Slashdot Mirror
E-voting Patches Skew Election?
Whammy666 writes "Wired magazine has an interesting story of how the much-maligned Diebold E-voting machines were allegedly secretely patched before Georgia state's 2002 gubernatorial election. The patches were never certified by independent testing authorities or cleared with Georgia election officials. The election produced an upset which ended in a major upset that defied all polls. A Diebold contractor tells a worrysome tale of how close to a third of the machines were crashing or locking up and how his tests showed the machines producing errors up to 25%. There are no paper audit trails with these systems so it's nearly impossible to check for fraud or malfunction after an actual election."
A Diebold contractor tells a worrysome tale of how close to a third of the machines were crashing or locking up and how his tests showed the machines producing errors up to 25%.
As I recall, these voting machines are running Windows. Are we surprised? Perhaps these things should be running a dedicated embedded OS, or a trusted Linux, even OS X, but not Windows. Especially with all of the security concerns.
Visit Jonesblog and say hello.
Voters are fickle. Voting machines you "own" are forever.
... it's in Wired. Not on, say, Fox News. (Although it would have been, no doubt, if it had been Democrats rather than Republicans doing all the screwy stuff.)
Even if every techie in the world knows how screwed up the voting machines are, it's not going to do any good until Joe Sixpack is hearing about it over dinner. I would be willing to bet that right now, the majority of voters don't give a damn what kind of voting machine they use, and of those who do, the majority assume that anything newer and sleeker and higher-tech is thereby more reliable. The number of people who have any understanding of the problem is growing, but it's still tiny.
What I want to know is, why aren't the politicians who have the most to lose from this issue making more noise about it? Since right now it's mostly the Republicans who seem to be benefitting, seems to me every Democratic candidate should be yelling for a major investigation right now. That's certainly what I'd expect if the situation were reversed.
The correlation between ignorance of statistics and using "correlation is not causation" as an argument is close to 1.
I don't want to say that wired.com steals other people's stories. They certainly didn't steal my story this time
But I would like to point out that i wrote a piece about this sort of stuff a while back.
Don't Crease the Weasel!
Elections in this, and many other countries, have a long history of fraud. The obtaining of power is so important to some people they will do whatever is necessary to get and maintain it. You can be certain that if there is a way to manipulate results without detection, the temptation will be too great. Countless examples riddle American election history, and yes, from both major parties.
But this is the worst of all. Closed-sourced, buggy, patched (with what? we don't know) after certification electronic voting machines represent power without accountability. Read that again: Power without accountability. That is a recipe for disaster. All you have to do is patch things your way and, voila, you get some "odd" election results that contradict all the polls, but who cares? You're in power now, baby!
This is a huge story, and I'm glad to see Wired covering it. But this belongs on the front page of every newspaper in the country, and on every evening newscast. Why don't we see it there? Ask yourself who owns these voting machine companies. Now ask yourself who owns the mainstream media companies. Connect the dots.
Let's see if I have this right.
A Republican congressman owns a company that sells voting machines
The voting machines are closed source with no audit trail
The voting machines are easily manipulated by anyone with a moderate amount of knowledge of excel
untested and uncertified patches are known to have been placed on voting machines prior to elections
Republicans continue to defy odds and win elections that polls show them losing
----
This happened in Alabama in the latest election for our governor. Initial results showed that the incumbant democrat had won the election, then a last minute change in the figures from a district with a republican in charge of election certification swung the election to the Republican. There was no recourse for the democratic incumbant.
The significant problems we face cannot be solved by the same level of thinking that created them. -Albert Einstein
...and for Joe MadDog 20/20 to sell his vote. You don't get a copy of your "mark x for Fred", punch card, or your lever machine results, why should electronic machines be any different. Paper copies leaving with the voter will only breed corruption.
09f911029d74e35bd84156c5635688c0
Harris acknowledged no proof exists that anyone rigged the election systems, but she said, "We'll never know exactly what happened in Georgia because there's no paper trail to verify the votes."
