Slashdot Mirror

← Back to Stories (view on slashdot.org)

Diebold Admits Flaw In Voting Software

Posted by samzenpus on from the is-anyone-shocked dept.

NewYorkCountryLawyer writes "At a public hearing in California, Diebold's western region manager has admitted that the audit log system on current versions of Premier Election Solutions' (formerly Diebold's) electronic voting and tabulating systems — used in some 34 states across the nation — fails to record the wholesale deletion of ballots, even when ballots are deleted on the same day as an election. An election system's audit logs are meant to record all activity during the system's actual counting of ballots, so that later examiners may determine, with certainty, whether any fraudulent or mistaken activity had occurred during the count. Diebold's software fails to do that, as has recently been discovered by Election Integrity advocates in Humboldt County, CA, and then confirmed by the CA Secretary of State. The flaws, built into the system for more than a decade, are in serious violation of federal voting system certification standards."

29 of 281 comments (clear)

  1. and who's going to CARE? by v1 · · Score: 4, Insightful

    The flaws, built into the system for more than a decade, are in serious violation of federal voting system certification standards.

    Sure, you and I care, but who's the them that's going to DO anything?

    Besides the obvious "toss them out on their arse", I'd like to see them heavily fined. And I mean like "we want a refund"

    --
    I work for the Department of Redundancy Department.
    1. Re:and who's going to CARE? by iminplaya · · Score: 5, Funny

      And I mean like "we want a refund"

      Yeah! I want my eight years back!

      Nader 2000

      --
      What?
    2. Re:and who's going to CARE? by BSAtHome · · Score: 4, Interesting

      "we want a refund"

      But the problem is that they probably have a EULA which excludes any damages in whatever form whatsoever (limited warranty). This would then require the invalidation of that clause, which then could be a devastating result for the software business as a whole. No software company wants to pay for any damage ever...

    3. Re:and who's going to CARE? by afidel · · Score: 4, Interesting

      Well at least here in Cuyahoga County, Ohio we threw out the massively expensive and even more massively flawed Diebold systems and went with proven, reliable optical scan machines. I haven't heard anything about the board of elections trying to recoup some of the millions we spent on those things but I agree that they definitely should have sought compensation.

      --
      There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
    4. Re:and who's going to CARE? by pjt33 · · Score: 4, Interesting

      It's a shame your constitution defines treason so narrowly.

    5. Re:and who's going to CARE? by HTH+NE1 · · Score: 5, Insightful

      There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.

      And if your goal is the opposite, what is the order in which one removes these boxes from use?

      --
      Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?
    6. Re:and who's going to CARE? by WNight · · Score: 4, Insightful

      Soap, ammo, jury, and leave ballot because it doesn't change anything anyways.

    7. Re:and who's going to CARE? by c41rn · · Score: 5, Informative

      I don't know if you were going for sarcasm or missed it in the article, but the machines in question (the flawed machines in Humboldt County) ARE optical scan machines. They are made by Diebold and they have software flaws that cause errors in how the votes are tabulated. For example, their software was in some cases dropping the entire first batch of scanned ballots (batch 0).

      However, it is precisely because they are optical scan ballots - with a paper trail - that led to the flaw being found. Mitch Trachtenberg, a volunteer AFAIK, was able to scan all of the ballots post-election and tabulate them using his own open-source software. The discrepancy between his results and the official results is what led to the discovery of the flaw in Diebold's software.

      I'm glad that they were using optical-scan ballots and that they saved the paper copies (and made them accessible), but it's still vulnerable to software flaws, "errors", etc., even if it is optical scan.

    8. Re:and who's going to CARE? by Joce640k · · Score: 4, Insightful

      Refund or not, the Diebold saga is now five or six years beyond being funny. They should have lost whatever contract they have *years* ago.

      --
      No sig today...
    9. Re:and who's going to CARE? by gd2shoe · · Score: 4, Insightful

      "contracts"

      There fixed that for ya. This distinction makes it all the less funny. it's not just a single idiotic/corrupt bureaucracy that has bought into this, it's a great many of them.

      --
      I won't join Slashcott. OTOH, If Beta goes live, I just won't be back until it's fixed. Sorry Dice.
    10. Re:and who's going to CARE? by Haeleth · · Score: 4, Insightful

      There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.

      And if your goal is the opposite, what is the order in which one removes these boxes from use?

      One doesn't.

      There's no need to remove the soap box. It's easier just to force your opponents to take even more extreme positions against you, so that people just stop taking them seriously.

