Diebold Admits ATMs Are More Robust Than Voting Machines

An anonymous reader points out a story in the Huffington Post about the status of funding for election voting systems. It contains an interesting section in which Chris Riggall, a spokesman for Premier (formerly Diebold) acknowledged that less money is spent making an electronic voting machine than on a typical ATM. The ironically named Riggall also notes that security could indeed be improved, but at a higher price than most election administrators would care to pay. Also quoted in the article is Ed Felten, who has recently found some inconsistencies in New Jersey voting machines. From the Post: "'An ATM is significantly a more expensive device than a voting terminal...' said Riggall. 'Were you to develop something that was as robust as an ATM, both in terms of the physical engineering of it and all aspects, clearly that would be something that the average jurisdiction cannot afford.' Perhaps cost has something to do with the fact that a couple of years ago, every single Diebold AccuVote TS could be opened with a standard key also used for some cabinets and mini-bars and available for purchase over the Internet."

Best Parallel Ever!

[4solarisinfo]

Polotics and money, what a great parallel. We should just combine the two. "Would you like an extra $5 to vote for candidate X?"

Re:Best Parallel Ever!

I wish to subscribe to your $5 newsletter.

Re:Best Parallel Ever!

[sm62704]

Polotics and money, what a great parallel.

So the banks are more impportant than the ballots here. But it's what one would expect in a plutocracy.

Tne bankers and stockbrokers know what's important in America, and it isn't your vote. What's important ios the campaign "contribution" bribery to both major party candidates.

Re:Best Parallel Ever!

[Etrias]

The reason for that box was actually an attempt to lessen the influence of money in the political process. How it is supposed to work is the FEC determines who are "serious" candidates and then distribute the money evenly amongst them. It is fairly tipped and a damn shame though as it strongly favors Republicans and Democrats over third parties.

More info here at the FEC website.

Re:Best Parallel Ever!

[Zippy_wonderslug]

I do this every year. It is not an extra amount of money, it is the only amount of money that you can directly allocate from your taxes.

Re:Best Parallel Ever!

[drinkypoo]

It should be abundantly clear at this point to all concerned that unchecked capitalism (whether libertarian or conservative) is harmful to life on Earth. I mean, we've privatized prisons in this country, providing still more incentive to incarcerate people (as if we didn't already have various financial incentives along those lines.)

Re:Best Parallel Ever!

[CastrTroy]

In Ontario, you get an option of giving your refund (assuming you have one) to the "Ontario Opportunities Fund" which is just a fancy term for paying off the provincial debt. I'm not sure how many people actually give any money to that. I would love to see statistics.

Re:Best Parallel Ever!

The real issue is that when an ATM screws up, the customer has a receipt and it costs the bank money. When a voting machine screws up, it doesn't cost the jurisdiction any $$$.

Re:Best Parallel Ever!

[Dragonslicer]

On our taxes it asks "Would you like to donate an extra $3 to the candidates?" Please mod this down to get rid of the "Informative". You don't pay an extra amount of money, you allocate to the general campaign financing fund an amount of money from the taxes that you're paying anyway. It does not increase the amount you pay. It even says so right next to the check box.

Re:Best Parallel Ever!

[tha_mink]

It should be abundantly clear at this point to all concerned that unchecked capitalism (whether libertarian or conservative) is harmful to life on Earth. I mean, we've privatized prisons in this country, providing still more incentive to incarcerate people (as if we didn't already have various financial incentives along those lines.) I'm not sure if you're kidding or not but I'll assume you're not. Are you trying to say that because there are privitized prisons, that a jury will be more likely to send a person to jail? Or that a prosecuter will think "Hrm...If I can get this guy to plead guilty, I'll be able to give "company X" another inmate and they might give me their Knicks tickets again."

Really? Or that lawmakers will say "If I make this law, more people will go to jail, which means more money for my buddy's company which means, he'll have another one of those bitchin parties again this year" ? Do you really think that?

Not trying to disagree with your unchecked captialism point but your proof stinks.

Re:Best Parallel Ever!

[mweather]

Would you like an economic stimulus check to vote for party x?

Re:Best Parallel Ever!

"Would you like an extra $5 to vote for candidate X?"

On our taxes it asks "Would you like to donate an extra $3 to the candidates?"
I don't know a single person who said yes to that... Uh... I do. It doesn't cost you anything if you actually read what it says. But this is slashdot, where nobody RTFA, or apparently their own tax form as well.

Re:Best Parallel Ever!

[encoderer]

Ross Perot qualified for it. Any 3rd party worth it's salt can qualify. It just takes actual electoral viability in 2 consecutive elections. Not exactly a high bar for something purporting to be a political party.

Re:Best Parallel Ever!

[thermostat42]

Really? Or that lawmakers will say "If I make this law, more people will go to jail, which means more money for my buddy's company which means, he'll have another one of those bitchin parties again this year" ? Do you really think that?

This seems like a fun game. Do you think its company's X strong moral fiber that will keep it from donating to PACs and paying lobbyists to argue for longer minimum sentences for crimes that pose relatively small dangers to society, when it will clearly benefit them financially? Do you think the lawmaker will say, "No I cannot accept your campaign contribution, because your positions are detrimental to my constituents"? Do you really think that?

Re:Best Parallel Ever!

It's obvious that a company running a prison system would benefit financially from having more prisoners. If you're claiming otherwise, I'd like to see the contracts that don't allow the company more profit from doing more work.

Or maybe you're saying that the incentive to imprison more people would not influence anyone in a position of power. That might be the case, but no one has claimed otherwise. If you reread the comment you responded to, you'll notice that it only claims that the incentive exists.

Re:Best Parallel Ever!

[mcmonkey]

Really? Or that lawmakers will say "If I make this law, more people will go to jail, which means more money for my buddy's company which means, he'll have another one of those bitchin parties again this year" ? Do you really think that?

Yes. (Except for the part about the party.)

Do you think the number of speeding tickets issued is affected by the potential income through fines? Do you think the propensity for police to confiscate property is affected by the ability to then auction off that property?

The profit motive in law enforcement is established. The only open question is that of degree.

Re:Best Parallel Ever!

[tha_mink]

Do you think the lawmaker will say, "No I cannot accept your campaign contribution, because your positions are detrimental to my constituents"? Do you really think that? Nope. I don't. Nor do I expect them to do so. In fact, not only do I expect them to accept contributions, but I also expect said lawmakers to give company X preferential treatment when it comes to rolling out no-bid contracts, or renewing shady deals. I don't, however, think that will provide said lawmakers enough incentive to incarcerate more people. They've already got *plenty* of people in non-privitized jails to work on.

Re:Best Parallel Ever!

[tha_mink]

It's obvious that a company running a prison system would benefit financially from having more prisoners. If you're claiming otherwise, I'd like to see the contracts that don't allow the company more profit from doing more work. Perhaps. I'd like to point out though that it'd be a whole lot easier to just go for the already incarcerated population as a target for your company rather than trying to get more incarcerated. Last time I checked, there's plenty of overcrowding already in the prison systems.

Re:Best Parallel Ever!

[tha_mink]

Do you think the number of speeding tickets issued is affected by the potential income through fines? Do you think the propensity for police to confiscate property is affected by the ability to then auction off that property? 1. Speeding tickets, yes. However, it's like like they're making new speeding laws. People speed. It's not safe. Ticket them. Win-Win.

2. No, I don't think the propensity for police to confiscate property is affected by the ability to then auction off that property. A police department does not directly receive income from said auctioned off property.

3. Let's not forget that *we* are the government. The "profit" directly or indirectly benefits the population. Let's not forget to separate individual bad behavoir from actual government policy.

Re:Best Parallel Ever!

[skroops]

I don't know a single person who said yes to that... "During each of the last five years, approximately 33 million taxpayers have checked the "yes" box." With those numbers, you probably don't know a single person who uses Linux either...

Re:Best Parallel Ever!

I don't know about your taxes, but on my taxes (Form 1040) it says:
Presidential Election Campaign = Check here if you, or your spouse if filing jointly, want $3 to go to this fund (see page 12)
Checking a box below will not change your tax or refund.

I don't see the words "donate" "extra" or "candidates" anywhere in there.

Re:Best Parallel Ever!

On our taxes it asks "Would you like to donate an extra $3 to the candidates?" Please mod this down to get rid of the "Informative". You don't pay an extra amount of money, you allocate to the general campaign financing fund an amount of money from the taxes that you're paying anyway. It does not increase the amount you pay. It even says so right next to the check box. Quoted for reference, this is *not* clear from the official documentation!

Re:Best Parallel Ever!

[Glsai]

Exactly, here in MN it takes money that you would have paid anyways and directs it to the political party of your choosing. I don't remember seeing it this year, but in the past it let you choose one of our major partys. (Democrat, Republican, Green, and Independant)

Re:Best Parallel Ever!

[susano_otter]

Bah. Banks get what they pay for. They care about their ATM machines, and so they pay good money to get good ATM machines.

You care about voting machines? So front the cash to your local election commission, so they can afford to get good voting machines. It's not like Diebold is going to make world-class voting machines for free.

You don't have the cash? So front the time and energy necessary to convince your local community members to pitch in. Collect signatures and get a tax measure put on the ballot to finance the development and purchase of high-quality voting machines. Campaign in favor of that tax measure. MAKE IT HAPPEN.

Don't have the cash, and don't want to spend any time and effort on it? Then stop fucking whining. It's obviously not something you actually care about.

Re:Best Parallel Ever!

A more compelling argument might be, "We, the legislators, won't decriminalize this harmless behavior, because it results in billions of dollars worth of fines and slave labor every year, part of which lines our pockets."

Re:Best Parallel Ever!

[urcreepyneighbor]

The OOF?

That's the sound I make when I reach for a snack! ;D

Re:Best Parallel Ever!

[I(rispee_I(reme]

Do I really think that lawmakers will say, "We should get rid of traffic light cameras, because people are obeying the law and reducing our income from fines."?
Yes.

Re:Best Parallel Ever!

[sm62704]

You care about voting machines? So front the cash to your local election commission

I do. every time I buy something I pay state and local sales tax. Every time I earn a paycheck I pay income tax. Every time I buy beer I pay an excise tax.

I'm paying for the ATMs, too. The bank gets its money from me when it charges me fees and invests my checking account money for their profit.

I expect my elected officials to do their damned jobs without my nagging. It's their responsibility under the state constitution to ensure a secure vote.

Re:Best Parallel Ever!

[ShadowsHawk]

1. They lowered the most highway speeds to 55MPH. They might not make new speeding laws, but they certainly alter speed zones to generate revenue.

2. I believe there was a story a while back about police borrowing impounded vehicles. Seems like an incentive.

3. I've never had a rebate from the government when they collect more than they were expecting. You are correct though, we should separate bad individual behavior from policy. It's unfortunate that those that are behaving in unethical and immoral ways are writing the policy.

Re:Best Parallel Ever!

Yeah, but who said anything about sucking cock?

Re:Best Parallel Ever!

[homer_ca]

It works like this: voting against any knee-jerk "tough on crime" law earns you nothing but attack ads from prison contracters and prison guard unions, or more likely their lobbyist proxies. Hey, I'm all for getting dangerous criminals off the streets, but prison sentencing has far surpassed any semblance of reasoned public policy to knee-jerk stage. Three strikes for non-violent felonies is stupid.

Re:Best Parallel Ever!

It's your last example that is the most worrying. Yes, I do believe certain legislators could be swayed by their buddies or contributors in the prison industry. And it may not even be making new laws, but refusing to reform old ones - think long and hard about the "war on drugs" - no matter how you feel about drugs morally, locking up users is a pretty insane way to deal with the problem in terms of making a difference. But it makes politicians look like they are doing something, and it gives the prison industry more warm bodies to charge rent for - a win-win, from their perspective.

Prisoners are already a marginalized population, so few people stand up for them. When you combine that with a profit motive to keep them in jail, I think that has a lot of potential to be dysfunctional.

Re:Best Parallel Ever!

[susano_otter]

With what money? The taxes you already pay are already allocated to all the other government services you can't do without. Obviously it's never occurred to you that the state budget only goes so far and that your elected officials can only do so much to discharge their responsibilities with the money you give them. It's obvioulsy also never crossed your mind that democracy is an intereactive exercise. Your diligent oversight is a critical part of good governance.

Re:Best Parallel Ever!

[sm62704]

The taxes you already pay are already allocated to all the other government services you can't do without

But I CAN do without them. Things I can do without:

• marijuana laws and their enforcement
  
• prostitution laws and their enforcement
  
• gambling laws and their enforcement
  
• airport "security"
  
• courtroom metal detectors
  
• metal detectors where I have to go for license plates
  
• "no smoking in bars and casinos" laws and their enforcement
  
• Airplanes to fly Milorad Blagojevich from Chicago to Springfield and back
  
• Upkeep on the Governor's mansion the Governor refuses to live in despite the Illinois Constitution
  
• Department of Homeland Security
  
• PATRIOT act and its enforcement
  
• DMCA and its enforcement
  
• ATF

And so on. I note with amusement that the ever-changing quote at the bottom of the page here says "The state law of Pennsylvania prohibits singing in the bathtub". Your tax dollars at work. Or as a couple of slashdotters' sigs note, "oh look, my tax dollars at work coming to arrest me!"

Re:Best Parallel Ever!

