Diebold Threatens Wary Voting Clerk 632
An anonymous reader writes "From the Salt Lake Tribune: a wary county clerk called in BlackBoxVoting.org to test the integrity of Diebold voting fraud machines, part of a recent $27 million statewide purchase (to make sure that only the "Right" candidates win). Diebold goon says machines are now jinxed and it may cost up to $40,000 to fly in a company witch-doctor to make sure there were no warranty violations. Since EVERY SINGLE VOTER who uses these machines is a potential hacker looking to alter election results, why is Diebold so concerned? "
Huh? (Score:5, Insightful)
what does it matter? (Score:2, Insightful)
obvious problem here (Score:5, Insightful)
Slant much? (Score:1, Insightful)
Our election process is broken. (Score:3, Insightful)
I feel kinda sick...is Diebold gonna get away with this?
Is this a case for the ACLU?
At least you're not showing an bias. (Score:5, Insightful)
Stupid (Score:1, Insightful)
Why indeed . . . . (Score:3, Insightful)
Did you sleep through ALL of yor cynicism classes? Diebold is throwing a fit to discourage anyone from snooping around in the guts of their voting machines.
Someone might, y'know, find something. . . . . . . .
highway robbery? (Score:1, Insightful)
Troubling, indeed (Score:5, Insightful)
On the one hand - what if Diebold is purely running a bluff? Then the election board is going to have to pay $40,000 for Diebold to send in someone who will attach some alligator clips somewhere, run something that flashes lights, and generally run some dog and pony show before deciding whether its in their interest to declare the polling machines as sabotaged, just damaged, or just fine.
On the other hand - what if Diebold is honest? Then the election board is going to have to pay $40,000 for Deibold to send in someone who will attach some alligator clips somewhere run something that flashes lights, and generally run some dog and pony show before deciding whether the machines are in fact sabotaged, just damaged, or just fine.
Whether Diebold is bona fide or not, they are likely to claim trade secret privilege to hide the actual workings of their machine or their testing mechanisms... and again, if they're telling the truth, then they would claim that, and if they're not, then their claim would be hard to challenge.
So the fundamental question is this: do you trust Diebold?
Re:obvious problem here (Score:1, Insightful)
You're missing the point, it's not that the systems "can't" be inspected by a third party, it's the level of access they were given and what supervision/oversight was present when it was given. Would you trust a box given to you by someone who said they gave the root password to someone to "inspect" it? Of course not, the first thing you'd do, after changing the root password, would be to inspect the box yourself to make sure nothing was compromised.
While I think that Diebold makes crap, their assertation here is quite valid. The article doesn't mention what level of access the clerk gave to the inspectors and what amount of supervision existed while they were inspecting. It WAS a stupid move on his part. The intention was good, the execution BAD.
Re:what does it matter? (Score:5, Insightful)
Money more important than a fair vote? (Score:5, Insightful)
However, Demma seems more incensed at Funk because he may cost the state $40,000 for Diebold's astronomical recertification fee. He doesn't seem to be worried that people might not trust these machines. He doesn't seem to care that a state officer was worried enough to call in a non-profit third party to verify the integrity of these machines. I mean, these things could possibly affect the outcome of a vote, the foundation for a democratic republic! But instead of worrying about these machines he's clearly more upset about the $40,000 and Funk not talking to him about his concerns regarding the voting machines.
And of COURSE Diebold is going to tell you the machines are fine and fair. Sheesh, they want to make money don't they?
Isn't it great that chief elections officers have their priorities straight?
Give me a ballot sheet and a pencil any day over these closed, proprietary black box machines.
Slashdot bias (Score:3, Insightful)
Christ, this is sad to see.
The system is ingenious (Score:4, Insightful)
Re:Troubling, indeed (Score:2, Insightful)
Here's the right answer (Score:5, Insightful)
Here's where this particular lie is exposed:
1) How can a single voting machine even cost $40K? I want to see the parts breakdown on *that*.
2) Wouldn't you want all the machines recertified before each election? I mean, if they're sitting in warehouse someplace between elections, who knows who poked at them? So each machine costs $40K to use every election?
3) And if this is all T&M, lets assume a generous hourly rate of $250/hour and the guy is staying in a $500 a night hotel. That means this takes about 3 full weeks to certify a machine!
