Diebold Threatens Wary Voting Clerk 632
An anonymous reader writes "From the Salt Lake Tribune: a wary county clerk called in BlackBoxVoting.org to test the integrity of Diebold voting fraud machines, part of a recent $27 million statewide purchase (to make sure that only the "Right" candidates win). Diebold goon says machines are now jinxed and it may cost up to $40,000 to fly in a company witch-doctor to make sure there were no warranty violations. Since EVERY SINGLE VOTER who uses these machines is a potential hacker looking to alter election results, why is Diebold so concerned? "
Answer (Score:3, Informative)
Because EVERY SINGLE VOTER isn't allowed a level of access to the machines to presumably perform an audit or otherwise tamper with and/or view the inner workings of the machines.
The solution is quite simple:
- Have a permanent, voter verifiable, auditable, and recountable paper trail (a feature Diebold and ES&S both offer)
- Have an open source system (which actually isn't at all required if the above condition is met)
Shouldn't voting machines be regulated? (Score:3, Informative)
I have worked in the regulated fields of avionics and medical devices. You would think that federal and state governments would have regulations governing exhaustive testing of electronic voting machines against requirements to avoid conflicts like this. What is a secretary of state's job but to prevent pissing matches like this? I don't blame Diebold for not wanting some 3rd party yahoo breaking seals on their machines. But they can't point to a documented, legitimate qualification process to allay their customer's valid concerns. This is lousy engineering of the kind that pervades traditional IT.
Forget the Diebold bashing... (Score:2, Informative)
Who cares how physically secure the machines are or aren't? Even if the machines were tamper proof (which they should be), who cares? The real problem here is that we have a closed vote counting and verification process. That is unacceptable.
Elections and the vote counting process should be completely and utterly transparent. I trust no machine to count votes. If we use any kind of machine, it should be verified by random human recounts.
This is not the kind of problem for a clever or slick solution. The only sane solution, IMHO, is to apply the KISS principle. Keep it Simple Stupid.
couple points of info (Score:5, Informative)
Re:Answer (Score:2, Informative)
Sorry, but according to Diebolds web site...
All ballots cast using the AccuVote-TSX are immediately encrypted and stored in multiple locations within the voting station to provide secure system redundancy. Non-volatile memory is used to ensure election results are securely protected. At the end of the voting period, the integral thermal printer within each AccuVote-TSX can print election totals for the specific voting station.
Notice the At the end of the voting period? They do not offer individual paper audits/confirmations of the votes cast.
The Machine shouln't matter.... (Score:2, Informative)
Some more information about the testing... (Score:4, Informative)
Here's the link:
http://www.bbvforums.org/cgi-bin/forums/board-aut
It's on black box voting's website, so obviously it will be biased, but at least it gives more detail than the gloss-over provided by the tribune.
Re:what does it matter? (Score:2, Informative)
For example, besides electing a new mayor, we voted on what is to be done with a vacant building on the waterfront, whether to keep floride in the city water system, etc.
It is a serious problem. (Score:5, Informative)
The companies have done similar things in other states. In Florida All 3 have refused to sell any systems to Volusia County. The county's Election Director Ion Sancho was the one who allowed his systems to be tested for security and discovered the "Hrusti Hack" namely whereby the machines will load arbitrary code stored on their memory cards and execute them. Such a hack makes it trivial to change ballots, erase totals, etc. It has since been shown that systems by Sequoia Inc. are vulnerable to the same hack.
Volusia county is also the county that caused Al Gore to initially declare defeat in 2000. During election night Al Gore was leading Bush with a comfortable margin. At 10om someone uploaded a card that reported -16,022 votes for Al Gore and 10,000 for some socialist canidate all from a precinct with 600 voters.
This card passed all of Diebold's stringent "safety checks" (whatever the hell they were) and changed the statewide totals putting Gore well behind Bush. Gore declared defeat. After that the county discovered the errors and reset the system claiming that the new totals were correct. Nevertheles the fact remains that the card got in, was loaded, and threw off a U.S. Presidential election.
Now the companys won't sell to Volusia and are telling the state and the feds that it's Sancho's fault because he wants to test the systems for security. Florida's Governor Jeb Bush (brother of shrub) has also personally blamed Sancho for putting the state behind.
Meanwhile the Department of Justice is threatening to sue the state or withold funds because the county has not bought new systems even though noone will sell said systems to them. The idea being, apparently, that he should just sell out the elections.
At the end of the day the collusion and bullying going o by the companies, by the U.S. Government over HAVA (written by Bob Ney former congressmen for Diebold and now a leading figure in the Abramoff corruption investigation) and by frightened state governments is insane. At the end of the day the only losers will be the American People, of all stripes.
Why Deibold, and not these guys? (Score:2, Informative)
Government has to be transparent. If it isn't? Draw your own conclusions.
It's a little embarrasing that the "Bringer of Democracy" can't even be trusted to roll out a fair voting system.
Re:what does it matter? (Score:5, Informative)
o you've never heard of having a different voting slip for each actual office position then... and putting the marked slips in the correct boxes makes things easier at the counting places as well
We'd need at least 30 boxes. That's just impractical. Come to that, it's better to put everything on one paper ballot and then figure out how to count (which is what has been done for many, many years).
