Critical Security Hole Found in Diebold Machines

ckswift writes "From security expert Bruce Schneier's blog, a major security hole has been found in Diebold voting machines." From the article: "The hole is considered more worrisome than most security problems discovered on modern voting machines, such as weak encryption, easily pickable locks and use of the same, weak password nationwide. Armed with a little basic knowledge of Diebold voting systems and a standard component available at any computer store, someone with a minute or two of access to a Diebold touch screen could load virtually any software into the machine and disable it, redistribute votes or alter its performance in myriad ways."

Black Box Voting & The Details

[eldavojohn]

BBV released a a nice guide to how all this works. There appears to be a software access button (bottom of page 11):

The TSx also has an unmarked button hidden in the casing. On the circuit board, this switch is labeled "battery test". The switch is physically similar to many reset buttons, necessitating application of substantial force to press the button, requiring it to be depressed by about 1/5 - 1/6 inch in order to activate the switch. This switch is also software accessible. It is completely accessible for all voters in the standard voting booth configuration. The logic behind the button is unknown, but for an attacker it presents yet another way to interact with the machine, and an exceptionally convenient button switch for an attack designed to be triggered by a voter.

Well, this seems very insecure to me. BBV criticizes the three layer architecture and states that it would be very easy to target it three different ways (at each layer):

- The application can be imagined as written instructions on a paper. If it is possible to replace these instructions, as it indeed seems, then the attacker can do whatever he wishes as long as the instructions are used.

- The operating system is the man reading the instructions. If he can be brainwashed according to the wishes of the attacker, then even correct instructions on the paper solve nothing. The man can decide to selectively do something different than the instructions. New paper instructions come and go, and the attacker can decide which instructions to follow because the operating system itself is under his control.

- The boot loader is the supreme entity that creates the man, the world and everything in it. In addition to creating, the boot loader also defines what is allowed in the world and delegates part of that responsibility to the operating system. If the attacker can replace the boot loader, trying to change the paper instructions or the man reading them does not work. The supreme entity will always have the power to replace the man with his own favorite, or perhaps he just modifies the man's eyes and ears: Every time the man sees yellow, the supreme being makes him think he is seeing brown. The supreme entity can give the man two heads and a secret magic word to trigger switching the heads.

In the world of the Diebold touch-screen voting terminals, all of these attacks look possible.

The instructions (applications and files) can be changed. The man reading the files (Windows CE Operating System and the libraries) can be changed. Or the supreme entity (boot loader) can be changed, giving total control over the operating system and the files even if they are "clean software."

Specific conceptual information is contained in the report, with details and filenames in the high-security version which is being delivered under cryptographic and/or personal signature controls to the EAC, Diebold CEO Tom Swidarski and CERT.

1) Boot loader reflashing
2) Operating system reflashing
3) Selective file replacement

In addition, the casing of the TSx machines lack basic seals and security, and within the casing additional exploitations are found.

The article talks about a "standard tool you can buy at any computer store" and I believe this is referring to a PCMCIA card (what you use in laptops). I guess these are used to boot, upgrade & ready the machines for use. They do not go into detail but I wager that using a PCMCIA card with a USB port on it, you could load your own data from a thumb/pen drive. This would be small and easy to carry in. If you had access to it outside of the voting window, you could potentially use a PCMCIA card that functions as a NIC (probably with RJ45 cable port) to use cross over cable and a laptop for a 'live' attack.

Re:Black Box Voting & The Details

[TripMaster+Monkey]

Making these devices large, restricted to the government, bulky & containing GPS units in the case of them being stolen.

Not to sound pessimistic, but the government is precisely the people we need to protect this machine from. I would think that the only way to address this would be to:

• Hold of on installing the final software load approved by both parties (and perhaps a third, 'impartial' entity) until the device is installed on-site (and bolted down)
  
• Install the final software load while overseers from both parties (and the third, 'impartial' entity) verify the installation and the veracity of the software load via checksum.
  
• Secure the access door permanently (rivets, welding, whatever), and have all overseers affix tamper-evident seals.
  
• Overseers remain present throughout voting, and periodically inspect tamper-evident seals.
  

If an irregularity occurs, the entire process must be repeated and the citizens must be allowed to vote again. This will eliminate the posibility of people just tampering for the purpose of getting the precinct thrown out of the count.

Re:Black Box Voting & The Details

[cgenman]

More Options:

Use a more secure OS. Win CE is not an OS designed to protect the system from the behavior of its users. Linux / Unix / Solaris would be.

Use a thin client. Why allow the user to touch the hardware system they're interacting with? That's always asking for trouble.

Open Source your software. Diebold doesn't sell the software anyway, they sell the system and the support. If they used a somewhat restrictive open source license (no commercial redistribution, etc) they could get some great debugging for very little cost.

Multiple points of data transmission. Send signed partial updates throughout the day, then one big batch in the middle of the night. If anything is different, if any sigs change, you know there has been tampering going on.

Paper trail. Duh.

Re:Black Box Voting & The Details

we could use paper ballots instead?

Re:Black Box Voting & The Details

[fossa]

Install the final software load while overseers from both parties (and the third, 'impartial' entity) verify the installation and the veracity of the software load via checksum. Right... 'cause noone's ever written a program that "erases" all the cheat sheets from their TI graphing calculator. I agree with the other reply. Computer voting is "ooh, shiny" yet dangerously inferior to paper ballots in the ways that count.

Re:Black Box Voting & The Details

[coofercat]

Sort of reminds me about the story of the NASA space pen. It cost 5 million dollars to produce, over many man hours and represents the pinacle of pen technology.

The Russians just used a pencil.

That story may not be true, but you wonder if all this hassle's really worth it?

Re:Black Box Voting & The Details

[maxwell+demon]

Use a thin client.

Bad idea IMHO. This allows another attack vector: Just modify the connection from the thin client to the server.

Re:Black Box Voting & The Details

[Sepper]

I still puzzles me why americans don't use something simpler...

hell, if India (with a BIGGER population) is capable of holding elections without soo much trouble, why can't the US do it?

Re:Black Box Voting & The Details

[Jjeff1]

I'm off topic, but que sera.
It's not true.
Pencils have a problem where the leads can break off and weightlessly float into an eye or nose, or short circuit gear. There was a very nice pen developed, and both USA and Russia used it. But development was funded by a private company.

Re:Black Box Voting & The Details

[Detritus]

That story isn't true, and you would do everyone a favor if you didn't propagate it. http://www.snopes.com/business/genius/spacepen.asp

Re:Black Box Voting & The Details

[HighOrbit]

the government is precisely the people we need to protect this machine from.

Umm...who do you think conducts the elections, the Election Fairies? Elections are run by the local county Election Boards, civil servants and (usually) elderly volunteers. No other method has so far been demonstrated to be more fair or less biased. Your comment is nothing but anti-goverment slashbot pandering and generally ill-informed.

Hold of on installing the final software load approved by both parties (and perhaps a third, 'impartial' entity) until the device is installed on-site (and bolted down)and Install the final software load while overseers from both parties (and the third, 'impartial' entity) verify the installation and the veracity of the software load via checksum.

This is just looney and logistically unworkable. There are thousands and thousands of precinct election sites in any particular state. All of these are temporary sites that act as election sites only once or twice (primary and general elections) per year. First of all, no church or school is going to let you bolt anything to the floor. Secondly, do you know how many technicians you are asking for? Well... lets see.... 3 techs per site x thousands of sites = boatloads of non-existant people. There is alreay a shortage of election workers and volunteers and most of them are very elderly. Now you want all these elderly folks to be computer technicians too. I don't know many 73 year olds who know what a checksum is, and how to check one, or how to install software on even a familiar device like a pc (much less an embedded device like an election machine). Who will this "impartial" third person be? From the county election board perhaps? Refer to your first comment about not trusting the government.

Secure the access door permanently (rivets, welding, whatever), and have all overseers affix tamper-evident seals.

So now we can afford use-once disposable machines? The seals would be a very good idea, but welding the access shut is nuts, unless these are cheap disposable machines (like $20 or less). Screws or a lock with the tamper-evident seal will suffice.

Re:Black Box Voting & The Details

I would like to see extensive testing done on these machines. First, hold a mock election where you get the general public (somehow) to come and vote for arbitrary people. (assuming most people don't think they are actually voting for Mickey Mouse in July) Then, have the machine print out a full report of the voters' choices, make sure each of the voters verifies their print-out to ensure it is correct. Then, doublecheck all print-outs against what is being reported by the machine. If the numbers exceed any standard deviation (which in voting should be 0), slap a fine against the manufacturer and tell them to try again. Repeat until all results are favorable and then repeat periodically to ensure compliance.

Re:Black Box Voting & The Details

[coffeechica]

If I were at all cynical, I'd say because filling out thousands of fake ballots takes longer than tampering with the Diebold machines.

Re:Black Box Voting & The Details

[ThePhilips]

Virtual Private Networks anyone?
SSL/TLS connections?
SSH tunneling?

There are so many ways you can secure communication...

Thin Client will have another advantage is that you would move all security problems to single place - server - single potential point of security breach. Securing single server is magnitude easier task, compared to securing tens of terminals installed around the place.

In fact, such architecture is mandated in many application fields. For example banking and bankomats. You trust it to securily manage you account? aren't you?

Re:Black Box Voting & The Details

[bfree]

They do not go into detail but I wager that using a PCMCIA card with a USB port on it, you could load your own data from a thumb/pen drive.

I have an Epson printer which has a PCMCIA slot and it helpfully came with an adapter for compact flash cards. End result one pcmcia hard disk which would be even less obvious then a usb fob sticking out of the device.

Re:Black Box Voting & The Details

[samkass]

Umm...who do you think conducts the elections, the Election Fairies? Elections are run by the local county Election Boards, civil servants and (usually) elderly volunteers. No other method has so far been demonstrated to be more fair or less biased.

In much of the US, these Election Boards can also double as the campaign managers to one of the candidates (ie. Florida). And I'd like to see the study that shows that no other method is more fair or less biased.

Re:Black Box Voting & The Details

[WindBourne]

Not to sound pessimistic, but the government is precisely the people

For proof of that, check out politics in chicago, Lousianna, Florida, or Texas. All of them have long history of corruption.

Re:Black Box Voting & The Details

[jbr439]

Or instead
- print out a bunch of paper sheets with a bunch of names on them
- have the voter mark an X next to the name that he likes

Re:Black Box Voting & The Details

[blowdart]

Use a more secure OS. Win CE is not an OS designed to protect the system from the behavior of its users. Linux / Unix / Solaris would be

CE is highly customisable, and securable, if you can be bothered, and of course, by default, you're not able to overwrite system files. For example you can remove parts of the OS easily enough. Don't need external connectivity via USB? Take it out of the system. Don't need IRDA? Remove it. Don't need to accept updates to the ROMs? Remove it. In order to secure the device the software could be burnt in (added bonus, no upgrades which haven't been certifed)

A couple of examples; my GPS device is powered by CE, and I can only update the software by using a PC, with activesync installed; updates are delivered as full ROM images, which are signed. Not something you can easily take into a voting booth. I also know of CE software powering medical equipment (scared yet?), monitoring drip pumps and signaling problems. There's no interface there at all, it's protected from everyone. If you want it upgraded, you ship it back.

Re:Black Box Voting & The Details

No. The only way to address this is through paper ballots.

We cannot trust voting tabulator machines.

Re:Black Box Voting & The Details

As I understand it, it has to do with the multiple elections running concurrently in the US.

In Canada, we more or less follow the British way of doing things (as I imagine they do in India), where we vote for a single representative at each of the municipal, provincial, and federal level. Then, all the other people who run things (police chief, judges, etc.) are appointed by their respective levels of government (often by some sort of committee).

The impression I get is that, in the US, a lot of those positions are directly elected. Also, there are ballot initiatives (which, as I understand it, are like referenda, and may involve deciding whether the elected state government can spend some money, or are used by the citizens of the state to proudly announce that they hate gay people). Furthermore, with fixed election dates, all of these decisions tend to be made in one go. So, there may be several dozen different "elections" being decided concurrently at any given polling station. On top of that, consider that even at the state and federal levels, most (all? are there states where this doesn't apply?) Americans are represented by three people: a member of the house, a member of the senate, and a head of the executive (governor/president). Right there, you have three elections where Canadians/Brits would have one.

Also, don't forget that in India, they may have more people, but that also means they should have proportionally more election workers to operate the polls. So, counting the results for a single election by hand should still be pretty quick.

Something that may be feasible for the US would be having simple paper ballots for the state and federal elections. Assuming the three ballots I mentioned above, that would only be six ballots per person, which should still be countable by hand, I think. Then, leave the local elections and ballot initiatives (which most people probably don't follow that closely, anyway) to the corrupt machines.

Re:Black Box Voting & The Details

[HighOrbit]

That is patently false. Election Boards do not serve as campaign managers. I surmise that you are refering to the instance in FL where the Secretary of State, who is an elected official, oversaw the overall state election process.

Re:Black Box Voting & The Details

[Sepper]

Good point. But I still don't understand why the entire system is biased toward electronic voting machine versus optical reading device...
Can anyone explain the enduring popularity of those voting machines despites the numerous flaws?

Re:Black Box Voting & The Details

One would assume, based on his comment that 'That may not be true' that he was not expressing the truth of the story, moreso providing an exaggerated example to help prove his point. So, your comment about how he should stop propagating myths is uncalled for.

kthx.

Re:Black Box Voting & The Details

[langarto]

...approved by both parties (and perhaps a third, 'impartial' entity)...

Please, s/both parties/every party/g

I know that for all practical purposes every western "democracy" is just a two-party system, but you could at least remember that there are more parties that may want to run for an alection.

Re:Black Box Voting & The Details

[Kadin2048]

I assume that in India, the manual labor required to count all the paper ballots is cheaper than it would be in the U.S.

Labor is so expensive here (assuming you don't hire illegals) that there's a strong bias towards anything that's "automatic" or "electronic." People are drawn to anything they think they can 'fire and forget,' that is, set up once and then never have to touch again, and just put their feet up on their desk and watch the results roll in.

That's the allure of electronic voting. You have a bunch of highschool kids set them up and plug them in, then the Commissioner of Elections just needs to sit in his office on Election Day and watch the results roll in; that's the dream of a lot of people, I think, anyway.

The other thing is that people don't understand that computers = complexity. People have been conditioned to think that computers = simple. Thus, it's easy to pull the wool over some idiot's eyes and say "But it's computerized! That means no mistakes! It's simpler, because you don't have any of those paper ballots to miscount or get lost." Of course, people usually just nod and smile at this, and never bother to think that it's a fuckload easier to lose a microsecond's worth of zeros and ones than it is to lose a sheet of paperboard.

But anyway, the simple answer to your question I think is the cost of labor in the U.S. compared to India would make a lot of hand-counting methods prohibitively expensive. The only way we'd probably be able to do that here is if we took all the paper ballots, FedEx-ed them to India for counting, and then had them ship the results back.

Re:Black Box Voting & The Details

[Vainglorious+Coward]

I assume that in India, the manual labor required to count all the paper ballots is cheaper than it would be in the U.S.

Ask for volunteers. It works in other countries. Despite US turnout rates being lower than, say, Afghanistan, there surely must be enough civic-minded citizens to perform the job.

It's mind-boggling that the US system can make such a dog's breakfast of an activity that is simply counting.

Re:Black Box Voting & The Details

[Knuckles]

an anyone explain the enduring popularity of those voting machines despites the numerous flaws?

Yes.

Re:Black Box Voting & The Details

[Knuckles]

I know that for all practical purposes every western "democracy" is just a two-party system

This is completely wrong, and I don't even have to give links.

Re:Black Box Voting & The Details

[jagspecx]

Yes, I agree. Clearly, India has a lock on civilized governmental process.

Re:Black Box Voting & The Details

[freedom_india]

I assume that in India, the manual labor required to count all the paper ballots is cheaper than it would be in the U.S.

India switched to electronic voting machines 12 years back. The last 2 General Elections and about 10 state elections have been with electronic machines.

Only difference: Our voting machines are two part and have an embedded ROM which can store 8000 votes each.

And it costs 1/20 of the cost of a Diebold.

Oh india tried to sell condoleeza the voting machines, but was brusquely turned down.

Re:Black Box Voting & The Details

India has a different class of its own. Anything happens here. Things happen that one never thinks it is possible.

But a security glitch doesn't mean that the USA cannot hold elections properly. Security glitches can happen anywhere.

Re:Black Box Voting & The Details

[Catbeller]

Like the Florida battle, it's not the counting that's hard, it's the people manipulating the process to make it hard.

Where diebold lands, Republicans get elected. And as Texas showed, even Republicans get angry when the machines are gamed to change primary elections of Republicans (more people voting than actually exist).

It'll be hard as long as it elects Republicans. You have to live here to understand how much they hate "liberals", what they'll do to make sure they stay in power.

National bankruptcy might kick them out soon. Hope so. Nothing else will.

Re:Black Box Voting & The Details

[Kadin2048]

How does a ROM store the votes? Is it a WORM type system? Or do you mean that the machine's programming / firmware is stored on a ROM?

That sort of shortsightedness is unfortunate, but unsurprising. At the least we could have bought the designs to the machines. They're probably more open about it than Diebold is.

Re:Black Box Voting & The Details

[rjung2k]

"Can anyone explain the enduring popularity of those voting machines despites the numerous flaws?"

They make election fraud so much easier!

Re:Black Box Voting & The Details

[dynamo]

The US Administration's repeated public insistance on using voting machines designed and marketed by their supporters does mean that the USA cannot hold elections properly. Perhaps it's just that currently they refuse to, though. Hopefully it's not permanent.

Re:Black Box Voting & The Details

[jafac]

National bankruptcy might kick them out soon.

. . . only the ones that don't speak Mandarin.

Re:Black Box Voting & The Details

[JimBobJoe]

Can anyone explain the enduring popularity of those voting machines despites the numerous flaws?

Disability rights groups (like for the blind) are enamored with DRE machines. It allows them to vote privately without any help.

Some places have adopted the obvious solution--for instance, there are counties in Ohio which use optical scan for most voters (and absentee ballots of course) but will have one DRE per precinct for voters with disabilities.

Optical scan ballots also have a high level of non-voting/spoiled ballots. Some voting rights people are troubled by that, and prefer machines, which are much more difficult to misvote on.

In answer to your original question, we in Franklin County had 57 different ballot issues, candidates, referenda, et cetera on the November 2004 ballot. Even on optical scan, that's a lot of paper (and 550,000 ballots were voted.)

Re:Black Box Voting & The Details

[mrcaseyj]

Electronic voting machines have the potential to be much more secure and much less secure than other systems.

