Ohio Audit Reveals More Diebold Problems

armb writes with a link to a Wired Blog entry about irregularities found in Diebold databases from the state of Ohio. The election in question here is November 2006, and the corruption of the entries may raise doubts about accurate tabulations. "Vote totals in two separate databases that should have been identical had different totals. Although Diebold explained that this was part of the system design for separate vote tables to get updated at different times during the tabulation process, the team questioned the wisdom of a design that creates non-identical vote totals. Tables in the database contained elements that were missing date and time stamps that would indicate when information was entered. Entries that did have date/time stamps showed a January 1, 1970 date. The database is built from Microsoft's Jet database engine. The engine, according to Microsoft, is vulnerable to corruption when a lot of concurrent activity is happening with the database, such as what occurs on an election night when results are uploaded and various servers are interacting with the database simultaneously."

I don't know anything about databases

[The-Ixian (168184)]

But I know from experience with Citrix that Jet does not scale to more than 1000 simultaneous users. This seems to be borderline incompetence to me.

Re:I don't know anything about databases

[codepunk (167897)]

Jet is damn lucky to scale to 10 much less your claimed 1000. I have never seen 1000 concurrent users in a jet database. Not that it matters, I cannot believe anyone would trust it to tabulate election results.

Re:I don't know anything about databases

[EvilTwinSkippy (112490)]

I agree. With a plethora of free or easily liscensed SQL databases out there, and the fact that ODBC data sources are every bit as easy to connect as Jet, there is NO excuse. The only reason to drop something like Jet into a production system is to make it crippled by design.

Re:I don't know anything about databases

[aichpvee (631243)]

And never attribute to incompetence what is clearly not. Diebold makes TONS of other electronic transaction machines (include, probably, your bank's ATM machines) and they don't have these kinds of problems. Perhaps they do it on purpose to give them a cover of incompetence. Perhaps it really is incompetence on the part of the guy they get to write this stuff since whoever is hiring him doesn't care if he's incompetent because they're going to fool with the results anyway and it will only add cover for them.

But CLEARLY this kind of stuff is not because Diebold isn't capable of doing it properly. It's because they explicitly don't want to do it properly.

If we're going to have electronic voting machines, and I don't think that we should (not even optical scan), they should be developed, owned, and maintained by the government. Period.

Re:

[vought (160908)]

The database is built from Microsoft's Jet database engine.

As Hyneman would say..."There's your problem."

Re:

[j00r0m4nc3r (959816)]

Everything Diebold does is borderline incompetence. I can't wait for these bozos to get out of this business and go back to making vending machines.

Oh yes

[WindBourne (631190)]

After seeing how they develop, I absolutely like the idea of their going back to handling my money.

Different folks.

[pavon (30274)]

Diebolds electronic voting division was purchased wholesale from Global Election Systems in 2002. GES produced crap back then and it is no suprise that they continued to produce crap under new management. Their incompetence shouldn't reflect poorly on the ability of the engineering staff in the ATM division, although it does say quite a bit about the top-level management.

1000?!?!?

[JeanBaptiste (537955)]

Good lord, I'd say anything over 10 users is a problem with Jet, from my experience anyways.

Jet is fine for what it is, but like any other tool it has a proper purpose and should not be mis-used.

I don't know the specifics of the Diebold stuff, it would seem to me though if you had one Jet DB on each machine along with a proper upload tool it should work just fine.... at the same time if I was building a voting machine process from scratch I wouldn't think of using it.

fwiw. ymmv.

Re:

[Rob the Bold (788862)]

But I know from experience with Citrix that Jet does not scale to more than 1000 simultaneous users.

I bet it doesn't. It's really more of a single-user database engine. It's nice for redistributing with a single user application, but not appropriate in a network setting. Makes you wonder if they (Diebold) just didn't have anyone with any multi-user database experience.

Re:

[hchaos (683337)]

This seems to be borderline incompetence to me.

I think the term you are looking for is gross incompetence.

Maybe they're trying to convince people that even if they wanted to rig the election, they're too stupid to do it properly?

Re:I don't know anything about databases

[quantum bit (225091)]

Exchange still uses the Jet engine. Its limit is 1,900 concurrent connections.

