Slashdot Mirror
Touch Screen Voting Industry Circling Wagons
bhoman writes "Salon has an interesting article/interview with the author of a forthcoming book, Black Box Voting, by Bev Harris, that looks at electronic voting machines, especially Diebold touchscreens. The story includes incriminating internal memos, cease and desist orders from Diebold, transcripts of an industry teleconference where Harris Miller of the ITAA brags of his lobbying experience, and documentation of a backdoor via an Access MDB with no password. This is for software currently being used in 37 states. "
How much longer until a major newpaper picks it up?
You can check fingerprints on paper too you know. And with paper, you have the ability to say "This ballot was held by X and he voted for Y", whereas with a screen with some 5000 people touching it in 1 day, good luck finding any useable prints.
An open invitation to election fraud
The U.S. government seems to me to be becoming more and more corrupt. As David Letterman recently said, "When you make out your check for the Iraq war, there are two Ls in Halliburton."
Money seems to be everything, the health of the country nothing. McCain is right, we need campaign finance reform.
Every software in government, which is paid for from citizens taxes, should be open source. So that every citizen (at least the one which is a programmer) could check whether the code is good and fair, especially in elections.
Of course the code actually used in voting machines should be double checked by government professionals, but everyone should have an access to read the code.
I love high tech as much as anyone on Slashdot, but paper ballots make a whole lot more sense: with even a modicum of security you have the originals for recount (recounts being actually pretty straightfoward Florida FUD not withstanding).
"Everyone is entitled to their own opinion, but not their own facts."
You can have fraud using any medium, but when you throw computers into the mix it's a heck of a lot easier to have fraud on a grand scale.
-Jeff
Please learn the difference between a dissenting opinion and a troll before you moderate.
Ok, I admit it, I really thought of fingerprints when I say touchscreen voting. Would anyone care to tell me what kind of screens are used for these touchscreens ? Would anyone with a little will be able to capture your fingerprint on the screen ? I mean, someone comes in, votes, wipes the screen real clean, you come in and vote, next guy comes in and uses that powder the police uses on the screen ? I see no real use for this informations, but still, privacy is privacy ...
In Canada, we don't fancy things like socks
If the machines would actually print out a receipt of sorts, leaving a paper trail for the voter and the election officials, then we would get the best of both worlds. An easy, understandable, and technologically advanced voting system that is open to accurate recounts. But the first count still wouldn't be guaranteed correct.
How about a program that not only places the votes in a secure database, but also creates a PDF (an open format) and stores it on the local disks (RAID). Include all details of the vote, such as voter ID, etc. All the same stuff we keep on paper today.
After voting is complete, another program could open the PDFs and parse them out (is this possible?) and compare the results with the database. I don't know what to do in case of a discrepancy, haven't thought that through.
Oh, and whatever happens, no Windows allowed.
What really got me was the bit where one of their "engineers" was explaining how the "system test" is merely the normal POST. I'm currently in the process of writing a very simple inventory / cash flow management system for my employer, and I started building strict integrity checks and reports into it as one of my first steps. Meanwhile, the people making our voting machines can't be bothered?
TO BUY A NEW CAR WOULD MAKE YOU SEXUALLY ATTRACTIVE.
... for anything important such as voting. I'm a programmer, I do that for a living I've *never* seen a software project that didn't include quick hacks, known vulnerabilities by the dev team, ,a lazy programmer and a PHB.
The fact the matter is, EVERY software project has stuff like that.
I wouldn't trust a software (much less a closed source software) written by anyone (including NASA, govs, whatever) to do anything like this. And personally, I can't believe anyone who has worked in the industry would.
And that is, regardless of the project management techniques, reviews, whatever.
IP Therefore I am.
throwing technology and computerization at the problem will necessarily make the system more secure. Not that these aren't good things, but my experience has been that, from a security standpoint, adding complexity can often increase opportunities to compromise a system.
I'm not saying that a state-of-the-art computerized, hi-tech voting booth can't be rock-solid secure. However, I do see the potential for companies to sell hi-tech voting machine soley on the *impression* that the added technology automatically makes them more secure.
