Forgot your password?
typodupeerror

Opening Diebold Source, the Hard Way 299

Posted by kdawson
from the no-longer-obscure dept.
Doc Ruby writes to tell us about an article in the Baltimore (MD) Sun, reporting that someone sent a package to a former legislator containing what appears to be Diebold source code. From the article: "Diebold Election Systems Inc. expressed alarm and state election officials contacted the FBI yesterday after a former legislator received an anonymous package containing what appears to be the computer code that ran Maryland's polls in 2004... The availability of the code — the written instructions that tell the machines what to do — is important because some computer scientists worry that the machines are vulnerable to malicious and virtually undetectable vote-switching software. An examination of the instructions would enable technology experts to identify flaws, but Diebold says the code is proprietary and does not allow public scrutiny of it." Read on for more of Doc Ruby's comments and questions.

Maryland's primary elections last month were ruined by procedural and tech problems. Maryland used Diebold machines, even though its Republican governor "lost faith" in them as early as February this year, with months to do something about it before Maryland relied on them in their elections.

The Diebold code was secret, and was used in 2002 even though illegally uncertified — even by private analysts under nondisclosure. Now that it's being "opened by force," the first concern from Diebold, the government, and the media is that it could be further exploited by crackers. What if the voting software were open from the beginning, so its security relied only on hard secrets (like passwords and keys), not mere obscurity, which can be destroyed by "leaks" like the one reported by the Sun? The system's reliability would be known, and probably more secure after thorough public review. How much damage does secret source code employed in public service have to cause before we require it to be opened before we buy it, before we base our government on it?
This discussion has been archived. No new comments can be posted.

Opening Diebold Source, the Hard Way

Comments Filter:
  • Closed source? (Score:5, Insightful)

    by insomniac8400 (590226) on Saturday October 21, 2006 @03:17PM (#16530173)
    I think the closed source parking garage was a perfect example why the government shouldn't let a private company control government assets or processes.
    • Going off-topic: What ever happened with that? Did the people get their cars back? Is the garage back in operation?
  • by Salvance (1014001) on Saturday October 21, 2006 @03:18PM (#16530185) Homepage Journal
    With all the vulnerabilities in voting machines, it amazes me that the states do not mandate paper trails. Someone wouldn't even need access to the source code to start changing votes. For example, in this report from ABC News on October 1st [go.com], they discuss a method to almost invisibly manipulate both votes recorded and logs, all with only a couple minutes access to a voting machine.

    Here's an excerpt:
    In a paper last month, "Security Analysis of the Diebold AccuVote-TS Voting Machine," (available at http://itpolicy.princeton.edu/voting/ [princeton.edu]) Princeton computer professor Edward W. Felten and two graduate students Ariel J. Feldman and J. Alex Halderman discussed a common Diebold machine. They showed that anyone who gets access to the machine and its memory card for literally a minute or two could easily install the group's invisible vote-stealing software on the machine. (Poll workers and others have unsupervised access for much longer periods.) Changing all logs, counters, and associated records to reflect the bogus vote count that it generates, the software installed by the infected memory card (similar to a floppy disk) would be undetectable. In fact, the software would delete itself at the end of Election Day.
    • Re: (Score:2, Insightful)

      by jorghis (1000092)
      So how is this any different from a traditional low tech ballot box? If you allow someone unrestricted and unsupervized access to a box full of ballots its security breaks pretty fast too. While it may be possible that computerized voting could have made elections more secure than they were previously, the idea that we have taken a step backwards in terms of security seems like a stretch to me.
      • The difference is that the Princeton team wrote a vote-switching virus which would spread itself through the smart cards used to tabulate votes. Thus, one infection could -- in time -- spread to any arbitrary number of machines without the knowledge of poll workers (or voters).

        That outcome is obviously not possible with manual election rigging.
      • by perlchild (582235) on Saturday October 21, 2006 @03:52PM (#16530485)
        The paper ballots could be used as forensic evidence, for once. It's a LOT harder to prove who tampered with a diebold machine, since so many people have access to it(the voters touch it, for once, so not all fingerprints would be usable... Paper ballots are also divided into smaller groups(a diebold machine would replace several "ballot boxes") compounding the problem, because of the cost of the diebold machine.

        I am however, not working for anyone in the US electoral system, so my information could be incorrect.
        • My suggestions.. (Score:5, Interesting)

          by Seigen (848087) on Saturday October 21, 2006 @06:53PM (#16531785) Homepage
          The roll printer idea, where the people see their votes printed, but don't actually get to touch the printout is fine. This should be done regardless, but i'm going to go a few steps beyond that.

          Basically for some of the rest of the design, if your going to make it electronic, first look at all the ways the xbox security system, for instance could have been made much harder to hack. [I wouldn't necessarily limit it with that, but that is actually a decent start.] For simplicity I'll list some ideas, off the top of my head, and then justify them.

          1) Soldered in main cpu (The cpu will be important, and as such must not be something that can be easily changed.)

          2) Security seals on the case that show signs of tampering.

          3) Ideally the GPU will be inside the cpu. [This prevents what is display from being easily tampered with, although the need for this can be argued, but what you see on the screen, is, of course, what you hoep you are voting for.]

          4) The system on boot will be able to read from only one source for its OS. The CPU will read the OS and compute a crytographic hash on the entire system. The ROM image (or whatever) will also have a separate field which contains a public key encrypted version of that same hash. The cpu will decrypt that hash with its public key and if the two match, the system will finish booting.

          5) Obviously the private key originally used to encrypt that hash must be
          stored in a very safe place. [The cpu never needs to know that key, and as such, there is no way that possesion of one of the devices can alloy you to create an arbitrary rom image that check out.]

