I haven't been talking about this one. I guess because it's just too big and scary for me to even think about. But if you haven't at least heard of what is happening with Diebold, and the *serious* problems with their electronic voting machine systems, you should probably be aware.
The story is that the machines are severely compromised from a security perspective. And the company is run by a very right wing republican who has vowed to deliver his home state to Bush in 2004. And the company is going law suit crazy to shut up anyone who publicizes anything about the security flaws in their machines.
Here's a good metafilter round up of the issue.
FWIW (not much probably) I think this is for real. I think democracy, if we still have it post election 2000, is in actual danger. Of course, like I said, I'm not doing anything about it because I am too scared to really think about what's happening. But maybe you should do something about it.
Save me! Thanks.
i agree. this is _very_ scary. among other things this is the easiest way for the republican party to continue its decades-long attempt to bar black voters from the polls. absolutely real and absolutely wrong.
" I'm not doing anything about it because I am too scared to really think about what's happening. But maybe you should do something about it."
Like what, vote?
I don't know, talk about it incessantly in a too loud voice while drinking too much wine with other people who can't do anything about it either?
That's what I used to do at least.
Wow. It's even worse than I thought.
Krugman on Diebold.
Cringely on Diebold Now here's the really interesting part. Forgetting for a moment Diebold's voting machines, let's look at the other equipment they make. Diebold makes a lot of ATM machines. They make machines that sell tickets for trains and subways. They make store checkout scanners, including self-service scanners. They make machines that allow access to buildings for people with magnetic cards. They make machines that use magnetic cards for payment in closed systems like university dining rooms. All of these are machines that involve data input that results in a transaction, just like a voting machine. But unlike a voting machine, every one of these other kinds of Diebold machines -- EVERY ONE -- creates a paper trail and can be audited. Would Citibank have it any other way? Would Home Depot? Would the CIA? Of course not. These machines affect the livelihood of their owners. If they can't be audited they can't be trusted. If they can't be trusted they won't be used.
Now back to those voting machines. If EVERY OTHER kind of machine you make includes an auditable paper trail, wouldn't it seem logical to include such a capability in the voting machines, too? Given that what you are doing is adapting existing technology to a new purpose, wouldn't it be logical to carry over to voting machines this capability that is so important in every other kind of transaction device?
This confuses me. I'd love to know who said to leave the feature out and why?
Next week: the answer. I'm still saying the chances of the next election being decided outside the courts is very very slim. The Dem party machine should really be gearing up for that legal battle. (Are they?) Even though it seems pretty hopeless since we can all guess where the Supreme Court will come down.
Bruce Schneier wrote the definitive book on cyrptography - Applied Cryptography - and is considered the leading researcher on computer security. He also writes an important monthly newsletter called crypto-gram. In this months issue he takes a look at electronic voting machines, ending with these thoughts: My suggestion is simple, and it's one echoed by many computer security researchers. All computerized voting machines need a paper audit trail. Build any computerized machine you want. Have it work any way you want. The voter votes on it, and when he's done the machine prints out a paper receipt, much like an ATM does. The receipt is the voter's real ballot. He looks it over, and then drops it into a ballot box. The ballot box contains the official votes, which are used for any recount. The voting machine has the quick initial tally.
This system isn't perfect, and doesn't address many security issues surrounding voting. It's still possible to deny individuals the right to vote, stuff machines and ballot boxes with pre-cast votes, lose machines and ballot boxes, intimidate voters, etc. Computerized machines don't make voting completely secure, but machines with paper audit trails prevent all sorts of new avenues of error and fraud. I don't see how anyone can conclude that this is an oversight. Taking the paper audit trail out of the voting loop can serve only one purpose - vote fraud. This is not negligence, this is the ground work being laid to steal an election. I cannot imagine any other explanation. But who is behind it?
i wonder where the deanies are on this issue. its perfect for him, full of outrage, hot issue with party faithful. if i were them i would push this and i would somehow get gore out in front of this issue. if he should have a mission it should be to ensure fair voting practices. and now that gore has effectively severed ties with the dlc, he can be more full throated in his liberal pursuits.