I think the focus should be solely on the standard of security. Whatever system can meet that; be it punch card, touch screen, whatever, is the system we use. Sadly, I suspect such a standard will put internet voting a long way off.
A goal is a dream with a deadline
I'm glad for this article and for people raising red flags on electronic voting.
.
The truly sad part is that, from what I can tell, even if there's nothing suspicious in the realm of vote-fixing, we're still dealing with terrible software design and security.
And, sadly, that terrible design and security is all too common.
I'm hoping articles like this turns peoples eyes towards the fact that we've got lots of terribly made computer systems, applications, databases, websites, and so on doing very vital roles. In my IT career I've seen hospitals brought to a crawl by lousy patient software, websites with databases so bad that they had to be shut down for maintenance reguarly, simple applications delayed for months by bad planning and inappropriate technology, and far more.
So, sadly, in the area of voting, it's business as usual. But business as usual is pretty bad for the usual business as is . .
"The Sage treasures Unity and measures all things by it" - Lao Tzu
Predictably, a bunch of /. responses focus on the fact that the source isn't available for public review as the primary problem, but that's irrelevant, and Bev Harris explained the correct solution quite clearly in the article.
Open source wouldn't be a bad thing, mind you, but why bother auditing the code? What you really want is to audit the *results*, and the easiest, best solution to that is also the simplest: Have the touch screen machines print paper ballots with a nice list of races and selected candidates. Then the voter can verify that they actually voted the way they wanted to, and the paper ballots can be counted and compared with the computerized tallies by anyone who wants to question the system.
As Harris points out, the fact that the manufacturers sem so dead-set on avoiding paper printing seems almost sinister... the solution is so obvious, and so simple that it makes you wonder what their true motivations are. They make a lot of noise about printers being too error-prone and difficult to operate, but that's just silly. Take a look at the thermal printers used by retail systems -- they work day in and day out for years with no more maintenance than replacing rolls of paper. Designing a workable printer for a voting booth wouldn't be trivial, but neither would it be an impossibility. The requirements are very simple: Be able to run for an entire day without jamming or running out of consumables, and print paper ballots that are easy to read and remain clear and legible for at least three years.
There are various minor improvements that can be made to this idea, such as a machine-readable section of the ballot to make automated verification easier, etc., but at bottom paper achieves a level of transparency and reliability that no purely automated system can ever achieve, no matter how many geeks have pored over the code.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Instead of storing the vote electronically, have the voting machine print off your ballot once you've voted, which you would then place into the ballot box. Increased accessibility and usability, no spoiled / ambiguous ballots, and no chance for loyal party members to control the electronic voting.
___
Cogito cogito, ergo cogito sum.
Not the whole answer, at least.
We need to check, not only that the software has no obvious backdoors, but that
I'm not that paranoid; there are probably any number of other things that could be screwed with and still have the code pass any kind of review with flying colors.
Paper ballots are the only answer.
Welcome to the Turing Tarpit, where everything is possible but nothing interesting is easy.
It doesn't cost a thing to be able to use an access MDB for your data. And the odbc/oledb drivers are in the default install of Windows (OK, so you have to pay for the OS). But any OS can read an MDB file with free drivers.
I guess you're referring to the front-end application that gives you form designers and such.
>>> courtroom nonsense and bickering
If you call making sure all the votes are counted 'bickering' then we're in serious trouble.
there's no place like ~
What we need is a stronger regime, one even more unafraid of manipulating silly elections. The point of elections isn't to choose a leader; it is to advertise to people that they have "chosen" their new dictator.
Unwashed masses that THINK they were somehow involved are much easier to abuse. THAT is the purpose of putting on an election performance.
--
"Those who cast the votes decide nothing; those who count the votes decide everything." - Josef Stalin
You will want to ensure that the machine accurately registers and tallies votes. Verifying the source alledgedly used in all the machines is not sufficient: you'd need to inspect the (sufficiently large) CRC of the binaries on each and every of the voting machines. You'll want to verify that they are indeed running the software that you have inspected, not some doctored version.
Even if all machines produce accurate data, that will do little good if anyone can edit the resulting data file, or if the totals are communicated to a central counting facility through a means which allows easy forgery of the results.
