Slashdot Mirror
Touch Screen Voting Industry Circling Wagons
bhoman writes "Salon has an interesting article/interview with the author of a forthcoming book, Black Box Voting, by Bev Harris, that looks at electronic voting machines, especially Diebold touchscreens. The story includes incriminating internal memos, cease and desist orders from Diebold, transcripts of an industry teleconference where Harris Miller of the ITAA brags of his lobbying experience, and documentation of a backdoor via an Access MDB with no password. This is for software currently being used in 37 states. "
http://www.salon.com/tech/feature/2003/09/23/bev_h arris/index.html
The Fix is in. "How George W. Bush Won the 2004 Election":
t ml
http://www.infernalpress.com/Columns/election.h
More info is avaliable atw s/20 01574367_votefraud21m.html
http://seattletimes.nwsource.com/html/localne
MDB? Are these people serious? They think Access has a chance of holding this number of records? I bet a single machine would be crawling by the end of a day.
And if they're going to export to a more suitable db anyway, why not just stick postgres or mysql on there to start? They need only be configured once, same as Access.
Not to mention the incredible drop in required hardware resources, which times all the voting machines to be used is tax money much better spent.
It seems to me that these voting systems should be given to a bidder, and then whatever system they consider can be scrutinized. Faster, cheaper, better, safer...
The only thing more dangerous than a file named -rf is renaming it -rf\ /
Why not using simple sheets of paper where you put a cross for your vote.
The results are counted by hand.
This works here in Germany both fast and reliable.
Half an hour for the first prediction accurate to less that 2 percent change and 24 hours for the end result.
these people think so.
...vividly encapsulates that post-Watergate/pre-punk/coked-up moment when you could trust no one, least of all yourself.
If you don't already have the cookie, it doesn't work.
The EFF is organizing a petition to encourage IEEE to set trustworthy standards for electronic voting. Read about it and join the petition here:
http://www.eff.org/Activism/E-voting/IEEE/
"EFF supports the IEEE in taking on the issue of setting standards for electronic voting machines. We also support the idea of modernizing our election processes using digital technology, as long as we maintain, or better yet, increase the trustworthiness of the election processes along the way. But this standard does not do this, and it must be reworked."
You can't have voting receipts... because that would make it too easy to corrupt the voting process.
Imagine a candidate with 'connections', who insists that you provide him with the opportunity to view your receipt the day after the vote - and if you don't show him a receipt with his name on it, his 'connections' hurt you, your family, or your property.
As an american citizen living abroad, I can tell you there is something fundementally wrong with the way voters are authenticated at least in one state.
:)
I vote once every 4 years, for president, as he/she is the only person representing my views while outside of the u.s.
I registered in 1992 for the first time in my birthstate of Michigan and voted. Did so again in 1996 and 2000. What was the difference between the first and subsequent votes ?
Well for starters, in 96 & 00 I merely walked into the highschool that held the voting booths and showed my ID, they checked their list and had me sign some paper (the address listed is from nearly 25 years ago.) I didn't preregister with the government, I just walked in.
Because my drivers licence was foreign he seemed a bit curious, and I asked him if I could vote for state senator/congressman & all of the ballot initiatives. He didn't seem to thrilled with the idea but admitted once I closed the shutter, nobody would know.
If anybody needs an extra vote in michigan, I'll be willing to sell.. well, I better not..
I could be killed in a car wreck tomorrow and my name would still be on that list I suspect.
Both of these still require registration, and are no more useful than the original link in the FPP. Consider modding down.
Corporation, n. An ingenious device for obtaining individual profit without individual responsibility. - Ambrose Bierce
employee job hours are usually the most costly aspect of planning any project in the government. Hardware pales in comparison (and we get 3k laptops) to 200 employee hours. Software can come close though. ARC View is fricken pricey. There is just no open source equivalent.
Quotes from the above article:
No official at Diebold or the Georgia Secretary of State's office has provided any explanation at all about the OTHER program patch files -- the ones contained in a folder called "rob-georgia" on Diebold's unprotected FTP site.
Inside "rob-georgia" were folders with instructions to "Replace what is in the GEMS folder with these" and "Run this program to the C-Program Files Winnt System32 Directory." GEMS is the Diebold voting program software.