          6) The bottom part of the screen should, at minimum show the cryptographic hash of the software, at all times, so that independent people can verify things.

          7) Optional: Take the original hash and use say the last so many bits from it to randomly select from a stack of pictures, or perhaps several pictures. The key part here is to create a visual representation of what the cryptographic hash is, at least in part. You can show this to the voter as a series of icons on the bottom of the screen say to the right of that hash, as an additional check on security. If all of the code that does this is in hardware, this provides an additional check to verify the software has not been modified that people might remember. Of course there are lots of variations of this, including just say making the last 4 digits of the hash bold, or whatever.

          8) Keep the code open source. There is no particular reason this is 8, it could as easily be (1). If the cpu is a custom chip, it might require releasing an open source emulator so people can test it. Of course, most likely you are going to use some common cpu core, even if you say put the cpu/gpu on the same chip. Just to reinterate, the key with some of this to be on the same silicon is to prevent tampering. If say the chip that verified the hash was elsewhere, then you might be able to just send a "it passes" signal for everything. Similarly if the code that computes the hash or the encryption is elsewhere, you also have a vulnerability. By having everything security related on the same silicon, you can be reasonably assured that when it checks out the election software that it truly is secure.

          9) You can argue with the need to be able to update these fast, and if you agree with that, then you might have to boot from a second source, in order to update the flash, or whatever storage the device uses. All in all though, i don't buy that argument. if you say put it on a flash device that is behind a seal, then you can as easily physically change the flash module. Of course, if you are going to allow a second booting source to reprogram the device, it had better pass its own cryptographic checks to insure it comes from a trusted source.

          10) Don't forget the paper trail. While, I've tried to make the previous ideas sound, I likely missed things. This is, after all, a relatively quick post, and I'm only one pe
        • by Catbeller (118204) on Saturday October 21, 2006 @08:47PM (#16532589) Homepage
          Forensic evidence indeed. To prove fraud, you simply tally up the paper ballots. If the tally doesn't match the electronic total, fraud occured. So simple.

          Also, you can pinpoint exactly where and when and to what advantage the Diebold hack occured. If we had such a system in place in 2004, there would have been hell to pay in Ohio. And it would prevent the upcoming hack in November, as they simply have to pinpoint individual precincts to alter -- no need to hack every machine. The pattern would be obvious if there were a paper trail.

          Why else do you think Diebold has fought so hard to prevent paper trails at all costs? It makes no sense, as they would simply make more money with paper trails. Occam's razor: they know that the paper tally would not match their electronic tally, and HELL would break loose. In a rational country, this would be obvious. We aren't rational. The Republican faction in this country has a lot invested in these machines.
          • Re: (Score:3, Interesting)

            Except for one problem - many states are demanding that Diebold add a paper tally to their machines, but are not willing to change the original contract.

            For example, lets say you contract with an entity to offer a set number of widgets, and during delivery the entity demands that you provide more than the contract states without renegotiation of the contract. Would you provide it free of charge?

            Neither will Diebold. Don't believe the conspiracy theorists. If Maryland and other states want a paper tal
      • Re: (Score:2, Informative)

        by Anonymous Coward
        Ballot box are never left unsupervized. That's the difference.
      • by lawpoop (604919) on Saturday October 21, 2006 @04:44PM (#16530909) Homepage Journal
        The problem with electronic voting hacks is that a single person can change entire elections, in very little time, without leaving any evidence at all.

        With paper ballots, you have to come up with a lot of other ballots if you want to stuff the ballot. That takes time, material, and co-conspirators. If you want to destroy ballots, you have to take them out of the box and get rid of them. You might shred, burn, bury them, or throw them in a river. That takes time, and leaves evidence and possibly witnesses. If you want to destroy enough ballots to change an election, you will probably also need co-conspirators, and will need to avoid witnesses.

        So anything you do to change a paper election will take a lot of time, resources, and manpower, where as an electronic theft of an entire election is almost instantaneous, with no witness and no evidence *.

        * Aside from exit polling.
      • by Jeremi (14640) on Saturday October 21, 2006 @06:26PM (#16531595) Homepage
        So how is this any different from a traditional low tech ballot box? If you allow someone unrestricted and unsupervized access to a box full of ballots its security breaks pretty fast too.


        You're right, and that's why nobody has "unrestricted and unsupervized access" to the ballot box once it contains ballots. It is kept locked and in full public view during the election, and the ballots are carefully supervised (by at least two poll workers, usually more) at all times afterwards.


        The difference is, with the Diebold-style systems the "ballot box" is also a security hazard when it's empty. If you want an analogy, you'd have to imagine a ballot box that could be programmed before the election to create or destroy ballots during the election.... a device that would not be easy to implement in plastic ;^)

    • by StarfishOne (756076) on Saturday October 21, 2006 @03:36PM (#16530345)
      Besides taking the effort to install invisible vote-stealing software, one can just open the MS Access database and edit the values: http://www.scoop.co.nz/stories/HL0307/S00065.htm#v otes [scoop.co.nz]
    • by Anonymous Coward on Saturday October 21, 2006 @04:08PM (#16530587)
      FUCK A PAPER TRAIL. We need PAPER ELECTIONS. Just that simple. Can paper elections be rigged? Of course they can. Can they be rigged as easily, as invisibly, as completely as digital elections? Hell no. What's mind boggling is that there's even a debate here. Get rid of digital voting machines. Hell, get rid of ANALOG voting machines. Piece of paper, ink pen, padlocked metal box. That's how sane people run elections. The notion of there being anything worth debating here is nothing but complete bullshit.
      • Re: (Score:3, Insightful)

        by Anonymous Coward
        I think everyone knows this. Your friendly government officials know this. The unstated is the fact that Diebold spends large sums of money on lobbying. People in government are afraid to rock the boat. This is a byproduct of bureacracy. People will be punished for standing up to do the right thing.