The problem with any electronic voting system is its intransparency, not of the program source, but of the voting and tallying process. Once the job of vote registration and counting is delegated to a machine, it becomes invisible. It is like handing a box of paper ballots to anyone in the streets and asking him to tally up the votes without any supervision. You'll have no idea of the accuracy of the resulting count, unless you are able to recount yourself... and for that, you need a paper trail.
I firmly believe that any electronic voting needs to be accompanied by a paper trail, and that the counts must be subject to verification of a recount using this paper trail. An electronic voting machine should either produce a paper ballot which the voter can inspect and post in a lockbox, or it should scan a paper ballot on which the voter has indicated his choice by hand. There arer very good reasons to trust paper ballots over electronic ones that are hidden inside some machine:
- The voter has tangible assurance that the vote that is deposited is the one that he has cast
- The counting rersults are verifiable: the counting can take place in a group of people from all stakeholders in the election, who will all watch each other.
- In case of doubt, a recount can take place using the original ballots counted by a different group of people.
- Most importantly: paper ballots are incredibly hard to forge in bulk, and it is very hard to introduce a significant amount of them into the counting process.
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
First of all, let me apologize for the "high horse" remark. That was needlessly inflammatory editorializing.
Evolution and environmentalism are not the issues here. They are based on solid science and should be included in the curricula, as they are almost everywhere despite the tremendous effort of religous conservatives to block them or get equal time for their mythos.
The "left" agenda affects education in other ways, mostly focused on sanitizing our history and literature where it doesn't suit the purpose of demonizing white Europeans (cite any number of books banned for using the N-word, or the fact hat I have to euphemize N-word or risk being flagged a racist by some PC traffic scanner). That is not being grounded in reality, it's pandering and dishonest. It is historically myopic, and it threatens the intellectual development of our children.
Seriously, read the book I mentioned, or even just some of its press. There are extremists out there on both sides, and both affect education far more than they should.
Trouble making decisions? Just flip for it.
I mean, Bush himself recently declared that there were no WMD's in Iraq, but it only made news deep within the covers of the various big journals which even bothered carrying the little item.
But this one, voting corruption in the world flagship of 'Democracy', is going to be the real indicator.
I mean, it seems this voting machine problem is in fact well known and understood by millions. People have time to raise a proper stink and prepare. I very much look forward to seeing if America will DO something about it or if they'll just grunt and roll over to a new sleeping position.
Unfortunately, it doesn't really matter very much in a political sense. At this point, it doesn't matter who gets into office. They're all a bunch of dangerous bastards who can be expected to play ball to the New World Order agenda. Those who can actually make a difference have a strange tendency to die tragically in King Air A-100 plane crashes.
I had no idea that Arnie was royalty! He's married to a Kennedy, his mom is married into high-level Austrian politics, and his pappy was in the SS. The boy terminator declared himself the loyal friend of a convicted Nazi war criminal, no less. --Oh yes, and the all-white, all-male, all-billionaire Bohemian Club which has a habit of determining who gets to be the president of the United States, (among other things), has agreed to make Arnie a king of some standing, possibly THE king. Sheesh. Thank goodness California put the brakes on when they did!
My only hope is that if America does manage to wake up enough to fix this voting machine horseshit, that it'll take the next step and realize that the current administration, and all current potential administrations, are corrupt to the core, put ALL of them in jail, and start fresh. I mean, sure, they'll have no functioning government for the next year, and people will panic, and the dollar will vaporize, and the really evil bastards will all hide out until everything blows over, but. .
Who am I kidding?
More likely? This voting machine problem will be looked and:
1. People ignore it, and what difference does it make after that?
2. People 'fix' the problem and then wait patiently to see which monster gets properly elected to continue the destruction of the universe.
Americans don't have the awareness or the spine for a real revolution.
-FL
That brings up an interesting point. The main beef I saw in the article was that the database was not auditable in the event of changes made, and that there's no other trail of information to follow.
The IRS would *never* accept the idea of accepting a tax return from the common citizen in the form of a database file without keeping some form of a copy for themselves.
And that, IMO, makes for an interesting point: The IRS is a government entity that deals with money. Where money is concerned, fully auditable paper trails are an expectation with just about any entity, let alone the IRS (just check out Wal-Mart or some other large business). Laws abound left and right in this regard, too. But, apparently, with our votes, which I think are equally, if not more important, an audit trail has been deemed unnessarily expensive.
