Slashdot Mirror
Ask a "Star" of HBO's Voting Machine Documentary
Herbert H. Thompson, PhD ("Hugh" to his friends), is one of the people featured in the HBO documentary, Hacking Democracy, that Diebold tried to keep from airing. Hugh is a long-time Slashdot reader who called me to volunteer for this interview — on his own, not through anyone's PR department. Here's a YouTube excerpt from a CNN Lou Dobbs show with Hugh in it. (Find more articles by and about Hugh here. And perhaps check this brand-new MSNBC story about e-voting, too.) Hugh suggests that you give him "your wildest questions about what went on behind the scenes and how safe the e-voting systems actually are." Let's take him up on that challenge, hopefully while following Slashdot interview rules. Note to Diebold and other voting machine companies: We welcome comments and questions from you, same as we welcome them from everyone else. If you feel you are being vilified unfairly by Slashdot readers, please respond and set the record straight.
Other countries are embracing E-voting despite the massive concern here in the United States. My simple question is, in your opinion, will E-voting ever reach standards rigorous enough to satisfy the American populace? If not, why?
My work here is dung.
This is a really basic question and it seems I should know an answer, but it never seems to be discussed: Why are the electronic voting machine companies generally so dead-set against emitting verifiable and auditable paper records? It can't just be cost, because they could and would just pass that on to their customers.
In your opinion, what is the largest inherent flaw within electronic voting systems today? Diebold's been in the news of having many potential problems ranging from securing the physical hardware to the ability to hack the software or firmware. I'm sure you're quite prepared to pose a case against implementations but can you think of a more intuitive scheme (encryption, network layout, verification scheme) to protect against "hacking our democracy?"
My work here is dung.
as in "no-choice-it-must-be-evote-or-novote-and-novote-i snt-an-option", how would you set it up? I.E. would there be encryption, would there be ways for individuals (but not others) to track their own votes, etc?
34486853790
Connection too slow for X forwarding? Try "ssh -CX user@host"
Thank god we still have people capable of counting without counting on their fingers in the uk.
Hence they don't need computers to do it for them!
...a country ruled by Bush, who may want to shaft you for profit but at least he knows that he needs to give the majority their bread and circuses to prevent a revolution; ...or a country ruled by whining Slashdot meritocrats with delusions of grandeur because they know the difference between a MAC and a Mac and some aptitude test told them that they don't have to worry about their lack of social skills, worldly experience and understanding of human nature because the number told them they're supa-smart?
I noticed in the documentary that the Diebold machine tested in Tallahassee prints "Diebold Memroy Card" on its little grocery-store-quality tape. Is this kind of slipshod programming reflected throughout the Diebold system?
Your bio kind of paints you as an academic with tons of authoring and training but no real deep diving into implementing an E-voting system. Have you worked on any physical systems or only the theory behind it?
I ask this because of a quote, "In theory there is no difference between theory and practice. But, in practice, there is." - Jan L.A. van de Snepscheut. Which occasionally appears at the bottom of Slashdot. I interpret it that the theoretical side of the world is constantly criticizing the part of the world left to implement it. But in implementation, flaws naturally arise and often we just have to deal with it in order to gain the benefit of the technology. For instance, although you theoretically should be able to make a voting machine impervious to tampering, the possibility of a machine being purchased or stolen is always there. And once people with malicious intent have it in their hands, anything goes.
What I'm wondering is if the implementation of an E-voting scheme must inherently have security issues which are simply mitigated and dealt with similar to security issues on the internet? Have you thought of ways to avoid every security concern all the way down to the actual implementation of E-voting?
My work here is dung.
Issue a statement with verbage stating something along the lines of "these machines, like everything electronic, controlled by a computer, are 'hackable' and here's what you can do, as a voting body, to protect the investment, and to ensure a safe and reliable election:"? It seems that these flaws are bad, but they're fixable. They have the way to plug the holes, but they don't work on it, don't promote it, and don't seem to want to admit there's issues. I know they're a company trying to protect their bottom line and all. But I guess the main thing is why don't they see that the PR collapse here could be fixed, if they would just issue fixes to their hardware/software?
One of the biggest fallacies I've heard about e-voting is that it isn't more secure because of cost. In your opinion, what would it take (starting from scratch) to create a voting machine that is locked down and prints a paper trail? Thanks
Whether or not there is some sort of god, I'm not supposed to say/god is a word and the argument ends there-Smog
Let's assume for a moment the 2006 US House/Senate election goes this way: Republicans keep control of both through a series of smallish victories, Democrats gain a few seats, and the results are explained away in the mainstream media as "fluke results", "margin of error", etc...
How do you prove that foul play (hacking) has been involved?
Do you even have a plan in place to check the results?
Please note that this is a very serious question. There was a saying, a few years back, that said a novice hacker is someone known in a small circle, a confirmed hacker is someone who is known all over the Internet, and a great hacker is someone who is totally invisible.
What if the election was subtly hacked, in a way that left lingering doubts (51%-vs-48% kind of results and all that), but no solid proof?
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
Does the HBO show spend any time discussing the three "sides" to the debate? E-Voting, open sourced e-voting software, and paper voting? The last Slashdot article on this topic, when Diebold's complaint was announced, spent some time on this. The worry being, the debate is nothing more than "e-voting good" or "e-voting bad", ignoring the possibility that "open source e-voting" might be a viable middle ground.
How do you think open source could fit into this issue? Or should it?
What, exactly, is the argument against pen-and-paper voting? It seems to me that everybody wants to migrate to voting machines - electronic or mechanical - but so far nobody has explained to me what's wrong with good old-fashioned "put an X next to your candidate's name" voting.
Do you think the greatest threat of an e-voting system being hijacked is during the voting itself, with one or more people influencing things at the polling place, during the processing, with untrained, nonaccountable poll workers and supervisors, or do you think a greater threat would be someone maliciously attacking an electronic vote counting reposiotory/database?
What confuses me about electronic voting is that we constantly do commerce daily through electronic means (ATMs, credit cards online, etc) yet we cannot hammer down a viable scheme for voting. I am a programmer and very familiar with model view controller applications and it's always caused me great confusion of why we don't simply use a web based application for voting. For instance, if I built a secure website that required a local official to access through a terminal (with possible hardware verification methods*) and then asked for people to input their SSN and vote, that could be sent to a controller that could provide this information to three or four third party vendors. The vendors would verify the SSN against a government data base through very secure lines. They then would accumulate the data from each client terminal and be able to privately verify their data against each others. The gain from this? Ability to use asymmetric encryption standards (which are already used by our browsers in online commerce) with redundant data sources (so someone would have to identically hack all third party systems in order to compromise the data). You have a PhD so I'm hoping this question isn't too technologically oriented for you but what's wrong with this approach?
*What I mean by hardware verification is using a PCI card or even serial port dongle with specific hardware and firmware that verifies a machine as an untampered voting box. You would simply have to keep these cards (instead of entire machines) as a controlled commodity and keep them locked up until voting day and then analyzed for tampering afterwards.
My work here is dung.
Do you feel that e-voting companies are honestly addressing the complaints raised against their products or are relying on lobbying and politics to override concern? Please give a concrete example of a company working with detractors to address their issues.
I'm wondering what your opinion of sharing your work over BitTorrent is. I don't have HBO (or a television for that matter), and I'm wondering if there would be a way for me to access your work. Perhaps someone here could point me in the direction of a torrent?
I would like to know if the studies of Diebold's machines have ever been compared to similar studies of other methods. I'm sure we all remember the issues of hanging chads and how recounts could be manipulated, which is one of the reasons some people don't support paper trails. Without this comparison, I feel like complaints about Diebold and other manufacturers can be construed as alarmist and nitpicking at best, political posturing and propagandising at worst. Do you have any numbers or direct comparisons about the flaws of Diebold machines compared to other methods?
Could some idiot christian right wacko who is supposed to be in charge of the machines manipulate the outcome somehow?
Given that, by law, voting is anonymous and private and necessarily leaves the voter alone with the device, what can be done to minimise the risk of machine tampering?
you fucktwits don't have a clue
Diebold and others have responded in public and through press releases to "set the record straight". Some fringe website with 95% of its audience consisting of loony left fringe nutcases is not nor has ever been "the record".