You can't beat the Canadian ballot for simplicity and effectiveness. The voter uses a pen to mark a box next to the candidate's name on a simple, clearly laid out paper card. The voter then places the card in the ballot box. It's basically idiot-proof.
The ballots are fully counted, by humans, within hours of the polls closing. No hanging chads, no electronic errors or confusion. A paper trail exists, so recounts are simple. It's been this way for decades and there have never been any real issues with the system.
What's so hard about that?
Honestly, I don't understand why a pencil and machine-readable bubble sheet are insufficient.
You tell me how "whilst" differs from "while," and I'll stop calling you a pretentious jackass.
- Audit by security researchers reveal serious vulnerabilities
- Diebold downloaded ongoing ballots (a federal crime) during California's last election (not the recall)
- The whole "Rob-Georgia" fiasco that Wired is writing about
- Diebold's executives are uniformly partisan political donors
- Diebold's CEO is "committed to helping Ohio deliver its electoral votes to the president next year".
Note that #4 and #5, while annoying, would not actually be problems except for necessary paranoia about #1-3. Voting machines need to be absolutely above reproach, since they are the ultimate instruments of modern democracy.I can see it now: Kevin Mitnick wins the first 100% evoting election by landslide of 7 billion votes.
There's a growing sense that even if The Future comes,
most of us won't be able to afford it.
-- Lemmy
10 million is not really an inconceivable number of golf pencils...
But wouldn't you rather the votes be marked in pen?
DNA just wants to be free...
One one hand: Bush enjoys an ailing economy, a trillion dollar deficit, the quagmire in Iraq, no found weapons of mass destruction, disturbing leaks about CIA spies, still haven't found Osama bin Laden, still haven't found the anthrax killer, the Taliban is regrouping in Afghanistan, and he's looking to bankrupt Social Security and Medicare.
One the other hand, the CEO of Diebold is a major Bush supporter.
Put it all together, and I smell a Bush victory in 2004!
Insert simplistic political, ideological, or personal proselytization here.
I have some Occam's Razor cuts for you:
Does it fail the laugh test if you posit the 5 Republican Supremes going against the grain of decades of their own opinions upholding states' rights, to counter a state court's election decision favoring a Republican? Yes, indeedy. Shoe on other foot leads to other decision.
Does it fail the laugh test if you posit a Democrat running the Florida election and acting as state campaign chair, and ask whether you'd be content when every single decision favored the Democrat?
Real Razor time: what's the most obvious explanation for firing an inexpensive contractor and awarding a contract for purging voter rolls of ineligibles to the HIGH bidder? And repeatedly asking that the statistical methods for validation be less sound (generating more false positives)? What's the likely explanation for a 90% error rate, and the defiance of two court orders related to restitution of voter status?
I consider what Harris and Jeb Bush did to be treason against a democratic society.
But then again you need them to make your argument.
List all the elections won where they were clearly losing in the polls. Come on, do it. Just like the bald faced lie in this Wire article you point to no major poll (by link please) the backs your claim.
I live in Georgia, Barnes was out because the teachers wanted him out. North Georgia wanted him out - as he was trying to show an unpopular road project down the necks of many people. It was going to be close, and polls showed that. Why do you think Republicans made such a big last month push here? Cleland (D. Senator) was such a flop he didn't have a chance and polls showed that).
What burned the Georgia elections were the obvious attempts by the Democrats playing race politics and such here. The good-old boy network got shown for what it was.
Alabama was close for the same reasons. People are waking up, unfortunately just as they are the Democrats and Republicans start looking too much alike.
Back the article, its all innuendo. "I can't prove it, but I can make it sound plausible thereby making someone else prove me wrong" Sorry, that kind of logic belongs on a play ground.
(fwiw, I vote Libetarian, and no, GW doesn't get my vote in 04 either)
* Winners compare their achievements to their goals, losers compare theirs to that of others.
