Slashdot Mirror
Diebold Threatens to Pull Out of North Carolina
foobaric writes "A North Carolina judge ruled that Diebold may not be protected from criminal prosecution if it fails to disclose the code behind its voting machines as required by law. In response, Diebold has threatened to pull out of North Carolina." From the article: "The dispute centers on the state's requirement that suppliers place in escrow 'all software that is relevant to functionality, setup, configuration, and operation of the voting system,' as well as a list of programmers responsible for creating the software. That's not possible for Diebold's machines, which use Microsoft Windows, Hanna said. The company does not have the right to provide Microsoft's code, he said, adding it would be impossible to provide the names of every programmer who worked on Windows."
Hmm... Good point.
Hey Diebold, don't let the door hit you in the ass on the way out!
(Not that state regulators which didn't require a voter-verified paper trail up front have qualifications for anything but a prison cell, but hey...)
Tired of Political Trolls? Opt Out!
now if the other 49 states would do this too...
Politics is Treachery, Religion is Brainwashing
..... the only state with such a law? If not, how common are laws like this?
This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
Diebold forced out of North Carolina.
"Under pressure to comply with State Law, Diebold insead chooses to leave the field to its competitors."
"Piter, too, is dead."
Let's tick this off:
*You are unwilling to
*You do not find it feasible to
*You find it technically impossible to
list the code in and programmers of your mission critical software that could have effects of the national security variety. The first? Maybe just greed. The second? Probably not a good sign. The third? If these people aren't getting the hint, something is seriously, seriously wrong here.
ACs are modded -6. I don't read you, I don't mod you, I don't see you. Don't like it? Don't be a coward.
This is why Microsoft Windows is not a good choice for embedded systems. System designers should choose an unecumbered system such as Linux or BSD, particularly if any kind of security is required, like for voting or banking.
:)
It suprises me that Diebold fails at this stuff so badly, considering how they've been doing it for years. I cringe every time I roll up to an ATM with their name on it. Luckily, my bank uses mostly NCR hardware
Exactly how is this a threat? It's like terrorists threatening to take their ball and go home.
GreyPoopon
--
Why is it I can write insightful comments but can't come up with a clever signature?
I don't fault Diebold for being reluctant to move forward given the language of the statute.
It seems to be clear that the intent was to have the actual source code and not just a copy of the software. Also, it isn't at all clear if that means the underlying platform or just the voting application on top of it, but why take a chance. And really, what would be the point of having access to half of the software stack?
Either the state of North Carolina really doesn't want a windows based voting solution or they are accidentally sending the message that "no closed source solutions need apply".
In either case poor, misunderstood Diebold may have to take their ball and go home. I think we can all agree that given their track record, this is a good thing.
In response, Diebold has threatened to pull out of North Carolina.
How can Diebold "threaten" to do something we want them to do anyway? That's like my boss threatening to give me a $1 million raise if I don't show up for work.
Should Diebold pull out of North Carolina? Quick, to the voting booth!
Creative misinterpretation is your friend.
Diebold wants to sell the government voting machines ... for a democratic republic vote ... in a "free" country ... and as part of the deal the boxes have to be open to review and audit ...
:-)
Now they don't want to have people reviewing the boxes (what are they hiding?) and as a result of a judicial ruling they won't sell them anymore?
To rephrase my understanding of it: They are threatening to stop selling something we don't want?
Am I the only one perplexed by this? Maybe they're using the threat of lost jobs to sway the government to use their half-ass voting boxes? I'd rather see a dozen people out of work then an entire nation subject to false democracy [well put aside the fact that there isn't any democracy anyways...].
Hey Diebold, why not sell the boxes up north? We could use all the help we can get getting rid of the Liberals here
Tom
Someday, I'll have a real sig.
Yeah, as I guess you seem to know, and for everyone else's benefit, the story about the release appeared to subscribers in the mysterious future, but apparently was pulled/delayed.
Something must be very wrong if the supplier is threatening the customer. What happened to the free market? If Diebold don't want the business, I'm sure another enterprising company will appreciate it.
Bogtha Bogtha Bogtha
The company does not have the right to provide Microsoft's code, he said, adding it would be impossible to provide the names of every programmer who worked on Windows
Um, yeah, complete dodge. Of course they don't mean to turn over windows code.
For the real reason I'd suspect he doesn't want to show the code: blackboxvoting.org
put the what in the where?
It is possible that they'll have to pull out of North Carolina as well- or have to tell us the names of every programmer who worked on Windows as well as release the source code.
I wonder if Linspire will offer licenses to replace Windows boxen there?
SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
I sense a great disturbance in the electorate... as if millions of voices cried out in... No wait, I'm confusing that with millions of voices not giving a rat's ass. See ya, Diebold.
Help save the critically endangered Blue Iguana
Can we get a law like this in my state now?
I am sure Microsoft has a listing of ALL programmers who have contributed to Windows programming (kinda a requirement for legal reasons, and ISO certification, if I remember correctly.
So, lets take a different stance. Say Microsoft was not part of the equation. Since the OS is windows, all software run above windows is required to disclose. Why is that impossible?
nah. I think that its just a bunch of trippe, trying to evade a level of accountability that they do not want to have to adhere to. Afterall, what if (not saying it will) but if something happened? it would litterally mean the end of Diebold.
And you thought listing all the developers who worked on Windows was hard....
TPJ - Founder, The Amazon Basin
This is yet another example of the techno-ignorance of our countries politicians, which is slowly eating away at our countries potential to remain at the forefront of technological advancement.
.... oh.... wait.... they must not have thought that one out either...
In other news, congress passes law requiring phone-tap ability on all VOIP conversations which occur over the internet, including all MSN Messenger and AIM voice conversations, xbox live conversations, skype
This is simply a situation where closed source software is not the best tool for the job. Diebold is more than welcome to submit an open source solution, or play the the crybaby-going-home-and-taking-my-toy-with-me game.
My only question is how far down do these legal requirements go? If the operating system the voting software is running on needs to be open sourced, what about the hardware firmware? Does it need to be open source as well?
Comment removed based on user account deletion
If Microsoft is responsible for 99% of the code on a voting machine, (i.e. the OS and underlying libraries - basically everything Diebold didn't write), you really can't guarantee that an attacker won't compromise the system by targeting his attack against the 99% of the code that can't be examined.
Under such a circumstance, if I were on a standards board for voting equipment, (and assuming further that I was more interested in the integrity of the voting process than the kickbacks my bosses would be able to get for ensuring that certain vendors won the process), I'd take Diebold's "threat" as a "promise".
Diebold makes great bank machines - because banks aren't trying to provide authentication and anonymization at the same time. That's a fundamentally different problem than voting, where you have to provide an accurate and anonymous count. If Diebold hasn't figured that out in the 5 years since 2000, they never will. Please, Diebold, just go. This is not a market that needs your services, and you've already spent more trying to capture it than you'll ever be able to milk it for.
Any chance the Catholic Church was behind this?
I'll be here all week.
Hey, Diebold, mshaft may be providing the base windoze warez, but aren't YOU doing the add-ons and customizations? Stop trying to BULLSHIT the judge. Since WHEN was mshaft in the ATM and voting machines software development/customization business?
Sheesh...
word image: shames
(and, how appropriate...)
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
Linux and BSD would suffer from the same problems. Could you conclusively and accurately list the name of EVERY programmer to touch the code? I doubt it. The projects have evolved so far, and in early days didn't use source code repositories and logs.
God, Southerners have the coolest names.
fuck em, let em pull out if they don't like the law they AGREED to abide by. next!
I develop from the CPU up all the time. Cry me a river.
It's a VOTING SYSTEM. Not the space shuttle.
..don't panic
Afterall regardless of the software used,
the hardware might be designed to ignore software instructions
and give a different set of voting results.
To start with getting the names of all the people that worked on windows should be trivial as any competant IT department should be able to provide a list of all checkins made to the RCS system. Secondly if I were bidding on a contract that had some sticky requirement that I could not get around say for example I sold manufacturing equipment in Europe which is 220V but I desperately wanted to break into the US market I would not be able to get the contract then turn around and argue that the requirements are too strict and I should be able to sell them 220V equipment instead of the 110V equipment required in the US. What Dibold is doing is equivalent in my opinion to the latter. They got the contract and now they're unhappy with the requirements. Maybe they should leave NC as it would send the message that you must provide what you were contracted to nothing more and nothing less
It should reach the front page thanks to a kind editor by saturday or sunday.
This new strategy of Asynchroneous Informations (or ASYN-IN) has been devised in order to lessen the load on the various servers and enable the Fark, SA and Diggs guys to crash'n burn servers before slashdot is even aware of said servers' existance
"The way we can tell it's C# instead of Haskell is because it's nine lines instead of two." -- wadler
please pull out of california as well. and any other state you do buisness in.
make our states safe for democracy. or at least make it slightly harder to change election results.
Hopefully Diebold will start using Windows Live on their next voting systems, I want to see the latest propaganda and mudslinging about the politician / law I'm voting for!
It is so simpel to solve. Trash the flawed system and move to opensource.
In order to form an immaculate member of a flock of sheep one must, above all, be a sheep.
(this is on topic in this thread ;)
bravo! there was a DUPE coming about release 1.5 of firefox, and they have pulled it off! For the first time ever I'm aware of dupe which didn't appear!
#
#\ @ ? Colonize Mars
#
Man was she ever pissed off. She threatened to cut it off so I didn't pull out of Carolina and we've both been happy ever since.
Nice tits too.
Isn't anyone going to come to their defense here? C'mon; there's gotta be someone that likes them and thinks they're being treated unfairly.