Does anybody understand the implications of Diebold claiming $40K worth of damages here?
Re:At least you're not showing an bias. (Score:5, Insightful)
Re:At least you're not showing an bias. (Score:2, Insightful)
A third party modifies the software configuration of the machines? I'd certainly hope that Diebold would audit the machines after that.
It's also a CONFESSION (Score:5, Insightful)
On the third hand, it is a clear confession from Diebold that third parties can't accurately verify their voting machines and that their voting machines can be rigged.
So any county that thinks it is verifying that the machine isn't rigged by runnig pre-ballot checks is wrong.
They can point to this statement and say "IT ISN'T ENOUGH THAT WE VERIFY IT, BECAUSE DIEBOLD ADMITS THEY CAN BE RIGGED IN WAYS ONLY IT CAN DETECT".
Well, I think he got it almost right (Score:5, Insightful)
However, it should be a disinterested third party, not an advocacy group. No matter how well meaning and ethical the people in the group are, they can nonetheless be painted as enemies of the vendor.
What should be done is to have a professional firm that specializes in computer security audit the machines and provide a report on whether the machines are secure; if not whether and how they can be suecured. And provided the machines can be secured, what policies and procedures are needed to operate them so that fraud can be discouraged and detected.
This is just like having an independent financial auditor come in and look at your books and your financial control procedures.
One-sided article (Score:2, Insightful)
From TFA (Score:5, Insightful)
"The problem is that instead of asking us or Diebold, Bruce Funk allowed a third party to put the warranty in jeopardy,"
So let me get this straight.
Election commissioner notices an irregularity in the memory of some voting machines, from whom the owner of the manufacturing company has very clear partisan leanings.
Election commissioner calls in a third party to run testing on the machines.
Now, I do not see a problem with third parties running audits on the machines used to count my votes. In fact, I want as MANY third parties running tests on thes to insure thier accuracy, as the fate of myself, my family, mmy state, and my country will be affected by what this machine spits out.
However, here we have third party verification being spun by Diebold as being a VERY BAD THING.
Whatever happened to transparency in government and in democratic processes? Is it not one of the core values of America?
Re:At least you're not showing an bias. (Score:3, Insightful)
Re:Huh? (Score:2, Insightful)
I reread the thing 4 times assuming that I was missing something.
Bs with a bit of truth (Score:4, Insightful)
"The problem is that instead of asking us or Diebold, Bruce Funk allowed a third party to put the warranty in jeopardy," Demma said in a telephone interview from Emery County. "If I sound frustrated, it's because I am frustrated. We don't know what they did to the machines. If Bruce would have just asked, we could have saved this forty grand."
First the BS part. If every machine is identical and every machine went through the same testing procedure then there shouldn't be ANY discrepancies in the machines memory. This is presuming that before the elections only that data necessary to perform the tabulation are on the systems. This is total BS to say that the discrepancies are the results of fonts.
As far as the $40,000 to 'fix' whatever is wrong with them, how does anyone know what needs to be fixed if Diebold doesn't allow anyone to test the machines? How does anyone know that Diebold won't surrepticiously make changes which could alter the outcome of an election by performing this fix?
Now for the truth part. By allowing a third party to examine the machines without notifying anyone, Funk did go a bit overboard. This is not to say that he went beyond his mandate to protect the integrity of the voting process. He should be commended for making sure all the i's are dotted and t's crossed before allowing votes to be cast.
However, by not informing the commissioners of his desire to have a third-party examine the machines for flaws or outright corruption, he has invalidated any findings by Black Box since it is true no one knows what they did or did not do.
The correct process would have been to tell the commissioners of his desire for a third-party review and if they objected or if Diebold objected, he could have explained his reasonings why he wanted another set of eyes to check things out (which is pretty much what was said in the article). If they refused the request he would have a much more firm standing to say whether or not the machines will do what the manufacturer claims they will do since by not allowing the examination it would appear that they, either the commissioners or Dieblod (or both), have something to hide.
As it stands now he's shot himself in the foot because he went behind everyones back and secretly had someone else examine the machines.
What is truly interesting is that the commissioners don't appear to be interested in what Black Box found but are more concerned that they'll have to shell out $40,000. That doesn't sound like the people are too interested in ensuring that the machines will work correctly but are more concerned about bean counting.