[thegnu]

People speed. It's not safe. Ticket them. Win-Win

I don't have the reference at the moment, but he majority of speeding doesn't change any statistics that have to do with endangerment of anybody. Which means that a large number of people who are being safe are being punished as a deterrent for a small number of unsafe people.

Which is pretty fucked up.

3. Let's not forget that *we* are the government.

BULLSHIT.

The "profit" directly or indirectly benefits the population.

Ideally, yes.

Let's not forget to separate individual bad behavoir from actual government policy.

while we're at it, let's not forgot to separate the "we" from the "government."

Re:Best Parallel Ever!

Actually it's called agenda setting, whereby a private company sets public policy. This is often the case when large corporations cozy up to government to get free giveaways and there is a constant exchange of employees from government to the corporation and from the corporation to the government.

An example of this is in Tennessee, where Corrections Corporation of America has pretty much a revolving door with state corrections and the political parties. Moreover, they also donate to both sides of every race and to every politician that is friendly to them and friendly to increased incarceration. Essentially they tried to buy the prison system off of the government despite there being no solid evidence that it saves any money. If not for the fact that they tried to cut costs in obscene ways (poor medical care, lower paid guards, etc) and this came out in horrific fashion during their attempts, they probably would have succeeded.

And lets forget for a moment that the owning and control of human beings by private individuals is functionally slavery.

Frankly, your attempt to deflate his point is incorrect and misses the point.

I'd elaborate further, but since I've been teaching a course on private prisons this semester, I don't feel like rehashing.

And yes, I am a Criminologist.

Re:Best Parallel Ever!

The privatized prisons have an incentive to keep people there, and little incentive to provide treatment/training to reduce recidivism or improve likelihood of successfully completing parole.

Suppose, e.g., that Prison Inc. knows that drug treatment program XYZ costs $i, but reduces parole violations by some amount. What incentive does Prison Inc. have to spend $i, knowing that it literally reduces future business? Prison Inc.'s goals are directly opposed to society's.

Re:Best Parallel Ever!

Where are these "most highways" you speak of? The limits here havnt changed in decades.

Some bad cops breaks the rules and thats incentive for the entire system? Come on, that is an unauthorized incident. Not company policy. Which brings us back to number three.

Re:Best Parallel Ever!

[susano_otter]

Like I've been saying all along, if you have a problem with this, go and fix it. Plenty of your fellow citizens seem to care a lot more than you do about these things. While you're here on Slashdot gaining wisdom from sigfiles, they're out there putting in the time and effort (and money) to arrange your society the way they like it.

How much time have you spent this month at HOA meetings? City council meetings? Petitioning your election commissioner? Drafting ballot measures and collecting signatures? Doing anything at all to promote your idea of a better tomorrow? Other people do these kinds of things all the time. What about you?

Re:Best Parallel Ever!

[gnupun]

Screw voting machines... I'll take hanging chads any day compared to malicious voting software that fraudulently gave bush the 2004 election.

Re:Best Parallel Ever!

[sm62704]

I do. Why do you assume I don't?

Re:Best Parallel Ever!

[susano_otter]

I assume that if you did, you would be complaining about the specific technical details of your real-life setbacks and challenges in fixing the problems with the voting system in your district, rather than presenting generic "this sucks and somebody should fix it and I shouldn't have to work at it myself" complaints.

Indeed, I assume that people who actually avail themselves of the various facilities at their disposal, for involving themselves in their own governance, don't say things like

I expect my elected officials to do their damned jobs without my nagging

because they don't actually expect that at all, but rather believe quite firmly that their "nagging" is, in fact, a right and necessary part of democracy.

So. What's your local election commissioner's budget for voting machines? Where does that funding come from? What steps have you taken in the past six months to improve that funding situation, or to ascertain for yourself that the funding is adequate?

ATM's are also more secure

[cryptodan]

ATM's are also inherently more secure then voting machines. In recent years some of the voting machines that have been used there have been noted various security issues.

Re:ATM's are also more secure

[skeletor935]

I don't think they need to be as physically secure, there's always a voting official in the room in plain sight and several other people working there. It doesn't need to be built like an ATM that will be randomly placed in dark alleys.

Re:ATM's are also more secure

[cryptodan]

But the voting officials cannot enter the booth, so any attacker could do something to the machine without it being noticed until after the elections.

Re:ATM's are also more secure

[JaredOfEuropa]

I don't think they need to be as physically secure, there's always a voting official in the room in plain sight and several other people working there. It doesn't need to be built like an ATM that will be randomly placed in dark alleys.

Not just that; they also do not have to be completely tamper-proof (though the more secure the better, obviously). The point is that we shouldn't labour under the illusion that these machines can be made completely tamper-proof, which is what the manufacturers and politicians are driving at. Rather, we need a reliably way to detect tampering and verify the voting results in case we suspect some tampering has occurred. More importantly, verification must be possible by non-experts, which means that voters can see for themselves that votes are tallied correctly rather than take some experts word for it.

A voting machine that prints off a paper ballot which the voter deposits in a lockbox still seems the best option to achieve this.

Re:ATM's are also more secure

And if a voting official tampers with it?
When it's something as important as an election, which is supposed to be democratic and which affects everyone, it should be as physically secure.

Nothing can ever be completely tamper-proof, but certain devices need a high level of tamper resistance.

Re:ATM's are also more secure

[TapeCutter]

The comparison between security in voting machines and ATM's is a strawman designed to get government officials to throw more money at 'secure as an ATM' voting machines. ATM's are secure because a somebody owns them, runs them, and controls access to them, with voting machines the opposite is true. The slimebags at Diebold cannot be so stupid as to not understand this, they are simply hoping to milk 'upgrade' money out of the taxpayer.

BTW: By voting machine I mean one that counts your ballot, not one that prints your ballot.

Re:ATM's are also more secure

[Bombula]

You know what are cheaper that voting machines? Turnstyles. And boxes. And marbles. Counting votes is easy, as long as you Keep It Simple, Stupid. When you add electronics, butterfly ballots and hanging chads, then you're inviting disaster.

With three sets of turnstyles, some marbles and some boxes you could have a virtually bullet-proof vote. First turnstyle you go through you show/type/swipe your ID and SSN. This shows you voted, and prevents you from voting more than once. Then you pick one marble (or whatever) - preferably with an RFID or barcode on it - out of a box. Then choose a door for your candidate - nice big posters of candidates right on the doors (behind plexiglass, of course). Door on the left, Obama or whoever. Door on the right, McCain, etc. As you walk through the door, you go through another turnstyle which counts candidate votes. You then put your marble in the candidate box - if it has a RFID/barcode it gets scanned at this point as a bonus. Then you walk through an exit turnstyle. The candidate turnstyles won't work for the next person until you exit, preventing duplicate votes - because some moron is sure to try to just sit there spinning the turnstyle to add votes.

This way you have a super-low-tech solution. It counts the number of voters and prevents voters from doing dupes - if you try to vote more than once at the same or different precincts, that can be corrected for by checking the SSNs later. It counts the votes per candidate three times (turnstyle, marbles in the box, RFID/barcodes), for redundancy. And it is extremely difficult to accidentally vote for the wrong person, since you have to walk through a door.

The only thing that might get compromised is privacy. This can be solved by only letter one person at a time into the little room with all the candidates' doors. Slow, but secure.

Re:ATM's are also more secure

[cgenman]

an ATM needs to protect the physical money inside. This is a mechanical problem.

A voting machine need only verify the integrity of the data contained therein. This is a software problem, and one which has been solved many times over the years.

Re:ATM's are also more secure

[BBandCMKRNL]

This is not an issue in Texas. There are no booths. Election officials can observe attempts at tampering, but can't see how the individual is voting.

Re:ATM's are also more secure

[0100010001010011]

You do realize we vote on more than 1 thing at a time right? It'd have to be more like a jar of marbles. And then you'd have to prevent people from putting all their marbles in the vote for president.

Re:ATM's are also more secure

[Sique]

A voting machine need only verify the integrity of the data contained therein. This is a software problem, and one which has been solved many times over the years. The problem is still unsolved, as far as I know. There is no way to make sure, that all votes are counted free and equal, and that the individual voter can make sure that his individual vote is counted correctly, without making it obvious to someone else which single vote was his.

(The same is for instance unsolved for mechanical voting machines.)

The integrity that can be achieved by publicly sealing of the voting box, by publicly putting in the votes into the box and by publicly counting the ballots after the seal was broken in public is (for very fundamental theoretical reasons) non achieveable with automatized voting methods.

Re:ATM's are also more secure

[Sique]

With this type of voting it's easy to sell your vote. If everyone can see how you have voted there is a way to check if you voted the way you sold your vote.

Re:ATM's are also more secure

[akozakie]

OK, but why would a spokesperson point that out? In my opinion the title is misleading. This is not an admission, this is rational damage control. Diebold is in the ATM market, sells the expensive machines to banks. The problems with voting security are having a bad effect on the company's image. The market for voting machines is still unsure, so staying in the ATM market is more important for the bottom line. So, what do you do? You say to your customers "hey, we can make our products very secure, but you get what you pay for! Disregard the e-voting controversy, dear customer, you pay us enough to get the best solutions!".

PR stuff, nothing to see here, move along.

Re:ATM's are also more secure

[cain]

Just put all access panels in the back and the curtain around the front.

Re:ATM's are also more secure

[JonnyDomestik]

Don't use an ATM in a random dark alley!

Re:ATM's are also more secure

[lbgator]

I've only used an e-voting system a couple of times, but in every instance I was always visible to the voting officials. They couldn't see who I was voting for but they would have certainly noticed if I did anything other than tap the touch screen.

Physical security isn't really the problem. There are always election workers and volunteers in the proximity of the voting machines. What is a problem is that smoke and mirrors are used instead of openness. I want to understand exactly how the votes will be tallied and what protections there are from tampering (and hiding the source code isn't a protection IMHO).

Re:ATM's are also more secure

[Tisha_AH]

Here in Alabama (yankees joke all you want) we use a paper ballot that you fill in with a black marker. They are tallied by machines but there is still that piece of paper to go back to. Hanging chads, that was stupid, using IBM punchcards for ballots. The last time I used one of those was in Chicago (where the dead could vote). Electronic 1's and 0's. Making it all virtual, making it all into a SQL database, eck... There is something fundamental about using a marker to fill in a inch square box next to a name. So much of this is driven by the media's desire to have an instant tally. Elections should take hours to count. Election judges should sit in the basement of the county courthouse and each look at a ballot to certify the election. We have thrown the baby out with the bathwater. We willingly forfeit our right to a representative government when we make it so easy for any single person or group of people to pervert elections.

Re:ATM's are also more secure

[Riturno]

Machines are often left unattended in unsecure locations such as school hallways, not to mention where they are stored between elections.

There have been numerous reports that even the most minimal physical security precautions have not been taken. Even the keys (hotel minibar keys) could be duplicated from photos on Diebold's own photos http://tinyurl.com/5slbc3

With physical access, there are numerous ways to affect the voting machines. http://tinyurl.com/58jcy3

Since electronic voting machines can be compromised prior to an election, dealing with the physical security of the voting machines even on non-election days is very important.

While the answer may not be to treat the machines like ATMs, there needs to be methods in place to reduce or eliminate the ability to compromise the machines for an election.

Diebold had not even taken some of the most basic steps.

Re:ATM's are also more secure

[dintech]

So how are going to pay for services in a random dark alley?

Re:ATM's are also more secure

[Midnight+Thunder]

ATM's are also inherently more secure then voting machines. In recent years some of the voting machines that have been used there have been noted various security issues.

It also much easier to check the validity of banking transaction than a vote, especially when you consider that votes are meant to be anonymous. In a banking transaction I know what I had previously, know the factor that is changing the amount and what I should be getting once it is complete. To do so with a vote which is essentially a block box of anonymous transactions is hard and with closed code almost impossible. Adding methods where you could check whether your vote is present, has the unfortunate disadvantage of making it easier for vote buyers to make sure you voted as promised.

Democracy is a good idea, having everyone vote is even better and ensuring that the whole process is transparent is what allows it to work properly. Take out the transparency and the system is subject to paranoia.

Re:ATM's are also more secure

[mweather]

The integrity that can be achieved by publicly sealing of the voting box, by publicly putting in the votes into the box and by publicly counting the ballots after the seal was broken in public is (for very fundamental theoretical reasons) non achieveable with automatized voting methods. Automatized voting? Since when could robots vote?

Re:ATM's are also more secure

[mweather]

Color code them.

Re:ATM's are also more secure

[Sique]

You can try to automatize parts of the voting process, for instance registering of voters (go trough lists of residents and subtract those not entitled to vote, because they are in another list, e.g. felons or non citizen residents or whatever...) or counting of tallies. That's an automatized voting method.

Re:ATM's are also more secure

Yes, yes, and yes. Maybe the machine should print out 3 "receipts." One for the individual, one for the lockbox, and one for another group, maybe licensed by the state, to count. Hell, you could even do 4, with 2 receipts each going to a counting squad of the two major parties in the election (in our system, Democrats and Republicans...).

We really shouldn't shirk the methods we can do to ensure that voting gets done right.

Re:ATM's are also more secure

[Mysticalfruit]

You have hit the name on the head!

The problem I have with these electronic voting machines is that their internals are completely closed! Understand that the state of Nevada has more strigent controls over it's slot machines than it's voting machines...