        It wouldn't take much to do a manual vote count, but you see, in the end, greed rules. Greed causes harrassment, frivolous lawsuits, bogus investigation by government (the whistle blowers are a menace, you see),
        • by Anonymous Coward on Saturday October 21, 2006 @06:15PM (#16531525)
          It's funny my parent post got a score of 0. I was speaking in reference to a lecture I heard from a lady from Renton, WA, who stepped upon an FTP site with the Diebold software. There was a directory called "Rob-Georgia", I might add. In this was 3+ Gigabytes of files from Diebold. This stuff was uploaded and when she tried to get people to pay attention, no one bothered to (like the moderator who decided not to score the parent post).

          To make a long story short, she uploaded the files to an area where technologically savvy people frequent, and said, "Hey guys, take a look at this." The only people that replied were the people willing to take a stand, i.e. the programmers at Princeton.

          So, for an "unimportant post", I divulged information that actually happened. You see, after government officials became aware of flaws in the software, they still kept the Diebold machines in their budgets (hundred of millions of dollars in sum, mind you). Huge amounts of money is being spent on machines that have software programmed by douchebags up in Canada. These machines can be telephoned into to be monitored (good ole' Windows RAS). Oh, and the whistle blower lady was harrassed, her house being broken into subsequently and her being monitored by a government agency, which she has had to talk with regularly.

          Yep, you trust your election security to software programmed by dumbasses using Microsoft Access as a database. You trust your election security to individuals that are allowed to bring the Diebold machines home with them after elections are conducted. You trust people to count elections who are ex-convicts hired out by contracting firms.

          Why? Um, well, because, um, I think they can be trusted? Oh, that sounds sooooo comforting.

          Let's ignore the whole issue about suffrage that was fought so hard for.

          My only logical conclusion if people can possibly ignore what I just wrote is that they are idiots. I just hope slashdot readers are a set above the curve.
      • by frdmfghtr (603968) on Saturday October 21, 2006 @05:18PM (#16531159)
        FUCK A PAPER TRAIL. We need PAPER ELECTIONS. Just that simple. Can paper elections be rigged? Of course they can. Can they be rigged as easily, as invisibly, as completely as digital elections? Hell no. What's mind boggling is that there's even a debate here. Get rid of digital voting machines. Hell, get rid of ANALOG voting machines. Piece of paper, ink pen, padlocked metal box. That's how sane people run elections. The notion of there being anything worth debating here is nothing but complete bullshit.


        I have to agree--it has been proven that we, as a technologically advanced society, cannot reliably run an election using any sort of machine to count the ballots. I mean, when a machine counts more votes in a precinct than there are registered voters, that should be a big red flag lit up with a bright spotlight saying (no, SCREAMING) "Hey, something is all screwed up here, better take a look!" I wonder how many "irregularities" like this DON'T get caught.

        I will still support the use of some form of digital voting machine to print these paper ballots with the voter's choice marked, so that the ballots are marked in a consistent fashion and help prevent spoiled ballots (two candidates marked for the same position for example) but to count them, you need people, and only people.

        A rep from each candidate's election campaign to monitor the count and an official counter are what you need. Go ahead and use a spreadsheet to total up the counts if you like, since building a spreadsheet that can add two numbers is still something we can do reliably, but the official count for a precinct is done by hand.
      • by shaitand (626655)
        I agree with paper elections. I also think that digital machines can have a place in elections. You make your choices on a computer, the computer prints out the ballot. The ballot is plain english and human readable. Nothing computer readable, not even a barcode.

        This way you don't have to worry about people not being able to figure out how to punch the ballot, but there is no way a computer can rig an election.
        • e-voting (Score:5, Interesting)

          by falconwolf (725481) <falconsoaring_2000@@@yahoo...com> on Saturday October 21, 2006 @10:04PM (#16532957)

          I agree with paper elections. I also think that digital machines can have a place in elections. You make your choices on a computer, the computer prints out the ballot. The ballot is plain english and human readable. Nothing computer readable, not even a barcode.

          Actually India has a pretty good e-voting system:

          Slate magazine pokes fun at America's continuing electronic voting anxiety by using India [sepiamutiny.com] as an example of how to do things right:

          While we in the United States agonize over touch screens and paper trails, India managed to quietly hold an all-electronic vote. In May, 380 million Indians cast their votes on more than 1 million machines. It was the world's largest experiment in electronic voting to date and, while far from perfect, is widely considered a success. How can an impoverished nation like India, where cows roam the streets of the capital and most people's idea of high-tech is a flush toilet, succeed where we have not?

          Apparently India uses an incredibly simple technology that may not be as fancy as the machines here, but does the job well.

          The result is a machine that looks like a cross between a computer keyboard and a Casio music synthesizer. In fact, it's not much of a computer at all, more like a souped-up adding machine. A column of buttons runs down one side. Next to each button is the name and symbol of a candidate or party. These are written on slips of paper that can be rearranged. That means unscrupulous politicians couldn't rig the machines at the factory, since they wouldn't know which button would be assigned to which candidate. Also, the software is embedded--or hard-wired--onto a microprocessor that cannot be reprogrammed. If someone tries to pry open the machine, it automatically shuts down. After much testing, India adopted the machines for nationwide use this year.