;-)
(But not me; I'd just suggest that hiding the inner workings of voting equipment should be considered prima facie evidence of intent to defraud the public.
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
Who do I support the government or a corporation?
People who bite the hand that feeds them usually lick the boot that kicks them
I don't think they want the code to Windows disclosed, just the code to the voting software.
Diebold is making a big stink and blowing everything out of preportion by saying "OMFG, we can't possibly realease the Windows code"... blah blah blah...
The real issue is that Diebold don't want to release the code for the voting software they wrote, Windows has nothing to do with it.
I knew I would see the anti-Diebold and anti-Microsoft propaganda from this crowd. But Diebold was a valid point. Let's say some other company, let's call them GNUVote, makes a voting machine. It's based on Linux and OpenSource code.
Under North Carolina law, please provide me all the developers who were responsible in the development of this code.
I didn't think so.
The law is simply impractical. There is no way to obtain a complete list of all developers whether it's for Microsoft Windows or Linux. In the case of a vendor running windows (which is possible, Windows can actually be pretty well hardened), the vendor wouldn't be able to meet the requirements of the law, anyway.
So then what? Back to paper and pens?
Good riddance, I'd say. One down, forty nine to go. Maybe the 2006 elections can be fair afterall.
.nosig
it's quite obvious that a company like diebold, with rather vast resources, simply doesnt want the code verified for it voting and manipulation abilities. it is well documented that a variety of backdoors exist within the system including simple ftp access to raw data, and the ability to change it at will by any user. couple that with a nonexistant paper trail or the ability to verify the code does what they say it does. anyone actually recall the huge difference in exit polls and actual count? it was so off that cnn stopped reporting on exit polls, which have a high measure of historical accuracy. so much so that exit polls are used in new voting democracies to determine vote fraud.
i for one do not welcome our new data enabled overlords....
Because when they want you to submit the source code for "everything" needed to run your app, you can blame Microsoft and avoid any questions about the code that you did get away with using for one election -- an election which was "delivered to Mr. Bush" as promised by Diebold executives.
Gee, that would be such a shame if that were to happen. I mean, North Carolina needs voting machines that are compromised by design, made by a company that has a vested interest in who wins the election, right?
Oh, whatever is North Carolina to do without voting machines made by an upstanding company like Diebold? Why, their voters might have to use the old paper ballot system instead! The horror!
Please stay, Diebold! Only a good rigged election can give us confidence in democracy!
Use 'slashdot stuff' in the subject line in any email you send me if you want to get past the spam filter.
Ok, now that I have that off my chest
Since the state is responsible to ensure that voting is fair, transparent and auditable, it makes good sense to make this code open source. I'm not arguing over a specific license - for the purpose of this discussion copyright is not important : only that anyone who wishes to ensure that their consitutional right to vote has been properly administered is able to do so.
This reminds me of the debate over opening the source code on the breathalizers in Florida...
In my opinion, anything that the guv uses should be open source, excepting areas of national security (i.e. where some piece of code gives direct knowledge that shouldn't be handed out ... like missle launch code maybe?)
If you think imaginary property and real property are the same, when does your house become public domain?
Windows CE source code is availablei censing/WindowsCE.mspx
http://www.microsoft.com/resources/sharedsource/L
With Windows CE, "OEM customers worldwide can create and distribute commercial derivatives of the Windows CE 5.0 operating system source code for shipping in commercial devices without notifying Microsoft or sharing their derivative works with the embedded community."
as well as a list of programmers responsible for creating the software.
If they were using Linux, do you really think they could provide a list of programmers? I mean come on think of the thousands upon thousands who have contributed, many times without mention...
-everphilski-
Other posters are making a lot of hay over the responsible programmers portion of the statute - obviously, if you need to list everyone who contributed code that would tend to be impossible (although a few projects could probably comply.)
However, I'm fairly sure that you could meet that requirement with a list of the *responsible* programmers - i.e., the people in charge making decisions. Thus, you don't need to list every programmer - the person in charge of your particular embedded system fork ought to be sufficient.
The good and new comes from no quarter where it is looked for, and is always something different from what is expected.
For the love of god, don't advise them to port the software to $OSS-OS (linux) - least you give OSS a black-eye when they fail...
The State Board of Elections has told potential suppliers to provide code for all available software and explain why some is unavailable. That's not enough of an assurance for Diebold, which remains concerned about breaking a law...
The problem is, it looks like Diebold cannot follow the letter of the law, because they use Windows (and possibly other third-party proprietary code). The State Board of Elections is implying that this won't be a problem, but the law itself isn't entirely clear, and a judge could easily disagree with the Board of Elections.
Sounds to me like input from the state legislature is needed. Did they intend to ban any voting machines that use proprietary third-party software such as Windows, or did they intend to only require the source code and list of programmers for Diebold's own additions? If the law as written doesn't make this clear, then the law should be modified for clarity.
The law requires a list of programmers, as well as the source code. Can you come up with a list of everyone who has ever contributed code to a Linux distribution such as RHEL? Maybe, but it wouldn't be a lot of fun.
Of course, if they clarify that proprietary third-party code is OK, what's to stop Diebold from forming a subsidiary to create proprietary code and licensing it back to Diebold, so Diebold can claim the whole thing is licensed from third parties and therefore not subject to the requirements of this law? I'd be happy to see North Carolina require completely open source software on all electronic voting machines used in the state, and other states follow suit.
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
Elections in America are no longer a domestic matter. The consequences this particular country's elections can be felt to the remotest corners of the civilized world. Open up the Diebold's code so everyone can be sure there are no world domination attempts going on behind the scenes. Or, move the damn thing to Linux. That would solve atleast half the problem, isn't it?
I wasn't aware anyone had written voting software for the xbox 360 yet?
liqbase
Actually you could disclose the hardware pretty easily: use an FPGA-based open-core CPU.
That's just the thing - there hasn't been that kind of control in the "early days" of the kernel development, and with other various tools that are essential to running linux there is often little version control that is implemented.
-everphilski-
Since when did paper and pencil use Windows?
I live in North Carolina, and I've always voted with a paper ballot. I question how much of the state this is really going to affect.
Yet another fine reason to avoid using proprietary software made by a criminal monopoly. Can't provide the legal specifications for all the code you're providing. How wonderful.
Smell that? That's sarcasm.
I thought I recall MS getting all in a huff when the windows source code appeared all over the net. SO Diebold should have no trouble giving out that source code, it is already available.
Could you imagine listing the names of anyone who has contributed to Linux, FreeBSD or any other large open source project?
This law seems to be overly narrow.
..."all programmers responsible for creating the software", I mean.
Depending on the definition of "the software", and how rigorously you wanted to check for tampering that could include:
* the Diebold application programmers
* the compiler programmers (persumably Visual Studio and related tools in this case)
* any third-party library programmers (drivers for custom voting boxes, maybe?)
* the operating system programmers (various Microsofties)
* BIOS programmers (low-level tampering might not be impossible, I dunno)
* CPU microcode programmers (really low-level tampering might not be impossible, I really dunno!)
and so on. Could an OSS solution provider actually give a full list of all the contributers to all of the sensible entries in the list? (Assuming the last two are kind of a joke, depending on their technical feasibility for which I have no idea)
At the very least, Diebold should be providing their application source code to the court. They could lob the ball into Microsoft's court for the OS, at least...
Game dev and music blog
They also haven't gone far enough. If you take their argument to it's logical conclusion then they also should cough up the microcode for the CPUs they use, the software for device drivers, the embedded code in the modems they use, and so forth.There's no reason to stop with the Windows source code. Keep on going!
I think North Carolina has them scared.
I did not RTFA, but if companies are required to put their software in escrow and note everyone who has contributed code, who has the list of everyone who ever contributed code to Linux? Not their online alias, not their email addres, but their actual name. How about other Open Source applications?
Maybe it exists, but it seems like it would be much easier for a closed source product such as windows to come up with that information.
And more suspiciously, why are they threatening to leave instead of complying as much as possible? The court (i.e. ruling judge) should be able to apply the law in such a way that Diebold discloses all of their code, and then any remaining proprietary code from other vendors can be handled with those other vendors. Or is it that Diebold has something to hide? If their code really is secure, and actually does what they claim then they should have no problem showing everything they legally own. There really isn't anything that should be a trade secret about vote tabulation. I, for one, think it's disgusting that any US company would actually do the country such a disservice by trying to obfuscate for profit a product which is meant to facilitate the practice of democracy. Honestly, the whole board should be deported for conspiring to commit vote fraud. It would trivial to prove their innocence, simply release the code. Any other excuse smacks of dishonesty. In matters of government the appearance of impropriety should be treated as impropriety until/unless demonstrated otherwise.
-- I'm not a pessimist, I'm a realist. It's not my fault that life sucks so much. --
It is my understanding that this is a fairly common requirement for government contracts involving software. Diebold should have been aware of such requirements before competing for the contract. I mean, when the government's actually being responible and not just handing out plums to favored campaign contributors.
Hell, they're probably not even going to audit the code. They just want to protect themselves if Diebold goes out of business, or loses the contract on re-bid or something. I mean, sure, they can potentially audit the code, but I haven't heard of such a thing ever happening. It's about support and fixin' bugs an shit.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
The law is simply impractical.
You nailed it on the head. And actually in this case Windows has a better shot, technically they could go back through tax and medical records to fish out missed employees, Linux doesn't have a paper trail. Either way it's a law that's reaching too far. The source code should be sufficient.(and then the company is held responsible)
-everphilski-
I usually "pull out" after fucking someone too.
If someone says he and his monkey have nothing to hide, they almost certainly do.