If Funk does resign I hope he vehemently and vociferously expresses his doubts as to the capabilities of these machines and insist that people use absentee ballots to vote. He should make the rounds on tv so he can clearly explain why he has his doubts so the people can understand what is going on.
Re:what does it matter? (Score:5, Insightful)
Or perhaps you should go back to pecnil, paper and a sealed box, like we still use over here in the UK. I trust that system much more that I'd ever trust a voting machine.
The difference is that in the US we vote on many more offices. My ballot generally includes some forty or fifty choices. It's easy enough to mark such a ballot with a pencil, but it gets difficult to count them, so some automation is useful. Further, a well-designed touch screen user interface is accessible to people with vision and motor skill deficiencies that would exclude them from voting with a paper ballot. Finally, a well-designed touch screen UI is less error-prone.
So, there are good reasons to use machines, but there aren even better reasons *not* to use purely electronic tallies as the final results.
Voting machines should print human-readable paper ballots, verifiable by the voter, that can also be counted by machine, and those ballots should be put in a locked metal box and then counted under supervision of all the major political parties to produce the official tallies.
Class Act (Score:4, Insightful)
There's lots of class war in America, where capitalism is rigged to preserve its best opportunities for rich families. But the president themself is more of a pawn in that war than an emblem of it.
Re:What I would like to know... (Score:4, Insightful)
Why hasn't Diebold designed a hardwired electronic circuit or a mechanical system with failsafes such that the machine can't be hacked, and the wrong candidate will not be selected if the machine fails?
Even better, use whatever kind of unsecure computer platform you want for the voting system, but have it print out a piece of paper with the voter's choices.
That way the voter can see how they voted, and it's not necessary for them even to trust a simple hardwired system which, obviously, is still beyond the understanding of most of the population. Most people aren't EEs.
Re:obvious problem here (Score:5, Insightful)
In my opinion, at least as important is the belief that the proper group to see if the machines are compromised is the manufacturer.
If the machines can't be verified as uncompromised on voting day by an election staffer at a voting location multiple times throughout the day, that's a huge problem. For the voting commission to accept Diebold's line that "That's the way it is." is simply unconscionable.
Slot machines in Nevada can be checked against any number of parameters to make sure that 1) hardware has not been added or replaced, 2) the software has not been altered (from the registered version on file with the NGC) and 3) the settings for the software match the casino's payout statements. The casino can do these checks, the NGC can do these checks, interested public parties can do these checks (with the cooperation of either the casino or the NGC).
Shouldn't we expect at least as much from the recordkeepers of democracy as we expect from a gambling house?
Regards,
Ross
Re:What I would like to know... (Score:4, Insightful)
No amount of tweaking will make the system secure. There is always a weak link. Even if the company had the best intentions in the world, how can they be certain that a lone partisan coder wouldn't sneak a line of code within what I'm sure are millions of lines? This could be done at any point in the chain of programs that handle the votes; from the user interface, to the final tally, through the individual machine databases, the talying computer, the flash memory files etc. etc. etc. I have plenty programming experience and I can tell you that it would be very easy to implement this "bug" so that it happened ONLY on the day of the election so that previous and following tests would show no bias.
Consider,
If you were a company and you were designing a voting machine you would have two options:
1)Hire an expensive team of developers responsible for surveying all the code components of your system to make sure each and everyone one of them are 100% secure and bug free. A feat that no leading software company (say MS) has succeeded in doing for their own software even after decades and millions of man-hours of debugging and re-engineering.
Or, 2) add a small printer similar or identical to the ones used for printing lotto tickets or even those good old receipt printers that are part of *every* cash register. These receips would then be hand veryfied by each voter and then put in a ballot box for future verification and recounts.
Which option do you think is less expensive? What rational is there for a company to chose option one?
Diebold vs Vegas? (Score:3, Insightful)
I'll take some of that action! (Score:4, Insightful)
$40K to re-image a drive and maybe poke around to make sure no key logging hardware is in place (although a lot of good that will do with a touch screen)? Sounds like easy money to me.
US gets voting it deserves (Score:3, Insightful)
Comparing this to other countries is pointless - nobody has as fine-grained voting, absurd expectations from the news-watching population and "zero participation". No purely paper system can keep up any longer, not because of "hanging chads" but because the news media will release "results" (real or made up) as soon as they can. Any delay for counting - by non-existent "volunteers" - is reported as potential fraud by the news media.