          Why do our machines suck?

          American machines, by contrast, may be vulnerable to wholesale fraud. Our machines are far more complicated and expensive--$3,000 versus $200 for an Indian machine. The U.S. voting machines are loaded with Windows operating systems, encryption, touch screens, backup servers, voice-guidance systems, modems, PCMCIA storage cards, etc. They have millions of lines of code; the Indian machines hardly any at all.

          Falcon
      • Re: (Score:3, Interesting)

        by jandrese (485)
        We also have to get rid of our expectations to know the winner of the election on the day of the election or the next. Sane people are willing to wait a few weeks to get all of the counting done I guess.
    • You, the voter, need to physically move your verified ticket into a box under the watchful eye of the election judge. This MUST NOT be done by machine, unless the machine also does it in an easily visible fashion under the watchful eye of an election judge - which is simply not what's going on.

      I early voted on a Diebold voter verified machine - and it's NOT good enough. I even had a nice conversation with the technical election judge, and since it did print a verified trail I did have to go home and think about this before I realized how it sucked.

      They totally and complete circumvented the idea of a voter verified paper trail.

      The way this machine works is you vote, it prints, you can see-but-not-touch the printout. You can vote AGAIN (up to 3 times) and it voids the previous printouts. Again, without you touching them. Which means the process expects that some percentage of its paper trail will be voided. The printouts get sent into some magic compartment.

      So 1) there's no way except by noise for the election monitors to know if it printed a variety of extra votes. And they were pretty quiet.

      2) There's absolutely zero way to know if it went back and voided your vote, because there's plenty of precedent for voiding votes.

      3) It can absolutely tell via paper alone who voted in which order; it's on a spool. Which could be easily tracked by anyone who watched what order people voted at that machine. Your votes are even less anonymous.

      *sigh*
  • Hopefully (Score:3, Interesting)

    by PainBot (844233) on Saturday October 21, 2006 @03:18PM (#16530187)
    Hopefully more people including journalists will receive that, have experts look at it and expose the scam.
    Sounds unlikely though, since this is all illegal.
    • Re: (Score:2, Interesting)

      by Anonymous Coward
      All she has to do is to send the code to a Swedish official, then it will be covered by the "Offentlighetsprincipen" (god knows how to translate this to American, it means that any citizen can claim it for review) as were the secret bible of the scientologists some years ago.
    • journalists print stolen/illegally obtained materials all the time... Look at how bad Apple leaks/ HP board directors have gotten... Diebold will probably illegally track and spy on it's employees to find the leak... maybe we can get them that way.. or maybe the Republicans will just get the cops to do it illegally for them.
    • Re:Hopefully (Score:5, Insightful)

      by megaditto (982598) on Saturday October 21, 2006 @04:47PM (#16530919)
      Don't be caught by this bullshit bait.

      What we need is legal access to the actual code (+source, compiler, bootstrap process) running on the machines, not an illegal access to a piece of code someone chose to 'leak'.

      And more importantly, we need voter-verified paper trail.
  • by The Amazing Fish Boy (863897) on Saturday October 21, 2006 @03:19PM (#16530197) Homepage Journal
    I don't know. I mean, I'm not sure of the details of the current system, but is the software available before the election?

    If not, it is more secure in a way, since malicious users can't test exploits on it before the election, and then they have limited timeframe to do that during the election. If it's open source, and up for review, someone could find the exploit and not tell anyone, right?

    This is just my initial reaction to the idea, so I might be way off. Any thoughts?
    • That may be a solution, release the code after the election, and run checksums on all the meachines. But that would require changes in code for every election so people can't depend on exploits they may find.
    • by N3Roaster (888781) <nealw@[ ].org ['acm' in gap]> on Saturday October 21, 2006 @04:00PM (#16530529) Homepage Journal
      It's true that with open source, someone could potentially find a flaw, not tell anybody about it, and then exploit that flaw to manipulate an election. Why would someone do that? Obviously to advance an agenda, either by getting a win for a particular candidate who supports that agenda (so you'd want to manipulate the votes in a sneaky way) or if your agenda is getting rid of these voting machines, producing results that are clearly absurd (landslide victory for the Stallman write in campaign). I think the former is more subversive and likely to have financial support either from the candidates themselves or organizations supporting those candidates. Given this, it is reasonable to assume that if you are going to fix the vote for the win, your opponent will too, which means you need to either escalate the fraud operation, increasing the risk such fraud will be exposed, or you need to prevent your opponent from taking advantage of the flaws by having them patched and using that labor you saved by not escalating to instead get out the vote.

      I might also be way off in this analysis, but I think having the code open to public scrutiny and the hardware securely locked down (any potential tampering should be evident) would be the way to go if computers are used at all.
    • I mean, I'm not sure of the details of the current system, but is the software available before the election?

      Of course it is available before the election, they don't just code it up on the spot.

      Just because it is not widely available does not mean it is not available to a sufficiently motivated organization. When you consider the hundreds of millions of dollars spent on campaigning, it is not hard at all to envision a situation in which an insider is offered a couple of million dollars to provide "early a
    • by mabhatter654 (561290) on Saturday October 21, 2006 @04:27PM (#16530747)
      the whole issue revolves around that issue. The machines sit in closets for 6 months then are drug out for an election. Diebold is supposed to be installing and using certified software, but they can't even do that right. The issues started because Maryland election officials were catching Diebold personel putting patches on without the proper paperwork... and they got VERY upset, wanting to know what they were doing. Even the company refused to cooperate... private software and doing their job and all.