Note, I'm taking this content from an awesome graphic I found on the internet... Thanks to whomever came up with it!!!

Software:
Slot Machine: State of Nevada has access to all software. Illegal to use software that is not on file
Voting Machine: Software is a trade secret.

Spot Checking:
Slot Machine: State gaming inspectors show up unannounced at casinos to compare computer chips with those on file. If there is a discrepancy, the machien is shut down and investigated.
Voting Machine: No checks are required. Election officals have no "known good" to compare against.

Background Security:
Slot Machine: Manufacturers subjected to backgroundchecks. Employees are investigated for criminal records.
Voting Machine: Citizens have no way of knowing, for example, whether programmers have been confvicted of fraud or have conflict of interest issues.

Equipment Certification:
Slot Machine: By a public agency at arm's length from manufacturers. Public questions invited.
Voting Machine: By for-profit commpanies chosen adn paid by the manufacturers. No public information on how the testing is done.

Dispute Handling:
Slot Machine: Casino must contact the Gaming Control Board, which has investigators on call around the clock. They can open up machines to inspect internal mechanisms and records of recent gambling outcomes.
Voting Machine: In most cases, a voter's only recourse is to call a number at the board of elections and lodge a complaint.

I do understand that a slot machine and an ATM works in a much more hostile environment where people are constantly working to break the system.

However, our Democracy is more important than some ATM and thus any system that's put in place that becomes an arbitrator of our Democracy's citizens to choose their elected officals should be held to even a higher standard.

Re:ATM's are also more secure

[Redlum_Jak2]

I wish I had mod points to bump this up.

Re:ATM's are also more secure

Prostitutes and drug dealers don't take credit cards?

Re:ATM's are also more secure

[Rich0]

There is a problem with this approach - judging voter intent.

What happens when somebody half-fills in one box, and completely fills in another box for the same office. How do you score it.

How about all of one box and a stray mark in the other?

How about 3/4ths of one box and 7/8ths of another?

Any time you have hand-filled ballots you get partial votes. That means court battles and lots of arguing in a close election. There is no clear and fair way to handle partial votes. Do you throw out any ballot with a stray mark on it? Do you go by most-filled box? How do you measure most-filled (by darkness, area of coverage, etc?).

I think computers should still generate the ballots since they can validate input and tell the voter to fix it before they walk away. However, the printed paper ballots should be the official record. Viola - the best of both worlds.

Re:ATM's are also more secure

[TapeCutter]

This happened in one electorate at the last election. After two counts that came out with a different winner the two contestants agreed to send a couple of dozen disputed ballots to a group of handwriting specialists who made the final judgement. Of course there is always the option of calling it a draw and holding a new bi-election.

As you say a printed ballot may improve things in these circumstances but the problem is vote counting machines not ballot printing machines. I am happy to report our electrol commision told Diebold to take a hike when they came knocking a few years back.

Re:ATM's are also more secure

[TapeCutter]

Opps, I thought we were talking about Australia, not Alabama.

Re:ATM's are also more secure

[mysidia]

Voting terminals need to be secure to prevent tampering, including tampering by election workers, after-hours, while nobody else is watching.

I.E. A voting terminal should be designed so that attempts to physically tamper with it (such as to try to force it open) create a very visible indicator that tampering has been attempted and cause the machine to take itself out of commission.

Voting terminals don't need to be built to hold large quantities of cash securely, because voting terminals don't serve that purpose (it would be an irrelevent design feature), but someone tampering with the electronics to change the behavior of the machine is a real danger which should be anticipated and basic measures taken to prevent it.

Incorporating security features requires an engineering team to consider the most likely security issues.

It doesn't require a 10-year study by experts on the potential security issues facing voting machines. Some of the issues are similar to ATM design issues, and the potential security risks that exist with other types of kiosks, vending machines, POS terminals that exist out in the open.

Re:ATM's are also more secure

[mysidia]

How about you give each individual voting session a unique id, some codes, which are printed to a card when you finished casting your ballot. (1) A unique randomly-generated 48-bit number, 'session id' (2) secure hash of passphrase, list of votes, session id# -- to be published. (3) Secure hash, same components as first hash + a secret key (known only to the voting machines initially) -- this is printed only on your card and is never saved on the computer. (4) A third secure hash: combining just the session id#, and the secret key you don't know (for proving you did vote) -- this will be published, but not associated with the 'ballot'.

A second copy of that little card, containing only the session id, first and last codes, a timestamp, and your voter id, which printed to be retained by the election officials, not stored on the computer.

The session ID maps to the ballot object you submitted but nothing about that id identifies who the submitter is; the voter ID is buried in a hash.

Instead of merely 'counting' votes; at the end of the election, a list of all the ballots submitted is published as a bunch of .CSV files on a DVD-R. so anyone can count the votes themselves, and find their vote, without the assistance of an election official who could see their ballot.

session id#s should be published, as should the 1st hash, on the same row as the vote. The third hash should be published in a separate file with no identification as to which session id it is associated with. (The ability of the voter to connect the third hash to their session ID proves something)

A crypto hash of every single file on the DVD should be published in a public place.

The secret key used for that election should be released a certain delay after the DVD is in circulation to allow third-party verification. All complaints of 'error's must be initially submitted with a copy of the card, before that date. Or to allow complaintants to prove they had submitted their complaint before the secret key was revealed.

To merely verify your vote is counted correctly, you do not risk connecting your votes to your identity. You may have to if you are going to be filing a complaint that your vote has not been counted correctly; however, to prove your complaint is legitimate.

To verify that your vote is counted correctly, you buy the publically-released DVD or download from some government website.

Next you find the proper CSV file, and find the row that contains your 'code'. If the other columns match your vote for each category, then the vote was stored correctly.

Since these are .CSV files, they are read with a standard text editor, this will not reveal to the government, which rows you are choosing to examine, or why you examine those particular votes.

Now, suppose you need to prove that they failed to record your vote or recorded it wrong.

In case they didn't record it, no row will correspond to your vote or your session id. But you have that last hash of your session id#+their secret key, which proves a vote should be listed for that session id#, but is not. Maybe you get a 4th hash of your voter id# and their key (but no session link), as an additional guard.

The second hash proves you did cast a vote, if you show them the card, reveal your votes, and reveal your passphrase, they should be able to compute the hash and verify that it is legitimate (proving you cast that vote).

If someone tampered with results after the vote was recorded, they either re-calculated the codes, they're wrong, or more likely, they synthesized new votes that were never cast.

In this case, the .CSV file of voter ids voting is important. There should be exactly the same number of votes as voter ids that submitted ballots.

The law might be that voters are to retain their cards, and all versions of the card are to have a barcode (or be otherwise machine-readable), so elections can later re-validate the vote electronically.

Re:ATM's are also more secure

[dfenstrate]

I've always had the option of getting a new ballot if I screwed up one of these sheets. If a voter can't be bothered to walk ten feet to get a new sheet, then they're too lazy and stupid to be allowed to vote anyway. You can also throw out a person's misvote on a particular candidate or matter and still read the rest of the ballot sheet that they managed to fill out correctly.

We could also have the machine immediately spit back ballots that where unreadable, so that the voter has a chance to revote until they can manage to make only one mark per issue or candidate, and fill in the circle enough to be read.

At some point beyond that we have to say "if you're too stupid to make a black mark on a f*cking page, then maybe your vote shouldn't count."

I mean, really, can't we have some minimum standard of competency to vote in the system? Isn't 'color within the lines, get a new ballot if you fail to do so' a really, really, really low standard?

Color within the lines. Or walk ten feet and repeat until you can color within the lines. Make only the appropriate number of marks for each office. If you fail to do so, walk ten feet and get another ballot.

If that's honestly the best objection you can come up with, then I'm gonna say it's clearly the best system available.

You can't have perfection with any method, so I'll take pretty damn good, and scantron sheets are pretty damn good.

Re:ATM's are also more secure

[glassboxvoting]

Absolutely. At a forum on the Voluntary Voting System Guidelines (http://tinyurl.com/5a9ju7) last fall, a voting equipment industry lobbyist said to a room of security researchers (with a straight face) that the security problems have been solved by the military and the financial industry. Both the military and banks have trusted agents (else why give them guns and/or money) and can and do link all auditing to authenticated identities. The principle of the secret ballot is in direct conflict with the latter approach, and the integrity of the voting process should not be dependent on trusting elections adminstrators.

Re:ATM's are also more secure

[glassboxvoting]

Gaming machines also use TPM to verify the integrity of the BIOS, OS and all applications. A good voting machine will do the same.

Re:ATM's are also more secure

[Rich0]

We could also have the machine immediately spit back ballots that where unreadable, so that the voter has a chance to revote until they can manage to make only one mark per issue or candidate, and fill in the circle enough to be read.

However, a ballot that is accepted on the initial pass might not be counted in the same way on subsequent passes. This is very much an analog system - what if the oval is filled in just enough to make it read either way depending on the particular scanner/etc?

You can't have perfection with any method, so I'll take pretty damn good, and scantron sheets are pretty damn good.

I'm not convinced that you can't have perfection. "Pretty damn good" isn't good enough when elections come down to 5 votes out of 5 million. You really need a system that can be completely unambiguous.

I agree that the addition of certain rules can help reduce ambiguity. However, these rules are almost always going to fail. Ok, so you throw out a ballot if it has stray marks - then what constitutes a stray mark? If invalidating 5 ballots changes the outcome of the election you can bet that the opposing party is going to have out their microscopes looking for ink in the wrong spot.

"Voter intent" is a pretty hard thing to judge after the fact. The appropriate time to assess it is when the voter is present. A voting machine can do that. The shortcoming of the machines is the transparency, and that can be solved with a paper audit trail or ballot. The best of both worlds is better than either alone...

In other words

[Shivetya]

Politicians love to say one thing and then pay for another.

Voting is important, the security of the vote is important, unless that money can be used to buy votes elsewhere. It also becomes a great issue to underfund so when a politician loses they can blame voting machines for it because no one wants to admit they lost a popularity contest

Re:In other words

[sm62704]

...unless that money can be used to buy votes elsewhere

The candidate doesn't matter; HE'S the one for sale. The scandal isn't the buying of votes, it's the buying of legislators. When you've donated ten million to the Democrat and another ten million to the Republican, it doesn't matter who loses, you win.

Re:In other words

[nomadic]

Politicians love to say one thing and then pay for another.

And voters want more expensive services but refuse to pay higher taxes to pay for them. Bad combo.

Re:In other words

[MarkusQ]

It also becomes a great issue to underfund so when a politician loses they can blame voting machines for it because no one wants to admit they lost a popularity contest.

You've got it backwards. No one really cares what the loser says.

The point is, the winner won't have any incentive to fix the system that got them elected. Maybe it was an honest win, maybe it was rigged without their knowledge, or maybe they know damn well that they were elected because the machines are manipulable; in every case there's no incentive to try to fix the system and in some cases there is a strong disincentive to even admitting there might be a problem.

-- MarkusQ

Re:In other words

[dintech]

I wish the candidates were wise enough to see that the net result is 0. That's twenty million that could be better used and no-one seems to care.

Re:In other words

[mcmonkey]

I wish the candidates were wise enough to see that the net result is 0. That's twenty million that could be better used and no-one seems to care.

Someone offers me $10 million, I'm taking it.

I'm certainly not going to come back with, "you know, this money could be better used for..."

Is this a surprise?

A permanent installation which holds tens of thousands of dollars in a public place is well protected.

A voting device used only once or twice a year, under direct supervision, is less protected. And there has to be several of them per voting place, and they have to be cost effective.

Re:Is this a surprise?

[sm62704]

...and they have to be cost effective

Uh, what? They spend a thousand dollars on a hammer, millions on a Bridge in Florida that can't be built, and you're talking about cost effectiveness of making voting machines secure?

You must be new here. To the US, I mean.

The physical security of the voting machines is the responsibility of the election judges. The electronic security is what is in question. If you had a human-readable paper ballot come out of the machine the electronic security wouldn't be such an issue, as you couold recount by hand.

So?

[moosesocks]

I hate to play devil's advocate, but an ATM is an extremely complicated mechanical device. It doesn't shock me in the slightest that they're more expensive to produce than an electronic voting booth.

Of course, their voting products do suck, although I don't think that cost has terribly much to do with it.

Re:So?

[morgan_greywolf]

Not to mention Diebold's ATM business != Diebold's voting machine business (now called Premier Election Systems). The voting machine business is a small sideline business for Diebold. Diebold makes LOTS and LOTS of stuff. For one, they are a U.S. government contractor that makes physical access control systems and all sorts of things. The ATM business is an offshoot of that.

The voting booths have nothing to do their mainline business.

This a bit like AM General admitting that their LSSVs aren't as robust as their HMMWV's (:HumVee's") -- of course they aren't, their completely different business lines.

Re:So?

[junglee_iitk]

That is not even a question. Premier/Diebold is playing the most common trick there is: we can do better job but we need more money. Pony up some more so we can actually deliver what we promised to.

Once they have high-tech for ATM, all they need to do is downgrade it into a workable trustful voting machine - they don't have to do much R&D for that! The whole China is doing it... so can they.

Re:So?

[RobBebop]

Of course, their voting products do suck, although I don't think that cost has terribly much to do with it.

