Slashdot Mirror
Avi Rubin's Thoughts On e-Voting
nazarijo writes "Avi Rubin, a well regarded Johns Hopkins computer science professor and leading critic of e-voting, has written an account of his experience as an election judge on super tuesday. Maryland was experimenting with e-Voting machines. Rubin puts it this way, 'this was one of the most incredible days in my life.' He wrote his experiences immediately after the day was over, capturing his perspective on the subject. A very interesting read."
He was a election judge in Baltimore County, MD. Near the end of his story, Avi writes "My biggest fear is that super Tuesday will be viewed as a big success."
And here's what the local media had to say the next day:
Elections Officials Say Electronic Voting Successful
Is this truly the only Earth I can live on?
(I'm not normally a Karma whore, but the site looks like its normally a low-usage site)
My experience as an Election Judge in Baltimore County
by Avi Rubin
It is now 10:30 pm, and I have been up since 5 a.m. this morning. Today, I served as an election judge in the primary election, and I am writing down my experience now, despite being extremely tired, as everything is fresh in my mind, and this was one of the most incredible days in my life.
I first became embroiled in the current national debate on evoting security when Dan Wallach of Rice University and I, along with Computer Scientist Yoshi Kohno and my Ph.D. student Adam Stubblefield released a report analyzing the software in Diebold's Accuvote voting machines.
Although there were four of us on the project, perhaps because I was the most senior of the group, the report became widely associate with me, and people began referring to it as the "Hopkins report" or even in some cases the "Rubin report". I became the target of much criticism from Maryland and Georgia election officials who were deeply committeed to these machines, and of course, of the vendor. The biggest criticism that I received was that I am an academic scientist and that academics do not "know siccum" about elections, as Doug Lewis from the Election Center put very eloquently.
While I dispute many of the claims that computer scientists working on e-voting security analysis are deficient in their knowledge of elections, I realized that there was only one way to stifle this criticism, and at the same time to perform a civic duty. I volunteered to become an election judge in Baltimore County. The first step was to get signed up. I filled out a form at a local grocery store and waited for a call from the Baltimore County Board of Elections. The call never came. So, I called up the board and spoke with the head of elections and found out that there was a mandatory training session a couple of days later. I got on to the list for the training, and I attended. There, I learned that my entire county would be voting with Diebold Accuvote TS machines, the very one that we had analyzed in our report. It was an eery feeling as I trained for 2 hours on every aspect of using the machine and teaching others how to use them. Afterwards, I received a certificate signed by the board of elections and became a qualified judge. I was supposed to receive a phone call within a few days assigning me to a precinct, but I did not. So, I called up the board of elections and spoke with the same woman, who assigned me to a precinct at a church in Timonium, MD, about 15 minutes from my house.
I reported to my precinct at 5:45 a.m. this morning. Introductions began, and I immediately realized that it would not be a normal day. There are two head judges, one from each party. There were also seven other judges. The head judges were Marie (R) and Jim (D). Both of them mentioned that they read about me in the paper that morning, and were pretty cold towards me. It turns out that the Baltimore Sun ran a story today about my being an election judge. In there, I'm quoted as saying that the other judges in my training were in the "grandparent category" with respect to their age. My colleagues for the day, who were in that category as well, did not appreciate the barb and were ready to spar with me.
There are three types of judges besides the head judges. There are four book judges, one from each party with A-K and one from each party with L-Z. There is one judge assigned to provisional ballots, and a couple of unit judges charged with assigning voters to particular machines. I was the L-Z democrat book judge, along with Andy, a grandfather of many, a staunch Republican, and a fellow I grew very fond of as the day went on. To my left were Anne, the Republican judge married to Andy, and Sandy. Actually, there were two Sandys. One began as a unit judge, but early on switched with the other Sandy to be the democratic book judge on A-K. Bill was the provisional judge, and he is m
The next site to slashdot will be ready soon, but subscribers can beat the rush and start slashdotting it early!
