U.S. Bars Lab From Testing E-Voting Machines 123
joshdick writes to point out a NYTimes story on the decertification of Ciber Inc. from testing electronic voting systems. It will come as a surprise to no-one here on Slashdot that experts say the deficiencies of the laboratory suggest that crucial features like the vote-counting software and security against hacking may not have been thoroughly tested on many machines now in use. From the article: "A laboratory that has tested most of the nation's electronic voting systems has been temporarily barred from approving new machines after federal officials found that it was not following its quality-control procedures and could not document that it was conducting all the required tests... The federal Election Assistance Commission made this decision last summer, but the problem was not disclosed then... Ciber... says it is fixing its problems and expects to gain certification soon."
Hacking Democracy anyone? (Score:3, Funny)
Re: (Score:2)
But why? (Score:5, Insightful)
And not just replaced, but REPLACED RIGHT NOW with very little public input and negligible testing. Whenever I see such a huge rush to change something that's worked remarkably well for generations I get suspicious. When I see such a huge rush to change something that's worked for generations without any meaningful dialogue about whether it really should be done, I get even more suspicious.
When I see that same huge rush to change something upon which our Democracy depends, and that's been open to public scrutiny and has worked well for generations and replace it with some closed-source stuff that's not been sufficiently tested and the CEO of the company who provides said closed-source, easily hacked systems is also a major contributor to one of the political parties and who GUARANTEES DELIVERING A VICTORY TO THAT PARTY, I simply assume that the whole thing is pretty goddam crooked.
Re:But why? (Score:4, Insightful)
It's never been explained, to my satisfaction, why the use of paper ballots (or at least paper TRAILS), had to be replaced with the computer-voting machines.
It's really very simple. Paper records (such as ballots) are the evidence that can be used to verify the results of an election, or to prove when election rigging has occurred. If you want to rig elections without getting caught, it is essential that there be no evidence. Hence, the paper had to be eliminated from the process.
The only people who oppose paper ballots are the ones who want to rig elections.
Re: (Score:2)
Oh yeah because paper ballots were used so well to confirm the Florida elections in 2000 and sparking a constitutional crisis.
"Ooh lookee, it's half a punched chad... that's definitely a vote for my guy"
"No it's not, it's obviously a mistake, he voted for my guy."
"Look! This is a clearly punched ballot for Pat Buchanan! This is obviously an incorrect vote."
Yeah... paper ballots solve ALL the problems...
Re: (Score:1)
Re:But why? (Score:4, Insightful)
I consider paper ballots as where the person actually makes a mark with ink on a piece of paper, not some weird misconceived contraption where you punch holes in the paper with a poker. By that way of thinking even if the computer makes the actual mark you would still be calling it a paper ballot. Pen and paper, is it that inefficient that we are scrambling to get away from it?
Is it so hard to conceive of an imperfect world where people don't want to play by the rules, that election fraud is relegated to just another unfounded conspiracy theory in you mind?
I do think the motivations of some are very suspicious, but I think the motivations are probably more based on the desire to make money on voting equipment. That voting machines make election fraud easier and nearly undetectable maybe just a side benefit.
Oh and were those hanging chads really worse than a virtual electronic ballot? At least the malfunction in the system was detectable. In a computer, errors in programming or hardware, either intentional or not, would be somewhat abstracted from the final result. Personally, I would prefer that both I and the elected person know that there is some doubt as to the intentions of the electorate versus allowing a elected official to hold office without knowing that his or her election was the result of some funny business.
But yes, some people would rather live in a society without integrity where the conflicts and corruption is ignored for as long as possible. Short term peace at the expense of longer term integrity.
Re: (Score:2)
Is it so hard to realize that the paper ballots/trails are just as susceptible to election fraud as electronic ballots such that electronic voting is just another unfounded conspiracy theory in your mind?
"I consider paper ballots as where the person actually makes a mark with ink on a piece of paper, not some weird misconcei
Re:But why? (Score:4, Insightful)
Is it so hard to realize that the paper ballots/trails are just as susceptible to election fraud as electronic ballots such that electronic voting is just another unfounded conspiracy theory in your mind?
Yes, it is. Election fraud is much harder to pull off when it involves someone actually putting pen to paper. Logistics are important to election fraud because it has to involve as few people as possible and be very uncomplicated to assure success. Pressing a few buttons on a computer and having a voting history destroyed or writing a program that simulates vote casting is much easier and importantly could involve fewer people than physically creating individual frauds of paper ballots.