I agree. It is bad design if the basic security measures taken for ATMs are not also implemented in voting machines.

Diebold's expertise in serving the banks with ATM machines should translate nicely into serving the gov't with voting machines (much of the security, hardware, and software is similar between the two devices).

Thus, the argument that it is a "cost issue" is bullcrap. The fact that the case in NJ proves that THE DAMNED THINGS DO NOT COUNT RELIABLY is further evidence that the issues with Diebold are deeper than costs.

Re:So?

[DrLang21]

their voting products do suck, although I don't think that cost has terribly much to do with it. Actually cost is a fair complaint by Diebold. Security is not cheap, but the direct customer (the government, not the citizens) demands a cheap product. And so it is only natural that they would select their voting machines with price being a primary concern equal to or greater than security. These electronic voting machines suck across the board and we can complain all we want about the manufacturers (certainly they have been shady with their tactics of preventing third party evaluation), but ultimately the blame rests on the government's shoulders for passing HAVA without realistic cost estimates and for not purchasing voting machines with quality and security the highest primary concern.

Re:So?

[moosesocks]

It's not that simple.

I can't "downgrade" a 747 into a vending machine, even though the 747 is the more complex bit of machinery and has proven to be extremely reliable.

They're two separate things entirely. Granted, yes, Diebold's experience with ATMs does make them appear more qualified to build voting machines, though there are still several important fundamental differences present.

Re:So?

[DrLang21]

However, if Diebold did spend the extra money to make certain that they had a good secure and reliable design, would governments be willing to pay for it? Or would they instead go with the other manufactures who have less secure, but cheaper devices?

Re:So?

[junglee_iitk]

747 and a vending machine don't share a common technology, if they do, and you know how to make a 747, I really don't see a R&D problem in creating a vending machine. Note: I am not talking about manufacturing/designing problems! Just technological.

In case of Diebold, they want money for making something "more secure" (which actually, is just "secure"), while they already have that technology. May be "downgrade" is not the right word, but still I don't see why they would need more money to do something relatively simpler than what they already know.

Re:So?

[MrAtoz]

Yes, the ATM cost argument is totally bogus. As Ed Felten notes on his blog:

ATMs are expensive because they have a safe full of cash inside. It's important that you can't steal the cash, even if you've got time and tools at your disposal. Voting systems (at least anywhere I'll ever be likely to vote) don't dispense money. Building a reliable printer doesn't need to be expensive.

Re:So?

[ronanbear]

Banks are just as, if not more so, demanding about cost. The difference is that they actually need to have them work and Diebold wouldn't make any money selling grossly defective ATMs.

For the money that Diebold were paid they didn't come close to implementing a secure system and it had very little to do with fundamental reasons that indicated that it couldn't be done for the specified cost. Good security is more expensive but bad design is most expensive.

Re:So?

[Chelloveck]

That is not even a question. Premier/Diebold is playing the most common trick there is: we can do better job but we need more money. Pony up some more so we can actually deliver what we promised to.

Ah, but if only they'd reveal their source code and engineering drawings they'd get a few thousand people doing a thorough security audit gratis. But no, that would give away vital "trade secrets".

I'm not even talking GPL here. Or any license to use the designs or code for anything other than auditing them. Diebold could keep all rights to the design, could have the whole thing patented, copyrighted, and trademarked out the wazoo. All they have to do is let us see the design, and reap the benefits of thousands of interested parties who just want to see fair elections.

Now, IMHO this stuff shouldn't be owned by any one company. The design of a voting system should be public property, and any manufacturer should be able to bid for a contract to build them. But I'm willing to let that slide as long as the company which does own it is transparent about their design and process. Diebold is about as transparent as an inch-thick steel window.

Re:So?

So the question is. Why not just add more functionality to an already stable infrastructure?

Make ATMs into voting booths!

Re:So?

[apoc.famine]

As much as I hate and loathe Diebold, to be fair, they had the following scenario:

A customer wants to pay a small amount of money for an insecure and poorly built product of theirs. Do they:

A) Not sell them that product.
or
B) Sell them the product they are requesting.

While I hate to be a Diebold apologist, this would NOT have happened if their customers (our various governments) had clearly and contractually stipulated what these machines were required to do. I haven't heard much in the way of Diebold seriously breaking contract and providing a government with machines far outside the specifications in the contract.

If our governments would get their act together and contract out for decent machines, we'd get decent machines. As it is, we're giving Diebold a handout for something that's not worth buying. Blame the govt, for their JOB is to make voting fair and accurate. Don't blame Diebold, since their JOB is to make money, something they're doing (well, maybe not enough to make it worthwhile, it seems) selling us the machines we ask for.

When you contract out for something with clear, well-thought-out and complete specifications (like an ATM or the optical scanners my voting district uses) Diebold can produce a decent product. Of course, it helps if you approach it as a business proposal instead of a hand-out, political favor, or payback.

Re:So?

[Paul+Slocum]

Also an ATM has to have a massive safe. I own an older, relatively small ATM with no base stand, and it weighs nearly 400 pounds. The combination safe in mine houses the money AND the main computer.

Re:So?

[DrLang21]

While I'm not bank executive, I am going to suspect that a bank will be far more concerned about the security of their ATMs than they about about how much those ATMs cost. Price is always an issue, but in the case of ATMs, it's likely to be secondary to security. Banks have a lot to lose if their ATMs are insecure. Government doesn't lose much of anything meaningful to them if their voting machines are insecure.

Re:So?

You may not be able to turn a 747 into a vending machine, but I'll bet I could using nothing but the internet, and a highschool shop class*.

Any part you might need in a decent soda machine could be found in a 747, including refrigeration, logic and mechanical pieces. You might have trouble building an optical bill scanner, but I'll bet there are more than a few optical sensors in a 747.

*I'm not an engineer, I just play one on the weekends. More often than not that means flipping the breaker back on after I've electrocuted the carpet and the sleeping cat.

Re:So?

[rhizome]

While I'm not bank executive, I am going to suspect that a bank will be far more concerned about the security of their ATMs than they about about how much those ATMs cost.

No, banks are concerned with the security of their cash. My ATM has a touchscreen that can be smashed with a rock just like my TV at home, so the bank is only concerned with the security of certain parts of the machine. Voting machines do not contain cash, so that whole aspect of their cost can be ignored.

Re:So?

[dpilot]

> I can't "downgrade" a 747 into a vending machine

Of course you can:
1: Pull 747 up to gate.
2: Allow cockpit crew to leave, keep flight attendants.
3: Cancel engine maintenance contract, keep galley contracts.
4: PROFIT!! (not really, but couldn't resist)

To use:
1: Walk down jetway into 747, take a seat.
2: Push flight attendant button.
3: Flight attendant wheels cart to your seat, prepared to dispense peanuts, mini-pretzels, or soda.
4: Take you peanuts, mini-pretzels, or soda and exit the aircraft.

I didn't say that a downgraded 747 made a very good, convenient, or profitable vending machine, but with a few organic parts, (the flight attendants and ground service for the galley) it can make one. Perhaps a parallel for Diebold voting machines.

Re:So?

Fundamental differences?

Lets take a look...

Includes a touch screen interface. CHECK CHECK
Has facility for paper audit trail. CHECK CHECK
Has internal storage and network. CHECK CHECK
Tamper proof (as much as possible) CHECK CHECK
Operating software with a dumb as dirt interface CHECK CHECK

There may be fundamental differences, but I think it's clear the basic operating principals are nearly identical.

Re:So?

[cryptodan]

Actually all an ATM Machine is a 4U Rackmount Server Chasis a Modem or Network Card and sophisticated encryption technology and that is it. Any run of the mill PC could easily become an ATM.

Re:So?

So set up a virtual bank in each district. Give every registered voter a card that the ATM/voting machine interprets as a $1 bill. Have them pick an account to deposit that to. Block transfers between accounts and withdrawals.

Yes, the interface would be clumsy, but that's just what I came up with after ten seconds of considering how to vote with an actual, unmodified ATM. The only issue I see is that it would destroy anonymity by letting you track each transfer. If the voters were not named in the audit logs but were instead tracked by a random serial number, it would provide both verifiability and anonymity.

What is Our Democracy Worth?

[curmudgeon99]

This is just a travesty. That we put our democracy in the hands of for-profit, Republican-supporting companies like Diebold is beyond belief. The fact that they are required to make ATM machines better is a sign of how out of touch Americans are with our voting process. ATMs are more robust because people demand it. People DON'T (yet) demand the same amount of robustness in their voting machines because they are UNAWARE of how crappy the machines are. That really stems from our politicians who WANT to keep the sorry state of the voting machines secret.

Re:What is Our Democracy Worth?

[kenh]

Unfortunately, voting is a local exercise, despite the federal implications, and as such each jurisdiction has the freedom to implement voting in the manor they see fit. Of course, when we had that little mis-adventure in FL a few years ago, paper was deemed "unacceptable", so the federal government decided to throw lots of money around to help everyone buy *whatever* electronic voting machine they wanted, then when the local politicians made bad decisions (based on ignorance, greed, corrupt vendors or a combination of all three) the politicans are now stepping back in and saying that the electronic voting process is no good, and we need to go back to paper...

A fundamental change is needed, one that will either have the states ceding power tot he federal government to develop "the one true" voting machine used in all districts *or* we get off this technology merry-go-round and use paper ballots - as a bonus it will give the losing politicans more time to round-up lawyers to challenge their loss...

Re:What is Our Democracy Worth?

[sm62704]

ATMs are more robust because bankers demand it.

There, fixed that for you.

Re:What is Our Democracy Worth?

[maxume]

Paper scan voting pretty much solves all of the problems, at reasonable cost. The interface is one that people are used to(paper that is), there is a paper trail, the machines are well understood.

Hopefully people manage to remember the ongoing debacle in New Jersey for at least an election cycle or two.

Re:What is Our Democracy Worth?

[billcopc]

Simple: People care about not having the ATM (containing their money) robbed or compromised. People care about money.

People don't care about a voting machine, firstly because they know it's all a fraud anyway, and secondly because people don't care about voting.

Voting is not money. It ends up costing them tons of money and grief over four years, but since we can't compare candidates in purely objective points, there's no way to accurately present that cost to the mindless commoner. They whine about taxes, they whine about healthcare, they even whine about the candidate's ethnic background, but the one thing they don't do is act.

People don't whine when they get short-changed at the drive-thru, they YELL and complain and attack. People used to react just as violently to political issues, a long long time ago. If they still did today, we might have a little more fairness in this theatre they call Democracy.

Re:What is Our Democracy Worth?

bitch bitch bitch about the republicans

in my day we complained about the commies and we liked it!

Re:What is Our Democracy Worth?

[CastrTroy]

If it's a federal election, voting for a federal office, then there should be federal rules as to how the voting is conducted. In Canada, for federal elections, voting is done exactly the same across the entire country. You don't get extra things put on the ballots, because they figured, since everybody is voting anyway, they might as well vote on 1000 different things. Since we have a parliamentary system, the names on the ballots for different ridings, but that's the only thing that is different. The ballots are all printed in the same way, and we all use the same style of voting booths. And everybody votes on exactly 1 thing.

Re:What is Our Democracy Worth?

There are no 'federal elections' in the US. The people only vote to decide how their state delegates will vote.

Re:What is Our Democracy Worth?

[arb+phd+slp]

If it's a federal election, voting for a federal office, then there should be federal rules as to how the voting is conducted.

...snip...And everybody votes on exactly 1 thing.

But Americans don't really vote in federal elections. We elect local electors who vote in the federal election (electoral college). I'm pretty sure this system was set up specifically (for good or ill) to keep separation of local governments from federal control over the process. It does seem like time to look at that more closely.

And as to your second point, three or more pages of ballot items is a feature that's probably not going to go away any time soon. The town where my parents live (and I grew up) still votes for town animal control officer (dog-catcher) every two years and last year the whole town voted on the purchase of a new fire truck. If they had to come back on a different day for all the other stuff, voter turnout would go way down.

Re:What is Our Democracy Worth?

[CastrTroy]

I thought the whole purpose of electing officials was so that you could leave the decision making up to them. Of course, you can still have council meetings and get input from the public on big issues, but I don't really think there's a need for people to vote on things like getting a new firetruck, or who should be the dog catcher. I can't even believe that's an elected position. In Canada, we only vote for who will represent us in the parliament, so there's a different list of people in each of the 302 (?) ridings. But that's the only thing that is different on the ballots. There is a single list of names, usually about 5 or 6 long, and that's it.

Ironically named?

[ciaohound]

Riggall? That's rich. Yeah, mod me offtopic, I just Felten urge to post this.

This makes perfect sense

[dctoastman]

Everyone wants bad ass, but no one wants to pay the cost of bad assery.

He's (somewhat) correct.

[MMC+Monster]

ATMs are very secure because if just one breaks, it can mean the loss of thousands of dollars. If an exploit is made public, it can easily mean significantly more money lost prior to it being fixed (imagine a group of blackhats using an exploit to empty out a group of ATMs all at the same time one night).

That being said, there's no reason that over time a voting system cannot have a similar level of security and accuracy. Open code review and structure review of the devices will allow security experts to fix problems before production, if done right (with cooperation with independent security experts).

Re:He's (somewhat) correct.

[Lobster+Quadrille]

I don't know what industry standards are for ATM software, but I ran across one with a BSOD yesterday while buying tickets to a movie.

