Slashdot Mirror
Diebold Insider Comments on Voting System Flaw
Call Me Black Cloud writes "A Diebold insider is blowing the whistle on the company's continued lack of concern about security holes in its voting software. The insider wrote to Brad Friedman, a somewhat shrill political blogger, claiming the company is instructing technicians to keep quiet about the security flaws. This is despite the vulnerability being listed on the US-CERT website for the last year. A Diebold company rep admits the software can be remotely accessed via modem, but states, "it's up to a jurisdiction whether they wish to use it or not...I don't know of any jurisdiction that does that." The insider disputes that, claiming several counties in Maryland made use of the feature in 2004." This in addition to the fact that Blackboxvoting already hacked the system using a chimp last year.
And the voters in Ohio were made chumps.
Yes, it's been all over the news. What's discouraging is the lack of recount efforts.
A feeling of having made the same mistake before: Deja Foobar
Without starting a conversation about how everyone on Slashdot could hack into the computerized voting system undetected...
Keep this in mind. Many would say it is much easier to tamper with a paper ballot election. Ballots dissapear, ballots materialize out of nowhere etc. Burning boxes of ballots in fields is nothing new. One could postulate that tampering with computer ballots leave much more of a trail than traditional tampering.
And All I Ask is a Tall Ship And a Star to Steer Her By
I know, I'm asking for a lot. I was told by a coworker that it's a stupid request. After all, if I have an electronic voting system, isn't that suppose to eliminate the need for paper?
Bullshit. I'm sorry, but no - voting is not about how to do it the cheapest and most convienient for the government employees. The John Hummel Voting Ranking System goes:
1. Accuracy
2. Speed/Efficiency
3. Cost
So with that, my dream for the Ultimate Voting System goes like this.
1. Person shows up at the voting center with their ID. They are authenticated (whether this be by picture, or some sort of card reader, not important). If they can not be authenticated, then they get a physical slip of paper to vote with with the mark "Verify ID" and a number. If the ID is later verified, then the vote is counted. If not, then it can be placed in the "not counted" bin. (Not destroyed until 60 months after the election - this is to prevent too many "Whoops - we couldn't authenticate anybody"!) Granted, this ties into the problem with the "secret ballot" idea, but if you can't authenticate the user before voting, this is the next best thing. I'm sure someone could suggest a better method.
2. Assuming that authencated == true, then they are pointed to the voting machine. Voting machine is simple enough - a touch screen for "pick your candidate" with a picture, name, etc. If you're voting on a bill, then you can push a "detail" button to have a copy of it show up for your reading pleasure. Let it be handicap enabled with enlargeable text, comfortable seats (no forcing people to stand) and adjustable screens so folks sitting in wheelchairs can still access the screen.
3. Upon finishing, you are presented with a table of all of your votes and results, and a message reading "Is this correct?" If you select "No", you can change anything, otherwise "yes" means it's all good.
4. When you select "yes", three things happens. The vote is recorded to a local write once ROM device with a unique ID. This ID and voting information is transferred via an encrypted link back to some central location, so election results can be monitored in real time. The third thing that happens is a piece of paper is printed out with this unique ID and the voting information plainly printed out in the same table format you just read, perhaps with a bar code encoding the same vote results for quick tabulation later. You then drop this piece of paper into the voting box. The unique identifier is not related to the voter - just to the vote, so you can't tie in who voted for what, only that "some authenticated person" voted for something, and the unique ID is what they voted for.
5. Votes are now instantly counted. Upon finishing, all of the ROM media is removed and forwarded to a separate voting office - say, a separate division of the government - for validating. If the central office and separate office validate results, then the election is good. Just for kicks, a random sampling of the paper ballots are removed and compared (using the unique identifier) to the votes. If there's a descrepancy, you can pick it out quickly.
6. ROM and paper is stored for 5 years, then thrown out (by then, it's too late anyway), and available for public access by media groups/indepdant analysis.
7. Said above system should be written with GNU software, with MD5 and SHA1 hashes of compiled code made using standard GCC - version agreed upon by government officials at a specific date. Code is locked well before election date, and a copy of source and compiled code used is stored on the same write once ROM system (CD's should be fine) so anyone can compared and complain if they need to.
Whatever happens, no "proprietary" voting code, no "oh, it's secret to protect you dumb little voters" code - open, clear, and simple to validate and completely open to access. Anything less is asking for abuse, and I don't trust either party in the US not to have less-then-honest individuals hoping the screw things in their favor.
Of course, this is just my opinion. I could be wrong.
52 Weeks, 52 Religions with John Hummel
Let's end the debate once and for all and lobby Consumer Reports to evaluate electronic voting machines. Following is a link to their feedback form.m erreports.cfg/php/enduser/ask.php?
http://custhelp.consumerreports.org/cgi-bin/consu
Abstinence is a government conspiracy. www.SafeSexZone.co
Well not everywhere in America. Some states are starting to require paper copies of e-ballots. While I heard a while back about one state that is requiring publically available source code. I can't find the state though right now.
And unless the paper is printed before your eyes, and deposited into THE ballot box in front of your eyes, then I wouldn't trust the system either. What are the scrutineering laws [observers for each party/candidate in the room with the voters and ballot box] in the United States? Are there observers overseeing the ballot takers and counters in each polling place like in Canada?
Canada's system works quite well, and it would scale to work in American consituancies quite well, since we have the same system in Toronto, as we do in Nunavut with no complaints that I'm aware of in either location.
Saskboy's blog is good. 9 out of 10 dentists agree.
If he hadn't, it would have looked odd. Maryland is one of the most Democrat states in the Union.