Oh well then, let me update my rant:
"This circle is half colored in. Obviously the voter intended to vote for my candidate."
"No, it's not completely filled in. Therefore this ballot is in error and doesn't count."
"This guy voted for Pat Buchanan, obviously his vote is incorrect."
Yes, the form of paper ballots matter. In my town we do well enough with having to connect an arrow with a magic marker. No it is not perfect and mistakes in "interpretation" could be made during a recount even asking people to make a clear mark. But the important thing is that there are clearly defined criteria for counting a vote that the average person can meet within a human margin of error.
My point to all this is that I voted in a county that had mechanical voting machines for nearly 50 years. They didn't have a paper trail. The only thing that was updated was a mechanical counter inside the machine that kept the tallies. These machines were opened during the day to check the counts (at which point they could also be tampered with) and at the end of the day these counts were read off and phoned to the central office then the counts were reset.
That would be just as bad as any other virtual ballot system, but I doubt you are describing the story in full. I too have voted on the machines with the little switches and the big lever, but I recall that there was also a roll of paper where a mark was made for each vote cast, which could be recounted if needed. I have nothing against this method, or for that matter computer ballots, as long as there is a physical record of the actual vote. What was lacking in the machine you describe, was a way for the voter to verify that the vote was recorded the way he or she voted.
What's the difference between the mechanical and the evoting ones? Ultimately nothing. Ultimately you have to trust the people running the system because otherwise Democracy means nothing because you don't trust your fellow man to properly vote or check your vote. I realize that's difficult when Bush is trying to orchestrate a coup to overthrow Democracy, especially after all those Diebold machines gave the vote to Republicans in this last mid-term election. But hey, that's how it goes.
The point is that you have to trust most people in a Democracy to do the right thing, but you can't trust everyone. The system must be designed so that individual corruption does not so easily corrupt the whole system. Computer balloting, especially without a voter verified paper trail, threatens this principal. In the past sure you could have a vast conspiracy involving hundreds of people strategically positioned at polling places to gum up the works in your opponents territory... so that what it took was a fairly elaborate dirty tricks outfit to steal an election. Now you have 5 or 10 people that know a thing or two about computers and find some vulnerability in the system and hack the election in a wholesale way.
Oh and it also becomes much more believable when the election machines stop working in a particularly busy district and the long lines reduce turnout and votes never even get cast. Much harder to justify those long turnout reducing lines when all someone needs is a pen and a surface to write on.
Though e
Re: (Score:2)
Who counts the votes anyway? I still think any election can be stolen given enough economic power, and the corporations have long since had enough money to put people in their pockets. I don't buy that paper (marking a paper with a pen) is more secure then digital elections, you could do digital elections provided there were some other secure digital method to verify votes... I always thought satellite data s
Re: (Score:2)
i.e. who you vote for should be public knowledge, it's insane that a person should have to hide their vote in a country with 300,000,000 people.
Well, if we did away with voter anonymity, then electronic voting would be the best thing to do since anyone could count up the votes and see who won. Though, I think coercion and vote buying are legitimate risks. Even peer pressure is a form of coercion because of the real risk of social ostracization. People will often go along with whatever faction or group they associate most with rather than making an informed choice about the individual based upon their own values. Something that allows people to a
Re: (Score:1)
The thing that most confuses me about the arguements I have heard for why paper trails can't be created is that it is too hard for a company (Diebold) to create machines that make a paper trail, even though this company's primary product (that I have seen) is ATM machines that users require to make a paper trail for.
Yes, the punch cards were difficult to verify at times, but replacing them with something that can't be verified
Re: (Score:1)
That all depends on your definition of "paper". (thank you, Slick Willy!)
Florida's election system (pronounced: floor-ih-duh) approved the use of punch-cards in the General Election, primarily for their robust and elegant tendency towards ambiguity.
This tendency was turned into a benefit for the now-incumbent, for when the voting system contains ambiguity, who arbitrates the final vote? That's right, the Electoral Commission. (a.k.a. brother Jeb)
For any self-respecting and honorable Electoral Commissi
Re: (Score:2)
Vote buying - "Attention all employees: If you can show that you voted Republican, you will receive a $100 bonus."