I don't really believe that they are all *that* secure.

That said, I'd be more worried about a group of blackhats who didn't make their exploit public.

Re:He's (somewhat) correct.

[billcopc]

You're seriously overestimating the skill, diligence and most importantly: availability of security consultants.

Code reviews ? Don't make me laugh. Security experts excel at policy writing. They are fear mongers. The people who can actually look at code with an emphasis on security, they are few and far-between. A few of them are plain old kernel hackers, the rest are black hats, because that's where the big bucks are.

Computer security isn't something that's easily done long-term, because it's an even faster moving target than the underlying hardware and software. New exploits spring up every few seconds, and old ones are slow to be patched. It's a business where you go all-out for a few years, then get out before you turn into a paranoid schizo.

Those who can, do; those who can't, contract.

Is this a joke?

[nephridium]

The spokesperson of (ex-)Diebold is called Riggall! Maybe they just want to make it clear to their 'customers' that even though they changed their name their complex vote "counting" algorithm is as good as ever..

Cost isn't the issue

[athloi]

As usual, cost isn't the question.

It's science -- bad science -- of two types:

1. Bad application of technology, including massive security holes.
2. Bad management science, leading to sloppy security and confused product design.

An ATM should be more expensive than a voting machine; the ATM has to dispense cash and be used 24-7 to do so.

A voting machine however should be secure, have an audit trail, and a clear interface so the average person can understand what they're voting for.

Re:Cost isn't the issue

[archkittens]

but if people know what they're doing at the machines, how will they Riggall the votes?

Re:Cost isn't the issue

[Shambly]

The problem isn't that an average person can understand what they're voting for, it's that you have to be clear to a really dumb person, because they can vote too. If your machine is too complicated for half the people you don't have a fair election.

Re:Cost isn't the issue

[jimicus]

As usual, cost isn't the question.

It's science -- bad science -- of two types:

1. Bad application of technology, including massive security holes.
2. Bad management science, leading to sloppy security and confused product design. I disagree.

Engineering is all about making compromises - the old adage "good, fast, cheap, pick two" holds true today just as much as it always did, even if the three options in the list change occasionally.

In this case, I'd argue that the three options are "Simple, reliable, cheap, pick two".

Simple - any fool can use it, it's really not complicated.
Reliable - Verifiably correct, very hard to mess around with without it being immediately obvious.
Cheap - Pretty self-explanatory.

Re:Cost isn't the issue

You are correct. Cost isn't the question.

Think about this.

You can walk into your local grocery store and use your ATM card at the register to pay for your purchase plus take a little extra spending money out of your bank account.

If the little card reader/keypad device and its associated firmware cost as much to make as an ATM, do you think every cash register would have one?

It is doing for the most part the same thing that the ATM is doing. It just doesn't have to secure and dispense the cash.

Somehow without the expense required for an ATM machine, the money manages to come out of the correct account. No-one cracks into it's network and causes financial mayhem. They seem to be pretty darn secure. You even get a paper trail (receipt from the register).

Secure, reliable, easy to use (and audit) voting machines surely can be produced. Someone just has to make it a priority.

Re:Cost isn't the issue

[tilandal]

I adhere by the standard that if you are too dumb to figure out how to vote then your vote shouldn't be counted in the first place. Give me reliable and cheap.

Re:Cost isn't the issue

[CastrTroy]

How does paper voting counted by humans with observers from multiple parties watching the election and the counting process not meet those criteria?

Re:Cost isn't the issue

[sjames]

Cheap is relative in that menu. The simple and reliable voting machine indeed costs more than the reliable and cheap or simple and cheap one, but none of those need cost as much as an ATM given an appropriate design.

Re:Cost isn't the issue

[zx75]

Yeah, pity they only decided to pick one.

Re:Cost isn't the issue

Secure, reliable, easy to use... everybody forgets anonymous. That is the hard part. You can't (shouldn't) get to anonymously get cash from the atm. They must know something about you (or the person you're trying to impersonate, etc)

Re:Cost isn't the issue

[Bodrius]

Putting aside the ethical and democratic implications...

The problem is not that your votes aren't counted if you're "too dumb to figure it out". The problem is they can be MIS-counted, affecting the reliability of an election.

Unless you want to make it a reliable intelligence test + analysis + voting machine... in which case I think you'll lose the 'cheap' part.

Re:Cost isn't the issue

Why don't we just use ATMS's as voting machines?

Put a software update on them to check (the bank account user) for current voting initiatives, check against a central tabulator for their area to see if the user has already voted, and then pass along their vote, print a paper receipt saying who/what they voted for.

IT's probably over simplified, but if they can throw ads on the machine, they are perfectly capable of doing this.

Our Drivers Licenses up here will actually read in POS terminals as debit cards, so technically, one could use this same piece of identification used when voting on the machine, without being a member of the bank. The central tabulator only tracks that "name" has voted, and keeps some kind of hash that verifies that they voted and what they voted for, while when actually counting the votes, it counts only the vote part. If it's tampered with (in the case of a recount) the central tabulator will see that there is no hash in the 'voters' table to go with the vote.

Re:Cost isn't the issue

[TheLink]

That is related to a more important criteria of elections.

Elections don't just have to be fair.

They have to be _seen_ by enough people as fair. Otherwise what's the point?

Hand counted paper ballots satisfy this criteria. Even a half drunk Joe Schmoe has a chance of understanding it. Compare with invisibly counted electronic ballots.

Paper ballots are harder to mass tamper with. Electronic votes can be switched in less than a millisecond.

Cost is a red herring. The US is willing to throw billions into Iraq to select a government there.

It's really funny to hear the USA always talking about democracy but somehow they can't afford it for themselves, and prefer diebolded elections.

It's obvious that the US Gov doesn't really care about democracy (I suspect they've "regime changed" more democratically elected governments of other countries, than they've successfully "regime changed" dictatorships ;) too lazy to do a count at the moment).

So do the US voters actually care? If you all are really fed up with the "WWE" style politics, then you should get together in advance and maybe vote in independents in enough constituencies just to shake them up.

Re:Cost isn't the issue

[CastrTroy]

The problem with the US system as I see it, is that even if 25% of the people voted independant, which is a very large percentage of the people, the independents would still have no power, because somebody else would be the winner. In Canada, at least if you can convince enough people in your riding to vote a particular way, then at least you get a seat in parliament, and somebody discussing your views with the rest of the government.

Re:Cost isn't the issue

If your machine is too complicated for half the people you don't have a fair election.

Well it would be the first bit of voting discrimination I actually think I like.
No more PEBCAK government?

;)

Yeah, right.

[Fieryphoenix]

'Cause election jurisdictions can afford to buy entire systems they have to throw away once they're discovered to be inadequate.

Priorities

[MikeRT]

No institution other than one that can compel funding and compliance could ever operate with the sort of gross incompetence and lack of priorities that government frequently has. A few obvious examples:

1) The Bush Administration has $500B to spend on prescription pills for the elderly, but cannot find $100M to fund 10,000 new border patrol agents on the southern border.

2) New Orleans had plenty of money to waste on welfare programs and such, but didn't have any money to spend on getting its own fixes for the levies, even if they were only gradual repair contracts.

3) All of the pork barrel spending that goes on in Congress.

4) The congressional hearings over steroid use in professional sports. I don't agree that it is the state's business at all, but isn't this what we have the DEA for?

5) Doing things like setting up honeypots to catch people who might have a passing interest in child porn when there are still people getting away with the actual production of the same in U.S. territory, child molesters and Americans flying overseas to do the same.

6) Passing and enforcing drug laws when there isn't even enough room due to the War on Drugs to guarantee that someone who commits 1st degree murder will get life in prison. Same thing for how the WoD has made it much easier to argue that the system just cannot handle the burden of locking up dangerous criminals permanently.

Re:Priorities

Passing and enforcing drug laws when there isn't even enough room due to the War on Drugs to guarantee that someone who commits 1st degree murder will get life in prison. Same thing for how the WoD has made it much easier to argue that the system just cannot handle the burden of locking up dangerous criminals permanently.

Boo hoo, another white collar pot-smoking liberal is upset. In case you haven't noticed, drugs destroy lives. While you may enjoy your recreational marijuana, the rest of us lower class poor folks are losing our jobs, families, and savings with addictions to crack cocaine and crystal meth.

I don't understand the pipe dream wherein drugs are legalized and we all live in this happy, consequence free world where people can be stoned as they see fit. Children are twice as likely to be abused or neglected in homes where the parents drink, and four times as likely in homes where the parents use drugs. What do we tell those children after we make pot legal? Suck it up?

Fantasy: Weed helps oldsters with glaucoma and people with chronic pain find relief. Reality: Drugs pull people into a spiral of dependency and despair that takes decades to get out of.

We have drug laws for a reason, bub. The War on Drugs is far from perfect, but letting a bunch druggies out on the street to commit crimes in the name of getting their next fix isn't my idea of a good time.

Re:Priorities

While you may enjoy your recreational marijuana, the rest of us lower class poor folks are losing our jobs, families, and savings with addictions to crack cocaine and crystal meth.

So, instead of providing help for these "lower class poor folks" with "addictions to crack cocaine and crystal meth", we lock them up in prison. And that helps them..... how, exactly?

I don't understand the pipe dream wherein drugs are legalized and we all live in this happy, consequence free world where people can be stoned as they see fit.

I've never heard of this pipe dream of which you speak. I have, however, heard of the much more realistic dream where we treat addicts as people with a problem and try to get them help, rather than as criminals and just throw them into a system that is known for turning small-time criminals into big-time criminals. In this dream, we also eliminate the high profits in the drug trade by bringing it above ground, thus forcing all the drug dealers and other real criminals to get real jobs, and simultaneously eliminating drug-related violence.

...but letting a bunch druggies out on the street to commit crimes in the name of getting their next fix isn't my idea of a good time.

Those druggies wouldn't have to commit crimes in the name of getting their next fix if the trade was brought above ground and regulated. Plus they'd have much more access to actual real help if their problem was being treated as a problem, rather than a crime.

Why don't you get it? Legalizing drugs isn't about a bunch of hippies wanting to smoke pot. It's about recognizing that prohibition has never worked and will never work, and that there are much better ways to address a very real problem.

Re:Priorities

"New Orleans had plenty of money to waste on welfare programs and such, but didn't have any money to spend on getting its own fixes for the levies, even if they were only gradual repair contracts."

Funny, there is a pretty obvious synergistic solution here.

Explain away engineering defects

[mysidia]

And shoddy/insecure design... As something they can't afford to do without?

I call BS. The customer has an expectation of the manufacturer doing a good job of designing their devices and not selling defective product lines: there would be no sale if the manufacturer were honest and told the product was not robust. There can be no excuse for letting a generic key open the device, when individualized locks are easily purchased.

The customer would keep going until they found a vendor that told them the product was robust and stable, and offered them the lowest price.

Cost of the result is something the manufacturers get to compete over. If you can't design a product well and robust enough at the price point the customer wants to get you the amount of profit you want, then you get two choices (1) don't make it, or (2) tell the customer about the weak design up front. Option (3) ignore defects and admit them later is highly dishonest.

Voting terminals may not be as proven as ATMs, since they are a newer technology, but there is no reason for the design to be weaker.

ATM makers already have robust ATM designs that can be used as a basis for the design of voting terminals and other products.

There is really no excuse for a new voting terminal design to not be as robust as a new ATM design.

The design will cost more, but that cost is supposed to be absorbed by the manufacturer. The high price that state governments pay for these terminals is plenty to justify proper design.

Due to the nature of software, it can be understood that there may be some aesthetic or annoying bugs early versions of terminal software that QA couldn't find.

But they should not be because of non-robust design, QA adn testing should verify the critical elements of the application are bug-free, and later versions should eliminate bugs without adding features that risks incorporating more bugs.

Campaign contributions

No need to spend millions in campaign contributions, you need only spend 19.95 plus 6.95 s&h for a mini bar key. Or put another way you can yell all you want about how security stinks, just get yourself a key and ensure that johnJacobojinglehimerschmit or mickey mouse wins every position in your next election, including yes or no propositions. Nothing gets changed until everyone can see just how broken something is ... sometimes not even then.

too expensive to be secure?

[192939495969798999]

If it's too expensive to make a secure electronic voting machine, then maybe that's the wrong solution? Nah, let's just make an insecure one that's cheap enough... gotta love that logic!

Enough already

[cloudkiller]

Can't we just modify slot machines to also record votes for the American people? That way everyone knows that the more money you put in, the better chance you have of actually accomplishing something. All the while knowing that everything is rigged regardless.

Re:Enough already

[Beorytis]

Good idea! It's already well documented that slot machines are more secure and transparent than voting machines.

Re:Enough already

[sjames]

Not to mention acknowledging that the outcome of your deliberate inputs will be essentially random chance. The odds that what you wanted done lines up with what a well funded lobbiest wants are about the same as hitting the jackpot.

Voting Machine Gnomes

[daveime]

1. Take a standard PC, probably running Windows (to be as insecure as possible). 2. Enclose it in a crappy wooden box with a diebold logo on it, that can be opened with a minibar key. 3. ? 4. Profit

Re:Voting Machine Gnomes

[daveime]

You know, even a 60 second "grace period" to edit your posts would be wonderful for those of us with lots to say but little time to wonder about the wierd "default" settings of Slashdot.