The inherent mistrust of man when it comes to money (that the IRS holds), should be held to with voting as well.
.
uR iGn0ranc3, Their Power
No, that's not a basic democratic principle. That's a current principle used to encourage everyone to vote without fear of reprisal, but it's hardly a fundamental aspect of the system.
There are at least two reasons why you want secret balloting, one of them rather subtle. The obvious one is to prevent voter intimidation; the other is to keep people from being able to bring evidence that they voted for a particular candidate outside the confines of the voting booth.
Otherwise, I can park across the street with a sign reading, "$1 Paid For Each Vote for Candidate X" and buy votes from people coming out of the polling place with proof of their vote. Some of the machines being discussed would enable corrupt voters to do exactly that.
You really don't want to have any way to associate individual voters with their votes during or after an election. I'm sure there are tons of potential exploits beyond the few that I've heard of or thought of myself. Dropping the voter-secrecy requirement would be a major step in the ongoing banana-republicization of America.
Dahlmann tightly grips the knife, which he may have no idea how to use, and steps out into the plain.
I don't have a verifiable paper trail, but I've never worried about something "hacking" a big box of gears, "bugs" in the gears, the big box of gears going on the fritz, or the gears being made to somehow fit some nefarious purpose. You can't "patch" the gears remotely.
I see no ways that this system is inferior to a touch screen system. THEY SHOULD USE WHATEVER VOTING SYSTEM WORKS THE BEST, NOT THE ONE THAT'S THE MOST "ADVANCED" AND EXPENSIVE.
Thank you.
In addition to this, the paper ballot that the voter takes from the voting machine should be placed in a ballot box. By the voter, no-one else. That box would then read the vote, and if it matches the one placed by the voter in the booth, the vote would be committed to the database and a green indicator would light up on the ballot box. A red light would indicate failure and the voter would be given the option of retrying the rejected ballot, or cancelling the vote and trying the whole process again.
;)
The point is that the voter must be able to verify with the election official that the vote is correct. Until that happens, the vote would not be committed and could be retracted to allow the voter to modify his vote.
Another key consideration is that no vote should ever involve a time stamp. That way, observers would not be able to tell after the fact which voter cast which vote. Furthermore, all of the machines should have minimal interfaces and employ tamper resistant design, requiring advanced support in the event of machine failure. This is to ensure that ordinary election officials cannot tamper with the machines. Obviously, the machines would need to undergo military-class reliability testing, because machine failure could invalidate all votes for that precinct, requiring not just a recount but a another vote entirely, which brings a host of new problems.
If someone has a couple million bucks laying around, I've got more ideas on the subject. We should talk
No matter how many of my rights are taken away, somehow I still don't feel safe. -Frigid Monkey
It strikes me as incredible that the "technical" people writing these emails are engaged in such Mickey Mouse chatter, and so interested in just cranking out something, anything that will work. I just don't see how electronic voting is really all that hard to engage in...as long as you have your priorities straight.
There are two primary things we want to accomplish with EVotes -- first, we want to make the voting process easier to engage in. Second, we want to make the counting process more efficient (less costly). We would also like to reduce the error rate, to the extent that we are able.
A touch screen voting interface, big and clear and nice, is exactly what we need to help walk people through the process. We can't, though, rely on the software in these machines. One read through the memos above should convince you as to why -- these people just have no idea what they're doing. Basic? Access databases? Windows? My god.
What this says to me is that we simply cannot get away from paper. So what we want is a system that makes paper easier to use, leaves a paper trail for auditing and verification purposes, and provides ample opportunity for error checking by the voter and by election officials.
We use the touch screen to answer questions. At the end of the voting session, the system prints a "vote" and electronically tabulates the results. The voter verifies that his printed vote matches what's on the tabulation screen. The voter then folds his paper vote and deposits it with election officials in a good old fashioned ballot box.
We can then use the electronic tabulation to check quickly on the results -- this is quite efficient. We will also engage in a substantial amount of verification, by counting the paper votes by hand and verifying this against totals learned electronically. The paper always wins, in this system. We do not necessarily need to count all of the paper votes -- we can use random sampling.
