Slashdot Log In
Diebold Rebrands What No One Wants
Posted by
CowboyNeal
on Thu Aug 16, 2007 11:07 PM
from the rose-by-a-different-name dept.
from the rose-by-a-different-name dept.
Irvu writes "Diebold has apparently failed in their bid to sell their tainted elections systems unit. Unable to find a buyer the CEO of Diebold promised that the system will be run more 'openly and independently.' To prove that they are serious, they renamed it. Diebold Election Systems is now Premiere Election Solutions. They still sell GEMS, AccuVote OS and the ever-unpopular AccuVote-TSX which performed so disastrously in California's Top-to-Bottom Review under the same names. Apparently their rebranding effort only goes so far."
Related Stories
[+]
Ohio Audit Reveals More Diebold Problems 222 comments
armb writes with a link to a Wired Blog entry about irregularities found in Diebold databases from the state of Ohio. The election in question here is November 2006, and the corruption of the entries may raise doubts about accurate tabulations. "Vote totals in two separate databases that should have been identical had different totals. Although Diebold explained that this was part of the system design for separate vote tables to get updated at different times during the tabulation process, the team questioned the wisdom of a design that creates non-identical vote totals. Tables in the database contained elements that were missing date and time stamps that would indicate when information was entered. Entries that did have date/time stamps showed a January 1, 1970 date. The database is built from Microsoft's Jet database engine. The engine, according to Microsoft, is vulnerable to corruption when a lot of concurrent activity is happening with the database, such as what occurs on an election night when results are uploaded and various servers are interacting with the database simultaneously."
[+]
IT: Diebold Voting Machines Audited by California 159 comments
Panaqqa writes "Diebold must be wondering what else can go wrong. Considering their arrogance in the past, their comeuppance is truly well deserved. The State of California's source code review [PDF] of the Diebold voting system has been released. Additional reports will be made available as the Secretary of State determines that they do not inadvertently disclose security-sensitive information. One wonders what it will take to convince voting machine manufacturers not to do things like hard coding passwords as '12345678.'"
[+]
Your Rights Online: Diebold Admits ATMs Are More Robust Than Voting Machines 230 comments
An anonymous reader points out a story in the Huffington Post about the status of funding for election voting systems. It contains an interesting section in which Chris Riggall, a spokesman for Premier (formerly Diebold) acknowledged that less money is spent making an electronic voting machine than on a typical ATM. The ironically named Riggall also notes that security could indeed be improved, but at a higher price than most election administrators would care to pay. Also quoted in the article is Ed Felten, who has recently found some inconsistencies in New Jersey voting machines. From the Post:
"'An ATM is significantly a more expensive device than a voting terminal...' said Riggall. 'Were you to develop something that was as robust as an ATM, both in terms of the physical engineering of it and all aspects, clearly that would be something that the average jurisdiction cannot afford.' Perhaps cost has something to do with the fact that a couple of years ago, every single Diebold AccuVote TS could be opened with a standard key also used for some cabinets and mini-bars and available for purchase over the Internet."
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
Stick with paper (Score:5, Funny)
old voting systems
[X] paper
bold voting systems
[ ] electronic
There are no old bold voting systems.
DIE bold.
Why can't they have the people who make there ATMs (Score:3, Interesting)
Re:Why can't they have the people who make there A (Score:5, Insightful)
When your voting system gets scammed: You lose your rights.
Parent
They're looking at a different market. (Score:5, Insightful)
With an election, if you get the number wrong, you have a politician who will be your friend for life.
Think about it. They can handle billions of dollars, but they can't keep a million votes straight? At some point you realize that it isn't incompetence. It's their goal.
Parent
Re:They're looking at a different market. (Score:4, Insightful)
The millions of votes are supposed to be secret, anonymous, and unique.
Tell me you don't see a difference with a straight face.
(And hey: if you want to believe that every electronic election is rigged, no matter how eventually open source, now matter how eventualy trackable by paper-trail, etc., be my guest. Keep in mind that most of the electronic voting solutions were the result of the Help America Vote Act (HAVA), which was supposed to address the alleged and/or real problems and unfairness of 2000...)
Parent
Re:They're looking at a different market. (Score:5, Insightful)
You do realize that none of those terms describes the Diebold system, right?
You say that as if federal legislation could never lead to horrible, unforeseen consequences.
Parent
Re:They're looking at a different market. (Score:5, Insightful)
Open source? Sure - but how do I know that the machine is actually running the code I reviewed? Trackable by paper trail? Good, but you need to: 1) let the voters check their part of the paper trail 2) have someone check the paper trail with the electronic record. If you believe that this is not effectively doubling the traditional ballot, then be my guest.