Not quite. Exchange uses Jet Blue [wikipedia.org], as do AD and other things embedded in Windows (DHCP server, WINS, etc.). It was strictly for MS-only internal use until Windows 2000, when it was renamed Extensible Storage Engine and the API was made available.

Diebold is using Jet Red [wikipedia.org]. Jet Red is what MS Access uses, as well as the "Microsoft Jet DB Engine" ODBC source that many crappy third-party VB apps use.

Despite sharing the same name (though Jet Blue was renamed, Exchange still refers to it as simply "Jet" in a few places), there's almost nothing in common between the two. Blue/ESE is a lot more fault-tolerant than Red, but concurrent access must be provided by a server application running on top of it -- multiple apps can't open the database file directly at once. That's probably a good thing, since Red/MS Access's cooperative concurrency scheme is what's responsible for most of the corruption issues people have with it.

Jet Blue/ESE is nowhere near the design of say, Oracle or PostgreSQL, or even MSSQL for that matter. It's about on the level of version 3 or 4 of MySQL (using MyISAM, not InnoDB), or perhaps SQLite.

Jet Red/MS Access is just plain garbage and should never be used. Shame on you, Diebold. Shame!

Jet

[truthsearch (249536)]

I programmed with the Jet DB "engine" years ago. I wouldn't even run a web site with it. The only thing I found it useful for was business applications, such as connecting an Excel spreadsheet to Access. But that was years and years ago. Why would anyone write such a large and critical system using Jet today, when even Microsoft tells you not to? The only answer is incompetence.

Re:

[MeanderingMind (884641)]

Tenured programmers/engineers tend to like what they know. Obviously when the execs walked down the latter and said, "We need a database" this person said, "Alright, we'll use this" and went wax nostaligic about Jet.

That, or the morass of our government dictated a few things that didn't make sense. They tend to be behind the times in terms of software/hardware advances.

Re:Jet

[lawpoop (604919)]

Why would anyone write such a large and critical system using Jet today, when even Microsoft tells you not to? The only answer is incompetence.

There is another answer.

If you wanted to make an insecure system that was easy to hack and manipulate, didn't have basic security features, data integrity, and no audit trail, and thus no record of how data was altered outside of specifications, you might use such a deprecated application.

Re:

[uab21 (951482)]

The old quote about never assigning to conspiracy that which can adequately be explained by incompetance comes to mind (Machievelli?). People are doing stupid things all the time. That being said... there is no reason that someone with deviousness in mind could not *find* the stupidity and decide to advance and take advantage of it. Use what is available - and stupidity is in rampant abundance.

JET??

[revlayle (964221)]

That is an old outdated desktop engine. Databases needs compressing and repairing all the freaking time - want to go multi-user? or over a network? forget it, it's have never performed well in that capacity in ANY version. Microsoft even advises not to use it anymore. They push desktop version of the SQL Server 2005 Engine (and now even have a version that just requires a couple DLLs in the application directory, however I do not know if that is available yet).

2 databases?!?

[Artaxs (1002024)]

Look, let's say I had hired an accountant. Then, let's say that I found out that he was keeping two separate databases of my finances. Let's also say that they had different totals in them, and he was only showing me one of them.

Not only would I fire his ass, but I'd make sure to press criminal charges of fraud. Why are these creeps from Diebold, Sequoia, ES&S, et. all not in prison yet?

Diebold makes ATMs; don't tell me that they can't get something as simple as a vote database right. Occam's Razor points to outright fraud, not to simple incompetence.

Re:2 databases?!?

[EvilTwinSkippy (112490)]

Diebold makes ATM's, but the banks keep all the records.

That's a bit like saying Panasonic would make a great a telephone carrier because they make phones.

I have bad news for you...

[C10H14N2 (640033)]

...what is double-entry accounting but keeping two separate databases of financial transactions--specifically so when the numbers don't match, you know something is up? /Yes, I know the difference

Jet Database Engine

[mypalmike (454265)]

Jet Database Engine, a.k.a. Microsoft Access.

Re:

[RingDev (879105)]

Yeah, I saw that "The database is built from Microsoft's Jet database engine." and WTF'd out loud.

The software used to tabulate votes is build on an Access database!?!? holy crap! Talk about the mother of all bad ideas. There are so many know issues and so many better options that this should never have gotten this far. Who the crap was in charge of designing this system? Jim from Accounting?

