Diebold Threatens to Pull Out of North Carolina 615
foobaric writes "A North Carolina judge ruled that Diebold may not be protected from criminal prosecution if it fails to disclose the code behind its voting machines as required by law. In response, Diebold has threatened to pull out of North Carolina." From the article: "The dispute centers on the state's requirement that suppliers place in escrow 'all software that is relevant to functionality, setup, configuration, and operation of the voting system,' as well as a list of programmers responsible for creating the software. That's not possible for Diebold's machines, which use Microsoft Windows, Hanna said. The company does not have the right to provide Microsoft's code, he said, adding it would be impossible to provide the names of every programmer who worked on Windows."
good! (Score:2, Insightful)
Put up or... (Score:5, Insightful)
*You are unwilling to
*You do not find it feasible to
*You find it technically impossible to
list the code in and programmers of your mission critical software that could have effects of the national security variety. The first? Maybe just greed. The second? Probably not a good sign. The third? If these people aren't getting the hint, something is seriously, seriously wrong here.
Proprietary shitware (Score:5, Insightful)
It suprises me that Diebold fails at this stuff so badly, considering how they've been doing it for years. I cringe every time I roll up to an ATM with their name on it. Luckily, my bank uses mostly NCR hardware
A Threat? (Score:3, Insightful)
Exactly how is this a threat? It's like terrorists threatening to take their ball and go home.
*Who* threatens? (Score:5, Insightful)
Something must be very wrong if the supplier is threatening the customer. What happened to the free market? If Diebold don't want the business, I'm sure another enterprising company will appreciate it.
Use Linux instead? (Score:2, Insightful)
Re:Message Loud and Clear... (Score:5, Insightful)
I think you guys are really reaching here. I don't see how what OS an application has to do with it. Providing the source code for the application should be enough. If Diebold is really taking this position, I think they are doing so to spread FUD. I don't think the state regulators care about the OS but rather the software used to control the voting machine. For you guys to buy into this is quite unfortunate and you are only helping Diebolds case by being sucked in by it.
Re:Message Loud and Clear... (Score:4, Insightful)
Re:Proprietary shitware (Score:5, Insightful)
questionable code (Score:4, Insightful)
i for one do not welcome our new data enabled overlords....
Re:Message Loud and Clear... (Score:4, Insightful)
Please tell me someone capitalizing on open source voting is standing around to seize the opportunity.
Re:Hmm... (Score:0, Insightful)
Re:as well as a list of programmers (Score:4, Insightful)
Re:Proprietary shitware (Score:2, Insightful)
Please buy a clue thanks. [microsoft.com]
Re:I knew it! (Score:5, Insightful)
Why not? That's what we use in the UK for all national, reginal and local elections. It's worked well enough for a few hundred years.
So tell me again (Score:3, Insightful)
And more suspiciously, why are they threatening to leave instead of complying as much as possible? The court (i.e. ruling judge) should be able to apply the law in such a way that Diebold discloses all of their code, and then any remaining proprietary code from other vendors can be handled with those other vendors. Or is it that Diebold has something to hide? If their code really is secure, and actually does what they claim then they should have no problem showing everything they legally own. There really isn't anything that should be a trade secret about vote tabulation. I, for one, think it's disgusting that any US company would actually do the country such a disservice by trying to obfuscate for profit a product which is meant to facilitate the practice of democracy. Honestly, the whole board should be deported for conspiring to commit vote fraud. It would trivial to prove their innocence, simply release the code. Any other excuse smacks of dishonesty. In matters of government the appearance of impropriety should be treated as impropriety until/unless demonstrated otherwise.
don't go acting all : surprised ... (Score:5, Insightful)
It is my understanding that this is a fairly common requirement for government contracts involving software. Diebold should have been aware of such requirements before competing for the contract. I mean, when the government's actually being responible and not just handing out plums to favored campaign contributors.
Hell, they're probably not even going to audit the code. They just want to protect themselves if Diebold goes out of business, or loses the contract on re-bid or something. I mean, sure, they can potentially audit the code, but I haven't heard of such a thing ever happening. It's about support and fixin' bugs an shit.
Re:Put up or... (Score:2, Insightful)
The latter being very able to be influenced by interactions between the 'for-profit' companies and said officials through contributions, bribes, and other less savory methods.