Every 15 minutes or so, the unit judge would take the cards and give them back to us book judges. When a Diebold rep showed up, I asked her about this, and she said that it was done to give the voters a sense that nothing was being kept on the smartcards about their voting session.
The Diebold rep is basically admitting that at least some of the security and privacy promises in electronic voting are based on user perception, not reality.
Trolling is a art,
This is a great article. I don't like E-voting, but not because I fear of fraud or deceit -- I don't like the majority or the form of democracy our country has taken on in the last 100 years or so.
Not wanting to troll or start an argument, I just wanted to remind people that this country was founded on a Constitution that should severely limit what the federal government can do. Some of the Constitution's protection of natural rights extends to limit the individual State powers as well.
E-Voting is just one step towards "complete" democracy, where the majority makes all the rules. This frightens me more than I can explain on paper. The majority should never have any control over the minority (even over a minority of one) property rights or natural rights. If the majority ruled, 51% of the country can take away what 49% own. This is not America. This is not freedom.
Democracy unrestrained will fold into some sort of socialism eventually, as we have seen in the past 100 years. We need to hit the brakes and return to a strong local government and a weak federal government, and we need to do it now.
I'm not so sure about this electronic voting thing. I submitted my vote for Kucinich, and the local election board moderated me "-1 Troll".
Also, if you vote for someone more than 30 times in a 24-hour period, you get a "Slow down, Cowboy" warning. Except in Chicago.
Oh yes, totally ironic. How I dread the day when CowboyNeal is illegally modded into the Oval Office.
Moron.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
As an non-American I'm baffled by the practise of having voters register which party they prefer in a government database. The basic principle of an election is the secret ballot.
Why is this done? Why isn't it widely condemmed? Why do people cooperate instead of all claiming to prefer the monster raving loony party?
The whole concept of Internet Voting frightens the hell out of me.
The Internet has been around for what - 35 years now? And we *still* haven't solved e-mail spoofing and spam. Nor have we found a way to keep 5cr1p7 k1661e5 from busting into National Freaking Defense servers. How many times have we heard about Yet Another Batch Of Stolen Credit Card Numbers?
Still, some folks think those little "speed bumps" shouldn't stop us from using the same technology to select the leader of the free world?
Someone tell me this is just a bad dream. Please.
I love technology. But not for this purpose. And certainly NOT NOW. Not yet...
The problem with socialism is that they always run out of other people's money. - Margaret Thatcher
Interesting (and worrying) article.
Here in Ireland, there is a major stink being made over the government's plans to introduce e-voting machines in the next election. They will replace *all* paper ballots everywhere in the country.
Some interesting related reading:
Experts warn about timing of e-voting
Pressure group outlines concerns about electronic voting
What worries me most about e-voting is the fact there is no paper trail. There has been talk here of altering the machines so that they also produce a printout of the vote made by an individual, but the government is resisting it citing expense.
I would rather the old reliable and transparent paper ballot system rather than the closed and opaque e-voting machines.
Patriotism - the last resort of scoundrels.
Avi Rubin was on Screensavers (TechTV) the other day showing the vulnerabilities of eVoting. He showed how back doors can be placed in the program and votes can be manipulated. Pretty eye-opening stuff.
100% Insightful
But electronic voting scares me. Voting is the only way we can directly impose our will upon the establishment. In the current system, every vote cast leaves a permanent, tangible, undisputable (unless some kind of hole punch is involved, anyway) record. Electronic voting leaves nothing that can be held or physically counted, just data on a hard-drive somewhere. Even with the most rigorous security, encryption and protocals, I'll never feel confident that the system is entirely honest and invincible.
Of course, paper ballots can be 'lost' or 'miscounted'. But the altering of an electronic election result could potentially leave no evidence: the only things that will been destroyed or altered never existed in the first place.
Unfortunately, it takes a technically-astute person to identify a potential security flaw like this. It also takes a technically-astute person to implement the flaw. To the average person, the whole situation seems alarmist. It's in the same category as astroids striking the earth: Sure, it could happen, but....