... so a republican victory automatically dictates tampering with voting machines? The democrats have a long history of being ahead in polls and losing, before e-voting ever hit the scene. Democrats are democrats and have a tendancy to lose it for themselves as the elections approach (see: John Kerry's recent comments, Alan Hevesi, etc)
Given a choice between being burned alive or shot in the head, I suppose I would choose none of the above.
Curb CO2 emissions: Kill yourself today!
I was informed that your company also makes ATM machines. How is it that those don't suffer from the same inaccuracies and problems that your voting machines do? I have never come across an ATM that has had sceen slippage problems, or ATM's that required a bank employee to fiddle with to get to work. Is there a reason for this?
"I don't need drugs to enjoy this, just to enhance it" - Otto
I know I'm only supposed to ask one...but geesh...
First, I haven't seen the documentary. Saw it was on last night but didn't have the time to watch. I'll watch it on HBO On Demand this weekend.
Second, when I read things like manual overrides allow unlimited voting and votes automatically switched it scares the crap out of me. Why are politicians and elected officials sticking up for this garbage more often than not?
Third, what's so wrong about paper? Why is the government so gung ho over mediocre to outright horrible electronic voting equipment over paper ballots? And what's so bad about receipts?
And finally, do you think the government will ever mandate that the hardware and software of electronic voting equipment must be published for citizen review? If not, how can anybody actually trust this equipment?
As a software engineer I'm constantly amazed at how incompetent Diebold and other companies making e-voting applications appear to be. This stuff is not rocket science at all, but fairly uncomplicated, basic software engineering.
Why do you think it's so hard for Diebold and other companies to come up with solutions that work well? Is it a stubborn unwillingness to listen and learn from critics, shere incompetence, or something else?
In Soviet Russia, I ruled you
When are you going to be on the Daily Show?
- Hacking Democracy
clearly showed a tampered memory card skewing results in a optical scan machine. On the one hand, at least in this sort of system there is a paper ballot to verify, but it's mind boggling to me that something as simple as a optical scanner could be designed so badly as to allow an attack through the memory cards used for transporting results.This raises an entirely new set of concerns, and seems to suggest that manual recounts might be an absolute requirement until we can get open systems counting our votes.
Are there other systems used in elections that we should be concerned about? How far back do we need to go?
You have violated Robot's Rules of Order and will be asked to leave the future immediately.
How much of a role do state and local election boards play in making standardization and certification of electronic voting machines (methods) difficult? What advantage is there to local and state control of election systems (they seem to greatly complicate the landscape for an open, user verifiable -- i.e. paper receipt, etc. --, nation-wide system)?
AFAIK, they've not given a reasonable justification to the multiple issues raised on their machines, so why are they still being used by the US Gov? I'm just being naive, amn't I?
It has always seemed to me that the real Achilles heel of e-voting is the networked approach that most vendors have taken. With a networked approach, fraud can be perpetrated on a mass scale if entry is gained at one weakness.
As a former election judge, I have enough experience to know that rigging a paper election is a daunting, nearly impossible task, as there are litterally thousands of ballot boxes that would have to be compromised for any sort of advanagte (on a state or national scale).
Are these concerns balanced (or even discussed) when officials are purchasing equipment? Do local Board of Elections have not only the expertise, but the concern to ask the right questions? And how do BoE directors react when they hear about your concerns and research?
Hey HBO guys, thanks for making a great documentary. Obviously Republicans stole the election, that goes without saying. What I want to know is how did Karl Rove hack all the voting machines in Florida and Ohio back in 2004? I think the most obvious possibility is that he traveled to sector 2453.53 in the delta quadrant to mindmeld with Romulans, getting the plans for a secret mind-altering PDA device. He then sat outside polling places and pointed the PDA at Democrat voters, mind-controlling them to vote for Bush.
What I still can't figure out is how Karl Rove used his evil device in Florida and Ohio simultaneously. Either he cloned himself or he built a time machine from stolen Klingon Birds of Prey (the same time machine he used to create Microsoft Word 1973 edition to trick Dan Rather). What do you guys think?
I am an IT person for a small county that uses machines that scan the paper ballots and generate a count. We have taken some preventive measures such as sealing the smart card in the machine with a sticker. My question to you is what benefits are there with retaining the paper ballots and using a counter vs. a completely electronic solution? Are these units as easy to infiltrate as a completely electronic machine? And besides hand counting all the votes is their an easier way to confirm that the results are correct that I just can't think of?
Thank you for your time.
What evidence do you have that whatever security flaws you found in electronic voting machines could actually be exploited without being discovered? I'm looking for something stronger than the spooky language often thrown around, like "an attacker could theoretically" or "a person with the right access could" type stuff. Given the right access, I'm sure someone could wipe out electronic voting records--just as they could with paper ballots.
In your opinion, what are the "core" requirements for secure electronic voting? For example, would they include paper trail, physical security, network security, encryption, certification and accreditation, independent review and public inspection of architecture/code, virus protection/immunity, disabling of removable media, data replication, data assurance/tagging, etc.
IMHO, without looking at the ENTIRE problems space, addressing just a few of these issues would lead to an insecure, vulnerable system. Selection of the wrong technologies, insecure use of encryption, open devices/networks, poor deployment, poor management, poor auditing, etc., all could lead to an insecure voting system.
Second qustion: what would be your choice of technology for a secure system?
Is there a conspiracy to steal our votes or is this just a case of public servants being too lazy to properly do their jobs. If it is a conspiracy; who, if anyone is leading it?
Historically, the claim of consensus has been the first refuge of scoundrels.
Instead of the voting machine doing everything (voting interface, recording the vote, and tabulating) I've always thought that the better solution is have the voting machine be used to merely mark/punch the ballot, and then use the already existing counting machines to count. This has the added benefit that it can be phased in since it uses the same ballots and counting machines, and the existing vote marking/punching mechanism can always be used as a fallback. Plus you get a built-in audit capability. So what is the basis for the resistance to this idea? I understand the problems with reliability of printers and "moving" parts, but geez, would those problems be worse than what we have now?
In your opinion, is the HBO piece a help to the situation, or just more of a "hit piece"?
Is this information or agenda/propaganda or just advertising for HBO?
Is there a compelling non-marketing reason to go away from paper voting and manual counting?
Slashdot: Failed Car Analogies. Amateur Lawyering. Anecdote Battles.
After the voter makes his selection on the e-voting machine, the machine then prints out a piece of paper with the voter's choice on it. The voter reviews it, makes sure it's correct, and then exits the booth and deposits the paper ballot in an old-fashioned ballot box. When the polls close, we have an instant count but if the result is challenged, we have the old-fashioned system to do a recount. Note that "hanging chads" and other such nonsense wouldn't apply, as the machine would print the voter's choice - no question of "unclear marks" or "multiple selections", or other problems that exist with manual ballots today. It seems to me this would satisfy both camps, without requiring a massive rewrite of the software, and minimal physical changes. (These machines must have a port somewhere that a printer could be connected to.) Any thoughts?
What was once true, is no longer so
I'm astonished that it's not as simple as several vendors make the UI, several vendors make the DB's, hook them up on a closed network which of course requires physical security, but there will always be human element). When a person votes, the UI computers broadcast the votes over the networks, to the multiple DBs (I say 3). I leave out the authorization part of this equation because it obviously COULD be done.
The UI program issues the voter a paper receipt, to be used in the event of a recount. He she then visually verifies his/her receipt, and can at any time verify his/her vote against any or all of the DB's At the end of the night, the 3 separate DB tabulations should all be exactly the same.
Yes, this might take a bit more time per person to vote, but I think in the long run it will speed the process by eliminating lines.
My one concern is the issue of voter coercion. With a receipt, someone could threaten you to make you vote a certain way, and then demand proof. Perhaps the receipt should be destroyed after teh voter verifies the DB's recorded his/her votes correctly.
Nothing great was ever achieved without enthusiasm
I saddened and dismayed by the poor engineering and ignorance of basic security practices that our electronic voting machines show. However, is this really something we should panic about or even the biggest problem in our election system.
All voting systems are vulnerable to fraud. What makes these electronic systems different is that one or a very small number of individuals can engineer a fraud. However, their ability to execute a fraud is limited by the media polls (we will suspect something if the results are inexplicably different than polled) and knowledge of precinct history. Thus the danger from individuals changing the vote seems to really be that they will shift a close race (say 10% apart) one way or another.