Even my cyncial mind is having trouble grasping the immense absurdity of the problem with these machines.
;-)
No kidding...
I've worked in firmware (specifically, POS lotterty terminals not all that unlike the Diebold voting machines). And the level of trouble these things have caused simply astounds me. Really, it doesn't take that much effort to come up with a stable, secure, fully auditable terminal. These people control all aspects of the machines! Literally nothing unexpected can occur - No poorly-behaved third party software, no bizarre user requests (with only a handful of choices, linked to a big touchscreen button, what can they do wrong?), no external hacking attempts (on a private net physically separate from the internet)...
If in my former work, if we had made terminals that bad, we'd have people rioting in the streets (literally). Even the few very minor flaws that came to light received front-page headlines in their respective jurisdictions (and in one case, globally), for something FAR more minor than crashes, recording the wrong user selection, or outright invalid data (yeah, *sure* three dark-horses all won by exactly 18181 votes).
Even in worst-case scenarios, such as harware failure, opening the chassis, or a network outage, the machines should respond gracefully by offlining themselves, thus summoning a field tech. And no auditing capabilities? Gimme a frickin' break! They either lie outright (on behalf of whoever bought various elections?) on that point, or have such a broken implementation they'd rather look like idiots for omitting such a "feature" than admit how badly they screwed it up.
But then, I coded for lottery machines, a field where large sums of money change hands. These Diebold machines "only" tally votes, thus expressing the will of the people in choosing who they want to lead them (assuming "each vote counts" has ever held true). Far less important, quite obviously.
Except we can't, and that's the whole point. It casts doubt on the entire election process. More doubt is cast based on the fact that a member of Party A produced the machines and then another member of Party A won the election even though it was expected that Party B would win.
That's the entire point - we don't know. It makes absolutely no difference what "Party A" and "Party B" are - which some other posters seem to have been attacking the above premise with. All we know is that a result has been produced that does not match the expected result. Further, we know that the makers of the measuring device favored the party that the measure device ultimately declared as the winner. This is suspicious.
So could the results be correct? Of course. Could the be wrong? Well, yes. And there's no way to tell. That is what the problem is. There needs to be a way to ensure that the machines did indeed produce the proper result, and right now, there isn't. Doubt has been cast, and there really is no way to resolve that without "maybes."
Maybe the vote was measured correctly. But maybe it instead skewed the vote - and until that possiblity can be reasonably discounted, a problem exists. (Regardless of which party is doing the cheating - it's still a problem, Party A or Party B.)
You are in a maze of twisty little relative jumps, all alike.
Some have stated that Democrats would rig the voting machines, give the chance.
Others have asked for an enumeration of polls that were contradicted by election results, and of course cast doubt on the polls, themselves.
None of this matters a single bit. Three things matter:
1: The CEO of a company that makes voting machines expresses a political preference and a will to see that preference follow through elections.
2: There appears to be no public audit process for code, patches, or patch installation for those voting machines.
3: (and this is the biggie) As a result of 1 and 2, I have very little faith in any results delivered by these voting machines.
NEWS LIKE THIS ERODES MY FAITH IN ELECTIONS IN THE USA. (further)
There is no way that this is anything but bad news.
Voting machines need security and transparency that can satisfy geeks nationwide, or at least let us know where we are, for those who simply can't be satisfied.
The living have better things to do than to continue hating the dead.
That's why W is the asterisk President. He's the selected President of the United States*.
B) She was not an analyst. She worked in a non-government cover position. She didn't have diplomatic immunity or any other form of official government cover. She was also working at actually finding/stopping the spread of WMD. Now that her employment has been leaked by the administration, everybody who had extensive contacts with this agent will be suspect. These are foreign nationals who helped the US in trying to stop the spread of WMD and we've hurt every one of them. Way to go!