Parent
Re:They're looking at a different market. (Score:4, Funny)
Parent
Not that easy (Score:4, Interesting)
Second, an ATM is, by and large, just a slightly more secure terminal to the bank's central computers. It's not the ATM that authorizes your transaction, or transfers the money. It's just a terminal that's networked with a central system. So it's slightly easier to get things right.
With voting machines, the whole assumption that it must be anonymous, plus the bigger distrust of a single central station that counts everything, screw that assumption up big time. You can't go and transmit "Moraelin voted for the German Anarchistic Pogo Party" (I didn't, but for an easily rememberable example sake) over to other computers.
Third, the various kinds of bank terminals get numbers wrong more often than you'd think. E.g., the Deutsche Bank fairly recently introduced OCR machines where you can just shove the check in and have it read, so you don't have to type it all. Well, one of the damn machines didn't read the decimal point, so I ended up transferring 100 years worth of fee to my insurance.
The bank will help you solve such problems, but never claimed that it's 100% bullet-proof and more infallible than the pope.
Fourth, banks (if their central software is anywhere near well written) have other checks and safeguards.
E.g., every cent transferred must be a cent that comes from somewhere else. Even if someone maliciously manipulated the software or the database, you have a chance to catch it. If at the end of the month you do the totals and you have money that appeared out of nowhere, or disappeared into nowhere, you can start an investigation.
Plus it can catch erroneous transfers in the first place. For example my erroneous money transfer should have bounced from the start because most sane people don't have that kind of money in their personal day-to-day account.
E.g., similarly all the money moves must be accompanied by an entry in the transaction table. If someone's account grew by a million, but the transactions to that account don't add up to +1,000,000$, you can call the cops.
E.g., you can have other triggers, regardless of whether the transaction is correct or not.
For example, any incoming money transfer over, say, 10,000$ will automatically trigger an investigation. Ditto if someone suddenly starts getting lots and lots of little transactions. That's mostly against money laundering, but would also catch any error where a bunch of money appears out of nowhere.
For example, you can have bogus rows in the accounts table, which normally have no reason to be accessed, and are booby-trapped with a trigger. If some DBA comes with such ideas as "I know, let's shave a cent out of each account and add it to mine" or "I know, let's export the names and credit card numbers and sell them to scammers", chances are he'd stumble over such traps. Plus, it would trigger an investigation when a bunch of credit card numbers assigned to such bogus accounts start appearing in transactions.
Etc.
All this simply doesn't apply to votes.
- You don't have to take a vote from somewhere else to assign a vote to Moraelin, like would be the case with money
- You don't have people checking their balance and asking you to fix the errors. The whole idea of anonymity is that you shouldn't store anywhere stuff like "Moraelin voted for the German Anarchistic Pogo Party". If I can check "wait, did you count my vote for the German Anarchistic Pogo Party?" a month later, then so can someone else. That's another bank safeguard that just doesn't exist.
- you can't really use any sums as triggers, because everyone gets the same number: 1 vote. Each transaction says exactly the same: "1 vote for party X". So you can't go and say "whoa, we'll investigate all transactions over 10,000".
- since it's anonymous, you can't check how many transactions each person has, either
Parent
Re:Why can't they have the people who make there A (Score:4, Interesting)
Independent review (of the leaked source code) concluded that the code base was of shockingly low quality, lacking in many basic principles of secure and defensive design, most likely written by programmers with very little training. Unfortunately this didn't stop it from being election-ready certified, which I imagine is where the real value was for Diebold.
Unfortunately, as any decent coder knows, a huge mess of spaghetti code is nearly impossible to fix short of a complete rewrite, which is probably why the system hasn't gotten any better since then.
Parent
Putting frosting on a turd.... (Score:3, Insightful)
surely we can do better for a rebrand (Score:5, Funny)
- Guaranteed Result Election Systems
- Early and Often Voting Machines
- DPV (Dead People Vote) Solutions
- NTSC (Never Twice the Same Count) Electionware
I smell a business opportunity here... (Score:3, Interesting)
At a crossroads like this, an OSS company could just step right in and take over the whole election software market. If some OSS platform were successful here, there'd be no competition from closed source platforms after that. OSS voting forever after. I know that "open" means never having to rely on a single source (if you don't want to), but a great hardware solution coupled with all open source code would make one (or a few) companies really pop.
I have not been looking too hard for OSS voting machines myself, so maybe they're already out there. In that case, they just need some PR so that they're visible to the general population.
Redhat? Ubuntu? Where are you?... Here's your opportunity...