However, this sort of shifting close races doesn't greatly degrade the structural force of voting. All candidates will still try to enact policies to garner support whether they need 50% of the votes or only 45%. Much of voting is random, affected by things like personal charisma rather than policy questions so clearly the system doesn't work because we always have the person who 50% want but rather it works because of the structural pressure not to stray to far from what the people want. Or to put it in political science terms what does all the work is the tendency of all candidates to shift to the middle in the long run who actually wins each race isn't so important.
But now comparing the potential for electronic vote fraud to things like machine politics (with conventional ballot stuffing), safe districts, voter disenfranchisement efforts, felon lists etc.. etc.. it doesn't seem like it is such a big deal. Making sure the poling places in the inner city don't have enough machines has a much bigger structural effect, by making sure one group's votes don't count at all, than just giving one candidate a random 10% of the vote. Creating a safe district removes virtually all of the structural pressure of voters on government and it seems far more effective and less dangerous to accidentally strike the wrong people from the rolls or put too few voting machines in some precincts.
In short are we letting our concern over the technology of voting blind us to the bigger issues? Shouldn't we be paying more attention to who gets to vote, how districts are drawn and other conventional aspects of voting than to the potential for individuals to electronically cheat?
If you liked this thought maybe you would find my blog nice too:
A recurring theme for the current US administration is that if they CAN do something they WILL do it (c.f. war based on a lie, no-bid contracts to cronies, constitution in shreds, etc).
Do you think that because the upcoming election CAN be stolen, it WILL?
Are voting machines fixing the wrong problem? As far as I can tell the problem with the traditional system is not in the voting process, but in the counting process. Surely what needs to be made more efficient is the process of counting votes? What I mean here is sticking to time tested voting cards (or making them more machine readable if you need to), but making machines that count and tally the results faster. At least with such a solution you still have a paper trail that humans can count, even if it slowly.
Jumpstart the tartan drive.
The more attention to this issue, the better.
Great quote that can be construed in very interesting ways in the linked video:
Lou Dobbs: "E-voting machines will count at least 3 out of every 4 votes cast in next week's election."
If you feel you are being vilified unfairly by Slashdot readers, please respond and set the record straight.
You're new here, aren't you?
We also welcome representatives from Microsoft, Sony, and SCO.
Do not feed the trolls.
Despite the rhetoric to the contrary, the list of requirements for a "perfect" electronic voting machine is quite long and somewhat conflicted. Anonyminity and verification comes to mind.
I have to point out that each successive generation of voting machines has undergone more or less backlash, until the populace came to flush out the details. I believe this should prompt us to stronger and stronger oversight and transparency in designs, but not cause us to give up altogether.
Diebold, even if it is a politically corrupt company, has something to work with. If any machine's code and design can be legally exposed (possibly through legislatio state-by-state) - then we can iterate until we've purged the back doors and added the physical duplications so necessary.
Until then, this country could risk a real quagmire of representation (even without proven corruption, nation-states suffer greatly when democracy seems abuse at the ballot box). In simply churning about it, we're fueling a discontent and distrust of one another that lives on way past any electrion - and this is what I fear most. That the country will seemingly still be easy prey for any political trolls who drum up far-wing issues, just keep the conversation/ratings/dislike of ourselves high. This is how civil wars are born.
First of all, I'm from Missouri. Missouri approved a company to create touch screen voting machines to Missourians. According to Voter's Unite, one of those companies is AccuPoll - a company that is now bankrupt. The CEO of that company recently spoke out against voting machines, saying the following: I am not happy about the outcome, or the state of the industry. I think that something needs to be done. I'm not sure what it is, it probably doesn't include AccuPoll at this point, but I do not feel that any of the vendors has a system that voters can trust,"
"I think that vendors outright misrepresent the robustness, stability, and security of their systems. You just have to look at the litany of problems and it points at one thing, bad fundamental design, and not enough checks and balances. I also wonder why the other vendors were so adamant in fighting a VVPAT system requirement. They spent much more in fighting it than in implementing it,"
What standards do you think could be put in place that would prevent the problems, and should there be harsh penalties for the above behavior (misrepresenting security, stability, etc)?
In addition, I just read one Missourian's complaints about the voting process and the supposed paper trail. What standards do you think should be in place regarding the people volunteering at the polling stations? I do tech support for a living, and I can tell you that the average joe should not be working at these polling stations without extensive training. Do you think there should be some sort of technical certification process for voting machines? If so, what?
Your sig(k) has been stolen. There is a puff of smoke!
Why are people so hell bent on using voting machines? What benefits could voting machines provide that can counterbalance the loss of transparency and accountability that inevitably occurs even if open source/standardized protocols and machines were to be used, compared to voting with paper? Is it really more important that people know a result of their vote faster than that they know that the result is what they actually voted for?
It takes a man to suffer ignorance and smile
Be yourself no matter what they say
If I wanted to develop an e-voting system that I could secretly control to switch votes to my preferred candidate, what programming language should I write it with so as to maximize the obfuscation and minimize the ability of anybody who might audit the code to actually understand it and find me out?
Perl? I knew it.
The problem is diebold and their machines. Take a look at my country (Brazil) and our latest election. Voting ended at 5:00pm and we knew who won the election by 7:00pm.
Ps.: We have more than 120 million voters on a very vast area.
Somehow people seem to think that a very insecure system is being perpetrated onto the voting public replacing a secure, error-free manual system.
The problem is that manual counting results in considerable errors introduced during the manual process. Just about all manual processes introduce errors of one sort or another. However, through the history of voting it has been very rare that the margin between the candidates comes anywhere near the margin of error.
This is no longer really true in the US today. Many elections are decided on less than 2% of the vote, many on less on than 1%. Expecting the margin of error in a manually counted election to be significantly less than this is a fantasy. Elections are monitored to reduce or eliminate fraud, not to be accurate to 0.1%. When the margin of error exceeds the difference between votes counted for candidates the outcome is a random event.
Electronic vote collection and counting reduces the margin of error to a level below the margin between recent candidates.
Has Diebold attempted to prosecute you or Bev Harris for what they call theft of the source soft and software?
"Gentlemen, you can't fight in here! This is the War Room!" -- Dr. Strangelove
Please tell us a story about how a society has reacted to older changes in voting technology (like the pull lever in a booth,) and what was learned from that.
tomorrow who's gonna fuss
Just about every state has on-line lotteries. They consist of thousands (possibly tens of thousands) of terminals scattered throughout a state. Each terminal is connected real-time via a secure communications network to a central database. You cannot lose a single transaction (could be the winning number). You're dealing with large quantities of money - so prevention of fraud is paramount. You need to provide paper records (to customers) and an audit trail for on-line / paper records. And you have to report the winner within a few moments of the drawing.
Not a 100% match in requirements to a voting system, but pretty damn close. And yet, how many times have you read about serious problems with on-line state lotteries. The only one that I recall was in PA, and involved tampering with the 'ping-pong' balls used in the drawing - not with the computer systems. Oh yeah, they were caught.
So, if states can deploy secure, real-time on-line lottery systems, why do they fail so miserably when it comes to electronic voting? Or is ensuring the democratic process not as important as state sponsored gambling?
[Insert pithy quote here]
There is no reason why we should be running advanced multiuser operating systems with multiple layered components to take the results of a ballot. Rather than an evolutionary leap in technology (in security terms) the next logical step should be a rudimentary (10k lines of code MAX) realtime OS designed to do nothing but voting. Release the code, secure the hell out of it, and build the physical unit like a lockbox with advanced (read: MEDCO style) locking mechanisms. Buttons not touch screens etc. ATM machines have done this for DECADES, the design hasn't really changed much (barring Wells/BoA godawful laggy atms.) If it's good enough for our money, it's good enough for our votes imo.
Diebold etc who push touchscreen + windows based systems are doing a great disservice to our nation by pushing high-tech (and ultimately their stock price) over the security of our votes.
If you feel you are being vilified unfairly by Slashdot readers, please respond and set the record straight.
For the record, I'm not a fat, gay Republican. I'm a fat, ugly Republican. Huge difference! I seriously need to update my Slashdot F.A.Q.
