Slashdot Mirror
Diebold Sued (Again) Over Shoddy Voting Machines
icypyr0 writes "Computer programmer Jim March and activist Bev Harris have filed suit in California state court against Diebold under a whistle-blowing statue. This is another in a series of blows dealt to the ailing company.
March and Harris allege that Diebold 'used uncertified hardware and software, and modems that may have allowed election results to be published online before polls closed.' They are seeking full reimbursement for all of the voting machines purchased in California. March and Harris could collect up to 30% of the reimbursement, under the whistle-blower statute.
In an interesting turn, the two are requesting that the state of California join the lawsuit. State officials have spent millions on the paperless touch screen machines; Alameda County has spent at least $11 million alone."
Diebold == Dieslow.
:-)
Somebody save e-voting... before it's too late. Looks like Florida is going to be in a worse position than in 2000. I know I keep saying this, but someone should create a good Internet voting mechanism, and keep it anonymous yet feasible. I'd like to be sure my vote was counted, and the only way to really do that is by the old fashioned SQL count() function.
At least then I'd know that my vote is my say. Nowadays, you're either black, hispanic, poor, criminal, or you look like these groups so you're unable to vote. It's a crying shame, and in all its flaws, Moore's Fahrenheit 9/11 actually does demonstrate the problems with the 2000 election quite intricately.
The dangers of knowledge trigger emotional distress in human beings.
As long as we're screwing ourselves with these electronic voting machines, why don't we at least switch to Condorcet voting at the same time? Computers could make Condorcet voting really easy.
Then, of course, put in that paper trail thing.
Catching Diebold's products actually being in violation of the law may be a technical matter that might result in lawyers talking for days, but should that burden ever be meant, the penalty is huge, especially in California.
Diebold promised their equipment would be up to spec. If it's found that it's not, then that's just plain simple basic fraud. In CA, the whistleblower law we're talking about makes the company have to refund 100% of the money the state gave it, and 30% goes to the citizens who started the case. More or less, Diebold will have lost all of the revenue it got from CA, plus all of the losses incured due to the fact that they already tried to deliver a product that they now aren't getting paid for...
This is the kind of thing that sends a company pretty close to bankruptcy... good thing Diebold has its ATM product line to fall back on.
Going after the money trail is cleaner than going after proper procedures.
common && !commonsense
CC.
TaijiQuan (Huang, 5 loosenings)
dealt to the ailing company.
Diebold as a company isn't ailing, it's doing pretty well from what I gather making ATMs...Diebold as an electronic voting manufacturer is ailing. In fact, it's so bad that some people in the company have suggested dropping it altogether because it is making the company look bad. But they persist, which may even bring further question to Diebold's CEO's political motives...
The OpenVoting folks in the article complained about using the Whistle Blower/Money type lawsuit. But having read a lot of articles on Diebold and its "tactics" it seems like the only thing Diebold will listen to is an argument (court case) that affects its bottom line. That whole "follow the law and do it right" concept is lost on them. Maybe if Diebold has to cough up $100M or more they might consider doing it right. Either that or they'll pay off with vouchers for free voting machines!
Invalid Checksum. Retrying.
Although it was the supreme court that finally decided the 2000 election debacle, they did not 'appoint' a president. The current sitting president won the electoral colleges needed, fair and square.
What is truly wrong is the electoral college system. Parliamentary systems are far better in my opinion, and far more effective at executing the public will (except in those rare circumstances like Canada in 1992, where the PC's got the majority vote but only 2 seats in the house).
That's not hard for someone who is unscrupulous and is also already in power to do. Someone who is already in power can grant "favors" to the people in these companies that make decisions, whereas a challenger can only promise future favors. Considering how "business friendly" and "wealth friendly" the current administration has proven itself to be, a promise by said administration to grant favors would be taken very seriously. And since the government today basically answers only to the corporations (especially those that own the media), I think it's unlikely that such "payoffs" would get very much media attention. Furthermore, the administration is in control of a number of agencies that can "guarantee" that anyone at those companies who works on the software in question will not talk. If they try, they'll have an "accident".
