San Diego Diebold Poll Worker's Report Posted

James Renken writes "I was a poll worker in San Diego for this year's primary election. It was the county's first using Diebold voting machines, and as you may have heard, we ran into some problems! My full report of the goings-on can be found at Live from the Nuke Free Zone. Enjoy!"

just in case - full text

Uncle Diebold's Clubhouse

On March 2nd, I was a poll worker for this year's California primary election. More specifically, I was a Systems Inspector in San Diego county, whose problems with voting machines and procedures received some coverage in the national media.

First, a summary of my personal opinion: I think that current electronic voting systems are better than the traditional systems in terms of security, and also in terms of usability for most people. However, I share the opinion of many bloggers that major security issues remain in the new machines and implementations, and that these issues should already have been fixed.

More details below...

This was San Diego's first election using electronic voting machines - specifically, Diebold AccuVote-TSx stations. Previous elections in the county used punch cards. The county failed to make the mandated upgrade prior to the last election, and a federal court ordered that it be done for this primary.

Previously, precinct boards in the county were made up of an Inspector, an Assistant Inspector, and clerks. As of this election, a Systems Inspector and an Assistant Systems Inspector have been added at each precinct. According to the Registrar of Voters, this is because a four-hour training session would have been required in order for Inspectors to learn both the general procedures and how to operate the machines. Instead, most of the technical details are left to the Systems Inspectors.

I was contacted and assigned as a Standby Systems Inspector, meaning that if necessary, I would stand in for a missing Systems Inspector or Assistant Systems Inspector in my part of the county. The standby system is apparently not used very much; they forgot to handle some details, like sending me a copy of the poll worker's manual, or notifying me that the location for the mandatory training had changed. Fortunately, I'm fairly resourceful, and the classes were running late anyway.

In the class, we were introduced to how the system works. Along with the usual paperwork and supplies, each precinct has:

* A Precinct Control Model (PCM).
* A number of voting stations (either four, six, or eight).
* Two Voter Access Cards (VACs) per station, plus one or two extras.
* Two Supervisor Cards.

A poll worker (usually the Systems Inspector) sits in front of the PCM. One poll worker has each voter sign the roster, while another checks the voter's address on another list. That second worker points to the appropriate line on the address list, and the PCM operator sees which party to program a ballot for - with the party name never said aloud.

The PCM operator then selects the party on the PCM's touchscreen, and inserts any one of the Voter Access Cards (VACs) for programming. The VAC is then given to the voter, who inserts the VAC into any one of the stations, and is then presented with the ballot for their party. After casting their ballot, the voter's VAC is ejected, and the voter is instructed to give it back to the poll staff. The VAC itself is not a ballot at all - it just authorizes a voting station to bring one up, and tells it which party's ballot to display. After a ballot has been cast using a VAC, it must be reprogrammed on the PCM prior to being used again.

We were warned that some voters might try to cheat by claiming that they received the wrong party's ballot. We were advised that, should this happen, we should insert the card in a station to make sure that it had not been used to cast a ballot already; then, add one to the tally sheet of programmed but uncast ballots, and reprogram the VAC after checking the voter's registered party on the street address list.

That was about it. We were shown the startup and shutdown procedures for the machines, and cast a few sample ballots with them. The regular poll workers were noted on a list, and some paperwork or other was handled. I asked about getting ahold of a poll worker's manual, and was promptly given one from a large box that was sit

Re:Security by Confusion?

[orthogonal]

t seems like these Diebold systems have all sorts of features like smart cards and locks that make them look secure, but when you actually kick the tires you realize things are not as secure as they should be.

Seems like Diebold's Automatic Teller Machines (ATMs) are no more secure. Until I'd clicked that link, I'd never seen the Windows Media Player playing on an ATM.

This crap is supposed to save us from another Florida chad-count? Or have we just decided that democracy isn't really important enought to make secure?

DIEBOLD Politics

[myownkidney]

I did a search on Money in Politics Database and found 27 records of DIEBOLD employees donating to political campaigns, and 16 of which to the Bush-Cheny 04 Campaign.

Diebold ATM crash

[Rufus211]

As other people have posted here are pictures of a Diebold ATM crashed here on campus that dropped to the Windows XP display. We poked around at it for a while because the monitor was a touch screen (and a very, very crappy one that that). Interesting things:

- Windows media player was installed (as seen in the pictures)
- It's a P4 2GHz with 512mb of ram (wtf?! why on earth does it need that)
- There's a CD-RW installed
- There are two partitions and C: can't be accessed
- There's the standard crap that comes in My Documents (like the Beethoven playing)
- The printer is an Epson USB printer
- There was a device listed for ATM Driver or something, I presume what actually feeds cash.
- We never were able to get the network up, but there's an Intel network card in there.
- For some reason there are speakers so we could hear the Beethoven.
- It's running XP Embedded, didn't catch what version or what patches it had.
- There was some sort of Text-to-Speech (or maybe S-to-T) program
- As you can see Acrobat is installed
- Remote Desktop was enabled! (might have been turned on by one of us though)

That's what I remember from the 5 minutes before running to class.

Re:Recount?

[metallicagoaltender]

RTFA yourself - I live in San Diego and we didn't have any printer or any paper trail. I know the machines are capable of it, and the State of CA had mandated it by 2006, but we did not have them for this election.

Re:Recount?

[SedentaryZ]

I think you're mistaken. These machines have an enclosed printer that prints a total at the end of the day. The voter is not given a paper receipt. Diebold is in fact complaining that many legislatures are starting to amend laws calling for electronic voting to mandate a certifiable paper audit trail.

Diebold was put to the test earlier this year..

[Anubis333]

Diebolds voting technology was actually put to the test by some security experts this year who found that:

- It was an "easy matter," they reported, to reprogram the access cards used by voters and vote multiple times.

- They were able to attach a keyboard to a voting terminal and change its vote count.

- And by exploiting a software flaw and using a modem, they were able to change votes from a remote location.

"Diebold, the machines' manufacturer, rushed to issue a self-congratulatory press release with the headline "Maryland Security Study Validates Diebold Election Systems Equipment for March Primary." The study's authors were shocked to see their findings spun so positively."

comment on open source in the poll worker's manual

[laird]

A Q/A transcribed (by me) from the scanned manuals distributed to poll workers:

"what about the issue of Open Source Code?"

Diebold's ballot tabulation source code is checked extensively by an independent testing authority which tests according to voting software standards developed by the Federal Election Commission. Once this test process is successfully completed, the source code is placed in an escrow facility.

Source Code is not open to the public to protect not only the companies intellectual property, but also to prevent the possibility of tampering or other fraudulent manipulation of the tabulation program.

in Georgia, the Secretary of State challenged a citizen to try to tamper with the ballot tabulation program after this citizen made claims about the program's vulnerability. When the citizen learned the source code was not available, she abandoned the effort to tamper with the program.