Mmm lets see, traditional election systems involved people and paper, obviously way more secure than a digital technolgoy..haha a aha ah ahaa aha aha aha ha aha aha aha aha aaha ah aha aha ahaa ha aha aha aha aha aha ah aa ahhha aha aha ahha aha aha cough cough aaha=aha ha aha aha aha ah hhha ha ah
Dream on
Digital voting is here to stay and is far more secure than traditional hand processed balloting by elminating the hand of corruption.
History proves that. In Philadelphia there is a tradition, vote early and often and for our guy.
Here's one I've seen many times, and will no doubt be many times repeated:
Why does Diebold have such a hard time making a voting machine in the same way as an ATM? ATMs work, everybody knows how they work, they are secure, and even give a paper reciept. Are those features so hard to put into a voting machine? The interface could even stay pretty much the same:
Press here to vote for candidate x ------>
Press here to vote for candidate y ------>
Press here to vote for write in --------->
lather, rinse, repeat: paper comes out, you hand in paper. It isn't that difficult (hell, you could probably even use an ATM for it, with some slight modifications to the prompts)
Why is this so difficult? Or is Diebold trying to rig the election?
I got nuthin
If you haven't noticed, most of these issues are blown out of proportion. This is the media trying to "create" news instead of reporting it. Look at any system involving humans under a microscope and things look a little messy at the deepest levels. Ask questions? Sure? Demonizing poll workers, voting officials and voting machine companies is assenine.
"God fights on the side with the best artillery." - Napoleon, Marshal of France - speaking truth to power
I didn't get to see the documentary. I don't have HBO.
I, for one, have lost faith in the election process. It doesn't bode well for our governmental processes when people don't think that the election process works. For the first time, I understand why other groups who had been disenfranchised by the system feel the way they do; it's rigged. The bad guys (the current leaders of the Republican party) don't care about democracy or the constitution. The just care about power. They'll game elections every which way they can and nothing is off limits.
They'll start wars just before mid-term elections to get popular support for the President and the congressional candidates will ride those coattails into office. They'll manipulate gas prices. They'll manipulate the employment numbers. They'll find loopholes in campaign finance laws that enable them to run ads, and they'll disavow knowledge of the ads. They'll disrupt election processes protected by the constitution (Article 17 and the 2000 Florida recount).
They'll pander to single-cause voting blocks such as the Christian fundamentalists and then string them along. Nothing is off limits. I fully expect to find out that past elections were tainted, corrupted buy this electronic voting machine mess. Hopefully, they won't be able to throw this mid-term election and we'll get a congress who'll address the issue.
Or maybe it's better just to let the system collapse and start over.
Best regards.
I can't think of a single reason for not having a paper ballot other than not allowing any form of verification. Is there a reason other than allowing tampering for not generating a paper ballot?
1) A web page displays the vote card form (PDF?)
2) Point
3) Click
4) Print
5) Check Printed Ballot
6) Insert to Optical Scanner; Scanner keeps ballots locked inside
We have a stack of printed ballots in each scanner
If the Ballot is wrong; discard the wrong one before scanning; reprint
Any recount is of printed ballot forms (no "hanging chads")
I am the unwilling control for my Origin.
Here in Nevada, we got our Gaming Control Board engineers involved in the process of selecting our electronic voting systems. May seem odd at first glance, but these folks are experts at evaluating complex electronic systems (slot machines) to detect things like back doors and vulnerabilities to fraud or tampering, as well as test for reliability and accuracy. In the end, we went with voting machines from Sequoia Voting Systems that provide a paper trail the voter verifies before the vote is recorded.
My question: Did Nevada get it "right" (or as right as possible given the current state of technology)? Did anyone else?
What is the option for people when they go to the polls, who want to opt out of electronically submitting their vote? How does one go about objecting to the whole system and yet still have their vote cast?
I'll just use my special getting high powers one more time...
What is your take on the constant threats coming from Diebold? To have the CEO state that he will deliver his state to the Republicans, and then unleash the attack lawyers on everyone pointing out the painfully obvious flaws in the system seems terribly questionable behavior. It seems to me that it would be easier, probably cheaper, and certainly better PR to take advantage of the free testing and fix the issues rather than sending lawyers after anyone who breathes a word about the flaws and refusing to fix them.
Do you believe they are just trying to protect "their good name" or is something a little more nefarious going on?
The only change I can believe in is what I find in my couch cushions.
What, exactly, is the argument against pen-and-paper voting? It seems to me that everybody wants to migrate to voting machines - electronic or mechanical - but so far nobody has explained to me what's wrong with good old-fashioned "put an X next to your candidate's name" voting.
Paper ballots have their flaws, trust me! We went through a very hotly contested municipal election one year.
The biggest issue lies in how you count "spoiled" ballots.
Everyone is supposed to put an X next to the candidate's name, specifically, a clearly marked X that entirely fills the box from one corner to another. Not everyone does that.
What if they circled their choice instead of marked an X? Does that vote count, because the "intent was clear"? Or is it a spoiled ballot?
What if they marked an X, but one of the lines of the X doesn't reach the corner of the box? Does it get thrown out on a "technicality" as a spoiled ballot? Or is it a case of "obvious intent" to vote for a candidate? What if there are two Xs, one fainter, and one darker? Is the darker on the "real choice"?
There are two underlying principles for handling ballots, and both have some sort of legitimate argument. On the one hand, if a ballot is in any way incorrect, according to the formal rules, it should be thrown out. Especially for elections, it's important that all parties involved play by the rules.
On the other hand, the point of an election is to find out what the voters want. Even if my X doesn't have perfectly straight lines, or the tip of one line doesn't quite meet the exact corner of the box, the vote I wanted to cast is clear. We don't want to take away someone's right to a vote just because they didn't mark the paper quite right.
What's more, what if the reason my X is shakey is because my hands tremble? I could be old, or have cerebral palsy, or just be really high strung. My vote shouldn't be discounted because of a minor physical handicap. For that matter, my vote shouldn't be discounted because of a major physical handicap; and it's dealing with tricky issues like "how do we grant the only blind man in town the power to cast his ballot anonymously" that complicate voting systems. Obviously, asking someone with poor vision to mark an X on something he can't see doesn't work very well...
Paper ballots have advantages, but they're not a silver bullet. My municipal election ended up with *three* people initially claiming to have won the right to be mayor; each one based on a method of counting the ballots. In some sense, all three had a valid claim; but eventually, the scrutineers made their rulings on each ballot, and a final, somewhat arbitrary winner was chosen to be the mayor.
The US doesn't really have elections, we have census data and districting. The party in power in the state (originally elected) carves up districts to put as many of their opponent's neighborhoods into clumps, i.e. districts that are 65%-80% for their opponents. This is easier for the GOP to do because Democratic voters are predominately urban voters (wealthy and poor) so make is districts that look reasonable on a map. Then you spread out your voters depending on how ballsy you are. You only need 51% of the vote, but 55%-60% keeps your seats safe.
.25% (or .5%, for some states) of a differential. In that case, the reality is, voter fraud will swing an election by 1% or 2% anyway, so it isn't a will of the people. Also, if 100 people vote, 48-47-5 (REGARDLESS of which of the first two candidates win, a majority is disenfranchised in a first-past-the-post system.
Sometimes, you have areas that you couldn't do that with, or new developments between census rounds causes a district to change, and you get close elections.
After watching Florida be humiliated in 2000 with the recount debacle, the politicians decided to get rid of recounts. In some sense, this kinda makes sense... the recount scenario is a tie that comes down to
A close election means that the legislature failed to carve things up correctly, and they'd rather the wrong guy win then go through a recount. And anytime you have a recount scenario, the reality is that the vote was a tie. Sure, votes aren't SUPPOSED to have a margin of area, but all of our traditional vote counting mechanisms do. The current one replaces margin of error counting with an exact count, but voter confusion is worth a few points anyway.
People complaining about paper trails, etc., are attributing to malice (desire to steal elections), what is really a matter of NOBODY wants a repeat of Florida 2000.
Alex
Although many of us who understand the issue believe that this is a huge threat to democracy and that solving it is critical, it always seems like most of society doesn't care. Because the issues are technical, most press reports primarily consist of some security researcher saying the system is vulnerable, followed by an industry spokesman saying "no it isn't," and they leave it at that, and most people don't know what to think and won't become incited.