Sure, some kind of countable paper might be nice, but it leads to silly things. If you sit five people down to count marks on 100,000 pieces of paper you will not get one result. At best, you will get two or three. And, it is not repeatable. We have had close elections recently that have gone through several recounts only to still be decided by one party giving up. I believe it was most recently the Govenor of Washington that was decided this way because the results were less than 1,000 votes different and each count produced different results, with a different winner.
I know paper isn't the answer.
As to the reasonablness of the $40K fee, it is real simple. Diebold is being asked to recertify the machines and they can charge anything they want. Government contracts like this always result in signficant charges like this because there is no option. It is stupid and naive to assume the fee would be anything like time-and-materials for a couple of real workers. There is also virtually unlimited liability if it is done wrong or not done at all. Compare this to recertifying a heart-lung machine for a hospital and consider that it would only be one person dead if it was wrong.
Re:Answer (Score:3, Insightful)
All three major electronic voting manufacturers already have the ability to add permanent, individual voter-verified paper audit trails to their products. Don't believe people who make it seem like companies like Diebold are resisting. They aren't. They'll build - and sell - whatever municipalities will buy.
The roadblock, as it turns out, is often local election boards. First, the new paper verification systems NEED to go through the government certification process - remember, it's the e-voting watchdogs who are chastising non-certified patches/updates being put into place; the paper audit systems need to go through the same certification process. Further, many municipalities can't understand why they should be forcing paper audit trails; after all, they think, they are just getting away from paper ballots - why should they be arguing for paper ballots (and all the headaches that go along with them, ON TOP of the headaches they already have from learning to deal with e-voting), when they just got away from it?
Re:Huh? (Score:4, Insightful)
Re:Answer (Score:3, Insightful)
So, damned if you do, damned if you don't?
The fact is, a paper trail ensures nothing. It can be falsified, albeit with somewhat more difficulty than purely electronic records. Diebold's primary concern shouldn't be a random voter physically tampering with a machine, it should be the people charged with operating and safeguarding the machine. They have access, and as they're working an election, they almost certainly have strong personal political views that could motivate a "correction" of the results.
*Nothing* is ever guaranteed. The key is to arrive at a system that can be ensured to have at least some semblance of accuracy.
But the local county election officials have been the ones running our elections forever, and that hasn't changed. If you're arguing they should prevent tampering with the machines, including *inviting* tampering from third parties (such as was the case here), I'm 100% in agreement.
Re:Diebold earned bias, but it's partly ATM protoc (Score:5, Insightful)
When was the last time your bank "forgot" that you took money from an ATM? Do you ever hear of problems like that? No? Why does it happen with a vote?
I've become far more cynical about the process as every recount that's happened has had discrepancies. New, uncertified code is loaded on the machines the day before the election. The code is not available for examination by third parties (yet, a slot machine is.)
Why were exit polls so much more accurate in the days of paper ballots? I find it unlikely that the methodology has gotten that much worse, especially considering that similar districts in the same election have varying margins of error that correlate to the voting system in use at the polling location.
administrative access (Score:2, Insightful)
Besides, there should some verification test that can be run independently on the machine to verify it is working as intended, which would not require $40k and a plane trip to use. Clearly, as stated in the article, Diebold is wanting to make this person an example so no other election official will let anyone else take a look at the machine.
Re:Answer (Score:3, Insightful)
A hack to disreguard 3% of the votes for a particular canidate could be set up weeks before, and maybe from the voting machine company themselves (via a 'security hotfix' or something).
A method to have a simultaniously generated and voter verified paper trail does not ensure anything, but it's sure better than having just an excel spreadsheet be the final ground truth of voting records.
Re:obvious problem here (Score:5, Insightful)
But they should be given that much access. An attacker is unlikely to just be "A Voter". These sorts of things are often, if not usually, inside jobs. An attacker should be assumed to have volunteered to manage the vote (which I gather is easy to do since few people want to do it) and should be assumed to be able to spend hours with a machine, probably in the comfort of their own home, and with access to any number of helpful resources, including the full resources of the local political party apparatus or the mafia. That last one's no joke, either.
I'm not very worried about "A Voter", I'm worried about the entire system.