-Rick

I'm leaving...on a Jet plane. Don't know when...

[Impy the Impiuos Imp (442658)]

> The database is built from Microsoft's Jet database engine.

Jet? Shit.

I'm gonna submit proposals to program up a new Mars Rover using Visual Basic!

[OT] Your .sig

[BandwidthHog (257320)]

Who the f*** decided that sentences on the Internet shall no longer be formatted with two spaces after a period?!

It was always thus... Two spaces after a period is only appropriate in circumstances where all characters are the same width, such as an old-school typewriter. So nobody “decided” that it would be that way “on the Internet;” we just stopped using the special-case rules that sprung up a few decades prior when we were using technology that wasn’t capable of proportionally spaced type.

Don't ATMs access databases too?

[mdsolar (1045926)]

I've had very few banking errors using ATMs and I'm quite sure that I am not the only user on the system when I do use them. Why would this company have any trouble with this kind of operation? Is it because there is no accounting so they don't bother to get it right?
--
Vote with your roof! http://mdsolar.blogspot.com/2007/01/slashdot-users -selling-solar.html [blogspot.com]

Re:Don't ATMs access databases too?

[Ken Hall (40554)]

A number of years ago, I was responsible for handling software problem reports for a couple of vendors ATM machines. (We were a third-party service company.)

The things that went wrong with ATMs were both funny and scary. I have no reason to believe things have changed. The banks and manufacturers go to great lengths to satisfy customers without letting details of the problems get out, because this would undermine confidence in the devices.

With ATMs, if you're smart, you have a slip of paper to verify a transaction. If there's a dispute with the bank, the bank will usually honor the paper documentation, and the customer has no reason to make an issue of the problem.

With voting, there's no going back and fixing results after the fact. Often there's no piece of paper. And on top of that, the whole process is under fairly intense public and governmental scrutiny.

So I wouldn't say there are less problems with ATMs. You just don't hear about them.

Different People

[pavon (30274)]

I posted this somewhere else, but it needs to be restated. The reason that Diebold can't get this right, is because they don't have their ATM engineers working on it. Diebold Elections Systems did not exist until 2002 when Diebold purchased Global Elections Systems. The basic software architecture (including the use of Jet) goes back to a touch screen voting system designed by iMark in 1995. In that system the database was single use - stored on a smart card, and had to be merged together later.

The purchase

Dumb Idea

[the Dragonweaver (460267)]

I think this is what you call "not ready for prime time." I much prefer my county's system, which has a Scantron-like form that you fill in with pen and which gets scanned on-site, giving you an instant total-- and an immediate notification if there's an overvote or undervote. Plus there's that handy little paper trail...

Of course, the part that gets me angriest, as a former poll worker, is the fact that there are people who will mess with someone else's vote. You don't do that.

Next up on "Government Contracts!"

[RyanFenton (230700)]

In the last episode, the capitol building collapsed - and now, the following letter appeared on the broken stairsteps to the Ohio capitol:

"We're sorry that the capitol building collapsed, but it ends up that we used Licoln Logs to build the dome, and it ends up that it collapses when the wind hits it from multiple directions at once.

We've gotten some complaints that we should have expected this, and were "total morons" for choosing such a design. We think this is a gross oversimplification, and more than a little unfair. We used multiple layers of high-quality chewing gum to secure the dome, which required countless hours of chewing, along with thousands of gallons of spittle. When you complain against such a massive effort, you insult the sore mouths of our hard working employees.

Sincerely,
Halliburton CEO
Bozo D. Clown"

Next episode: FEMA picks up the pieces.

Ryan Fenton

I was going to ask for the hahaha tag, but

[zappepcs (820751)]

this really isn't about MS having a shitty database. It's really about Diebold not knowing how to design a database application. Other than that, I'm just too shocked to say anything while quietly making a mental note to avoid all things called Jet from MS and anything that comes from Diebold.

So...

[Lithdren (605362)]

When does someone bring them to court over SCREWING UP AN ELECTION.

Seriously, I dont care if the errors caused changed the outcome or not, its fairly clear that they failed, in the worst possible way, to maintain the level of creditability needed for a damn election. This isn't a "oops, my bad" This should be a federal offence with manditory jail time.