Without a paper receipt you are simply trusting the manufacturer to tell you how the election came out. For anyone to claim otherwise is either incompetent or worse. However if the machine prints out a receipt with a cryptographic digital signature, then that would be more secure than anything I can think of. Because it's electronic there will be no hanging chads or half filled circles or debates about what the voter wanted. The election results would be extremely fast. Tampering with paper ballots is within the means of almost any crook, but tampering with electronic machines is limited to elite hackers. One receipt could be put in the voting box after inspecting it for accuracy. Maybe a receipt could be taken home also. Taking receipts home would allow employers and spouses to threaten a voter to vote a certain way and then verify compliance. Perhaps a solution to that is to allow the voter to select a fake receipt from the machine. The receipt could have an encrypted record of the real vote that the extortionist couldn't read, along with a plaintext fake list of votes.

Re:Black Box Voting & The Details

[thedletterman]

"Letting the citizens vote again" is the most unconstitutional thing I've yet to read on this thread. you would have to invalidate an entire election, not a voting machine for this to occur.

Re:Black Box Voting & The Details

[freedom_india]

The firmware is in ROM and the vote storage is a WORM to prevent our politicians from tampering...

The code is vetted by an agency which the Supreme Court directly oversees: Election Commision. The same commission has the power to overrule state and central govt. in ALL administrative areas once elections are declared.

The uneducated politicians in india have long accepted the the power of the EC and the voting machines.

Heck, man, 4 recent elections in one day in which about 12 million people voted was counted in 3 hours.

Re:Black Box Voting & The Details

[TimTheFoolMan]

What many fail to realize is that the nature of the US is that we are a federation of states. Each state makes it's own rules about how elections will be handled, so straight-party-voting is legal in one state, but not in another.

Tim

Re:Black Box Voting & The Details

[Melllvar]

I assume that in India, the manual labor required to count all the paper ballots is cheaper than it would be in the U.S.

Cheaper than free? While I can't speak knowledgeably about the entire U.S. of A (polling issues are handled on a state-by-state basis), I do know that most (if not all) of the poll workers in this country are there on a volunteer basis. Maybe some of 'em are paid a stipend or something ... I dunno ... but I doubt that would make hand-counting any more expensive than buying and maintaining those damned machines. Arguably, it might even be less expensive in the long run.

At any rate, none of the arguments I've seen in favor of touch-screen voting have anything directly to do with the bottom line. Usually it's voter-privacy issues for people with disabilities (who would otherwise need to rely on a "volunteer" to correctly read and mark their votes for them), and language issues for "English-challenged" citizens (who wouldn't be able to read or understand the ballot). The National Federation For The Blind, for instance, has been in and out of bed with Diebold for years over the issue of ballot accessibility.

Re:Black Box Voting & The Details

You believe, you guess, you would wager -- but in fact you have no clue. The BBV guide does not deal with the mechanism referred to by the article.

Re:Black Box Voting & The Details

I know that for all practical purposes every western "democracy" is just a two-party system

You apparently know nothing of any western democracy other than the U.S., with its archaic first-past-the-post winner-takes-all system.

Re:Black Box Voting & The Details

[Cally]

I voted in the UK local elections in the week before last. Walked 100 yards down the hill to the village hall, nodded to the authorities - who was leaning up against his car, parked outside, and chatting to his eight or ten year old daughters, who were hanging around with that universal kids' "I'm boooorrrrreedddd...." vibe... went inside, swapped a piece of cardboard for a square of paper; walked behind a wobbly plywood partition; took the 3 inch stump of pencil (tied to the plywood with six inches of garden twine), drew a big fat X next to my preferred candidate, returned to the equally wobbly table, folded my slip of paper and punted it into the big metal box. Six hours later I was listening to the results on the radio.

Every time a story like this runs on Slashdot someone posts what seems to us (Euro-weenies, Canucks and other dubious foreign types) to be the obvious question "why not use bits of paper?" I've never seen a credible answer to this.

Anyone?

Re:Black Box Voting & The Details

[Cally]

I assume that in India, the manual labor required to count all the paper ballots is cheaper than it would be in the U.S.

Here in the UK it's even cheaper. All polling station and electoral workers are volunteers with the exception of the returning officer, who's paid by the local council. I took part in this back in '87 (when I should have been taking my A Levels :)) and it was a very interesting experience.

Re:Black Box Voting & The Details

[Mr+Z]

Ok, so then in those fake elections, don't send your vote rigging crew in, and it looks like they're fine. Then, in November, rig it. How have you solved anything?

Voting machines should have a paper trail. I personally would do this in triplicate: A receipt handed to the voter, a log in the machine, and then a combined log of all the machines at a polling place. In the event of a recount, you could then go back to the paper logs. Without paper logs, you can only ask the machine to give you the number it already gave you--not very useful.

--Joe

Re:Black Box Voting & The Details

[WNight]

There's a clever scam with any system that lets you take your vote. Person 1 goes to vote and gets a ballot, but doesn't deposit it. He marks it and gives it to person 2 to deposit, and return with a blank. You can't know if the stooge deposits your vote, but you can be sure he doesn't vote against you because you get his blank ballot.

The guard for this is to void ballots when taken. The only path to the voting box is a plexiglass slide from the e-voting machine. The user would, I forsee, slide the paper ballot to a vote-reader machine, which should read the same vote the user entered, and the vote they see in large type on the paper. If the machine disagrees, or the vote has the e-version of hanging chad, you'll see this when you try to scan it.

It's just paper ballots with 1) non-removable/insertable ballots, 2) e-assistance in voting (show candidate photos, etc, to make sure it's the right person) 3) checking with the authoritative machine and only keeping the vote if it's what you want, 4) authoritative human-readable text, not machine-coded mag-stripe

Re:Black Box Voting & The Details

[schamarty]

http://www.schneier.com/crypto-gram-0412.html#11 http://techaos.blogspot.com/2004/05/indian-evm-com pared-with-diebold.html This subject came up before, on cryptogram. I wrote a reply (first link above), referring a pretty nice paper (second link above). Summary: the Indian EVMs are much better, as much for non-technical reasons as for technical reasons!

It's not a bug, it's a feature!

[TripMaster+Monkey]

Considering that Walden O'Dell, chief executive of Diebold Inc., was quoted in August of 2003 as saying that he was "committed to helping Ohio deliver its electoral votes to the president next year", this shouldn't be too surprising.

Re:It's not a bug, it's a feature!

[Professor_UNIX]

The majority of voters in largely Democratic areas in Ohio didn't even use electronic voting machines so this is kind of a moot point. The places where Bush scored highly used Diebold machines, true, but they also had very heavy Republican bases in the first place. This is yet another liberal urban legend people like to spread around that Diebold somehow tampered with the election. Please stop spreading this FUD.

Re:It's not a bug, it's a feature!

If it looks like a goat, smells like a goat, and butts like a goat, it's a goat. You Republicans can keep calling this FUD, but when all signs point to corruption...it's probably corruption.

Re:It's not a bug, it's a feature!

"The majority of voters in largely Democratic areas in Ohio didn't even use electronic voting machines so this is kind of a moot point. The places where Bush scored highly used Diebold machines, true, but they also had very heavy Republican bases in the first place."

I call bullshit on these claims. Show some proof.

Re:It's not a bug, it's a feature!

It's not accurate. In fact, in some predominantly Democratic areas, only a few electronic voting machines were placed, creating lines that people waited in for hours.

So the OP may be sort-of right, most of the machines were placed in Republican districts.

Re:It's not a bug, it's a feature!

[gid13]

1. Do you have any stats to back this up? I am unconvinced by someone saying the word "FUD".
2. Diebold doesn't need to tamper with the election to make using their voting machines a horrible idea. As this article points out, there are extreme security flaws that allow others to tamper, which means Diebold has failed miserably at the goal of creating secure voting machines.
3. Assuming your stats are correct, is it a coincidence that the Diebold machines were installed in heavily Republican areas? Who got to decide on the voting machines/mechanisms used?
4. You say "yet another liberal urban legend" without giving any examples. Do you think there are more liberal urban legends than conservative ones? That would be a very difficult claim to defend. Which is probably why you just put it out there as if it was obvious in hopes that people would just agree. Sadly, this works all too well all too often in the political world. Your post is a couple of undefended partisan claims, and nothing more. If you're actually thinking about anything, please show us what you're thinking. Otherwise you might as well just say "REPUBLICANS RULE! DEMS SUCK! GO BUSH!" and keep contributing to the us and them sports fan mentality that American politics has become. Well that turned into a bit of a rant, didn't it?

Re:It's not a bug, it's a feature!

Whether or not Diebold tampered with the last election is really a moot point now.

The Really scary fact everyone should be walking away with, is the Potential has been shown to tamper with future elections. We've practically been given instructions on how to do so.

Everyone (Democrat, Republican, or Whatever) SHOULD be screaming bloody murder right now to force Diebold to make the machines more secure before the next election. ...we should pass legislation to outlaw the current model of Diabold electronic voting machines, and not allow another to be used until all known security problems have been fixed ...as decided by an independant review board (Preferably composed of former Hackers on the US Government payroll).

Re:It's not a bug, it's a feature!

Right. For the first time exit polls, a statistically sound method of predicting the outcome of the election, diverged wildly from the supposed outcome.

And there were widespread reports of a lack of machines in heavily Democratic districts.

But it's all just an urban legand! Democrats being sore losers! Whiny liberals!

(The cognitive dissonance among rabid Bush worshippers is enough to make one's head asplode.)

Re:It's not a bug, it's a feature!

[Tim+Doran]

Can you back up your claim about the geographic locations of Diebold machines? What about machines made by Triad systems: http://www.truthout.org/docs_04/121604Z.shtml, or http://www.truthout.org/docs_04/121604Z.shtml

The 2004 election in Ohio is a black mark on America's democracy: http://www.whatreallyhappened.com/2004votefraud_oh io.html

The Diebold suspicions are difficult to prove (and I don't have time to dig for info right now) but the Ohio election itself was a disgrace. That's not a "liberal urban legend", it's well-documented fact.

Re:It's not a bug, it's a feature!

[Salty+Moran]

The majority of voters in largely Democratic areas in Ohio didn't even use electronic voting machines so this is kind of a moot point.

Are you implying that it is not important that republican votes be accurately accounted for? Maybe that it was a forgone conclusion that Bush would receive all or significantly close to all republican votes, so assurance of accuracy is not of significant concern?

A frightening excusatory remark indeed... I may have semi-predictable voting patterns that lead me to vote predominantly democratic, but if a voting machine picks up my vote as being for Hillary Clinton in 2008, I guarantee you I'd wish to be aware of the error regardless of what I was expected to do.

...yet another liberal urban legend...

Actually, this is FUD, not the original post. The original poster's concerns are shored up to a great extent by the very article under which the concerns were posted. What I just quoted from you is just a random claim you tossed out about some apparently nebulous web of deceit, yet I see nothing you've posted along with it that actually suggests any such thing exists.

Just because you SAY there are monsters under the bed doesn't make it so, and I don't see any beady eyes or claws peering out at me.

Please stop spreading this FUD.

An apt idea that you might consider applying to yourself in the future.

Re:It's not a bug, it's a feature!

[tassii]

This is yet another liberal urban legend people like to spread around that Diebold somehow tampered with the election. Please stop spreading this FUD.

Unfortunately not FUD. There are documented cases where Diebold's machines subtracted one out of every 100 votes for a democratic candidate. Its only been caught on minor elections and other irregularites with Diebold's machines. From California:

http://www.verifiedvotingfoundation.org/downloads/ resources/documents/ElectronicsInRecentElections.p df

"At least one voter was able to vote twice on her "smart card", and 10 votes were inexplicably lost.

John Pilch, a retired insurance agent who worked as a polling place inspector in San Carlos, said that when polls closed at 8 p.m. Tuesday, the number of people who signed the voter log differed from the number of ballots counted by computers.

"We lost 10 votes, and the Diebold technician who was there had no explanation," said Pilch, who registered complaints with elections officials, his county supervisor and several others. "She kept looking at the tapes."

At least 250 polls opened late because poll workers were unable to start up the machines, so hundreds, perhaps thousands, of people were turned away - many of them disenfranchised because they were unable to return to the polls at a later time that day"

As well as been posted here: http://politics.slashdot.org/article.pl?sid=04/11/ 16/1737228

Re:It's not a bug, it's a feature!

Hmmm.

Frankly, speaking as a solid hard-right conservative, I'd prefer to use paper ballots and inked fingers. Seems to work a helluva lot better than the crap we've been using for the past 20+ years.

You also wouldn't have to worry about people voting twice in different districts either. Though Democrats can always rely on dead people to send in their absentee ballots. :)

spam word: "suffrage". Rather appropriate.

Re:It's not a bug, it's a feature!

[vertinox]

The majority of voters in largely Democratic areas in Ohio didn't even use electronic voting machines so this is kind of a moot point. The places where Bush scored highly used Diebold machines, true, but they also had very heavy Republican bases in the first place.

Were these figures determined by the actual voting or something else?

If they were determined by the votes themselves to determine which areas were Democratic and which were republican... And the democratic areas were not Diebold machines and the Republican were...

Well... I think that kind of answers the question.

Re:It's not a bug, it's a feature!

[BLAG-blast]

Frankly, speaking as a solid hard-right conservative, I'd prefer to use paper ballots and inked fingers. Seems to work a helluva lot better than the crap we've been using for the past 20+ years.

As much as it worries me when I agree with members of the far right, er, sorry, I mean hard-right, I got on this. American is no longer a democracy, it stop being a democracy when the elections became unverifiable. Now we find out (duh) the machines are tamper proven (rather than tamper proof), making election results meaningless.

I'm sure we could do better than inked fingers as well, but it's better than what we are doing right now.

Though Democrats can always rely on dead people to send in their absentee ballots. :)

Yes, both sides are cheating bastards, I think this is main reason democrats didn't cry foul in the election. This is isn't election, it a competition to see who can cheat the best.

As for dead people, well the democrats have to rely on dead politicians getting elected to keep the 'right' out. ;-)

Re:It's not a bug, it's a feature!

[plague3106]

And nothing you said counteracts Diebold CEO's quote.

Re:It's not a bug, it's a feature!

[greylouser]

The places where Bush scored highly used Diebold machines, true, but they also had very heavy Republican bases in the first place.

I think this suggests a useful way to conduct elections in the future: just assume that a district will vote the same way it always has in the past. This would allow us to bypass all that tedious "voting." I know it's a pain for me to have to get to my polling place before work.

Re:It's not a bug, it's a feature!

[rickb928]

Quickly scanning that article on the San Diego election:

1. The voter log differs from the votes cast... Of course, it is possible that some voters failed to cast ballots. Perhaps they got in the booth, looked at the machine, and realized they forgot the remote. Failure to complete or even start a ballot is more obvious to me than 'lost votes' due to a machine issue. People are way buggier than even Diebold voting machines.

2. Machines that wouldn't start is a much more serious concern to me. I suspect many people didn't come back to vote. Defective equipment will cause more lost votes than many other causes, and this may select certain voters; for instance, unemployed voters may be able to wait or come back more often than employed (especially self-employed voters).

3. The Montgomery County, Maryland incident points to faulty software. Sheesh.

4. The Palm Beach/Broward election snafu is interesting. No paper trail makes recounting pointless. Change the law? NO! Change the machines. PS - seems ES&S has as much trouble as Diebold.

5. The Miami/Dade election note is interesting. Noi votes tallied called a 'virtual impossibility' Had the author asked about a voter log or something like that, they could have reported if election workers had even one signature or check mark of a single voter arriving and casting a ballot. AN otherwise fairly good report seems uncertain and incomplete here. Darn.

6. Apparently, in New Nexico, they have that renowned and rare Microsoft Sequel 6.5 system. I bet that's a mess.

You know, in Maine we had the ballot boxes *locked*. Seems we could do the same thing with electronic devices. And your ATM has two access systems. One for the tech to wrangle Windows (Dontcha miss OS/2 on your ATM?), and another for the cash vault. Surely our voting machines could have one lock for the tech to resolve problems, and another for the clerks to extract the memory card and tally votes. Eh?

This whole elctronic voting thing is a fiasco so far. We need to slow this down and do it right. Or just stick to optical scan ballots. They do in fact work.

rick

Re:It's not a bug, it's a feature!

[matt_gaia]

I beg to differ on the idea that Democratic areas in Ohio didn't use Diebold machines in '04. I live in the 17th district in NE Ohio, and we most definitely did use Diebold machines for the general that year. This area is heavily democratic, so much so that the Republican nominee for the HR seat only got about 35% of the vote, which is higher than usual, since that number is usually down around 30% (And that was even with Trafficant running). Electronic machines are still being used in this area as well, since there were some glitches with the machines when they were fitted with reciept printers for last week's primaries.
This "liberal urban legend" (Probably stared by the liberal media, right?) holds a hell of a lot of weight when you consider "glitches" with the results, like Gahanna, Ohio, where one precinct gave Bush 4200+ votes where only 638 people are registered voters, went in favor of Bush.

Re:It's not a bug, it's a feature!

[stinerman]

I would consider myself an authoritative source on the matter since I was involved in the 2004 recount in Ohio. I observed in an official capacity the recount in Clark and Shelby counties and in an unofficial capacity the recount in Greene county. I will now state some facts that you may take as you will.

Punch cards were used in all these counties. None of the equipment used was Diebold equipment. Recounts were run more loosely in Greene and Shelby counties (Republican strongholds) than in Clark county (about 50-50). I spoke with the Greene county board chairman. He said that he took responsibility for not realizing that increased voter registration would mean they would need more machines (his exact words were, "We dropped the ball on that").

On your points:

1) Most of Ohio was using Florida-style punch card ballots. A few places used optical scan. Fewer yet used the Diebold electronic machines. I cannot recall which counties had Diebold machines. If you care to research it yourself, keep in mind that most of Ohio is red except for areas near the lake and the rust belt regions of Akron, Canton, and on over to Youngstown. Columbus and Dayton are swing regions. Cincinnati is very red for a large city.

2) Yes, the security practices of Diebold, Inc. border on the criminally negligent.

3) Local boards of election, IIRC, decided how the votes would be recorded. Elections are run by our Secretary of State, but local boards are given some freedom as well. I am not sure exactly who makes the final decisions. It should be noted that our boards of election are not elected, but are appointed and must have equal numbers of registered Republicans and Democrats on them.

The only board of election under investigation of impropriety is the Cuyahoga board (the bluest county in Ohio). The allegation is that they pre-counted the "randomly" selected ballots themselves in order to make sure the count came out correctly so that they wouldn't have to recount all the ballots by hand. In our recent primary election, the same board had trouble with getting the machines running in a certian precinct. Usually our polls are open from 6:30a - 7:30p. That precinct didn't open until 1:30p, which prompted a judge to order it open until 9:30p.

The Shock! The Surprise!

[GaryPatterson]

So the closed-source company with apparent links to the incumbent government and a record of blocking any attempts to investigate their code turn out to have security flaws?

Okay - closed-source versus open-source is a non-issue, but I expected something like this from Diebold sooner or later.