Another quote:
- And assume that all 22,000 program patches did exactly what they said they did: Corrected a conflict between Windows CE and Diebold's firmware to prevent screens from freezing up.
> George W. Bush won the 2000 election under the current ... The mix-up in Florida was because people couldn't figure out a simple ballot.
> American Electoral System.
Oh, is that how it happened?
Even if we ignore the controversial Supreme Court ruling, the issue was much more complicated than that.
Jeb Bush and co. worked to get thousands of black voters disenfranchised by removing their names from the voting rolls if they had a name similar to that of a convicted felon ("Official: Florida disenfranchised minority voters", CNN, March 9, 2001).
Bush worked to maximize the number of overseas ballots in counties he won, he also worked to disenfranchise military ballots in counties Gore had won ("How Bush Took Florida: Mining the Overseas Absentee Vote", New York Times, July 15, 2001).
Of course, the problem was exasperated by Gore deciding to only have recounts in counties he won, rather than across the whole state.
So, the real issue was not just a complicated voting ballot, but also the way the votes were counted. And it's easier to verify how votes are counted (and recounted if necessary), if there's a paper trail. It doesn't help that Diebold's system is insecure.
Consider the fact that Diebold CEO Waldon O'Dell is a Republican who said in a fundraiser letter that he was committed to ""committed to helping Ohio deliver its electoral votes to [George W. Bush] next year." It is all the more important to make sure the way votes are cast and counted are transparent to the voters themselves.
And before I get lambasted by conservatives, consider the following: how would you react if you heard that the CEO of the company supplying voting equipment wrote in a Democratic fund raising letter that he was committed to helping Hillary Clinton win the presidency in 2004? You'd be a little nervous, and a lot pissed.
Insert simplistic political, ideological, or personal proselytization here.
"There might be some clever crypto techniques to make it even harder to change the log"
Single use passwords are one way to do this, and you can use them under *nix at the moment.
Diebold appear to be trying to avoid difficult questions from anyone that is even partially technically competent.
The thing that worries me is why the hell are people even considering electronic voting? What's wrong with OCR'ing the big cross from the ballot card in a controlled environment?
Oddly Draconis
Too cynical to live, too stubborn to die.
Printer ARE the spawn of Satan. They are the single most error prone piece of hardware that exists.
Certainly they're more likely to fail than non-mechanical devices. However, they're not as bad as you say. Running a helpdesk actually gives you a skewed perspective, because you're typically supporting dozens, if not hundreds of printers, or else you're supporting super high-speed printers (which are much more failure-prone), and so it seems like one of them is always broken. In this case, however, the solution is simple: If you can't afford reliable printers, buy extra printers and make them easy to swap.
Thermal reciept printers are an order of magnetude more reliable, but the paper they print on is not. The print fades over time, and the paper decomposes too rapidly for any kind of permanent record.
It doesn't need to be a permanent record. Ballots are only kept for a specified period of time anyway. Thermal paper exists that will retain its contents for several years (I don't remember how long, exactly, but it's more than three years).
Did I mention that a good thermal printer runs between $700-$2000 dollars?
This is not true. I have a few thermal printers in my lab which are very reliable and cost less than $200 each. And these touch-screen voting systems aren't all that cheap, either. The incremental cost of printers is acceptable.
You would actually do better to devise a cheap and reliable electronic (or even mechanical) WORM media, that embeds a timestamp and cryptographic hash into every log entry for verification.
A favorite quote: "If you think that cryptography is the solution to your problem, you don't understand cryptography, and you don't understand your problem."
With your proposed modification, you have just made the system fundamentally unauditable again. The key feature of paper is that the *voter* can verify its accuracy. Any system that does not make it possible for the voter to ensure that his/her vote was recorded accurately is subject to manipulation.
The security of a locked ballot box that is transported, stored, and opened under the direct supervision of (theoretically) neutral guards plus representatives of all of the major parties is unimpeachable. No system that interposes electronic tools between the eyes of the watchers and the votes can match it.