Any system that can be exploited ultimately will be, and the more incentive there is to exploit the system the sooner it will happen. In the case of a voting system that is unauditable and easily manipulated, I think there is every reason to believe that it will be exploited in the upcoming election.
The only way to counter it is to make sure that the number of states using them is few enough that they cannot have a meaningful effect on the election.
But so far, only a few states have taken any action against electronic voting machines to my knowledge, and only California has banned their use outright (again, to my knowledge). That's not nearly enough to ensure that the upcoming election is truly fair.
That's why I think Bush will win the upcoming election no matter what the voters actually think -- the current administration is the most ruthless and underhanded I've heard of, and that kind of approach is all that's needed to exploit the obviously vulnerable electronic election system in the U.S.
Tinfoil hat stuff? You bet. But 20 years ago, anyone who suggested that software would be patentable in the future would have been dismissed as a conspiracy theory nutcase. But it happened. 30 years ago, anyone who suggested that the U.S. would pass a law like the USAPATRIOT act would have been laughed out of the room. But it passed anyway. Tinfoil hat stuff is hard to dismiss if it is internally consistent, agrees better with all the facts, and explains current events better than everything else. As is, I believe, the case here.
Use 'slashdot stuff' in the subject line in any email you send me if you want to get past the spam filter.
Voting machines need to be certified, basically this means someone needs to inspect it and make sure it works correctly, is tamper-resistant, etc. hardware and software is certified together. but Diebold treated their software like many IT products. release what you have and patch, patch, patch. Unfortunately, in the case of election this meant uncertified software (and allegedly uncertified modems as well) was used. Diebold could have put anything in that code.
Of course, whoever did the certification job on the Diebold certainly wasn't doing their jobs very well.
A good model for EVM would actually be the Navada Gaming commission for slot machines and the like. Software updates need to digitally signed and encrypted by both the company, and the commission. Running slot machines without approved software is illegal.
autopr0n is like, down and stuff.
Jim March broke the news last night over on The High Road; I submitted the story last night, but was rejected. Anyhow, follow the link, and you can read Jim's commentary, and discuss the case with him (he's a senior member and very active participant over at THR). All sorts of little tidbits over there--the suit has been in the works since November, but a gag order was just lifted yesterday. Somebody else mentioned that the plaintiffs get a 30% bounty on the damages, or 20% if the state provides legal assistance (that should be 15%, not 20%, BTW). He also discusses the basis for the fraud suit, and the somewhat unique method (Qui Tam) they've chosen to fight Diebold; he likens it to the tax evasion case against Al Capone. Definitely a good, lively discussion over there; well worth a read.
Moderate drunk! It's more fun that way!
But what's the point of electronic voting anyway? Surely it shouldn't just be to speed up the voting process? I think, if we're going to do this, it should be to ensure that everyone's vote gets counted by reducing, as far as possible, the impediments, such as hanging chads or badly designed ballots, that prevent this. So, while I like the first part of your suggestion I don't see why we need the second at the polling place. Simply have the first machine fill in the appropriate checkbox on a paper ballot that is human and machine readable, let the voter check that the ballot is correct and then deposit in a ballot box as normal.
Why bother trying to speed up the counting process? People can just wait for the results, at least this way the East Coast results won't be out till the West Coast polling stations have closed.
development.lombardi.com
All forms of voting are imperfect on a large scale.
Old-fashioned paper ballot boxes can be stuffed a la "Box 13" of LBJ's Senate (D-TX) election of '48.
Mechanical ballots like Florida's 2000 punch-card ballots are vulnerable to designs which make incorrect voting likely, and this can be engineered to favor a particular candidate.
All-Electronic ballots vulnerable to software and hardware errors.
All of the above are vulnerable to catastrophies like fire, tornado, and other extreme circumstances.
Our best bet is to combine the best of the available technologies:
1) The actual ballot is a human-readable, voter-verified ballot that, barring corrupt poll workers and observers, cannot be easily tampered with after the vote is cast. This physical ballot will be counted on election night and used in any recounts.