Come on guys, fine, it might be HTML formatted but when I type a CR+LF in the textarea, is is SO difficult to understand that I mean <br> to be put in the finished article ???

Curse that combo box, and curse that preview button.

1. Take a standard PC, probably running Windows (to be as insecure as possible).
2. Enclose it in a crappy wooden box with a diebold logo on it, that can be opened with a minibar key.
3. ?
4. Profit

Re:Voting Machine Gnomes

[CastrTroy]

Have they fixed the bug where selecting "Plain Old Text" still doesn't format correctly?
I'm testing this by putting in a carriage return after every sentence in this post.
Let's see how well it works.

Journalism 101

[BigBlueOx]

ATMs found to be more secure than electronic voting machines = not news
Electronic voting machines found to be more secure than ATMs = news
See?

Not the same people

[Nerdposeur]

So the banks are more impportant than the ballots here. But it's what one would expect in a plutocracy.

I'm not sure this is a valid conclusion. The same people aren't making decisions in each case. And while we like to think we place a high value on the integrity of our voting system, it's hard to put a dollar figure on that, which is what the people running the budget need.

Banks, on the other hand, can easily place a dollar figure on the value of their ATMs' security, and show their decision-makers that X dollars spent on securing them will easily pay for itself.

I'm not happy with the situation, but I don't think you've got a single set of people saying "transactions are more important than votes."

Re:Not the same people

Banks, on the other hand, can easily place a dollar figure on the value of their ATMs' security, and show their decision-makers that X dollars spent on securing them will easily pay for itself. Then why don't they do this for credit card fraud ? Europe has had chips with private/public key exchange for a good 20 years while the US still relies on the megnetic strip + signature leading to widespread faud.

Right, one way or another the money comes out of somebody's pocket (yours or the store's) and the CC company benefits along the way. Crooks.

Re:Not the same people

[tha_mink]

So the banks are more impportant than the ballots here. But it's what one would expect in a plutocracy. --And--

I'm not sure this is a valid conclusion. The same people aren't making decisions in each case. And while we like to think we place a high value on the integrity of our voting system, it's hard to put a dollar figure on that, which is what the people running the budget need. Not only that, but I think it's important to point out that there are not a whole lot of people using pickup trucks to smash through the front doors of polling stations trying to steal voting machines. I know everybody thinks that Bush stole the election but it wasn't because the election machine didn't weigh 10,000 lbs. So yeah, I think that maybe you can't compare the cost of an ATM machine to a voting machine. After all, the cost of making paper ballots were never compared to to cost of making a dollar bill.

Re:Not the same people

[mweather]

They make ATMs on wheels, too. Ever been to a convenience store?

Re:Not the same people

[Amouth]

because for now.. the CC companines don't lose the money.. if you stole my card and went and bought shit and i report it as fraud.. then i pay a fee (50$ i think) and the CC refunds me my money and then charges back to the company where you bought shit..

so in reality.. the CC has to do a few more transactions and alittle leg work.. (what my 50$ covers) and the company selling stuff gets nothing but lost inventory and the fraud guy makes off with the stuff..

untill the CC companies here in the US are held accountable for the transactions then they have zero incentive on putting together more expenisve and effective security into the cards/transactions.. because it doesn't effect their bottom line..

and the reatail places are screwed because their only option is to stop accepting CC's.. and if you do that in the US you might as well clsoe your doors as most of the population doesn't cary cash any more.. and sadly most of them don't have the cash to cary.

Re:Not the same people

[TheSeventh]

Why can't we get an Open Source software solution to this problem? With Open Source hardware where there is less likely a chance of cheating, rigging, etc.

Combine it with a not-for-profit company to manufacture, distribute, maintain the machines and make this process as transparent as possible. Like the idea from Bruce Schneier where the voting machine accepts your votes, and prints out a paper copy, which is then scanned into a separate machine not connected to the first for counting and keeping a paper trail. Not a perfect idea, but far closer than anything current.

I don't like the idea of either side rigging the vote. I don't know, call it a crazy idea, but I think whoever wins the vote should win the election (whether popular, electoral, or whatever other crazy scheme some district has.)

Re:Not the same people

[tha_mink]

They make ATMs on wheels, too. Ever been to a convenience store?

Ever try to lift one of those deals? The portable ATM machines that we have in our stores weigh about 1000lbs. So...

Re:Not the same people

[bishiraver]

Most corner stores / bodegas in NYC do not accept CCs. Then again, all I buy there is beer and cigarettes.

But my point sort of stands - the only places that accept them are big name stores like Duane Reade, clothing stores, etc. The last time I bought a pair of boots, the store requested to see my ID because it was a large purchase. I'm completely fine with it. I now know that store makes sure their customers aren't frauds.

It's pretty much that simple to prevent this at the store level. Ask for a fucking ID. Stupid customers will get angry, but they can deal with taking one more piece of identification out. If they didn't want to show ID, they could petition their credit card company to start with the public/private key encryption. Then again, with the quality of sales reps at most stores (big box like kmart, best buy, wal mart, et cetera) I can see why a simple request for ID would be an issue.

Re:Not the same people

[Nevyn]

So yeah, I think that maybe you can't compare the cost of an ATM machine to a voting machine. After all, the cost of making paper ballots were never compared to to cost of making a dollar bill.

I would have been happy if they'd compared the cost (and security) of making and running an digital voting machine with the same costs for a non-digital version.

Re:Not the same people

[Amouth]

oh i know what you mean about it being an issue.. i can't tell you how many times (to screw with them) a local store here who asks to see id.. i show them the back of my license.. they glance at it and move right on..

now either A.. they have managed to get barly litterate minimum wage people that can read barcodes nativly OR they just don't give a shit..

Re:Not the same people

[homer_ca]

You and I may understand software and Open Source, but to a non-technical voter that's still saying "trust me". People understand paper ballots and physical security.

You could use a computer to print out a paper ballot that's the official ballot of record, but then it just becomes a $3000 pen, not exactly a wise use of taxpayer money even when you count printing costs.

Re:Not the same people

they could petition their credit card company to start with the public/private key encryption

Or just get them to use any kind of secure system, which is the norm in Europe. Allowing huge amounts of money to be transferred with just an easily-copyable magnetic strip is insane.

Re:Not the same people

[Kral_Blbec]

The price of being on the leading edge. We have a million units in place already to read the current credit card system. To replace that would cost an insane ammount to the CC company. Europe is A LOT smaller so they can afford to replace old infrastructure. Same story with 120v/240v.

Re:Not the same people

[rtechie]

so in reality.. the CC has to do a few more transactions and alittle leg work.. (what my 50$ covers) and the company selling stuff gets nothing but lost inventory and the fraud guy makes off with the stuff.. Actually, the merchant ("company selling stuff") gets charged a fee on top of their lost merchandise.

untill the CC companies here in the US are held accountable for the transactions then they have zero incentive on putting together more expenisve and effective security into the cards/transactions.. because it doesn't effect their bottom line.. Do you really think the CC companies or banks are going to soak this up? Not a chance. They'll just pass it onto consumers. I'd rather have the merchants charged than the consumers because THEY can get insurance and THEY can write-off all their losses. I'm not crying over Wal-mart.

Re:Not the same people

[sn00ker]

Europe is A LOT smaller

umm, sorry, you what?! Europe's population in 1950 was larger than the population of the US today. In 2005 it was estimated at 728m, which if I'm not mistaken is roughly 230% of the population of the US.

So, you were saying...? Fucking ignorant Yanks!

India has affordable/ secure voting machines

[aqui]

Security depends both on the voting / counting process and on the technology (this is true for paper ballots as well). The problem is when the technology can easily be changed in a hidden way that is unverifiable by elections officials.

A simple machine, that has been tested and verify can be sealed with stickers with signatures of election officials.

A machine (think diabold) with all kinds of inputs (think keyboard plugs) and complexity (think OS, DB etc...) cannot be easily sealed and verified by election officials.

I found two interesting articles about India's EVM

The two things I found interesting:
1) EVM cost = $230 (hard to tamper with, and relies on election officials to keep secure)

2) Diebold cost = $3300 (easier to tamper with, and relies on election officials to keep secure)

This points out two things: voting systems don't have to be complicated or expensive to work well, and that security depends both on the machine and the voting process.

Just like with paper ballots the election officials need to ensure security of the voting and counting process.

In Canada we have some electronic voting at the municipal level in some cities (mostly optical scan machines).

A comparison of EVM and Diebold
http://techaos.blogspot.com/2004/05/indian-evm-compared-with-diebold.html

Wikipedia
http://en.wikipedia.org/wiki/Indian_Voting_Machines

The issue is not about cost. The issue is crappy design, and politics in the selection of voting machine vendors.

Re:India has affordable/ secure voting machines

A comparison of EVM and Diebold
http://techaos.blogspot.com/2004/05/indian-evm-compared-with-diebold.html [blogspot.com]

Wikipedia
http://en.wikipedia.org/wiki/Indian_Voting_Machines [wikipedia.org]

The issue is not about cost. The issue is crappy design, and politics in the selection of voting machine vendors. Neither article addresses the key question: how secure is this system against fraud by voting machine manufacturers? (This includes the microchip manufacturer as well as the companies that make the rest of the hardware.)

ATMs as voting machines

[bromoseltzer]

The obvious solution. Banks reload their ATM software for voting on election day. The candidates can buy your votes all the more easily -- cash comes out of the slot.

I have...

[EddyPearson]

...a watch that cost me £5 that's more robust the the Diebold Voting Machines.

ATMs Are More Robust Than Voting Machines

[rnturn]

Well, of course! Money always seems to be more important than democracy so it's not a big surprise where the companies like Diebold put their best engineering effort.

This is utter bullshit

[GreatBunzinni]

Although an ATM does indeed demand more hardware and more engineering due to the particular task that it intends to fulfill (dispense the exact amount of money, continually exchange information with a central server, work 24/7, exposed to the elements, resist vandalism, etc...) that is absolutely no excuse for it to be more robust than a simple, straight to the point vote counting machine. In fact, it proves the exact opposite. An ATM has multiple subsystems which must work perfectly 24/7 and must be flawlessly integrated and a voting machine includes only a very restricted subset of those very same systems. So how come a less complex system that needs to perform an incredibly simple task ends up being less engineered and more prone to failure? There is absolutely no excuse.

well of course they are most secure....

unsecured ATM = loosing money

unsecured voting machine = gaining money.

What's wrong with paper ballots anyway?

[palpatine]

Yea I've noticed the Diebold logo on many an ATM and they do actually work very well, not to mention seem solid. After all these are boxes of cash we are talking about, they had better be secure and work correctly given how often they are used.

But as for voting machines -- why are people foaming at the mouth to use them anyway? What was so horrible about paper ballots? I can't figure out a good reason to be switching to voting machines at all... so what if it takes longer to count the votes? At least it's done properly! I'll never use a voting machine or any voting system that doesn't involve writing an X on a piece of paper. I wouldn't consider my vote to count otherwise.

Re:What's wrong with paper ballots anyway?

[16K+Ram+Pack]

Quite.

No businessman with any sense about computer systems would use a computer to run such a process.

It's only processed once and for 1 purpose. Which means that a whole load of set up costs doesn't get paid back. Computer systems have quite a lot more set up than a manual process, but save in the long run.

It's simple. If you're calculating interest, a computer does it better, faster and cheaper than a person. But voting isn't complicated.

No transmission speed or multiple location requirement. If the votes don't get counted for a few more hours, what's the problem? In an election near me, they had e-voting, and it took a few hours to get the results out because of a glitch with the network. Driving the ballots to a central point would have taken less time.

Reliability. Paper ballots are not subject to damage from electromagnetic forces. The heads don't crash on a pencil.

Audit. You can't audit a sum or a byte. Paper gives you a trail.

paper trail

[e**(i+pi)-1]

there is a simple major reason why I trust them more. They have a paper trail.
I can check with the bank statement.

Completely reasonable!

[SeePage87]

ATMs Are More Robust Than Voting Machines Well that makes sense. If you compromise an ATM you can steal thousands of dollars. If you compromise a voting machine, all you could steal is the country.

Rubbish excuse

[pubjames]

I don't know what it's like in the USA, but in Europe many shops have a small hand-held devices that connect to banks via phone to do card transactions. They are both very secure and relatively cheap. The excuse that a properly secure device would be too expensive is just rubbish.

Voting machine - ATM combo

[MrNougat]

There's already a lot of ATMs. Why couldn't a voting machine function be added to existing ATMs? People could identify themselves by swiping a card (like you do for getting boarding passes on an airplane). You could vote anywhere, anytime, not just in your precinct on a specific day. Hell, they'd even have paper receipts!

Obviously, some people are not going to want to or be able to identify themselves with a swipe card. That doesn't exclude the election commission from operating centrally located polling places that run old skool. Not necessarily in every precinct, but near public transportation centers, and serving multiple precincts.

Re:Voting machine - ATM combo

[tilandal]

Without a monitored location it is impossible to tell if the person voting is who he claims to be making it easy to buy votes. Voter hands over the voting card, pockets a grand.

Re:Voting machine - ATM combo

[QuoteMstr]

The ballot must be anonymous. "Show me your voting receipt or you're fired."