The may not want to be identified.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
The source for Windows? This may be impossible to meet with any OS on the planet. Does anyone have a list of every programmer that worked on Linux? What about GCC? ls? Every device driver that Linux has?
What about the BIOS that the machine is using? What about the microcode in the CPU?
I am all for Open Source but this standard may just be impossible to meet.
Maybe they should make it the Application. Or just require the source code?
If you can get past the microcode and the requirements for all the programmers names I guess you could build a system with a Linux bios running Linux or BSD.
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
"if it fails to disclose the code behind its voting machines as required by law. In response, Diebold has threatened to pull out of North Carolina."
I fail to see the downside of this?
All states should start requiring voting machines to be open source, and when Diebold doesn't comply because it's rigged, they can be banned without discriminating against the company specificly. Well done SC. Has SC ever been the leader in a good way for laws before?
Additionally, all electronic voting must come with a paper ballot that goes into the backup ballot box, and should be visible to the voter before it goes in. You might need to have the voter hand shove their paper stub - but printing ballots on site might introduce other problems.
Saskboy's blog is good. 9 out of 10 dentists agree.
And for which OS would providing the names of every programmer be easy or even possible?
~~~~~~~
"You are not remembered for doing what is expected of you." - Atul Chitnis
{
$sys$Republican;
Democratic;
}
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
if (partyA_bribe > partyB_bribe) {
winner = partyA;
}
else {
winner = partyB;
}
I mean come on, how much programming do you need to build an appliance that counts button presses. This isn't rocket science, it's counting. My son is 3, he can count. A computer should be able to count a lot more.
Oh, you want to network them so they all count TOGETHER? Like a classroom FULL of children. Ok, go make something and call it tinyTCP, now you can ALL COUNT TOGETHER.
Oh, you have to provide all the names of everyone? Now we have privacy advocates fighting with freedom of information types... It's NCarolina, let 'em shoot it out.
Do not meddle in the affairs of sysadmins, for they are subtle, and quick to anger.
Note: I have been working on voting integrity issues in North Carolina for a little while now, and advised the committees that drafted the bill in question.
The state passed a pretty comprehensive election reform bill, which included the provision that all vendors must hand over all code that runs, is installed on, or is otherwised used in the operation of the voting machines. No if, ands, or buts.
Our State Board of Elections did not like this. They want paperless voting machines, and badly. Like a six-year-old that's been told to clean up its room, they're dragging their feet on enforcing these (and other provisions). When writing the Request For Purchase (bid requirements), some staffer added a "clarification" that the vendors only had to hand over "available" software, and simply explain why they couldn't hand over the rest. In other words, "Here's why I'm going to be breaking the law today."
Lawmakers were not happy. The SBOE, however, didn't particularly care. They didn't see a problem with only handing over a portion of the code, and wanted to interpret the law as loosely as possible.
Diebold pointed out that "available" was different than "everything", and actually got a restraining order that prevented the state from suing them for not complying with any of the new provisions of the law. This case essentially overturned that ruling, saying "Uh, no, you actually have to comply with the law." Technically it says, "Ask your lawyers for legal advice, not the court, we're not going to pre-judge the law before there's an actual conflict (i.e., you actually get sued for violating these provisions."
So Diebold is going to take their ball and go home, since they would actually have to play by the rules. Oh well.
On a side note, I didn't see any evidence that Diebold actually tried to get a Shared Source license from Microsoft, which would actually let them escrow the code. Maybe Diebold didn't actually want to escrow, well, anything?
Imagine that.
-jdm
based on? Besides, sensationalism is the name of the game. Journalism will be a foot-note in American histroy.
Quack, quack.
They needed the names of every Microsoft developer to write the code to steal the 2004 election?
I had no idea..
One could create an OS just for voting machines.
You could Fork an open OS, rip out all the non-relevant bits call it LxVote v.1 and then declare that you take responsibilty of the code.
In effect making you 'the developer' of the product you release.
This is what they are really looking for, who has looked at this code,and who is responsible if it doesn't count right.
There are sone OS"s where all the developers are known. GOTO springs to mind.
The Kruger Dunning explains most post on
The reason they are talking about microsoft and windows is to avoid complying with the law. They are intentionally doig their own thing and delaying giving otu the source code. Lame really but its standard court procedings in which the lawyers are doing everything possible to avoid judgement and action.
Move along.
http://saveie6.com/
Diebold, die!
"You'll get nothing, and you'll like it!"
Hmm... Good point.
Could be that Diebold is hiding some illegal stuff (probably stealing other people's ideas or code) and don't want to be found out. Just a thought. It's obvious that North Carolina is only asking for the source to the stuff that Diebold itself developed, not third parties like Microsoft. The Windows defence is just a lame strawman, IMO.
A computer security expert from Finland will try to demonstrate that machines made by Diebold are vulnerable to hacker attacks and can be used to manipulate election results.
n av=1kgl
/ 11/29/BAG8TFVC2M1.DTL
http://www.kcautv.com/Global/story.asp?S=4164929&
it has bee postponed
http://sfgate.com/cgi-bin/article.cgi?f=/c/a/2005
Diebold is one evil company, at least when it comes to voting machines. Read all about it--but mostly not in the MSM. I really hope they get caught and nailed for their vote tampering in the 2004 election.
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
The Gore campaign and the democrats is reportedly behind Diebold and windows. They claim without a "hanging chad" excuse they will need crashing voting machines.
"Waaaagghghggh! It's too hard to create voting-machine software that provides the possibility of verifying the security of the code, or fixing bugs in the case of a problem. We did it wrong the first time around, despite the fact that this application practically DEMANDS security and trasnparency. Now we don't want to fix it..."
That's about what Diebold is saying, right? Good riddance to them...
For the record, I agree that the "list all the programmers" requirement is fairly unworkable. I imagine the intention was to be able to determine blame in the case of an intentional backdoor in the code...
When voting with paper ballots, there's a documented process of what happens to your ballot, where it goes, and who counts it. An election monitor could trace the path of an individual ballot if needed. The same should be a requirement for any electronic voting system. It's crucial that there be a way to verify that any individual vote cast got added to the final tally.
My bicyles
You just have to look at the git history.
.... :-)
Now, trying to get Windows history....
And include all the anti-virus vendors used
And the inevitable virus authors too....
don't use linux, there are otehr OS's where the developers are known.
"The law is simply impractical."
it may be difficult, but worth it in my opinion.
"There is no way to obtain a complete list of all developers whether it's for Microsoft Windows or Linux."
I ahve my doubts. for example, MS should have all the records of every employee. If no place else, then in tax records.
I thought a list of people who submit code changes was maintained with Linux?
Doesn't matter since there are smaller embedded OS where all the developers are known. Or diabold can write there own OS.
The Kruger Dunning explains most post on
Diebold's statement that they "can't possibly provide code, or list Windows programmers" is not really the issue here.
Yes, the software runs on the Windows platform, but that's not the code that the State
is *really* looking for here. Clearly what the State *really* wants to know is: HOW THE
FRIGGIN CODE THAT TALLIES THE VOTES WORKS!
And furthermore, how the systems are CONFIGURED, firewalled, backed-up, secured, etc. How
events are logged, and how permissions and admin priveleges are controlled.
Diebold should be held in contempt of court for deliberately trying to obfuscate the
discovery process. At no point since the election has Diebold been remotely forthcoming (s should be its obligation to the American people) with information about the function, security and reliability of its systems.
The State of North Carolina should not only eject and fine Diebold -- but they should seize Diebold machines and undertake a LEGAL REVERSE ENGINEERING PROJECT to determine the exact function of all Diebold's systems.
Then we can watch Diebold slowly sh*t their pants.
------ The best brain training is now totally free : )
North Carolina will be better off with out Diebold. Persoanlly any state will / would be better off with diebold. I'm floored there wasn't an investiagtion already into the (rigging) of machines the last two times. Yea when bush was elected and re-elected. I wish The US government had such law. But then Election fixing wouldn't be possible.
...a frustrated North Carolina could not be reached for comment....
(Thank you Chevy Chase!)
In NYC, whenever I spot an ATM being serviced, I discreetly check out the hardware. Very often it's a PC, with the touchscreen wired via USB or some other means. Often I see a MS Windows interface when it's in "service mode."
Some of these ATMs use the default Windows "asterisk" system sound as audio feedback for certain keypresses, and system shutdown sound for cash dispense, etc.
In a word, these are not very secure-looking ATMs. There's word in NYC that one type of identity theft occurs with these cheapie ATMs, usually found at bodegas and your local korean deli. I steer clear of em.
O lord, bless this thy holy hand grenade, that with it thou mayest blow thine enemies to tiny bits, in thy mercy.
North Carolina threatens honest elections!
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
Lets be serious here...THE POPULACE DOES NOT GIVE A RATS ASS ABOUT SOURCE CODE!!!!!!!
Now that that's said and done, I believe that the voting system can be either closed or open source, but what really matters is when the law comes in and asks for source code a company should exonerate itself by giving the source code. On the flip side, if its closed source, they should also have the right to protect their intellectual property. It's a tricky situation, but with a little social responsibility closed source software might be the way to go.
Always remember, its closed source software that feeds your kids.
"C++ is to C as Lung Cancer is to Lung"
Wouldn't surprise me if there was some flaw in the code that allowed miscalculation or manipulation of votes.
Hmmm...
We have secretly replaced these Slashdot mods' sense of humor with a rusty nail. Let's see if they notice!!
The company does not have the right to provide Microsoft's code, he said, adding it would be impossible to provide the names of every programmer who worked on Windows
Well, he's right.
But the State could require MS to do so, or, because Windows is so "off the shelf" they could say the OS doesn't matter, just place their (Diebold's) code in escrow...