No system is perfect, but come on, JET!? Might as well have the vote counted in diffrent states by the party currently in power, would be just as accurate.

can't believe they're still used

[jack455 (748443)]

They make horrible voting machines, and in TFA it's claimed they tabulate results at the precinct level not the machine level. DUMB.

I do understand why Republicans get so defensive about this,but these machines have to GO.

The /. articles will likely continue until they're no longer used, for obvious reasons.

I smell fud

[ericlondaits (32714)]

I smell FUD here...

The engine, according to Microsoft, is vulnerable to corruption when a lot of concurrent activity is happening with the database, such as what occurs on an election night when results are uploaded and various servers are interacting with the database simultaneously."

Now, I'd never think about developing this on a Microsoft Jet DB, since it's been somewhat deprecated for the MS Desktop SQL Server (MSDE) and SQL Server 2005 Express, which are much better and lightweight enough for a current desktop.

Nonetheless... what MS probably stated is that basically access to a JET Db is not thread safe, which means that concurrent access will cause corruption with a probability directly proportional to the amount of activity. YET if you serialize access to a Jet Db (which is a necessary and basic requirement given that it's not thread safe) there shouldn't be a fear of corruption, unless the API is buggy. If each voting station has a Jet Db and they all get exported to a central (thread safe) db then there's no need for concurrent access to any of the individual Jet DBs, and there shouldn't be a big fear of data corruption (which, anyway, can be verified somewhat easily).

Re:I smell fud

[EvilTwinSkippy (112490)]

That's a bit like saying you can run a traffic light with a Lego Mindstorms on a massive intersection where 8 lanes of traffic intersects another 8 lanes, with both right and left turns allowed.

You just have to boost the 5v output using an op-amp, and secure the lead with a clamp or some electrical tape so it won't wiggle out.

Re:I smell fud

[sholden (12227)]

1. The data is corrupted (totals are different)
2. There's a known data corruption issue in the engine caused by concurrent activity

A reasonable conclusion is that the programmers were idiots and wrote an non-thread safe application with multiple threads. Another conclusion would be they intentionally attempted to fix the election. Incompetence before dishonest is the usual way to approach those things...

Isn't democracy mission critical?

[MosesJones (55544)]

Reading this made me think about my time doing safety critical systems (it fails, someone dies) and its really stunning to think that something like voting in a democracy isn't considered mission critical to the country.

There really is no excuse for voting to not be done on a comparative basis e.g. every vote to be checked via 3 different software lines (this isn't rocket science) and a voting system to then confirm that the vote is being applied correctly. This vote should then be written to two (at least) data sources to enable reconciliation at the end.

This is a freaking implementation of a check-box system where is the sodding complexity that means its expensive to be professional.

Voting in a democracy is mission critical, to not consider it that way is to say that voting doesn't matter.

No, it isn't

[Shadowlore (10860)]

its really stunning to think that something like voting in a democracy isn't considered mission critical to the country. ...to not consider it that way is to say that voting doesn't matter

You are incorrect on both counts.

First, if something is "mission critical" do you entrust it to people who have no idea of the necessary details, or will just use a default position to produce the end result as opposed to careful thought and analysis? No.

Perhaps you don't understand what "mission critical" means. I'll clue

Audits can be done using real database engines

[hey! (33014)]

Real database engines keep complete transaction logs.

Which is why when explaining a result matters, you use a real database engine, not something like jet, which is simply a library to maintain indexed files.

The JET engine is not the real problem...

[tom448 (1094321)]

Back in 1995 I came in touch with the JET engine for the first time. It was used in a database application for a commercial aircraft carrier (!) Databases were corrupt all the times. It was obvious that the technology was a mess. At that time, much better alternatives were available for a little more $$. Hence I could not understand why anyone would spend time and money with such broken technology.

Now we see the use of this technology again, and in an application that is crucial to the future of the U.S and to the future of many other countries... the same mistakes are being made again.

But that is not the real problem. Yes, we know that electronic voting machine manufacturers have a long record of being lazy, careless, and incompetent. The actual problem is with the opinion of the decision makers in the administration and with the opinion of the public. Information technology is widely accepted as a means to make collecting, sorting, and counting, of numbers, names, addresses, etc. more reliable and more efficient. So why not use it also to collect and to count voter ballots?