Only after a failure of the e-voting system, a failure that's obvious enough for the average person to understand, will the public demand either better controls or removal of the system.
what?
First, it's not about internet voting.
Second, what I don't get, is why can't we use electronics to print out a "ballot" with our selections done in the comfort of home, and just take this "ballot" to a polling place? The ballot would, of course, be something similar to a scantron or other paper form, but would also have human readable form of the contained data. Perhaps bar codes or their successors would suffice?
Such a system allows for a paper trail, quick and supposedly accurrate tally of votes, removes the painful sections of voting, by having people be able to make their selections at home, print the page, and verify their selections (or copy it to a floppy, or perhaps a CD) and such medium (paper, floppy, CD, soemthing else) could be taken to a polling place, quickly read, and the voter could verify their selections very quickly. Much easier than punch cards or voting machine du jour
Yes, those that do not have computers would still have to go through the current onus of voting, but, the lines should be shorter, as many do have computers at home or work.
The cesspool just got a check and balance.
I live in a country where phony elections were common in the last 70 years. Paperless elections are much safer than paper. why? ballots are lost before elections, voting booths get stolen after election day, if they coudn't steal them they use the g'old tactic called the "green vote".
When ballots are cast in remote locations it's difficult to get the results fast, the votes need to arrive to the accounting facilities where the totals are certified and sent to the central accounting facilities.
When they use the "green vote" (because it originates in rural areas) they take advantage of that delay and claim fake results with the stolen votes and booths. If recounting is needed because of a dispute, accounting facilities and storage can be hijacked or burnt to ground (it's happened a few times).
At least with paperless voting you need something more sofisticated and educated that a horde of gorillas that can barely read and write their names
You can't view this article as anything. The headline says it all, "Officials Say evoting a Success". If something does go wrong, those same journalists will gleefully use the quotes from those officials to tear strips from the dumb bastards.
I actually voted in Georgia, and I have to say that, by and large, the judges there were not as well trained as the ones described by Rubin. Regardless, I think this is a threat that will peak over time, and not in the next few elections. Once the procedures get established, and people get sloppy, I think we'll see some instances of fraud.
I have to say one thing though, it actually made voting feel kind of cloak and dagger. I've never spent so much time looking at a voting machine before.
ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
Kucinich got one vote all day. That ballot somehow failed to get into the sealed envelope I returned to the party that night. All in all, 3 points:
If electronic voting is unavoidable, much like Windows it's "easy to use", why not offer a few alternatives.
Open sourcing is always fun, why not a simpler machine based off standard PC hardware. An open source secured program running off of a LiveCD (to prevent permanent modification. If the CD's secure when it goes it, you can't make permanent changes at the station.)
Each vote is electronically signed, so if you want to add in a fake vote, you'd need to create the equivalent of a public key whose matching private equivalent just happens to have been generated, something fairly unlikely.
NO Networking. Besides everyone getting a hard-copy receipt (or digital copy if they feel like it, as long as it's a receipt, I don't feel what form is too much of an issue), all the data is carried by hand, and once more encrypted after voting so that it can only be decrypted at wherever they feel the votes need to be tallied securely. I mean, obviously decryption can be broken, but generally not too quickly if it's good, and unreasonable delays in the delivery of the votes would be a fairly quick sign something was amiss.
I mean, obviously there's no such thing as 100% secure electronic voting, but peer review as well as an electronic at-machine form of voter verification that requires the machine to authenticate a unique per-voter id just seems like common sense.
I'm going to guess that
But by then you'll probably have ended up joining the Army for lack of better prospects in Bush's economy, so that you can lay down your life ostensibly to protect democracy in Iraq, and surely to protect Halliburton's contracts there.
While I'm sure that somewhere Mr. Jefferson is cringing at your example, please don't feel too bad: Fascists everywhere rely on people just like you; without you they'd never get beyond the Bier-Hall Putsch.
Opinions on the Twiddler2 hand-held keyboard?
