I'm a member of the Phoenix Arizona GNU/Linux user group.
Back in November a few days before elections, one of the group's members Jim March (if you google the name + Diebold, sequioa etc, you see that he is the real deal) sent a request to the group looking for volunteers to help monitor processes in the voting systems which were not being adequately tracked, such as "monitoring the 22 "regional receiving stations" where ballots come in from the field for modem uploads to the central tabulator" and "Those able to pull only a shorter shift can visit a polling place as it closes and photograph the end-of-day vote tallies as they come out of the precinct voting machines...before those votes can be hacked either in-route via memory card manipulation or at the central tabulator's MS-SQL database"
What went on on the list after this was a disturbing expose of the Maricopa County and Pima County arizona electronic voting systems. While these are not of the "download, vote scan and upload" variety, the similarites, and how "secure" voting systems may soon be implemented, raise many questions about the validity and security of using, among other things, unprotected access and ms-sql databases (with a protected front-end, mind you, but they are easily subverted by using Access or direct SQL commands on the databases, with NO PASSWORDS in some cases)
* On election night, observers spotted an MS-Access manual being
referred to by the lead operator. MS-Access is banned from voting
systems (ain't approved) and the Diebold central tabulator database is
in MS-Access format. If you get to it with Diebold's front-end, it
looks secure enough. Get to it in Access and all security falls apart
completely...you can do anydamnthing you want.
* When we got the audit logs in December 2006, there was what appeared
to be data manipulation plus they had peeked into who was winning and
losing based on the mail-in vote five days *before* election day.
This was illegal as hell, and they did this consistently across most
elections - not just the RTA.
* We fought a public records suit, won, and found yet more rotten
stuff including a lot of memory card re-uploads, more than any normal
election ever. I'll go into details if anybody wants but let's just
say, it looked bad.
>> MS-Access is banned from voting
>> systems (ain't approved)
> This is a very refreshing change from the status quo! Out of curiousity,
> what are the approved DBs for voting systems?
You're asking the wrong question :).
ONLY those pieces of software specifically used for elections can be
used in elections, in most states anyhow, AZ being one of 'em.
The proprietary database front ends by Sequoia, Diebold and ES&S are
approved. Sequoia uses an MS-SQL back end, Diebold uses the MS-Access
runtime back end (they're switching to MS-SQL on the back end "soon")
and I forget what ES&S is doing. But it's basically the same:
proprietary front-end application, likely an MS back end.
In the case of Diebold, the MS-Access front end (the boxed consumer
product) can communicate with the existing back-end and back-door the
whole election. By diddling with the data files (which are .MDB
extension) in MS-Access, you can tweak the audit log, tweak vote
totals, basically do whatever you want, no password needed, no audit
trail even created.
On a more serious note: banks have procedures to prevent insiders from
hacking accounts. You can't absolutely block people from doing it,
but you can block people from tampering with the discovery/oversight
mechanism. Serious computer accounting takes the term "audit log"
seriously.
Diebold put the audit log into the MS-Access database as just another table.
Basically, if you can't trust the physical machines, how on earth will you be able to trust online voting? Sure, it isn't the "download, vote, scan and upload" type of voting that March writes about, it is scary to think how easily such "secure" systems can be completely 0wned. How hard would it be to manipulate the online votes, either en route or once they are counted and in one of the mentioned voting systems?
Voting systems such as was described in the OP are a thing of the past. They will soon be replaced with such lovely proprietary and "secure" technologies I've described above. Hell, who knows, we GNU/Linux guys may not even get a say in the online voting if such systems are purely M$ powered technologies.
The real question is: Do you trust someone else with your vote? Are any voting measurements safe to hacking/changing (Paper or not)?
Sources:
http://lists.plug.phoenix.az.us/lurker/thread/20081103.154522.6e6e3b28.en.html#20081103.154522.6e6e3b28
http://lists.plug.phoenix.az.us/lurker/thread/20090416.172946.c1278c8a.en.html#20090416.172946.c1278c8a