Slashdot Mirror
BlackBox Voting Tests California Diebold Machines
Doc Ruby writes "The California Secretary of State has invited Black Box Voting to hack away at some Diebold voting systems. The testing is set for Nov. 30, 2005. Evaluations conducted by Black Box Voting in San Joaquin, Marin, and Alameda counties (Calif.) reveal that a critical paper audit component is missing for all absentee and mail-in ballots, and also for recounts. (Black Box personnel were hired by the Libertarian Party to conduct inspections.)"
Paper trail: the magical words. In Montréal, Québec, the recent municipal election is being contested. Mark-sense ballots were counted by machines, but ballots are kept in sealed boxes after being run through the machine (by the elector). Right now, the ballots are being recounted by hand in the courthouse.
The machines used in Montréal (the ones I saw) where optical scanners with a sealed box to contain the ballots.
The problems we had, was that the center database that was used either crashed or could not handle the load...
Either way thoses sealed box are getting recounted by hand... In the municipal court... In front of provincial judges...
I live in Soviet Canuckistan you insensitive clod!
The same thing could be effected for voting machines.
Person marks ballot with permanent marker (like the old multiple choice tests but not eraseable). Voting machine is a form reader with a ballot box underneath. This is how municipal elections are done in Nanaimo (and I presume most other municipalities in) BC, Canada. Federal and Provincial elections are still hand-counted with scrutineers seeing (and counting) every ballot.
This is how voting has been done in San Diego County in California for the past couple of elections. I personally don't think that the touch screens are going to be adding much but expense.
In Nevada, no slot machine can run unless the manufacturer gives the Nevada Gaming Commission the source code. They can then compile it and get a MD5 checksum for it.
All they have to do then is to go in casinoes and do spot-check on some machines; all they do is plug a special diagnostic box which looks at the firmware and calculates the MD5 checksum, then compares it with the official checksum.
Here's the link to the specific post detailing their request
If the editors are listening, it might be worth fixing the
That little mistake puts the issue in a wrong light.
[Fuck Beta]
o0t!
Why are they using machines to count the votes ?
/fetched by the administration.
Here in Germany the voting process is 100% transparent.
The whole country is divided into ~400000 pieces. In each of these pieces, a votingplace is established. Each votingplace is maned by 7 citicens (volunteers prefered. vacant posts are filled by selecting random citicen.).
The voters vote through making a cross on a piece of paper.
After the vote, the whole voting comittee counts the votes two times. After that, the votes are sealed in a bag. The result and the votes are then given to
During the whole process, _every_ citicen has the right to be on place and controll the work of the comittee.
The whole process is FAST:
Usually it only takes ~1 hour to count the votes.
Voters don't need complicated instruction manuals (everybody knows how to use a pen, right ?)
The whole process is reliable:
It is very hard for a political party to man a whole comittee.
As every citisen has the right (and many make use of their right) to be on place and to controll the work, falsifiing is extremely hard.
Because we have a clear paper-trail, every vote can get re-counted.
Ever tried to use a machine when there is a power-outage ? Pens work without electricity.
The whole process is CHEAP:
No expensive machines.
Volunteers & citicens don't get paid.
Let's make a few points clear here.
.cgi?file=/1954/14325.html
1) The Libertarian connection happened as a result of California Election Code 15004, which reads:
---
The county central committee of each qualified political party may employ, and may have present at the central counting place or places, not more than two qualified data processing specialists or engineers to check and review the preparation and operation of the tabulating devices, their programming and testing, and have the specialists or engineers in attendance at any or all phases of the election.
---
So we (Black Box Voting) approached the California Libertarian Party to team up and do up-close inspections of these voting machines, or at least explore what's possible under 15004. They hired us at a buck a day. The main result: we ended up with listings of installed software and drivers that make it obvious Diebold wasn't obeying a court order to shut down networking drivers that weren't necessary. We've complained to the California AG's office about this and Diebold's cross-connection of the San Diego central tabulator box to the Internet (also banned by both the same court order and state regulation). More details at:
http://www.bbvforums.org/cgi-bin/forums/board-auth
This upcoming "test hack" at the California Secretary of State's office is another matter entirely.
This all started when we (Black Box Voting) hired Finnish security consultant Harri Hursti to help out in a "test hack" in Leon County FL where the county elections official (Ion Sancho) was worried about all this "Diebold" controversy.
What Hursti found was pretty wild. In short: before the election, all the precinct memory cards are prepped from the central vote count box with the ballot and candidate data...normal enough. But the cards are also prepped with interpreted BASIC code loaded into all the memory cards to control the output of the summary counter printer at each precinct. Worse, if you mess around with that code loaded first at the central tabulator, you can make that end-of-day-printout read whatever you want...put in a vote-skimming routine, false numbers, whatever. Nothing in the system at the central or precinct ends checks for hashes or whatever to see if the BASIC code is legit. Said code can be date/time sensitive so that the machines will still pass Logic&Accuracy testing before or after the election. With the paper trail at the precinct dickered with, you can use the other major hack available - altering the central database of votes to match the precinct report paper. Not hard - the central database of votes is written in MS-Access so either load a commercial copy of Access and tweak by hand, or load/type a Visual Basic script to monkey with the JET database engine (the "Access back end") on autopilot.