I'm seriously worried though. Here in Australia a lot of ATMs have been replaced recently with shiny new Diebold machines. I've no doubt they're harder to hack, but it's not an encouraging sign.

Re:The Shock! The Surprise!

[Ohreally_factor]

Because Diebold is only interested in stealing elections, not your money. So rest easy.

Re:The Shock! The Surprise!

[Aqua_boy17]

Well at least you can get a hard copy of your transaction record when using an ATM.

One of the most vocal arguments in my state (Florida) and others has been that there is no audit trail for voting records using these machines. There have been arguments and law suits but the audit trail proponents seem to lose each and every time. Could this be due to the fact that the judges hearing these cases are by and large elected using these very same systems?

Not that I'm cynical or anything (sarcasm).

Re:The Shock! The Surprise!

At least some of those Diebold ATMs are just PCs running fullscreen EXE's on top of a slightly tweaked windows image. I've seen them crashed to the desktop. It seems to me that this is not a good design for a security-critical device that only needs to do a few simple things ...

Re:The Shock! The Surprise!

[JeremyALogan]

The thig is that their ATMs are by no means rock-solid, but they do work well enough. I haven't heard of any reports of them being responsible for misallocation of people's funds or of being able to (really) hax0r one just by having physical access to it. Even when they screw up really badly they aren't skewing people's bank accounts. Diebold SHOULD be able to make this work. Unfortunately they seem to be unwilling.

Re:The Shock! The Surprise!

[nasch]

The only really effective attack on ATMs that I've heard of is lifting it out of the ground with construction equipment and carting it away. Then the bad guys can go to work on it with a cutting torch in their warehouse. Many, maybe most, banks are trying to situate their ATMs so there's no way to maneuver heavy equipment close to them. Pretty amusing robbery, really, as such things go - creative, effective, and nobody gets hurt.

Re:The Shock! The Surprise!

[wilec]

"Because Diebold is only interested in stealing elections, not your money. So rest easy."

Naw they still want your money, they just are not interested in the chump change in your account, when they can get serious $$$$$$$$ by stealing elections. Plus they are much less likely to get caught AND prosecuted by stealing an election. Or so it seems, so far anyway.

Matthew

Why doesn't diebold?

[Whiney+Mac+Fanboy]

Why doesn't diebold just use the same security system it uses on its ATMs? After all (quoting):

Sygate defends your ATM with multiple layers of security:

First, the system locks down all electronic points of entry - making them invisible to hackers, viruses, and worms.

Next, it monitors, analyzes, and authenticates any external source attempting to connect to the ATM- and blocks anything the software doesn't recognize.

Failing that, they should just use the blue force shields that feature prominently in their Digital Security Videohahahaha - as long as your attacker is using little yellow balls to stage their attack.

Re:Why doesn't diebold?

[RoffleTheWaffle]

"Failing that, they should just use the blue force shields that feature prominently in their Digital Security Video - as long as your attacker is using little yellow balls to stage their attack."

Yes, because I'm fairly certain that somebody somewhere has come up with an insidious plot to rig the elections with a Nerf gun.

Re:Why doesn't diebold?

[Kadin2048]

Yes, because I'm fairly certain that somebody somewhere has come up with an insidious plot to rig the elections with a Nerf gun.

God damnit ... back to the drawing board. It was such a good plan, too.

Re:Why doesn't diebold?

[Pollardito]

Why doesn't diebold just use the same security system it uses on its ATMs?

i wouldn't really assume that they aren't, which says something about the ATMs. but i'm guessing that banks that buy the ATMs are probably doing more testing on their own of the final product, which would force the vendor to be more careful designing it. banks care more about losing their money than the goverment has been caring about altered votes.

Re:Why doesn't diebold?

[Amouth]

hahahahaha... i never thought of droping an atm on a would be robber...... but it would be ammusing

Re:Why doesn't diebold?

Failing that, they should just use the blue force shields that feature prominently in their Digital Security Videohahahaha - as long as your attacker is using little yellow balls to stage their attack.

Do not taunt Happy Fun Voting Fraud Ball :-)

Are they using...

[bc90021]

...VNC 4.1 perhaps? ;-)

can i be the first to say...

REALLY. OMG. Who'd a thunkit.
 
seriously, that practices going on around this company made me assume that such a thing was possible. security through obscurity was the mantra i kept hearing from diebold, which to me translates as a few people get to have holes that the majority don't know enough about to stop. 3rd party audit people. even if it's not released publicly.

Armed with a little basic knowledge

[RareButSeriousSideEf]

Is the possibility that someone with a little bit of knowledge could determine the outcome of a vote really that bad?

Re:Armed with a little basic knowledge

[Aladrin]

No, but the thought that someone without even a little knowledge could hire someone with just a little knowledge to affect the election... That's truly scary.

Funny isn't it?

[Trigun]

Diebold can make a box that handles your money with no issues. They make a voting machine that is atrocious and faulty. Goes to show where priorities lie across the board.

Re:Funny isn't it?

[typical]

They make a voting machine that is atrocious and faulty.

To be fair, even if it were someone else, voting machines that submit the vote in electronic form simply have fundamental problems with accountability. Yes, Diebold has had some atrocious engineering problems, but even if you took the best group of engineers on the planet and asked them to replace the pencil or hole punch machine with a fully electronic form, they'd still have a vastly more exploitable system than the traditional system.

I view Diebold as representative of a lot of companies that get government contracts -- obtaining unneeded pork, doing a fairly half-assed job. However, while some things (like the criminal records of people presiding over the project) were a little disturbing, I'm more willing to say that Diebold probably has nothing more malicious in mind than getting as much money as possible and not caring much as to how useful (or dangerous) their work is.

The real problem is that no voting administrator wants to be in the shoes of the Florida people, where questionable ballots exceeded the margin by which Bush won. An electronic form throws away all data other than a simple vote -- it may not be more accurate, but it covers the asses of voting administrators.

The fact that the whole system is much less accountable and more open to abuse and attacks than a physical system is more an issue that not of the involved people (voting officials and Diebold) just don't care about than one that I expect that they intend to personally exploit.

Re:Funny isn't it?

[typical]

Diebold can make a box that handles your money with no issues.

Well, not exactly. Diebold ATMs have been featured rather prominently on Slashdot before...

Re:Funny isn't it?

[maxwell+demon]

Diebold probably has nothing more malicious in mind than getting as much money as possible and not caring much as to how useful (or dangerous) their work is.

Of course you can say the same about e.g. the Mafia.
(For those who don't get it: No, I'm not claiming Diebold is like the Mafia; I just point out a flawed argument.)

Re:Funny isn't it?

I view Diebold as representative of a lot of companies that get government contracts -- obtaining unneeded pork, doing a fairly half-assed job.

Let me guess, you are a libertarian, right? Hence the equally huge amount of "pork" and "half-assed jobs" that are done in the pure-private-sector don't count? Sorry, but this all has nothing to do with the concept of government in general, rather this particular one that we have chosen to implement (one that is basically driven by corporate special interests). The only reason you even KNOW about these problems is because the government is far more open and accountable than any corporation, who would have had a much easier time covering it up.

Re:Funny isn't it?

[typical]

The only reason you even KNOW about these problems is because the government is far more open and accountable than any corporation, who would have had a much easier time covering it up.

Err..no. The reason I know about these problems is because I work with people who pull in said government contracts. And were you to look back, with Google, over my long-term posting history on Slashdot, you'd find that I not infrequently bash the LP as being far too extremist and impractical.

Do I dislike wasting money? Sure, the same is true for everyone. I don't have a great *fix* for the problem -- and I think the LP's approach of "basically, cut off half the government" causes more harm than benefit.

Re:Funny isn't it?

[DrFalkyn]

To be fair, even if it were someone else, voting machines that submit the vote in electronic form simply have fundamental problems with accountability. Yes, Diebold has had some atrocious engineering problems, but even if you took the best group of engineers on the planet and asked them to replace the pencil or hole punch machine with a fully electronic form, they'd still have a vastly more exploitable system than the traditional system.

Why don't you have the best of both worlds. After voting on an electronic box, a paper receipt is printed and reviewed by the voter who slips it into a ballot box.

Re:Funny isn't it?

[mikeabbott420]

diebolds owner famously promised to deliver ohio to bush and even the mafia commit crimes for other motives then pure pursuit of money e.g. vengence killings.

Re:Funny isn't it?

[sholden]

Isn't that the worst of both worlds?

Instead of checking boxes with a pencil the voter has to use some wierdo software program and check the output it produces. And I don't care about the "but US voting is more complicated... we have multiple votes for a bunch of different things on election day" - I voted in the 1999 NSW state (Australia) election - the Upper House ballot had 264 candidates divided amongst 81 groups (parties plus the independant group), making the paper ballot have a physical size of 3'4" by 2'3" (101cm by 72cm). And remember preferential voting in Oz - sure you could just vote for one of the groups and use the preferences that they lodged or you could number all the candidates in order - I didn't like any of the group lodgements so that was fun to number...

Instead of having a computer add some numbers people have to look at the ballot papers decipher them and count them (lets ignore scanners and bar codes and so on - that adds the problem of how does the voter veriphy that the computer readable portion mathes the human readable portion).

"any" software, eh?

[chrish]

Installing "Goatse.cx Screensaver", please wait...

Re:"any" software, eh?

[RoffleTheWaffle]

Or...

"Who is this 'Cockmongler', and why should I vote for him?"

Re:"any" software, eh?

[gEvil+(beta)]

But I thought finally we got rid of hanging chads...

Re:Stupid first post just ignore it....

[fmerenda]

It's true!

I have officially been double-burned, and I deserve it! :)

The Diebold Chronicles

[Billosaur]

A Finnish computer expert working with Black Box Voting, a nonprofit organization critical of electronic voting, found the security hole in March after Emery County, Utah, was forced by state officials to accept Diebold touch screens, and a local elections official let the expert examine the machines.

Black Box Voting was to issue two reports today on the security hole, one of limited distribution that explains the vulnerability fully and one for public release that withholds key technical details.

The computer expert, Harri Hursti, quietly sent word of the vulnerability in March to several computer scientists who advise various states on voting systems. At least two of those scientists verified some or all of Hursti's findings. Several notified their states and requested meetings with Diebold to understand the problem.

Oh, those plucky Finns and the trouble they cause...

Does anybody get the idea that Diebold simply threw these machines together, cobbled the code together from stuff lying around the shop, slapped some paint on them, and expected states to use them no questions asked? You would think somewhere along the line, someone would have stood up at a development meeting and said, "we'd better make sure these things are secure."

Diebold will of course now hem, haw, blame others, attack the media and anti-electronic voting groups, and reluctantly fix the problem. Just in time for the next one to crop up. Do they have any competition in this market? I don't hear a lot about other companies creating voting machines -- either there aren't any or they do a lot better job.

Re:The Diebold Chronicles

[Dracolytch]

Honestly, with Dibold's documented contempt for the democratic process and the lack of something as simple as a paper trail, I'm half suspicious they delivered these machines, and then told the government how "a hacker might access these systems" and then "untracably alter the vote" (wink wink).

~D

Re:The Diebold Chronicles

You would think somewhere along the line, someone would have stood up at a development meeting and said, "we'd better make sure these things are secure."

Says who? Certainly not the management at election software companies.

Our state had a similar discovery with ES&S election software during an evaluation of them for our RFP. When we discovered a serious lack of any awareness of security issues, especially risk management-related items that illustrate some analysis from a broad perspective, we asked them for specific information on their security programs.

Their answer was to point to SAS-70 audits. If you do not know what that is, it is a statement by independent accountants that says you probably have enough money in the bank to stick around awhile longer and seem to have management control over things (internal controls), especially money. My observation has always been that as Microsoft would probably blow away most companies if financial statements and available cash was the litmus test and yet they have no shortage of security problems, a SAS-70 isn't really appropriate for determining information security.

ES&S also seemed to rely upon their other vendors for security. Microsoft patches make their system secure, and if they don't, it is Microsoft's fault and nonunique. That kind of pass-the-buck reasoning. Their own security staff was lacking, their program exclusively physical and technology level oriented with zero strategic awareness, and they demonstrated a lack of non-accountant external verification and periodic inspection.

In other words, they built a plane out of bricks that had wings and an engine but never looked at aerodynamic requirements, have a baggage loader they declared to be responsible for flight safety, and had a CPA firm declare them to be risk-free. If the plane crashes, it certainly is the engine manufacturer's fault because we all know a strong enough engine could fly anything even though the engine manufacturer was never consulted about this brick monstrosity.

Please, if you deal with any election system, actually use competent independent verification and be very prepared to have to reject the vendor. If you already use a system like this, understand the law increasingly looks to you as the respnosible party that did not excercise due diligence when purchasing this equipment. There are alternatives to the latest and greatest touch-screen box if you must hold off.

Re:The Diebold Chronicles

Diebold has long manufactured the optical scanner systems that are used to tally ballots. I imagine it was a natural fit to have them design the "next generation" of voting machine.

And yes, considering they use Access databases for data storage, I'd say they're cobbled together.

(Huzzah for the lowest bidder!)

Re:The Diebold Chronicles

[lawpoop]

"Does anybody get the idea that Diebold simply threw these machines together, cobbled the code together from stuff lying around the shop, slapped some paint on them, and expected states to use them no questions asked?"

I think it's equal parts crappy production and braindead design -- you know, design where the manager says "Make sure the system is secure and has passwords, but make the passwords easy to remember so that we don't get locked out of the system." In this case "Make sure that there is someway that we can get in there if we have to -- you know, in case there is an emergency."

But given the state of the vote here in Ohio, I'm beginning to wonder if they weren't specifically designed for election stealing.

Re:The Diebold Chronicles

[Dimensio]

Diebold will of course now hem, haw, blame others, attack the media and anti-electronic voting groups, and reluctantly fix the problem.

You are optimistic in believing that they will fix the problem.

Re:The Diebold Chronicles

[JeremyALogan]

I did some research after the last election into starting a company that did just this. I wanted it to be a completely open source solution (software wise at least) and invite people to try and break it so we could make it better. The problem is that Diebold has such a stranglehold on the market. In fact a number of the states (dare I say most) where they are being used it's ILLEGAL to use them since they dont' have a paper trail. How difficult is this really? I imagined having a printer mounted behind some plexiglass that prints up your votes after you enter them. The computer would ask you to verify that the information was correct. If so then you're done. If not then it would print a retraction and ask you to vote again. Seriously... I could have a proof of concept in a week, but how does one get the funding it would take to go up against a giant?

Re:The Diebold Chronicles

"Do they have any competition in this market? I don't hear a lot about other companies creating voting machines -- either there aren't any or they do a lot better job."

I don't know about voting machines, but for ATMs there are others. Maybe the government should be convinced to tell the german company Wincor Nixdorf to create a voting machine for them. They do pretty decent ATMs at least (also because the european/german guidelines for ATMs are quite hard.) and won't like any american party better than the other. But this will surely be against some law that such critical systems may only be made by american companies.

Diabold makes ATMs as well

[mapkinase]

I have noticed that last time I took some cash from BoA ATM machine.

This is scary.

Re:Diabold makes ATMs as well

[gEvil+(beta)]

I don't think I've ever seen a Diabold ATM. It's probably best to avoid those the same way you'd avoid home electronics made by Sorny or Panaphonics. And it's not a great idea to use Diebold ATMs either, though that's a bit harder to avoid.

Re:Diabold makes ATMs as well

[mapkinase]

Here is what I found:

Bank of America has completed the task of outsourcing the servicing of its ATM network, signing a seven-year deal with Diebold to take over the maintenance of 10,000 machines. The agreement covers maintenance service in the western United States, plus existing contracts previously awarded to Diebold in the eastern United States.

I guess machines were made (hopefully) by somebody else, Diabold is doing only maintainance. On the other hand, who knows what kind of maintainance they will do

Re:Diabold makes ATMs as well

Wow, you completely missed that joke...
Hint, your incorrect spelling of DIABOLD (Diebold) and the parents intentional incorrect spelling of SORNY (Sony), and Panaphonics (Panasonic).

Re:Diabold makes ATMs as well

[L.Bob.Rife]

The difference is that banks have a large amount of money riding on the fact that the ATMs must be secure. The requirements are stiff, and the inspections are thorough. Thus, Diebold makes secure ATMs.

Election boards who request the machines have a vague list of requirements, and being mostly staffed by partisan volunteers, have less inclination to protect something they want to steal from you anyways. Now, add in the mix of being able to pay for it with unlimited taxpayer money, and you have a nice definition of low-hanging fruit for Diebold.

What I find ironic is that all this negative publicity against their voting machines is obviously dropping faith in the companies main ATM business, and ruining the Diebold brand. (E.g. the parent post)

Re:Diabold makes ATMs as well

[amcdiarmid]

Hmmm. Half the Time when I use a Diebold ATM, an extra $2 dissapears from my account as well.

Re:Diabold makes ATMs as well

[anti-human+1]

...Fractions of a penny deposited into an account. Its not really stealing.

Sweet!

[raider_red]

I'm getting myself elected emporor!

Re:Sweet!

[maxwell+demon]

Sorry, but your evil plan failed due to a typo in yur code.

Re:Sweet!

[raider_red]

I'll change the spelling after I'm elected.

How this bug was found

[DingerX]

Anyone else think this is sweet?

A Finnish computer expert working with Black Box Voting, a nonprofit organization critical of electronic voting, found the security hole in March after Emery County, Utah, was forced by state officials to accept Diebold touch screens, and a local elections official let the expert examine the machines.

That's right. We've seen this before.

Turns out Diebold has a strong interest in keeping their security systems proprietary.

Obligatory "all your votes" blah

[Bombula]

All your votes are belong to us.

Re:Obligatory "all your votes" blah

Score: +1 (What You Say!!!)

Why ...

[Ihlosi]

If my money gets lost, I can sue the bank, Diebold, or whomever I think is responsible for this.

If my vote gets lost, I can get sued under various laws that come into existence because of this (DMCA/PATRIOT-ACT/etc).

rig machine vs. bribe electoral college?

[192939495969798999]

Why go to the trouble to rig a machine when you can just bribe the electoral college? Wouldn't that be a much more effective way to swing an election, since they are the ones that actually do the voting?

Re:rig machine vs. bribe electoral college?

[Reverend528]

Why bribe everyone in the electoral college when you can just the two candidates instead?

Re:rig machine vs. bribe electoral college?

[192939495969798999]

Good point, I suppose it hardly matters who gets elected if you can just support their post-election political bids to get your special interests catered to.

Re:rig machine vs. bribe electoral college?

[hunterx11]

The point isn't just to steal an election; the point is to steal it and to be able to deny that it was stolen at all.

Re:rig machine vs. bribe electoral college?

[jfengel]

The electors don't vote in secret. The electors theoretically have free will to vote for whom they want, but in practice they are all sent with instructions from the state legislature to vote for one candidate. In nearly all states, all of the electors vote for the same candidate, and everybody knows who that is ahead of time.