Vote coercion - "Attention all employees: As an American company, we need to support American values. If you cannot sho
Re: (Score:1)
If you followed the link, you would find that the cryptography ballot does not necessarily show how one has voted. (unless you have both parts)
True, you would have a piece of paper with marks on it, however there would be no indication whatsoever of which votes counted for which ballot items/candidates. The on-line verification would only show the status of the individual ballot, (counted/not-counted/disqualified) with no indication of how the individual's ballot was cast.
The system truly mitigates the
Re: (Score:2)
An electronic ballot with no paper trail can be changed with no evidence whatsoever that such a change has been made. This is a security issue. See the difference?
Re: (Score:3, Insightful)
Re: (Score:2)
Re: (Score:3, Insightful)
Re: (Score:1)
Right on, Brother. Better machines for punching the paper to avoid Florida-style fiascos? Absolutely. Better machines to count the paper? Absolutely. Machines to tally the votes as we go and then cross-check the paper so they can flag up boxes of votes that go missing? Sure, provided we keep that data well under wraps until the polling stations are closed. But machines to replace the paper? No, sorry, not a good idea. I don't think the people pushing this stuff understand just how deeply many norma
Re:But why? (Score:5, Insightful)
Any voting system requires Universal Comprehensibility in order to be trustworthy. After all, how can you trust something that you cannot even understand? The use of Open Source Software is not enough: it restricts the set of people who can understand the system to competent programmers.
Elections should not depend upon any technology that is beyond the understanding of a school leaver with passing grades. Pencil, paper, slotted boxes, wire seals and hand-counting have been used successfully since democracy was first invented. Everybody can understand how they work -- and, just as crucially, all the potential failure modes.
What's more, using complex machinery doesn't change the failure modes, nor the need for vigilance. If the voting machines use a paper journal roll, someone still has to inspect each and every machine to make sure that the take-up spool is empty at the beginning of the election, and certify same by fitting a tamper-evident seal which prevents the machine from accepting votes. How is that any better than someone checking that each and every ballot box is empty, and sealing the slot with a tamper-evident seal?
Re: (Score:1)
seriously i think you're right, the systems used in such a monumetal event as elections should be transperant and not hidden away like somethings fishy
Re: (Score:1)
Re: (Score:2)
I'm not even saying that there necessarily was fraud in November. I'm just saying why NOT have a paper trail for every election? What's the harm? It's easy to see the harm in not having a paper trail. Just read the second sentence of this post - "...no way of knowing..."
The Calif Senate held hearings on these labs... (Score:2)
Ciber and Wyle are in Huntsville AL, right next to the Redstone arsenal. They mostly do military gear testing, voting systems are a sideline.
Systest is in Colorado and *might* be the most competent of the bunch. Wyle and Ciber were the two used most by Diebold.
All three labs were invited to testify in California. Ciber was a no-show.
The other two come across as complete loons, Wyle especially. There is
Personal experience with Ciber (Score:5, Interesting)
Re: (Score:1)
A girl's gotta make a living.
Their actual research methodology is, shall we say, "suspect."
All you need to succeed in research is a well documented methodology; and if you can forge that you've got it made.
KFG
Re: (Score:2)
Re: (Score:1)
George Goldwyn Marx. He's my favorite.
KFG
The real question (Score:5, Insightful)
Re: (Score:2)
so its a problem of documentation (Score:5, Insightful)
WTF? (Score:3, Funny)
Re: (Score:3, Funny)
Re: (Score:3, Insightful)
Re:WTF? (Score:5, Interesting)
Re: (Score:3, Informative)
Re: (Score:1)
No, doesn't meet requirements (Score:2)
And the voter's abusive husband's scrutiny, and the records of the person trying to buy the vote, and any union, employer, or church that wants to coerce the voter. The need to keep the vote anonymous and secret seriously complicates the job of designing a voting system.
It's not a receipt. That's why there's glass (Score:2)
Isn't this why the parent suggested displaying it behind a safety glass screen? I don't think the point was to allow a voter to take a receipt home with them. Rather, it's intended to let them confirm that a correct paper record has also
Re: (Score:1)
The Elephant Bar is supposed to drop right down but the Donkey Chips are supposed to get hung up, and if they can't do that simple thing they'll find another no-bid contractor to do it.
Re: (Score:3, Funny)
Re: (Score:3, Funny)
Re: (Score:2, Funny)
Re: (Score:2)
If there ain't, it's my idea! Don't you dare to steal it!