After hearing about the security issues with the Diebold machines, I had some doubts. I'm no technophobe, but placing the future of our democracy so completely into the hands of a company which has been less than responsive to public critique is something I find rather frightening.
Turns out they didn't check for ID either. I hope I feel safer in November.
eVoting on machines that do not produce auditable paper trails are disasters waiting to happen. As in many other intrinsically dangerous situations, years may, and probably will go by with no apparent problems.
Our lives are full of protections that are seemingly "no needed." How often does an elevator cable actually break, for example? Does that mean we don't need overspeed brakes on elevators?
Or inspectors to see whether the brakes are there and working?
One little-noted contribution by Edward Teller was his almost single-handed insistence that civilian nuclear power plants be enclosed in containment buildings. This is particularly interesting because he was, of course, a strong advocate of nuclear power. And, of course, nuclear reactors are supposed to be safe in the first place, so why go to the huge expense of a containment building that isn't supposed to be needed? Then a Three Mile Island comes along, and we find out why.
Black-box voting is a disaster waiting to happen. The disaster probably won't happen tomorrow, or this year. And when it does happen, it probably won't happen in a district with plenty of careful, well-trained, honest conscientious poll workers.
"How to Do Nothing," kids activities, back in print!
OK,so I'm not American, but that guy is one hell of a great patriot. Amazing how many people hate the guy when he's out to defend America's #1 institution. Oh wait... democracy was replaced by "don't bug me about my quasi-legal business practices" a few years back. Right.
How timely. I recently wrote an essay (read: rant) on why E-Voting is inevitable, and why we should all just suck it up and work to make the system better, instead of fighting it and trying to preserve an antiquated and inadequate pen-and-paper system.
There should be no question in anyone's mind that electronic voting
is the future. It is impossible to argue that moving to an electronic
system is not inevitable, any more than it is possible to argue in
favour of abandoning cell phones and reverting to tin cans and string,
or abandoning email in favour of carrier pigeons.
The benefits of electronic voting are obvious and numerous: real-time
tallying, greater security (a staffer couriering a box of ballots could
theoretically manipulate them, but a staffer transmitting an encrypted
database is powerless to alter it), elimination of ambiguous selections
(eg., "Hanging/Pregnant Chads"), less time required per voter, fewer
staff required to manage an election, and less paper waste.
No system is without its drawbacks, however, and e-voting's drawbacks
are subtle and insidious. The most obvious weakness of an e-voting
system regards securing the system against manipulation. Elections
hold an enormous amount at stake - indeed, entire political careers -
and thus the temptation for covert meddling is inevitable. The
people designing and implementing the system could be bribed into
embedding backdoors into the software.
A less obvious drawback of e-voting is that it puts at risk one of
the fundamental pillars of a democracy - anonymous voting. In order
to prevent ineligible people from voting, or eligible people from
voting multiple times, their identity would have to be verified
prior to voting. However, in order to support re-counts, the
actual votes themselves would have to be somehow tied to the people
that cast them (otherwise, the tally would simply be an integer that
increments whenever someone votes for them). If the voters weren't
completely confident that their vote was guaranteed to be kept
secret, the entire democracy could be undermined. With a corrupt
incumbant, people could be intimidated into voting for them, out
of fear that the government might quietly (or worse - aggressively)
discriminate against anyone who voted for their opponent.
These problems, and the others related to e-voting are not
insurmountable. The software used to run the system should be
completely public. This would prevent backdoors from being
inserted into the system by allowing anyone with enough
computer-savvy to personally inspect the code controlling the
system. In fact, virtually all software written by the government
should be made freely available anyway, since it is OUR tax
dollars that funded its creation.
The voter anonymity could be guaranteed by assigning eligible voters
a security public/private key pair, with the mappings held in escrow
by a special elections comission. The database would only be
accessible to a non-partisan staff of top-secret-cleared employees,
and would be destroyed after the election results were certified.
The complete widespread adoption of electronic voting is inevitable.