For Diebold to automatically assume that THEY must supply the Windows code is just being disingenuous and obtuse...
Goofy, Geeky Gifts and More!
The two CEO's of the two voting machine companies are brothers. The one for Diebold states how he will deliver Ohio to Bush with his machines. When asked for the blueprint of how his machine works he goes off saying how he can't provide Windows source code (much like the GOP tried to reframe Murtha's speech to mean "leave in five minutes" as opposed to in "six months") to make the request seem impossible and ridiculous. Doesn't the U.S. government already have all the documentation on Windows anyway? I am pretty sure that they have the source code to Windows for our intellegence agencies to exploit.
... That mean North Carolina State Government is free of any machines with M$ OS on them? Using the logic cited in the article, it would seem to imply that.
Prof. Farnsworth - "Oh a lesson in not changing history from Mr I'm-My-Own-Grandpa!"
Craete a list of the reason why this is good.
Contact your govener, members iof the press.
Work at it, it can happen.
If you mean "Can we get this law to magically appear while I sit here and watch cartoons? then No.
If you can find out who sponsed the law in North Carolina, they might be able to point you in a good direction to get started.
Also, if you find a professor that specialize in politics at a local university, they might be able to help you out.
Think, Act, Succeed. In That Order.
The Kruger Dunning explains most post on
The next step is to recount the Ohio, New Mexico, et al votes from last November.
(As if that will ever happen!)
Diebold has fought kicking and screamin any examination of the code or internals of their systems. If its so damn good they should be more than happy to provide this information. Instead they have filed lawsuits, used the DMCA IIRC and strongarm tactics that would make Bill G blush.
Let em pull out, someone is obviously getting screwed. Keep in mind tho that pulling out aint good birth control.
Sick of stupidity? http://www.patentlystupid.com
that explains the wind moving across my plant in Charlotte today!
As a North Carolina resident, my response is "If we could only be so lucky!"
Diebold Won't Provide Source Code U.S. Won't Let Go of DNS List goes on... In most of these cases, there's something dirty going on underneath; it's obvious theres always a hidden agenda or why else would they protest so much?
Don't use windows.
Although they do keep the cold out sometimes.
Speaking is NOT communication
As a resident of NC I will be glad to see them go. We had several instances of ballot fraud last year and need a system that works. I know it will upset all the liberals on /. , but most of it was done by Democrats. Kind of like being in Chicago.
Professional Politicians are not the solution, they ARE the problem.
to unleash my $89 linksys WRT54G Voting Machine.
Runs a fully open OS. Code audits are welcome.
Just need to learn how to turn off the wireless vote fixing circuits now.
(that and the user entry/display/paper-ballot-that-goes-in-the-box parts)
The truth about Led Zep should never be told on
Maybe they are using this to buy time while the fix or clean up their code.
So are you saying it is possible to list the names of every programmer who worked on Linux?
Who gives a rats ass about "a list of programmers" when you can see the damn code? Talk about a red herring, dumbass.
[Rant]
I am a Citizen and an Elector (member of the Electorate) in the US. That puts me at the TOP of the pyramid in the election process. In the US, the Electorate is Sovereign. Where does Diebold or any other corporate entity get off trying to dictate how elections are held? They act like they have some god-given right to make money off of the process. Fuck that! They have a right to come grovelling, hat in hand, and ASK if maybe, just maybe, we might want to use some equipment they want to sell. We get to set the rules about how elections are held, not them.
My county uses optical scan ballots and ballot box readers. If a precinct shows some sort of wierd result, the elections commissioner, in the company of plenty of witnesses, pops that sucker open and looks at the ballots. End of problem.
I frankly don't give a damn if results aren't available until Wednesday morning, or even Friday. They aren't certified official for weeks, anyway. The only difference early results make is who gets hammered for what reason at what post-election party.
There is nothing more important than the election process. All legitimacy of the government flows directly from it. Diebold has no fucking place dictating any damn thing about that. Paper ballots work. If they are slow and more costly, that is a small fucking price to pay for legitimacy.
[/Rant]
Some mornings it's hardly worth chewing through the restraints to get out of bed.
We all know what the law is getting at. The sensible interpretation for what code to disclose/escrow is all code that is not otherwise available in the marketplace which takes care of the subsidiary thing. This means that Diebold doesn't have to escrow Windows or Windows CE, but *does* have to disclose proprietary code written *for* them by anybody, along with all the code Diebold has written that builds/integrates the 3rd-party code into the product.
Well, apparently, you only have to fool the majority of people for a little while.
but maybe you could... if you get started on that freedom of information act request right now.
2 1337 4 u!
I am not a fan of Diebold because they donate funds to the Republican party and I see this as a conflict onfinterest, any company that writes these voting system should be completely open to the public and should not be allowed to have anything to do with political parties and that also includes members of these companies doing private donations
"The most dangerous creation of any society is that man who has nothing to lose." - James Baldwin, American author
...
...
if ( vote.party == DEMOCRAT ) {
vote.register(race, REPUBLICAN);
confirmation.print(race, DEMOCRAT);
} else {
vote.register(race, vote.party);
confirmation.print(race, vote.party);
}
I see no point in voting at all when its done the diebold way. Do you know what Dieb means in german?
I mean its so damn obvious that its funny.
curley, moe, and larry.
Putting something in escrow doesn't disclose anything. The WHOLE POINT of escrow is that it uses a disinterested third party to hold on to something you do not want to reveal/give away, but that the other guy won't let you maintain exclusive control over because it gives you too much power.
SW escrow is used all the time for hugely important packages (gee, does voting qualify?), where the purchaser needs to ensure that he can gets his mitts on the code if the vendor decides to go belly up. It is by no means limited to government, and is not at all unusual.
Hint to an enterprising reporter: find out if Diebold is party to any escrow agreements for its ATM code. I bet they do.
Apparently you've never heard of the RIAA or MPAA huh?
== www.FreeBSD.org == The Power To Serve. ==
Good, I hope they do walk away. Then they can be replaced with open source software, primarily GLPed code so there will be transparency in how votes are counted, registered, etal. Closing the voting process with proprietary software has been an asinine action from the git go.
My karma is not a Chameleon.
Drug dealing ruled illegal in North Carolina, drug dealers threaten to leave North Carolina.
The grass is always greener on the other side of the light cone.
It is my understanding that this is a fairly common requirement for government contracts involving software.
Approved COTS vendors (like microsoft) are usually exempt.
However, the contractor is usually required to provide documentation (including source code) for customizations - like the vote tallying software, and OS configuration, security templates, etc.
Methinks Diebold is warping the truth somewhat to make it sound as if the law is unreasonable.
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
Check out the latest changelog on kernel.org. In it you'll find names for patch authors and commiters, as well as a description of every change made to the kernel.
Obviously, not every piece of software included with your generic GNU/Linux distribution will provide such detailed information. But, we're talking about an embedded system - far less software is required when compared to a "generic" distrobution. For embedded systems, a paper trail like this is easy.
Yeah, those do ring a bell -- they're all examples of authoritarian communism, not socialism -- though there are similarities. Welfare, social security, now those are brands of socialism.. not that they seem to work well, either. But socialism might work, and giving examples of systems similar to it in some way or another does not mean it will fail. And appeal to common sense is a fallacy.
I don't think closed source software should qualify for copyright protection unless their source code is in escrow (with e.g. the Library of Congress at the publisher's cost) to be released at the end of the copyright term. Without the source code, you should only be afforded Trade-Secret protection.
And voting systems need transparency
I have come to a conclusion that one useless man is a shame, two is a law firm, and three or more is a congress -J Adams
California has a similar law requiring the source code involved in voting machines. Diebold was cited or fined or something for having serviced election machines and changing out the software on them to something that was other than what had been submitted. So, an election was run on unverifiable source.
I still say the best solution is to ditch all voting machines and their software because it's cheaper to count elections by hand.
Start Running Better Polls
I have a question and maybe i just don't know enough but instead of handing out contracts to private companies why couldn't they use some programmers from the army or some other government resource? I am sure there are some great minds working for our gov't that could do it instead of some private comany.
Slashdot...home of the hackers
It's true that getting a total list of programmers in an open-source system would be impossible.
But as a practical matter it's impossible to name all of the Windows programmers either. The court wouldn't expect that of Diebold any more than they'd require a total list of Linux programmers from an open-source voting project.
What Diebold could easily do is name their own programmers.
Except there's no way in hell they'd want to do that.
In 2002 Diebold bought Global Election Systems, which became the Diebold Election Systems unit. Global was founded under another name in 1988 by Norton Cooper, Michael K. Graye and Charles Hong Lee...all with damned interesting resumes (footnote 1):
Norton Cooper - jail for a year mid-1980s for fraud against the Canada government; ordered out of stock pitch schemes and was part of the collapse of the Vancouver stock exchange - ordered by decree not to pitch stock after 1992 or so because he caused havoc every time. Written up by Barron's and Forbes as a "hazard to avoid at the golf course". First convicted of political corruption in 1974 - look up a Canadian case titled "The Queen v. Norton Cooper" 1977 Canadian Supreme Court.
Charles Hong Lee - stock schemes; Cooper's partner pitching deals. Defrauded Chinese immigrants, $600,000(Can) court-ordered restitution mid-90s. Sold "real estate" which was actually the bail for the third partner below to the tune of about $300,000(can) circa 1995ish.
Michael K. Graye - nailed for stealing $18mil from three companies in the '88-'89 era, caught in '94, jailed in the US for stock fraud around '94 re: Vinex wines, released around 2000 - 2002(3?) in the US, brought back to Canada, still in jail there. Arrested for tax evasion and money laundering circa '94.