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
Re: (Score:3, Funny)
Now, in this case all that happens is the idiot who ones the machine is out a nice chunk of cash (especialy as he keeps on restocking it). If t
Re: (Score:2)
With voting machines, on the other hand, you, the user, have no way at all to determine whether those machines actually do what you say. That is the di
Re: (Score:2)
Good point, it's not hard to make these machines work right.
Re: (Score:2)
The only way you can verify that YOUR ATM transactions are correct (not necessarily secure, just correct) is
Re: (Score:1)
Re: (Score:1)
Title misleading (Score:4, Informative)
Re: (Score:1)
They can even approve them if they want, it's just that their approval doesn't count for anything.
And the net real-world effect will be...? (Score:4, Insightful)
After all, we would not want to use untested electronic equipment in other crucial areas of life, like medical equipment. Why allow them to run/determine elections?
I expect this is why disclosure was delayed (Score:2)
Re: (Score:1)
Re: (Score:2)
You get what you ask for (Score:1, Interesting)
1. Cyber has been known for a long time as a "body shop". They have never been known as a certified testing lab.
2. What was to be provided in the Statement of work?
3. Is the customer looking at Certification and Accreditation with light security testing for the purpose of having an agency signed ATO or ITO or Common Criteria (EAL)ISO standard 15408 certified product. This is a huge difference as the first may just
Re: (Score:2)
Actually, it was the New York Times which said the commission's action was not disclosed over the summer. If you have evidence otherwise, please include a link.
Bigger problem -- waterfall process (Score:3, Insightful)
Re: (Score:3, Insightful)
1- it has a meaning only if it is performed on the exact system that will be delivered.
2- it absolutelly needs to be performed by an independant structure (they don't work for the audited manufacturer and have no financial interest in either aproving or rejecting the audited item).
Of course, it brings a less efficient process, but if those rules are not respected, the real reaction to the discover
Outsourcing certification makes no sense. (Score:5, Insightful)
But why outsource the certification of equipment? This is precisely the kind of task that a government bureaucracy is best suited for: you have a routine task that is done by established rules and procedures. It's hard to see how a private company could outperform a government agency at apply a set of standards with unforgiving rigidity. The problem with government processes is that even good people working in them (of which there are many) are hampered by the bureaucracy's rules and culture, which limit the scope of individual initiative and judgment. In this case it would be a good thing.
The hard thing in the whole process is creating the certification standards. Here there is considerable use for consultants from academia and business.
What this suggests to me is that there aren't really standards. It looks like they just took the whole mess and swept it under the rug, letting the vendors select a sham certification organization.
This is an abdication of an important responsibility the government has. Not just to ensure free and fair elections, but to make sure it spends our money responsibly.
Re: (Score:1)
1) One oversized agency that tests equipment X and then 'audits' those tests.
2) Two government agencies, one that tests the equipment and another that audits those tests, both vying for the same appropriations.
The way it is set up with one government agency set up to define tests and audit them and given the appropriations to hire companies to ru
Re: (Score:1)
I've said it before but we really ought to be looking at the Nevada Gaming comission Rules. These rules describe the level of security that we should demand from the process. They are almost as stringent as the standards for nuclear power plant safety and mining equipment. I'm not blowing smoke: I've got IEC 61508, NUREG CR-6463, and DO-178B on my shelf and I still say, "See Nevada Gaming Commission's Technical Standards For Gaming Devices and On-Line Slot Systems." http://www.gaming.nv.gov/documents/pdf/ [nv.gov]
Conspiracy (Score:1)
What's the point? (Score:2, Flamebait)
Why?
Irrespective of who gets elected, they're not going to act on your behalf anyway.
Sorry to be a bit cynical about this, but voting machines are not how elections are being "stolen".
Re: (Score:1)
Main Entry: cynical
Pronunciation: 'si-ni-k&l
Function: adjective
1 : CAPTIOUS, PEEVISH
2 : having or showing the attitude or temper of a cynic : as a : contemptuously distrustful of human nature and motives b : based on or reflecting a belief that human conduct is motivated primarily by self-interest
- cynically
synonyms CYNICAL, MISANTHROPIC, PESSIMISTIC mean deeply distrustful. CYNICAL implies having a sneering disbelief in s
even if they did test, it would be of minimal use (Score:3, Informative)
Misleading headline (Score:5, Informative)
Sheesh. Come on
Typo correction (Score:2)
And I should READ rather than just spellcheck my posts. "rad" apparently is a properly spelled word; LOL!