It is not a question of "if," but rather "when." Some jurisdictions
are already experimenting with some systems, with less than
encouraging results. One of their principal mistakes is that they
have contracted out the software for the systems, and the source
code is not being made available for public inspection. Consequently,
there are pockets of the electorate who don't trust the systems,
and indeed, the systems have already exhibited troubling symptoms
of bugs that may have been detected and corrected if the software
had been opened up prior to being deployed.
Like woodworking? Build your own picture frames.
If you think that careers are the most enormous stakes in an election, you're a little too close to the process for your own good. b-)
kind regards,
Jess
I am programmed for etiquette, not destruction!
While I did not serve in an election judge capacity, I am a Maryland voter and used the Diebold machines yesterday. I was impressed with the professionalism of the election judges and believe that Prof. Rubin is correct that competent, honest, committed election officials provide a vital line of security in what is by its nature (whether paper or electronic) an imperfect process. Today there have been stories of some isolated problems with voting machines, but certainly no widespread failures or security breaches.
When Prof. Rubin notes his mistake in coding the smart card, he provides an interesting illustration. When I reported to my polling place and signed in, I was issued a smart card. When I placed in the machine, an election judge stood nearby reviewing the "orange card" that listed my party affiliation, etc. He specifically asked "does the first screen list your party as XXXXXX?" It didn't - my smart card was improperly coded by the election judge. The judges immediately had me stop so no votes were entered, recoded the card, and ushered me back to the machine to complete my ballot.
I share the concern about the security of the transmission from the Zero machine to the Bd. of Elections and hope Diebold already has implemented some encryption. But since the machines aren't actively networked during the day, and based on what I saw at my polling place, I'm relatively unconcerned about the security risks.
In the traditional paper system, which was in place for a very, very long time, we never managed to work out the problems of lost ballots, unreadable ballots, etc. Remember - in Florida in 2000, every recount seemed to produce a new "total" number of ballots cast. While there are legitimate security concerns that should be addressed, I can't believe that the system is any worse or less reliable than before.
My hat's off to the Maryland Board of Elections and all of the volunteers that made this work. A committed, honest and professional job was done by everyone I saw and I'm proud of them and grateful for their efforts.
Large numbers of ballots and ballot boxes going missing would throw serious red flags- the local news would catch serious shenanigans. Ditto burning down warehouses. (And e-voting doesn't solve these problems either: simply disappear the smart cards or machines.)
We already have very fast reporting, so the "Green" vote problem won't crop up either.
Where the US has been vulnerable in the past is voter rolls (Just how many dead people voted for Kennedy in Chicago?) and direct manipulation of voters (How many minority voters were "discouraged" in Florida last election?) E-voting doesn't solve these problems either.
"Seven Deadly Sins? I thought it was a to-do list!"
I just sent an e-mail to my representative specifically requesting that he push legislation to either remove e-voting or demand a verifiable paper trail and auditable code on voting machines.
The text I sent:
In light of the recent heavy usage of electronic voting machines during the primaries, including many inconveniences, I decided to look into the matter more carefully. Due to many major security flaws in e-voting systems and many straight-forward openings for abuse, I am greatly worried about the current state of e-voting.
It is my hope that a law could be passed which would require the following of e-voting systems:
1) Code review by the NSA (or other governmental agency) to ensure that no backdoors have been added to the programs.
2) Paper trails of all votes cast, so that the ability of computers to change massive amounts of data swiftly could never be applied to the votes which are essential to our democratic system. (These need not be the primary counting method, but should be there as a safeguard in case of fraud)
3) Voter verifiable ballots. Currently, there is no proof for the voter as to how their vote was counted. If the votes were printed (see 2) and then given to the voter to place into a separate ballot box, the voter could easily look at the ballow to determine that the machine actually printed their vote correctly.
None of these requests are especially difficult to have carried out, none of these requests are unreasonable, and all of the requests are essential to the maitenance of our fair and reliable democracy.
It's not much, but it would be if everyone on Slashdot did it.
Hmmm....Slashdotting congress....that would be fun.