Those three in turn hired even more "colorful" staff:
John Elder was a cocaine trafficker, in a WA prison early/mid 1990s...fellow inmate was Jeffrey Dean (see next entry). Handled ballot printing for Global late 1990s. Seems to have been the one to bring Dean into Global.
Jeffrey Dean was convicted early '90s of 23 counts of computer-aided embezzlement. He was a computer consultant for a large Seattle law firm and defrauded them of about $450,000 in what US courts called a "sophisticated computer-aided scheme". In a statement to Seattle PD, he claimed he needed the money because Canadians were blackmailing him; in that country, he'd gotten into a fistfight and the other guy had died. (Yes, I've seen the police report.) He joined Elder in the Global ballot printing business late '90s, and with Global's introduction was doing computer consulting with the King County WA elections division - they had no idea of his criminal record. By 2000 he was doing programming for Global and by early Oct. of 2000 he was a full employee and lead programmer for the GEMS vote-tally product still in use. By late Oct. 2000 and shipping in time for the November election, GEMS ver.1.17.5 contains the first "double set of books" problem where all votes are recorded twice internally and don't need to match...long story but it apparantly hides some forms of vote fraud. At the time Diebold bought Global in 2002, Dean quit and was immediately hired back as a consultant via management decision made within the division. This appears to be an attempt to keep Dean's criminal past out of Diebold corporate head office's scrutiny.
At the time Diebold bought Global, Dean owned 10% of Global's stock.
We don't know how many other lower-level progammers within Global/Diebold have criminal records. It's rather obvious that Diebold sure as hell doesn't want us finding out.
Footnote 1 - see also "Black Box Voting: Ballot Tampering In The 21st Century" by Bev Harris, esp. the "Diebold" section at the end of Chapter 8. Free PDF downloads can be found at: http://blackboxvoting.org/
When it comes to individual rights, I thoroughly disagree with the argument which runs, "Why should you mind the police searching your home unless you have something to hide?"
But when it comes to the State, and it's employees, (like Diebold), the same logic is quite acceptable.
Let's all remember, the State is there to serve the public, not the other way around. At least, that's how it's supposed to work.
Thus, non-compliance with the most basic and rational doctrine, ("You must let us see how your voting machines work"), means to me that Diebold is hiding the fact that their machines are indeed faulty, and almost certainly deliberately faulty.
I'd love to see this break wide open, and have the journalists see the light and revolt against their Zionist-neo-con-Christian-brain-washed overseers, and publish the story far and wide. And then put Bush and his crew and the entire ruling elitist segment of the populace into prison. But I don't really expect this.
The most we'll see is a scapegoat being hung out to dry while the parade of evil continues.
The best way to resist is to do it on a personal level. Shine brightly and follow your internal compass as best you can. Defy The Lie. --Living in such a way will affect others in an ever-expanding ripple effect.
-FL
Does anyone know why a voter-verifiable paper trail isn't required for all electronic voting equipment in every state? The only attempt I've heard by Diebold to explain why they are against it is cost, but if every mfr had to meet that requirement, it would be a cost they would pass to the consumer (at a profit). And given that these machines cost thousands of dollars, we're not talking about a very expensive feature here. If increasing cost by a few percent is the only reason anyone can give why they don't want to implement a solution that will make all concerns over government requirements, public confidence, intellectual property, and security melt away, then I'm pretty sure that reason only exists to mask a more sinister reason.
I call BS. This is not a sudden an arbitrary demand made AFTER the company was in business with the state, but a PRECONDITION spelled out during the bidding process.
...could not be reached for comment.
Find environmentally and socially responsible products on http://buy-right.net
I volunteered to be an election judge for Onslow County during the recent November elections, and it was our first time using electronic voting in this county. We didn't use diebold, but instead turned to Hart IC and their eSlate system.
And I have to say... electronic voting is not yet ready for prime time. The HartIC units were probably the best of whats available, but still came up short in ease of use, design, and redundancy. I still have my receipt, and that's one thing I did like. My vote was linked via a unique pin number at my specific ward, but the pin did not uniquely identify me.
This is one area where I believe the OpenSource community has an opportunity to jump out way ahead by developing low-cost f/oss hardware software solutions. With a network of conscientious coders and some low cost hardware, I think it's possible to produce voting machines for very little.
Oh, and a word to diebold: don't let the door hit you in the ass on the way out. I watched your crappy hardware screw up votes in Gila County, AZ. I watched thousands disenfranchised by your substandard product in Cartaret County, NC. I will sleep better knowing you're not screwing up anything in the other 99 North Carolina counties.
I actually worked on the Windows CE port for the Diebold voting machines (I don't work for Diebold however). I think the line between "disclosed" and "undisclosed" is not really that fuzzy. Their entire application is fair game, as is the Board Support Package, the hardware-specific kernel code and the drivers that run on the board. It's true that Microsoft ships a lot of their Windows CE code as libraries, but it is actually available to developers for reference.
www.arkhambrewingcompany.com For all your Lovecraftian T-Shirt needs
ok, how about, regarding Diebold "pulling out", errrr..., "SCOTUS interruptus"?!!
Votes are different - no one winds up able to complain or to really even audit because of the secrecy. Instead we have to make sure that the system is as imprevious to corruption as possible. In practical terms that means low-tech and decentralized.
And North Carolina doesn't like it one bit.
#drums#
Thank you I'll be here all night
"(I) have this unfortunate condition that causes me not to believe a single thing any politician says when a mic's on.
and I'm not kidding. well, maybe a little.
Insanity: doing the same thing over and over again and expecting different results. Albert Einstein
Off topic I know, have mercy.
useless sig advice - Read Nabokov.
The Electronic Frontier Foundation intervened in the case on behalf of a North Carolina voter, Joyce McCloy. Which I believe pleased Diebold no end.
d. (Disclosure: I work for EFF. What's more, I would be overjoyed if you joined us)
the day that my state (washington) forces me to use electronic voting only (i am purely absentee), is the day i walk into the election location and smash all the voting machines with a sledgehammer, and anyone that gets in my way.
it is obvious that our democracy has been subverted into getting a monkey into office who probably never "honestly" won an office in his life. Diabold, et all are simply a bunch of criminals.
whatever happened by treason being dealt with by a firing squad????
Ok, aside from being a convicted felon who comitted the very kind of crimes one should be worried about someone pulling in this situation... Usually, rational people being duly diligent about security would not trust someone who had anything in their background that would make them succeptible to BLACKMAIL.
This is some sort of goddamned perverse JOKE, RIGHT?!!!
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
why they can't hire some people to custom-write some software to do this is beyond me. It'd probably end up cheaper and more stable
Although the development tools are $1000 (if, for some reason, Diebold didn't already have them) licenses for Windows CE run between $3-$12 a machine. Unless the voting machines cost less than $100, cost is hardly a consideration.
Windows CE, besides making the GUI programming easier, also uses the same API as pretty much every version of Windows since 95. Anyone who's programmed anything at all (for Windows) can instantly apply their skills to CE.
Maybe there are pre-existing drivers for some of the hardware they are using as well (network, flash memory cards).
Exactly. There are drivers. Tons of them, in fact. Almost any programmer can write a Windows program - how many do you think can create a secure implementation of Internet Protocol in machine language?
Kinda makes you wonder what Diebold expects North Carolina to pay them for when Microsoft did most of their work for them
Err... Microsoft didn't. They wrote a program for Windows to tally votes, just like any other program out there. Valve spent years developing Half-Life 2, and pioneered new technologies such as HDR along the way. Because they released it for Windows, too, did Microsoft do "most of the work" for them, too?
I do fault Diebold for one thing, though. The law that pretty much stated they had to release all their source was around before they started developing the machine. Yet, they made it for Windows CE, whose source they cannot turn over to the Government because they didn't write it, it's not theirs, and they don't have it. How did they fail to anticipate that this could potentially be a problem?
DATABASE WOW WOW
That's not possible for Diebold's machines, which use Microsoft Windows,
Interesting. Maybe it's not the Supreme Court deciding elections that we need to be worrying about... Maybe this is another reason why Diebold is so resistant to voter-verified paper trails.
Flying is easy, just throw yourself at the ground and miss. -Douglas Adams
Fortunately for banks, if the ATM equipment screws up and the customer can prove it (with receipts, etc), the banks have exposed themselves to lawsuits.
Having had my entire account emptied and overdrawn because the bank screwed up with security and I provably didn't, I can tell you: the bank doesn't expose themselves to lawsuits if they screw up with your money.
In real life, you are entirely at their mercy. You can forget about getting any compensation for the time, headaches, late fees, and other costs resulting from their mistake.
If you make yourself enough of a nuisance and jump through their hoops, you may get your money back and if you're really lucky, you may even get out with your credit rating intact.
Either way, they'll just eat the loss; they'll just raise their fees a little. Loss due to fraud is just part of the banking business.
As North Carolinian, let me say: w00+!
I took an interest in Diebold's software, particularly GEMS, a while ago. I took the opportunity to have a play with it and found some quite scarey results. I wrote these results up and posted them on a webpage that includes photos. See http://www.ucs.louisiana.edu/~isb9112/election/ The short version is that it is incredibly easy to switch votes from one candidate to another. Rest assured, this is not just some wierdo crank thing, I am a real professor. I have even had a paper based on this work accepted at refereed academic conference which took place at UC Berkeley. Problems such as those illustrated are almost certainly the reason why Diebold doesn't want to release its code, other technical difficulties notwithstanding.
If they're acting too stupid to inderstand the question, should they be allowed to write such important software?