A good vote-rigger would only swing the votes a few percentage points. Not enough that the 'actual' votes are extremely different from the 'expected' votes. So, you don't win every race and district. You just have to win enough...
If you want to talk conspiracy theory, you could point out that the exit polls were unusually innacurate in the last election. Not quite out of possiblity, but definately out of the ordinary.
Which would be the only sign of a wide-spread, intelegent, vote-fixing scheme.
'Sensible' is a curse word.
Get the facts read Project censored's No Paper Trail Left Behind:The Theft of the 2004 Presidential Election
"GET / HTTP/1.0" 200 51230 "-" "Mozilla/4.0 (compatible; Setec Astronomy)"
Now, I'm not sure if the units that were in polls in VA were the Diebold units, but I did ask the polsters about the ones in my local poll station. They were "running Windows 2000 with wireless network access." I laughed all the way out of the door after I submitted my paper ballot.
It's actually: "The people who cast the votes decide nothing. The people who count the votes decide everything."
Stalin has some other quotes too that fit. Scary.
There is no evidence because there is NO paper trail...
I disagree with your assertion that voter fraud is "merely" a criminal act - I think the current U.S. administration has already demonstrated how voter fraud can result in compromised national security.
The issues of voting are _not_ that complicated, compared to something like the avionics for the space program, and we have many, many real-world examples of solutions that were successful or unsuccessful throughout history.
If they have to do formal proofs and/or test every single possible input & output, and/or pay armies of hackers to try and break the system in any way possible, then they should do so. Systems which are used to make decisions which can have catastrophic effects on a society should be as near perfect is it is humanly possible to create.
"It's too much trouble" is the excuse of people who either don't care, or who have ulterior motives.
Maybe you forgot about Florida's Kathleen Harris. Harris hired a private company--Voter Identification Services--to purge Florida roles of all the "darkies" because of their tendancy to vote for Democrats. VIS purged some 57,000 voters from the roles claiming they were ex-felons [more credible sources available--search left to reader as an exercise] and, therefore, ineligible to vote. Nevermind that their accuracy rate was a dismal 5% because their system passed judgment on name alone. If gross incompetence by the head of Florida Bush/Chenney isn't fraud in your book, I wonder what you require as proof.
signature pending slashdot approval
There's a reason you don't let the inmates run the asylum, and there's a reason you don't drown the government in the bathtub, and there's a reason you don't let the generals run the prisons, and there's a reason you don't give the executive uncontested fiat in "wartime".
At least the Democrats aren't trying to turn Social Security into a giant game of Zapitalism, extend the estate tax into the blue horizon, lead us into destructive wars for no real reason, destroy their political opponents in ways that endanger our national security (Plame is one of many), gut Medicare...
Who could possibly say that if Al Gore had won in 2000, America would be in the same place it is today?
Q: What did the comedian say to the crowd?
A: If I knew, this joke would be funny.
What makes you think that banks have a clue about computer security? There exists evidence to the contrary.
For the love of God, please learn to spell "ridiculous"!!!
It's been going on longer than that, far longer than ol' shrub's been in office. Viewing politics through a big blurry W lens only hurts you.
There is nobody to blame
There's always somebody to blame. Hell, they don't even have to be a Democrat or a liberal, just painted that way.
All of the spin trying to place blame elsewhere merely gets them in deeper
The situation fell of the edge of cliff ages ago, and you think a few extra feet's going to matter?
I'll leave you with one last thought: A Democratic win in either House or Senate will just provide a bright shiny new target, one long caught in the headlamps. A win in both will only provide false comfort in them thinking the system still works, and that's it. I mean, be honest, do you really think they'll get anything accomplished between '07 and '09? Not only are the Republicans going to win, I want them to win. Things need to get a lot worse before they ever have a chance of truly getting better.
Linux, you magnificent bastard, I read the fucking manual!
Given that humans are 98.5% chimp anyway, there's not much of a choice.
As the anarchists says, "No matter who gets elected, the government gets into office."
We Transhumans modify that to: "No matter who gets elected, an alpha chimp gets into office."
Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
And assuming the machines can be tampered with it's just as likely machines were tampered to favor Kerry as Bush
Not just as likely- the President of Diebold didn't promise to do everything in his power to deliver Ohio to Kerry. It wasn't Republican counties that were shorted machines and given confusing lines without signs to make sure that people who got in the wrong line couldn't vote within the 24 hours alotted. And eyewitness reports didn't see the cursor jump to Kerry from Bush- but they did see the Bush button "click" when they pushed the Kerry button.
All of these suggest that Kerry MIGHT have taken Ohio- but since the head of the elections board was a Republican who refused to investigate these and other such anomalies in a reasonable amount of time, you're quite correct that there will be no day in court for Kerry. Add to that of course that Kerry's a wimp who decided not to press the issue.
Personally, there was enough circumstantial evidence that any county using Diebold in the future will be facing court challenges to prove the verification of their votes. As well they deserve.
SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
So what? I stood in line for four hours in my heavily Republican district in 2000. I made my kids stand in line too, as a lesson in civic responsibility. In the whole four hours, I only saw one person leave the line. We are broken-glass Republicans around here.
If these districts you mention are heavily Democratic areas, then someone needs to take the issue up with the presumably Democratic local election officials. Just like in Florida during the 2000 elections, when most of the alleged vote tampering for Bush took place in localities that were run by Democrats from top to bottom.
And I have no sympathy for any Democrat who finds a quart of malt liquor and a Jerry Springer Show rerun more appealing than taking a few hours every four years to exercise their right to vote. Fuck 'em, they don't deserve representation.
-ccm
Too much Law; not enough Order.
The the US election in 2004 was monitored by outsiders (OECD) which considered it _almost_ as fair as the last election they monitored in Venezuela.