Re:Voting machine - ATM combo

"Pull down your pants or you're fired." If you don't want an employer doing something, it can be made illegal really easily.

Here is a better question, to the state "Show me in the election results where my vote is tallied. This is my VIN (say, voter ID number), my password, my election receipt number (ERN)."

With this level of confirmation, a statistically random sampling of people (people willing to ensure a fair election and trusting the 3rd-party varifier to some degree) could certify an election outcome given reasonable statistical assumptions (and honest participants).

Anonymity is somewhat 'lost' but the data can be made damn-near impossible to get to, expire (be deleted beyond recovery) after a few years, and laws similar to those on the books could ensure the Civil rights (14th, 15th, 16th?).

I wouldn't even put the results on the election receipt. Just a number that is useless without the VIN and password.

As is, they can ALREADY look up your VOTING RECORD. They'll say "MrNougat only voted 3 of the last 7 elections - he is not fit for public office."

I would make that information non-public and impossible to acquire and, if acquired, impossible to verify by people without your password.

Note, you need not remember the password if it matters not to you. Just keep it on your voter ID card on the perforated section that holds the password (for those who want it torn off). 95% of people won't care cause it would be trivial to have the password reset and the vote isn't worth THAT much (although it can worth everything in some contexts).

This just in: the sun rose again today

[guspasho]

Why is this news? ATMs don't have a reputation for being insecure devices, and considering the amount of money they handle on a regular basis there is a strong incentive to break into them. Further, any single ATM is in service every day out of the year, whereas voting machines are in service once or twice a year.

Diebold's voting machines have a deservedly bad reputation for bad security as well as major screwups (not necessarily security-related) but I don't recall anyone claiming they were built to be as secure as ATMs, or anyone expecting them to be so, for that matter.

Malda means nerd en espanol

[J4]

"Riggall" You can't make this shit up.

Proper choices....

[Kaptain+Kruton]

I was once told that, in the development of new software or devices, aspects of product development can be broken down into 3 categories: Cost, quality, speed of completion/delivery of the new product. Customers can usually only choose two items to be in their favor. It sounds as if one (or maybe two?) of two things happened. 1) The politicians and the voting committees chose low cost and quick speed of delivery, but (wrongly) still expect the highest quality. 2) Or the government chose a bad company for the project.

According to the article, the government did spend a lot of money on the overall project (4 billion on the voting act of 2002), but I can guarantee that the entire 4 billion did not go towards purchasing the voting machines. Considering how many voting machines are needed and how important they are, the government needs to rethink how much money is being spent on these machines and their choices in this project.

OS/2 is BACK BABY!

Of course they're more robust--many ATMs run OS/2!!!!111

Crappy overly expensive underachieving design

[sjames]

Voting machines most certainly do NOT have to cost as much as an ATM to be appropriatly secure!

An ATM must be tamper proof. That implies heavy steel construction all around. It has to be larger because it has to hold a store of cash. That sort of construction is where bug costs come in. They are generally unattended for most of the day and they contain cash!

A voting machine just has to be tamper evident. Heavy ABS plastic construction (for durability) with unique keys would be adequate there. They are generally either secured away or attended by election officials. They contain nothing all that valuable to someone who would break in. (the only value to be had requires breaking in without leaving visible evidence) Tamper evident design is quite sufficient.

The card readers on those things are just plain excessive. You'll note when you push the card in, there's a rather solid clunk as it locks in. That speaks of a heavy mechanism with an oversized solinoid and spring. That in turn implies heavy relays and a big power supply. A mechanism more like the floppy drives on an old Mac would have been more appropriate to the problem and considerably cheaper.

Those savings could have gone towards uniquely keyed locks, better software, and perhaps a POS style receipt printer.

Re:Crappy overly expensive underachieving design

[CopaceticOpus]

There may be a problem with making voting machines tamper evident but not tamper proof. Imagine a close election in which a certain district is known to heavily favor candidate A. Near the end of election day, an agent of candidate B in that district goes to vote. While voting, he breaks the tamper evident seal on the voting box. Although he may not have actually changed any votes, all votes in that machine are now suspect. Should they be discounted?

Re:Crappy overly expensive underachieving design

[sjames]

There may be a problem with making voting machines tamper evident but not tamper proof. Imagine a close election in which a certain district is known to heavily favor candidate A. Near the end of election day, an agent of candidate B in that district goes to vote. While voting, he breaks the tamper evident seal on the voting box. Although he may not have actually changed any votes, all votes in that machine are now suspect. Should they be discounted?

If the system is well designed, there is no need to declare all the votes invalid, just that last vote and then take the machine offline (flash memory can be locked so that blcoks cannot be erased/re-written).

Also, given a thick ABS case with a unique lock, someone trying to tamper would make a great deal of noise trying to hammer, cut, or pry the case. That would get him arrested and call attention to the evidence of tampering.

While some polling places have a curtain, that is hardly going to conceil vigorous prying. Where I vote, there is no curtain at all, just privacy partitions and a strategically placed screen so that the voter blocks other's view. The election officials are at a table about 8 ft. behind the voters, so there would be little chance to get away with anything.

Open Voting Consortium

[cparker15]

This is precisely why we need a citizen-backed voting platform. The Open Voting Consortium provides this. They're our votes. We should do everything in our power to protect them.

well, duh

[gtx]

ATMs are typically full of cash and left completely unsupervised, frequently outdoors, 24 hours a day, 7 days a week.

Voting machines are generally used for one day a year, indoors, surrounded by people, and are not full of a delicious currency filling.

I'm not saying security shouldn't be a priority, I'm just saying that you have to plan security practically around each application.

-c

Exactly Right

[Woundweavr]

Technology is beneficial at times. This is not one of them. My precinct has never had trouble with optical scanning ballots (fill in the circle with a little marker, feed it into the machine). In terms of speed of counting, security and cost, these voting machines are inferior to techniques as simple as the ones that graded your history test in 8th grade.

Good enough

[Noexit]

What's the problem? One has *my* money, the other has *your* vote.

We are getting stuck on the machines!

[qazwart]

It doesn't surprise me that voting machines are not built as well as ATMs. ATMs are filled with thousands and even tens of thousands of dollars. It would be a rich target for all potential thieves. The voting machine electronics must be protected from all sorts of assaults. Voting machines only contain vote totals, so fewer people would be after them. After all, if you smash an ATM, you still get the money. You smash a voting machine, and you simply lose the votes.

The problem is we're stuck on machines vs. voting procedures. New York and New Jersey had voting machines that did not produce a paper trail for almost 100 years, and this was by design. The voting fraud problem in the Northeast was ballot stuffing. Voting machines, by eliminating paper ballots were designed to eliminate this type of voter fraud. The voting machines were designed around voting procedures. A voter had to register before hand. They had to sign in. Their signature was compared to their signature on their original application. The voter was handed a ticket. They handed that to a poll worker who would place the ticket in the voting machine, and pull a big lever which unlocked the machine. The voter would enter the machine, pull another lever to close the curtains and vote. When they finished, they pulled the lever to open the curtains. This cast the ballot and locked the machine. Poll watchers oversaw the whole process.

This machine/procedure combination eliminated ballot stuffing. The voter could only vote a single time before the machine locked up. The poll worker couldn't unlock the machine without the poll watchers noticing. Voter counts were taken from the machine totals, the tickets on the machines, and the sign in list. Since the voting machines were purely mechanical, they were trusted by all parties. All parties could watch the machines being setup and make sure there were no problems. Poll watchers would run tests before the polls opened to verify the machines. This didn't kill the political machines which simply switched tactics, and it didn't entirely eliminate voting fraud, but it certainly helped.

What we need to do is set a procedure up to ensure that elections are fair. Ballots must be secured and watched over by all parties. In Zimbabwe, they counted the votes locally at the polls and posted the results at each poll. This prevents the ruling party from manipulating the ballots. You could go from poll to poll, and add up the election results yourself. We also must ensure that each voter votes only once, and that each voter's vote is totaled as they intended. That was the issue in Florida with the punch card system.

So, we need to think beyond the "technology" aspect of the voting. It isn't paper ballots are simply better. It's about ensuring that we have confidence in the tabulation of the votes and whether it truly reflects the view of the populous. So, think of how you'd secure the paper ballots, how they would be counted. Who would oversee the procedure? How would the ballot boxes be protected from additional votes being added? How do we ensure that voters only vote once and not sneak in additional ballots? How do we verify the ballots? How can we ensure the entire procedure is fair?

The problem with the current Diabold style voting machines is that they are mystery boxes and we cannot tell if they tabulate the vote fairly. We would have to ensure the firmware, the software, and hardware has not been tampered with. A paper trail can help since paper is easier to verify. But, paper is easy to duplicate, toss, and manipulate which is why the Northeast went to the mechanical paperless machines to begin with.

Unless you think of the entire voting process, and ensure the voting process is easy to verify, it doesn't matter how voters cast their ballots.

Re:We are getting stuck on the machines!

[Tuoqui]

If there is any serious discrepancy between machine and paper then that calls for another poll. Either that or take the paper as being correct since presumably people would be able to verify those as well as ensure physical security and cameras to ensure theres noone stuffing extra votes in.

If you really need security then just incorporate a few of the security features you have in diplomas/money... Holograms, Watermarks, UV reactive ink, even giving ballots numeric sequences with this UV reactive ink.

Then you can just wave the ballot under a UV light and bam... no UV markings/watermarks and you throw it out.

Re:Conspiracy theory

[Dare+nMc]

predict you would have a +5 informative post had you instead said:
Or would they instead go with the other manufactures who have less secure, but easily rigged (by those in power) machines.

I can tell you exactly why this is so

[pangur]

I work for a bank, and we get audited by both the Feds and the state every two years. Usually they alternate years, so we are either getting ready for an audit, getting audited, or responding to an audit.

There's nothing like having someone over your shoulder saying things like:
"How would this look if I had to explain this to an auditor?"
"If the auditor were to ask about this, what would I say?"

Banks will pay the extra money to secure an ATM because if we don't, we get screwed. Our board of directors finds out that the IT department didn't secure the ATMs, bringing down our overall audit score. Our bosses boss gets questioned. We spend money. We fix the problem. We look at everything else that could go wrong, and try to fix it ahead of time. We test, and prove that we fixed it with documentation.

Meanwhile, independant private auditors that we hire scan our network and tell us things we need to fix. Sometimes what they suggest that we do defies reason. We either have to do it, or explain why we can't. We then have to explain to several layers of management why those suggestions are bunk. Sometimes its easier to go with the suggestions after all.

Now, elections are local matters. City by city, county by county, state by state. Who audits them? Which voting jurisdiction wants to spend the money to have someone point out that the new machines they just bought are vulnerable to such-and-such condition using tin foil and fingerprint molds made of jello? The local officals then look bad, spend more money, and then lose the next election for overspending. The idea of something being "good enough" happens here.

And let's face it, let's say the feds set up a auditing board for state and local elections. Several things will happen:
+ Local government officials may go nuts at having federal officials show up at their local town hall trying to run things.
+ If a bank fails an audit, the Feds will take it over. If it's really bad, they'll shut the doors that day and the bank may never re-open. If the county voting machines don't pass federal muster, what will the Feds do? Invalidate the votes? Shut down the voting? You can always go to another bank, or not bank at all. Where else can you go vote? Voting is a right, banking is not.

Simply put, banks have to compete with each other, and are highly regulated. If the Feds don't like how we do things, we change them. If we can't give the customer what they want, they go elsewhere. You have to vote under your local government, and there is nowhere else to go unless you move. Voting is not regulated by the Feds because of separation of powers between the states and the Feds. So, yeah, ATMs will be more secure than voting machines, and will be for the foreseeable future.

The only fix is to have an enforceable Federal audit, with penalties for mismangement. I beleive that people who tend to think that will happen tend to beleive that we are a government with fifty administrative districts, rather than fifty states that have a common government.

I beleive that if you want to give the Feds the power to regulate elections, you then give the Feds to power to rig the elections. The hue and cry over Florida in 2000 and Ohio in 2004 will be minor compared to the fits people will have when their favorite candidate loses nationally when the "exit polls" said otherwise, and it just so happens that the previous President was of the same party as the "winner". But the Feds said everything was kosher, because they controlled every part of the process, and invalidated votes from places that just happen to be predominantly voting the other party.

But the aren't Federal elections...

[alexhmit01]

There are 51 electoral races in the country, since each state (and the District of Columbia) choose to hold elections for electors instead of the state legislatures choosing them. However, those are state races, not Federal ones. Senators, since directly elected, are statewide elected races, but other than the Constitution requiring them to be directly elected, didn't change them from state selected officals to Federal ones. That's why, in a vacancy, the Governor appoints the replacement subject to that state's rules. House races are Federal in nature, but even those are only quasi-Federal since the state legislature designates the districts.

The sovereign US states possess control over many areas in this matter... the Federal government can put restrictions on Federal money, but that's about it.

Keys purchased over the Internet

"...could be opened with a standard key... available for purchase over the Internet."

Over the Internet - will it never end?
  Wtf does the Internet have to do with it?! Stick to what is relevant, in this case, that the item in question is "freely available for sale".

Yes, the wording was probably meant to convey convenience/low level of effort required. Yes, Slashdotters know it means nothing. But, to many, it implicates the the Internet for making scary keys so easily available when, in fact, the problem is the poor locks were used, open to anybody willing to spend 3 dollars.

