Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bev Harris of Black Box Voting Releases Accenture's Voting Software

Posted by timothy on from the ignore-man-behind-curtain dept.

Gottesser writes with this excerpt from Bev Harris's Black Box Voting: "I have found and posted the actual voter list software used widely throughout the USA (TN, WI, PA, CO, KS...) for Accenture voter registration and voter histories. I located the files on a magnetic backup tape of the hard drive of a county elections IT employee, part of a 120-gig set of discovery files. The Accenture voter registration / voter history software is highly problematic, and has been reported switching voter parties in Colorado, and losing voter histories in Tennessee. Although it is now widely known that Accenture voter list software gets it wrong, just WHY the program misreports voter information so often has never been explained. I am hoping that by releasing this software to the public, it may shed light on what's really going on with our voter registration systems. I also posted a Tennessee file with work orders and release notes which shows the Accenture software has a history of tripling votes in certain ('random') voter histories, going back to 2004. Except it is not random: Other files I discovered prove it is with primarily suburban Republican precincts that votes are somehow being recorded twice and sometimes three times for certain voters in the voter history report, and this didn't just happen in 2004; it also happened in the 2008 presidential primary and in May and August 2010, and according to election commission notes in Shelby County, also in the 2012 presidential primary. Computer buffs, have at it. Much source code exists within the structure because it is built on MS Access. I do not read source code, though I can see some structural problems with the software (for example, it allows political party ID to be set differently from one precinct to another)."

9 of 245 comments (clear)

  1. Good work by Hatta · · Score: 5, Insightful

    Now how long until Harris is sued?

    --
    Give me Classic Slashdot or give me death!
  2. This will be really interesting by Omnifarious · · Score: 5, Insightful

    There have been a whole lot of election shenanigans in this country and in Canada. And while I don't doubt both parties have done this sort of thing, and do this sort of thing, it seems to be the Republicans who've been the biggest culprits these past 10 years or so.

    Personally, I really like the anonymous electronic voting systems based on David Chaum's digital cash work. They look like they might be independently verifiable by third parties and anonymous at the same time.

    --
    Need a Python, C++, Unix, Linux develop
    1. Re:This will be really interesting by Mister+Transistor · · Score: 5, Interesting

      How about the President of Diebold quoted as saying they were "committed to helping Ohio deliver its electoral votes to the president next year." (source: http://en.wikipedia.org/wiki/Premier_Election_Solutions).

      If that isn't a obvious Freudian slip indicating their conflict of interest with the Republican party, I don't know what the fuck is. Yes, the Dems liked the idea of e-voting but this was before the Repubs perverted the realization. The Republican party objected, then quickly found a way to get their unregulated business-connected fucktard "partners" to trample all over the process and game the system in their favor. Yeah, letting businesses run wild and do whatever they want is a REALLY GOOD thing for this country. NOT.

      --
      -- You are in a maze of little, twisty passages, all different... --
    2. Re:This will be really interesting by crazyjj · · Score: 5, Insightful

      And will likely vote for him again because...

      ...the alternative is a fucking nightmare.

      --
      What political party do you join when you don't like Bible-thumpers *or* hippies?
    3. Re:This will be really interesting by Holmwood · · Score: 5, Informative

      I'm on the conservative/libertarian side of things most (but not all) days, but the quote is real, assuming you accept the NY Times as a source.

      http://www.nytimes.com/2003/11/09/business/machine-politics-in-the-digital-age.html?pagewanted=all&src=pm

      The context is important; O'Dell wrote this as a Bush fundraiser in a fundraising letter, not in his role as Diebold president. That said, reverse it, if he'd been a Kerry/Obama backer and done the same; Republicans would be rightly very suspicious.

      We've had issues with robocalls and funding irregularities in Canada, but not, as far as I am aware, any significant credible allegations of ballot or vote fraud.

      In the last couple of elections, where I live, we've used paper ballots (filled out with a pen) sometimes coupled with optical scan. (The disabled can have someone assist them.) This provides a surprisingly useful audit trail. (e.g. consider a box filled with ballot papers all marked for one candidate, all with a very unusual pen colour. Don't laugh, it's happened in places like Texas).

      Voters are enumerated, door-to-door by multi-party teams of volunteers. To vote you have to show photo id. Felons and prisoners are able to vote; we think it's unfair to deny politicians the vote. I strongly suspect the level of voter fraud and machine politics is substantially lower than the US; history generally seems to bear this out.

      The Canadian system is far from perfect, though I'm inclined to think, like the banking system up here, it's somewhat superior to the current US system.

  3. On the dangers of voting machines by unwastaken · · Score: 5, Informative

    Submitted this related article to Slashdot a few months ago. Bev Harris looked into this as well.

    To sum up the above link: An interesting phenomenon has occurred in every state of this year's Republican primaries. Votes appear to be flipped away from other candidates in favor of Romney, with a 99% correlation to precinct size. Although votes are "canvassed" (checked) after each primary, the methods used are primarily designed to detect vote stuffing, rather than vote flipping.