In other words, if you bribe an elector, everybody knows it. I suppose you could try to get away with it once and count on people to accept the results before they change the rules to eliminate the possibility. More likely, the Supreme Court would find a way to invalidate the bribed votes. Either way the bribed elector is going to jail, and in all likelihood so are you. Maybe you could pull off a coup this way, but it won't work twice.

O'Dell Resigned for that Reason

[eldavojohn]

I believe that O'Dell resigned.

As the article you quoted states:

The Aug. 14 letter from Walden O'Dell, chief executive of Diebold Inc. - who has become active in the re-election effort of President Bush - prompted Democrats this week to question the propriety of allowing O'Dell's company to calculate votes in the 2004 presidential election.

O'Dell attended a strategy pow-wow with wealthy Bush benefactors - known as Rangers and Pioneers - at the president's Crawford, Texas, ranch earlier this month. The next week, he penned invitations to a $1,000-a-plate fund-raiser to benefit the Ohio Republican Party's federal campaign fund - partially benefiting Bush - at his mansion in the Columbus suburb of Upper Arlington.

And as USA Today reported:

"The board of directors and Wally mutually agreed that his decision to resign at this time for personal reasons was in the best interest of all parties," said John Lauer, Diebold's non-executive chairman of the board.

The announcement was made after the stock market closed. Diebold stock fell nearly 2%, or 73 cents, to $37 in after-hours trading. The stock has traded between $33.10 and $57.81 in the past year.

Re:O'Dell Resigned for that Reason

[mrchaotica]

And conveniently, he did so after the election.

Re:O'Dell Resigned for that Reason

He resigned more than 1.5 years after he wrote his comment, so the claim that he did so "for that reason" is moronic and obviously false.

why do we need electronic voting?

[phlegmofdiscontent]

What's so bad about the optical scanners and the ballots where you fill in a circle? I remember a study that showed they were the most secure, you have a paper trail, and any idiot can figure it out after 13 years of standardized testing. Electronic voting, on the other hand, smacks of boodoggle, fraud & overall shoddiness.

Re:why do we need electronic voting?

[gEvil+(beta)]

I think you've answered your own question.

Re:why do we need electronic voting?

[jdcook]

The best reason to use electornic voting machines is that they allow many people with disabilities (especially the visually impaired) vote in private w/o assistance of the 97 year olds working the election. This is not a good reason to use shitty electronic voting machines however.

Re:why do we need electronic voting?

[Secrity]

As long as the College Board isn't scoring the ballots.

Re:why do we need electronic voting?

[filesiteguy]

Handicapped access and part of the HAVA (Help America Vote Act) signed buy some president (Bush? Clinton? Bush?) in order to ensure equal voting access to all. Many counties are using the touch screens as a step towards letting disabled people vote.

Re:why do we need electronic voting?

[L0rdJedi]

There are devices in existence that allow the visually impaired to see the ballots perfectly. These devices can magnify text up to 14x (that's for the portables). The non portables can magnify up to 58x (19" LCD, probably a little smaller with a 17"), so those disabled folks can vote absentee.

I know these devices exist since I work for a company that makes them and I've seen them in action.

There is no need for electronic voting systems, period.

What I would like to know..!

[parasonic]

Why does Diebold design these machines in such a way that they *CAN* be hacked? I think that involving an Operating System and software in the design of such a machine is a critical error. As a computer engineer, I realize that overcomplicating things can lead to errors. DSP's can make hardware extremely cheap, but there are places where analog circuits are cheaper and more realiable! Why hasn't Diebold designed a hardwired electronic circuit or a mechanical system with failsafes such that the machine can't be hacked, and the wrong candidate will not be selected if the machine fails? There are so many places where their current design can and will go wrong. I believe that it's time for these loonies (or preferrably someone else who has more sense) to come up with a more rudimentary and failsafe design!

Re:What I would like to know..!

[TripMaster+Monkey]

Why does Diebold design these machines in such a way that they *CAN* be hacked?

Simple. Because that is their intention.

Acccuse me of left-wing moonbattery all you like, but the fact remains that Diebold has shown themselves to be capable of making reasonably secure ATM machines. There's no defense by incompetence available to them. These ridiculous security holes can only be intentional.

Re:What I would like to know..!

[geobeck]

These ridiculous security holes can only be intentional.

My greatest fear regarding American elections is that Diebold machines will be used for a national vote to repeal the 22nd amendment, then for the following presidential acclimation--I mean, election.

Americans, please, start a grassroots movement to outlaw the use of any electronic, and therefore hackable, voting machines. Look at Canada's election process. Sure, we have only 10% of your population, but we have substantially less than 10% of your election hassles. In Canada, paper ballots are counted manually by Elections Canada volunteers, witnessed at each vote counting station by representatives from all official parties.

And for the love of Mike, start some new political parties! You may turf out the Republicans in 2008, but your Democrats are no prize either!

Re:What I would like to know..!

[TripMaster+Monkey]

Don't look now, but such a repeal has already been proposed.

Now, this seems to be a fairly standard thing, actually. Someone seems to propose the elimination of term limits every administration or so, but these are truly unusual times...I wouldn't be at all surprised to see this proposed again and ratified in the hysteria following another 'terrorist attack'.

The day this passes is the day I either join the Michigan Militia or move to Canada.

Re:What I would like to know..!

[Detritus]

Acccuse me of left-wing moonbattery all you like, but the fact remains that Diebold has shown themselves to be capable of making reasonably secure ATM machines. There's no defense by incompetence available to them. These ridiculous security holes can only be intentional.

You underestimate the venality of American corporate management. Many of them would bottle toxic waste and sell it as a health tonic if they thought that there was an easy dollar to be made and that they could get away with it.

Re:What I would like to know..!

[Dare+nMc]

> start a grassroots movement to outlaw the use of any electronic, and therefore hackable, voting machines.
I will say that is best action to hold the status quo. it is in the best intrest (in my opinion) of the partys in power (Democrat and Republican in the US) to make sure voting can never be so quick and painless to have regular votes on important issues.

so I think that would be the goal, muck up, and cast so much doubt on one implementation of a electronic system, to get them all outlawed. That preserevs the status quo of occasional votes boiled down to simple yes/no decisions that most voters are only allowed a few minutes to ponder. Because thats all we can accuratly count with a paper ballot.

After all a good system would allow voting to be as easy as accessing a ATM machine, and all major bills/representitives wording could then be voted upon, and changes proposed wiki style, and accurate information presented to all. That would drastically reduce the power of the executive branch, and thus the influence of the lobyists bribing them, and throw our whole system of the rich and power hungry having all the power.

Re:What I would like to know..!

[Dare+nMc]

> muck up, and cast so much doubt on one implementation of a electronic system, to get them all outlawed.

just to be clear, I think it is in the best intrest of the leaders of both the democrat, and republican partys to cast doubt on any method of accurately, and quickly counting the true opinion of all the people.

The system in the US currently precludes anyone not part of the republican, or democrat establishments from taking power (not by law, but by implementation). So although the Democrats may not be in power now, they can be assured that they will at worst be 2nd fiddle, until things swing back to them.
So it is not in the best intrests of the democrats to reduce any of the executive powers, etc because even if their not the current or maybe even the next holder of the lead, they will be assured of being one of the next...

Re:What I would like to know..!

[mOdQuArK!]

outlaw the use of any electronic, and therefore hackable, voting machines

I think the machines are fine for generating user-readable & verifiable ballots - meaning, people can use the machines to create a piece of paper or plastic which they can easily read to determine that their desired decisions were recorded properly.

As long as people can easily verify that, and the counting process uses the same method of reading the ballot that the people do (no secret bar codes, which might be different than the descriptive text), then it doesn't really matter if the ballot-producing machines are very secure or not.

The _counting_ part of the process is a whole different ballgame. _That_ process will need a solid secure structure, large-scale independent public oversight & lots of double-checks.

The big problem with the current machines is that they combine both those steps & don't provide any means of independent public oversight.

Re:What I would like to know..!

[Zak3056]

My greatest fear regarding American elections is that Diebold machines will be used for a national vote to repeal the 22nd amendment

Your fear is unfounded, as the US does not use referendum to change its constitution. Our process actually makes it fairly difficult to do so: both houses of congress have to approve the proposed amendment with a 2/3rds majority, then 3/4ths of the states must ratify it. Alternatively, 2/3rdsof the states can vote to hold a constitutional convention and propose amendments, which then also must be ratified by 3/4ths of the states.

In regards to the rest of your post, I agree with your closing statement (dump both political parties) but I actually support electronic voting--just not in its current brain dead form. What's needed is as follows: real paper ballots printed by the machine to serve as both a check for the voter and an audit trail; open source code so everyone can audit it; commodity hardware so a machine can be built by an interested third party, and tested against what is in the precincts; severe prison terms for tampering with the software or the equipment.

In the end we're talking about a system that doesn't have to do anything other than "i = i + 1" and produce a tamper resistant audit trail.

Re:What I would like to know..!

[mikeabbott420]

There is nothing wrong with that, they are responsible only to their shareholders and should do all they can to maximize profits. It is the elected goverments job, as our representatives, to regulate and oversee them so they can operate competitively in a fair enviroment that serves the interests of all people. It is ridiculous to elect people who let corporations write laws in secret but it is also ridiculous to demonize corporations. Fire good. Uncontrolled fire bad. Electing arsonists just plain stupid.

Re:What I would like to know..!

[plague3106]

What you are proposing is a democracy, which is not something we want. Majority rule is calld mob rule for a reason. We have a republic to help protect the rights of the minority.

I think the best thing we can do is repel the amendment which allows the public to vote for Senators. The election of Sentators should be done by state legislatures, not the people.

Currently the rights of state governments is being ignored, and its not a good thing.

Re:What I would like to know..!

[geobeck]

The big problem with the current machines is that they combine both those steps & don't provide any means of independent public oversight.

Nail, meet hammer. Right on the head.

A great deal of the problem with American vote counting, as opposed to Canadian, is that, as another reply stated, with a two-party system, the second party doesn't really care if the first party gets knocked off this time around. Their position is just about as powerful; their 'leader' just doesn't get to sit in the big comfy chair and hold the remote.

In Canada, by contrast, we have the following parties:

1. The Liberals . This party has been in power the most often. They are fiscally conservative, socially progressive, and quite corrupt. They are currently without a real leader.
2. The Conservatives , formerly the Progressive Conservatives, briefly the Reform Party, even more briefly the (conservative) Alliance. One of Canada's two original parties, the Progressive Conservatives were almost completely destroyed by their own leader's unpopularity in 1992. The new Conservative party is fically conservative, socially regressive, quite corrupt, and generally whacko. Their current leader is the head whacko.
3. The New Democratic Party . Canada's semi-socialist party, fiscally socialist, socially very progressive. At the height of their popularity in the 1980s, they became known as "the conscience of the Commons". Unfortunately, when their leader retired, they lost their direction and their credibility. Their current leader is a posturing buffoon. The NDP currently holds the balance of power in Ottawa. They've never held enough seats to become corrupt.
4. Le Bloc Quebecois . One of the parties that formed following the destruction of the Progressive Conservatives, the Bloc's sole mission is to separate Quebec from the rest of Canada. They have only fielded candidates in Quebec.
5. The fringe parties. The Communist Party, the Green Party, the Marijuana Party, the Animal Alliance Environment Voters Party... we've got 'em all. Full list here.
6. The Rhinoceros Party . This party disbanded after its original leader died, but it is worth noting for being the most popular 'joke' party in Canada's history. Although they never held a seat, they received numerous votes from disgruntled voters for policies like the following:
   • putting the national debt on Visa
   • turning the Louis-Hippolyte Lafontaine tunnel in Montreal into a free carwash by poking holes in the ceiling
   • switching Canada to driving on the left side of the road to be more like England (and therefore less like the USA), but making the transition gradual: trucks and buses first.

Re:What I would like to know..!

[geobeck]

Submitted too soon...

The point being, Canadian parties are truly in opposition to one another. They fight for seats during every election. If the governing party holds a majority of seats in the House of Commons, the opposition parties are completely powerless; the government can pass whatever bills it wants. And, as Brian Mulroney demonstrated in 1989, there are no limits on the power of the Prime Minister. The Senate blocks your bill? No problem! Appoint some of your best friends to the Senate! Then put your bill under the unwavering rubber stamp of the Governor General and you're done.

So Canadian parties care about every seat they can possibly win. Take the current government. The Conservatives hold a minority of seats. The NDP has teamed up with them in a very shaky coalition. Those two parties are socially and fiscally complete opposites. If the Conservatives try to push just about anything on their social agenda, the NDP will call a non-confidence vote and force an election, almost certainly returning the Liberals to power. The current Conservative Prime Minister is faced with a term of doing nothing but passing a few meaningless vote-garnering bills, and continuing the successful fiscal policies of the Liberals.

Re:What I would like to know..!

[Dare+nMc]

> What you are proposing is a democracy, which is not something we want. Majority rule is calld mob rule for a reason.
I think that was meant with some sarcasm, but of course their is some truth to it.
After all, if we were allowed to vote for, and always voted for what makes you the individual best off, then no member of a minority group would ever be given any power or rights. That is why the founding fathers made the Constitution, to guarantee certain rights wouldn't be taken away based on some "mob rule" vote.

That seams very unlikely, a society with moral values will understand to vote with those values as a whole, such that they would not bias rules against the few. Now putting the absolute power in the hands of a few, has always lead to a level of corruption at the top.

Re:What I would like to know..!

[Coryoth]

The problem in Canada is that, despite having a reasonable array of parties, you're still stuck with the archaic First Past the Post voting system which sees the two major parties (the Liberals and the Conservatives), and especially Bloc Quebecois, win far more seats in parliament than is realistic given the amount of support they have. Once you get a decent system like MMP, giving the smaller parties (and the NDP) like the Greens more representative political clout things will seriously improve.

Jedidiah.

Re:What I would like to know..!

[iminplaya]

The people who advocate term linits completely fail to recognize they are voting for the party, not the individual. The party makes the rules, and the nominated/elected individual reads the supplied scripts. What is needed is a variety of platforms to put on the ballot. So far 99% of the votes are going to a single party. This is very discouraging to those who see the need for alternatives. The "throwing away your vote" FUD is very powerful. I can tell you from experience that "term limits and "no reeleción" do not have any positive effect on the process. The real power remains where it always has. And the real reason for that is that the people have abdicated their authority.

Re:What I would like to know..!

Why does Diebold design these machines in such a way that they *CAN* be hacked?

Dark forces control the US government, and manipulated Diebold among other things.

Re:What I would like to know..!

[plague3106]

I think that was meant with some sarcasm, but of course their is some truth to it.
After all, if we were allowed to vote for, and always voted for what makes you the individual best off, then no member of a minority group would ever be given any power or rights. That is why the founding fathers made the Constitution, to guarantee certain rights wouldn't be taken away based on some "mob rule" vote.

Nope, no sarcasm. What you said here is exactly what I was getting at.

Re:What I would like to know..!

Wrong. Diebold Election Systems is a subsidiary of Diebold, acquired a number of years back. Diebold has been making ATMs for a LONG time. Diebold Election Systems exists as a result of several acquisitions and is relatively new. Two completely different lines of business comprised of completely different staffs. Considering the small amount that DES contribute to the revenue of Diebold(about 2%), and the constant barrage of negative PR due to their existence, it's probably just a matter of time before DES is sold to someone else. They are a publicly traded company after all.

And if you think DES's competitors are going to pick up the ball and run with it more effectively, think again. They're more screwed up than DES. Of course, how many companies have grassroots organizations dedicated to researching and pointing out all their mistakes? Not a defense...just pointing out an unpleasant reality. For many large companies security is, at best, an afterthought.

- An Insider

Re:What I would like to know..!

Some slight modifications:

1. The natural ruling party of Canada aka the Liberal Party. They've run the country for 80+ years of the last 125. They are far from fiscally conservative. They're actually famous for buying your vote, with your money policies. The rest I can agree with.

2. Mulroney's unpopularity was also in large part due to a very effective smear campaign (Admittedly partially deserved) run by some surely unbiased agency. Fiscally, socially, and otherwise conservative. I'm not sure where you get the wacky part. Maybe it's that strange balanced budget idea they have. To each his/her own.

3. The not a damn party. They don't hold the balance of squat at the moment. If they do ever get into power in Canada, I'll be amoung the first claiming assylum in a less retarded nation.... Chechnya or Colombia come to mind. NDP are famous for driving economically sound provinces into near bankruptcy (B.C. and Ontario come to mind). Fiscally irresponsible, socially progressive and a total waste of time since Ed Broadbent gave up the leadership.

4. The seperatist party of Quebec. Main goal is to screw the Anglo pig-dogs, get as much as they can from confederation, and blame all their problems on the rest of Canada. Fiscally liberal (Almost as progressive as the NDP and Liberals), Socially archaic (Well ok, maybe the Catholic church is only a little less conservative), and composed of seccessionists. Only in Canada eh.. Pity

5. - 6. The best of the nutcase bunch was the Natural Law party. Meditation was the cure to all ills.

Of note.. A wonderful side-effect of the way our election system is set up. A party wins Ontario, and 1/4 of Quebec, the rest of the nations vote doesn't matter. There is enough seats in those two areas to get a majority government.

To bring this more on topic, Our relatively simple system of separating our municipal, provincial and federal elections and using simple paper ballots seems to work fairly well. The first past the post system could be improved, but there's too much ingrained self-serving for that ever to happen. After all, I need a local representative in the Federal governement. The Provincial and the Municipal elected members can't seem to serve the local populace. Having a proportional representation would involve the federal members not having any where to pork barrel and get votes.

Oh and a favour. For all you folks south of the border. Can you hold off on the collapse until after I die. kthnx

Re:What I would like to know..!

[hr+raattgift]

The NDP currently holds the balance of power in Ottawa. They've never held enough seats to become corrupt.

Uhm, they don't hold the balance of power, because they cannot combine with either party and guarantee a majority of the House of Commons.

CPC 125
LIB 102
BQ 51
NDP 29
IND 1

CPC+NDP vs rest: 154 vs 154 (technically 153 as the Speaker (elected as a Liberal) votes only in the event of a tie)
LIB+NDP vs rest : 131 vs 176 ("")
BQ+NDP vs rest: 80 vs 227 ("")

However, the CPC were unable to get the NDP to agree to support them for two years (with no "24 hour flu" outbreaks on confidence votes, or NDP MPs voting against their whip) in exchange for supporting some NDP initiatives.

Full attendance is impractical in any event, and the working vote splits will be somewhat different.

More practically, there have been several divisions in the last few days which have gone 175-115 +/- (CPC+BQ vs LIB+NDP) on ways and means motions geared towards passing the Conservatives' budget.

This is the Bloc holding the balance of power, and not the NDP. This is not surprising, since what are now CPC and BQ constituencies often voted PC in the Mulroney era. Remember Meech Lake, and Mulroney and Lucien Bouchard being close friends?