What if it had said ".... available at many a DIY/hardware store", or "available through mail-order" or even "could be made at home" (which to the right-thinking, fear-ridden, populace basically means 'by any terrorist').

Oh this again

[Touvan]

Oh here we go.

The problem with voting machine has never been the robustness of them. The problem is one of incentives, and worse, political incentives.

Banks have a great deal to lose if their ATMs fowl up and someone loses some money.

Voting machines do not have the same incentive to be accurate - in fact, the incentives are the opposite for the politicians who must pay for these. Politicians have always, and will always try to steal votes. It's that simple. If you make it easier to do, by making stupid machines that are set up at a central location, you are inviting that kind of theft. It's simply too easy for a small number (or even just one) of people to manipulate these things - and there can be no check and balance on them, since you can't look inside them while they are running to be sure they haven't been tampered with (unless you have the ability to look at the running source code - which you don't).

Voting machines can never, ever be made trust worthy - ever.

We really should stop spending all this money on a system that will simply never ever work. If you can't look in the machine and see what it's doing (like with a electronic machine) then you simply can't trust it, unless the incentives are in the right place. And they are most assuredly not in the right place with voting machines.

I guess as we like to do in the United States of America, we will figure this out, and do the right thing in the end - after we have exhausted all other options.

Sheesh.

Scantron Sheets in NH

[dfenstrate]

New Hampshire and several other states use black markers, a scan tron sheet, and just a few scanners at each polling location.

Quite frankly I don't see the need, under any circumstance, to get more complicated than this.

Simple voting procedure, quick electronic counting, and a clear & easily verifiable paper trail.

If you wanted multiple voting reciepts, then it would be a (relatively) simple matter to hook up a printer to spit out a copy/reciept of each ballot inserted- but I don't really think that's necessary either.

Re:Scantron Sheets in NH

[Rich0]

See my comment here...

There are shortcomings to this approach.

Less functions = less expensive

[stewbacca]

less money is spent making an electronic voting machine than on a typical ATM Perhaps that is because an ATM has far more functions than the typical voting machine would ever have.

ATM Cost

[ryguy]

I am not sure how much one of those tiny little voting machines cost but I am glad that it does not cost as much as a Diebold ATM. I am an IT Manager for a bank that owns 9 Diebold ATM's. We do not even buy the fancy ATM's with all of the bells and whistles and they run us upwards of $40k a pop. From what I understand, the ATM's that can do on the spot check scanning and other advanced features like that cost upwards of about $80k. I would bet that there is 20x more cost in raw materials alone for an ATM than there would be for a voting machine. (I am talking about bank ATM's and not the little corner convenience store ones) The vaults on the ATM's are at least 1/2 if not 3/4inches thick. They have more security sensors on them than the bank building itself has. (IIRC there are around 14 sensors on them that will set off an alarm)

All that to say, if our government spend upwards of 40k per voting machine, I would be hugely pissed off... especially since the paper systems would have worked just as well for a fraction of the cost.

Diebold banking machines are not a good benchmark

Considering that I've seen diebold banking machines hardlock on customers and my dad had one hard lock on him (though I didn't witness that) I don't have a lot of faith in their banking machines as any better a standard than their voting machines. Managers don't seem to properly grasp the problem of a banking machine that's locked mid transaction, and then you get into the question of lost cards etc..

This is in peterborough Ontario at TD bank.

Doesn't matter. Don't secure the machines.

[swillden]

It's been said many times, here and elsewhere, but I think Ron Rivest (the "R" in "RSA") put it very well in his keynote address at the RSA Security conference a few weeks back: Electronic voting must be software-independent to be secure.

If you have to care what software is or is not running on the hardware, or what kinds of hacks may be in the hardware itself, then the voting system is insecure and must be replaced. Why? For the simple reason that there is no practical way to assure that the hardware and software are untampered. Therefore, to have a secure voting solution, you must design a voting system where tampered hardware or software cannot undetectably modify the results.

And, strangely enough, it's not even very difficult to achieve this.

Vote at the ATM

Well... ya know.... my Identity is already on file with the credit card company/bank that issues my cards, and ATMs are pretty impressive as far as what their software can do.... why not make it so people can vote at the ATM? I bet it would be more secure, and there would be more voters because they can vote just about anywhere.... bank, arcade, strip club, most gas stations, the laundromat, or a million other places. For people without bank accounts or ATM cards, keep the regular voting centers open as well, but I bet it would cut down on lines, and other issues that come with running a voting location.... think about it, it would be great!

This raises a good point about who's to blame...

Of course, Diebold produced these machines and I'm not sure that I would want to go on record as defending them. But who defined the specifications? You can't spend more time/money than what the customer wants spent. That is... they couldn't make the machines more secure than the customer asked for as that would cost more. So... did Diebold drop the ball and not produce to the specs... or did the government drop the ball and not spec the machines properly? If Diebold dropped the ball, they are liable to the government. If the government dropped the ball, they are liable to us.

Big shocker...

[geminidomino]

Haven't we already figured out that a broken slinky is more robust than a Diebold voting machine?

In defense of Diebold

[PPH]

ATMs are the target of physical attacks far more often than voting machines are. ATMs are installed in unmonitored locations. Voting machines are not. The object of an attack on an ATM is to get the money out. Leaving evidence of damage behind isn't an issue with an ATM. OTOH, voting machines can be secured with simple tamper seals.

When was the last time you saw a surveillance video of a couple of yahoos chaining a voting machine to the back bumper of a pickup truck and dragging it away?

Re:In defense of Diebold

[glassboxvoting]

Voting machines are publicly visible during an election, but before and after they are not. Also, tamper seals do not help when the machines are vulnerable through their data ports. Ed Felten and Avi Rubin demonstrated an attack using a virus propagated via memory card: http://tinyurl.com/kven7 Quoting from the abstract of their article: "For example, an attacker who gets physical access to a machine or its removable memory card for as little as one minute could install malicious code; malicious code on a machine could steal votes undetectably, modifying all records, logs, and counters to be consistent with the fraudulent vote count it creates. An attacker could also create malicious code that spreads automatically and silently from machine to machine during normal election activities â" a voting-machine virus. We have constructed working demonstrations of these attacks in our lab."

Re:In defense of Diebold

[PPH]

All that is needed is to establish a s/w q/a procedure to scrub and re-load the machines flash drive once the machines are put into place the morning of voting day. Ports can be sealed with tamper-proof tape. If found broken the affected systems can be quarantined pending forensic analysis.

The issue of voting machine security isn't the same as that of cash machines. Its more an issue of software and process design and implementation. Diebold's expertise in building hardened systems for banking aren't really applicable to the voting problem.

Re:In defense of Diebold

[glassboxvoting]

Good points, but who do you trust to load the machine's flash drive the morning of election day? How do you convince me to trust the person who loaded the flash drive? How do you and I convince the crazy guy down the street who thinks the government is listening to him through his drains? Obviously the last guy is a lost cause, but my point is that a well designed system should minimize the number of roles that can only be filled by trusted agents, since trusted agents are hard to come by in a domain as fraught with conflicts of interest as public voting.

Re:In defense of Diebold

[PPH]

You make the process simple enough so that you trust the same people who, in past elections, sealed the ballot boxes delivered to the polling places. If they can be trusted not to add a batch of pre-marked ballots, they can be trusted to plug in a USB drive, press the 'Upload' button, verify the displayed key hash against a printed copy and then stick a piece of tape over the USB port.

Nobody is going to convince the guy wearing the tinfoil hat that the system wasn't rigged somewhere along the line. But that guy was the same one who didn't believe that the truck carrying the old ballot boxes wasn't hijacked and tampered with.

Re:In defense of Diebold

[glassboxvoting]

Instead of a keyed hash verified by a human, I would prefer a digital signature verified by the equipment.

not that important

Voting isn't that important, and by extention voting machines...uh, it's only the fundamental backbone democracy. No biggie. (sarcasm meter = 10)

Hey, Wait a moment ATM are also soooo insecure!

[Cumanes-alpha]

Many of you are taking as true the central statement without even thinking what the "security level" of a Diebold machine actually is. I've been working to secure a large platform of this machines and let me say, (beside the physical security level, which I'll not discuss here) that each one of these are as insecure as a Win XP default installation is. Besides, is almost trivial to capture sensitive information of transactions and do ___insert_here_your_evil_plans____. Happily enough we now are starting to close the most important security gaps with not-so-ellegant solutions and workarounds. Thinking of this, and assuming that the security levels of voting machine are lower than the Security Levels of ATMs, I can only say (no sarcasm here), God help all the countries that delegates their fate on this machines. I Don't see this about a matter that Diebold care more for Banks than it does for government or the people, I see that this is an irresponsible approach of a seller, because it's saying (for what I Read), hey, I can make it more secure, but it will cost more!, HELL!, sell your product complete you Moron!, and HEY Government, don't buy this kind of stuff if it lacks something. Now were going to see semaphores without green lights or tanks without guns, because if they have those, they're gonna cost more money. Hell, I'm pissed again.

Re:Hey, Wait a moment ATM are also soooo insecure!

[gujo-odori]

Thankyouthankyouthankyou! I was reading the summary of TFA and the quotes and thinking back to my years in the mainframe business, working at a bank. I didn't have to directly touch ATMs, thankfully, but those who supported them had one brand among our several vendors that they loathed above all others because of chronic reliability problems in all of them (hardware, mostly; this was in the pre-Windows era or it could have been software, too ). Guess which one it was?

That said, and I hate to say anything in defense of the Artist Formerly Known as Diebold, but of course you'd spend more to build an ATM than you would to build a voting machine. An ATM is a larger, more complex device, communicating over a WAN with a central computer system, and with lots of moving parts that have to accurately dispense money, accept deposit envelopes, maybe record video, be difficult to break into while unattended, etc. A voting machine probably *sells* for less than it costs to make an ATM.

That said, to more fully appreciate how much ATMs sold in the US suck, one needs to visit Japan. Japanese ATMs are not only smaller and faster than US ones, but are far more functional. The majority of them talk (not listen), and some support both English and Japanese speech, while more others have E/J bilingual text. When you make a deposit, you don't have to use an envelope. You put cash in the bills receptacle and coins in the coin hopper, and the ATM counts it for you right there (quickly!) and credits your account. In 8 years I never saw one make a counting error. You can also do wire transfer from pretty much any ATM in Japan to any other domestic bank account. You key in the amount,the recipient's name, bank, and account number (on a touch screen, usually), and you're done. The ATM may also offer to print a card for you encoded with the recipient's info, so that if it's someone you make payments to often, you just have to slip the card in the ATM after your ATM card, enter your PIN and the amount to send, and you're done. I don't know if that's such a good idea from a security standpoint, but it's sure convenient.

And again, they do all this in a smaller machine than US ATMs. And they were doing all this 6 years ago when I left Japan. Who knows what more advanced features they might by now? And if that's not enough, if you see a Japanese ATM out of service, it's probably just out of money. I never saw one that appeared to be actually broken. They must fail sometimes, but it's rare.

Another way,then, of looking at the spokeshole's statements is "You guys spend that much money building an ATM and that's the best you can do?!?!"

LOL HY PROZAK

HY LOL

Sorry but...

[Scuzzm0nkey]

The M stands for machines. It's not Automated Teller Machine Machine. I realize this has no bearing on the subject at hand, it just needed to be said.

Maybe I'm just jaded...

[soren42]

But thank god! I honestly believe my bank accounts are worth a helluva lot more than my vote. Maybe I'm just a little too cynical (or too rich, I suppose - right!), but, honestly, who's really going to try to "steal" an election though the use of electronic fraud? I mean, there are much easier methods to steal an election, like using the court system - right?

I'm honestly pleased that Diebold (Premier, whatever) is putting more effort, money, and focus on securing, developing, and making ATMs more robust than voting machines. It has more impact on the user at the end of the day.

(And, let me be clear - I always vote. I'm not just some loser non-voter who thinks all votes are worthless. I just think that, in comparison, my ATM card is worth more than my ballot.)

That's not ironic!

[Translation+Error]

It's just an amusing coincedence.

If we're so damn good with money,

[v(*_*)vvvv]

then why can't we just have a bank account for each candidate, and have voters deposit 1 cent to the candidate of their choice?

I mean, if someone could hack their account and change the balance this wouldn't work, but it seems the banks have figured this one out.

Whoever has the most money at the end of the day wins!

ironic?

"The ironically named Riggall.."

It isn't irony, it's nominative determinism (http://en.wikipedia.org/wiki/Nominative_determinism)

The different between ATMs and voting machines

[glassboxvoting]

They have inherently different security requirements. As QuoteMstr mentioned, ballot anonymity is in direct conflict with the detailed logging required for financial transactions. In addition, bank employees are trusted agents (else why did you give them your money) where a voting system should be designed such that elections administrators have role separation and accountability and need not be fully trusted. I wrote about this last month: http://tinyurl.com/5l3vc8

Welcome to economic reality

[caudron]

I commented on this in previous posts, but yeah, ATMs make them good money. Voting machines are government contract BS work, where the customer is as likely to bitcvh and sue as be happy. They are more trouble than they are worth.

I'm no fan of Diebold, but I don't envy them. I would have just left that industry rather than tarnish my ATM rep with a non-profitable side business.

-Tom Caudron