Slashdot Mirror
Diebold Audit Released, BlackBoxVoting.Org Shut Down
Chris Soghoian writes "The State of Maryland requested an audit of the Diebold electronic voting system by SAIC, after a report released by Johns Hopkins University and Rice Researchers (disclaimer: I'm one of Dr Rubin's students) noted several security issues. A condensed, from 200 to 40 pages, and censored version of the report has been released online (PDF link). The report notes that 'SAIC has identified several high-risk vulnerabilities that, if exploited, could have significant impact upon the AccuVote-TS voting system operation.'" However, Diebold says Maryland are moving forward with installation with "new security features" included, and elsewhere, Badgerman points out "Diebold has shut down blackboxvoting.org, apparently with copyright claims made to their ISP. But you can still go to the blackboxvoting.com site."
The Supreme Court is always most willing to hear cases when they involve political speech and voting, and this involves both.
This totally need to be crammed down every voting American's throat. Lather, rinse, repeat.
I think most here would agree that electronic voting systems are a waste of time without a physical audit trail, but as far as the public's concerned, hi-tech is better...as long as I have a nice GUI where I can go File>Vote>Undo I'll be happy to click and then shuffle out of the voting booth with a confident but bewildered smile on my face.
She's done a fair amount of research on electronic voting systems.
I bootleg Fizzy Lifting Drinks.
Yes, but with a conservative majority that has already shown it is willing to disenfranchise thousands of voters in a presidential election, I doubt the Supreme Court would be very kind to blackboxvoting.org, especially considering linking to Diebold's voting system source code with respect to the DMCA.
First they ignore you, then they laugh at you, then they fight you, then you win. -- Gandhi
The meme for the 21st Century seems to be "if your product is faulty, abuse IP laws to squash anyone who mentions it", rather than, say, fixing the damn problem.
Sheesh, evil *and* a jerk. -- Jade
> if implemented properly, could revolutionise governance in general - pity it's being so badly implemented thus far.
I think "revolutionise governance" is exactly the problem most of us are worried about.
Sheesh, evil *and* a jerk. -- Jade
I wonder how many precincts in CA plan to use the Diebold system, with its well-known cracks, in the upcoming Gubernatorial Recall election.
With a broad field of candidates splitting the vote, and the field-leader taking the race, small margins could easily swing the election - which means a small number of compromised precincts could swing the election.
And with no human-readable audit trail, if you thought the stink over the Florida Presidential results was bad you ain't seen NOTHING yet.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Just read this quote from a Diebold press release that is being refuted on blackboxvoiting.com:
"The thorough system assessment conducted by SAIC verifies that the Diebold voting station provides an unprecedented level of election security." (emphasis mine)
Unfortuantely, in this case, blackboxvoting is quite wrong, and Diebold press release is entirely correct. You see, the word "unprecedented" doesn't necessarily mean "good". It means "without precedent". The level of security offered by these voting machines is most certainly "without precedent".
What has *science* done?!? -- Dr. Weird (ATHF)
OK Dieboldt, do you really think that suing computer scientists will give you any good PR?
Look, your voting software has more holes than swiss cheese. We are willing to help you, but there are some requirements you must follow.
1) your voting machines must have a printer attached
2) the votes must be counted electronically, optically, and by humans
3) if the printout doesnt match whats on screen, then remove the machine.
4) the paper ballot is the final record.
Look let the computer science community improve your software. We all want the election to go through in an error-free way. No one wants a florida to happen again.
But, if you fight this tooth and nail, you will have no fiercer enemy. Ignore the Slashdot nation at your own peril
...we're screwed. I mean all kinds of screwed.
Not just "they messed up my vote" screwed, but entire-election-results-legitimately-contested screwed.
The problem is that they're raising the margin of error by an unknowable amount. No matter which party wins in the 2004 Presidential election, the loser will easily be able to argue that the voting system was highly flawed and vulnerable to foul play. It will be a replay of 2000, except worse.
Using a system that's known to be insecure for national elections... it's just a guaranteed disaster. We'll have another election settled in court, and the populace of the U.S. will become even more polarized.
yeah, c'mon its just the democracy of the world's largest military power were talking about here...we don't really need to choose our leaders if it means a few programmers can get beer money.
With all the lobbying and PR that goes on its obvious there is an attempt to mislead people about the security of their system. It seems Dibold is mode concerned with the with the perception of security than they are in actual security. That indicates that they lack any understanding of the importantce of the task these machines will perform
For the elections to be so obviously and openly rigged is to make sure that there is no dissenting opinion available. The Communists and Facists regularly skewed and falsified election results to prevent anyone from actually challenging their methods and agendas. Which, I might remind you all, was mass murder, wholesale pilliaging of national treasuries and imprisonment of dissedents. Fact is, Americans already have accepted the Fascist philosophy now being touted as "patriotism". Call me a nut, but thats what we are looking at. If Bush wins, I will consider this to be the end of the United States, and I will make serious efforts to leave the country. It would no longer be worth my time, effort or loyalty if the Fascists win another election.