;)
And NO, I Don't mean Windows
Privacy is terrorism.
WinCE does not always come with source. I'm taking a 5 minute break from WinCE debugging right now.
The voting software is probably not that complicated, and would work on Wine or ReactOS. Only the driver for those card readers may need extra work to work in Wine or ReactOS.
The code that Diebold wrote is clearly relevant. A standard off-the-shelf operating system, as well as the standard off-the-shelf supporting libraries, is clearly much less relevant.
If Diebold supplied their source code, a list of their programmers, and a list of exactly what libraries they used, and which versions of the libraries and operating system, I'm sure nobody would complain. What they are doing here is trying to avoid disclosing any of their code, by the argument "we can't show you 100%, so we obviously can't show you any at all".
In other words, Diebold are being idiots. No surprises here.
We all know what the law is getting at. The sensible interpretation for what code to disclose/escrow is all code that is not otherwise available in the marketplace which takes care of the subsidiary thing. This means that Diebold doesn't have to escrow Windows or Windows CE, but *does* have to disclose proprietary code written *for* them by anybody, along with all the code Diebold has written that builds/integrates the 3rd-party code into the product.
:-)
Sounds good to me. Now the law needs to be changed to actually say that.
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
I don't know of a single state that will harbor criminals from another state.
They can run....
http://www.bbvdocs.org/dean.pdf
...and you'll get about 350 hits, so this is real well known among people paying attention to this stuff.
http://www.bbvdocs.org/elder.pdf
There's their criminal records.
Mention of both are extensive in the various online databases of Global/Diebold's internal memos between 1998 and early 2003. Go google:
"Jeffrey dean" diebold
To be fair, at the time Diebold bought Global Dean was moved to consultant status, possibly to avoid the Diebold corporate background check. They damned well know about him NOW of course ever since Bev Harris broke the news.
Look, Global was based out of Vancouver BC. Bev and others have gone up there to talk to current and former employees...a LOT appeared to be "coked up" or talked about rampant drug abuse up there. If what we're hearing is anywhere close to accurate, Global acted like the set of a John Belushi movie or something.
Trust me on this: ain't no WAY Diebold will want to publish lists of programmers.
Notice how Diebold talks about source code escrow as the issue in NC? It's a red herring. Diebold does source code escrow in California no problem.
The issue is the programmer names. Major-grade doom involved.
When it comes to governmental structure and voting, we fall behind Americans in a lot of ways:
- our Senate is appointed for life
- our executive branch is a subset of the legislative branch
- overrepresentation in Quebec and the Martimes and underrepresentation in the west means that poor areas can vote governments to steal from richer areas
- anybody who isn't a candidate or a media outlet is legally barred from actually spending _any_ money whatsoever campaigning
However, as Canadians line up for the polls January 23rd, we can be happy with one thing: our paper ballots will be counted and scrutineered within 3 hours, and the results will almost certainly by known by 1am in B.C.
I see a judge hauling Diebold back into court, and refining his order to clarify it...so that the numbskulls at Diebold cannot obfuscate any longer.
In NC, each county has been able to choose what voting system to use, as long as it meets certain state requirements. For example, here in Raleigh, since the early '90s, we've used paper ballots that are optically scanned . In Charlotte, they use touch screens. Out of 100 counties, the majority are optical (48) and direct record electronic (DRE - 40). A few counties use punch cards (6) paper ballots (3) and some still use the old lever voting booths (3). There are over 8 different manufacturers used, Diebold being used in 20 counties, most of them small.
In the 2004 election, some of the smaller counties (don't recall which) had lost votes and other discrepencies, so this legislation was passed in August mostly a result of that.
"Our system is built on code from so many people we wouldn't even be able to name half of them, let alone verify their competence, integrity or motivation. Hell, we can't even see what they actually wrote in the code! Even with countless cases of faulty software in the past, were trusting our system solely on the base of Microsoft so we can use their widget set, networking stack, memory management and device support - all of which are vital components to our system."
This comment does not represent the views or opinions of the user.
One down and 49 to go.
Little known fact: the source code for WinCE is fully known to the hardware vendors.
.NET stuff they stopped doing that but I could be wrong.
:).
It's unique among Windows versions in that it's not a finished product - each hardware vendor has to finish it for their own weird gear. WinCE was made to run on hardware that is NOT industry standard, everything from PDAs to TV set-top boxes.
Up through CE 3.0 you could download the entire source code from Microsoft's website. I think once they included the
At the central vote tally box, the Diebold GEMS central tabulator runs on top of WinNT/2000 series so they can't put THAT source in escrow.
Fun fact about GEMS: not only was convicted embezzler and admitted murderer Jeffrey Dean in charge of development for at least a couple of years, the program icon is a hoot. It's a fist holding a globe, basically a day-glow-colors version of the corporate logo for Dr. Evil in the Austin Powers movies
We should prowl around Diebold HQ looking for midgets, bald cats and sharks with unusual head prosthetics...
Jim March
Black Box Voting (staff)
I say let them leave North Carolina, just as long as they leave the code behind. Oh and a viable address in case of a subpoena - which is probably why they dont want to let people see the code. I also understand theyre not too keen on divulging their email or memos either. One could say theyre not to fond of paper overall.
In software all you really need is trade secret protection for the source code and your build process, and copyright protection for the binaries. Unless you have a license like the GPL that explicitly spells it out I don't think there's any legal connection between binaries and source.
hmm, I expect that NC can distinguish between the "voting code" and the operating environment it's running in.
then again, some MS lobbying sure made MA roll over and cry for mama
Diebold is up for pardons anyway, I expect their owed a few "favors"
People are talking around here like the source code to Windows is the Holy Grail of computing.
0 5240.html
It isn't.
If you look here:
http://www.windowsfordevices.com/articles/AT27502
Microsoft is fully willing to disclose source code when it is important to them. Seems to me that holding Windows Source code in escrow isn't that hard.
Moreover, I'll bet Microsoft maintains programmer logs in its CVS...er... Visual Sourcesafe library so they know who coded everything.
Has Diebold even asked MS?
Lets not confuse the issue; Windows isn't the issue -- What Diebold puts on their kiosks is the issue. Period.
You were mistaken. Which is odd, since memory shouldn't be a problem for you
"The shared source license is not even close to equivalent to source escrow."
So has Diebold, or NC, or anybody from the government gone to MS and said "If you want to be used in election machines, we need to escrow the source code". I'll bet no one has asked yet.
Put the ball in MS's court. Let *them* make the decision, not Diebold.
You were mistaken. Which is odd, since memory shouldn't be a problem for you
HA, NCR hardware makes Windows look like a perfect choice. I had an NCR machine once. I had to reload the OS 27 times over the first year, as the mother board was swapped out 7 times, the power supply 3 times, the hard drive twice, the floppy cable once (damaged by the tech fixing the Hard drive). The BIOS was "upgraded" 7 times. The backup device never did work. (Oh, and it wasn't a Windows or a DOS box either!) I was the guiena pig they used to try out the fixes to the problems. In another building a couple of miles away, they ended up swapping out parts of over 100 boxes for the same problems.
Given the choice, I'll take a Windows box with hardware by someone other than NCR over an NCR box EVERY time.
Just give what you can... Enumerate everything that goes into the code:
MS Windows version XYZ, Programmers: W. Gates, et. al unknown parties. Source code: Unavailable, provided by 3rd party vendor, to wit, Microsoft.
Diebold Vote-a-matic 2000 version ABC, Programmers: Bob, Jim, Joe, Terry, Samantha, etc... Source Code: See attached files.
What's the problem here? Anyone going to court over this bullshit would say "ummm, it's MS Windows, the same thing that crashes your computer, have you got the source to *that*? No? Next question...
They're trying to weasle out of complying, and should be thrown out of the state as fast as they can get rid of these asshats...
One would presumably have to use an open source microkernel, and build your program (with a GUI and printing system) on top of that. In fact, I bet it would be possible to write such a program in a hundred lines of code or less. No network access, only source of input a mouse, only source of output a monitor and tape printer. Then open it to the world and let the eyes of millions of geeks examine it. Don't release binaries, make states compile it themselves. That's as secure as it could ever be.
The real tragedy is that Diebold Voting exists at all. It's not hard to write a safe voting program at all. You could probably assign it to CSE12 students as a final project. Design:
1) Read in a text file containing the prompt ("John Kerry vs George Bush" or "Prop 17 Yes/No?") with possible answers ("John Kerry", "George Bush"). The state could randomize the text files to avoid the bias from whose name comes first.
Start main loop
2) (Optional) User types in ID number (of one sort or another)
3) Iterate across all options, Show Questions & Answers in simple GUI, store selected answers in array.
4) Show a screen confirming all answers ("Kerry vs Bush: Kerry", etc.)
5) Print ballot on physical paper containing the above. (Optional) Also encode data in bar code form for ease of reading results. (Very Optional) Also transmit data to voting HQ for fast reporting of results.
6) Clear array
Loop
Person examines the printed slip, and if correct drops it in box. If not, just goes through the voting process again.
It would be impossible to tamper with because all points of possible hacking can be defeated by the simple fact you get a physical slip that is human readable by the voter. If your slip says "Scott O'Neil voted for Justin Timberlake for best Rap Performance" instead of "Josh Flint voted for Chyna for most attractive female of the year" then you immediately know that some haxx are going on. All the other forms of reporting (electronic and bar code) are just there to speed the process. It is trivially easy to verify if the paper results from a place match the data sent by modem, or if the barcodes have been hacked to not agree with the human readable format.