In Diebold's defense, any machine handed over to an investigator should not be trusted again, for the very same reasons. However, Diebold should allow any customer to randomly select a voting system to subject to any arbitrary analysis, and replace it at no (extra) charge.
Re:Sounds Reasonable (Score:2, Insightful)
WTF? Do you really live in a world with such a sucker mentality? Perhaps your ivory tower is so high that you don't need to worry about it? "Don't worry, this works exactly the way I say it does, don't ask questions, just trust me..." is the most alarming thing you'll ever hear. If that statement doesn't fire up your suspicion circuits then, I have to say, you are ripe for the picking by every con-man in the world.
anymore info? (Score:3, Insightful)
How many machines is this? They mention $40k, is that to check 4 machines or 40,000 machines. Makes a slight difference in whether the charge is reasonable. Can certainly see diebold point here, i wouldn't certify the machines when you let someone tinker with em.
It said he was suspicious of the memory, so he can see if anything changes between the original, after blackbox, and after double checking by diebold i hope
Our $900 point of sale terminal prints a receipt, don't get why this is sooo hard to get voting terminals to do it when they cost $27,000,000 / x. Then a test run would be simple and not require any tinkering it seems.
What do you do when you don't trust either side?
It's Uncertifiable (Score:5, Insightful)
The claim in previous elections is that it CAN be verified by running a trial ballot on the machines before the election. This is clearly false, since Diebold now asserts that this test will not detect this 'tinkering' you speak of.
Which means that any Diebold 'tinkering' cannot be detected either. Which means the machines can't be certified as accurate.
Re:obvious problem here (Score:3, Insightful)
The problem is this. In paper voting I am given a ballot to mark, and then put it in a locked box. If all is set up correctly, the lock can only be opened with many people watching, and it will be evident if the lock has been opened or changed.
What Diebold appears to be saying, and what makes the snide comments of the poster somewhat appropriate, is that these machines can be tampered with and the only way to detect it is by bringing in a specialist to spend huge amounts of time analyzing the system.
In fact, if the system were secure, any tampering should be immidiately evident to any reasonable person looking at it. Any changes in code should be immidiately visible, at least though a permanant change log. Any changes in hardware should equally be immidiately apparrent. Diebold is not only saying the machines are not secure, but there is no adaquate audit trail to prove that the machines have been properly used.
Re:FAA Software Vetting Processes (Score:3, Insightful)
> in the trust of software 'black boxes' on planes and not a
> peep from the newly political geeks.
That's because the black boxes in planes are there to record what happens if something fucks up. The Diebold voting machines, on the other hand, are there to fuck something up and not record it.
Re:what does it matter? (Score:2, Insightful)
The problem here is that voting machines present a potential single point of failure. The manual system works so well simply because it is such a pain in the arse. To defraud an election you need to "overwrite" a very large number of paper ballots, or bribe a significant number of returning officers... all risky options. Remove the need for human verification at the finest granularity and replace them with machines, and it just gets easier.
I like your siggestion because it brings the benefits of a UI but still requires manual verification by the voter, but I would still argue that manual counting is necessary to some degree.
Re:40 votes per ballot is primitive (Score:3, Insightful)
I am not american, but don't you think that this kind of things are stupid? I mean when there is an election I'm supposed to think about my choices extensively, to be as sure as possible, and to be able to vote reliably. How can I efficiently error check 15 choices, let alone think every one of them thoroughly?
Re:Class Act (Score:3, Insightful)
I note, in agreement with your points, that Nixon's Republican Party saw him resign without penalty for his crimes rather than even get impeached. While Clinton was impeached, and tried (and acquitted) in the Senate. The Republicans are much more of the "old boy network" than are the Democrats, so the comparative experiences are consistent.
However, I didn't post about the old boy network. I posted about whether presidents can come from classes lower than Bush's bluebloods, or even Reagan's millionaires. Clinton and Nixon prove that they can. And, as you point out, just being president isn't enough for privileged criminal immunity. That takes the kind of class that Bush was born into: lying us into war, destroying the Treasury, trashing the Constitution, stealing elections, dividing the country, elevating religious establishments to official status, spying on Americans, letting Osama go and neglecting the invaded Afghanistan to fester... Those are exactly the crimes impeachment is reserved for. And the only reason Bush isn't hanging on a traitor's gallows is because of his class privilege.