And these men ARE fascists people, in every sense of the word. You think there would be any "open source" after that? This administration has already made little noises about Linux and BSD being "hackers" operating systems, there have been several years worth of propaganda about "freeware" being something only criminals use to steal and sabotage. You can damn well bet that it would be outlawed, or at least, brought under private control of some sort where it would be rigidly controlled.
Can you say heil SCO? Whether or not they actually have a claim, which they don't, it would only take a few lines of obscure law written into some other peice of legislation to change all that. It would be nothing for the fascists to declare something to be criminal or subversive and use that as an excuse for a major crackdown on the information industry.
But nobody really cares, as long as they can have their Hummers and Porches and Rolex watches.
Stupid Humans.....
That's what the lack of a human-readable audit trail avoids: those pesky "ballots" that people might want to recheck for accuracy. The Diebold systems might not be any better than hanging chads, but you can be sure they'll seem better because there won't be any way to remeasure the results and get a different number.
The postal service has to deal with incomprehensible writing thousands of times every day and seems to do a pretty good job of it. With a little practice, unless you're perhaps a doctor in a hurry, it's not an issue. This is because we have good pattern recognition algorithms in our brains and can usually decipher poor handwriting to get the point. More so if we have lots of experience doing it.
Florida proved to us that we have a severe shortage of people who know how to count.
I don't need no instructions to know how to rock!!!!
Feh. And other words of disgust. One of the main purposes of the constitution, and the bill of rights, is to avoid the problem of "tyrany of the majority", while simultaniously allowing free and democratic government.
Certainly a free for all democracy, without any sort of "No, you can't use the government to do this" would cause problems. Democracy, in and of itself, is not sufficient. But we have more than just a democracy, and so does every other first world nation. By explicitly limiting the government's power, and by making those limits quite difficult to change, things work quite well.
What we need is more accountability, less secrecy, and greater transparency. A government of a few tyranical types tends to have a half-life of around 30 to 40 years, and when they collapse (and they always do) its not pretty. Look at the Soviet Union for an example of this.
"Mission Accomplished" -- George W. Bush May 1, 2003
Well, something needs to swing one way or the other. In this day, you can only choose between two people, thus you don't have a whole lot of choice when it comes to stances. And it's pretty ludicrous to argue that representatives are generally responsible for their actions or to their constituents.
Maybe I'm just too cynical.
I'd personally like to log onto a secure website (I mean NSA type secure), select the issues I'm interested in (business, privacy, computers/internet, etc), and by default have a list of 5 "daily votes" related to my selected topics come up for me to vote on. Let everyone have the same. This removes a boatload of bureaucracy, makes government abide by the people, etc.
Then, IMO, it'd be a good idea to have government funded public debates in every community that anyone can attend. I akin it to Slashdot: a community debate is going to have lots of absolute retards, but I'll hear at least a few ideas and points of view that I hadn't considered for any given issue. On top of that, I'll hear from a number of folks who know more about an issue than I do. Most disagreements in my experience aren't based on judgement, but on information and communication. An open community debate would seem to be a better solution to this problem.
[end ramble]
~Dalcius
Rome wasn't burnt in a day.
The problem with this line of argument is that with machine count it becomes a matter of bribing one person: the one in charge of the machine...
This is why transparency is important. It really doesn't matter whether the ballots are counted by people, machines, or trained chimps, as long as the process can be viewed, verified, and checked by any concerned party (including individual voters) it will work quite well. When only a select few are allowed to see, verify, etc, the process than those select few can, and will, be corrupted.
An open source system, which produces paper receipts, looks like the only real option.
"Mission Accomplished" -- George W. Bush May 1, 2003
Electronic voting machines, without paper audit trails and control of exit polls would go a long way in letting those in power control close elections. The only check against widespread election rigging is that races where independent polls show a clear winner can't be rigged without danger of exposing the conspiracy. It just happens a lot of races in recent elections are very close, for some reason, and rigging a few has been enough to tip the balance of power in the Senate and presidential races in particular.
Its just conjecture but its quite possible that the Republican administration, with their heads bent by 9/11, are acting in concert with elements in intelligence or defence to keep the Democrats out of power in Congress because the Democrats are perceived as too weak to defend America from its enemies which are now behind every bush. They might well have rationalized to themselves that it was OK to destroy the most fundemental underpinning of freedom in America in order to defend America.
During these tumultuous times its quite possible the Bush administartion and its allies have decided to do whatever it takes to maintain control of the Presidency and Congress, which will eventually lead to control of the judiciary. We could well be witnessing the end of the last pretense of Democracy in America. If the Reuplicans maintain control of the congress and the presidency in 2004, you may as well stop wasting your time voting after that.
It also quite suspicious Democratic senatorial candidates keep dying in plane crashes. Mel Carnahan in 2000 and Paul Goldstone in 2002 whose seat was subsequently won by a Republican tipping in the balance of power in the Senate.