Net result: one thoroughly "pwned" election.
The full report:
http://www.blackboxvoting.org/BBVreport.pdf
Since then, *nobody* has tried to duplicate the Hursti results. If they're true, Diebold would have to do a nationwide recall and the Federally approved testing labs (Ciber Inc. in Huntsville AL and a division of Wyle also in Huntsville) would need a visit by people with badges, guns and search warrants.
After the preliminary report on the Leon County hack was released but before the final report linked above, Bev Harris and I formally asked the California Secretary of State's office to check out the issues Hursti found, under yet another obscure clause of the California elections code, 19202:
---
Any person or corporation owning or being interested in any voting system or part of a voting system may apply to the Secretary of State to examine it and report on its accuracy and efficiency to fulfill its purpose. The Secretary of State shall complete his or her examination without undue delay
Exactly.
...for my personal collection and
...for a view of the first and last time they tried to have any of my stuff taken offline.
A variant of this for voting machines would involve the distribution of the MD5s or similar on the websites of the vendors, the county governments using it, the Federal Election Commission website and the like, along with a script that will check every file on the voting machine in question for accuracy.
A concerned voter or party rep or one of us at Black Box Voting or whatever can download all that, put it on CD-ROM.
The county can then test the CD you bring in and make sure it contains nothing but the "checker program", mark that CD "approved", you then stick it in the voting machine(s) and run it even with very limited "geek quotient". Now everybody can trust everybody.
--------------
Another big issue is that the data files need to be made public. As God is my witness, Diebold and other major vendors are claiming that the database files (MS-Access in Diebold's case, SQL in most others) are "proprietary trade secrets"(!) and cannot be released by the counties under various public records laws of each state.
This is utter BS. Hell, if you have just ONE set of Diebold data files you know their table layouts and whatnot, and many such have been published all over the net for literally years...with Diebold taking no legal action to make them go away since...well they gave up around Oct. of 2003. See also:
http://www.equalccw.com/dieboldtestnotes.html
http://www.equalccw.com/liebold.html
Diebold MS-Access data files *can* hold forensic traces of vote-hacking if the hack wasn't done very professionally. So why is Diebold fighting to make sure the data files don't end up in public hands, when this "trade secrets" argument is clearly horse manure?
Either they're messing with votes, or they're afraid some of the counties are because Diebold has made it so damned easy.
Jim March
BlackBoxVoting (.org)
Think Ohio, 2004. What possible incentive would the current Administration & Congress have to insist upon making the current process transparent and subject to review? The G.A.O. report hammered Ohio and their voting machines. Reaction from our "elected" leaders? None.
Quoting:
/ 97374
"I don't know what the right response is for you people, but clearly the state officials are being "handled" by Diebold here. You have to find some way expose or work against or break this down."
Well we've "handled" it back so far by proposing a much more reasonable test protocol. No response yet from them.
The thing about us doing the hack is, yes it'll be great if it's fair, but...OK, let's say the SecState's office does it, and it turns out later that what they tested was a classic "lab queen" Diebold Frankensteined up nice and special. Can you say "egg on face"? "Who does the hack" is connected to "who takes the political risk if it's done wrong"...noteworthy especially since state law (EC19202) says it's THEM that does the testing...
At the same moment we replied in EMail to the SecState's office, we put out a press release on this subject...we've had a fair number of responses so far and a few of hits in Google News just today:
http://www.govtech.net/magazine/channel_story.php
(and the same story above in another "government news site"...)
http://www.fcw.com/article91533-11-23-05-Web
It's not a lot...but it's had one comical effect: the various reporters we've talked to have all tried to call the guy at the SecState's office engineering this thing (Bruce McDannold, whose phone number we included in our press release) and they all say he hasn't answered phone calls. He also hasn't gotten back to us, which is odd because he's usually very good about returning EMails.
I refuse to speculate on what he's up to and I'll forego the snideness I'm thinking.
To answer your original question: we WILL do this thing even with at least some of their restrictions in place...but we want a basically fair shot here, and what was proposed...well y'all can decide for yourselves what sort of offer they made us.
---
Full disclosure: I helped Bev Harris decipher the massive pile of files she downloaded from a Diebold FTP site in January '03 starting around July '03 on my part. She founded Black Box Voting Inc. as a non-political non-profit (501(c)(3) tax status) in mid-2004, at which time I became a volunteer member of the BBV board of directors. In July I lost my day job and three weeks ago I joined the full-time staff at BBV, resigning from the board of directors and moving up to the Seattle area. BBV has a full-time staff of three, I make $2k a month. Bev and I were the two co-plaintiffs in a consumer protection lawsuit in California that netted the state of California a $2.6mil refund; Bev and I each collected a "bounty" of $76,000. That suit started prior to BBV's formation as a non-profit and was run without any of the non-profit's resources.
http://www.openvotingconsortium.org/. A 100% F/OSS voting solution that can run on commodity hardware and F/OSS operating systems.