Re:what does it matter? (Score:2, Insightful)
Re:couple points of info (Score:3, Insightful)
Once a given configuration is tested and certified, it should be frozen and cloned. The machines should run tripwire before every election to insure they are all at this frozen state.
Re:Class Act (Score:3, Insightful)
"But the president themself is more of a pawn in that war than an emblem of it."
I would say they are both a pawn AND an emblem of it. There aren't many politicians in this country that are going to get elected without backing from the established powers. It does happen but the established powers normally seek to prevent it and remedy it when it happens, Jimmy Carter being the best recent example of a President the establishment abhored, and worked really hard to replace with an establishment favorites, Ronald Reagan and George H.W. Bush. Carter was elected by popular revulsion at establishment corruption in the Nixon administration and it happened against the will of the establishment.
As I recall one tool the establishment used to get rid of Carter was to manipulate the Iranian hostage crisis, probably including bribing Iran with arms if they would hold the American embassy hostages until after Carter lost the election, and then release them more or less the day Reagan took office giving his Presidency a HUGE and undeserved boost.
Clinton's election was also an abberation. As you recall it happened in part because a rogue element, Ross Perot, entered the picture and altered the election out of establishment control. Were it not for him George H.W. Bush might have stayed in power and the Clintons would be a footnote in history.
Three cardinal sins by the Clintons that made the establishment hate them were the attempt to socialize healthcare which turned a powerful establishment lobby against them, cutting defense spending which turned the most powerful lobby in the U.S. against them, and not being friendly to big energy for the trifecta. As a result the establishment sought to destroy Clinton's presidency for eight years, with scandal charges and impeachment. They failed but they did manage to severely injure the Democratic party and laid the foundation for 2000.
It is my speculation that in the wake of Carter and Clinton the established powers have probably adopted a more aggressive stance in insuring the outcome they want in presidential, congressional elections including:
- For example, serious and pervasive electoral chicanery in Florida which is the ultimate swing state for more than 8 years.
- Manipulation of the Democratic primaries to, for example, destroy a populist rogue in Dean, and replace him with an incompetent establishment candidate in Kerry so they were insured a win in 2004. Howard Dean smacked in every respect of another Carter to the establishment, he nearly won and the establishment intervened just in the nick of time and shredded him through advertising campaigns and electoral manipulation through the corprate controlled news networks.
The established powers do have a problem though. If your average Joe decides they like some populist candidate the establishmen hates, and they can't brainwash them out of it through the media they are screwed.
The one and only solution is you put in place a voting system that can be manipulated to insure the "correct" outcome. You don't have to manipulate it a lot in an electoral college, you just have to be able to swing a small number of votes in a few key states. You can write off the possibility as conspiracy theory and paranoia, but it is a simple fact that elections have been manipulated for as long as there have been elections. The U.S. is not immune to it. The Kennedy-Nixon election was manipulated, so was Bush-Gore in Florida. Its highly likely it was manipulated again in 2004. Black box electronic voting just make it WAY easier to do and a lot harder to detect.
The establishment, the Bush administration in particular, is constantly singing prai
Re:what does it matter? (Score:3, Insightful)
I would still argue that manual counting is necessary to some degree.
I agree. My ideal system would provide:
In addition, all stages of the election, collection and counting processes should be done under the supervision of representatives of the major parties as well as any individuals who care to be involved.
Re:what does it matter? (Score:3, Insightful)
Re:what does it matter? (Score:3, Insightful)
Check out the history of any large US city, there is over a century of experience in quite easily manipulating elections using "fraud-resistant" paper ballots.
Re:obvious problem here (Score:4, Insightful)
In Diebold's defense, Black Box Voting should have videotaped their investigation of the machine including keeping logs of every keystroke the entered into any interface. At a minimum, it would have shown their belief that everything relating to voting should be handled with no possible deception, but it also would have allowed Diebold to verify the integrity of the machines remotely and would give them important information about how someone determined to compromise the security of a voting machine would go about doing so.
Re:What you're missing... (Score:5, Insightful)
No, we're not missing that at all. It seems evident that the Chain of Command was either dazzled, baffled, or bribed into accepting these faulty machines from an ethically deficient corporation, and the only way the integrity of the voting process could be preserved was to solicit an independent examination into the machines' trustworthiness.