Just look at the string of disturbing visible Republican power plays, the Clinton impeachment, the Florida debacle, redistricting in Texas and Colorado, the California recall and the possibility the California energy crisis was rigged by Enron and its allies in the White house to create turmoil in one of the last remaining Democratic strongholds. You can easily envision the possibility the Republicans are engaged in a no holds barred campaign to seize and hold power.
@de_machina
Well, yes and no. Hitler was voted dictator in a democratic election where armed thugs kept things going smoothly for him. Same as Mussolini was. It's one of the halmarks of facism: elecitons that are controled by threat of violence.
So, I'll have to disagree with your conclusion that too much democracy was what allowed Hitler to become a power.
"Mission Accomplished" -- George W. Bush May 1, 2003
The reports deal strictly with the flaws in the current electronic voting system. I know for a fact that there is no operating system that cannot be hacked in one way or another. With that in mind, one needs to remember that there are external systems that can help secure. Examples of these are using firewalls and access lists on standard computer networks. There are several things that need to be taken into account when it comes to security. 1. Security at the user interface. (sitting at the machine) 2. Ability to access the machine remotely. 3. Transmission medium. 4. Level of encryption used. Security at the user interface should be a relative easy fix. Ability to access the machines remotely can also be fixed easily. All it takes is using a dedicated fiber backbone, or using encrypted channels. Transmission medium must be considered in conjuntion with the second and fourth point of consideration. The last is where my personal expierence comes into play. I know of no cellular phones that use 128bit encryption. I also know that it takes a long time for a very strong computer (read a beowulf cluster) to crack a good encryption algorithim. Using something like double encryption with different size keys goes a long way. Pair that with using multiplexed signals and you have gone further. You can label me a troll all you wish. Hell I don't care. I do know that I can use proper security measures and secure any os from the outside. I could even do this over wifi (wouldnt want to do to bandwidth considerations though). I agree that a paper print out would be a good additional step, but you can rest assured that if someone really wants to protect this data, it can and will be no matter what the limitations of the actual voting machines limitations are. Dont believe me, email me. Alan.Dike@us.army.mil
Stop signs are only Suggestions
It would be more funny if it wasn't so horribly close to being reality.
"in August, the Cleveland Plain Dealer reported that Walden O'Dell, the CEO of Diebold, is a major fundraiser for President Bush. In a letter to fellow Republicans, O'Dell said that he was "COMMITTED TO HELPING OHIO DELIVER ITS ELECTORAL VOTES TO THE PRESIDENT NEXT YEAR."
The internal memos from Diebold (they get referred to from Salon) show a shockingly cavalier chief engineer 'managing' the security concerns of various clients, steadily resisting the idea of even password protecting the .mdb file (.mdb file!?!) so that just anyone couldn't overwrite audit logs. Nothing overtly political in those memos, though, thank God.
Still -- how does it affect the credibility of any (new, or old) voting system for the people overseeing it to be acknowledged partisans? Imagine a Florida 2000 in which there were no physical records, and in which the systems that counted votes were frighteningly insecure and had been programmed by a company headed by a partisan figure. We already had more than enough partisan elements there -- the brother who happens to be governor, the Supreme Court justice who has a wife on Bush's transition team, the different standards for counting absentee ballots in different counties, and so on.
The thing about those memos is, they really show the states to be one more relatively uninformed client of an IT company. They'll buy the FUD of the Diebold person as long as he sounds assured enough, you know? Even when it comes to something as obvious as "I double-clicked the file of votes and it opened with no password, is that bad?" Which is all the more reason to be sure you're dealing with someone who has no conflict of interest, right?
"Fundamentalism" isn't about divine morality. It's about human authority.
If that's true, he needs to be killed. I'm dead serious. We've tried to fight this crap with free speech and they abuse copyright law to shut us down. We try to fight it by going to the press, and the press ignores it. We try to fight it in the courts, only to find the courts as corrupt as the players. No, my fellow Americans, the ONLY way to fight this fight is to kill. Kill this person, and those of his ilk. Strike them down, that they may not mistake their result from it's cause. Kill this man, so his peers will know that in America you may be able to buy the government, but you can not fool the people. We won't have it. We'll kill your sorry ass. The only way corporations will care, is if the people running the corporations fear for their lives. It's too safe to hide behind a corporation. IF you get caught, the corporation gets busted, while you pocket all the money. Look at enron, look at all those companies. The only way to change this is to kill the people running these companies. Only a personal attack on the people making these decisions will work. It's time to kill the wizards behind the curtains. Before you think I'm too extreme, answer this - where is J Clifford Baxter, Where is Charles Dana Rice, Where is James Daniel Watkins, where is Jake Horton. http://www.bk2k.com/bushbodycount/enron/bodies.sht ml
It's time. It's almost too late. the PEOPLE need to rise up.