As a possible remedy, I among others, have been advocating that some gutsy hackers steal an election in a grossly obvious way- use a technologically advanced, untraceable, un-auditable method to make, for example, a US Senate race come out with the unknown (and non-existant) darkhorse Mr. "I. Rigged Davote." winning by a landslide on a write-in campaign. Will the public ever come to care about this issue without solid evidence of fraud? Because the system can not be audited or verified, even if elections are frequently stolen, will we ever get evidence unless an election is rigged to show blatantly obvious false results?
Can anyone tell me how to set my sig on Slashdot?
It's hard to imagine something less in need of fixing, than making a mark next to the name you'd like to see in office. Why e-voting then? Adding tech adds complexity and increasing complexity means increasing problems. Am I missing something here? e-voting appears to be a result of misplaced faith in technology as a cure-all (or a boondoggle for e-voting companies due to successful lobbying, not sure which).
Seriously...I have never understood the real world advantages of e-voting over optical scan paper ballots. I sispect anyone given the task of setting up and maintaining e-voting machines would agree!
Commentary in another Slashdot thread mentioned that web-critics have argued that the documentary just isn't very good, showing vulnerabilities that would be prohibitively difficult to exploit in a real election. I haven't seen the documentary myself, but how would you rate the plausability of the hacks discussed in it? Does the documentary express the right concerns?
One of the strategies of the neo cons is to create chaos then capitalize on that chaos. They did it in Florida in 2000 and Ohio in 2004.
Their only hope is to create chaos nationwide. The only way they can do that is with massive failures of the voting system and creating chaos through aggressive challenging at the polls.
photosMy Photostream
Given the current situation that we're in, it seems that the only way that these systems will be made more secure, is if someone actually pulls off changing the outcome of an election in a major way. It would have to take place in multiple polling places, spread out over serveral counties, or even several states. It would also have to take place in the right (middle class - rich white)neighborhoods to get the attention it deserves.
Scenario:
A group of about 50-70 people of sufficient skill start collaborating, let's say 2 years before a presidential election. They are spread out geographically and each one votes at a different polling place, preferably in key states. They choose to get jobs as poll workers (most counties are in severe need for bodies), and they manipulate the memory cards beforehand. They do it in shuch a way that in each one of their precincts, the winner will surely be the cadidate for the Green Party, and he will win with about 70% of the vote.
If and when this situation happens, this group has accomplished 3 things. First, the media will surely pick up on this very quickly (national coverage); second, talk of possible vote tampering is sure to be on their lips (enormous difference between exit polls and actual vote count); and third, 'Shock and Awe' when everyone realizes that there is no way to find out what the vote count really should have been.
In this way, our adventurous vigilantes have brought to the national spotlight the true problems that face us today, without coming out and saying after the fact "Here's your proof that it can be done, see--We did it" (and probably be charged with domestic terrorism and sentenced to death, after a thorough 'interrogation')
--AC
From what I have seen on the documentary, it looks like the same issues are still at large. I don't feel comfortable giving my vote, when a simple memory card already has "x" negative votes for potentially, my candidate of choice. There are even more ways to get in and rig the elections from home computers than HBO documented, and that is plain scary. Why are paper trails being thrown away way ahead of standard holding periods? My concern is that the government is behind it all. Which then brings me to 9/11...why are we looking for Bin Laden in all the wrong places? Are his caves really harder to search than the holes in the ground Saadam was hiding in? Is Bin Laden even behind the 9/11 attacks? My guess is no, because I believe the government is behind everything...from the attacks to the elections being rigged. We are seriously living in a land of broken promises. Thanks for reading...and I hope you all can open your eyes to the big picture. I will not vote for this very reason...my vote doesn't count!
At it's base, it's not even about "can they be hacked". It's about a much easier benchmark of trust. Has the machine been tampered with?
That's all that's really needed to invalidate vast blocks of votes.
So, if you want to deny people their vote, go in late in the day, and just tamper with the machine in a visible way (cutting seals, etc).
At least with a paper receipt system, they could do vote correlation if the machines were tampered with. And they're already pre-checked by the voter themselves.
Chas - The one, the only.
THANK GOD!!!
Slashdot comments point out that software engineering for a secure, reliable voting machine is not rocket science.
It's difficult to believe that Diebold can not hire totally competent people to produce these machines.
What are the chances, that the described errors, weaknesses, or "features" that allow to rig the result are deliberately built into the systems?
I constantly see comments about how screwed up the digital voting system is, and I totally agree that what we are using is not working up to what I think the standard should be. But is it THAT much different from pen and paper? People seem to think that if they have written it down themselves, that all of the sudden it's etched in stone and nothing ever happens to those ballots. You see in the documentary that the Ohio recount had actual recorded voter cards that were "categorized" into two different piles. One democrat, and the other republican. This should never have happened, but someone seperated them, but NOBODY knew how. Using an old system where only pen and paper are used, what's to keep someone from creating forged ballots and replacing one stack for the other? "Oops, I dropped this stack on the ground!" *makes the switch*, there we go.
Also in the documentary, ballot tapes were thrown in the trash when it was against the law. Was anyone ever prosecuted for that? I didn't catch that part. It was just, "Look, we found these in the trash, that's against the law." Ok, so what now? I don't get the feeling that it's a conspiracy by some higher power, I think it's a bunch of people that want their side to win, and they're willing to break the law for it. It doesn't matter if it's digital or not, they'll find a way. Once you put your vote in someone else's hand, you have not control over what they do with it.
My question is, do you think it is ever going to be possible to have an un-corruptable system? If there are people using the system, someone along the line is going to try and fudge the numbers, no matter what. I don't think it's possible to ever have a truly accurate count no matter what we do.
http://www.wmcstations.com/Global/story.asp?S=5630 606
Oregon casts 100% of its ballots by mail. In this election over 45% of California's ballots will be cast by mail, a substantial increase from a few years ago. Many other states are getting on the bandwagon. In fact the criticism of e-voting systems is if anything accelerating this trend as more and more people want to leave a written record of their vote.
Isn't the whole e-voting argument becoming irrelevant, fighting over a soon to be obsolete voting method where people get out and travel to the polls to vote?
Everyone should be very aware that Accuvote systems are inherintely insecure and pose a risk to our democratic republic. Having said that, whenever I bring this issue up someone invariably asks for proof of fraud in past elections where Diebold Accuvote machines were used. I've found a lot of evidence of *how* tampering can occur, but nothing solid that it actually has. Can you supply us with enough evidence of actual vote-flipping (not theories) that might equal or be greater than known fraud such as illegal immigrants voting, or people voting twice in one election. Thanks!
* Main question *
Try to explain to us, why an electronic voting machine would ever be safer, less tamper-proof or in any way superior to an equally expensive internet-based voting alternative ?
* Context/argument *
Today, internet banking is a wide-spread practice, and generally accepted as reasonably tamper-proof.
A similar internet-based vote validation system should offer the same (or even better) reliability levels as any electronic voting machine could.
The problem of tampering could be even further reduced by a single, nation-wide centralised "registered users" database, updated with birth/death and even criminal records.
If perfected, such a system could actually allow "the people" to take a part in all of the State's public decision-making processes, in real-time. It would be infinitely more useful as a simple "voting machine", so the total costs could be much lower.
By reading this signature you agree to not disagree with the post you just read.
Although the idea of setting up this Slashdot interview is clever, and my fellow Slashdotters are asking good questions, I have to say that this whole exercise is moot. Diebold wants us to trust them, but the system should be set up in such a way that we wouldn't have to trust them.
If we have a verifiable paper trail, nothing Diebold PR says matters. And if we don't, then nothing they can say should matter either, because even if we could trust them now (and I don't) there's no way to know that we can trust them into the indefinite future.
Your god may be dead, but mine aren't!
I vote TiBike head of Election Process Development...is there such a thing? would he even win?
That comment is more lucid and realistic than anything Diebold's said yet.
Would you support and even recommend the creation of an open-source competition to create a reliable and verifiable open-source voting machine system design (software and hardware) that would be run along the lines of the Ansari-X Prize project? I.E. Getting various organizations to put up money for a competition to develop such a machine along with the software to manage it, so that private individuals or corporations could work to develop such a system, and the result would be freely available world-wide to anyone seeking a reliable and affordable machine.
The primary goal would be a reliable voting system, the secondary objective would be to bring in such a system at an affordable cost so that it can more easily be implemented anywhere by any government or organization.