      That's what's so screwed up about all this, even Diebold employees weren't following their own companies rules and election offical rules (remember they are the customer). Several Diebold run elections have had outcomes highly suspect... and Diebold is answering concerns with contept for the customers and citizens instead of openness and cooperation.

    • by sjames (1099) on Saturday October 21, 2006 @09:26PM (#16532761) Homepage

      f not, it is more secure in a way, since malicious users can't test exploits on it before the election, and then they have limited timeframe to do that during the election.

      That is the crux of Diebold's argument for keeping the source closed. TFA reveals the flaw in that reasoning. Whoever that anonymous someone is, he sent the source to someone who is not supposed to have it at all. How many other anonymous somebodies have done the same thing in exchange for wads of cash? It's hard to say, but I'm not willing to bet democracy in the U.S. that the number is 0.

      It's the worst of both worlds. The bad guys see the code, but the good guys don't worry about little problems since "nobody but them will even know". Releases tend to happen when it's convieniant for sales rather than when it's done.

      Meanwhile in the open source world, we know everyone and his dog will see the code, so it had better be good. Of course, that is no golden guarantee of perfection. Security flaws happen in open source too.

      A much bigger factor is the ratio of good guys vs. bad guys reviewing the code. With proprietary code, reviews are limited to the dev team and an unknown (probably non-zero) number of bad guys. Open source has more bad guys looking at it, but a LOT more good guys with no vested interest in sweeping flaws under the rug.

  • by benhocking (724439) <benjaminhocking@ ... m minus caffeine> on Saturday October 21, 2006 @03:19PM (#16530199) Homepage Journal
    What if the voting software were open from the beginning, so its security relied only on hard secrets (like passwords and keys), not mere obscurity, which can be destroyed by "leaks" like the one reported by the Sun?
    Of course, passwords and keys can also be destroyed by leaks. The important distinction is that - if you're aware of the leak - it's much easier to assign a new password/key than to fix the software.
  • Due diligence (Score:5, Insightful)

    by turbofisk (602472) on Saturday October 21, 2006 @03:21PM (#16530221)
    One would think that the state would require the sourcecode for due diligence...
    • Re: (Score:3, Interesting)

      by ScentCone (795499)
      One would think that the state would require the sourcecode for due diligence...

      Not necessarily. The state also does things like approve commercial use of things like scales and compertized gasoline pumps. The look at the results (yes, it actually pumped 100 gallons of gas, and that's what the meter is showing), but probably do not have the chops to review the source code in the pumps, the register systems, and so on. And yet, we all assume that the machines, and people using them, are not lying. Getting
    • Re:Due diligence (Score:4, Insightful)

      by TubeSteak (669689) on Saturday October 21, 2006 @07:47PM (#16532181) Journal
      Did you RTFA?
      Or even the summary?

      Maryland was doing its due diligence by having the source code test at two independant software labs... which is, of course, where the source code leak came from.

      Diebold's "it was stolen" explanation strikes me as not being plausible, as the package contained discs from both testing labs. Diebold is claiming that either (A) someone worked at one lab & stole the discs, then broke into the other lab & stole discs, or that (B) someone broke into both labs & got their hands on these discs.
    • by JimBobJoe (2758) <<swiftheart> <at> <gmail.com>> on Saturday October 21, 2006 @07:49PM (#16532197)
      One would think that the state would require the sourcecode for due diligence...

      My county (Franklin County, Ohio) expressed a "strong preference" for their voting machine vendor to provide the source code to a 3rd party elections systems assessor.

      It was not a requirement, but the fact that Diebold wouldn't, but ES&S [essvote.com] would was one of the reason why Franklin County chose the ES&S system.

      Keep in mind, there was no directive from the Ohio Secretary of State on this issue, nor a law from the General Assembly requiring it. Franklin County probably has the most concerned and intelligent leadership running its board of elections, and in that regard, establishes great precedence for the other 87 counties, but they are certainly not under obligation to follow its lead.
  • by khasim (1285) <brandioch.conner@gmail.com> on Saturday October 21, 2006 @03:21PM (#16530225)
    #1. Flaws in the code that could be exploited by anyone who knew them. The classic "security via obscurity". This is just plain stupid.

    #2. Trade Secrets would be revealed. So Diebold has some ingenious work in the system that it does not want revealed.

    #3. Stolen code would be revealed. So Diebold illegally incorporated code from someone else in their product and doesn't want anyone to see it.

    #4. Legal code re-use. So Diebold uses the same code on their ATM's as their voting machines and they worry that anyone with access to the voting code could POSSIBLY find a flaw in the ATM systems.

    Anyone have any other possibilities?
    • by CosmeticLobotamy (155360) on Saturday October 21, 2006 @03:45PM (#16530421)
      #5. They're just selling cheap-ass computers running a crappy piece of software at a hideous mark-up, and they don't want to have to compete with 50 other companies selling the same cheap-ass computers running the same crappy software, or software just different enough not to violate their copyright.
    • Re: (Score:3, Funny)

      by camperdave (969942)
      Diebold uses the same code on their ATM's as their voting machines...

      So I could withdraw $200 from my account when I go to vote? Or perhaps $party could buy my vote right at the voting booth.
    • Re: (Score:3, Insightful)

      #5. Code that is so negligently flawed as to suggest the desire to make the machines subject to abuse, subjecting Diebold to untold economic damages and possible criminal investigation.
    • Re: (Score:3, Insightful)

      by VoidEngineer (633446)
      #5. They're using MS ACCESS "database"?

