Slashdot Mirror
Diebold Rebrands What No One Wants
Irvu writes "Diebold has apparently failed in their bid to sell their tainted elections systems unit. Unable to find a buyer the CEO of Diebold promised that the system will be run more 'openly and independently.' To prove that they are serious, they renamed it. Diebold Election Systems is now Premiere Election Solutions. They still sell GEMS, AccuVote OS and the ever-unpopular AccuVote-TSX which performed so disastrously in California's Top-to-Bottom Review under the same names. Apparently their rebranding effort only goes so far."
work on the voting systems?
This seems like just the opening that an "open" company would need to really turn the US upside-down. The failure to sell the business unit means people are scared of being associated with the closed-source voting mess. Even if the security problems are really accidental, in the current climate, you'd be hard pressed to get anyone to believe you.
At a crossroads like this, an OSS company could just step right in and take over the whole election software market. If some OSS platform were successful here, there'd be no competition from closed source platforms after that. OSS voting forever after. I know that "open" means never having to rely on a single source (if you don't want to), but a great hardware solution coupled with all open source code would make one (or a few) companies really pop.
I have not been looking too hard for OSS voting machines myself, so maybe they're already out there. In that case, they just need some PR so that they're visible to the general population.
Redhat? Ubuntu? Where are you?... Here's your opportunity...
"Wherever Diebold and ES&S go, irregularities and historic Republican upsets follow. Alastair Thompson, writing for scoop.co of New Zealand, explored whether or not the 2002 U.S. mid-term elections were fixed by electronic voting machines supplied by Republican-affiliated companies. The scoop investigation concluded that: The state where the biggest upset occurred, Georgia, is also the state that ran its election with the most electronic voting machines. Those machines were supplied by Diebold." From Diebold, Electronic Voting and the Vast Right-Wing Conspiracy
by Bob Fitrakis.
Link: http://www.commondreams.org/views04/0225-05.htm
More: " (Bev) Harris writes that the hacked documents expose how the mainstream media reversed their call projecting Al Gore as winner of Florida after someone subtracted 16,022 votes from Al Gore, and in still some undefined way, added 4000 erroneous votes to George W. Bush. Hours later, the votes were returned. One memo from Lana Hires of Global Election Systems, now Diebold, reads: I need some answers! Our department is being audited by the County. I have been waiting for someone to give me an explanation as to why Precinct 216 gave Al Gore a minus 16,022 [votes] when it was uploaded. Another hacked internal memo, written by Talbot Iredale, Senior VP of Research and Development for Diebold Election Systems, documents unauthorized replacement votes in Volusia County.
Harris also uncovered a revealing 87-page CBS news report and noted, According to CBS documents, the erroneous 20,000 votes in Volusia was directly responsible to calling the election for Bush. The first person to call the election for Bush was Fox election analyst John Ellis, who had the advantage of conferring with his prominent cousins George W. Bush and Florida Governor Jeb Bush."
And: "Documents illustrate that the Reagan and Bush administration supported computer manipulation in both Noriegas rise to power in Panama and in Marcos attempt to retain power in the Philippines."
Two words: crooked casino.
Actually, you aren't even guaranteed the right to vote , let alone your vote be kept secret
Believe it or not, the U.S. constitution allows government to deny your right to vote, as long as it is not based on your race or slave status.
There have been numerous amendments since (such as women's right to vote), but you're still not guaranteed an irrefutable right to. For example, Texas law denies the right to vote to the 'mentally disabled' and incarcerated criminals. It would be very easy for public officials to repress our ability to vote, if they collectively chose to debilitate the U.S. public. Just a thought.
Fact: Everything I say is fiction.
This isn't taking in consideration state laws, in which your state may may specifically define what you mentioned.
Fact: Everything I say is fiction.
Diebold obtained the voting system through an acquisition. The system was created from the ground up by a completely different team, and thus no connection to the ATM guys. In fact many of the transgressions had already taken place at the time of buyout, it just was not well known yet.