To even try to get close, you're going to have to have extensive reviews of the software, a formal, and auditable, process for loading the software into the machines, a mechanism for verifying the software at various points in time after loading, tamper-resistant (or at least tamper-evident) hardware, etc. It can all be done, of course (I've developed systems that do require it), but it's very expensive. It would also make it harder for small voting machine vendors to compete -- one interesting feature of a paper-based solution is that the security of the machines becomes a non-issue, anyone and their dog can get into the voting machine business. Competition drives prices down, which is good for the taxpayers.
Not only are printers cheaper, but they give the voter a way to feel confident of their own vote and the most *crucial* feature of any voting system is that the voter believe their vote is counted correctly.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Sent: Wednesday, January 17, 2001 8:07 AM
"Hi Nel, Sophie & Guy (you to John), I need some answers! Our department is being audited by the County. I have been waiting for someone to give me an explanation as to why Precinct 216 gave Al Gore a minus 16022 when it was uploaded. Will someone please explain this so that I have the information to give the auditor instead of standing here "looking dumb".
"I would appreciate an explanation on why the memory cards start giving check sum messages. We had this happen in several precincts and one of these precincts managed to get her memory card out of election mode and then back in it, continued to read ballots, not realizing that the 300+ ballots she had read earlier were no longer stored in her memory card . Needless to say when we did our hand count this was discovered.
"Any explantations you all can give me will be greatly appreciated.
Thanks bunches,
Lana
"
followup:
Date: Thu, 18 Jan 2001 15:44:50 -0500
"There are two separate issues/problems that are getting combined in this stream.
"- a check sum error occurred which the poll worker reset and continued counting the card "did not" require downloading before be reset. She never reran the previously counted ballots and this resulted in some negative PR post election. So that is Lana's primary question, how did this happen? Ken explanation sounds like a good one and will not require a line for VTS if we can ever get to GEMS.
"- the negative numbers on media display occurred when Lana attempted to reupload a card or duplicate card. Sophia and Tab may be able to shed some light here, keeping in mind that the boogie man may me reading our mail. Do we know how this could occur? "
NOTES
Sophia was the Diebold tech involved with the San Luis Obispo vote tally that appeared on the Internet five hours before poll closing.
Sophia is also the King County tech rep -- note the Ken Clark alter the audit log memo, talking about doing "end runs" around the voting system -- "King County is famous for it"
followup: possibility of "unauthorised source
Date: Thu, 18 Jan 2001 13:31:04 -0800
"John,
"Here is all the information I have about the 'negative' counts.
"Only the presidential totals were incorrect. All the other races the sum of the votes + under votes + blank votes = sum of ballots cast. The problem precinct had two memcory [sic] cards uploaded. The second one is the one I believe caused the problem. They were uploaded on the same port approx. 1 hour apart. As far as I know there should only have been one memory card uploaded. I asked you to check this out when the problem first occured but have not heard back as to whether this is true.
"When the precinct was cleared and re-uploaded (only one memory card as far as I know) everything was fine.
"Given that we transfer data in ascii form not binary and given the way the data was 'invalid' the error could not have occured during transmission. Therefore the error could only occur in one of four ways:
"Corrupt memory card. This is the most likely explaination for the problem but since I know nothing about the 'second' memory card I have no ability to confirm the probability of this.
"Invalid read from good memory card. This is unlikely since the candidates results for the race are not all read at the same time and the corruption was limited to a single race. There is a possiblilty that a section of the memory card was bad but since I do not know anything more about the 'second' memory card I cannot validate this.
"Corruption of memory, whether on the host or Accu-Vote
The claim made at the time was that the (Florida Republican) folks in charge of voter lists took advantage of a law that lets them kick convicted felons off the list, knocking out anyone from the "wrong" neighborhoods whose name was more or less similar to a convict.
Nope. Nobody was "kicked off the list" because of the felon list. In fact, when the USCCR held hearings on the 2000 Florida elections, they couldnt find a single eligible voter that was kept from voting because they were incorrectly identified as a felon (and believe me- the Democrat majority in the commission looked VERY hard).
And the Florida Republicans were not taking advantage of some loophole in the law- the state was required by a 1998 statute to compile a list of possible felons. According to the law, this list was then given to the individual county elections supervisors who were required to verify that a person actually was a convicted felon before removing them from the voter registration.