It seems like a win in both directions, for me. Risks include unacceptable printout quality (printer wear), and insufficient random verification.
ISO 9001 described manufacturing and processes.
The important thing to remember about ISO9001 is that it's perfectly OK for an ISO9001 shop to fling completed motherboards frisbee style across the warehouse so that it hits the wall and lands in the pile for packaging/shipping as long as that is the written procedure.
It says nothing about quality, it doesn't even assure consistancy (some boards may actually function after the above proicedure, it's random dumb luck). All it really assures is that somebody paid some ISO9001 auditors a hefty chunk of cash.
The real primary goal of ISO9001 is to remove all human thought from the process so that low paid unskilled labor can operate like expensive industrial robots.
Note that the original INTENT was to force a company to think about it's procedures in an organized manner and so make improvements in their process and in the process generate good solid and complete operational manuals. Unfortunatly, that rarely happens due to managers and ISO auditors taking what should be a manual of good ideas and raising it up to the status of holy scripture.
It is cynically amusing to listen to people in an ISO company talking about procedures in the manual. They sound EXACTLY like door-to-door bible thumpers quoting scripture. It's not at all unusual to find walls plastered with posters repeating the same 'inspirational' phrase everywhere. The phrase is so pervasive that it no longer carries meaning, but instead invokes conditioned response, not unlike a particularly dysfunctional religious cult.
It never once occurs to them that the outcome is what is important and that procedures should be re-written if/when they lead to a poor outcome.
By opening the source even just for the back end portions, leaving the interface and customization part of it closed is not a problem. just have an open source back end, so that you can see where the votes go, how the data is structured. It appears that one of the bigger issues is not voter fraud, but identifying each individual vote. that would be easily identified and removed. and different versions can be more easily certified.
When I lived in Massachusetts, for the last couple of election cycles, the ballots were printed out on a flat white sheet of paper. We used a thing called a BLACK MARKER to complete a line for the candidate we were voting for. This neat piece of paper was fed into a nifty machine.
So, the actual paper ballot was retained if a recount was necessary...and the electronic part was just scanning the marks I made on the ballot. Granted, write-in candidates needed to be verfied manually.
That's all that needs to be done for ANY electronic voting system. None of this touchscreen bullshit, source code fiasco, or questions of verification. The miracles of OCR are something not to be overlooked!!
// Agent Green (Ian / IU7 / KB1JQO)
// IEEE 802.3: All 10base Are Belong To Us
The problem is, no one looks at the paper ballots, even in a recount -- they just run them through the machines again.
In the Diebold memos is a fascinating bit about Volusia County. Diebold machines apparently gave Al Gore MINUS 16,022 votes. Just a glitch, said the news media.
Not quite -- the internal memos show that the programmers couldn't quite explain it, but what they DO know is that two different memory cards were uploaded, card #0 (correct totals) and one hour later, card #3 (all totals correct except for the presidential race). Card #3 has since been misplaced, darn it, no one can find it. And in the memos (triggered by a pesky Florida auditor, doggone those people) as they struggle to come up with a plausible explanation one of them cautions the others to be careful, "you never know when the boogie man is reading these."
You can find this memo and commentary on it at www.blackboxvoting.com and you can find a link to ALL the memos at the activism site, www.blackboxvoting.org
Good for you. The conservative movement has a pretty standard MO. Rather than argue the facts, they just call you names. Any criticism of the government is instantly conspiracy ranting involving UFOs and JFK. It's total bullshit designed to prevent them from having to debate your argument, because that would involve understanding your argument enough to rebute it - and too many of them can't think for themselves enough to do that. They just do as they're told.
They'll call you a conspiracy theorist, call you a commie, call you a long hair, call you a hippy, call you a feminazi, call you a lesbian, call you nigger, call you a faggott, and now, call you a muslim, a terrorist sympathiser, a pot smoker, etc.
I say you fight the conspiracy theorist label with all you got.
Ever use a bill changer in a casino?
There's no limit to how good such a system can be if it matters enough to the people buying it.
And, we're talking about a freshly minted piece of paper with markings designed to be machine readable.
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.