Given the importance of evoting machines to the reliability of Democratic elections, such a project would seem to be a perfect target for this sort of competition, and I can't see any downsides to it that would make such a project a poor idea. Making the requirements include open source software would seem to preclude a lot of potential problems with regards to the security of any voting system, making the requirements include the fact that the design must also be open-source and thus manufacturable by anyone also eliminates many potential problems it seems to me. I would be interested to hear your thoughts on the concept...
"The first time I got drunk, I got married. The second time I bought a chimpanzee, after that I stayed sober" Arian Seid
Hi, ;-)
Its seems weird that a developing country like India has electronic voting machines in place. It leads to faster counting of votes. This has been going for past some time now. So I have reasons to believe that it is very much stable. My other question is how are people so stupid to allow running of s/w from a memory card when the only thing that u need to do is read some data from the card. Dont tell me these guys are using WinCE or something like it from MS stables.
Do you see any connection between:
,which donate primarily to republican candidates, or have been headed by people who become and win elections as republicans in districts that use their e-voting machines
* Possible election tampering by vote machine manufacturers
* The President signing into law the Military Commissions Act (which effectively destroys Habeus Corpus)
* The president signing into law H.R. 5122 (which give the President the authority to use state guard as a Posse Commitatus)
Is the White House preparing for possible civil unrest after fraudulent elections, or are these simply horrible coincedents that could set the stage for further creation of a US police state?
Sig
Appended to the end of comments you post. 120 chars
How about having 2 voting machines?
Machine one allows the user to vote. It stores the votes and prints out a card with the names voted for. You insert the card into a second machine which scans the names printed on the card, adds it to its running total and captures the card for a manual recount. You now have 3 different counts which would need to add up. Make sure each machine is from a different company. The card itself has no identifying information other then the names of the people who were voted for.
Maybe an additional step could be used. The voter makes an electronic choise, the e-voting machine prints it out. The print contains the choise in clear text and in machine readable code (something like the two-dimentional barcode on AMD CPU's), with timestamp and checksum.
The paper is fed into a scanner that collects the actual counts and afterwards you get to take the paper with you for an eventual recount. The scanner *must* be from a different manufacturer than the e-voting machine. At the end of the day, if more than 1% difference exists between the e-voting machine and the scanner, a recount by hand is required.
To Terminate, or not to Terminate, that's the question - SCSIROB
In your opinion, how many (rough guess) of the elections on Monday are going to be tampered with? A few? A lot? None? Also, what kind of response is this getting from politicians? Even those in power must realize that at some point, the OTHER party might start using these kind of shenanigans.
Is it being proposed we put voting booths on every street corner like ATMs? Are you saying because it's difficult to design a stand-alone voting machine, it is equally difficult to design any voting machine?
How 'bout this, we come up with a voting machine that allows 1: the voter designate a preference, 2: the machine to record that preference, and 3: the machine to later report that preference. That's it. Any verification required only applies to 1, 2, and 3.
What about anonymity? Don't need it. Or rather, the voting machine doesn't need any identifying information on the voter, and so doesn't need any mechanism for proper handling of that information. That's what poll workers are for. Leave the voting to the voting machines, and the poll management to the poll workers.
Let the poll workers make sure someone is voting in the right district, hasn't voted already, etc. Once the voter gets to registering an actual vote, all that jazz should already be done. Face it, if you can't trust the poll workers--whether due to corruption or incompetence--then the whole cause is lost, and no voting machine in the world is going to help.
Let me check column A, let me verify that I've checked column A, record that I've checked column A, report that I've checked column A, don't report checks that were not made by actual voters. The security and reliability requirement for such a machine may be long and complicated, but conflicted? Where's the conflict?
Probably the best idea I've ever read on /. Get Buffet or Gates to check the couch cushions--that'll get ya a few million to get started right there.
Why has the Open Source community not jumped on this band wagon and started programming a open source voting app? I mean it really cannot be too hard right?! vote_new = vote_old + 1
Did you ever even stop to think that maybe voters are not actually truthful upon being stopped for an exit poll?
Here is the scenario, you are an operative for either party but do not like the candidate and derive some essential aspect of your life like maybe income, social circle or even local political support from your political affiliations.
Upon exiting, are you actually going to say you did not vote for you party's candidate
Conclusion- Many democrats are not truthful upon exiting the voting booth since they are obviously voting for Independents or Republicans
Exit Polls Are Bullshit and are not scientific simply due to the human factor and all of the complications that go with that for better or worse
Enough with Exit Polls as some sort of yardstick
Why are our video slots and video poker machines more secure than our electronic voting machines?
It shouldn't be a paper trail. These machines should print out a ballot that would be turned in for counting. The ballot should print the name of the person your voting for and a bar code next to it so the computer can read it.
This way, the machines don't matter, the software, open sourced or not, doesn't matter. The only thing that matters is the paper ballot.
And a computer reading a bar code is infinitely more accurate than a computer reading a bubble or a hole.
here's what I've heard is the reality. for better or for worse.
;)
election fraud is a fact. has always been a fact. its a little known 'loophole' that has existed with the permission of both parties! for the purpose of NOT letting some extreme candidate win.
it has been explained to me that this 'cabal' has usually been good at moderating itself and not letting on to this loophole that both parties use when they feel they 'have to'.
unfortunately, in the last 2 elections, the repubs got greedy and so the 'jig is now up'. they didn't do SUBTLE election fraud, they did it wholesale. this tipped us all off on this 'practice' and now its out in the open, at least.
as to why we have electronic voting - its BECAUSE they want to have selective vote tampering to keep american somewhat (...) in the middle ground. again, it broke down when one party got greedier and had no one to really stop them. but the democrats also used this 'tool', over the years (I believe) - they just didn't change things as drastically.
analogy: if you are going to modify your school grade, don't change an F into an A. change the F into a B so at least its a LITTLE more believable
I can find no other good reason for why we changed from paper to electronic voting. anyone with a brain can see that we now have LESS checks and balances and there is no audit trail that can be counted on. the fundamental right of 'recount' is now 100% gone. no way to do a real recount. no way to challenge the results.
and again, if both parties were more moderate, we could just 'trust them' to fake things only when it NEEDED faking. but this trust (so to speak) has totally broken down and so we just cannot tolerate this anymore. not like we ever should have, but still - time has come to make this a transparent process.
--
"It is now safe to switch off your computer."
I am a researcher for www.votingmachinesprocon.org, a site dedicated to presenting the Pros and Cons of electronic voting machines. The standard response by manufacturers and election administrators to your December 2005 attack on the central tabulator of an electronic voting system, where you successfully changed vote totals leaving no logs, has been that the conditions were unrealistic, you were given unfettered access, and election administration procedures would prevent such an attack from happening. How do you respond to those claims? Could a programmer or a devious election worker have the access necessary to carry out your attack? Is it realistically possible for security to be improved to the point that the machines could be trusted?
I am an election judge in Baltimore County, MD. We are using the Diebold Accuvote TS. Simply put, what practical steps could we take to minimize the possibility of error or fraud in the poll? During the past few elections, my precinct has encountered it's share of problems, but the scrutiny of the general promises to be especially intense. I do not want to give anyone an excuse to invalidate our results.
We're through being cool! Eliminate the ninnies and the twits! -Devo
Exactly.
I think that the only reason that Diebold hardware is being used is that they are an established contractor. It's much the same way as how the federal government uses Lockheed Martin, Boeing, and the other BIG ones because they keep the government in their comfort zone. They have been around for a long time and continue to somewhat get the job done. They will continue to be around because the government keeps them alive. A smaller company (read large-sized corporation nonetheless) could do twice the job in a third of the time at a quarter of the cost.
You have Diebold in this same sort of scenario. The great thing here, though, is that they have NO idea what they are doing. How they have built these machines, I can't help but think that this would be the kind of scenario where a MasterLock-like comapny trying to branch out and make electronic security systems would just hire a bunch of fresh EE's and tell them to go at it.
Running Windows? We need SECURITY here. Write a simple OS in C or assembly, and post it as open-source for a year or two before releasing the units.
Physical security?? These are the guys who build ATM's. The voting machines are about as well-built as a cash register for sale at Wal-Mart. The locks on the side of the machines could be picked by the most novice of amateurs. Easy in, easy out. Or could be broken with a screwdriver or the CF card door could be popped right open with a crowbar. These things shouldn't be built out of what appears to be 16-gauge sheet metal. Casio would probably have obliged to build a better machine for a tenth of the cost.