      WTF? My blood started boiling when I read that! **Access**?????
    • #5. On closer inspection Diebold's code turns out to be GPL'd.
  • by FudRucker (866063) on Saturday October 21, 2006 @03:23PM (#16530235)
    if Diebold has done nothing wrong then they should have nothing to hide, that includes sourcecode, open the sourcecode and allow peer review by experts like those that build BSD & the Linux kernel
  • Program complexity (Score:5, Insightful)

    by NJVil (154697) on Saturday October 21, 2006 @03:26PM (#16530255)
    Apart from a layer of security, just how complex does the software have to be?

    (Clear all variables)
    Enter selections
    Hit accept/enter
    Accumulate values for all selections
    Clear screen
    (Repeat)
    Export at end of election

    Why the hell does something of this level of incomplexity even need to be closed source?
    • by From A Far Away Land (930780) on Saturday October 21, 2006 @03:50PM (#16530473) Homepage Journal
      "(Clear all variables)
      Enter selections
      Hit accept/enter
      Accumulate values for all selections
      Clear screen
      (Repeat)
      Export at end of election"

      You forgot the most important steps, and the reason these machines are a scam:
      - ??? [Elect who corporation pays for]
      - Profit!
    • by psyclone (187154)

      Apart from a layer of security, just how complex does the software have to be?

      This software was developed with resources from government contacts. By that definition alone, it must not be simple software.

      Why the hell does something of this level of incomplexity even need to be closed source?

      If the hardware and software were open source, the public could discover that the hardware/software allows the altering of votes. Thus, to ensure government contracts, granted by people/parties that wish to stay

  • by LuminaireX (949185) on Saturday October 21, 2006 @03:35PM (#16530335)
    How long before we can download it on Bittorrent?
  • by flyingfsck (986395) on Saturday October 21, 2006 @03:36PM (#16530347)
    Of course, the copy now in possession of the legislator/FBI is the only copy, right? So, if the FBI can just keep this *one* copy off the streets, then everything will be fine, right? Putting it on a web/FTP server is not possible, right?
    • Unless the guy that sent him the code made other copies first.
    • by IcyHando'Death (239387) on Saturday October 21, 2006 @06:08PM (#16531495)
      I love this part:

      "A spokesman for Diebold ... said the company is treating the software Kagan received as "stolen" ... Lawyers for the company are seeking its return.

      I see. So all the authorities have to do is recover the copy of the code that was "stole", and once again the American public can sleep sound in the knowledge that this security breach has been rectified.

      Now isn't this a fine illustration of how applying the term "stolen" to information is wrong-headed?

      My question is this: what could Diebold possibly expect to gain from recovering this "stolen" code? Do they expect to ever be able to use it again in their voting machines? Of course they do, and I'll bet they get away with it too, though why they should be able to, I'll never understand.
  • Cracker or insider? (Score:5, Interesting)

    by WindBourne (631190) on Saturday October 21, 2006 @03:38PM (#16530361) Journal
    If this is an insider, then I have to guess that it is somebody who is concerned about some piece of the code. Otherwise, I would guess that it is a cracker who was able to break through the famous Windows security at diebold and grab the source.
  • On a related note (Score:5, Interesting)

    by value_added (719364) on Saturday October 21, 2006 @03:40PM (#16530381)
    I saw on Lou Dobbs [cnn.com] yesterday a piece that showed election officials rushing out to hire grad students to help out with the coming election. The reasoning was that widespread failures (mechanical, networking, software, etc.) were expected and election officials and staffers unanimously considered themselves as both unprepared and unable to deal with anticipated problems. A quick search for election jobs [monster.com] seems to validate the story.
  • What's in the code? (Score:5, Interesting)

    by HangingChad (677530) on Saturday October 21, 2006 @03:40PM (#16530385) Homepage

    Or maybe they're worried that the code contains evidence of tampering with election results? Otherwise it's just code. Just because it's public doesn't mean Diebold loses their copyright.

    But if that code contains evidence of treason...which is what tampering with election results would be...then anyone involved deserves to be stood up against the nearest wall and shot. Then leave the bodies as a permanent reminder to anyone else thinking about ballot stuffing.

    The real question is if the results were rigged, what's that do to the Bush presidency? It would seem to invalidate the '04 election. That means anything he's done while in office should be voided and Kerry should be allowed to serve out the rest of his term. It gets really interesting to consider that the deciding vote on the Supreme Court would be one of those invalidated actions.

    • by Renraku (518261)
      Treason only counts if the crime was committed against the country. Obviously we do not live in a democracy (electoral college, anyone?). The most it would be is a civil matter versus the guy who lost and the guy who won.

      Maybe fraud and a felony.
    • by Sven Tuerpe (265795) <sven&gaos,org> on Saturday October 21, 2006 @05:09PM (#16531095) Homepage
      Or maybe they're worried that the code contains evidence of tampering with election results?

      My favorite conspiracy theory at this point is this:

      If you were in a position to tamper with election results by manipulating the code of voting machines, what would be the most obvious cover-up?

      Exactly. You would make sure that a clean version of the code "leaks", which shows no evidence of any tampering whatsoever.

  • by not already in use (972294) on Saturday October 21, 2006 @03:42PM (#16530401)
    Proprietary or not, software used in something so critical as our democratic process *should* be under the scrutiny of some sort of bipartisan government software auditing group. Whether or not its completely open, doesn't matter. The fact that democrats haven't attacked this issue further convinces me of their incompetence.
    • Re: (Score:2, Insightful)

      by Anonymous Coward
      The fact that democrats haven't attacked this issue further convinces me of their incompetence.

      Silly boy. It's not imcompetence.
      They know full well how 'useful' these voting machines are to the entrenched PTB, and they're busy working on their own code exploits for the next election.