There is this subtle difference between paper and electronic storage. If you write something on a paper or make a hole, then it will be very difficult and time-consuming to remove the writing or the hole. In any case, too much work to alter ballots in significant numbers! And, if you still do, you leave a trace to be discovered by the forensic experts. In contrast, the information stored on a hard disk, in a flash ram, or transferred via network, can be altered very quickly and, if done well, without leaving any trace. Hence it is by nature that electronic voting machines are insecure and unreliable.

Badly designed and badly implemented electronic voting machines just add up to the insecurity and the lack of reliability that this technology has by its virtue. On the other hand, measures like paper audit trails are certainly very helpful, but these are mere attempts to improve a technology that is bad from the outset.

Looking at people's difficulties in understanding and dealing with today's computer security threats, I guess that it will take a lot of time until the aforementioned difference is in the heads of majority of the public and of those involved in the voting process. In the meantime, we will have many more "voting machine news": For every major election where electronic voting machines will be used, there will be stories about malfunctioning machines, missing audit trails, about elections being stolen, and so on. This is the wrong approach to "strengthen the democratic tradition".

My credo is that running a democracy has a prize that is called "counting by hand".

Re:

[by Anonymous Coward]

Arguing on Slashdot is like competing in the Special Olympics...

Is not!

You may win but you're still retarded.

I know you are, but what am I?

Re:

[feed_me_cereal (452042)]

you're cynical. Do you honestly think that no one (or perhaps very few) on slashdot, a hub for politically minded technology geeks, cares about how electronic voting is implemented, and are only upset that a democrat wasn't elected in the last election? Let me rephrase: you're absurdly cynical. Cynical would be assuming that a lot of people don't care if their votes are counted or not, not the vast majority of people who are already likely to care.

Re:here we go again

[rlp (11898)]

> Do you honestly think that no one ... cares about how electronic
> voting is implemented, and are only upset that a democrat wasn't
> elected in the last election?

Yes, next question.

BTW, when Bush came into office the solar system had nine planets ...

Re:

[jimstapleton (999106)]

Learn to read and analyze data instead of kneejerking please

This is about the 2006 election. To remind you, that's when Ohio went Blue.

Don't get me wrong, there are many cases where 'sore looser leftie' is a potentially valid complaint. This isn't one of them.

Re:

[jimstapleton (999106)]

but this isn't necessarily even the democrats that are complaining.

It's just people who found screwups in Dibold voting devices.

Re:

[feed_me_cereal (452042)]

my guess is no. over 100,000 votes is a lot to fuck up.

Re:Problem-free election?

[Dr. Manhattan (29720)]

I await the next problem-free election. You know, the one where no one can even insinuate anything went wrong.

In point of fact, there is a difference between "requiring perfection" and "avoiding obvious incompetence". Just, y'know, for future reference.

Re:

[SeaFox (739806)]

1. Diebold practices incompetence in design of voting machine tabulation backend.
   
2. Diebold fights tooth-and-nail to have voting machine software closed and not available for inspection by anyone.
   

Coincidence? Gee, I wonder...

Re:

[truthsearch (249536)]

While there's no such thing as perfect, we can still try to get reasonably close. For elections we can sure get a lot closer to real accuracy. A few people will always claim it's fixed. But when you have multiple documentary films, books, and protests there's obviously something wrong.

Re:Problem-free election?

[Danathar (267989)]

NO! There is only OBVIOUSLY something wrong if there is EVIDENCE that something is wrong.

Mob, Press and Documentary video TV accusations do not constitute legitimate evidence unless they have facts to back up their claims (not saying they don't).

Guilt by association is one Logical Fallacy which is throw around a lot these days.

Re:

[by Anonymous Coward]

So, I've worked federal elections in Canada multiple times, and we *do* accomplish most of what you suggest above. The election is managed at the federal level by an arms-length organization.

The public is allowed to watch at every step of the process (especially counting).
Voting times are staggered across the country so that everyone learns what happened at the same time.
All the ballots *are* exactly the same. This is not a difficult task.
The ballots have only the name of the candidate and the name of the