Re: (Score:2)
That's like saying that if the government decided to quit allowing people to drive Fords, it wouldn't be banning Ford from making automobiles.
Explain why anyone would have Ciber test their equipment if Ciber can't certify it?
Re:Misleading headline (Score:4, Insightful)
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
But I'm not surprised by that. They have been innacurate at best quite often over the past few years. Neither left nor right, but simply wrong. Sulzburg is destroying that paper, its a shame.
Smash them (Score:5, Insightful)
If the government and it's anointed tools aren't up to the job then it's the duty of the citizens to take care of the problem. It's why we have the right to bear arms. It's why Thomas Jefferson's memorial has such pithy inscriptions. We sadly, currently, live in exactly the situation the founding fathers foresaw.
If the only effective protest is the destruction of the tools of misrepresentation, and if people are willing to die for their freedom and to protect their country and their constitution there shouldn't be any problem. We should fight the threats at home before exporting our expertise to damage others abroad at the behest of corrupt industries. Our politicians have been funded/emplaced by the very companies who seek to profit the most from a muddled vote. If voting is our one sure way of getting a message across then it needs the same kind of protection that the Constitution requires. It requires and demands the right of the citizenry to implement deadly force to secure it's own voice.
With the long lines and the availability of floors and blunt objects in polling places it shouldn't take more than an hour after polling facilities open to accomplish the task nation-wide.
And to all those citizens who think this isn't the solution, please reply with one that's rooted in reality, and not some "hugs and tea" fascimilie of reality.
Cheers.
Re: (Score:2)
Re: (Score:2)
We are supposed to have a proud history of resistance in this country to injustice and control.
As always, the number of citizens greatly outnumbers the forces of control in government.
The citizens are ultimately responsible for how much their country resembles a prison camp.
Statistically, the United States is the largest prison camp in the world.
If people can challenge other voters in the line
Re: (Score:1)
You can lead a horse to water(the founding of our nation), but you can't make him drink(it isn't working nearly as well as it could).
There is a disturbing trend to ignore the fact that our nation was founded with liberty as its central ideal; liberty that included freedom from control by the majority. Democracy was never the best system, it was si
Hugs and tea (Score:2)
Actually, I think that something along the lines of "Boston Tea Party [wikipedia.org]" might be appropriate in this situation. It's time to stand up for what is right, people!
Re: (Score:1)
I wasn't born by 1969, so I didn't get my rioting chance
-dave
A more effective alternative.... (Score:2)
If enough people with sufficient tools and expertise agree to totally bork these machines on election day so bad that, when the votes are tallied, it's painfully obvious that they have been tampered with (say, negative votes, or clearly far more total votes than the total population), you'll have a genuine catastrophe on your hands.
Although a few machines might get damaged by your approach, the police or even national guard will see to it that the majority of machines are not damaged. However, if
Re: (Score:2)
world looking on you can reclaim a government of the people by the people.
Millions worldwide marched in protest of the Iraq war, look how effective that was.
A government with superior firepower and a will to use it won't step aside because some people march around with signs and chant. Those that try an armed uprising to affect real change as the founding fathers intended will b
Secure tallying (Score:2)
Voting boils down to this: we want each legitim
Canadian Voting System (Score:2, Interesting)
Minnesota (Score:1)
I'm a geek. I loves my shiny bits of technology BUT when it comes to voting I just feel safer with something tried, true and an audit trail.
This is heading for a serious problem (Score:2)
In other words, not allowing those machines to be tested is about as unpatriotic as you can get.
Apologies, my irony tags are i
Re: (Score:1)
What about one-time write ROM's? (Score:2, Interesting)
I've heard the debate go both ways about the pros and cons of electronic voting systems vs traditional ballots. Of course, each has their vulnerabilities.
If electronic voting machine developers are so bent on eliminating the paper trail, what about an electronic log that's designed with a physical limitation, such as one-time write memory? The machine would just burn a log entry after each voter finished voting. When you're done, you have a non-rewriteable memory storage device that reads something li
Re: (Score:1)
2. It's harder to stuff a ballot box without someone that's at the least technically savvy.
3. No "hanging chads", improperly marked ballots, or ballots that need to be discarded and reissued because the voter made a mistake in marking their ballot before submitting it.
4. Recount (with the above mentioned idea) doesn't require someone to physically feed scan sheets, one by one, into a machine, where they can jam or get defiled somewhat easily.
They were only performing the most important test: (Score:1)