Knowledge is power. Knowledge shared is power multiplied.
http://www.openvotingconsortium.org/
At least, I hope that fsckn works...I thought I did it right the first time...
Knowledge is power. Knowledge shared is power multiplied.
Paper trails are great so long as they're USED, at least for spot-checking.
Right now, California has one of the better laws on this, saying that 1% of the precincts need to be hand-counted once there's a paper trail in place. And paper trails are mandated beginning in '06.
Great.
But several counties don't assign their absentee ballots to precincts - they treat them as a distinct batch. And since they're not PRECINCTS, these counties claim they don't fall under the 1% manual recount rule.
Los Angeles County (population 12 MILLION) is among these.
So even though absentee voting *always* includes a paper trail (the part people mail in), in LA and elsewhere it doesn't get spot-checked. Hack just that portion of the vote, you're golden.
Sigh.
In six states it's ILLEGAL to recount paper ballots...danged if I know why. Most states don't have a spot-check rule.
Voter verifiable paper is a good start but it's only "part of this complete breakfrast" if you know what I mean...
Jim March
Black Box Voting
A few excerpts:
Nevada asked the Gaming Control Board to take a look at voting machines. After that review, Nevada went to a paper trail in 2004.
Definately a she, not on meds, has no use for Osama Yo Mama, ain't a commie :).
She has however been an action movie star:
http://www.bbvdocs.org/videos/volusia2.mpg
Drop dead funny, taken from a "dumpster dive session" behind an elections department warehouse in Volusia County FL in which all sorts of real voting records (mainly the critical end-of-day polltapes) had been thrown out. Illegally.
("Poll tapes" are printed on older voting machines on "cash register rolls", they basically spit out about 3ft worth of "I took in 345 votes for Bush, 257 for Kerry" type stuff, keeping a "running tally". They're not as good as a voter verified paper trail, they can be "hacked" at least in Diebold's case, but that's not THAT easy and a cheating election official(s) with limited or no techie background would find it easier to just junk them.)
I understand what you mean, but please ask for "voter-verified paper ballots" instead of a "paper trail".
I was part of the Champaign County Election Equipment Advisory Board in Champaign county Illinois. We were an appointed body whose job was to evaluate voting machines that would make us compliant with the new "Help America Vote Act" law. Our board heard sales pitches from a few vendors (Diebold, HartIntercivic, ES&S) and their local reps, we asked them questions, collected information, and eventually made a recommendation to the County Board (who are elected). We've given the County Board our advice and the County Board will make the final decision and sign the contracts.
We took a field trip to Tippecanoe county Indiana and saw a Diebold voting machine, and our guides were nice enough to give us a demonstration. We were familiar with the Diebold system they demonstrated from a user and administrator's perspective, but we were stunned that the long strip of paper the machine printed was not voter-verified. The Diebold machine we saw produced this paper if the operator had a physical key and pressed the appropriate button (typically the election judge on the site would do this at the end of election day). But no voters got to see what was printed on the paper, therefore there was no way for a voter to make sure that there was any accurate written record of their vote, even a printed record that stayed with the election judges (not a receipt).
Ostensibly, what's on the paper is a record of votes in a pseudo-random order (so as to prevent an election judge from correlating a particular voter with the printed information). But since the paper is not voter-verified, what was written on the paper is completely untrustworthy. Voters were relying on whatever the software says. Tippecanoe county Indiana is a long-time Diebold customer (since before Diebold bought Global Election Systems, if I recall correctly).
This machine compelled me to distinguish between a "paper trail" (which the Diebold reps and the Tippecanoe county demonstrators assured us the machine could generate) and a "voter-verified paper ballot". The former simply isn't good enough.
Digital Citizen
I Denmark, we have all-paper ballots, and it just works. Never heard any accusations of cheating, not even from our most extreme parties (like those to the left of the communists), polls results are in within a few hours, there's a nice big paper trail. And before someone says 'Denmark is just a small country', there's nothing in the system that doesn't scale linearly. And no expensive machines required, either.
-Lars
Why doesnt the open source community make our own
m l c e_voting_software/
Most other countries have gone down the FOSS path, and that software and experience is available to the US if it chooses.
http://www.wired.com/news/ebiz/0,1272,61045,00.ht
http://www.theregister.co.uk/2004/06/23/open_sour
Whatever the reason the US decided not to use FOSS voting, it had nothing to do with any difficulty in opting for an open solution, and it certainly has nothing to do with the cost.
"I've got more toys than Teruhisa Kitahara."