2) machines are used to assist the blind and other handicapped voters in casting their votes and verifying their ballots, and to make a "clean" ballot which can be read quickly with almost zero errors by a counting machine or human counter.
3) machines keep a secondary count of vote totals so news media can have a good, unofficial, estimate of the actual vote totals within a short time after the polls close. Barring error, the unofficial count will match the official count exactly.
Oh, of course any machines used in voting or counting votes would be "open for inspection" - that is, the hardware design, manufacturing processes, source and object code, would be published information and open to scrutiny. The actual hardware and object code would be audited to make sure it matched the published specifications, and if not, the difference would be documented for all to see.
As machines aren't perfect, human poll workers, election judges, and observers will be allowed to observe all parts of the election process.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Well, I'm not sure what you mean, but here's what I meant. (assuming no one has a better idea than mine, in which case I might go with their idea)
Have the user-interfacing voting machine print out a nice ballot card, both human readable and machine readable. This goes in a ballot box. Then have seperate machines to count the ballots.
To test the user-interfacing machine, voters may, if they wish, compare the human-readable portion of their vote printout to what they entered into the machine.
To test that the machine readable and human readable parts of the cards match, randomily select some to be examined.
Humans can read machine readable code, just not very easily, and therefore can tell if the two parts of the card match.
Anyone who cared to could build another machine to display what the machine-readable part of the card says, and compare it to what the human-readable part says. (or perhaps just include an OCR and compare without human intervention) I'm sure a voting machine manufacturer would love to catch one of their competitor's machines misprinting ballots.
To test the counting machines, just do the same thing. I'm sure a voting machine manufacturer would love to catch their competitor's machines counting incorrectly.
Naturally, the voter doesn't get to take that vote card home, it's what gets counted.
So unless anyone else can think of something, I say we start with this next week.
A voting station consists of:
1) touch-screen computer.
2) printer.
3) scanner-fed shredder.
Polling place consists of:
1) one-or-more voting stations.
2) one scanner-fed lock-box "ballot box".
3) one computer conected to ballot box.
4) one lable/sticker printer attached to the ballot box computer.
5) one scanner-fed lock-box "errata box".
6) one computer conneced to errata box.
7) one or more trained poll staffers.
By "scanner fed" I mean a contraption such that an optical scanner reads a document and, after all the barcodes are scanned, if they make sense, the physical document prodeeds to the fed device.
-- ALL Printers (etc) print on a "reasonably heavy" card stock.
-- The errata bin scanner, unlike all the other scanners, will not reject/return an unscannable document. The Errata box also has a slot for truly mangled debris sheets. This errata bin should score or deface the ballots so inserted (have a roller splash "void" over their face etc.)
-- There is no "network", wireless or otherwise, connecting the voting stations to anything.
How voting procedes:
1) before polls open the voting system is used to print-up a bunch of "blank" ballots that have psudo-random or sequenced or whatever "GUIDS" and the big black words "this side down" in several languages, and these printed blanks are set up in bins. Blank ballots are printed at (any of) the voting stations using an administrative key or there could be a dedicated blank printer.
2) The voter aproaches the human who checks the voters ID etc.
3) The voter the selects, at random, one of the
"blank" ballots and takes it to a voting station.
4) The voter scan-and-shred(s) the "blank" ballot to start the touch-screen process.
5) The voter navigates the touch-screen process in the language of their choice.
6) When the voter selects "done voting" the card-stock printer prints a completed ballot with (JUST) the name-office or initiative-selection pairs (e.g. President: Bob, or Issue 167: NO) selected by the voter for the issues he wishes vote, the GUID from the "blank" original, an encoded barcode/dotcode splash containing all the votes in machine readable form, the GUID, the "voting station serial number", the "voting station voter-session sequence number" and a checksum.
7) The voter then leaves the voting station.
8) The voter visually reviews their ballot print-out.
9) The voter may then either proceed to the ballot box or back into any voting station to ammend their vote via a scan-and-shred operation.