C) We won the war, but we're quickly losing the peace. Rebuilding the cities while various factions continue to blow them up seems oblivious to the reality of the situation. While I recognize that it does good things for Halliburton and Cheney's stock options, it really isn't the best course of action. And as long as Rumsfeld continues to believe in the operational numbers he's declared are just enough, we won't be in a position to make things better no matter how much the ground troops would like to.
If "Dull" means Serious, Worthwhile Political Discourse devoid of exploitation by a cirus of anchors, pundits, makeupartists, cameraman, reporters, lawyers, judges, etc, etc, then Im glad our elections are "dull".
Take the top 5 years of American history in which discretionary spending increased the most (as a percentage of the previous year's spending). Two of those years were during WWII. Three of them were under a GOP-dominated Congress within the last five years. So much for Republican's lowering spending!
Even supposedly "tax-and-spend" president Bill Clinton managed to only have a 3.5% increase in discretionary spending during his administration (with a 0.7% decrease in non-defense discretionary spending). Reagan was famous for increasing discretionary spending 7%, while GWB has increased discretionary spending 15.6% and has increased non-defense spending a whopping 20.8% in merely three years of office! This has led to a whopping $450 billion dollar budget deficit for this year alone.
From the fiscally-conservative Cato Institute: here and here
This is in spite of approving huge tax-cuts to the rich in spite of the fact that we already have some of the lowest taxes in the world. This has twice required massive accounting trickery and Congressional action to avoid having our nation default on its debt. Bush is driving us into the ground with his lunatic economics! All of the recovery under the Republican "Contract with America" and under the Clinton administration has been brushed aside by Bush reckless combination of tax cuts and spending increases. Remember back when Clinton said that we were looking at an end to the national debt after paying off $600 billion and with it at a mere $5.7 billion back in 2000 instead of the $6.8 trillion that it is now?
In the mean time, Howard Dean has managed to keep a balanced budget on his state for 10 years, through two recessions all while paying for the social programs that needed support. Maybe we should compare Bush's record as a governor? It's pretty obvious who's gonna be better as President if you're looking to see the deficit taken care of. Then again, if you weren't aware of Bush's spend-thrift ways to begin with, you probably won't bother to read the links and get informed.
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
Ngo Dinh Diem won Saigon with 600k votes out of a total 450k registered voters in the US sponsored Vienamese election of 1954. Of course, we don't do that sort of thing anymore... we cap voterigging at 100% now.
The ______ Agenda
With everything I've seen, I'm unable to resist coming to one of two conclusions about all this.
One - the people in charge of this are incompetent and defensive about it to the point of forcing bad solutions and defects on the system to cover their incompetence. Perhaps they figured (one way or another) that this could gain them profit, and someone with no computer knowledge whatsoever was put in charge and continues to force his ideas on the system, no matter how bad it is.
Two - it is deliberate. They are intentionally making a mess of this in some sort of calculated way to give them influence over the election results.
Which conclusion to go with? I'm not certain. The standard rule is to never attribute to malice what can be approproately explained by simple incompetence, but the level of incompetence here is so drastic that it starts to stretch belief. Essentially, there would have to be incompetence throughout the entire development team for these voting machines. I guess opressive managment can drive out all the people who know what they're doing, so perhaps that could be an explanation...
"You know your god is man-made when he hates all the same people you do."
1) Quagmire? Shouldn't we wait for a year to pass bfore we rush out to use the word Quagmire? Oh and news flash, we won the war, we're rebuilding their cities.
A.) More American soldiers have been killed since Bush announced the end of the war than during the declared war.
B.) Defense analyst in the DOD were among the first to declare the situation a "quagmire". The Bush administration admitted that they had no exit plan. It wasn't until Powel and the State department was given free reign to negotiate with the UN without interference from Rumsfeld, Cheney, or Condoleeza Rice that he was able to get the UN to commit to pulling us out of this quagmire.