I live in a country where phony elections were common in the last 70 years.
Chicago isn't a country.
Amusingly, as a physician, the rules for how I can transmit simple data require both a stricter level of paper-trail (I have to document in the medical record the consent of the patient to release records and where I sent them) and a stronger encryption (sending medical information via unsecured Fax or modem is against HIPPA rules) than people tolerate on their votes.
Toronto used them in the last several local elections, and I was a scrutineer (election judge) on the first.
The ballots are a large card, with a table of jobs and cantidates printed on them. The voter colors in the sharft of a broad arrow betwen cantidate and the position.
The cards are carrid in a folder to the recorder, who puts them face-down in the reader, which reads and totals them, and feeds them face-down into a box. The box is kept, for manual and electronic recounts.
At the end of the day, a printout is made for each scrutineer, another for the records and then the results are sent by cell phone to the master polling station.
By the time I got back to the cantidate's office, the results were on TV, by polling station, and they matched my printout.
--dave
davecb@spamcop.net
I'm not sure Prof. Rubin's right about the smart cards not being a big vulnerability. If someone manufactures altered cards it's easy to come in with one in your pocket, get a legit card, use the altered card to vote and return the legit card. You couldn't stuff the ballot box this way, but you could vote a different ballot than the one you were assigned. This would get caught when checking the voting machine's tally of ballot types against the number of each type issued, but there'd still be no way of correcting the results.
The zero machine is the big problem. I think it's why Diebold makes such a big deal out of the security of the actual voting process: the zero machine makes the security of the voting itself irrelevant. That one machine tallies all votes, and it gets access to all of the PCMCIA cards that hold the tallies from the other machines. It's in a position to simply discard all the actual results and replace them with whatever it wants, and once it has there's no way to tell it's happened. I can think of several easy ways to keep that code undetected, too. Unverified code loaded at the last minute (after all the testing had been done) to fix a convenient bug, for example. Just disallowing updates won't stop me, though. Prof. Rubin mentioned using PIN 1111 during training but a different PIN when setting the machines up for an election. So, I put the result-replacement code into the zero machine before it's delivered to the state, but put in a check: if the PIN is 1111 then disable the replacement code, otherwise enable it. During training, during test elections, during everything that uses that special PIN 1111 the machine will behave exactly as if no malicious code was present. Set it up for a real election using a real PIN other than 1111, and suddenly code that's never been active before is active and waiting to force the results. Note that it doesn't have to be Diebold loading the code, anyone who can get enough access to the zero machine to load a program update into it could do this. Given Diebold's track record for doing on-the-sly updates to the code, I think there's a non-negligible chance of someone being able to slip their code into an update and have it go through even if we assume Diebold themselves wouldn't (and I'm far from willing to assume that).
The big danger in my opinion isn't so much that this is possible, but that it's possible without leaving any evidence it's happened. The one thing paper ballots do well is give us an audit trail from the actual cast ballots all the way through the final results. The results can be altered, but it's very difficult to alter them while keeping the audit trail intact and consistent. It's not the electronic voting machines that are the major problem, it's the lack of a verifiable audit trail. With paper ballots you don't need to trust the counting process to verify whether the final results are correct. With the current electronic machines this isn't the case.
First, I'm impressed by Avi's candor. His admissions of his own error, his discussion of mitigation of some risks, and so on point to someone, I feel, who is trying their utmost to be forthright and thorough. By the same token, clearly these doing really lessen the great danger of an e-voting machine. We need to stop for a moment and consider the sinister possibilities. When, say, Microsoft buys Diebold, purportedly for technology or such, who's to say they're not buying themselves a congress that will outlaw open source? That's only the most mild of such scenarios.
Second, I wonder if there's a sacraficial lamb out there who'd be willing to hack a Diebold box. If someone could successfully seriously skew the outcome such that people went, "Wait, that's *really* the result?" and then claim credit, that might be the death blow to unaudited evoting.