9a) If the voter elects to change their vote, they return to any voting station and, do the scan-and-shred operation as in step 3, but the station has read the barcode/dotcode splash and brought up what it read from the splash as the reviewable and changable defaults. The voter carries on.
9b) If the voter elects to cast his ballot, he takes it to the ballot box, where it is scanned and the ballot is stored in the lock-box.
10) The voter is given an "I voted" sticker with an MD5 (etc) checksum of their ballot printed on it as produced/recorded by the ballot-box.
-- Any ballot that is cast into the ballot box should be scored (e.g. roller stamped) with a scanner-cookie barcode that would make the voter stations reject it so that somone couldn't just open the box with a key/pry-bar and take the ballots over to a voter station, and edit them.
-- The ballot box would reject scanning/honoring a duplicate GUID, preventing all sorts of tampering/stuffing schemes.
-- A successful post-casting edit attack would be revealed by the mismatch of the nubmer of ballots in the box (physically counted) compared to the number scanned by the box, so there is a check-and-balance.
-- Any ballot that cannot be scanned by any of this equipment because of dammage (dropped, stepped on, torn, etc) or when a voter decides that something is "queer" is scan-and-stored by (or just p
Innocent people shouldn't be forced to pay for inferior software development.
--"Code Complete" Microsoft Press
The problem here is the only body with the ability to fix this mess across the entire nation before the November election is Congress and they've already refused. So you are stuck tryng to fix it state by state.
There is a bill with more than a hundred sponsers that would require a paper trail in November but it is being sat on by the same people who wrote HAVA which is the bill that started this mess in the first place.
Here is the statement from the bipartisan representatives and senators that have bottled it up in committee.
It contains some disturbing statements, this one in particular:
"Most importantly, the proposals requiring a voter-verified paper record would force voters with disabilities to go back to using ballots that provide neither privacy nor independence, thereby subverting a hallmark of the HAVA legislation. There must be voter confidence in the accuracy of an electronic tally. However, the current proposals would do nothing to ensure greater trust in vote tabulations"
Not sure how they can claim a recountable paper trail, "would do nothing to ensure greater trust in vote tabulations".
They also want the same agency that is apparently responsible for the current mess to sit on the problem and do nothing in time for this election:
"Questions regarding voting systems security, as well as many others, need to be examined by the entity responsible for doing so under existing law, the Election Assistance Commission, before Congress begins imposing new requirements, just months before the 2004 presidential and congressional elections, that have not been fully considered. The security of voting technology is a non-partisan issue. We encourage you to allow HAVA to be implemented as enacted and provide those who are charged with ensuring the security of voting systems the time and flexibility needed to get the job done effectively. "
As if this whole situation wasn't disturbing enough this same commission is exploring give the Bush administration, and Homeland Security power to postpone the election in the event of a terrorist attack, especially if it looks like Bush might lose in its wake the same way the Spanish government did, if it becomes apparent he may not have made America safer.
@de_machina
Let me see if I get this straight.
The 2000 election was supremely screwed up, particularly in Florida, because people were voting with some old-timey machines that made holes in paper ballots, which could then be counted by machine. Only sometimes the holes didn't punch all the way through, or sometimes the ballots themselves were a little bit confusing.
The ballots had to be recounted by hand in Florida, with the help of a lot of volunteers and quite a bit of state money in order to deal with these problems -- also that Florida state law (as in most other states) requires a manual recount in case of extremely close races.
So the solution from the Federal Government is the Help America Vote Act (HAVA) that says states need to have secure, accurate voting machines that meet stringent guidelines for security and accuracy (not to mention accessibility by the disabled). If these machines are electronic, so much the better.
Under HAVA, the Federal government will grant the states buckets of money ($861 million so far, and plenty more to come) to get their voting machines compliant.
Only there's a few problems. States don't yet know what being compliant means, because the standards and definitions are still being worked out by the Election Assistance Commission (eac.gov) and the National Institute of Standards and Technology (nist.gov).
The EAC has got as far as appointing a subcommittee, but they're not due to meet again until Jan 2005, at the earliest.