You have to remember how governments are structured in the US. City, County, State and Federal governments are all separate, and we vote for offices for each. Within each government, executive, legislative and judicial branches are separate, and we vote for people in most of them. On top of that are ballot initiatives at the city, county and state level.
Whether or not having so many choices actually improves democracy is an open question, but this is the system we have, and the voting approach must work with it.
County Clerk != Voting Clerk (Score:4, Informative)
Read BlackBoxVoting for better info (Score:1, Informative)
Are you aware of the test in Florida? (Score:4, Informative)
I would say even the submitter's point of view is not biased enough - Diebold should get a corporation death penalty [corpwatch.org] for even agreeing to provide voting machines without paper trail. This is such no-brainer, that no amount of outrage is sufficient.
Re:Diebold earned bias, but it's partly ATM protoc (Score:3, Informative)
I doubt you've seen this with the internal printer. Remember the parent said: "When you use a Diebold ATM, it prints a paper trail inside the box, and gives you a printed receipt with a transaction number that can be matched to both the internal database and to the paper trail inside. If the printer inside jams, it stops accepting transactions."
ATMs will continue running if the external receipt printer jams/runs out of paper/etc. But they stop accepting transactions if the internal printer (that prints the internal paper audit trail) jams.
Re:Voting or gambling (Score:3, Informative)
Of course, you have to know about it a couple of months in advance, so an "absentee" ballot can be sent to you, but there is no requirement that you actually go anywhere to get one. They are offered to shut-ins for instance.
Re:Troubling, indeed (Score:3, Informative)
It wouldn't help. Google for "voting machine infrared port", which gets about 800,000 hits right now. It seems that at least some Diebold machines come with an IR port. This makes it possible for someone with a laptop or handheld to connect to the machine from across the room. No actual physical contact is needed.
Actually, I wonder why they do this. An IR port uses an externally-visible "antenna". With wi-fi the port can be internal, without anything visible to give away its presence. And it wouldn't need line-of-sight access, either, so it would be a lot harder to detect.
Preventing on-the-fly tampering with electronic voting equipment could be rather difficult.
I took apart an ES&S touchscreen voting machi (Score:4, Informative)
Not making this up.
I noticed that the next time they cam to town thie newer model which has a paper logger attached no longer fit in the voting carol, So it was mounted on a stand and this would have been slightly harder to flip upside down. On the otherhand if I were a poll worker this would not have been a problem. The places where the tags and seals attach is easily defeated since you can snap out the plastic hinges.
The point here is not that you fould not make one with a better design but that they chose not to. Just as diebold chose to use interpreted code on the ballot configuration cards that has the authority to re-write the vote files.
SO it's not that you cannot make a secure system--eventually--but that there isn't even the slightest effort to attend to some mac-truck size holes. they know they are their and they prefer to hide them in propriatary obfuscation not secure them. These are not people we can just trust because they seem nice. You have every right to be 100% skeptical because every time someone looks hard we find they are not fixed right.
Re:Well, I think he got it almost right (Score:3, Informative)
I think the State Election Commision should hire and independent consultant.
And how do you know the consultant isn't in on the attempt to rig the election? Or the State Election Commission?
An election system should be designed so that no one person or group of people have to be trusted with the results of the election as a whole. The process needs to be open and public, and simple enough that anyone with a brain and interest can satisfy themselves that the thing is reasonably secure.
Except there's no way to do that with electronic voting systems.
Re:obvious problem here (Score:3, Informative)
I think it's a question of redundant systems which can be independently verified. What would I like to see in an electronic voting system? I would like machines with a published hardware design, open source code according to full published formal requirements with a formal specification, published correctness proofs, and verification of the code against the specification, backed up by a redundant system of paper reciepts (turned in at the voting centre).
Sure, that sounds like a lot of trouble, but if ever there was a situation where all the open specifications, formal theorem proving and code verification were worth the cost and effort surely voting would be it. It provides a number of independent ways to verfiy that things are behaving correctly.
Jedidiah.
Re:It is a serious problem. (Score:3, Informative)
Thanks!
Comment removed (Score:2, Informative)
Why not ask Diebold. (Score:3, Informative)
http://www.scoop.co.nz/stories/HL0310/S00211.htm [scoop.co.nz]
Re:Historically inaccurate (Score:3, Informative)
They even tried to move the 'voting' to a back room. You can't believe that was a good system?
Yes, I do believe that is a good system.
The difference between the situation you describe and a purely electronic solution is that in the latter you'd have no idea there were any manipulations going on.
The manual system is creaky and requires lots of oversight, lots of debate, lots of ongoing scrutiny, but at least it's *visible* (note that they tried to move to the back room, but failed).
Untill we get ID requirements to vote the machine and count error will remain much smaller then the registration error (or as they said in Chicago, 'Vote early and often').
Agreed that registration is a bigger issue. I don't think ID requirements are the problem -- at least in my state (Utah) you already have to present valid, current, government-issued ID in order to vote. The regisration issue (here, at least) isn't so much a problem of excessive voting, but of excluding people, preventing them from registering and therefore voting.