Did you do your own makeup to save money producing the film?
It's all good.
I presented the same idea here some time back, but people seem to have a hard time understanding it (look at the responses you got).
To restate your idea:
1. You use the touchscreen to express your votes.
2. The machine memorizes the votes.
3. The machine prints out the ballot.
4. The voter verifies the ballot.
5. The voter puts the ballot in a box.
6. The election official presses a button to confirm the ballot to the machine.
7. The machine adds the votes to the totals.
At the close of the election, a truly random sample of the polling places is chosen for verification. The recount should match the earlier count precisely.
This way, the sole role of the machine is to optimize the counting step.
(Myself, I'm voting absentee anyway.)
Hugh, if we gave a complex polygon to look at, and put you back into the documentary, would Cable decoders showing the documentary go into an endless loop?
Have you read my journal today?
From watching the documentary, it seemed clear to me that vulnerabilites exist. Yet even pro-active elections officials are not able to evaluate them properly.
So far, when real problems are pointed out by experts, vendors like Diebold simply brush them off instead of addressing them.
Clearly, the elections officials need leverage over the vendors in order to protect the public.
My question is this: how can we give local elections officials the leverage they need to ensure that vendors' systems are clean and safe?
Do we need a nationwide independent technical advisory panel to certify these systems? And is it enough to evaluate each particular piece of hardware, or does it require end-to-end analysis (i.e. voting machines + central tabulation + pollworker procedures)? What is lacking in the process that is used now to certify these devices?
not only win ce, but old win ce.. otoh, another smaller co uses win 98!
One year I voted using a giant, easy to use scan-tron form with really large bubbles. After completing the form, you placed your form in a scanner which read it and made sure it was able to be read. It seemed to work very well, it would expand to serve more voters easily (just more desks and privacy screens), it saves labor and speeds results electonrically, but is also verifiable and scans the cards immediately for errors so voters can correct them. What is the arguement against this type of system?
In Canada ballots have only 3 or 4 party names listed. Its easy to count those.
It depends entirely upon riding (think district in Ameican political speak), but when I lived in Vancouver the particular riding I voted in had 12 parties listed: New Democrat, Christian Heritage, Marijuana Party, etc. Civic elections are just as tedious as some American cities with some 30 or 40 names on the ballot, depending on the city. I completely disagree with your assertion that voting machines are magically more precise than paper ballots and humans. Having worked as a scrutineer (poll worker) during an election here in Canada I can tell you that we have a number of mechanisms to ensure an accurate count including cross checks, but the most important being transparency. Anyone can and often do watch the election workers as they scruntize the votes in the polling place and phone the results into the elections office. Twenty minutes after the polls closed we were on our way home.
There is no reason paper balloting wouldn't work in the U.S. and it only lacks the politcal will. That said, I believe the best technologically sound system, since Americans seem so enamoured with technology, is the scannable paper ballot you mentioned. It retains all of the advantages of paper -- transparency and verifiability -- with the speed of technology. It's a win-win solution.
1. Can the Diebold machines run operating systems/software other than what Diebold provides?
2. If the answer to the above is yes; Can the machines be outfitted with a printer that could print out a machine and human readable ballot?
In other words, could we repurpose the Diebold machines to print unambiguous paper ballots?
How much to purchase a million votes?
I'd like to pay for an election too, but I can't affort to buy a nation-wide election and I don't know which state election to buy - what do y'all think, buy republican and flip or vice versa?
I live in Tallahassee, which despite being the center of election controversy in 2000, has a very good _local_ elections supervisor - in fact, he had Black Box Voting in to test some electronic machines despite it stirring controversy with his bosses. In our local elections for years we've used the optical scan system, where you darken in ovals and then feed the paper to a scanner, and we've had a very low rate of errors and problems in our elections. My question is - what are the risks and security holes related to optical sense systems? They do provide a paper trail, but after the scanning I imagine there must be some risks with the data after that.
Hear, hear! I'd love an answer to a related question: have you any personal experience of pen-and-paper voting systems? If so, do you think electronic voting or paper votes are best, all things considered?
I think there's an unfairly excluded middle ground here.
Pen and paper systems have their flaws: for example, the blind can't use them, and it's easy to spoil a ballot by marking the paper incorrectly (marking part of an X, circling the candidate name, etc). It's also relatively easy to stuff two paper ballots into a ballot box at once, if you can get your evil criminal hands on a second ballot somehow.
Pure electronic systems have problems with provability and accountability. They pretty much have to generate something more than pure electrons, or there's no reason to trust that they've kept a proper count.
I'd prefer a hybrid system: one where you use a machine to mark the ballot, in a way that's readable by both humans and automated counting machines. You hit the button (marked in braille as well as normal letters) to chose candidate you want, and the machine spits out a ballot with an X marked beside the right name.
You then verify the ballot to ensure that the vote counting machine will accept it. For blind people, a temporary braille printout can be generated. If the machine won't accept the ballot, it destroys it so that no one else knows how you chose to vote, beeps to alert the scrutineers of malfunction, and they let you to re-cast your ballot until you print a legitimate ballot.
You then walk across the room into the vote counter machine; it scans in the ballot, beeps to alert the scrutineers that you've voted once, and drops the ballot into a safe held inside.
If the vote counting machine won't accept the ballot, there's a problem with the election, and possible evidence of elections tampering. The voter knows if his vote is not accepted.
If the machine doesn't beep when the ballot is submitted, there's a problem with the election, and, again, the voter knows it.
If a voter tries to stuff the ballot box with two or more ballots, the multiple beeps will alert the authorities.
If the correctness of the automated counting machines are ever in question, a hand-count can be done to ensure that the right number of Xs were counted. If the automated counting machines are wrong, you have evidence to suggest elections tampering.
Neither pure electronic or pure paper systems work in isolation. Together, I think they can be combined to produce far more trustworthy results.
No offense intended, but that is a CROCK.
Also, other people with different disabilies are effectively disenfranchised, as their need for accomodations while voting is not being addressed. Second, many, if not most people with disabilities who vote, don't care whether or not they vote in privacy. (Their concern is "what will an elected official actually do for people with disabilities", other than give speeches.)
After seeing the show last night it left me wondering why did Kerry pull out when he knew something was wrong.
It appeared that Democrats and Republicans both were gaming the system or Diebold was playing both sides and may even provided information certain officials how to hack an election. Given the anomolies it is obvious someone knew how to take advantage of the system and did. Kerry should not have conceeded and should have done the right thing and exposed it and would like to know why he did what he did. All those that knew or had a part in it belong in prison regardless of party affiliation.
What exactly are the benefits of electronic voting systems? What's wrong with optical scan forms?
I have seen nothing but problems with the electronic systems. I expected election results to become available faster after the polls closed, but instead results took longer to get than when we were using punch cards. People talk about a paper trail making electronic systems OK to use. During the spring election, several precincts in my area ran out of paper for the machines. Some people waited in line well after those polling places closed, while others just gave up. The ease of use of these machines seems to be outweighed by their flaws.
To expect a "box" to be secure by itself is unrealistic. How do we build a security "System" around electronic voting to make the end-to-end process reduce the probability of security breaches to a minimum? What are the expectations about storing the equipment between use, testing them prior to each use, managing the inevitable software upgrade cycle, etc?
All I want to know is if there is any female nudity in this documentary?
Man, that's deep in a way that I don't think most people are going to get. Oh well, their loss.
Ben Hocking
Need a professional organizer?
Even though the reports (opening voting machines with mini-bar keys, untraceable viruses that steal votes, etc.) keep getting more and more jaw-dropping, they still haven't caused any significant outrage on the part of the electorate. I tell my friends that the only thing that will do it will be for several nerds hack some voting machines to hand the election to some obscure candidate... by a margin that exceeds the number of registered voters in that district. Until then, I fear that people will just keep assuming that, as long as they're allowed to press a button next to their candidate, that their vote is assured to make it into that big tally they see on CNN that night. It's almost as though they think that all of these reports are just academic or theoretical until it is demonstrated that a *real* election can *really* be stolen.
Can you think of any other way to snap the electorate out of their apathy?