    This phenomenon has recently been shown to be absent if you can get your hands on poll tapes from individual machines, rather than from voting tabulators (machines that count the totals from the various voting machines).

    Voting machines are just scary stuff. More so since poll tapes are not always made readily available. Thankfully, a bill was recently introduced that would require poll tapes from individual machines (not just tabulators) to be made available by the next day following an election.

  4. Re:In Maryland Republicans opposed e-voting by GodfatherofSoul · · Score: 5, Informative

    "Just rammed it through" def'n: any legislation that passes that you don't like.

    --
    I swear to God...I swear to God! That is NOT how you treat your human!
  5. Re:Accenture wrote it?(Mod Me Up,Good Info herein) by Anonymous Coward · · Score: 5, Informative

    They built a MS Access DB for the front-end and used SQL for the back-end, this is industry standard for small business clerical solutions and is dirt cheap to do.

    Microsoft has a nasty habit of removing functions out of DLL's to provide security, or changing their behavior so code breaks in ways nobody notices. Either you patch and you have a reliability problem, or you don't and get a security problem.

    It's very likely the town decided they wanted to that setup because it's easy to exploit.

    Where Accenture comes in as being a boatload of fail, is that they didn't build ANY database validation or security into their system. It's RIDICULOUSLY simple to set up several blob's for each site, set up security-per-blob by site logon, set up kiosks under guest accounts in AD that have access to just their blob, have the data aggregate into those blob's, then run a report to tally, and here's the fail part, AND ANOTHER REPORT TO CONFIRM OBVIOUS MISTAKE ON THE ROLLS A MONKEY COULD SPOT ARE NOT HAPPENING!

    Voters voting twice, the number of votes on a field being counted several times, data field error checking to ensure valid characters are in a class...the STANDARD stuff. And we aren't talking about egregious or eccentric databasing here, we're talking about plain old simple databasing; field 1 is a name, field 2 is an address, field 3 is a telephone number, field 4 is the representative they wanted to vote for and so on and so on.

    If Accenture wants to come clean, give us the design document the were handled to perform the contract, in fact, I'd FOIA that sucker in light of this offense.

    IMO Windows has too large of an attack surface to be used for this; you need something with a minimal attack surface that can be updated and set up as needed. You need either Windows Server Core, or Linux. Heck, even Mac OSX would be better suited than XP or 7.

  6. Pearls of Wisdom from 6+ years in the field. by Gottesser · · Score: 5, Interesting
    I posted the article from Bev's press release. I worked on election fraud in 2004 for six years in Ohio. I was *hoping* all that time that we would find Democrats rigging for democrats. I had a punnet square going in my head. By and large 2004 was rigged for Bush. However, in the 18 of 88 counties we looked at what we found in over 30,000 photos of 126,000 ballots, poll books and signature books is that yes, Democrats sometimes rig for Republicans and Republicans sometime rigged for Democrats in down ticket races. The thing is that in a lot of Boards of Elections (county level) the "bipartisan" means someone switches parties. Sometimes this is a even a family member (the easiest one to push around).

    The recommendation and rationale goes like this... The person I trust is not necessarily the person you would trust therefore we need transparency. No system can be secured against its administrators therefore we need transparency over security.

    We must be able to verify four things. 1) Who can vote 2) Who did vote 3) Chain of custody 4) Vote count

    Failing any of these points our elections are simply staged theater. Right now, we're failing ALL these points. No electronic system can be verifiable. Can't be done. Even under a paper system its difficult to put checks in place and to have mechanisms where a single voter or group of voter can raise a concern (even an honest mistake) and have it taken care of. A botched election is notoriously hard to clean up. Especially because recounts can and have been rigged. Litigating election issues is nearly impossible. The integrity of the election cycle must be maintained so no voter off the street and even most candidates can't get an issue in court with enough time to change the outcome of an election.

    Therefore. *Most* Long term Election Integrity activists have come to support this basic starting principal: "Voter Marked Hand Counted Paper Ballots, Counted at the polls, on election night, no matter how long it takes, in full public view before all those who want to witness the count and before the ballots are moved and chain of custody issues arise."

    Now. That handles points 3 and 4 but to be honest. 1 and 2 are tricky. They kinda require databases at this point because unlike the pool of poll workers this system don't scale well with the population. Bev's been finding voter histories have been erased in several counties in Tennessee. This is important because if a registered voter hasn't voted in a while then as part of house keeping (the person may have died or moved) they eventually get purged from the voter rolls. So someone(s) in Tennessee is erasing peoples' vote history so they get purged, show up at the polls and can't vote. There's already been some court rulings to handle this. The point is we need to remain vigilant and we need things transparent so we CAN be vigilant. We don't need computers to solve everything. We need the public to relearn how to do their civic duty and to do that civic duty.