As to lack of power leading to lack of corruption, there have been several provincial NDP governments which are remembered unfondly, and several current NDP MPs have had some scandals in municipal government. Jack Layton, the leader, and his wife Olivia Chow, both MPs, had a noisy scandal about living in government subsidized housing despite their ineligibity for subsidy because of their high combined income.

Also amusing is that the former NDP premier of Ontario, Bob Rae, is a candidate for the leadership of the (according to you) quite corrupt Liberal party. What does he know that Mr Layton doesn't?

Re:What I would like to know..!

[geobeck]

This is the Bloc holding the balance of power, and not the NDP. This is not surprising, since what are now CPC and BQ constituencies often voted PC in the Mulroney era. Remember Meech Lake, and Mulroney and Lucien Bouchard being close friends?

This does make more sense, and yes, I remember Meech. That's about the time old Pierre came out of the woodwork to remind the Tories that he tried the same thing in 1982.

As to lack of power leading to lack of corruption, there have been several provincial NDP governments which are remembered unfondly, and several current NDP MPs have had some scandals in municipal government.

The difference I see is that federal NDP scandals haven't cost the public all that much money because they've never been in a position to spend public money. As for the provincials, they're a different herd of animals altogether. I live in BC. The NDP here doesn't bear much resemblance to the federal party. But I'm originally from Manitoba, which has had several very successful NDP governments.

Also amusing is that the former NDP premier of Ontario, Bob Rae, is a candidate for the leadership of the (according to you) quite corrupt Liberal party.

Don't get me wrong; I vote Liberal in every federal election. I like having an economy that is the envy of the western world. But Martin and Chretien, and skilled as their fiscal management was, were up to their eyeballs in the sponsorship scandal. Then again, people have very short memories. The total 'scandal quotient' of the federal Liberals from 1993 to 2005 was about the same as for Mulroney's Conservatives from November 1984 to... December 1984. And Mulroney's fiscal mismanagement cost the country $300 billion in increased national debt.

I agree with the Rhinos, though: we should just put the national debt on VISA, and let Quebec separate so it will be a shorter drive from Ontario to New Brunswick.

Re:What I would like to know..!

[hr+raattgift]

2006 Election results (308 seats), rounded:

CPC 40% of seats, 36% of popular vote
LIB 33% of seats, 30.2% of popular vote
BQ 17% of seats, 11% of popular vote
NDP 9% of seats, 18% of popular vote
IND 0.3% of seats, 0.6% of popular vote
GRN 0% of seats, 4.5% of popular vote

No other party got more than 0.32% of the popular vote, which would give 1 seat in a PR system.

Note that the BQ fielded candidates only in Quebec. In that province, the results were (for 75 seats, rounded):

CPC 13% of seats, 25% of popular vote
LIB 17% of seats, 21% of popular vote
NDP 0% of seats, 8% of popular vote
IND 0.1% of seats, 1% of popular vote
BQ 68% of seats, 42% of popular vote

Alberta and Prince Edward Island are also interesting, in that only Conservatives were elected in the former (28 Conservatives, 65% popular vote) and in the latter only Liberals (4 Liberals, 53% of popular vote).

Given the history of Canada East (now Quebec) with respect to "rep by pop", it is unlikely that the Bloc Quebecois would abandon the first-past-the-post system. In the 39th Parliament's House of Commons, the Conservatives are over-represented in Saskatchewan, Manitoba and British Columbia -- the Western power-base of the CPC -- and are also unlikely to support a change.

Re:What I would like to know..!

[hr+raattgift]

The Senate blocks your bill? No problem! Appoint some of your best friends to the Senate!

This only worked thanks to Article 26 of the Constitution Act, 1867, which reads:

If at any Time on the Recommendation of the Governor General the Queen thinks fit to direct that Four or Eight Members be added to the Senate, the Governor General may by Summons to Four or Eight qualified Persons (as the Case may be), representing equally the Four Divisions of Canada, add to the Senate accordingly

Mulroney had been in power for several years by 1989, and the deaths and mandatory retirements of several old Liberal senators left a number of open Senate seats, which he filled as it became clearer that the Senate committee studying the bill after second reading had interviewed enough credible witnesses with strong reservations about the GST would recommend that the Senate not give the bill third reading (killing the GST). The use of Article 26 to appoint eight divisional Senators gave the Conservatives a slim majority of the then 112 Senators.

Even still, it took a decision by the (appointed) Speaker of the Senate to hold a vote in the absence of the Opposition Whip, contrary to the Rules of the Senate, in order to pass the GST after months of delay in the Senate.

Mandatory retirements and deaths during the post-Mulroney years has left the Liberals with 65 of 105 Senators. The CPC has 24, and there are 3 "Progressive Conservatives".

At the moment, only 7 Article 26 Senators can be appointed, and there are 7 vacancies.

24+3+7+7 = 41 Senators which would support the Government, if all vacancies were filled, and Article 26 was exercised.

An independent Senator (Madeleine Plamondon) must retire in September, a Liberal (Jack Austin) must retire in March 2007. Barring untimely deaths, the next resignation useful to the current government will be in Feb 2008 (Senator Fitzpatrick), August and October 2008 (Senators Gill, Christensen and Trenholm).

In short, there is no plausible means by which the current government can break Liberal control of the Senate before it is Constitutionally obliged to face a general election.

the NDP will call a non-confidence vote and force an election

The NDP cannot unilaterally deprive the government of the House of Commons's confidence.

They have only 29 seats. The government has 125 seats. The BQ has 51 and the Liberals 103. There is one independent. Ignoring that one of the Liberals is Speaker of the House of Commons and will vote only in the event of a tie, the relevant results are:

125+51 > 103+29+1 (176-133) -- BQ keeps the government alive -- and we have seen this vote in divisions already this session
125+103 > 51+29+1 (228-81) -- Liberals keep the government alive -- and we have seen this too, in this session

Unignoring the Speaker's voting tradition:

125+29 = 102+51+1 (154-154, Speaker casts the tie vote 154-155) -- NDP fails to keep the government alive

The interesting question here is whether the Liberals, who can defeat most legislation in the Senate, or have the Senate insist upon amendments to most legislation, would join the BQ and NDP in defeating the current government before they have elected a new leader.

The Liberals have been clear that they would support Bill Graham, the interim leader, as Prime Minister until a new leader is elected by the party, and that they might be able to sell this state of affairs to the Canadian electorate.

However, a possibly exciting leadership contest (okay, that's a stretch), a possibly exciting new leader (maybe less of a stretch), and some time to make apologetic noises about the sponsorship scandal, plus some time for the Conservatives to shoot more of their toes off, may be preferable.

It is possible for the Liberals to not support the Conservatives in the House of Commons, without depri

Re:What I would like to know..!

[Beryllium+Sphere(tm)]

There's a more charitable explanation (barely) imaginable, which is that since they bought the company that makes the machines in 2001 they haven't been able to fix all the bugs.

Re:What I would like to know..!

[hr+raattgift]

But Martin and Chretien, and skilled as their fiscal management was, were up to their eyeballs in the sponsorship scandal.

I no longer live in Canada, and I am not a fan of Paul Martin Jr., except that he quit immediately and completely after the 2006 election results were clear, and that he made some surprisingly stirring speeches (in French) about being just as much of a Quebecer as anyone else living in the province.

Martin still does not understand that people simply did not believe that -- no matter how tense the relationship between him and Jean Chretien was -- the number two official in government, and the finance minister of many years, could not have known about the sponsorship program. Moreover, Martin would not -- and maybe could not -- play the card that Chretien did, namely that the scandal was a necessary risk in order to win the referendum in Quebec with pseudo grassroots slogans like "My Canada Includes Quebec", and a big splashy presence of the Canadian government whenever it doled out even the smallest of presents (pork, in other words) in Quebec.

The interesting thing is that the opposition parties negotiation of terms of reference for Gomery excluded the run up to the 1995 referendum, and fixed the timeframe of the sponsorship program from 1996 to 2004.

The 1995 referendum, you will remember, came out as 50.6% to 49.4% against negotiating sovereignty assocation (i.e., in favour of keeping the Constitutional status quo).

Chretien's line has consistently been that had the sponsorship program not happened, or had it been done in the open (thus exposing it to ridicule in the press), the referendum would have been lost, or a rerun would have happened after the 1998 Quebec provincial election (which in turn was an unsurprising "clone" seats-wise of the 1994 election, but which had a very different popular vote split, where the winner was the Quebec Liberal Party under former Mulroney cabinet minister Jean Charest). Moreover, the sponsorship program was designed to prop up Jean Charest's popularity as well, and he did become premier in 2003, not-entirely-coincidentally at the height of the scandalous abuse of the secret federalist slush fund.

Martin could have admitted that he knew all this, and that the scandalousness was a necessary (and ultimately pretty small, and probably recoverable) cost of effectively destroying the sovereignty platform in Quebec. It would have been very difficult for him as an Ontario-born anglophone, but certainly not impossible.

Instead, he did two things that helped destroy his predecessor John Turner. Turner had been finance minister under Trudeau and assigned blame to Trudeau for financial awkwardnesses when he returned to fight for the leadership of the party. He also called a quick election because he "wanted a new mandate" and to capitalize on his supposed "newness" and "popularity" while the Conservatives were still breaking in their new leader, Brian Mulroney. (Turner also had a much smaller majority in the House of Commons). Martin had been finance minister under Chretien and assigned blame to Chretien for the sponsorship scandal when he returned to fight for the leadership of the party. Martin called a quick election because he "wanted a new mandate" and to capitalize on his supposed "newness" and "popularity" (and ability to parachute in candidates of his own choosing, even against the will of the local grassroots riding associations)...

The total 'scandal quotient' of the federal Liberals from 1993 to 2005 was about the same as for Mulroney's Conservatives from November 1984 to... December 1984. And Mulroney's fiscal mismanagement cost the country $300 billion in increased national debt

Two very good points that Martin was unwilling or unable to bring up clearly and early. He would not admit that he was involved in any aspect of the scandal, thus destroying his ability to accept blame with exactly t

Yes, but...

[zenmojodaddy]

... surely only an EVIL TERR'IST would do such a thing, right?

Re:Yes, but...

[Gilmoure]

I've seen the way those tourrists drive. They're teh deadly. Can't wait for tourrist season. Want to bag me one with bigguns.

Will the US wake up one day ?

[Yvanhoe]

How come no political party makes this a central campaign argument ?

Re:Will the US wake up one day ?

[ChristTrekker]

Perhaps not a central argument, but part of the platform. Specifically the first and last paragraphs of that section, regarding fraud.

Of course, the problems of plurality voting methods still work to ensure that virtually no one in the USA will take a "third party" seriously enough to vote for them, no matter how good the ideas. You'll generally see good ideas for electoral reform, ballot access reform, etc, in just about every minor party...but because those parties themselves are marginalized, so are the ideas. When groups as ideologically diverse as the Green, Libertarian, and Constitution parties do agree on something, you'd think someone would take notice.

Re:Will the US wake up one day ?

Because all political parties are prone to cheating in one way or another?

This is just one avenue for voter fraud, something that has been going on for a lot longer than this with a lot less sophisticated voting procedures.

And no, it's not just Bush and it's not just the Republicans.

Re:Will the US wake up one day ?

[typical]

How come no political party makes this a central campaign argument ?

That's an easy one. What grabs the eyes and attention of Bobby the Wal-Mart checker more effectively?

(a) Gays are planning to marry...to *take over*!

(b) There is a computer security problem related to unverifiability (Bobby just stopped reading here, guys) in voting kiosks produced by a certain company. Flash drives could be used to...

There are a *lot* more Bobbys than Slashdotters in the US. That means Bobby's vote matters a lot more.

Now, given that a political party is basically a marketing machine to acquire and sell influence, you'd have to be a pretty damn incompetent party to target Slashdotters when you could target Bobby.

And there we have one of the strengths and weaknesses of democracy, all in one. Our democracy is pretty stable because the majority more-or-less support what is happening, but it's also limited to the understanding of the general public. It's hard to get complicated, specialized issues addressed. If you can get a one- or maybe two-sentence summary that produces a strong emotional reaction, your issue has a chance.

Take, say, Social Security. Social Security went through because the general public understood it to be some sort of savings system rather than an unmaintainable subsidy for the elderly. Given that economic systems are often hard to understand and that they involve, well, money, they're a good place to exploit a lack of understanding.

Larry Lessig, on the other hand, is not going to start a mass movement for the reduction of copyright terms, because aside from "free music", there's no general draw to do so. One has to have a reasonable understanding of what the point of copyright is and what the drawbacks are to have an issue with over-extended copyright, and most people just don't care enough to find out.

On the other hand, something like the Elian Gonzalez issue produces emotional response, and though it has little impact on the country as a whole, is what gets attention.

Re:Will the US wake up one day ?

[Garse+Janacek]

Well, the Republicans aren't for obvious reasons -- even if there was no deliberate tampering (which I'm somewhat inclined to believe), it's hardly a good idea to say "Wow, the party that is completely in power got there through completely unreliable voting machines! Vote for them again, because they'll fix this problem!" It just brings up uncomfortable questions they don't even want people thinking about, at least not until they're out of power.

The Democrats aren't because it would be political suicide to make this a major platform issue -- even though having reliable voting machines is an extremely important and worthwhile goal, you know it will be spun into "AHH! The Democrats are saying the Republicans stole the election! They're just talking about 'fixing' the voting machines because they're sore losers!" and blah blah blah, even though if there was any integrity in politics this would be a major priority (albeit maybe not a campaign slogan) for both sides.

And, as other commenters already noted, it has been a platform for third parties, but with the air time they get who would ever know?

Re:Will the US wake up one day ?

[Yvanhoe]

even if there was no deliberate tampering (which I'm somewhat inclined to believe)

I tend to believe, in contrary, that there has been deliberate tampering. We know that:

There have been flaws that allowed to change votes

There have been "errors" (I have yet to find documentation about an error in favor of democrats)

The machines are "good enough" : if no one intended to be evil or tamper anything, the machines would carry on with their mission flawlessly.

Maybe I will be modded troll for this, or tin-foil hat-er. But I would like to be proven wrong. For me last elections were stolen, and democrats showed their incomptence by not bringing the issue in full light.

Re:Will the US wake up one day ?

[stinerman]

The most interesting thing, IMO, is that I have not heard of a single instance where the Democratic candidate got more votes as a result of a software error. On the other side of the token, I recall Ralph Nader asking for a hand recount of certain areas of New Hampshire where the vote favored Bush by 10% more than the exit polls were calling for. The recount was done and matched the original count. This leads to one ore more of the following conclusions:

1) The exit polls were done unscientifically.
2) Voters lied to pollsters about their choice.
3) Voters thought they voted for Kerry, but ended up having their vote count for Bush.
4) A once-in-the-life-of-the-universe type event happened where all methods were sound, but the pollsters randomly picked up Bush voters rather than Kerry voters.

Re:Will the US wake up one day ?

[Yvanhoe]

How did they recount ? the machines did have a paper trail ? How is THAT trustworthy ?

I still love ...

I still love that GEMS Access database which stores the votes completely unprotected: http://www.sierratimes.com/03/07/11/article_electi on_fraud.htm

So that means...

[dJOEK]

Voting American Slashdot Readers will have a CmdrTaco option? ;-)

I bet alot of people...

Are laughing and thinking to themselves "told you so"

Erik

No worries here

[imkonen]

Jeez...what's everyone so paranoid about? How could a hacker possibly get access to a voting machine for a minute or two with enough privacy to load malicious software? He'd need to find one that for some reason or another had a curtain around it and hope no one thinks it's suspicious that he'd be in there alone with the machine.

Re:No worries here

I'm with you, I still can't believe someone could fly an airoplane into the WTC...

Re:No worries here

[arkane1234]

Jeez...what's everyone so paranoid about? How could a hacker possibly get access to a voting machine for a minute or two with enough privacy to load malicious software? He'd need to find one that for some reason or another had a curtain around it and hope no one thinks it's suspicious that he'd be in there alone with the machine.

Famous last words...

Power to geek

[WebfishUK]

On the otherhand you could see this working in favour of the geek. After all only someone with sufficient geek knowledge could rig the voting in their favour. Unlike the current paper systems which any f**kwit can abuse.

Maybe the geek will inherit the earth after all

Bush!

This is all the work of the evil Hitler reincarnative Cheney and his puppet Bush. Togather with Gen. Hayden and Diebold they are planning on taking over the world and drilling for oil everywhere! Long live Lenin, Stalin, Mao and the 12th Imam! Only Mahmoud Ahmadinejad and his nukes can save us! Die capatalist pigs! Die!

Ministry of Trolls

Punish the whistleblower. Shoot the messenger. Insist that everything you do is lawful and is fully supported by the Constitution. Nor does is spying an invasion of privacy. Remember, the terrorists hate our freedom. If we take it away they won't hate us anymore. Leave no paper trail behind.

Re:Cue rimshot

[dave-tx]

Come on. Tell us something we didn't know.

OK. OLN has hired a man named Stanley Cup to promote the NHL playoffs this year.

It'll never work...

[Keichann]

It's pointless talking about securing something that's inherently a terrible idea. You can't have voting performed by something that is, for most people, magical.

A good way to be certain these machines are sending the correct votes is to have a paper trail. When a person votes, a transaction id and their vote are printed to a piece of card or something, which is then put in a ballot box.

To verify that no votes have been sent by the machine without interaction, a random set of votes is selected from the result the machine sent and these are checked against the paper votes. To check that all votes have been sent correctly, a random set of paper votes are checked against the records sent by the machine. If either of these doesn't correlate, the paper votes are always assumed to be correct.

Even if this were to happen, it would (probably) take almost as much effort as counting the votes by hand!

Re:It'll never work...

[bfree]

Why remove the paper from the device? Instead use a roll of paper inside the machine viewable through a window. The design would have to ensure that the previous vote is not disclosed but other then that each machine would have a complete paper record of it's votes in an easy to read format which you could feed to a fast scanning machine to verfiy the entire voter trail. In case of any discrepencies the paper version is counted and once enough tally's are tested and accurate results are found you can save the effort of counting all the paper votes, but if that was required it could be done quickly and by multiple independant machines (independant to each other and the voting machine manufacturer).

The voter can understand this system quite easily, your vote is what you can see on the piece of paper in the window of the machine, they hope the machines will accurately count the votes as printed and save the recounting effort but that will be checked and it's what is on the paper that counts. Fitting a maginifying lens over the machine's window would allow a relatively small printout to appear much larger and easy to read (saving paper and/or increasing accessiility).

Re:It'll never work...

[architimmy]

I don't see why this can't be automated to a certain extent. A random selection of votes could be audited manually while all votes could be audited automatically. Essentially a real paper trail is necessary. Print the vote, unique transaction id, and date and time onto paper where the voter can clearly see and approve their vote. Along with text, this information could be printed in an easily scannable format (like a bar code). All this ends up on a big paper roll of votes which are run through a seperate machine which scans and verifies the paper record to the digital record for each vote. In addition voting officials can make a random check comparing the paper record to the digital record.