      There's no need to remove the ballot box. Half the country would still vote for your party even if its leader publicly killed a kitten at every campaign appearance, and the other half would still vote against you even if you were running against Hitler.

      There's no need to remove the jury box. You just need to make sure you select the right juries.

      And there's no need to remove the ammo box. A bunch of ragtag militias with peashooters can't pose any realistic threat to your rule. (You might, however, beneficially threaten to restrict gun ownership, because that guarantees that all the gun nuts will concentrate exclusively on protecting their precious gun rights, and won't notice anything else you do.)

  2. Umm, duh? by girlintraining · · Score: 5, Insightful

    These flaws have been reported in many mainstream press outlets, investigated by a half-dozen independent groups, and yet it was still cleared for use in state, county, and federal elections. Let's ignore Diebold for a minute -- I know plenty of other people here will (rightfully) hang them. This points to a major systemic flaw in our certification programs for voting machines. Period. End of discussion.

    This isn't just Diebold. This is dozens of state, local, and federal agencies that abjectly failed in their duties to their constituents to protect the voting system. This is huge. Epic. I cannot stress enough the damage this has caused to the confidence in the system. Again, let's ignore Diebold and ask the really hard question -- Where do we go from here? Can e-voting systems be trusted? What changes need to be made to the system (and they better be major)? What do we do to restore voter confidence in a system that just got skinned, gutted, and mounted?

    --
    #fuckbeta #iamslashdot #dicemustdie
    1. Re:Umm, duh? by geekoid · · Score: 5, Insightful

      e-voting can not be trusted. Not at all.

      Hell I can give you code that looks perfect, but then have the compiler put a backdoor in for me.

      Computer science is not ready for this type of system to be used on a scale the size of a state.

      --
      The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
    2. Re:Umm, duh? by Hatta · · Score: 4, Insightful

      What do we do to restore voter confidence in a system that just got skinned, gutted, and mounted?

      Skinning, gutting, and mounting those responsible for certifying these machines would be a good start.

      --
      Give me Classic Slashdot or give me death!
    3. Re:Umm, duh? by InlawBiker · · Score: 4, Funny

      Since paper voting -- given enough effort -- can also always be corrupted, we may as well go with the new, efficient tech. Where before people had to collude, hide, counterfeit or use some other elaborate scheme to throw an election, now all they have to do is:

      DELETE * FROM VOTES WHERE CANDIDATE = 'OPPONENT';

      Think of all the man-hours being saved.

    4. Re:Umm, duh? by MightyMartian · · Score: 4, Insightful

      Canada uses paper ballots. Care to name the last time there was any evidence of ballot stuffing?

      This claim of some major flaw in paper ballots is a load of horsecrap. It's been the line of inept goons like Diebold, and it's just plain false.

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
    5. Re:Umm, duh? by arth1 · · Score: 4, Insightful

      Skinning, gutting, and mounting those responsible for certifying these machines would be a good start.

      The problem, as I see it, is that the certification process is a farce. The vendors who sell something sign that they meet the requirements. If "independent" testing is required, the vendor pays for that too, hiring "independent" testers to sign papers.

      I.e. it's all based on trust. No, sir mayor, I can assure you that there's NO offal in our sausages!

      Until the government people who make the requirement actually do QA testing themselves, without "assistance" from the vendors, the public is going to get scammed. And this will continue as long as we here in the US have a deep distrust for government, and rather would hire companies and corporations to do the job instead of hiring government workers at a decent pay. There are neither people nor funds for the local governments to do the job themselves, so they HAVE TO trust the vendors or their cronies.

  3. Calling into question... by gznork26 · · Score: 4, Interesting

    ...every election that these machines have been used for in each of those 34 states. If the machines should not have passed certification, and yet they were certified (were they?) then the agency doing the certification ought to be brought up on charges as well, and any OTHER systems that they certified ought to be open to question as well. This could get you dizzy.

    ---
    Read my political short stories at http://klurgsheld.wordpress.com/

  4. Funny how they admit flaws by rackserverdeals · · Score: 5, Funny

    when they lose the election.

    --
    Dual Opteron < $600
  5. American Idol by Greyfox · · Score: 4, Interesting
    We can vote with high confidence for American Idol but the guys who make our freaking ATM machines can't get it right? Maybe the American Idol guys should be making our ATM machines instead.

    Up until the last election it seems that most Americans thought the election for American Idol was more important. I hope that the last election marked a change in this attitude. It'd be nice if we could avoid electing another idiot to high office... Aaah who am I kidding?