Here's another issue: software auditing. Would you fly a space shuttle if the vendor of the flight control software said "It's secret. You can't do a code walkthrough. You can't do simulation testing. Trust us."
"What's required for money machines should be required for voting machines," Senator Clinton said in introducing the bill. "We must restore trust in our voting, and we must do it now."
poor security
"The latest study found that some issues discovered last July in the Johns Hopkins study had not, in fact, been corrected, and that other issues that had not been discovered in other studies were equally troubling. The report can be found at www.raba.com."
How to Hack an Election
NYT (OPED) Published: January 31, 2004
Concerned citizens have been warning that new electronic voting technology being rolled out nationwide can be used to steal elections. Now there is proof. When the State of Maryland hired a computer security firm to test its new machines, these paid hackers had little trouble casting multiple votes and taking over the machines' vote-recording mechanisms. The Maryland study shows convincingly that more security is needed for electronic voting, starting with voter-verified paper trails.
When Maryland decided to buy 16,000 AccuVote-TS voting machines, there was considerable opposition. Critics charged that the new touch-screen machines, which do not create a paper record of votes cast, were vulnerable to vote theft. The state commissioned a staged attack on the machines, in which computer-security experts would try to foil the safeguards and interfere with an election.
They were disturbingly successful. It was an "easy matter," they reported, to reprogram the access cards used by voters and vote multiple times. They were able to attach a keyboard to a voting terminal and change its vote count. And by exploiting a software flaw and using a modem, they were able to change votes from a remote location.
Critics of new voting technology are often accused of being alarmist, but this state-sponsored study contains vulnerabilities that seem almost too bad to be true. Maryland's 16,000 machines all have identical locks on two sensitive mechanisms, which can be opened by any one of 32,000 keys. The security team had no trouble making duplicates of the keys at local hardware stores, although that proved unnecessary since one team member picked the lock in "approximately 10 seconds."
Diebold, the machines' manufacturer, rushed to issue a self-congratulatory press release with the headline "Maryland Security Study Validates Diebold Election Systems Equipment for March Primary." The study's authors were shocked to see their findings spun so positively. Their report said that if flaws they identified were fixed, the machines could be used in Maryland's March 2 primary. But in the long run, they said, an extensive overhaul of the machines and at least a limited paper trail are necessary.
The Maryland study confirms concerns about electronic voting that are rapidly accumulating from actual elections. In Boone County, Ind., last fall, in a particularly colorful example of unreliability, an electronic system initially recorded more than 144,000 votes in an election with fewer than 19,000 registered voters, County Clerk Lisa Garofolo said. Given the growing body of evidence, it is clear that electronic voting machines cannot be trusted until more safeguards are in place.
My day as an election judge.
The good news is that Ohio passed a law requiring a paper audit trail on electronic voting machines. The bad news is that the law doesn't require the paper trail until 2006.
Remember Diebold, the company that makes these machines in based in Ohio, and the president of Diebold: ...told Republicans in a recent fund-raising letter that he is "committed to helping Ohio deliver its electoral votes to the president next year."
And in a close race Ohio could really mean the election (am I right about that? I'm don't follow those numbers too closely, but that's how I remember it: Ohio and Florida as the biggies.)
russert on rose last night said there were 18 states up for grabs the rest are essentially decided. some of the bigger ones are: florida, ohio, pennsylvania, missouri, arizona....
This story is still not getting the play I think it deserves. Here's a new AP story about Bev Harris who seems to have taken the lead in trying to publicize the problem.
But really it's too late. What can be done at this point? The fix is already in.
The only thing I can think that might help is for the networks to reinstate exit polls. Sure they can be unreliable, but what else do we have? If the (even admittedly unreliable) exit polls show a huge disconnect with the "official" count it will not prove anything, but it will at least raise some questions that someone will have to address.
The day after the elections it will be too late to raise any of these issues. At that point you will be painted as trying to overturn a valid election.