What's really the problem is not the "electronic" part it's the notion that you are essentially putting all your eggs in one basket. We lack any ability to verify that the vote is being recorded in current systems. If you have seperate machines produced by seperate vendors, all of which comply with a standard protocol, auditing a voting trail shouldn't be that hard. You can still allow closed source proprietary systems while maintaining the ability to send your data through open "gateways" at which you can always observe and verify that data. Voting has never been a one step process for good reason and the current thinking isn't wrong because we're trying to automate it, it's just wrong because we're automating it the wrong way.

Re:It'll never work...

[Keichann]

Unfortunately, who's to say the barcode actually corresponds to the text printed on the ballot, in a small enough number of cases to have a possibility of being missed if it's only being checked by one person? Seperating the ballots and using OCR could work, but again, a voter wouldn't know whether that X is in the place that marks Nader or Bush, despite where the labels are printed.

We can never completely eliminate fraud, but in First Past the Post, we don't need to. You only need to reduce the possibility of fraud to an amount that's negligible for each constituency.

Because of all of the above, I would still want humans doing my sampling. If they're selected properly, and the testing is distributed, even if there is collusion it wouldn't change the result.

Any Software?

[Mignon]

someone with a minute or two of access to a Diebold touch screen could load virtually any software into the machine

<sarcasm>Far be it from me to perpetuate Slashdot cliches</sarcasm> but

• Will it run Linux, and
• Imagine a Beowulf cluster of these!

Ladies and gentlemen, I give you President Torvalds...

Re:Any Software?

[Rob+the+Bold]

Will it run Linux

I know you were being funny, ES&S has one, but they shelved the project.

If you press really really hard

[AHuxley]

You might get to vote for Tim P Gary K or Gordon E.
"Elect 2006" - A 32 bit patch for a 16 bit interface to an 8 bit OS designed for a 4 bit chip
from a 2 bit company that can't stand 1 bit of democracy.

Re:Cue rimshot

You: Emacs sucks
Doctor: Emacs? Hah! I would appreciate it if you would continue.

Not Diebold -- it's the people you voted for.

[Kadin2048]

Never attribute to conspiracy what can be easily attributed to greed.

Diebold's marketdroids have, I'm sure, come up with the ideal price point for electronic voting machines. I don't know exactly what it is, but it's got to be something less than the old mechanical "pull the lever" machines, but still substantial.

Since the price is basically fixed, they then have a motivation to produce the cheapest, shoddiest piece of shit that they possibly can, to maximize their profit.

I have no doubt that, if a major company really wanted to, they could probably make a reasonably secure electronic voting machine. We have -- as you pointed out -- reasonably secure ATM machines. There's not something magical about making a voting machine: they could build it like an ATM, run it on the software platform that drives ATMs (OS/2, in many cases, I think), and give it all the same physical and data security. Coupled with procedural safeguards (paper trail, periodic inspections on voting day), I would feel comfortable using one.

However, all this would do one of two things: 1, it would cut into Diebold's profits, or 2, it would cause the machines to be so expensive that municipalities would rethink replacing their existing machines, or rethink using electronic voting as opposed to mechanical machines or other alternatives.

There's no giant right-wing tinfoil hat conspiracy going on. They're just applying the Wal-Mart Method to voting machines: figure out what people are willing to pay, and then deliver them the cheapest piece of shit that barely fills their requirements (but does it poorly), in order to maximize your margins.

To be perfectly honest, I can't fault Diebold for this. People love to demonize them, but they're not the worst actors in all of this. What they're doing ought to come as a surprise to nobody. The people who have every last bit of the blame for the cockup that this situation has turned into -- and it's only going to get worse -- are the local governments who have accepted the shit that Diebold is turning out.

If a company turns out a shoddy product, we need to tell them that's not acceptable by refusing to buy it. If they make cheap crap, and we buy it, then we might as well just bend over and say "thank you sir, may I have another!"

It's easy to demonize Diebold because there's only one of them; but really the people you need to be looking at are the asshats that decided to adopt their shitty equipment and use it to record your votes.

Re:Not Diebold -- it's the people you voted for.

[plague3106]

To be perfectly honest, I can't fault Diebold for this.

I can. Letting greed override everything is inexcusable, especially when their greed may end up destroying our country. Its treason, at best.

Re:Not Diebold -- it's the people you voted for.

[Kadin2048]

Making a shitty voting machine isn't wrong or illegal.

I could make a terrible voting machine in ten minutes involving a cardboard box, if I wanted to.

It's the people who then take said shitty voting machine and USE IT FOR CHOOSING OUR LEADERSHIP who are committing treason.

The only thing I can fault Diebold for is potentially misrepresenting their products by claiming that they're useful for anything more important than picking the Prom King and Queen at a highschool dance. But that doesn't in any way absolve the people charged in this country with running the elections from using Diebold's shitty equipment in one of the most important aspects of our system of government.

It's the election officials, from the lowliest poll worker to the State commissioners, who are failing in their duties to ensure just and fair elections. It is their job to evaluate the voting mechanisms and ensure that they are fair and secure. They should never be depending on the claims of the manufacturer of the equipment, or anyone else, in order to make this determination. It's their responsibility, and they are failing miserably at it by using Diebold's machines.

Re:Not Diebold -- it's the people you voted for.

[plague3106]

It may not be illegal, but it certainly is wrong.

If you know your machine may be used to elect officals of government, I believe its your moral responsiblity to only do so in a quality way. This 'lets do it to make a quick buck' isn't an excuse. Car manufacturers are supposd to live up to certain safety standands, but someone building a voting machine (which is I would say is even more important than building a safe car) doesn't need to meet any?

There are lemon laws for cars; I would expect a much higher standard for someone building voting machines. You say the lowliest poll work is supposed to evalutate the machines; I doubt they ahve the technical ability to hack in using a wireless laptop.

Your reasoning is complete nonscense; Diebold knows exactly waht they are doing, they are supposed to be the 'experts' and to say its ok for them to make a quick buck at the expense of our government is mind-blowingly stupid.

Re:Not Diebold -- it's the people you voted for.

[Kadin2048]

If our electoral system can't handle a company manufacturing bad voting machines, then we're in serious trouble. If someone tried to sell me voting machines, I'd assume that they were out to rig the election, because that's the only safe thing to assume. I have to assume this, because the alternative (assuming they're trustworthy) is stupid and dangerous.

The system has to be designed for the fact that people are dishonest when large amounts of money are involved. You can't trust the voting machine manufacturers. Any voting system that relies on the manufacturer of the equipment to say "Oh yeah, that machine's accurate...perfectly accurate," and takes them at their word is flawed.

We should assume -- regardless of what the people who build the machines say -- that they're rigged. Or at least designed to be rigged. From that assumption, it's the government's job to find the right people who can go through with a fine-toothed comb and prove that they're not.

I'm not totally apologizing for Diebold -- they're likely a lying bunch of scumbags. But that shouldn't come as a surprise to anyone. If it does, you're naive, and I'd like to visit your home planet some day. This is a caveat emptor world, especially when it comes to people who try to sell things to governments. If you sign contracts in the Millions or Billions of dollars, you need to ASSUME, each and every time that you go to buy something, that the person trying to sell it to you is a lying, cheating, filthy stinking swine, who will say and do whatever it takes to make that sale. Maybe they aren't that bad, maybe they are. But that's the attitude that we should go in with, anytime anybody tries to sell a system like this. Assume they're corrupt. Assume their system is broken. Assume they want to rig the elections. Believe nothing that they say.

If we don't have the capability to check that the system doesn't work the way we want it to, without just blindly swallowing whatever Diebold says, then we shouldn't be using their machines for anything important.

When you have a prison breakout, you punish the criminals. But it was the prison that didn't do what it was supposed to do: it's supposed to be built with the assumption that people are going to try and break out of it. Likewise, any voting system that depends on the machines' manufacturer being trustworthy is like a prison that assumes none of the inmates will ever try to get up and leave.

Punish the criminals that try to break out, and by all means lambast Diebold if that makes you feel better, but neither of them are acting in an unexpected way. It's the system that failed for foresee their (obvious) behavior that's broken.

Heisenbergian Theory of Security

[bsmoor01]

Does anyone else think that Diebold invests in the Heisenbergian theory of security? You just have to trust that it's secure, and if you look to see if it really is, then it may not be.

WHEN AND WHERE?

i live right outside of DC. On July 4th, i hope to celebrate independence day the way i always wanted to:

INDEPENDENCE FROM COMMERCIALS. turn off all media for that day
INDEPENDENCE FROM WASTE: eat only foods from a grocery store and avoid anything with fructose corn syrup.
INDEPENDENCE FROM OIL: obvious
INDEPENDENCE FROM TAPPED COMMUNICATIONS: don't use the phone
INDEPENDENCE FROM BUSH: Take all of the above and protest this crazy voting system, both technologically, and mathematically. It's crud both ways

what am i missing? Yes, we already have a holiday PERFECT for showing the world what we think, and silly us, we thought it was commorating something we gained hundreds of years ago. How quaintly delusional.

My 'confirm you're a human' keyword: lockups. If that's what it takes.

How long would it take...

[Analogy+Man]

Suppose DieBOLD's ATM machines had a backdoor key sequence that would enable me to get the whole stack of 20's. How long would it take them to slam that door shut?

Haven't they yet discover

Haven't they yet discover that the screen is also a fingerprint sensor
that matches your identity against a database of all your phone calls,
everywhere you traveled and everything you bought with your credit card?

Diebold's proprietary issues

[KarmaOverDogma]

A little searching here on /. and Google will remind people how these kinds of issues have come up with Diebold Touch Screen Voting Machines before. I have to wonder why they, in particluar, seem to have more problems than other voting maching manufacturers? (no sarcasm intended).

Most of the articles I have read, including this one, point to the fact that it can only be done by someone who knows how the system works and has the correct tools, lending some politicos (including Diebold reps) to say that they really aren't that vulnerable at all or that the problem is not serious. But stakeholders in elections results are precisely the people who could have someone in-the-know and with the correct tools manipulate the results just enough to tip the scales in one candidates favor or another. California realized this and dumped Diebold. Close elections happen all the time, so possible (even plausible) scenarios are not to hard to imagine. If a Diebold machine can be rerogrammed or altered for voting results, even the "verifiable paper trail" could be made to print out alternative results (for those who don't bother to look at the print-out window).

As an Ohio voter who has used one of these machines, I think I am going to have to vote absentee from now on, since a newly passed Ohio law permits me to do so far any reason at all (e.g. I dont want to vote on a vulnerable touch screen machine).

For me, this is one more poignient example of how proprietary voting technology leaves room for problems and the need for transparency with it by proper (preferably Federal) legislation.

Re:Diebold's proprietary issues

Scary Bit: Main reason Blackboxvoting.org has not released similar reports about other manufacturer's machines: They haven't had access to them.

You americans are silly. Running elections with 'magical' closed boxes that have not been even peer-reviewed to be secure. Instead the boxes are 'certified' with govt red tape, which is painfully clearly just bunch of hogwash (see: diebold junk boxes that are 'certified' for your elections, and their 'drive-a-mac-truck-thru here, here, here and here'-level security holes).

Any problems with the results can be explained away with the magical 'computer error' catchall, and whoever pays most to the closed election box thingy manufacturer(s) gets to pick who runs the show.

I knew americans were dumb and corrupt, but this is pretty damn sad.

Vote Stealing Song

[gorehog]

---sung to the tune of Woody Guthrie's Hard Travelling
D
Diebold's stealing elections, I thought you knowed.

Diebold's stealing elections
A7
on machines with closed source code.
D
We dont need no double dealing,
G
electronic vote stealing.
A7
Diebold's stealing elections,
D
Lord.

Diebold's stealing our votes, the right that makes us free.
Diebold's stealing our votes, oh cant you see.
How can they say I'm free if their machines can vote for me?
Diebold's stealing our votes, Lord.

Diebold's stealing our votes, I thoought you knowed.
They've been shredding the paper trail at the end of the road.
It doesn't matter who you choose, when you're sure you're gonna lose.
Diebold's stealing our votes, Lord.

I'm gonna vote with pen and paper I thought you knowed.
I'm gonna see it counted at the end of the road.
I'm gonna vote with pen and paper so I know that there's a record.
And I'm gonna go vote my conscience Lord.

A quick couple of notes (so to speak)...
The chords are right as far as I know. The words are mine, though they dont fit quite right in all the places. Either apply Tom Leherer's rule that "it doesnt even matter if you fit a few extra syllables into a line" or use the folk process to make it fit so you can sing it.

Also, I've got one line with no verse to put around it...

"Voting wont be so scary if the countings not binary"

The main thrust of this song is to educate and protest on the issue of electronic voting. I am a New York State resident and for those who dont know we are being sued by the feds to upgrade our nice mechanical voting machines to electronic voting. If we do not they are going to withhold federal money for the upkeep of our voting system. This is blackmail, the same kind of blackmail that was used to put the 55 mph speed limit in place.

Our voting machines have worked for a century with the same design. We trust them to do the job and know where the flaws and weak spots in the security are. We, as a group, when polled, do not show a desire to change the system at this point and our state voting commission and legeslative review boards have rejected electronic voting as an unsecure and immature technology. The peculiarities of how a state does it's voting is a state's right to decide, which is why different states have different rules about every aspect of the electoral process. Some states are proportional, some are by district. Some states use machines and others use punchcards. Election laws are made at the local level.

The lawsuit by the federal government smacks of blackmail and manipulation. Why is the federal gov trying to control the electoral process at the local level? What do they hope to gain?

Re:Vote Stealing Song

[iminplaya]

What do they hope to gain?

I'll assume that's a rhetorical question and that you already know the answer.

Try looking at Maryland for an example

Maryland did not go for Bush in the last election, despite using Diebold machines. Of course you wouldn't let a FACT stand in the way of just repeating talking points about how elections were stolen.

Diebold were put in by a DEMOCRATIC controlled state government before our current goverenor (a Republican) was elected. He is trying to remove the machines from the state, but the DEMOCRAT controlled board of elections (state senate and house changed the law so he can't replace the head of the board) won't remove them.

Re:Try looking at Maryland for an example

[brian0918]

"Maryland did not go for Bush in the last election, despite using Diebold machines."

The difference is that Maryland didn't matter one bit to the election, whereas Ohio was seen as crucial. So, anyone with a conspiracy theory would see Maryland's results as the Diebold folks covering their asses.

Re:Try looking at Maryland for an example

[gid13]

"you wouldn't let a FACT stand in the way of just repeating talking points about how elections were stolen."
*I* didn't make any claims one way or the other, except that using Diebold machines is a horrible idea, which is a claim that is backed up by the article. All I did was ask for the previous poster to support his claims. I most certainly did not say that the election was stolen, and the person I replied to did not post any facts for me to let stand in the way, let alone sources I could use to verify them.

I appreciate your answers to my questions, but they'd be better if:
1. you gave me a link or something else I can use to verify what you're saying, and
2. you weren't being an ass to someone who's merely asking questions. All it does is make me suspicious of your claims.

Re:Try looking at Maryland for an example

Maryland did not appear to cheat and therefore Ohio did not cheat either. Yeah, good proof to back up that claim.

Sir, my client is not guilty of rape. My proof is he was with a different woman a week earlier and he did not rape her, therefore he is not a rapist.

Re:Try looking at Maryland for an example

Now that is funny! Well not the rape thing, but the sarcasm.

Re:Try looking at Maryland for an example

[mencik]

What is interesting in Maryland, is that you do not need any ID in order to vote. Just go into your precinct, give your name and address, sign a card and vote. So, if you know the name and address of someone and beat them to the precinct, you can vote in their place (assuming the poll workers don't know you or the person being impersonated). Afterwards, if the real person comes in, they would need to file a provisional ballot and fight to have the other vote somehow taken away.

Why they can't require some form of photo ID is beyond me. Though, I have heard of lawsuits in other states that do require photo ID, as being intrusive and thus somehow impeding voter's rights. I guess they equate having to pay to get a state issued ID card as the same as paying a poll tax. That could be corrected by simply providing the state issued IDs (for those that don't drive) for free.

Re:Try looking at Maryland for an example

Actually, I think it would be closer to:

Last week, this woman was with another man and was not raped. Therefore, my client is innocent.

Re:Try looking at Maryland for an example

[bryce1012]

Yup. South Dakota requires a photo ID to vote. Unfortunately that requirement apparently qualifies as "racist," because not all Native Americans have drivers' licenses. All sorts of activists whined about that for a long time after it was enacted 2 years ago.

Of course the best part is, the ID really isn't necessary. If you don't have it you just sign a waiver saying, "Yes I really am so-and-so," and they let you vote. The law basically says: "You must bring a photo ID to the polling place. But if you don't, that's OK too, we'll still let you vote, no problem."

Election Fraud

[darjen]

So, there exists the possibility of election fraud. How is this different than what we already have? In fact the skeptic in me (which takes up most of me) wonders if we have ever even had a legitamate election here in the US.

Where I am in Ohio we just had news break of a huge voting scam where people were shaving the chads off of the cards for the candidates they wanted to win and leaving the others.

One of the problems I have with democracy is that it's naturally subject to this kind of manipulation. Are there any possible solutions to remedy this? I don't think more oversight will work, because who will watch those that are doing the watching? Any suggestions are welcome, but until I hear of a practical way to stop voting fraud I will treat any election results we have with a huge grain of salt.

Re:Election Fraud

[starfire-1]

I agree with this completely - and I wonder why this isn't modded higher (hint hint).

There seems to be faulty logic that what we have now, paper based votes that are handled by humans behind closed doors, are always correct and infallible. Certainly voiding or invalidating votes after the fact is a quick and easy thing that virtually anyone with access to the ballots and the will can execute. And even though I would never suggest that any electronic form of voting is secure, I do beleive that it would be far more difficult to tamper with and involve a much larger consipiracy were any fraud to occur.

Everything is relative - and if electronic voting, faulty or not, reduces the total amount of fraud - this is good. And if fraud continues, then it may be easier to determine who is orchestrating the fraud as techniques and hardware would necessarily need to be distributed.

Just my 2 cents.

Re:Election Fraud

[MoreCozmic]

The point of an election, in a democratic society, is to allow the majority of the people to choose the candidate that most represents their interests. The system of checks and double-checks is predicated on the assumption that you can find trustworthy people, and in an honest society, most of the watchers will be trustworthy. If the majority of the watchers are trustworthy, then the checks and balances will mostly stop the dishonest people. But this is true only if that population is made up of mostly trustworthy people. If most of the people are dishonest, then you will end up with many dishonest watchers, and most elections will be dishonest. However, I maintain that this is a correct outcome, since this, in its own ironic way, reflects the wishes of the dishonest majority. If the majority of the people are dishonest, then they will have dishonest elections, so their elected representatives will be an accurate reflection of that population. Democracy is not easy, does not often work in any given instance. It only triumphs in the long run, as long as individuals retain the courage and freedom to believe in it.