C.) Bush is stating that the rebuilding of Iraq will cost the U.S. $87 billion dollars during the next fiscal year. The vast majority of this money is being earmarked to go to Halliburton and Bechtel for services supplied to the troops and in contracts for managing the reconstruction. Both companies are owned primarily by Dick Cheney and other ex-CIA staffers and operatives, such as Frank Carlucci, as well as former Reagan/ Bush the first staffers (Cheney, Carlucci, and Rumsfeld). This may not be a quagmire for those who are in the right club, but it certainly is for the rest of us who will be left holding the bill.
2) Actually lots of WMDs have been found, you just don't want to count _those_ WMDs.
You must watch a lot of Fox
3) Leak? This story is the most idiotic POS the Left has tried so far. Notice how it whimpered away? It had no legs b/c it was shit. She wasn't EVEN a SPY, she was a mid level analyst.
She was a former operative (there all "former" operatives), which is why there is an investigation. It is not against the law to reveal the identities of CIA staffers, so that would not have been much of a news story. It is likely that she was outed by one of the former CIA people in the Bush administration, as they would have been the best positioned to know such details , and by law of averages, as there ore more senior whitehouse staffers that are former CIA (both staffers and operatives) than not. As it is likely that she was in agreement with her husbands claim that there was no eviodence that Iraq had approached Nigeria (or any other African country) in order to obtain uranium, there was a revenge or punishment motive for her not being loyal to the company. It is odd that Bush was so sure that the source of the leak would never be found when he repeatedly assures the American people that we will find Osama Bin Laden and Sadamm Husein. At least we do know where the the culprit is in the case of the "leak".
Read, L
Your bank puts a lot of effort into making sure that their ATM machines don't have problems. This isn't because of government regulations, it's because they don't want to lose money! (Note that many of these ATMs are made by the same Diebold that is now making the unauditable voting machines. If your bank were in charge of voting, you can bet that Diebold would be making much better voting machines.)
Yet the government has essentially no standards for voting machines! How is it that we as a society care more about gambling and convenient access to cash than we do about voting?
The ACLU may have been right to challenge the equipment used in the recent California recall election, but their argument was completely bass-ackwards. They claimed that the four counties using punched card ballots were unfairly discriminating against minorities. Ironically, it is ONLY in those four counties that the voters (including minorities) can have even the slightest degree of certainty that their vote was in fact counted correctly as they cast it.
We need open-source designs for voting machine hardware and software. There should be at least one, and possibly several designs which are made publicly available for scrutiny, and fully public domain so that no royalties need be paid to use them. Then the counties can put out bid requests, and any manufacturer could produce them. However, the bidding requirements should include that the machine and software has to conform exactly to the published plans. Any deviations must be preapproved, and must be published and in the public domain.
Note that this means that both the software and hardware must be open-sourced.
And even then, it will still be necessary to have plenty of auditing to make sure the machines aren't tampered with. There should be internal printers for audit trails. And, like the gambling machines, it will be necessary to verify that the software integrity routinely.
The normal technique used to verify the software in electronic gambling machines has been to use ROM verifiers. The auditor actually removes the firmware chips from the machine, puts them into a verifier, and compares them against known-good images. (The software was subjected to intensive scrutiny when the machine was approved by the gaming commission, but in the case of open-source code for voting machines, it could get even more intense scrutiny.)
Newer machines, starting with the Odyssey machine from Silicon Gaming, store game code on a hard drive. The ROM code refuses to load code that isn't digitally signed. So they still use the ROM verifier, but now verifying the ROM proves that the software on disc is correct as well.
A voting machine shouldn't even need a hard drive, though. In fact, it's much better if it does not have one. Aside from the paper log, writing the data to a write-only medium would be preferred. The list of items to be voted on (candidates, ballot measures, etc.) could be supplied to the machine on a flash card, and the contents of the card could be digitally signed by the election officials.
The drives for the removable media should be in physically locked containers. Of course, the machine as a whole needs to be physically secured against tampering such that attempts to do so will be easily detected by the poll workers. Tamper detectors should also log messages to both the paper audit trail and the machine-readable log.