Slashdot Mirror
Touch Screen Voting Industry Circling Wagons
bhoman writes "Salon has an interesting article/interview with the author of a forthcoming book, Black Box Voting, by Bev Harris, that looks at electronic voting machines, especially Diebold touchscreens. The story includes incriminating internal memos, cease and desist orders from Diebold, transcripts of an industry teleconference where Harris Miller of the ITAA brags of his lobbying experience, and documentation of a backdoor via an Access MDB with no password. This is for software currently being used in 37 states. "
I wouldn't use an Access Database as a way of securing my list of CDs, let alone my democracy.
Then again, does Dubya have any more brothers who are governors?
It to open the source for these "voting machines" so they can continually undergo a public review.
Hell the hardware needs to be open for review also. It's not like there is any secret designs in there (Unless you are trying to hide something illegal)
All it takes is a tiny bit of off the shelf hardware components, a refrence design and the software to make it work easily... anyone could make an electronic voting system.
until it's all open for review by today's IS and IT experts I will not trust it or the companies making them. This isn't some silly toaster or PVR... this is the basis of the United States... voting..
Do not look at laser with remaining good eye.
Well, it is called Access after all.
Doesn't it make you glad to be in a country were your democratic views are stored in an unprotected Access Database!
An open invitation to election fraud
The U.S. government seems to me to be becoming more and more corrupt. As David Letterman recently said, "When you make out your check for the Iraq war, there are two Ls in Halliburton."
Money seems to be everything, the health of the country nothing. McCain is right, we need campaign finance reform.
Every software in government, which is paid for from citizens taxes, should be open source. So that every citizen (at least the one which is a programmer) could check whether the code is good and fair, especially in elections.
Of course the code actually used in voting machines should be double checked by government professionals, but everyone should have an access to read the code.
I love high tech as much as anyone on Slashdot, but paper ballots make a whole lot more sense: with even a modicum of security you have the originals for recount (recounts being actually pretty straightfoward Florida FUD not withstanding).
"Everyone is entitled to their own opinion, but not their own facts."
What is the fascination with Access? Why does every company seem to use Access for important data when there are so many other databases that are not only higher quality, but less expensive at the same time?
There is nothing funnier than companies that try to use Access as the database for 150,000-pageview-a-day websites. Middle management at its most entertaining.
Business isn't willing to pay for products, innovation and careers, so we get brands, mortgage commercials and layoffs.
MDB? Are these people serious? They think Access has a chance of holding this number of records? I bet a single machine would be crawling by the end of a day.
And if they're going to export to a more suitable db anyway, why not just stick postgres or mysql on there to start? They need only be configured once, same as Access.
Not to mention the incredible drop in required hardware resources, which times all the voting machines to be used is tax money much better spent.
It seems to me that these voting systems should be given to a bidder, and then whatever system they consider can be scrutinized. Faster, cheaper, better, safer...
The only thing more dangerous than a file named -rf is renaming it -rf\ /
and these touchscreens can have marquee screensavers saying, "This whole thing is wildly inaccurate. Rounding errors, ballot stuffers, dynamic IPs, firewalls. If you're using these numbers to do anything important, you're insane."
If the touch screen prints out a ticket that confirms your vote and you put half of the ticket into a locked box all the votes are completely auditable. The ticket could even have a long random number on it that you could use to confirm your vote was counted correctly. If there is a re-count they put all the neatly printed, voter confirmed ticket stubs through an optical reader. No pre-preinted ballots are needed, just a roll of ballot stock. Something is fishy here, must business want to supply a materials to a customer on an ongoing basis. Here they are fighting the customer telling them you don't want to mess with paper.
Free cell phone tracking
Depends how much they try to overlook it.
What really got me was the bit where one of their "engineers" was explaining how the "system test" is merely the normal POST. I'm currently in the process of writing a very simple inventory / cash flow management system for my employer, and I started building strict integrity checks and reports into it as one of my first steps. Meanwhile, the people making our voting machines can't be bothered?
TO BUY A NEW CAR WOULD MAKE YOU SEXUALLY ATTRACTIVE.
... for anything important such as voting. I'm a programmer, I do that for a living I've *never* seen a software project that didn't include quick hacks, known vulnerabilities by the dev team, ,a lazy programmer and a PHB.
The fact the matter is, EVERY software project has stuff like that.
I wouldn't trust a software (much less a closed source software) written by anyone (including NASA, govs, whatever) to do anything like this. And personally, I can't believe anyone who has worked in the industry would.
And that is, regardless of the project management techniques, reviews, whatever.
IP Therefore I am.
I' waiting for this to happend, but it seems americans (USA americans, that is) don't give a damm for basic democratic principles. "The vote is secret" but a black box can record the order in which votes were cast, and *anybody* in the room knows the order in which voters came to the booth. "votes must be independently counted" black-box == !record there is no way for the representants of any party to check by hand. I was born in Costa Rica, the original banana-republic, but every costarrican child can explain to you why electronic voting in its present form is an invitation to electoral fraud. Do you trust the goverment of Florida to count the no-longer-exixting-ballots the right way?
these people think so.