Re:Election Fraud

[maxwell+demon]

So, there exists the possibility of election fraud. How is this different than what we already have?

Without a paper trail, it's easier to hide the election fraud.

Re:Election Fraud

[kilfarsnar]

Thanks for this very insightful post. It is informative, not only on the state of a democracy, but our world in general.

Re:Election Fraud

[Detritus]

The remedy is sending people to the graybar hotel. Unfortunately, prosecutors almost never agressively investigate and prosecute election fraud. I've heard people brag about voting twice. Absentee ballot fraud is often organized and widespread.

Re:Election Fraud

[darjen]

The system of checks and double-checks is predicated on the assumption that you can find trustworthy people, and in an honest society, most of the watchers will be trustworthy. If the majority of the watchers are trustworthy, then the checks and balances will mostly stop the dishonest people. But this is true only if that population is made up of mostly trustworthy peo

So, if we had such an honest society, why would we even need people to watch and rule over us in the first place? In this scenario, most people would be able to govern themselves properly and resolve any disputes they have in a peaceful manner.

If most of the people are dishonest, then you will end up with many dishonest watchers, and most elections will be dishonest. However, I maintain that this is a correct outcome, since this, in its own ironic way, reflects the wishes of the dishonest majority.

If the majority happens to be so dishonest, then it seems pretty immoral to force the honest minorty to support whoever is elected. I know I sure wouldn't want to live under these circumstances myself, as it would simply be yet another form of tyranny.

Havent' they found out yet?

[BamZyth]

Haven't they yet discover that the screen is also a fingerprint sensor that matches your identity against a database of all your phone calls, everywhere you traveled and everything you bought with your credit card?

Not true

"The best reason to use electornic voting machines is that they allow many people with disabilities"

Not true, the screen has a lower contrast than paper, the screen is more diffult to press correctly than scratching a mark on a piece of paper, and if you still need assistence, its not as easy to verify that the person who helped you did so correctly.

they did

Third parties DID make this an issue after the last election results. That the top D or R parties didn't (grassroots are another story) is becase both of those operate as a cooperating cartel, which have conspired to hijack the US government and hold it as an extensive jobs and skimming/fraud operation. We have at the top the globalist exploitation party, with two wings.

Re:they did

[ChristTrekker]

Yup, the D/R party is a Duopoly. One beast with two heads.

How about a cardboard box?

[wandazulu]

Think about it...ATMs are the machines you want to go after, with the large sums of $$$ and all, but besides the obvious security cameras and such, they're typically embedded in a wall; you have access to the slot for the card, the screen, and buttons (if it has buttons). You can't tamper with the machines if you're not given any way to do so. Yes, there are free-standing ATMs but they are like today's voting machines...untrustworthy and I won't use 'em.

So why not design the voting machines in such a way as that you can't get access to anything but the screen? I'm thinking of something like sinking them in a table or somesuch so you can only touch the screen and nothing more. I remember the lever-based voting machines I used kept all the "good stuff" in back, outside the curtain; if you wanted to tamper with that, you did it in the full view of the public.

Re:How about a cardboard box?

This begs a question I've often had about the furor over electronic voting machines...

Just what was wrong with those old lever-based machines? They were simple to operate, the chance of mistakingly voting the wrong way was almost nil, and (if I'm not mistaken) punched papertape or similar with the votes. Yeah, papertape may be ugly, but it's auditable.

What was it about those machines that made them fall out of favor? Cost is all I can think of.

Re:How about a cardboard box?

[Spaceman40]

How about freaking paper ballots?

how long?

[PopeRatzo]

Searching our phone records without a warrant. Torture. Secret Prisons. Lying to get us into a war. Do you think a corporation that has ties to the current administration ginning up the voting machines to rig elections is out of the question? It's probably already too late for elections to make a difference. I'm starting to think only massive civil disobedience along the lines of a general strike will have any effect on us getting our nation back. I understand that anything that threatens to disrupt you playing with your XBox 360 is unthinkable, but it just might be time to take to the streets.

Where the blame TRULY LIES

The problem lies with Diebold and "the government" overseers of the project. Whoever was involved with the oversight "committee" either didn't want to get into the "details" of the "technical" aspects of the project or had no clue how to interpret them.

The "technical" experts from Diebold and the government, if they were even half-assed good, should have been jumping up and down about issue after issue.

But how many good IT people seek employment with the government that are involved with overseeing projects? I'm guessing not many.

At the end of the day, when all was said and done, I'm sure whoever was involved with the development of the voting machines had to say a little prayer asking some divine force to intercede so that the polished turd they produced never be discovered as such.

Good question.

[Schlaefer]

In my opinion everyone with a decent school education (or even without) should be able to overview (and even hold) an election. You can do this with pen and paper, but not with a complex black box. So we help 5% of the population to vote by locking out 100% (minus 5 diebold engineers) when it comes do counting the votes.

Re:HUMANS are Fallible

Humans don't always do as they are told.

Can we go back to punch cards?

At least the "hanging chads" were secure, and they sure left a paper trail.

Easy fix

[natedubbya]

These problems would all go away if we just stopped making everyone's vote private. Attach video cameras to the booths, ask the voters to verbally speak their vote. Easy.

.....kidding

Trusted Computing?

[50m31sl4sh.]

As the study mentions:

There are no cryptographic signatures or other security related measures involved. Replacement of the Windows CE operating system file is performed without even the most basic level of source, authentication or compatibility testing, allowing even code that is impossible to execute to be installed.

All I can say, WTF???
This is a voting machine, not a toaster! Even my mobile phone doesn't allow flashing of unsigned firmware.
But unlike a phone, voting machine is a multi-user device, which should be secure by design at every level.

So, maybe in this case Trusted Computing may find one of a few of its good applications?

DMCA

[sgauss]

This whole article is a violation of the Digital Millenium Copyright Act. Bruce Schneir, and the terrorist Finn Harry Hursti should both be locked up!

No, no, no...

[Net_fiend]

you've got it all wrong. Its going to run Microsoft Windows Election Edition or (Wee). Bill Gates will be included as the default candidate. Any person choosing another candidate will immediately recieve a BSOD.

Using computers to vote...

[BlindRobin]

is an is an egregiously inappropriate use of technology and only makes fraud easier by increasing the opacity of the system. It is rather like using a remote control laser scalpel to do pedicures and the use of paper reciepts from the computer are like welding a pair of cuticle scissors to the laser scalple, utterly absurd and useless. They will never be used, and are just an added coplexity and another avenue for manipulation.

There are only three kinds of people that accept "electronic voting systems" .

1) Those that develop and manufacture them (jobs and profit!, (and control where they overlap with #3 below)) as well as those that are simply enamoured of the technological challenge to make it work even though there is NO compelling reason for applying any technology more complex than a paper ballot and a pen to this particular problem.
2) Those who are ignorant enough to believe that "computers can't lie so this must be better, besides it's so much easier to use than wielding a pen or a punch, besides it's prettier and so modern. Also those that just blindly trust the system and go along with "whatever".
3) The people who realise that not only does increased automation reduce the number of people involved in the process and therefore the number of people with an interest in the process but that overt or covert control of the system (now easier becuase of the concentration of control) not only guarantees their success in elections, they can present it both as a means to correct the abuses of the previous system that were so problematic in past elections (without mentioning that the prior/current system is more difficult and costly to manipulate) and as opportunities to most of the people in #1 above.

Yes people can stuff ballot boxes, and vote from the grave etc. with paper ballots. But with paper ballots and physical counts, the electorate must be more involved in the process and oversight. Simplicity in the system is essential for there to be any sembelance of transparancy.

One used to handle uneducated voters this way:

[Yvanhoe]

headline : "National elections rigged!" There. You hooked Bobby. Unethical ? Well give the facts in TFA. If Bobby still believes Iraq had WMDs, I don't see anything unethical in telling him what he must believe before the facts about he doesn't care.

Okay, I gotta say it...

[Frodrick]

"someone with a minute or two of access to a Diebold touch screen could load virtually any software into the machine and disable it, redistribute votes or alter its performance in myriad ways."

One could argue that it may have happened already...in 2004...in Ohio.

Yeah, yeah, I know.... So it's a troll.

Re:Okay, I gotta say it...

What are you saying? That the Democrats almost stole that election?

If only they had a few more devices...

Re:Okay, I gotta say it...

There were a LOT more shenannigans in the Replican's favor going on in Ohio. Not surprising since Republicans were running the show there. Hell, they wouldn't even put more than one or two machines in a democratic area, while Republican areas got more than enough machines. Democratic sites got closed early, and sometimes didn't even open at all. Republicans even handed out flyers in democratic areas saying that the election date had been changed.

Lemon Party?

Are they kind of like the Green party only not so much? Hmmm - I think I'll support them!

I'll be sure and speak with my Diebold Rep

About four weeks ago I signed on as the manager of a group of people overseeing - among other things - the June primary for my county. This group will be implementing the Diebold systems for early voting access over the next few weeks. Having read the article in /. I immediately passed it on to our voting department for review. I'll be sure and get in touch with our Diebold representative ASAP to see what he has to say.

Should be interesting.

(Sorry for the anonymous post - I prefer to stay under the radar for the moment.)

Its isn't the core problem of voting.

[vertinox]

I wouldn't say the core problem of voting is faulty machines in itself but voter apathy and centralized voting commitee.

What we really need is either two things:

1. Election Day as a National Holiday (like 4th of July or Christmas) in which everyone gets off of work to go vote. And make a big deal out of Americans participating in the election.

2. Make it easier to vote. During the 2004 election, many places out 2-4 hour waits to vote. If you had to work that day, well... Many people gave up and went to work.

3. Allow internet voting or easier absentee voting. The above two problems would be a moot point if we could simply use our SSN with a pre-registered form of our current verifiable address (with our drivers license or state ID) and then just.

This should be controlled at State and even more local levels... Internet voting should not be controled or regulated at the Federal level.

Still... I doubt any of these things are going to happen any time soon so I'm going to be proactive and just ask work to give me the day off for election day.

Re:Its isn't the core problem of voting.

[belg4mit]

Ayup, we're one of the few western countries with a voting holiday or (luckily)
compulsory voting; think T-shirt of stick man pointing an AK at another stick
man in a booth, "Vote. Because you still have a choice."

As I've mentioned elsewhere, if certain parties would balk at yet another
(federal) holiday, why not celebrate Martin Luther King day on November 2nd?
Or maybe Memorial Day? Get people to put two and two together and *maybe*
just *maybe* come up with an answer other than "three"....

As for all those bitching that we've bitched at all voting since 2000, could
it be because it all fails the simple criterion of "making it easier"?

Use computers for tabulation but have paper backups, and give everyone an
anonymous ticket! No polling, no calling the election. The next day, you can
check your ticket against records online, or in the newspaper or via a phone
tree or something... Then we find out who the next shcmuck to hate is. Do we
really need to know that night? Can we know? It's not like the bastard even
gets the job for another three months. Where's the fire?

Reference to footnote 2 redacted

[uab21]

Footnote 2 in http://www.blackboxvoting.org/BBVtsxstudy.pdf Files found by Bev Harris on Diebold FTP site Jan. 23, 2003 is not referenced in the body - probably refers to the filenames that were redacted. Anybody gone to the site to check what they are?

Diebold's Commodity Issues

[Rob+the+Bold]

I know this is not exactly what you meant by "proprietary", but much of the trouble that Diebold is having is in fact becuase their systems are not proprietary. The reliance of "security through obscurity" in the electronic voting machine business is aggravated by Diebold's extensive use of non-proprietary hardware and software.

One of Diebold's competitors, ES&S, has their own troubles, but their machines are far more prorprietary and thus more obscure. You would need more specialized software and equipment to hack the iVotronic.

NB: This is not an endorsement of obscurity-based security. Even if a voting machine is not tampered with by outsiders it is still subject to deliberate and accidental errors introduced by those with legitimate access, up to and including the manufacturer.

As to Federal legislation . . . the source code for voting machines is supposed to be run by independent third-party auditors to ensure that the machines operate as intended. I'm sure everyone here can think of many ways this process could be circumvented, e.g. programming the machine with firmware compiled from non-reviewed source.

Make up your mind...

[uarch]

• With paper ballots people complained they were too hard to use and you had to worry about stuffing ballot boxes.
• With mechanical punch cards people complained they were too hard to use and you had to worry about rigging the machine and stuffing ballot boxes.
• With computers people complain that they're too complicated and you have to worry about rigging the machine.

What kind of genius honestly believed going to a computerized system was going to be more secure and solve everyone's problems?

Oh come on people...

[danpsmith]

...it's not a "security hole" if it was designed that way to begin with. It provides a great illusion of voting while maintaining the status quo, okay? Everyone's happy this way... Of course there's "security holes" everywhere, they weren't designed to be secure to begin with.

Re:Oh come on people...

news just in.

the next generation of Diebold machines will run Windows Vista.

Re:

One the 2004 election, there were some suspicions of a tampered result.

2000 and 2004

Something doesn't add up here.

After the 2000 election, the left cried election fraud. They complained about paper ballots and dangling chad. Even here on Slashdot, they said, "a computer will eliminate election fraud."

So computer voting machines were developed.

After the 2004 election, the same people complained of election fraud. The same group of Slashdotters said, "all computer voting machines have security holes; paper ballots are more reliable."

Duhhhhh

For being a bunch of tech-nerds, you sure are stupid.

Re:2000 and 2004

[NoahsMyBro]

I call baloney.

After 2000 I don't recall hearing anybody plead for computer voting machines. Back up your claim - where did anybody cry out for computerized systems after 2000?

People should make stupid changes to voting record

[Gilmoure]

If there were enough flagrant changes to voting machine records, people might finally start yelling about it. Maybe Bozo the clown should win in a nationwide vote?

They took shortcuts

[Rob+the+Bold]

Diebold makes their voting machines hackable for two relatively legitimate reasons:

1: Saves engineering time and money to use commodity components, both hardware and software.
2. Easy to upgrade/update/patch in the field is a good selling point. In this case, "hack" is s synonym of "upgrade", so hacking is possible, too.

ATMs are more secure because the customers (banks) demand more security. Paper tape transaction logs are an excellent audit tool in case something goes wrong, whether intentional or accidental. If your voting machine had such an audit trail, we wouldn't need to place as much faith in the integrity of the equipment. Of course the equipment's reliability would probably also increase, since an audit trail would eventually catch defective or subversive systems -- a voting machine manufacturer wouldn't like to be in a position of having to explain discrepencies where a paper trail was present.

A Note about curious turnarounds

Notice in the last two elections, the exit polls were against the winner - so were initial results. They only turned around in the evening after the result ratio between candidates had been established.

Think about it - if you WERE going to steal an election, you would need to wait until the result trends were already established, otherwise you wouldn't know how many votes to steal. If you did it early and didn't steal enough votes you would still lose.

Speculation

After reading the redacted version, and having some small amount of experience with WindowsCE, I'm going to speculate (warning: speculation is bad. Bad, M'kay? Don't try this at home or with your reputation or job or freedom on the line.)

The paper mentions that the PCMCIA memory card will be mounted - I'm presuming that, given the capabilities of WindowsCE, the card will be mounted as a FAT16 or FAT32 disk - a /boot/ disk, ala the boot floppies everyone knows about.

It mentions an 8.3 filename. Again, FAT16.

It looks for two distinct files ala the autoexec.bat & config.sys in MS-DOS, and auto-executes them.

It mentions the files have only signature check, mode check, and integrity check - or some subset of these - performed on them; This is presumably in order to verify that the files have not been corrupted (ie, checksums) - as seems to be par for the course for Diebold.

Second layer attack mentions three filenames, of what I presume to be binary images (just like every other embedded firmware i've flashed) and control files which can then overwrite whatever is on the device, automatically, without (much) user intervention.

It also mentions that access to the PCMCIA slots can be had without disturbing the tamper-evident tape - merely by using a small phillips screwdriver to remove the entire back plate & doors - lock, tape, and all.

It also mentions that rework can be done - theoretically - over a network link.

What we have, ladies and gentlemen, is the PCMCIA-card equivalent of walking up to a Diebold election machine, inserting your own virus-laden boot floppy/CD/Ghost boot floppy/Ghost boot CD, and root-kitting the machine - now and forever, with no way of being able to audit the machine's integrity or trust it thereafter without having humans (or a trusted other machine) read the entire box's stored code.

And there's no way of knowing just who has touched these boxes, in the homes of poll officials or on the way to the homes of poll officials or wherever.

Every one of the 'independent' security auditor institutions that certified these machines should be tried for criminal incompetence. A middle - school student could break into one of these machines.

This renders each and every Diebold machine that it effects completely and totally untrustworthy. Now we know why they don't want them to be open-checked and independently certified. Like we didn't know that before.

We need a better concept, not a better machine.

[joekrahn]

The problem with the the current design of voting machines is not the reliability of the machines, but the general design of the voting system. A good design is needed such that even an insider that can internally modify the voting machine is unable to affect the voting outcome. Before a voter leaves the voting booth, their votes should be recorded off-site in multiple locations, and they should get a receipt with an anonymous vote serial number with a validation hash that can be re-checked at a later time so that the voter knows their vote is not currupted. Is that idea too simple? Are there no decent cryptographers on the team? Are the designs being managed by lawyers?

Prediction:

63% of Americans will be too short sighted and apathetic to care.

Diebold

[dupper]

At best, incompetent engineering, perhaps even criminally negligent, given the importance of the application. And definately criminal of whatever mechanism of government which continues to contract this company as a solution.

At worst, an attempt to overthrow the legitimate US government, and treason.

Oooo....

[kponto]

.... but it's digitaaaaal!

Diebold can't be stopped...

[rbanzai]

...because this device allows Republicans to win races they otherwise would lose. As long as their machines ensure Republican wins there will be no stopping them.

Note that this has nothing to do with whether or not the Republican candidate is the better or worse person. This is about a simple numbers game being played by our President and the corporations that wanted him in power. They want as many Republicans elected as possible to secure their power base and Diebold helps provide that.

Power works very hard to remain powerful and there's no saying that a Democratic government might not try the same dirty tricks. But right now this is a Republican Constitution-Bypass device.

Re:Diebold can't be stopped...

Seriously, get out of your mother's basement a little more often. There's a world out here where not everything is a conspiracy despite what you read on your UFO websites. Some things are actually the result of stupidity or miscommunication.

Solution: Vote by Mail!

[Zorandler]

Here in Oregon we've adopted a vote by mail system that solves all of the problems of computer voting and
empowers more people to vote. While someone will of course raise the point that these paper ballots
are still counted by OCR machines(computers), there are certified auditors from all parties
allowed to oversee the sorting and counting processes.

