for hundreds of thousands of credit card settlements daily and explained how our failsafe measures failed to the extent a days worth of customers (say, half a million US dollars, without including AMEX) were doubled and, due to an API error, the fix resulted in a triple billing. Wheee. Our systems had much more checks and balances, backups and audit trails than there silly voting system and yet one days transactions went wildly wrong (we somehow avoided the news, though our problem involved the same processor as Walmart's in their recent fiasco). How would they retract double/triple counted votes? Replace lost votes?

The good people at my polling place had received the warm fuzzies from the people promoting inaccountable electronic voting; they didn't like hearing my input. But why would we treat our money as more precious than the foundation of our republican democracy?

Re:Which problems do you want?

[workindev]

I find it hard to believe that the CEO of Diebold was promissing to rig the machines for Bush's benefit.

That is because you are a reasonable, intelligent person. You must realize that rule #1 in the "how to rig an election" handbook must certainly be to not publically announce that you are going to rig the election.

The actual quote was that Diebold was "committed to helping Ohio deliver its electoral votes to the President next year". Apparently there are some people that do not know the difference between "to" and "for".

You could argue that it was an ill-advised statement. He had to know that there would be people out there that do not understand basic grammar and would blame him for their ignorance.

*cough*bullshit*cough*

[mcmonkey]

Google: diebold bush deliver votes [google.com]

*** 'The head of a company vying to sell voting machines in Ohio told Republicans in a recent fund-raising letter that he is "committed to helping Ohio deliver its electoral votes to the president next year."'

*** 'In mid-August, Walden W. O'Dell, the chief executive of Diebold Inc., sat down at his computer to compose a letter inviting 100 wealthy and politically inclined friends to a Republican Party fund-raiser, to be held at his home in a suburb of Columbus, Ohio.'

*** 'Diebold's CEO, Wally O'Dell, is a proud pioneer (read: he donated more than $100,000 to the GOP's reelection bid) who has publicly announced he "is committed to helping Ohio deliver its electoral votes to the president."'

*** 'I have been waiting for someone to give me an explanation as to why Precinct 216 gave Al Gore a minus 16022 when it was uploaded. Will someone please explain this so that I have the information to give the auditor instead of standing here "looking dumb".'

*** 'If Ohio's Republican Secretary of State Kenneth Blackwell has his way, Diebold will receive a contract to supply touch screen electronic voting machines for much of the state. None of these Diebold machines will provide a paper receipt of the vote.
Diebold, located in North Canton, Ohio, does its primary business in ATM and ticket-vending machines. Critics of Diebold point out that virtually every other machine the company makes provides a paper trail to verify the machine's calculations. Oddly, only the voting machines lack this essential function.'

How is that, "adequately be explained by incompetence"???

Re:Online Banking Model

[eyegor]

You've obviously never run large-scale web server farms.
A single Sun E250 can handle something 10 million hits/day. When you throw SSL into the mix, you're going to be maxxing out the E250 at about 10 hits/second. If you add an SSL accellerator card, you'll get 200 or so SSL-transactions/second.

You'll also need a sturdy back-end database server farm, some layer-4 switches, some hefty routers, etc.

Also keep in mind that a small cluster of machines like that are subject to outages related to network failure, so you'll need to spread across a few separate netowrks with no single points of failure.

And you're STILL subject to DDOS and fraudulent voting issues. Internet voting is a LONG way from being a viable option.

Funnily enough

[Aexia]

International observers *are* going to be monitoring a few counties [commondreams.org] in Florida this year.