What you're left with is states looking for machines they THINK will be compliant with HAVA -- particularly with the Americans with Disabilities Act (ADA), which calls for private, unassisted voting by blind people -- meaning that the voting machines will have to have audio components that read a person's choices and, before casting a vote, read a person's selections.
Direct recording electronic (DRE) voting machines are very good in this regard -- they can be very easily customizable at the state level to work at the precinct (or school board district) level.
But the problems with DREs are well documented -- inaccurate counts, easy (relatively) to manipulate, hackable, etc. And without a hard-copy record, impossible to do a recount.
So the solution proposed by California Sec of State Kevin Shelly, among others, is to have DREs create a 'voter-verifiable paper audit trail' (his term). Which means that the electronic machines have to print a paper record of the ballot which is then kept securely for recount, if neccessary.
Now this begs a couple of questions.
If a jurisdiction uses these fancy new machines to record, tabulate, and transmit vote results electronically, but at the same time has to keep paper copies of the votes for recount, then the paper ballots will surely be subpeonaed after any vote that is reasonably close (say within 5 percent).
It is a given that the paper ballots are going to be counted anyway, especially considering the number of races (town, county, school district, congressional district, senate, etc.) that are 'close' in any given year.
What this means is that HAVA is asking states to trash existing, functional machines that produce machine-readible paper ballots, machines that originally cost maybe $300 each and are already paid for, and replace them with new machines that cost more than $1000 each, and produce ballots that will have to be counted by hand.
Another issue that the press has not yet gotten wind of is the large number of election officials who have retired, gone on early retirement, or changed jobs since 2000. An unprecendented number of chief election officers in counties and states across the country will be supervising their first general elections this November. A comforting thought.
The outgoing officials saw sense -- that there is a train wreck approaching. An awful lot of people will be voting on machines untested in an actual election environment, and those machines are by many measures inferior to the
As if this whole situation wasn't disturbing enough this same commission is exploring give the Bush administration, and Homeland Security power to postpone the election in the event of a terrorist attack, especially if it looks like Bush might lose in its wake the same way the Spanish government did, if it becomes apparent he may not have made America safer.
A prediction: there will be enough of an attack to rile people up and make sure that Bush wins. After all, it's in his interests to win, and it's in the interests of Al Qa'ida etc. to keep him in place and keep the recruits flowing in.
Any terrorist attack on American soil will have the opposite result to that in Spain, where part of the reason the incumbents lost is that they started running around blaming ETA before the facts were in.
I prefer Approval Voting. Thats where you vote for as many of the people available as you wish.
It is simpler for the average person to understand, and would be easier to implement, and does not have the flaws that the more complicated voting methods have. (At least as far as I know. I've been meaning to do a mathematical proof that it is best. Has anyone out there already done that?)
Also, voting methods are determined by the state. I don't even think it is part of the State Constitution but either laws or procedures. Because of this people in states that allow Ballot Initiatives can get the voting method changed themselves without, or in spite of, the actions of elected politicians.
You can also change the distribution of your state's electoral votes from winner take all to proportional. (At least one state in the union does this.)
I'm not sure but I think it would require a federal constitutional amendment to get rid of the electoral college altogether.
I hate Liberals and Conservatives.
If you are a Liberal or a Conservative, then HAVE A NICE DAY!
Courage.
I've always wondered. Wouldn't word get around? I mean, it's nice to be able to say "we'll write your program in half the time and a quarter of the money as your competitors", but when it's two years past the due date and you've blown past your budget far enough to fund a small country, I'd think the guy who hired you wouldn't be happy.
And so presumably you could start accumulating data on this - "Company X charges 73% of the national average and exceeds their budget by 593% on average" - and it'd make it pretty obvious which companies were worth buying from and which weren't, which sorta blows the whole vaporware dealie out of the water.
I used to buy computer parts from a company called Minotaur. They were the best - cheap, fast, incredible customer service. I think I personally bought four or five entire computers from them, and gave them enough recommendations for two dozen more. I was working at a games company that needed half a dozen more computers, so I suggested them and they arrived working in great shape in about a week.