I think I mentioned earlier that it seems the dems are over a barrel on this. If they make a stink about it they run the risk of discouraging their large block of disenfranchised constituants even further from the idea of voting.
Absentee voting is the key. The DNC should have a big "get out the envelopes" push.
Oregon's system seems to work well using mail in ballots exclusively.
|
The story is that the machines are severely compromised from a security perspective. And the company is run by a very right wing republican who has vowed to deliver his home state to Bush in 2004. And the company is going law suit crazy to shut up anyone who publicizes anything about the security flaws in their machines.
Here's a good metafilter round up of the issue.
FWIW (not much probably) I think this is for real. I think democracy, if we still have it post election 2000, is in actual danger. Of course, like I said, I'm not doing anything about it because I am too scared to really think about what's happening. But maybe you should do something about it.
Save me! Thanks.
- jim 9-28-2003 9:57 pm
i agree. this is _very_ scary. among other things this is the easiest way for the republican party to continue its decades-long attempt to bar black voters from the polls. absolutely real and absolutely wrong.
- big jimmy 9-29-2003 1:36 am [add a comment]
" I'm not doing anything about it because I am too scared to really think about what's happening. But maybe you should do something about it."
Like what, vote?
- steve 9-29-2003 7:36 pm [add a comment]
I don't know, talk about it incessantly in a too loud voice while drinking too much wine with other people who can't do anything about it either?
That's what I used to do at least.
- jim 9-29-2003 7:41 pm [add a comment]
Sounds like a plan. When and why did such a change take over you?
- steve 9-29-2003 7:43 pm [add a comment]
Wow. It's even worse than I thought.
- jim 10-24-2003 6:50 pm [add a comment]
Krugman on Diebold.
- steve 12-02-2003 8:04 pm [add a comment]
Cringely on Diebold
I'm still saying the chances of the next election being decided outside the courts is very very slim. The Dem party machine should really be gearing up for that legal battle. (Are they?) Even though it seems pretty hopeless since we can all guess where the Supreme Court will come down.- jim 12-14-2003 8:10 pm [add a comment]
Bruce Schneier wrote the definitive book on cyrptography - Applied Cryptography - and is considered the leading researcher on computer security. He also writes an important monthly newsletter called crypto-gram. In this months issue he takes a look at electronic voting machines, ending with these thoughts:
I don't see how anyone can conclude that this is an oversight. Taking the paper audit trail out of the voting loop can serve only one purpose - vote fraud. This is not negligence, this is the ground work being laid to steal an election. I cannot imagine any other explanation. But who is behind it?- jim 12-15-2003 6:37 pm [add a comment]
i wonder where the deanies are on this issue. its perfect for him, full of outrage, hot issue with party faithful. if i were them i would push this and i would somehow get gore out in front of this issue. if he should have a mission it should be to ensure fair voting practices. and now that gore has effectively severed ties with the dlc, he can be more full throated in his liberal pursuits.
- dave 12-15-2003 6:59 pm [add a comment]
Maybe some of this thread should be posted on the dean blog?
- steve 12-15-2003 11:38 pm [add a comment]
Come to think of it, is this a good campaign issue? What with an already apathetic voting public, the dems might rather this not even be made public.
- steve 12-17-2003 3:02 pm [add a comment]
Here's another issue: software auditing. Would you fly a space shuttle if the vendor of the flight control software said "It's secret. You can't do a code walkthrough. You can't do simulation testing. Trust us."
- mark 12-15-2003 9:10 pm [add a comment]
"What's required for money machines should be required for voting machines," Senator Clinton said in introducing the bill. "We must restore trust in our voting, and we must do it now."
- dave 12-16-2003 1:21 am [add a comment]
poor security
"The latest study found that some issues discovered last July in the Johns Hopkins study had not, in fact, been corrected, and that other issues that had not been discovered in other studies were equally troubling. The report can be found at www.raba.com."