The entire concept of having an electronic voting process that does not have human confirmation is just broken. Running a closed source peice of software made by a shady company that may or may not be actually storing onto disk / transmitting over the network what you thought you punched in, is just incredibly wrong. Incredibly, amazingly wrong. And even after all the hacks people have found for it, so many states have switched to it, it's appalling.
Sigh... if I keep talking about it I'm going to run out of synonyms to express my confundity.
NC took exactly the right step here. If Diebold can't run because it's on Windows, so be it. Windows is incredibly dangerous to be used in voting boxes, anyway. My lord, man, what if an election official listened to Celene Dion on a voting box? Sony would take over the world!
he's right. (and I have no mod points)
Ian Ameline
From my experience the pull out strategy doesn't work as well as advetised. You always leave something behind and don't know until it's too late and it comes back and begins asking for an allowance.
this nation, under God, shall have a new birth of freedom. -- Lincoln, Gettysburg Address
I mean, when the government's actually being responible and not just handing out plums...
Wait a minute--does that actually happen?
This sig is neither interesting, nor humorous. Including meta-humor.
binaries are a derivitive work of the source.
Snowden and Manning are heroes.
The integrity of the election process is critical to a democracy, and in my book trumps the proprietary interest of voting machine vendors. I am all for opening the design of voting machines to public scrutiny. If escrowing Windows code poses a problem for Diebold, maybe they should discuss it with Microsoft. I have no idea how inclined Microsoft is to help them out in that matter. If Diebold doesn't want to comply with North Carolinian law and wants to pull out of the market instead, it's their choice and I respect that.
You wouldn't want their election to have a pregnant chad!
This would be election control.
Care to tell me what exactly is wrong with the lever based voting machines that New York has used for the last 40 years?
I can't speak as to the specific policy details you gave, but as for lever-based voting versus e-voting, that's easy: there are few people who are aware of the issues and risks involved in e-voting.
The reason there was so much outrage on Slashdot over the entire move to e-voting (and Diebold's work in particular) was the large number of technically informed folks on here who actually understand the rather limited benefits of e-voting and the significant risks.
In the general public, there are relatively few people who could mount an informed argument for why e-voting is a bad idea. So there isn't much opposition to e-voting or Diebold's work. An official that has approved spending on something probably isn't going to want to criticize it (unless he can pass the buck to Diebold, which is why there is so much criticism of relatively minor issues in Diebold's actual implementation, rather than of e-voting in general). Diebold, of course, has every incentive in the world to get their fingers on the piles of tax dollars available for funding e-voting. The general public tends to get a vague warm and fuzzy feeling associated with anything with "technology" in its name.
I can't think of a good fix. Maybe a couple of high-profile example scenarios run by information theory or security researchers with some press attending demonstrating various flaws in Diebold's approach, focussing on points that will play out well in the news.
Any program relying on (nontrivial) preemptive multithreading will be buggy.
I've seen some fed types talking about the same thing, and I was able to talk them out of it by imagining compliance; Like, now you're getting periodic updates for all of the code. And you're maintaining the repository and recompiling everything, right?
Like, how do you REALLY know you're fully current unless you compile and run all possible options?
Idiocy, really.
that they got selling this poorly documented system that is not responsive to state law. to do otherwise is interstate fraud.
if this is supposed to be a new economy, how come they still want my old fashioned money?
Why stick with paper? The worlds largest democracy with 10 times the number of voters can successfully go electronic, why cant america!
My Aurora : http://www.youtube.com/watch?v=o91ZsGwJYyg
FB : https://www.facebook.com/TanveersPhotography
With a crew like this, anybody's going to look good in comparison.
Unless of course the opposition can get more money into a slush fund.
Proposition XX for the establishment of voters' rights and electoral rules would get defeated as if by magic.
Proposition YY for the levying of taxes and duties (with kick-backs to Diebold of course) would get passed as if by magic.
Taxation with out representation is what founded the good ol' US of A.
Well, not any more...
This sucks... They're letting these guys play 'hide the salami' up their asses.
I would BAR these guys from running ANY KIND of a business; never mind one with such implications as election tallies.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
on http://www.langtolang.com/
Dieb : burglar
Dieb : pilferer
Dieb : theft
Dieb : thief
Dieb : thieve
Dieb : filcher
I think its hilarious.
Now to get a rifle, a bucket of tar, some feathers and lets ride them out of the country on a rocket ship. 'Chutes are NOT required.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
Forgive my naivete, but couldn't one determine something at least close to the full list of contributors to a project by writing a script (Perl seems like a good candidate for the job) and some regex-fu to parse all source control logs/mailing list archives/etc. and collecting all e-mail addresses and names that are listed there? Why would this be "impossible"? Yes, it might take some massaging of the data set, and some disk space/cpu grunt, but it seems like that could work, yes?
"You keep using that word. I do not think it means what you think it means."
Does that mean they're currently fucking north carolina?
Furthermore, it is emerging that the version of Windows CE used by Diebold is both heavily customized and full of dynamically loaded libraries. As a result, there are strong grounds for the conclusion that the operating system is not unmodified commercial off the shelf software (COTS), and that with this extensive use of dynamic linkage, we cannot even tell if the system being run on a particular voting machine resembles the system that was disclosed in the configuration documents submitted with this system when it went through the FEC/NASED approval process. http://www.cs.uiowa.edu/~jones/voting/dieboldftp.h tml
Diebold and other ATM vendors say they're "hardening" the installations of Windows they ship with their ATMs by disabling unnecessary services and ports and removing files that support peripherals http://www.computerworld.com/networkingtopics/netw orking/story/0,10801,89119,00.html
Diebold patched the Windows CE operating system in Georgia:"Williams does acknowledge, however, that a month and a half before the November election, he worked with Diebold to apply a patch to the Windows CE operating system. The voting machines run on version 3.0 of Windows CE, he said, and they patched it to correct problems they were having with the system" http://www.votescam.com/Patchelections.php More about how we beat Diebold and the fight for Verified Voting in North Carolina here at http://www.ncvoter.net/
And much thanks owed to the Electronic Frontier Foundation for representing us in this case. http://www.eff.org/
Really? What's the big deal if they pull out?
I am sure that there will be an other company to provide similar product, which can comply with this vital piece of legislation.
Does Diebold - or any other software company - really believes that the most vital democratic process can be allowed in a "black box"?
Hey, we need folks in Onslow county. We told the Election Director, the local paper, and the county commissioners that Hart Intercivic machines were crap and they wouldn't listen. I also warned them that the law required paper ballots, which they didn't seem to know. We need a good advocate in that county, because they don't know what they are doing. The Hart Intercivic is a piece of crap, also uses Windows, caused huge undervotes with it's DREs in Catawba County. Huge. Also, it's optical scanner will wipe out entire contests on multiple ballots if there is a speck of dust or piece of lint on the scanner screen. This results it gigantic undervotes as well, and can only be corrected by hand counting the paper ballots, IF someone will request that. If you are willing to help, please go to http://www.ncvoter.net/ and click on the yahoo group button on the right. Thanks for your information.
North Carolina has every right to fire Diebold. Diebold is severly biased for Republicans and against Democrats.
Diebold modifies the hell out of Windows CE for the voting systems, and applied a software patch to it just immediately before the 2002 Georgia elections.
Another thing - NC's rfp process is being overseen by the same Diebold employee who directed the installation of 22,000 Diebold machines in Georgia. No wonder the RFP differed from the law.
I think that you are mixing the kernel with all of "linux". The 100000's of coder who have contributed is spread all over the work (perl, ruby, kde, gnome, etc). The kernel (and compilers, core libraries) is significantly smaller.
I suspect that nearly all coders have been recorded (but may not be easily reached).
I prefer the "u" in honour as it seems to be missing these days.
The "TOP of the pyramid in the election process" is clearly the courts, followed by the party currently in power in your area, followed by the two major parties in general, followed by the media - then maybe you. Maybe.
Remember, the government has the right to conceal whatever it wants from you via classification, to lie to you (check out the court decisions), to toss out your ballot if it does not like it, (and on and on and on). And of course, to toss you in secret prisons without notifying anyone, and without court review.
Letting Diebold manipulate (er, "run") the elections is relatively minor as these things go.
I'd like never to see another Ohio 2004 in my lifetime.
Retired from software... maybe. Sort of.
For once I can take pride for living in North Carolina.
Yeah, I've heard that.
I swear to God, this company needed hardware capable running something like visicalc and an OS less demanding than the Palm OS. A little custom stuff programmed here and there, maybe in India if they are really cheap bastards, and you have a transparent, simple system. If anyone wanted to hack it, they would have to figure out the goddamned thing first. Security through obscurity isn't the answer, but it has its uses.
Firefox didnt pull out, now there's jizz all over the Back button
As far as I can see, this is not about Diebold being (fairly or unfairly) ordered to release a damn thing about Microsoft's software. This is about Diebold not wanting to release Diebold's software, and that is all. (Either that, or Diebold is totally ignorant on computer architecture, in which case I don't want it within a million lightyears of a voting machine.)
If we were to assume that ALL software - every last bit - had to be released under these orders, then the only way to do so would be to build from hardware on OpenCores and to have LinuxBIOS (or something like that for another F/OSS Operating System) as the sum total of all BIOS support on the system. Clearly it is possible, as I've supplied the links necessary to do it. I doubt it would be considered reasonable, from a legal standpoint, though.
Demonstrably, then, a total publication of ALL software and software-related material was not what was intended, which means Diebold's move has nothing to do with inability to follow the directives but rather has more to do with an attempt at blackmailing the State government.
I guess the next step would be for someone to take Diebold to court, for Diebold to make their (provably false) remarks in court and for the plaintiff to rake Diebold over the legal coals for it. Lawyers are smart. If there any lawyers on Slashdot, could there be any way of presenting an argument that deliberate FUD, when under oath, constituted perjury or contempt of court?