  • by bogaboga (793279) on Saturday October 21, 2006 @03:46PM (#16530433)
    As an American, I am disappointed in this story. If it's true, then we in the USA are not much different when compared to folks in third world countries. Why on earth, would a machine proven to be very prone to compromise, be allowed to be used in the conducting of free and fair elections.

    What about the integrity of the elections?

    Isn't this kind of stuff the kind of thing that a typical American would not be surprised if it were reported as having happened in the so called 3rd world countries?

    What troubles me also is the fact that after all this, our government goes on preaching democracy. I am disappointed! Period

    • by daigu (111684) on Saturday October 21, 2006 @05:12PM (#16531117) Journal
      The elections in the U.S. are different from third world countries. Elections in the U.S. are by and large, worse [prospect.org]. The U.S. has never been concerned about the integrity of elections, much less anything that could be described as free or fair by a third party observer.
    • Re: (Score:2, Insightful)

      As an American, I am disappointed in this story. If it's true, then we in the USA are not much different when compared to folks in third world countries.

      As a citizen of a third world country: are you really, honestly surprised?

    • > What about the integrity of the elections?

      Trumped by "what about the profitability of the company".
    • by Jeremi (14640) on Saturday October 21, 2006 @06:45PM (#16531731) Homepage
      What about the integrity of the elections?


      The problem in American is, everybody is so sure that we're the best democracy ever, that nobody bothers to check to see if that's the really case. People are able to overlook a lot, if seeing it would mean seeing their beloved country in a less-than-positive light.

  • by An Onerous Coward (222037) on Saturday October 21, 2006 @03:48PM (#16530451) Homepage
    Morrill said two of three disks were never used and that the third was version 4.3.15c, which was used in Maryland during the 2004 primary.
    Ross Goldstein, the state's deputy elections administrator, said Maryland now uses version 4.6 and that the public should be confident that their votes are secure.
    The disks contain "nothing that's being used in this election," Goldstein said.
    This is just sad. We've all seen the security warnings that say, "this exploit affects all versions before 1.51.rc3." Code gets reused between versions, especially between minor revisions. Very likely, whatever vulnerabilities are found in this version are still present.

    What he's really saying is, "please, please, please believe that I didn't screw up as badly as it appears I screwed up. Just pretend that the machines are secure, and that democracy as we know it is not in danger."
  • Wave your rights.. (Score:5, Insightful)

    by msimm (580077) on Saturday October 21, 2006 @03:50PM (#16530465) Homepage
    Voting is public. How can a company legally be allowed *not* to disclose the mechanics of a system built to be used in public elections. What .. we should just assume we can trust the democratic system in the hands of big business? Every programmer? Every engineer? They might as well just hire a bunch of staff that go house to house promise to vote for us.

    There are lots of things that you should be able to keep secret, but not how my voting system works. We might as well do away with it altogether.
  • Where is the torrent?
  • by Anonymous Coward on Saturday October 21, 2006 @04:08PM (#16530595)
    Here in the Netherlands there is a group under the name of (translated) "we do not trust voting computer" (http://www.wijvertrouwenstemcomputersniet.nl/ [wijvertrou...ersniet.nl] in Dutch) who is actively discussing the accuracy and validity of voting computers. They posted on YouTube (http://www.youtube.com/watch?v=B05wPomCjEY [youtube.com]) a movie about how to scan the machines about what they registered as a vote. I think that software ruling democracy should be open source just as the entire democracy should be transparant.

    They even posted a security analysis (in English) of the voting computer used in the netherlands http://www.wijvertrouwenstemcomputersniet.nl/other /es3b-en.pdf [wijvertrou...ersniet.nl].
  • Just Plain Dumb... (Score:3, Insightful)

    by masdog (794316) <masdogNO@SPAMgmail.com> on Saturday October 21, 2006 @04:17PM (#16530669)
    On everyone's part. I know that electronic voting is the way of the future, but a closed source, no-bid electronic voting system going to a large political contributor is just asking for trouble.

    I hope some states get the balls to review the code or implement their own system.
  • Count em' by hand (Score:3, Informative)

    by PenGun (794213) on Saturday October 21, 2006 @04:20PM (#16530699) Homepage
    It's very hard to beat and scales effortlessly. We've been doing it in Canada for a long time. Usually takes 4 - 5 hours after the last poll closes. Why do it the hard and screwed up way?

        PenGun
      Do What Now ??? ... Standards and Practices !
    • by Jeremi (14640) on Saturday October 21, 2006 @06:55PM (#16531801) Homepage
      Why do it the hard and screwed up way?


      See, the problem with your antiquated Canadian 'system' is that you often end up electing officials based on the will of the voters. That's no way to run the most powerful country in the world -- leave it up to those yahoos? They'd probably just go and do something stupid, like electing the wrong guy. Who would save us from terrists, gays, and health care then? Hmmm? Hmmm??

  • EXCUSE ME? (Score:4, Insightful)

    by Chabil Ha' (875116) on Saturday October 21, 2006 @04:32PM (#16530793)

    Diebold says the code is proprietary and does not allow public scrutiny of it.

    Where did the government drop the ball on this one? IANAL, but it seems to me that the moment something enters into the arena of figuring our elections, it ought, by the very nature of things, enter into public scrutiny. Are we suppose to just bend over and accept anything the see fit to inflict upon us? The contracts in the first place should have been drawn to allow for a public audit of the code.

  • by erroneus (253617) on Saturday October 21, 2006 @04:34PM (#16530809) Homepage
    Who are the people, other than DieBold, that support DieBold's secrecy? Who are the people who would like to preserve things as they are rather than fix the problems that the rest of the interested public is concerned about?