...vividly encapsulates that post-Watergate/pre-punk/coked-up moment when you could trust no one, least of all yourself.
I live in Seminole County Florida and we used optically scanned paper ballots, like those answer sheets in school that required a number 2 pencil (of course for voting pens are used). They are easy to use with the names on the ballot right next to the box you fill in. The results are read instantly when inserted in the box that holds the ballots, when a recount was ordered they just ran all of the ballots through again and had the results ready in a few hours. We have had this system for years (at least 10) and have had no problems, it is an easy answer to all of the issues that we are seeing with low-tech and high-tech voting machines. It provides a physical record and does not produce hanging chads.
Onward to the Aether Sphere!
The EFF is organizing a petition to encourage IEEE to set trustworthy standards for electronic voting. Read about it and join the petition here:
http://www.eff.org/Activism/E-voting/IEEE/
"EFF supports the IEEE in taking on the issue of setting standards for electronic voting machines. We also support the idea of modernizing our election processes using digital technology, as long as we maintain, or better yet, increase the trustworthiness of the election processes along the way. But this standard does not do this, and it must be reworked."
Predictably, a bunch of /. responses focus on the fact that the source isn't available for public review as the primary problem, but that's irrelevant, and Bev Harris explained the correct solution quite clearly in the article.
Open source wouldn't be a bad thing, mind you, but why bother auditing the code? What you really want is to audit the *results*, and the easiest, best solution to that is also the simplest: Have the touch screen machines print paper ballots with a nice list of races and selected candidates. Then the voter can verify that they actually voted the way they wanted to, and the paper ballots can be counted and compared with the computerized tallies by anyone who wants to question the system.
As Harris points out, the fact that the manufacturers sem so dead-set on avoiding paper printing seems almost sinister... the solution is so obvious, and so simple that it makes you wonder what their true motivations are. They make a lot of noise about printers being too error-prone and difficult to operate, but that's just silly. Take a look at the thermal printers used by retail systems -- they work day in and day out for years with no more maintenance than replacing rolls of paper. Designing a workable printer for a voting booth wouldn't be trivial, but neither would it be an impossibility. The requirements are very simple: Be able to run for an entire day without jamming or running out of consumables, and print paper ballots that are easy to read and remain clear and legible for at least three years.
There are various minor improvements that can be made to this idea, such as a machine-readable section of the ballot to make automated verification easier, etc., but at bottom paper achieves a level of transparency and reliability that no purely automated system can ever achieve, no matter how many geeks have pored over the code.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
Instead of storing the vote electronically, have the voting machine print off your ballot once you've voted, which you would then place into the ballot box. Increased accessibility and usability, no spoiled / ambiguous ballots, and no chance for loyal party members to control the electronic voting.
___
Cogito cogito, ergo cogito sum.
Not necessarily. The idea would not be for the voter to take the receipt with him, but to put it into a locked "ballot box" where it would provide an independent audit trail. Machines would be randomly audited after each election to ensure that fraud did not take place.
I would say that the system could be made even better this way: separate out the voting and tallying machines, using the paper as a medium of transfer.
It would work like this:
(1) Voter makes choices on the voting machine.
(2) Voting machine prints out paper ballot with text and barcode representation of the votes.
(3) Voter confirms that text matches his wishes; if so he places the vote in the tallying machine which scans the bar code, puts it into a database, prints the database serial number on the ballot and deposits it into a locked box. If the ballot is unreadable,the machine spits the ballot back out and the voter can try a different machine. If for some reason the tallying machine will not accept a voter's ballot, the ballot is placed in a separte locked box for manual tallying.
(4) After the election, database records are randomly audited to compare with paper ballots; paper ballots are likewise randomly audited to ensure that the bar codes correctly. The locked "ballot boxes" should have a mechanical counter which indicates the number of times they are opened; a proper log should be kept every time of every time the ballot box was opened and why.
Such a system would have the auditability of a paper system, with an electronic system's rapid and accurate tallying and ability to handle complex balots.
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
Not the whole answer, at least.
We need to check, not only that the software has no obvious backdoors, but that
I'm not that paranoid; there are probably any number of other things that could be screwed with and still have the code pass any kind of review with flying colors.
Paper ballots are the only answer.
Welcome to the Turing Tarpit, where everything is possible but nothing interesting is easy.
Obviously these people are masters at gathering and implementing requirements from the various governmental entities that would use this.
Requirements:
1: Allow government to edit results
2: Make sure logs can be altered
3: Provide false sense of security
Invalid Checksum. Retrying.
Note however that even if we put a password on the file, it doesn't really prove much. Someone has to know the password, else how would GEMS open it. So this technically brings us back to square one: the audit log is modifiable by that person at least (read, me). Back to perception though, if you don't bring this up you might skate through Metamor.