For that matter, nobody likes being taken for a ride - or even believing they have. The danger of FUD is that it is two-edged - particularly when the public are daily being fed reports of scandal, bribery and corruption from people in authority. It would be easy enough, if anyone had the desire, to use Diebold's own FUD and the current media epidemic to have Diebold branded so deep the PR scars will never heal. That is the danger of such weapons - they can turn against those who wield them.
Diebold, IMHO, is in an extremely vulnerable and dangerous position - whether there are any security flaws in their code or not (and we're all pretty sure there are). If we want provably honest electronic voting (and there are ways to do that), then now is the time we need to take the battle to them. Not just between geeks, but to those who haven't a clue as to what a BIOS is. If there's a way to force Diebold through the courts to give the REAL reason for the withdrawl, it might shake faith in them. Particularly if that reason includes security flaws.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
...A frustrated North Carolina could not be reached for comment.
...and it's crap.
Seriously, the technician's interface is a POS, the coms lines are problematic and my company used to get 14300% more service calls to Diebold ATMs than another brand we used.
We ended up ditching Diebold, because we simply couldn't afford the service costs.
I used to have a hard time believing Diebold could build worse equipment than their ATMs, but then I looked into the voting machines...
Actually you could disclose the hardware pretty easily: use a pen on some paper.
Maybe it's just me, but whining about Windows just sounds like a cop-out to me. What the judge wants is the code that Diebold wrote. Diebold is just trying make excuses so that they don't have to turn over their code. It has nothing to do with Microsoft.
A little like a rapist threatening to pull out?
Next time I break the law, I simply move elsewhere! Then they can't sue me anymore, can they?
Whatever it is they were smoking, it was some heavy stuff.
Assorted stuff I do sometimes: Lemuria.org
i loe it when companys make "threats" to walk away from customers. good fuck off, i call there bluff. they will never give up a market while thier is money to be made. what wankers. and all these comment about not knowing who the commitors are on OSS projects are pure bullshit. try get submit access to any project without them knowing exactly who you are, then come back to me. what can't do it? thought so idiots.
If you mod me down, I will become more powerful than you can imagine....
I used to work for Diebold Election Systems in Ohio and they are the most unorganized and mismanaged corporation I've ever seen. The taxpayer money they wasted on me along was enough to make anyone sick.
It appears that Dean may also be a cartoon character as he only had three fingers on his right hand!
That rule sounds very silly to me. Having to list all programmers that ever worked on an operating system is not just onerous, it's impossible. MS wouldn't release the information if asked, but even "open" OS's like Linux and BSD cant' provide that information. Lots of it was written by students at Berkeley. Whatever you think of Diebold (they seem rather unpopular judging by the responses here), the threat of being sued for not providing this info is daft, and I think that withdrawing from the state is the only thing they can do.
(lifted from The Simpsons episode "Cape Fear".)
Lawyer: Isn't it true that you hate Diebold?
Me (dismissively amused): Diebold? That cute upstart little company that stole the election and sent this country into an economic and moral state not unlike a dark, urine-soaked hellhole?
Cheney: We object to the term "urine-soaked hellhole" when you could have used the term "torture-free patriotic heckhole".
Me: Cheerfully withdrawn.
Lawyer: But what about that tattoo on your chest? Doesn't it say, "Diebold die"?
Me: NO! That's German for "The bold, the".
- First they ignore you, then they laugh at you, then ???, then profit.
And, history will be a foot-note in American NewSpeak Propaganda.
- First they ignore you, then they laugh at you, then ???, then profit.
A person facing criminal charges threaterns to flee, they are remanded into custody.
However when company threaterns the same thing they get lobbied to stay.
Don't you just love capitalism in action!
With this many criminals on-board, why the CEO stated that he could deliver the election to the republicans.
I prefer the "u" in honour as it seems to be missing these days.
ATMs do not need to be particularly secure - customers make complaints and banks do audits. If the cost of dealing with the complaints and audits is less than the cost of the extra security, we'll continue to have insecure ATMs.
Voting machines do not need to be particularly secure - voters make complaints and administrative judges review them and make decisions. If the cost of dealing with the complaints and judicial reviews is less than the cost of stealing an election, we'll continue to have insecure voting machines.
And that's how things stand today, because voting machines are even less secure than ATMs.
O lord, bless this thy holy hand grenade, that with it thou mayest blow thine enemies to tiny bits, in thy mercy.
Shouldn't the headline read "Diebold *promises* to pull out of NC"? As in, when someone says, "I'm leaving, but I'll be back" and you reply, "Is that a promise or a threat?"
Good riddance to bad rubbish!
Diebold was crap since before they got involved in the e-voting field - they also make ATMs, and I understand that a lot of Diebold's ATMs malfunction quite often.
If they can't make a decent ATM, why the Foxtrot-Uniform-Charlie-Kilo should we trust them with our Foxtrot-Uniform-Charlie-Kiloing votes?
Patrolling ftw
On the subject of elections and electronic voting machines, this report, from the US GAO is worth reading.
The comment about a small embedded system above made sense. But still - who are you going to get to analyze it? Some company that is an expert in a) handwritten embedded systems, and b) hand written graphics drivers, and c) hand written database applications, and d) buffer overflow problems, and e) secure code?
I don't see an entire system like this being very reviewable. Simply not the way to find out a problem, no matter how long you sit and stare at it.
It would make much more sense to simply test the machines with an automated testing tool or process, where you know what's going in and compare it to what's coming out. And make sure that the system itself keeps detailed logs of what's going on at every action. The main section of the code I'd check out thoroughly is the logging. Nobody seems to have done extensive hands on testing with these machines. That's the way to find problems in software systems in my experience. Five people could look at the same code in a review, all agree it makes sense, and then have it fail in some small percentage of the time due to an obscure condition.
Personally, I don't give A damn about their backgrounds. But I do care a whole lot about my vote. If Diebold, et.al. can't provide a paper trail of manual votes, then there's something fish smelling at their software offices. Their actions are treasonable, to me.
BTW; Sociopaths don't care what people think, or the next level results of their actions.
Okay, I was with you up until:
Notice how Diebold talks about source code escrow as the issue in NC? It's a red herring. Diebold does source code escrow in California no problem.
If the source code being released (at least to the state, even though it's not fully public) isn't the issue, then I see this as just a bad thing for company. If it's just that Diebold wouldn't want to be embarrassed because it hired a seedy bunch of people, how is that really a thread to the voting public? As long as the source code is ok, it's just a matter of a corporate PR fiasco.
A futher difference is that voting machine agregate results - that makes individual voter challenges very difficult. Hence the need to use a system that is substantially more secure than ATMs.
Two things:
1) Ethics matter when we're dealing with our democracy. If you can't understand that, well...
2) Diebold has a specific history of withholding modified code from the test labs and lying to the labs. There is every reason to believe they'll do the same to the government. See also these files for documented case histories of such fraud against the testing labs:
http://www.equalccw.com/sscomments1.pdf
http://www.equalccw.com/sscomments2.pdf
According to the Register's article, asking that the code be in escrow is exactly what South Carolina did.
"Due to irregularities in the 2004 election traced to touch screen terminals, North Carolina has taken the very reasonable precaution of requiring vendors of electronic voting gizmos to place all of the source code in escrow. Diebold has objected to the possibility of criminal sanctions if they fail to comply, and argued for an exemption before Wake County Superior Court Judge Narley Cashwell. The judge declined to issue an exemption, and Diebold has concluded that it has no choice but withdraw from the state."
Funny thing about the article: That's the second paragraph. In the first paragraph, they talk about Diebold "opening its source code", which isn't exactly what SC has required, except in a most limited sense.
The parent is in two minds about which Carolina it is. It's North Carolina (NC), not South Carolina (SC).
In matters of this sort it seems to me the pragmatic thing to do would be to take advantage of an Open Source solution. I'm not an Open Source Zealot by any stretch of the imagination. However, devices which may be used to tally the votes of the people should be open to inspection by those very people. That inspection must include the underlying code in its' entirety. The only way to ensure that at this time is to utilize a solution that enures all aspects are available for public review.
Of course, if you don't understand that the US is NOT a democracy, but a representative republic....
Much of what people have stated on this thread relates more to what I would think as policies and procedures for handling how the system is designed--moreso than the technical aspect.
:)
With that in mind, you have to consider that there are certain beliefs that we "trust" the voting system of the governemt. You could go into a conspiracy all the way down to the wire that once the paper trail ballots reach a certain point, they are swapped with a pre-determined amount of ballots elsewhere that favor one candidate over the other. There are so many inherent security flaws with all methods of voting that it's ridiculous to expect a 100% accuracy of turnout, ESPECIALLY with a paper system.
For example, the voting place in my neighborhood was a volunteer fire fighter department up the road. I wouldn't doubt that certain "known" party affiliates were asked not to attend, or turned away at the door. This is something we hear a lot about.
Now, the question is this--how do you remedy this situation?
1. For one, you could get the government to design a system of voting based on computers--but nobody would trust that either.
2. You could get a private company to design it, but nobody would trust that either.
While I do feel that Diebold is definitely not the proper company to be dealing with, being very shady and being very.....hesitant to share its designs--the big question is would it stop with diebold? And what would satisfy everyone?
A. For some, a simple paper trail would satisfy them.
B. For others, they want to see the voting software source code.
C. And even the most paranoid would want to see the internal workings of the hardware of the systems.
D. And the MOST paranoid would not be satisfied with any of the documentation given to them by the company because it could all be just a manufactured lie.
Just something to think about