A month later we needed half a dozen more, so they bought from Minotaur. Turned out Minotaur had just been sold to someone else - two computers arrived in two weeks working, two more arrived not-working, and two never showed up (I think they were considering taking Minotaur to court last I heard.)
Since then I've bought another three computers, and given recommendations for half a dozen more . . . all from Newegg. Was Minotaur's lousy service really worth losing the dozens of sales they would have gotten?
I wonder.
Breaking Into the Industry - A development log about starting a game studio.
The Bush administration and the GOP dominated
...)
Congress were very quick to earmark $6 Billion
for eVoting upgrades, after the "hanging chad"
problems in the 2000 elections. The push to
"use it, or lose it" for this money meant a
rush to adopt some very badly implimented
solutions from corporate friends of the Bush
administration.
So now that the word is out about these crappy
eVoting machines (WITH NO PAPER AUDIT TRAIL),
and the Bush administration is now "floating
trial balloons" in the press about DELAYING
the November national elections. As well as
preparing the public to EXPECT terrorist acts
similar to the Madrid train bombings that would
be designed to disrupt these elections.
Doesn't anyone else besides me see a conspiracy
theory in the making? Like: if the GOP feels
that they will not win the November elections
using the SOP of FUD, that there WILL be some
major terrorist attacks here AND there WILL be
a delay in the national elections.
(Pardon me while I put on my tin-foil hat
Yup.
:).
Errr...not ALL of it though
(I hope nobody here is as humor-impaired as a few of the DemocraticUnderground folks seem to be.)
Jim
(yes, that Jim)
It's funny, I would actually prefer to start off the electronic voting process a bit differently. Let me fill out a regular paper-ballot first. You know, color in circles, press-out chads (ugh), whatever. Now, let me feed that in to an electronic reader. Then let me verify that the reader has counted my vote correctly & submit. The original paper copy is saved, but the electronic counting procedure is also used.
I have always thought that the original purpose of electronic voting was to remove some of the uncertainty as to whether or not my paper-vote was correctly counted. This would do that, plus there would be a paper copy.
Then, over the years, we could develop ways to replace the paper-vote with a possible electronic one. Although I don't necessarily see the point.
However, I gotta say that many people over 50, which make up a large percentage of voters, would manage to be baffled by even the simplest electronic system. Heck, even I get a little lost trying to vote the way it is now. Too much crap going on, just count my friggin' vote!
It's not about paranoia. It's about an administration that has been promoting a fascist agenda, ie moving away from civil liberties and towards a tyrany, (check out the patriot act, and the current homeland security mandates for industry--official USCG regulations as examples) in bed with Diebold, who happens to (1) support Bush with political donations and public pronouncements (look how much Diebold execs have contributed to Bush and that somewhat famous quote about Diebold being ready to deliver the election to GWB),(2) to be practicing deception in the distribution of voting machines that CANNOT be audited for a recount, and (3) has been found to be lying about their voting software.
A "flaw" in the voting software would not be detectable by the public because the code is proprietary and hidden from sight. That flaw could accidently swing the vote towards a particular candidate or party. Who would know? Election fraud is NOT new and politicians would risk it, just as other criminals risk breaking the law to achieve their own ends.
The RISK is that our liberty is at stake. Our say in how our country is adminstrated is at stake. Why should we trust a company that AT BEST is not very competent and at worst might just be in league with some less than honest politicians to stuff the ballot box in their favor? There is a recognized opportunity to rig the elections in a way that would be VERY hard to prove. And if you can't prove election fraud, then you have no crime, so the practicer would get away with it. Right, the only way then to prove it would be a wistle blower...and are we to hang the whole of our liberty upon the supposed honesty of one person?
The best practice is to trust, but to verify. It is the verification step, the auditable voting records that could demonstrate election fraud, and the openness of the code to public scruitiny, that is lacking in Diebold. And we have seen, in other areas of government, that were there is darkness (secrecy) there is a strong tendency towards corruption. Hence the many "sunshine" laws.
Creative Spelling Copyright (2002). May use without Persimmons