Now, vote by mail does introduce several of its own problems unique to mailing paper ballots and verifying signatures....
but I feel so much more confident knowing that my vote is still cast on a piece of paper that can be counted
and recounted if there are any problems. I think that more states should give it some consideration over voting machines.

Here is a basic FAQ: http://www.co.multnomah.or.us/dbcs/elections/elect ion_information/voting_in_oregon.shtml

Security of Electronic Devices

[queenb**ch]

Item 1 - There is NO SUCH THING AS UNBREAKABLE SECURITY. This is a fact. Get over it.

Item 2 - Most electronic voting does not allow for an adequate paper audit trail. All other electronic transactions have paper counterparts that create an audit trail that can be used to reconstruct the various transactions in the case of file loss, data corruption, hacking, etc. Can you imagine what would have happened in Florida without the paper ballots to go back to??

Item 3 - Since no one from any party is qualified or even allowed to review the code that runs the machines, no one really knows what it's doing. You have to just vote and hope for the best. I find that to be unacceptable.

Item 4 - These machines do not work well and they are not "ready for prime time". Why communities roll them out as the only means avaiable for voting is beyond me. I think that they should be tested carefully by having voters vote on paper and electronically for a period of time. The results from the paper ballots and the eletronic ones should be tested and checked until they match.

Item 5 - The source code for the ballot machines should be posted on the internet for review.

Item 6 - I could build a more secure machine in 15 minutes in my garage than Diebold has, spending millions of dollars in R&D. Who is vetting the designs of these devices before they're foisted off on an ill-informed public?

Just my usual 2 cents,

Queen B

!!BOGGLE!!

1. Election Day as a National Holiday (like 4th of July or Christmas) in which everyone gets off of work to go vote. And make a big deal out of Americans participating in the election.

OK, it is hard to get someone to take time off from work to vote. How hard is it going to be to get someone to take time off from play to vote???

2. Make it easier to vote. During the 2004 election, many places out 2-4 hour waits to vote. If you had to work that day, well... Many people gave up and went to work.

OK, that is a very good idea. Implementation may be tougher (see internet voting, below).

3. Allow internet voting or easier absentee voting. The above two problems would be a moot point if we could simply use our SSN with a pre-registered form of our current verifiable address (with our drivers license or state ID) and then just.

HAHAHAHahahaha you're joking, right? Do you realize how poorly secured your SSN (and other government issued IDs) are???? Have you ever heard of identity theft and the size of that problem????

This should be controlled at State and even more local levels... Internet voting should not be controled or regulated at the Federal level.

Last I heard, voting was controlled at the state and local levels and internet voting was an Extremely Bad Thing.

Diebold: inventor of fine space pens

[tjw]

It seems obvious to me that the Diebold machines will NEVER be secure. They are utterly too complex (and expensive) for the simple task that they are given.

In order for a voting system to provide a sense of validity, it must be simple enough that even the layperson can understand how the entire system works. Replace acryonms TCP/IP, SQL, SSL, PCMCIA, USB, and WinCE with the acronyms ROM, EEPROM, and PIC and you've simplified the system by many orders of magnitude. Not to mention the fact that the system would actually be auditable. Add a failsafe into the overall system that only allows each election worker a small number of votes that he/she could possibly tamper with and we're getting somewhere. Add a reciept printing device that has no hooks into the vote tallying mechanism and we're there.

The Indian model is a step in the right direction. It should be emulated and expanded (by adding the paper audit trail).

Los Angels County to Speak Today

http://www.scpr.org/programs/airtalk/index.shtml

Podcast here - Friday, May 12th
Larry Mantle interviews Orange County Sheriff Mike Corona about his bid for reelection, then he talks about serious new software problems discovered in the widely-used Diebold voting machines. And finally, FilmWeek!

Some ideas

[Jeff1946]

Have the machine beep when an access cover is opened to a port to enable reprogramming. Opening the cover would require breaking tamper resistent tape and require a new code word to reprogram. The code word would be written to a write-once chip. The new code word must be different from prior ones. Code words would change daily and be available over the internet. The machine's Bios would require unsoldering a chip to change, on boot up it would display the last few code words for 10 seconds before beginning the reprogrammable code.

Re:Some ideas

[Spaceman40]

They make ATMs. They definitely have the experience and knowledge to make secure boxes. It's either laziness or maliciousness, not incompetence.

Advantages of Paper Ballots

[gcottay]

The use of paper ballots offers advantages over any electronic system.

Paper ballots encourage traditional vote stealing, keeping us in touch with our history. The counting of paper ballots can be very slow, providing grist for the 24-hour news cycle. Paper ballots must be protected, providing security work for those who might otherwise be unemployed.

Re:Advantages of Paper Ballots

[Barbarian]

Paper ballots can be rigged, but 95% of the population knows how it is done. Observers are at par with anyone stuffing the box.

Electronics ballots can be rigged, but 1% of the population knows how it is done. Observers are at ad a disadvantage with anyone stuffing the box.

Switzerland votes by Mail!

In all federal, cantonal, and communal elections, yes, THREE levels of administrative elections, up to several times a year, ALL swiss citizens have their vote forms mailed to them directly. They can elect to mail their votes in, or take their votes to the local voting booth, any time during the day. It's a brainless exercise to administer. If you want a working model, look no further.

Re:Switzerland votes by Mail!

Yeah. Switzerland. Utopian paradise. Small geographically. Relatively static population. Limited spectrum of ethnic diversity. Highly homogenized standard of living. Extremly high barriers to immigration.

What works for Switzerland might not work somewhere else.

OSS Project

[CrazedWalrus]

Can anyone give me a good reason that there isn't a FOSS project to do this?

I could see this being written in something like Python, using hash verification of the sources against a central, *published* list.

The reason I'd pick a scripting language is that compilation requires a certain level of trust that the binary came from the same source as the public is able to see. By using a scripting language, this issue is obviated, since the program can be examined directly. The hashes make sure no one fires up a text editor to monkey around. That, coupled with read-only filesystems, and some other basic measures should make this system lots more trustworthy.

People will always say that the python/ruby/perl/whatever binary could have been altered, but that's much more difficult. They can also have their hashes compared against the hashes of the publicly available binaries.

Maybe even have a daemon that re-hashes everything every 15 minutes, use FAM/inode notify/etc to watch the files for changes, stuff like that. Maybe even the machine resets every 20 votes and does an integrity check on startup against a known-good reference copy.

There are so many ways to check and double check -- proactively and reactively -- and these are already available in the OSS world. The only remaining piece is to write the voting software itself. I imagine that this can be accomplished before the 2012 elections -- maybe even have its maiden run in smaller Congressional elections.

I think there are enough people in the public with an interest in making sure this goes well that finding testers ("breakers") shouldn't be too hard. There can be a QA team whose sole purpose is to break the security of the system. If they can do it, the security is fixed and there's one less vector for attack.

After the software matures a few years, takes its beatings from QA, I'm sure it'll be a much better alternative to Diebold -- cheaper, and transparent.

Another thing about the OSS community is that there are all politics involved. Finding a Republican, Democrat, and independent to approve all source checkins shouldn't be too difficult. Their interest is to verify that a given CVS commit wouldn't put them to a disadvantage.

If I had more time, I'd even start this project myself. In fact, I just might anyway, and maybe someone else could be co-lead or something. I wouldn't even mind my company putting in money to buy prototype hardware to run it. I'm sure there'd be lots of donations from the OSS crowd too, so I can't really see hardware being a problem. Once we have something to show, the units can be built to order as they're adopted.

Meh - just brainstorming.Take it for what you will.

Re:OSS Project

[Billosaur]

If I had more time, I'd even start this project myself. In fact, I just might anyway, and maybe someone else could be co-lead or something. I wouldn't even mind my company putting in money to buy prototype hardware to run it. I'm sure there'd be lots of donations from the OSS crowd too, so I can't really see hardware being a problem. Once we have something to show, the units can be built to order as they're adopted.

If ever there was a project crying out for citizen involvement, this is it. I'm sure you can find plenty of people (myself included) who would donate time and expertise and capital to make it work. They say if you don't like how things run, vote. Well, if you don't like how voting works, fix it. It would just require some start-up capital and people with time. It can't be as difficult as Diebold makes it look. I think they're pretty much in it for the money and because they have such deep political connections.

Re:OSS Project

[CrazedWalrus]

My thoughts exactly. Something this big and important needs lots of smart, interested people looking at it. Like you said, I think it's not so much "difficult" as a simple lack of effort. After all, if you're a shoo-in, why put in more effort than strictly necessary?

An OSS project wouldn't be in it for the money. We'd be in it because we want it done right. If enough people were to get involved, say 5-10 main developers, I don't see how it could fail. Even if we didn't win over government "hearts-n-minds", it seems like we could at least make Diebold nervous enough to fix their own projects. Win-Win as far as I'm concerned.

I'm actually surprised that BlackBox Voting or an organization like that hasn't already started something. *Shrug*

Re:OSS Project

[Beryllium+Sphere(tm)]

http://www.openvotingconsortium.org/our_solution

A vicious circle?

[penguinbrat]

The fact that the whole system is much less accountable and more open to abuse and attacks than a physical system is more an issue that not of the involved people (voting officials and Diebold) just don't care about than one that I expect that they intend to personally exploit.

What gets me is that Diebold makes these types of machines for 2 completely different industries - 1) the financial industry, and 2) the Government. From what I understand, the ATM's are pretty secure and yet these voting booth's can't even do 100% of the time what the abacus does, let alone security... What's ironic though is the purpose of these machines is convenience in industry #1, while supposed to provide accuracy if nothing else in industry #2 - which ultimately picks the head honcho of industry #1. Wouldn't this ultimately mean that Diebold is negatively impacting industry #1 to some degree?

Mass

[DahGhostfacedFiddlah]

The differences is between moving a physical ballot box, and changing an abstract concept stored on a hard drive. Mass changes are easier to make, and harder to trace.

Paper is inherently more secure - and at the very least one will notice when something's "off".

Why not use bingo markers.

[Kadin2048]

I've questioned why we don't do something like this, and have the reading done by OCR.

To reduce errors you'd have to have a few rules: first, no corrections. If you fuck up, new ballot for you. (I'd prefer if you fuck up, no vote for you, but I'm guessing that won't fly.) Second, the marks have to be very distinct. That's why I'd use bingo blotters. They're like really huge magic markers that basically soak through the paper. Every old fart knows how to use one, and you could make them have to color in a fairly substantial area (like a square inch or larger) so that they can't just accidentally touch the blotter to the paper. Important elections (Presidential, Governor, etc.) go on rather largish sheets of paper, and each candidate gets a big area, with dead space in between the marking areas for each candidate equal to 5x the diameter of the marking area. So even if you're a real retard and don't color inside the lines, you've still got a lot of ways to go before you get over to the next candidate's box.

Also, there would be a test box. Just a blank box in the corner that you'd fill out, in order to make sure your marker was working and that you had the hang of things. Also, it gives the reader (human or machine) a comparison point to see what their actual marks will probably look like. (E.g. "Oh, this idiot only likes to circle the box, instead of filling it in; that's why the machine didn't read it.")

Perhaps most importantly, the indicative boxes that you mark are not placed symmetrically on the page. That is, they are placed so that they're not the same distance from the top as they are to the bottom, or from the left as on the right. This is important, since it means you can read the ballot electronically without having to orient them in one way or the other, just by measuring the distance from the mark to the edges of the sheet.

Then, use a dye in the blotters that's UV-reflective (or UV absorbent). That way they're very distinctive and easy to read through a scanning system. I'm pretty sure any pigment based marker/blotter would work here. These systems are already in existence -- the postal service uses them for automatically canceling stamps on letters (stamps are UV reflective). But the point is you can OCR them by just looking at the position on the page of the marks, you don't need punchcard-style index corners (although we'd have those too, for extra security).

I think the other thing that would help is if you gave the election officials more time between voting day and when they were expected to certify the results. Like two weeks, at a minimum. There's really no reason people should be rushing with this. Back the election up a little ways if need be, but the idea that the polls should close at 8pm and the results should be certified by 10pm is crap, and it can only lead to bad things happening ("oops! Look at this, we forgot a box of ballots! Oh, well, too late now!"). Elections are too important to rush through.

Re:Why not use bingo markers.

[nuzak]

> I've questioned why we don't do something like this, and have the reading done by OCR.

That's exactly what we use in San Francisco and probably a lot of other places. You draw a line with a marker between two other black lines to form an arrow pointing to the vote of your choice. They're probably Sequoia Optech machines, but I don't really know for sure.

These aren't without problems either, but the paper ballots at least provide verification. There's always someone monitoring the machine to help and make sure you don't do anything but stick your ballot into it, so none of that funky tampering is likely to take place. If you're voting out of your polling station or the machine otherwise doesn't take your ballot, you just drop it into a box next to the scanner.

Security signs

"using this machine may cause Bush"...
as if we had not known before.

The same might become real in germany: a german court ruled, that the company producing electronical election machines must not give details on it.

Scary.

Re:People should make stupid changes to voting rec

Maybe Bozo the clown should win in a nationwide vote?

You obviously weren't paying attention. He's already won in 2000 and 2004.

Coin Slot

[hotwatermusic]

I also heard that the coin slot could be fooled by basic 'slugs'or penny flicking allowing people multiple voting sessions.

Optical scan games

[MarkusQ]

This whole electronic voting thing is a fiasco so far. We need to slow this down and do it right. Or just stick to optical scan ballots. They do in fact work.

Ah, but you can game optical scan ballots too.

• In Ohio they had multiple precincts in the same place (e.g. a high school gym).
• The ballots for the different precincts were different (candidates in "randomized" order by precinct, as required by law).
• The booth lines were not clearly labeled.
• The order of the candidates were such that:
  • If a precinct 1 voter went to a booth for precinct 2 by mistake:
    • Votes for candidate A went to candidate B
    • Votes for candidate B were discarded (invalid)
  • But if a precinct 2 voter went to a booth for precinct 1 by mistake:
    • Votes for candidate A were discarded (invalid)
    • Votes for candidate B went to candidate A
• These precincts, which were expected to go strongly for A showed many more votes for B then expected.
• They showed many more (invalid) votes then expected, with precinct 2 having more than precinct 1 by roughly the ratio that A was expected to be favored over B.

You can also corrupt the counting machines to incorrectly report the totals. There are several ways to do this that would be fiendishly difficult to detect without manually counting the ballots.

But this isn't just about the machines. We also need to impose some accountability on the whole process, and the people who are abusing it.

-- MarkusQ

Why not use the superior Canadian System?

[Terragen]

It's called the "Pinecone and Birchbark system".

If you want to vote for the guy in power you put a pinecone in the box. If you want to vote for the other guy you put a piece of birchbark in the box.

On the plus side it's ecologically friendly and you don't have to worry about voting machines or loose chads.

Although after a hundred or more people have voted the box can get pretty heavy with all those pinecones and birchbark and weigh a few kilometers.

(with apologies to Rick Mercer)

Electronic voting inherently insecure. Give it up.

[Catbeller]

Shut them down, throw them away, invalidate anything these things touched. Republican partisans own and run the companies that make these damned things, first, and second it doesn't take much to reach out and flip some votes, undetectably. Computer geeks think that computers are cool and any system can be made secure. BUT. NOT IF THE SYSTEM WAS DESIGNED TO BE MANIPULATED FROM THE GETGO. There is no defense against malice. Not open code, not monitors, nothing can stop a system that was made to be gamed. They can be hacked at the terminal, the accumulator, the network, the aggregation boxes. Even if the code is known, the code can be changed in memory on the fly without a trace. Which is the IDEA.

Canada still uses manual counts, and they get the job done in hours. People counting cards are faster than malfunctioning and manipulated boxen. Counting cardboard gets slow when a political party flies in thousands of operative to jam the progress. A full manual recount of Dade would have been completed in less than 24 hours if the Supreme Court hadn't shut it down.

We're being conned, people.

Get rid of these things, or Jeb Bush will be president in 2008.

something pongs

[mlush]

Is it just me or is this just begging to have someone wander round flashing voting machines to do something useful like play pong?

Full disclosure

[Schraegstrichpunkt]

From the article:

This newspaper is withholding some details of the vulnerability at the request of several elections officials and scientists, partly because exploiting it is so simple and the tools for doing so are widely available.

Wait... WHAT???

I take that to mean that elections officials intend to continue using the machines! Are we insane?

It's not pandering

[mariox19]

The more local the election boards, the less likely that a wide-spread, concerted, and coordinated effort to perpetrate voter fraud can occur. When the original post states that "government" is whom we should be protecting this from, I'm sure the meaning of government is closer to central government than local government. There is an important distinction -- and I don't think it's "anti-government Slashdot pandering" to say so.

"FUD"

[riker1384]

Please stop spreading this FUD.

Unfortunately not FUD

I really wish people would stop using this "FUD" neologism so much. If something's not true say "that's not true" or call it a "lie" or "error". Not "stop spreading FUD." The issue is whether something is true, not whether it spreads fear, uncertainty, or doubt.

Easier Solution

[ImaLamer]

don't use electronic voting machines?

They will be the knife that will (finally) kill democracy in these United States.

Secure ATM machines? (Bonus Funny Link!)

[ImaLamer]

the fact remains that Diebold has shown themselves to be capable of making reasonably secure ATM machines.

That run Windows?

BTW, why do I have to post this every freaking time Diebold comes up on slashdot? Well maybe this will brighten your day: Diebold posters, and my favorite

Gee - whoever saw THAT coming?

[Gorshkov]

I'm sorry, folks - but this is what you get when you try to apply technology inapproriatly.

KISS - remember that? KEEP IT SIMPLE, STUPID

What you're doing with ANy form of electronic voting machine in unnecessarily complicating the entire process. Why the hell don't you just give out paper ballots, mark them, and count them - they way they do everywhere else in the world?

This is just a self-inflicted injoury

Does this mean I can mod it to a PSP?

How cool is that? I mean vote for the leader supreme leader of the free world AND waste some n00bs with my crissy rifle skilz?

Avi Rubin Video

[LinuxThis]

Avi Rubin, one of the original researchers from Johns Hopkins who did the analysis on the Diebold voting machines before, gave a very good talk at Loyola College about Diebold's incompetence.

I filmed it and it is available on Google Video: Election Insecurity

SHUT THE F%#K UP

[glassgnost]

You're ruining it!

*pout*...

Those Plucky Finns

[glassgnost]

Oh, those plucky Finns and the trouble they cause...

Lissen up, Bub -- play a game of "Crazee" with a Finn and you WILL lose. 'Specially the Finns paid up with "Bob"

Bush LOST

[Watson+Ladd]

According to the New York Times. Who do you trust more, the New York Times or Jeb Bush.

Because of salesmanship

[Beryllium+Sphere(tm)]

which is a polite word for how voting machine vendors influence election officials

Re:Stupid first post just ignore it....

The most obvious reason that your post is stupid is because you're stupid.