Third, I'd like to simply point out an analogy that's appropriate when consider that e-voting on super tuesday was "successful". Windows works pretty well when you sit down and use it, most of the time. That doesn't mean it's secure - witness the rash of viruses as of late - and it doesn't mean it isn't *disastrous* when that insecurity is exploited.
Thanks for doing what you can to keep the spotlight on this issue, Avi - America needs you.
If you are worried about the insecurity of e-voting, and you are wondering what to do, join EFF. They are working hard to educate the public and our politicians on this subject.
Test 1 2 3 4
*******
I wanted to share my voting experience with you in order to assist you in providing even better service for the voters.
This morning I voted using the new Diebold voting machines. I had several unnerving experiences.
First of all, as I touched the NEXT buttons the screens didn't seem to want to move to the next screen. It took several tries to get the screen to go to the next section. However, the more disturbing issue was when I voted NO on prop 56 the vote registered as YES. I kept trying to touch the NO vote and it wouldn't change my selection back to NO. I had to call over a poll volenteer who helped me cancel my ballot, reset my voter card and try again on a different machine.
On this new machine I was able to vote although it also seemed to have difficulty with the NEXT button. I then validated that my votes were registered correctly and tried to confirm my ballot. The confirm ballot button would not register my touches. I could hear a double chirp sound when I touched the confirm ballot button but it would not actually confirm. I had to call over the polling worker for a 2nd time. When she touched the screen it did confirm my vote.
I must say that during all of this I ended up asking if I could have a paper ballot. When the machine voted YES after I touched NO I no longer felt confident that my vote was being registered correctly. Proposition 56 in particular is vastly important as a YES vote would allow our government to raise our taxes with only a simple majority instead of a 2/3 vote. To have the machine accidentally change my vote from NO to YES is really disturbing. I'm glad I noticed it before I confirmed my incorrect vote.
Thank you for looking into these issues. My polling place was [deleted for my privacy]
******
The response from the California Registrar of voters was this:
Please contact San Deigo County.
That was it. Why would the California Registrar of Voters send me to my County government? Arn't they responsible for the voting machines? Overall I didn't walk away with a good feeling that my votes would be accuratly counted. I'm sure it all worked out, but had I not been paying attention I would have missed that my NO vote became a YES vote.
We had another issue with the GUI. With a paper ballot the layout of the sample ballot you get in the mail exactly matches the layout of the punch card ballot. With the voting machines the layout of the screens did not match the layout of the sample ballot. You had to be very careful that the proposition you were looking at in your sample ballot was the one you thought you were voting for with the voting machine.
The last issue we had in San Diego county was that there were several polling places that were unable to accept votes because when the voting machines were turned on they showed a Windows ME startup screen and nothing else. The polling volenteers decided (and properly I think) that rather than them trying to start the proper program they would redirect people to other polling sites that had working machines. Several people were unable to get to this last minute alternate site and were unable to vote.
So that's what happened in San Diego yesterday. I expect it was fairly typical of the experience across the country.
"I believe that if any voter somehow managed to vote multiple times, that it would be detected within an hour. I have no idea what we would do in that situation. In fact, I think we'd have a serious problem on our hands, but at least we would know it."
Right. If I shot you through both your femoral arteries, you'd know within a second that you were bleeding to death. There's nothing you could do about it, but at least you'd know.
In a close election, all you'd have to do is identify those precincts where your opponent had a strong lead. Find a way to screw up the vote on the Diebold machines. Demand that those votes be thrown out. Demand a recount. Sue all the way to SCOTUS if those votes are included. Lather, Rinse, Repeat. Watch the republic turn into an empire.
In the report, Rubin mentions his real fear: the predesignated zero machine.
I *have* downloaded the code from NZ, a year ago, and skimmed through it. I posted this then, and I'll reiterate: within two hours, I found a function, commented, that *appeared* to be going into the *production* code, not just test, that *says* its purpose is to "install total files" from another system.
This is a far simpler, and more dangerous attack, than fake smartcards.
mark "yes, I can find the function again,
on request"