    I think that when we can publically identify who these people are, we can either have a proper public debate on the topic or we can put the matter to rest by exposing the corruption that has been going on.
  • by BrianRagle (1016523) <bragleNO@SPAMgmail.com> on Saturday October 21, 2006 @05:32PM (#16531245) Homepage
    For a (slight) glimpse at the stakes of a game like this, consider the recent Robin Williams film "Man of the Year". The movie was okay, but the truly frightening thing was how likely a scandal like a rigged election, purposefully or otherwise, might take place. However, before I go into some facts I found through surfing about Diebold and electronic voting, I wanted to point out that even if it was demonstrated beyond a shadow of a doubt that Bush was elected through vote fraud of some kind (not that many of us need any further convincing), it doesn't mean Kerry automatically gets to take the White House and Bush is out. What would most likely happen, along with a series of investigations and lawsuits, is the Supreme Court court would invalidate the election results and declare a new election, at a reasonable time period. Dennis Hastert would assume the throne until the new election results were confirmed but nothing Bush has done would be invalidated, at least, not right away. Even if he was fraudulently elected, he was still the de-facto sitting President and so his actions would be legal (in a manner of speaking). Congress could take some action to reverse some of his doings, but that assumes they want to in the first place. Now, on to Diebold. Found via a Google of "Diebold facts": 1. 80% of all votes in America are counted by only two companies: Diebold and ES&S. http://www.onlinejournal.com/evoting/042804Landes/ 042804landes.html [onlinejournal.com] http://en.wikipedia.org/wiki/Diebold [wikipedia.org] 2. There is no federal agency with regulatory authority or oversight of the U.S. voting machine industry. http://www.commondreams.org/views02/0916-04.htm [commondreams.org] http://www.onlinejournal.com/evoting/042804Landes/ 042804landes.html [onlinejournal.com] 3. The vice-president of Diebold and the president of ES&S are brothers. http://www.americanfreepress.net/html/private_comp any.html [americanfreepress.net] http://www.onlinejournal.com/evoting/042804Landes/ 042804landes.html [onlinejournal.com] 4. The chairman and CEO of Diebold is a major Bush campaign organizer and donor who wrote in 2003 that he was "committed to helping Ohio deliver its electoral votes to the president next year." http://www.cbsnews.com/stories/2004/07/28/sunday/m ain632436.shtml [cbsnews.com] http://www.wishtv.com/Global/story.asp?S=1647886 [wishtv.com] 5. Republican Senator Chuck Hagel used to be chairman of ES&S. He became Senator based on votes counted by ES&S machines. http://www.motherjones.com/commentary/columns/2004 /03/03_200.html [motherjones.com] http://www.onlinejournal.com/evoting/031004Fitraki s/031004fitrakis.html [onlinejournal.com] 6. Republican Senator Chuck Hagel, long-connected with the Bush family, was recently caught lying about his ownership of ES&S by the Senate Ethics Committee. http://www.blackboxvoting.com/modules.php?name=New s&file=article&sid=26 [blackboxvoting.com] http://www.hillnews.com/news/012903/hagel.aspx [hillnews.com] http://www.onlisareinsradar.com/archives/000896.ph p [onlisareinsradar.com] 7. Senator Chuck Hagel was on a short list of George W. Bush's vice-presidential candid
  • I get the impression this wasn't a leak of the "source" as we coders know it, but rather it was just the binaries (executables). Let me put it this way. The article puts it like...

    The availability of the code -- the written instructions that tell the machines what to do -- is important because some computer scientists worry that the machines are vulnerable to malicious and virtually undetectable vote-switching software.

    That's a "I don't know what code is or I'm writing for people that don't know" sen

  • by mrfett (610302) on Saturday October 21, 2006 @09:34PM (#16532803) Homepage Journal
    So I'm going to be an election judge here in Montgomery County this election day. Lots of people have been asking "how can a state government allow closed-source machines to be used?" The answer, unfortunately, is simple and disgusting. Readers of the daily paper should be familiar with Representative Bob Ney, he's pleaded guilty to illegal dealings with Jack Abramoff. Congressman Ney's committee was in charge of the Help America Vote Act (HAVA). This was a thoroughly modern piece of legislation (and by modern I mean written entirely by the industry it funnels taxpayer money to). Congressman Ney actively blocked attempts to mandate a paper trail. He was doing the bidding of his corporate constituents (I don't mean to imply that there is any other kind) who had paid a few disability groups to endorse mandating zero paper voting due to supposed "privacy" concerns. In summary, it has been the voting companies who have pushed us in this direction, and their reasoning is HIGHLY suspect. Let me be clear: I cannot fathom any reason other than a desire to manipulate elections for the resistance to paper trails. Laws mandating paper use would only funnel more money into these firm's pockets. Their resistance to making the process more transparent seems to stem from not wanting to sever a more lucrative revenue stream they want to keep under wraps.

    So the deal is, concerned citizens now have to come and babysit elections. We train on all the fine points of who can access the machines and are basically there to watch the Diebold personnel to ensure they don't "patch" the machines at the last minute. It's fucking insane. As you can probably tell, I'm highly suspect of America's status as a democracy anymore, but I'm doing my best to help us recover. I'll give it a few more years, but the state of affairs is pathetic. We seem set to turn our elections over to the corporations that are running our country (and, as a consequence, our foreign and domestic policy). If Americans don't start giving a shit, this country is over.

"Mach was the greatest intellectual fraud in the last ten years." "What about X?" "I said `intellectual'." ;login, 9/1990

Working...