Slashdot Mirror

← Back to Stories (view on slashdot.org)

An Open Letter To Diebold

Posted by ryuzaki0 on from the do-things-better dept.

jcatcw writes "Computerworld's Rob Mitchell tells Diebold President and CEO Thomas Swidarski how to regain Diebold's reputation instead of throwing in the e-voting towel. He recommends full disclosure of all existing problems, a process for disclosure of future problems, hiring of some real professionals as CTO and as an advisory group, and public testing. 'Surely if Diebold can make a secure ATM there is no reason why it cannot make secure and reliable e-voting apparatus in which the public has confidence.'"

12 of 266 comments (clear)

  1. Secure ATMS? Ha! by MilesNaismith · · Score: 5, Interesting

    What makes you think Diebold ATM units are secure? I had a friend who worked in bank software. He said if you knew half of went what on, you'd keep your money buried in jars.

  2. I'm not really holding my breath on this... by SeaFox · · Score: 5, Insightful
    He recommends full disclosure of all existing problems, a process for disclosure of future problems, hiring of some real professionals as CTO and as an advisory group, and public testing.
    My recommendations:
    • Make the code simple and open-source.
    • No last minute "patches" being applied by Diebold personnel on election day with no explanation why or review of the code beforehand. The machines should be frozen for most purposes when they're shipped and completely at least 72 hrs before election day.
    • Do a "dry run" of the election equipment to make sure everything is working properly before election day! I keep hearing about what sound like fairly simple problems cropping up at the polls that make you wonder if they do any testing at all on these systems before releasing them.

    "Surely if Diebold can make a secure ATM there is no reason why it cannot make secure and reliable e-voting apparatus in which the public has confidence.""
    When did they make a secure ATM?

  3. The customer drives security. by Paleolibertarian · · Score: 5, Insightful

    ATM's are bought by banks. As much a $250,000 can go through one ATM in a weekend. (Maybe more) The banks demand security. Voting machines are purchased by bureaucrats who probably use "password" for their office PC password.

  4. I know the answer to this... by quickpick · · Score: 5, Funny

    Mr. Mitchell: Thank you for your concerns. STFU. I am Swidarski and all your votes belong to us.

  5. But, wait a minute! by Anonymous Coward · · Score: 5, Funny

    Someone clue this guy in. The Democrats won this time.

    That means there's no problems with Diebold.

  6. Why electronic? by paulthomas · · Score: 5, Insightful

    Maybe paper offers a greater degree of transparency than electronic bits. We shouldn't hope for more secure electronic voting machines, but rather a public realization that sometimes "if it ain't broke, don't fix it."

    Sure, cryptography, open-source, signed binaries, etc. begin to offer the transparency we need in voting, but at the moment, the expense greatly outweighs any conceivable benefits (what, no need to argue about chads?).

    Paper voting works. Distributed counting means less impact from an individual case of polling-place fraud, and the paper record can be stored for a public recount where many eyes can verify the results.

  7. Shouldn't be secret by Cracked+Pottery · · Score: 5, Insightful

    The design and source code of the machines should be public information. All of them. There should not be any IR or wireless connectivity. That includes the tabulators. Touch screen voting is slow, dumb and expensive. Complicated elections eat up time. Optically scanned ballots only need a few additional tables to accommodate a heavy turnout. Machine time per ballot is minimal, and the ballots can also be counted by hand.

  8. Surely there are more than enough reasons by A+beautiful+mind · · Score: 5, Insightful
    ...why voting machines can't work:

    "Surely if Diebold can make a secure ATM there is no reason why it cannot make secure and reliable e-voting apparatus in which the public has confidence."
    ATMs are much easier to make. The ATMs _can_ trust the bank. The user can easily verify if the ATM works or not because they leave a "paper trail" (um hello, if it wouldn't give precisely the amount of cash out that you requested, wouldn't it be a little bit suspicious and wouldn't people have noticed it?).

    Voting machines cannot trust neither the user, nor the authorities and to top it off it has to be verifyable to both. In short, a much harder problem.

    The requirements to verify the voting process if paper ballots are used: being a non-retarded human being and a small amount of time.
    The requirements to verify the voting process if voting machines are used: electrical engineer and programmer proficient in all related languages and access to the source code, months of time verifying the voting machine, then making sure the voting machine used at the election is the same one you verified.

    If you look at it from the average person's perspective: in the first case the voting process is transparent for the average person. They understand and if they want, can verify the local process. Paper voting also gives a much better accountability to the overall picture. You generally count the votes locally, then make a official log about it, send the result up in the chain. Then when the overall results are known, you can check the website or whatever to see whether the numbers up on the website about the local results match with your local results you have in your hands. I know that if they didn't it would be found out pretty quickly because at least some people do make this comparison. So now we know that the local results on the website match the local results in the local voting stations. Now you can just simply add up the local results to check the big picture, whether it matches. At least some people will do that, so you can be reasonably certain that the results are pretty accurate, because to tamper with the outcome you would have to modify things on a local level at lots of places simultaneously and since we're talking about paper you'd have to involve a lot of people so we would know about it if someone attempted it.