Independent review (of the leaked source code) concluded that the code base was of shockingly low quality, lacking in many basic principles of secure and defensive design, most likely written by programmers with very little training. Unfortunately this didn't stop it from being election-ready certified, which I imagine is where the real value was for Diebold.
Unfortunately, as any decent coder knows, a huge mess of spaghetti code is nearly impossible to fix short of a complete rewrite, which is probably why the system hasn't gotten any better since then.
I'll agree with just about everything you say, but I'll remind you of this:
Long ago, people were scared of "NutraSweet" because of some series of news stories and bad press. So they took the label off of the foods that contain it... just the label though. It's still there. Just look for "aspartame" in the ingredients list.
First of all ATM's don't handle billions of dollars in a transaction. Dunno about those in the USA, but most here are capped at 500 Euro, and your daily limit further caps it.
Second, an ATM is, by and large, just a slightly more secure terminal to the bank's central computers. It's not the ATM that authorizes your transaction, or transfers the money. It's just a terminal that's networked with a central system. So it's slightly easier to get things right.
With voting machines, the whole assumption that it must be anonymous, plus the bigger distrust of a single central station that counts everything, screw that assumption up big time. You can't go and transmit "Moraelin voted for the German Anarchistic Pogo Party" (I didn't, but for an easily rememberable example sake) over to other computers.
Third, the various kinds of bank terminals get numbers wrong more often than you'd think. E.g., the Deutsche Bank fairly recently introduced OCR machines where you can just shove the check in and have it read, so you don't have to type it all. Well, one of the damn machines didn't read the decimal point, so I ended up transferring 100 years worth of fee to my insurance.
The bank will help you solve such problems, but never claimed that it's 100% bullet-proof and more infallible than the pope.
Fourth, banks (if their central software is anywhere near well written) have other checks and safeguards.
E.g., every cent transferred must be a cent that comes from somewhere else. Even if someone maliciously manipulated the software or the database, you have a chance to catch it. If at the end of the month you do the totals and you have money that appeared out of nowhere, or disappeared into nowhere, you can start an investigation.
Plus it can catch erroneous transfers in the first place. For example my erroneous money transfer should have bounced from the start because most sane people don't have that kind of money in their personal day-to-day account.
E.g., similarly all the money moves must be accompanied by an entry in the transaction table. If someone's account grew by a million, but the transactions to that account don't add up to +1,000,000$, you can call the cops.
E.g., you can have other triggers, regardless of whether the transaction is correct or not.
For example, any incoming money transfer over, say, 10,000$ will automatically trigger an investigation. Ditto if someone suddenly starts getting lots and lots of little transactions. That's mostly against money laundering, but would also catch any error where a bunch of money appears out of nowhere.
For example, you can have bogus rows in the accounts table, which normally have no reason to be accessed, and are booby-trapped with a trigger. If some DBA comes with such ideas as "I know, let's shave a cent out of each account and add it to mine" or "I know, let's export the names and credit card numbers and sell them to scammers", chances are he'd stumble over such traps. Plus, it would trigger an investigation when a bunch of credit card numbers assigned to such bogus accounts start appearing in transactions.
Etc.
All this simply doesn't apply to votes.
- You don't have to take a vote from somewhere else to assign a vote to Moraelin, like would be the case with money
- You don't have people checking their balance and asking you to fix the errors. The whole idea of anonymity is that you shouldn't store anywhere stuff like "Moraelin voted for the German Anarchistic Pogo Party". If I can check "wait, did you count my vote for the German Anarchistic Pogo Party?" a month later, then so can someone else. That's another bank safeguard that just doesn't exist.
- you can't really use any sums as triggers, because everyone gets the same number: 1 vote. Each transaction says exactly the same: "1 vote for party X". So you can't go and say "whoa, we'll investigate all transactions over 10,000".
- since it's anonymous, you can't check how many transactions each person has, either
A polar bear is a cartesian bear after a coordinate transform.