Re: (Score:3, Interesting)
Yep, it's been used over here, and runs on Linux live CDs. http://www.softimp.com.au/evacs/index.html [softimp.com.au]
There's a Wired article here: http://www.wired.com/techbiz/media/news/2003/11/61 045 [wired.com]
Re:I smell a business opportunity here... (Score:5, Interesting)
Another group of companies who are ideally positioned to benefit from this are gaming machine manufacturers. In fact, since ATMs probably aren't as open to government scrutiny and regulation as your average video poker machine is, the gaming machine manufacturing industry is probably *better* positioned to comply with government regulation and produce a tamper-resistant system than Diebold is, and could probably fairly easily adapt one of their gaming platforms to the purpose - you sign in, you get a card to insert in the machine (good for one "voting credit"), you make and review your choices, you collect the machine-punched verification card and "voting card" and deposit both in the appropriate boxes on the way out (with the punched "ballot paper" really only being for verification and tamper-control purposes). Forget the privacy concerns - the voting cards needn't be traceable to any particular individual, and could be constantly re-coded with one-time-use "voting-credit-numbers" as they're recycled during the course of the day - and since the paper electoral rolls won't have timestamps on them, there'll be no way to tie the time of use of a particular voting-credit to a particular voter. To me, this almost seems natural and self-evident, and I'd be very surprised if there weren't gaming companies considering either doing this themselves or spinning off subsidiaries to do this themselves.
Parent
Who's Behind The Curtains? (Score:5, Interesting)
by Bob Fitrakis.
Link: http://www.commondreams.org/views04/0225-05.htm [commondreams.org]
More: " (Bev) Harris writes that the hacked documents expose how the mainstream media reversed their call projecting Al Gore as winner of Florida after someone subtracted 16,022 votes from Al Gore, and in still some undefined way, added 4000 erroneous votes to George W. Bush. Hours later, the votes were returned. One memo from Lana Hires of Global Election Systems, now Diebold, reads: I need some answers! Our department is being audited by the County. I have been waiting for someone to give me an explanation as to why Precinct 216 gave Al Gore a minus 16,022 [votes] when it was uploaded. Another hacked internal memo, written by Talbot Iredale, Senior VP of Research and Development for Diebold Election Systems, documents unauthorized replacement votes in Volusia County.
Harris also uncovered a revealing 87-page CBS news report and noted, According to CBS documents, the erroneous 20,000 votes in Volusia was directly responsible to calling the election for Bush. The first person to call the election for Bush was Fox election analyst John Ellis, who had the advantage of conferring with his prominent cousins George W. Bush and Florida Governor Jeb Bush."
And: "Documents illustrate that the Reagan and Bush administration supported computer manipulation in both Noriegas rise to power in Panama and in Marcos attempt to retain power in the Philippines."
Two words: crooked casino.
I guess their new slogan didn't work. (Score:3, Funny)
Surprising (Score:5, Funny)
According to Wikipedia, Diebold machines perform flawlessly with impenetrable security.
http://slashdot.org/article.pl?sid=07/08/14/14532
A rose by any other name? (Score:5, Funny)
[Marketing Guy] Let's rebrand.
[CEO] Ok, what do you suggest?
[Marketing Guy] How about "Blossom"
[CEO] I love it. Lets run with that...
Smells Like Republicans! (Score:4, Insightful)
They will rebrand, reorganize, etc., but in the end, don't forget their loyalty is to one political party. That is where the lobbying money goes, so you know who to blame whenever there's an e-voting fiasco.
Re: (Score:3, Insightful)
Re: (Score:3, Funny)
MS is aimed at corporations, who are top heavy with clueless idiots. You can point out the obvious to them, and they will blindly keep doing whatever it is they were doing, even if it tanks the company. Afterwards, they will be hired by another company to do the exact same thing over again, only they will get paid WAAAAY more this time around.
Re:Good idea. (Score:5, Funny)
Now when elections are stolen, people will be PESsed off.
Parent
Re:Good idea. (Score:4, Funny)
Matrix voice: "We've been watching you for some time Mr Anderson".
Parent
Rebrand the discussion -- computer assisted voting (Score:4, Informative)
It's not a perfect system but it provides the basis for a system that's pretty much on par with paper. That is, the problems with election fraud we would see would be the same types of problems paper ballots suffer from (ie people voting twice, someone stealing a ballot box, some poll running out of paper).
This is what is in the draft proposal for New York State voting machines (among many other requirements regarding privacy and the disabled etc). But I only found this out recently by clicking on a signature from a slashdot poster. I encourage everyone to take a few minutes and visit http://www.blackboxvoting.org/ [blackboxvoting.org] and check what sort of voting machines your state has, is testing, or is thinking about getting.
Also, for those new yorkers out there, you may want to visit this page [state.ny.us] about the testing underway for NYS eletronic voting machines for 2008.
Parent