- bill 1-30-2004 5:52 pm [add a comment]
How to Hack an Election
NYT (OPED) Published: January 31, 2004
Concerned citizens have been warning that new electronic voting technology being rolled out nationwide can be used to steal elections. Now there is proof. When the State of Maryland hired a computer security firm to test its new machines, these paid hackers had little trouble casting multiple votes and taking over the machines' vote-recording mechanisms. The Maryland study shows convincingly that more security is needed for electronic voting, starting with voter-verified paper trails.
When Maryland decided to buy 16,000 AccuVote-TS voting machines, there was considerable opposition. Critics charged that the new touch-screen machines, which do not create a paper record of votes cast, were vulnerable to vote theft. The state commissioned a staged attack on the machines, in which computer-security experts would try to foil the safeguards and interfere with an election.
They were disturbingly successful. It was an "easy matter," they reported, to reprogram the access cards used by voters and vote multiple times. They were able to attach a keyboard to a voting terminal and change its vote count. And by exploiting a software flaw and using a modem, they were able to change votes from a remote location.
Critics of new voting technology are often accused of being alarmist, but this state-sponsored study contains vulnerabilities that seem almost too bad to be true. Maryland's 16,000 machines all have identical locks on two sensitive mechanisms, which can be opened by any one of 32,000 keys. The security team had no trouble making duplicates of the keys at local hardware stores, although that proved unnecessary since one team member picked the lock in "approximately 10 seconds."
Diebold, the machines' manufacturer, rushed to issue a self-congratulatory press release with the headline "Maryland Security Study Validates Diebold Election Systems Equipment for March Primary." The study's authors were shocked to see their findings spun so positively. Their report said that if flaws they identified were fixed, the machines could be used in Maryland's March 2 primary. But in the long run, they said, an extensive overhaul of the machines and at least a limited paper trail are necessary.
The Maryland study confirms concerns about electronic voting that are rapidly accumulating from actual elections. In Boone County, Ind., last fall, in a particularly colorful example of unreliability, an electronic system initially recorded more than 144,000 votes in an election with fewer than 19,000 registered voters, County Clerk Lisa Garofolo said. Given the growing body of evidence, it is clear that electronic voting machines cannot be trusted until more safeguards are in place.
- bill 1-31-2004 5:00 pm [add a comment]
My day as an election judge.
- jim 3-04-2004 6:55 pm [add a comment]
The good news is that Ohio passed a law requiring a paper audit trail on electronic voting machines. The bad news is that the law doesn't require the paper trail until 2006.
Remember Diebold, the company that makes these machines in based in Ohio, and the president of Diebold:
And in a close race Ohio could really mean the election (am I right about that? I'm don't follow those numbers too closely, but that's how I remember it: Ohio and Florida as the biggies.)
- jim 5-11-2004 10:41 pm [add a comment]
russert on rose last night said there were 18 states up for grabs the rest are essentially decided. some of the bigger ones are: florida, ohio, pennsylvania, missouri, arizona....
- dave 5-12-2004 12:46 am [add a comment]
This story is still not getting the play I think it deserves. Here's a new AP story about Bev Harris who seems to have taken the lead in trying to publicize the problem.
But really it's too late. What can be done at this point? The fix is already in.
The only thing I can think that might help is for the networks to reinstate exit polls. Sure they can be unreliable, but what else do we have? If the (even admittedly unreliable) exit polls show a huge disconnect with the "official" count it will not prove anything, but it will at least raise some questions that someone will have to address.
The day after the elections it will be too late to raise any of these issues. At that point you will be painted as trying to overturn a valid election.
- jim 7-05-2004 10:57 pm [add a comment]
I think I mentioned earlier that it seems the dems are over a barrel on this. If they make a stink about it they run the risk of discouraging their large block of disenfranchised constituants even further from the idea of voting.
- steve 7-09-2004 6:12 am [add a comment]
Absentee voting is the key. The DNC should have a big "get out the envelopes" push.
- mark 7-09-2004 7:07 am [add a comment]
Oregon's system seems to work well using mail in ballots exclusively.
- steve 7-09-2004 8:38 am [add a comment]