That the Chain of Command is now throwing a hissy fit about "warranty violations" serves only to illustrate that they are paying attention to the wrong things. Of course you independently test the machines. When you're dealing with something this important, you never believe the four-color glossies; you acquire your own facts and test stuff.
Schwab
Pick the right tool for the job (Score:4, Insightful)
Likewise, computers are probably the wrong tool for voting. Accountability is removed, we've now put elections at risk of hardware crashes, software hacks, network mishaps, and so forth. Not only that, if the system IS hacked, how does one find that vote I cast against Hillary in the 2008 election? Are votes in hacked disgregarded in districts where the system has been tampered with (bad), or is the final result delayed until another election can be scheduled on a brand-new system (not quite as bad, but still bad?), or on paper (which takes us back to where we were in 2004)?
Computers are great tools (I wouldn't be on
- If networked, can be tampered with remotely, so no amount of police officers guarding over the machines can prevent against crackers
- If wireless, can be interfered with very easily
- Unless hardened, a highly-directional antenna with a moderate-power transmitter can interfere with the box's operation
- Where is the paper trail in the event of the above?
- Paper ballots can be counted under the supervision of both major parties and independents. Not possible with electronically-cast votes.
- If an exploit at the voting console is discovered, what can prevent ballot stuffing? With paper ballots, it's easy; if you drop more than one ballot in, at minimum you will be disallowed from dropping it in the box. Best scanario, you get arrested and charged with a federal crime for being such a dumbass.
In a republic where the representatives are elected democratically, abandoning the paper ballot is folly. Even with the pain of Florida elections arising because a handful of idiots cannot follow very clear arrows and directions, the paper ballot is the very best tool for electing officials. The election is documented with physical evidence, very easily supervised, and tampering is very easily discovered immediately and the idiots responsible being held responsible with very little investigation required.
Leave electronic voting technology up to surveys, unofficial NON-BINDING referenda (e.g., a referendum put forth for representatives to gather official majority public opinion), and the private sector.
Heck, even in IT, computers are not always the best solution for tracking all data or accomplishing all tasks.
Re:what does it matter? (Score:3, Insightful)
Nevada is one of the few states that has a voter verified paper trail. While the voting machines aren't as secure as our slot machines [reviewjournal.com], it seems to be quite apt for Americans to care more about their money than democracy.
Re:What I would like to know... (Score:5, Insightful)
Diebold shouldn't be worried about voters. They should be worried about volunteers who have access to the system. In that case, it's just as trivial for one of the volunteers to hack the system, and also print out fake paper trails as well.
No, the old ways are the best ways here, and they're adequate. A locked metal box with a slot in the top, where voters drop their ballots under the watchful eyes of multiple volunteers who are not only dedicated to the integrity of the process, but represent different political parties as well, is almost foolproof. In my area, when the polls close, the volunteers (all four of them) seal the box with tamper-evident tape and then sign their names over it. Then the box is transported by guards, accompanied by party reps and stored securely until the counting.
You don't want a paper trail. You want an auditable system. Your instincts tell you that paper is auditable. I don't agree.
I'm a professional security architect; I design and build high-security systems for a living, including designing and implement cryptographic protocols for all sorts of high-security systems. Regardless of what my instincts may or may not tell me, my experience and expertise tells me that bits are not trustworthy. I know just how hard it is to build an electronic system that is truly tight. All electronic security must build, in theory, on some known-good starting point, but with an election system there really isn't any such place to begin.
Actually, there is almost never any such place to begin. The real world doesn't provide those sorts of certainties. In security system design the way we address that issue is by spreading the risk; ensuring that the only way the system could be compromised is through the collusion of multiple parties who have good reasons not to collude. This applies to the designers of the system as well as its owners, operators and users.
Whether with paper in boxes or bits in whatever medium, to secure an election you *have* to provide detailed oversight by all interested parties at every stage. Using complex technology serves no purpose other than to artificially limit the number of people who are capable of understanding and verifying the steps. In contrast, given a paper solution, anyone who wants to can understand each step of the process by which ballots make it from voter to counter.
The safer thing to do is reassure the public by explaining the process.
Absolutely. And the safest thing to do is reassure the public by designing a process they can all understand, and then explaining that.