If we're at war, is tampering with an election during that time treason, and can we impose the death penalty? Or can we only jail them? Or could we maybe fire them? Reprimand them? Something? Anything.
Although it doesn't pertain so much to electronic voting machines as it does to allowing individual voters to play more of a role in verifying the integrity of the process, could you share your thoughts about PunchScan?
For this to work reliably, you'd really need a way to make sure that voters can't ever leave with their voting paper, either accidentally or deliberately, for two reasons:
Rather than relying on voters to deposit their paper votes themselves, a better way would be for the machine to print the paper vote and display it behind a window. The voter verifies that it's correct, and then manipulates a visibly simple, mechanical switch that either accepts their vote (and visibly drops it into the box), or rejects the vote, and visibly destroys it, or drops it somewhere clearly marked as a rejected vote. If the voter rejects the paper vote, of course, the digital vote gets withdrawn, the process re-starts, and they can select again.
There's been so much focus on how awful the Diebold machines are, do you think there's the danger that many people will feel that "If we just ditch the Diebold machines, everything's okay", when Diebold is actually just the worse of a large group of bad e-voting providers?
We now have, for the Diebold machines, a proof-of-concept vote-changing virus that spreads from machine to machine via the memory slot.
But the initial infection is also via the memory slot, which requires opening the machine. (Granted that's quick and easy. But it's also visible if anyone is paying attention.)
Of course such a virus can be embedded in an installer that would inject it via any active and compromiseable port on the machne: Network connection, IR port, touch screen cable connection, WiFi (if present), etc. With such a tool and access to such a port, any voter could instantly infect the machine he uses via any port he can access during the election.
The obvious port for such an attack is the smartcard port: Inserting a card there is a normal part of voting, while substitution of the card is unlikely to be noticed. (Even if a normal card doesn't have enough memory to insert a virus, a fake card could be built that does, or that can access memory external to itself.) And the smartcard reader is necessarily active during the voting process, regarless of other aspects of the polling-place configuration.
Is there any indication of a flaw in the smartcard reader driver that might be exploited in this way?
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
In times when it's difficult for either major side to gain a clear majority, there are plenty of reasons for both major sides prefer an ambiguous loss rather than risk letting the other side have a close but definitive victory. For example, an ambiguous outcome makes it easier to determine the actual result in the courts, and having the right lawyers, or simply throwing more money at the problem, could be preferable to relying on unpredictable voters.
In a quote that's frequently repeated on Slashdot, Robert J. Hanlon once stated: "Never attribute to malice that which is adequately explained by stupidity." Given some of the stories that have emerged about voting machines in use now and in the past, I personally have trouble believing that malice is not involved.
My main question is: Do you believe that the current situation with e-voting in the USA can be adequately explained by incompetence among politicians and partisan election officials, and corporations to understand problems with the technology? Furthermore, if corruption is involved, and if people in certain positions are influencing the decisions to use unreliable voting systems, how serious-an-effect do you think this interference will have on efforts to make voting systems more reliable?
What can members of the tech community do on, before, or after, election day to help ensure the integrity of the vote count?
Ray Beckerman +5 Insightful
In the event that you have not had the fortune to see "Hacking Democracy" here is a link to a torrent (hash: 5967BFDD807EED06B1FAF4CF215696FC3012F760). Normally I wouldn't link to a torrent for content such as this but this topic is far too important not to.
magnet:?xt=urn:btih:LFT37XMAP3WQNMP26THSCVUW7QYBF5 3A
Whether they are secure or not, voting machines DO NOT SCALE. They introduce the possibility of "unintentional" misallocation. This translates to under-allocation of machines to precincts in which the current powers-that-be do not want high turnout.
Voting should be performed with two characteristics:
- Scalable (Lots of people can fill out paper ballots in parallel)
- Countable, in full public view, by UNAUGMENTED humans.
Even without the possibility of denial of voting-service attacks, there is the issue of any real security being too expensive to justify. Anyone who has done flight-critical software development knows that the cost of that development is waay higher than the ordinary system design and implementation practices. Voting systems are far closer to hard-realtime systems than most people expect.So... doing it properly is very likely to be more expensive than it's worth, and counting in public view lets everyone know what's going on.
And the processes for maintaining chain of custody for ballot boxes are well known. Competent election operators count the ballots *in the precinct*, in public view, immediately after closing the polls.
I think they should use paper and pencil voting, then train pigeons to count the votes. Pigeons are really good at pecking switches in response to visual stimuli.
I think I'd trust this system a lot more then Diebold.
No sig today...
It's been said before, but it must be said each time:
No plan is viable that lets someone walk out with a list of their votes. That leads to vote buying/intimidation, which would mess up elections far more than electronic voting machines can.
I know it's a small part of your plan; your addition is the scanner being separate from the vote-generator. But still it has to be pointed out.
It doesn't hurt to be nice.
Try to explain to us, why an electronic voting machine would ever be safer, less tamper-proof or in any way superior to an equally expensive internet-based voting alternative ?
Because adding the Internet to the mix does nothing to solve the security issues. Adding the Internet to the mix simply increases the number of attack vectors and the cost. The number of Internet zombie machines should be a clear enough example of the difficulty in securing the Internet.
Today, internet banking is a wide-spread practice, and generally accepted as reasonably tamper-proof.
First, I don't think this is true. Anti-phishing features are getting built into browsers specifically to enhance the security of these types of web transactions. Google for "phishing cost estimate" and see just how "tamper-proof" Internet banking is these days. Can you name anything connected to the Internet which has proven to be "tamper-proof"? Secondly, bank transactions and anonymous voting transactions are fundamentally different. The requirement that the voter is authenticated and authorized, but that their transaction cannot be linked back to them is not an easy one to solve over the Internet.
The problem of tampering could be even further reduced by a single, nation-wide centralised "registered users" database, updated with birth/death and even criminal records.
How would a centralized voter database impact tampering at all? It may make some types of fraud more difficult, but the fraud just moves to the process of inputting and maintaining this data. Adding yet another database to the system rarely helps the overall accuracy of the information. Centralizing the data also creates opportunities for more massive fraud and abuse. Who gets what types of access to the one true voter database? Personally, I think the blue finger solution is a much more cost effective way to enforce the one person one vote rule.
If perfected, such a system could actually allow "the people" to take a part in all of the State's public decision-making processes, in real-time.
Assuming you are in the U.S., you have even bigger problems than perfecting such a system; you need to rewrite the Constitution. In a more general sense, direct democracy has its' own set of problems.
To me it seems that the voting process is best secured through simple means. The more the process can be witnessed and easily understood the better. Every part of the process which you move out of plain sight introduces another layer where tampering can occur. The more you centralize the process, the more you empower individuals to commit fraud. The more of the process you keep within view of "the people" the better.
You need to change the meds, man.
What is the worst case of voter disenfranchisement you have ever seen as a result of electronic voting?
There is a strict protocol and stringent guidelines in the creation and deployment of ATM's. Why not just adopt these same guidelines in developing a voting machine?
Similes are like metaphors
Where the County Election Officials as stupid as they seemed in the documentary or where they just acting that way?
can you get me a copy of the source code?
8-)
Preamble: As I was watching Hacking Democracy, I was struck, on the final hack, with how at least the last voting problem could be prevented procedurally. It might be time-consuming, and unless carried out by volunteers from all sides, expensive, but doing things right often is: To get a bunch of people in a room to zero and watch being zeroed all the memory cards for one precinct, which then go into signed/sealed containers and only cards from those containers are inserted into voting machines, verifiably by polling-station workers. etc. The problems with the hackability of GEMS as demonstrated in the program would still exist, of course, but...
...do you think it's impossible for the current crop of voting machines and tabulators to be "rescued" from total malleability by more layers of human checks and balances? (I think it isn't but you've seen more of the ugly details than I have, what do you say?) Are such layers feasible? Does it take a higher level of volunteerism to make them so?
Question:
Follow-on rambling: If so, of course the problem still remains for those human checks and balances to be mandated across the whole US. Aside from the interesting technical ways of doctoring elections that the voting machines allow, I was struck, as a Canadian, with the inherent weakness of a system where standards are so patchwork and the mechanism of gauging political outcomes is itself so open to influence by regional players in the political process. Some things, like inter-regional highways, national defense and the conducting of elections are best handled centrally, no matter how loudly the regions yammer to the contrary.
Still hoping for Gentle Treatment...