    In the second case, even if you would have the overlapping skill requirements to verify stuff, you still need to have the time and the access. Then, votes are tabulated not at a local level, but a step above, at a regional level, so you reduced the number of places you would have to tamper with in order to skew the voting process. Since it is a complex electronic process which few people understand exactly, you can modify the results involving much less people and can do it in a much more stealthy way. Since it is electronic, carrying out the act on a wholesale level is not a problem for the bad guys. You got to ask the question one time: which is easier: simultaneously manipulating a few tonns of paper scattered across the whole country when they are guarded by thousands of people, or voting machines coming from two main sources, two companies which aren't guarded at all, or to be more precise, people are forbidden to guard them (source code-wise) and even if you would attack not at the source code level, but at the regional counting level, then it's still much easier to tamper with than with paper.

    We have to face it: not even an open source voting machine is good enough. It's much easier to simplify the ballots to catch up with the only positive thing voting machines provide, than to design an electronic system capable of transparent, accountable voting. Even if you take a barebones microkernel/firmware voting machine, it is still a hundred thousand(*) times more complex than paper voting.

    *I just pulled that number out of my ass, but I think most people underestimate the complexity difference between the two methods.
    --
    It takes a man to suffer ignorance and smile
    Be yourself no matter what they say
  9. Why would I want Diebolt to regain its reputation? by Project2501a · · Score: 5, Insightful

    You guys are missing the point:

    Given that:
    1) the CEO, all of current management, sales and computer programmers who kept their mouths shut, remain in place,
    2) the CEO being the same person who pledged to bring the elections over to the Republicans,

    what would a solid reason be which would give me ANY, even tiny, reason to put ANY amount of faith, back into Diebolt?

    --
    ----
  10. My Open Letter by Anonymous Coward · · Score: 5, Funny

    Dear Diebold

    After years of absymal performance, the public is understandingly distrustful of both your product and company. Don't fret, the world's expectations for the performance of the entire computer industry are quite low. Products don't even have to be good, just good enough.

    So here are a few steps you can take to finally gain voter's confidence:

    1. Under no circumstance should you release your source code. I know that earlier revisions have been distributed to the general public, and look at all the trouble that has caused. It is better to remain silent and thought a fool than to speak and remove all doubt.

    2. Outsource, nobody ever got fired for outsourcing. Americans will celebrate knowing that many nations came together to build their democracy.

    3. Encryption is an overrated buzzword. People love transparency in the democratic process.

    4. Paper trails increase the price of an election for taxpayers. So do your patriotic duty and keep costs to a minimum. Besides, if the paper trail and computer result were different, it could create a lot of work and problems for your fine institution.

    5. Another method to keep costs down is to minimize luxuries like manuals and support staff. Don't worry, elderly volenteers will learn how to operate and repair these systems with ease.

    6. Hire a well known person to oversee my proposed inititives. I recommend Karl Rove, I'll bet he'll even pay you for this privilige.

    7. To prove that the public knows that you are running this company for the love of democracy and not money, I'd recommend everyone employed by Diebold to dump their stock before doing anything else I have recommended. To get a fair price, you'll need to know about the status of the company, so build a Diebold Accounting program to count your assests (it shouldn't be too hard to fork your voting software). Remember that it is your corporate duty to release the results to the public.

    To ensure that no politican could ever shut you down, claim that you have created many jobs. To bolster your numbers, claim that the dead work for you, if they can vote, why not make 'em work?

    See you in 2008,
    ac

  11. think bigger, and simpler by pascalpp · · Score: 5, Insightful

    The problem with electronic voting machines is dwarfed by the problems inherent in the way voting is done in most states. Oregon has been using vote by mail for 10 years and they consistently have higher voter participation than every other state and practically no fraud. What's more, voters are better informed about the candidates and issues they're voting for and have time to research before voting. To learn more, check out: http://www.votebymailproject.org/whyvotebymail.htm l Electronic voting is cool, especially for a user interface geek like me, but in this case, simpler is better.

  12. Flawed by design by erroneus · · Score: 5, Interesting

    "The democrats won! No problem then right?"

    Idiots. Shut up already. There were a lot of eyes on this election cycle. There was a lot of public and organized outcry about the use of Diebold software and equipment. There's a pretty good chance that any attempts to rig any of the elections were aborted.

    It seems more than just a little strange to me that with all the public outcry against Diebold that it was implemented anyway. With such great public knowledge about the flaws [read: dangers] in the devices and systems, if these were cars, people would simply stop buying and driving them. The voters didn't often have any choice in the matter and when they did, it has been shown that they opted for some paper ballot form such as the absentee ballot. (There was a lot of paper balloting this cycle!)

    To me, it seems like there was great resistance to KEEP the flaws in place in spite of public outcry. I'm still interested to know WHO wants to keep these flaws in place and why. I'm really wondering why people aren't asking that simple question and how that question didn't get exposed and used on the campaign trail? (Imagine a candidate campaigning with 'my opponent has ignored the public's interests by keeping these demonstrably unsafe voting machines in place!')

    There were a lot of eyes on this election cycle and many people were poised to attack against election fraud. But just because democrats won of lot of elections this time around doesn't mean fraud didn't happen and that it wasn't perpetrated by democrats. I think the most significant thing here was that there were a lot of eyes on the elections. I hope we keep it that way and keep the public's interest in keeping it that way as well.