Re:what does it matter? (Score:3, Insightful)
Electronic vote fraud is harder, in that it requires some understanding of technology, but it scales better, and it's easy to imagine changing state-wide results. But then, electronic vote counting is just a silly idea in the first place. Use all the touch screens and voter-assisting technology to print a paper ballot, which can then be dropped in a box. This is not difficult.
Re:Huh? (Score:1, Insightful)
Re:Class Act (Score:3, Insightful)
Re:What I would like to know... (Score:4, Insightful)
What's "adequate"? Only "minor" voter fraud? Once every few elections? It's not like paper ballots haven't been forged before. They have. It's happened.
Sure. On a small scale, it will probably always happen. But that's better than making it possible for one person to modify *all* the votes. Much, much better.
Banks don't rely on four guys carrying a locked box of money when they transfer money.
Nope. They rely on 3DES encryption using a ZMK (zone master key) which was exchanged cryptographically separated into three pieces and delivered via three separate couriers to three separate executives at the remote bank, who assembled it in a key ceremony into a crypto box.
Which means, if you didn't catch it, that the three execs can collude, obtain the key and compromise all subsequent transfers. Or, alternatively, the three people on the sending end who obtained the key parts and mailed them.
*Every* real-world security system relies ultimately on people, and people are the weak link. The only protection you have is to spread the risk. Paper ballots allow the risk to be spread more easily and more widely than purely electronic systems.
Don't get me wrong: I love cryptography. I think it's so cool that I've spent a good chunk of my life working with it. But electronic security is really hard because you have so little to count on, and elections are even worse. The stakes are much higher than just about anything in the commercial world, and no one is truly neutral.
But the biggest reason that the techniques applied to banking and other commercial systems don't work is that elections simply cannot be fully auditable. If the three execs above colluded, compromised the key and then started performing fraudulent transactions it would be caught because bank transactions are fully auditable. The origin and destination of every transaction is traceable, and is verified by both sender and recipient (well, some people are lazy, but that's the theory). That sort of auditability is impossible with election systems because of the requirement that votes be anonymous. Since the ultimate originator of the vote *MUST* have no way to verify that his or her individual vote was properly traced throughout the system, we can't apply the same auditing techniques.
Votes have to be aggregated into anonymous lots, then collected together and tallied. With electronic vote represntations, all of that must, perforce, happen invisibly. Sure, we can try applying digital signatures, but those are only as strong as the signing process, the key management process and the systems that apply the signing. There are holes there you can drive a 747 through given people in the right place. And there are *lots* of "right" places.
With paper, on the other hand, lots of independent eyes can be applied at each step. With enough of them, the process is easy to make foolproof. The first, most dangerous, aggregation step is from the voter to the first collection receptacle. If it's done electronically, you have to ensure that the voting machine is guaranteed to be untamperable by anyone. That's VERY, VERY hard. With a paper ballot, on the other hand, the voter him/herself solves that problem, and watchers ensure that the voter doesn't stuff any extra votes in.
I'll put it this way: If you really think you can design an electronic voting system that is secure in the sense of making large-scale manipulations impossible, write up a detailed design and publish it. If you really do it, you'll immediately build yourself a reputation in the security industry because you'll have proven wrong, for example, the members of the National Committee for Voting Integrity, an organization of computer security experts including such people as David Chaum, Avi Rubin, Bruce Schneier, etc. Plus lots of others. In fact, pretty much every serious computer security expert on the planet has come out against pure electronic voting schemes, so you'll have raised yourself in
Actually, this is a mild case.... (Score:2, Insightful)
A broad outline of what happened to our state (and my county, Scioto County) because of Diebold machines is here. http://www.freepress.org/departments/display/19/20 05/1593 [freepress.org]
The article talks about memory cards and their problems, but there were about a dozen or more other problems with the setup, even disregarding the possibility of hacking.
Diebold has sold voting machines to Utah. Diebold is evil. They want to bully a poor innocent election clerk.
Funny as it sounds, that's exactly how it went here in my local county, and I was involved in the contracting process (A losing battle...word from "on high" was that you either choose Diebold or get no money from the state.) I pushed for another company because the Diebold submission was a load of technical crap.
And, best of all, nothing I've seen or read about since then (North Carolina, anyone?) has done anything to change my mind.