The cool part is it's pretty hard to find out you've been de-enrolled 2 weeks before the election, let alone get this error corrected.
According the the statute, anybody that was removed from the voter registration was given at least 30 days written notice, and they were given a process to appeal (in most cases, they only had to go to a police station and submit a fingerprint).
"The defense of freedom requires the advance of freedom" - George W Bush
Just a note that I'm hoping to see the BlackBoxVoting donation forms available soon - this is essential work that the /. community should actively support.
Also, extra thanks to Bev for her recent efforts to post notifications and address issues on this site; because of this I'll be purchasing a copy of her book. The publisher's iconogrpahy is unfortunate for promotion purposes, but ultimately irrelevant to the books' content.
> NO! First of all, when the (Democrat majority) USCCR
:
... In an analysis of the 2,490 ballots from Americans living abroad that were counted as legal votes after Election Day, The Times found 680 questionable votes. Although it is not known for whom the flawed ballots were cast, four out of five were accepted in counties carried by Mr. Bush"
> held hearings on the Florida election, they were not able
> to find a single person that was disenfranchised by the
> felon list.
You linked to the dissenting opinion, and not the original report. The majority opinion was 6-2. The U.S. Commission on Civil Rights found that the 2000 presidential race in Florida was marred by "injustice, ineptitude and inefficiency" that disenfranchised minority voters.
The report concluded that
* "countless unknown eligible voters" were wrongfully turned away from the polls or purged from voter registration lists because of procedures and practices used by election officials.
* criticism of an an effort to purge convicted felons and other ineligible voters from registration roles. Lists of ineligible voters, compiled by a private firm, had an error rate of at least 14 percent, and black voters had a "significantly greater chance" of appearing on the inaccurate lists than white voters
* black voters were nine times more likely than white voters to have their ballots rejected during the counting process. Faulty voting systems were more likely to be used in areas with higher percentages of minority voters, but even in counties where the voting systems were the same, black voters still had a higher rejection rate than white voters
(Source: "Civil Rights Commission Approves Report Assailing Florida Vote", CNN, June 8, 2001.)
The sentence you cited from the New York Times article was incomplete and out of context. It was talking about the Democrats' accusation that the Republicans had organized an effort to seek votes after the deadline: "The Times study found no evidence of vote fraud by either party. In particular, while some voters admitted in interviews that they had cast illegal ballots after Election Day, the investigation found no support for the suspicions of Democrats that the Bush campaign had organized an effort to solicit late votes."
Earlier in the article, "the Republicans mounted a legal and public relations campaign to persuade canvassing boards in Bush strongholds to waive the state's election laws when counting overseas absentee ballots. Their goal was simple: to count the maximum number of overseas ballots in counties won by Mr. Bush, particularly those with a high concentration of military voters, while seeking to disqualify overseas ballots in counties won by Vice President Al Gore.
Insert simplistic political, ideological, or personal proselytization here.
No, you're wrong. Greg Palast did extensive research into what happened. Don't buy the party line from Fox News, CNN, and others who completely whitewashed what happened in Florida.
Now that Diebold has a lock on voting systems, expect more fraud and even less media acknowledgement of it.
Furthermore, this whole myth that Bush lost the popular vote is a bunch of hogwash, since many states simply stopped counting votes once a sufficient victory margin was reached (lead > votes remaining).
Excuse me? Each precinct counts individually. And without counting, how would they know how many votes are remaining. Your statement is a lie.
Ooh, a sarcasm detector. Oh, that's a real useful invention.
Bad election practices such as these were common in parts of England until the nineteenth century. "Rotten boroughs" with small numbers of eligible voters could be used to ensure a candidate got into parliament.
You didn't mention that in one particular case, one of the "Rotten Boroughs" was actually under water yet there was an MP sitting in the House of Commons representing the submerged town. However, had I been the MP, I would've retorted that the underwater town was populated by Basques and thus the town was known as the "little Atlantis" of the English coast.
"Right now, somewhere in this world, Scott Baio is plowing a woman he doesn't love," - Peter Griffin, *Family Guy*