There might be some clever crypto techniques to make it even harder to change the log (for me, they guy with the password that is). We're talking big changes here though, and at the moment largely theoretical ones. I'd doubt that any of our competitors are that clever.
I seem to recall that, back in the Dark Ages of the 70s, RACF was able to handle this kind of access control quite nicely. To say a log file can't be protected from the sysadm is either dishonest or incompetent. Either reason should be enough to disqualify a company employing someone like that in that position from anything requiring the public trust.
No, that's not a basic democratic principle. That's a current principle used to encourage everyone to vote without fear of reprisal, but it's hardly a fundamental aspect of the system.
There are at least two reasons why you want secret balloting, one of them rather subtle. The obvious one is to prevent voter intimidation; the other is to keep people from being able to bring evidence that they voted for a particular candidate outside the confines of the voting booth.
Otherwise, I can park across the street with a sign reading, "$1 Paid For Each Vote for Candidate X" and buy votes from people coming out of the polling place with proof of their vote. Some of the machines being discussed would enable corrupt voters to do exactly that.
You really don't want to have any way to associate individual voters with their votes during or after an election. I'm sure there are tons of potential exploits beyond the few that I've heard of or thought of myself. Dropping the voter-secrecy requirement would be a major step in the ongoing banana-republicization of America.
Dahlmann tightly grips the knife, which he may have no idea how to use, and steps out into the plain.
I don't have a verifiable paper trail, but I've never worried about something "hacking" a big box of gears, "bugs" in the gears, the big box of gears going on the fritz, or the gears being made to somehow fit some nefarious purpose. You can't "patch" the gears remotely.
I see no ways that this system is inferior to a touch screen system. THEY SHOULD USE WHATEVER VOTING SYSTEM WORKS THE BEST, NOT THE ONE THAT'S THE MOST "ADVANCED" AND EXPENSIVE.
Thank you.
Just as the Salon.com article was picked up here at Slashdot, Conspiracy Planet picks up articles from wherever it wants. It copied an article that was in Scoop Media. The Seattle Times reporter was somewhat misleading, and he was determined to get the word "conspiracy" into the article somehow.
I put him on notice that if he called me a conspiracy theorist, he would have to back that up with facts or I would require the editors to print a correction. Then he said "well, I'll just print what others say about you."
This guy did everything but stand on his head to slant the story, but I blocked most of the efforts. Something he fails to report in his story is that the Microsoft Access hack that is the subject of the Scoop Media article, the Ken Clark memo, and the Salon.com article (and was vetted out right here on Slashdot) -- well, I demonstrated that hack in front of the Seattle Times reporter, the IT guy for the Times, and a Seattle Times photographer, who commented, "Wow. This shows you can rig an election."
The reporter's use of the "Conspiracy Planet" reference was pretty disengenuous, when you realize that he knew damn well my work has also been covered in the Washington Post, AP Wire service, the San Francisco Chronicle, and CNN.
As you can see, I'm getting sick of the "conspiracy" label, since I've broken seven stories in a row on the voting issue and every one of them has checked out and, eventually, been picked up by the mainstream media, albeit haltingly. For a long time I just ignored it, but now, when reporters try to go there, I tell them to back it up or get hit with a correction, and if they don't correct, a libel suit.
Sad that it has to come to this -- printing facts is not the same thing as being a tinfoil hatter. What I do is scrutiny, and my facts check out.
Bev Harris
And Diebold has been sending cease-and-desist letters out to people who have covered this. This particular mistake looks like a screw-up rather than fraud, but either way I want no part of it.
Don't drop the soap, Tommy!
No, you're wrong. Greg Palast did extensive research into what happened. Don't buy the party line from Fox News, CNN, and others who completely whitewashed what happened in Florida.
Now that Diebold has a lock on voting systems, expect more fraud and even less media acknowledgement of it.
Here is what I have been doing all day:
Reporter: Why is Diebold sending cease and desists?
Me: Because they don't want anyone to see their memos
Reporter: Oh. What is in the memos?
Me: Oh, things about security flaws and using uncertified software and using cell phones to intercept and transfer votes and discussions of how to fake things...
Reporter: Wow. Where can I download these?
Me: At this web site
Reporter: Okay I'm going there now, okay, it's downloading, when I'm done will you give me a guided tour?
Me: Sure. And here is a neat little web page where you just enter any search term and it instantly searches and find you the Diebold memos that match
Reporter: What search terms should I start with?
Me: Try "boogie man" and also "hack" "cel phone" "broken" "fake" and one of my personal favorites, "What good are rules"
Reporter: I'll try that "what good are rules" one. Found it. Gosh, what is he doing? Is that legal?
Me: No.
And so it goes. Excellent plan, Diebold. Yes, shut down a web site, that'll help.
Besides reporters, the memos were downloaded today by the U.S. House of Representatives.