    --

    I'm trying to teach myself to set people on fire with my mind... Is it hot in here?

  6. One Word: Scantron by indytx · · Score: 4, Insightful

    We can all agree that punch cards are terrible, but there are other alternatives which are secure and accountable. Scantron ballots are used in Texas, and there's always a paper ballot trail of the actual vote in case of a ballot contest. I'm no Luddite, but I've never understood this rush to replace technology that works with the next big thing just because it's the next big thing.

    --
    Make love, not reality television.
  7. I've seen it by Anonymous Coward · · Score: 5, Interesting

    I used to work as a "Computer Audit Analyst" for the Florida Division of Elections, certifying voting systems for use in the State of Florida. Certification for Premier/Diebold, ES&S, and Sequoia was pretty much a given, no matter the fact that their systems are complete shit and the certification process is a joke. Scan a few thousand ballots, have an independent testing lab review your source code, and you're good to go. Google "sequoia yellow button" to see what I mean.

    Not to mention the attitudes of the folks who work there. They call people like me "activists" with a sour tone of voice, grudgingly fill public records requests, and the newly-built [2006] voting-systems lab was the size of a damn closet. Think the types of people who think F/OSS is so high-school students have something to tinker with.

    Sadly, most American voters don't even think about the voting backend, and are wholly uninterested in the fact that three corporations have a legally-enforced triopoly in voting equipment, sell overpriced shit to the counties, and take legal action against anyone who finds security flaws in their systems.

  8. They've admitted lots of flaws. by palegray.net · · Score: 4, Interesting

    Many of them have represented material breaches of public trust, and have uncovered dishonest development and business practices throughout their organization. Yet they're still selling voting systems to several states. Unbelievable.

    --
    512 MB RAM, 20 GB disk, 200 GB transfer, five datacenters. $19.95/month.
  9. It's not a bug; it's a feature! by Locke2005 · · Score: 4, Insightful

    I'm much more worried that the Diebold system works exactly as designed, which is much more sinister than a "flaw" unexpectedly creeping into the software. I say the developers should either prove this wasn't intentional or go to jail for conspiracy to commit election fraud.

    --
    I've abandoned my search for truth; now I'm just looking for some useful delusions.
  10. There is a lot of talk, and little action. by Futurepower(R) · · Score: 5, Insightful

    'The "them" will "do" what they can to steal an election here and there.'

    That seems to be the correct interpretation, that the flaws are deliberate. If there were a few defects and they were corrected immediately, that could be accidental. But we've been discussing Diebold flaws for years. Most Slashdot readers, I'm guessing, would be fired for living with something so buggy.

    Diebold changed the name of its unit that sells voting hardware and software to Premier Election Solutions. Don't be confused; it's still Diebold.

    1. Re:There is a lot of talk, and little action. by commodoresloat · · Score: 4, Funny

      Most Slashdot readers, I'm guessing, would be fired for living with something so buggy.

      Not me; I work for the government!

    2. Re:There is a lot of talk, and little action. by Foobar+of+Borg · · Score: 4, Insightful

      Here's your very first clue in life, try to hang on to it: Programmers work every day in almost every industry with things so buggy.

      And here's your first clue. Diebold is in the business of making ATMs. That's right. Literally billions of financial transactions, with multiple options and screens to go through on the UI, are performed every year using Diebold ATMs. Yet, they can't seem to get a simple voting machine to work as it should. And you think there is nothing fishy about that?

      --
      Similar to the upcoming US election results
    3. Re:There is a lot of talk, and little action. by u.hertlein · · Score: 4, Interesting

      And here's your first clue. Diebold is in the business of making ATMs.

      Heise security has a story that there's malware around specifically targetting Diebold ATMs running Windows...
      http://www.heise.de/security/Windows-Trojaner-auf-Diebold-Bankautomat--/news/meldung/134794 (in German)
      http://www.sophos.com/security/blog/2009/03/3577.html (blog entry the article refers to)

      --
      Geek by Nature - Linux by Choice.
  11. I guess you never played chess by zogger · · Score: 5, Insightful

    What is it worth, in terms of dollars and power, to hijack big elections, to wind up owning the government? Now, what is the worth of the entire total electronic voting machine "industry"? Now subtract the second from the first, notice the result... in other words, the real vote hijackers never cared a bit about the potential of losing some penny ante chump change pawn company down the timeline sometime, especially if they were the ones "in charge" of "insuring the integrity of the vote" in the first place...

    flatfoot 101, motive, means, opportunity....