This is something just too important to put in a black box. To me it's the very fabric of our nation at stake.
Of course why a paper ballot and pen isn't good enough baffles me...
Re:Put up or... (Score:5, Insightful)
Risks are called that for a reason. If Boeing wants to take risks developing an aircraft that's their buisness. We're not (supposed to be) obligated to buy it - and if it crashes into the desert, it's abundantly clear that it didn't work.
But voting machines are a different beast. If they don't work (and this is only more of a problem without a paper trail) it's very difficult to prove it. So the real question is this -- do we want people taking risks with the electoral process?
Ultimately there needs to be some metric by which Diebold's (and it's competitors') machines are judged. In the absence of that metric, a free market is impossible and they are quite literally taking risks with our Republic.
It's obvious (Score:3, Insightful)
I fail to see the downside of this?
All states should start requiring voting machines to be open source, and when Diebold doesn't comply because it's rigged, they can be banned without discriminating against the company specificly. Well done SC. Has SC ever been the leader in a good way for laws before?
Additionally, all electronic voting must come with a paper ballot that goes into the backup ballot box, and should be visible to the voter before it goes in. You might need to have the voter hand shove their paper stub - but printing ballots on site might introduce other problems.
Re:Hmm... (Score:5, Insightful)
NC doesn't want to know who coded Windows or to get Windows source code: NC wants to see the software package that tracks and tallies the votes. Yes, you could try to stretch the meaning of the statute, but NC isn't trying to do that: Diebold is trying to in order to claim that compliance with the statute is impossible.
The real issue here is that Diebold doesn't want NC to see what's in Diebold's code. Makes it awfully suspect to me...
Not True (Score:3, Insightful)
You could Fork an open OS, rip out all the non-relevant bits call it LxVote v.1 and then declare that you take responsibilty of the code.
In effect making you 'the developer' of the product you release.
This is what they are really looking for, who has looked at this code,and who is responsible if it doesn't count right.
There are sone OS"s where all the developers are known. GOTO springs to mind.
Re:Hmm... (Score:5, Insightful)
Diebold is trying to interpret the statute to mean more than it says.
Actually the statute says exactly what Diebold was afraid it was saying. The state wants the source code to everything running on the voting machines. The second you start splitting the software into "disclosed" and "non-disclosed" boxes, the vendors will find a way to hide as much of their source code as possible. So we cut that off by requiring everything.
Note: I worked with members of the General Assembly on the original draft of the law, its numerous revisions, and the lawsuit.
-jdm
Re:Not True (Score:3, Insightful)
Due to the wording of the law, this may not be sufficient. Remember, it is the letter of the law and not the intent that causes problems.
Re:Proprietary shitware (Score:2, Insightful)
It's simple really, people are more concerned about money than maintaining a democracy (okay, a republic).
Re:Put up or... (Score:5, Insightful)
But voting machines are a different beast. If they don't work (and this is only more of a problem without a paper trail) it's very difficult to prove it. So the real question is this -- do we want people taking risks with the electoral process?
No they're not!
A voting machine is a machine. An airplane is a machine. We know they work or don't work by testing them.
Your comparison is flawed, because you allow testing on the airplane. Anybody who gets on your example airplane after it crashes in the desert is an idiot, as is anybody who gets on before the plane makes a few hundred safe trips. Anybody who bought those diebold machines before knowing anything about them was an idiot [whitehouse.gov], anybody who bought them when the problems were coming out is an idiot [house.gov], and anybody who buys them in the future is an idiot [senate.gov].
The problem in this case, is nobody has tested this product adequately. A smart consumer wouldn't buy an airplane held together with duct tape and powered by rubber bands, and that's essentially what the diebold machines are with their numerous security flaws, and lack of paper trail.
In this case, the problem is that there is no smart consumer. There is only the government.
Re:Proprietary shitware (Score:5, Insightful)
Because the groups buying the slot machines (casinos) have a vested interest in having quality products so they can make money. Therefore, they won't risk anything but the best.
Politicians & bureaucrats don't care. They're nearly impossible to fire (no matter how badly they screw up), and when they do leave, they have lucrative retirement benefits, and offers from lobbyist firms or the firms they took bribes...er I mean...campaign contributions from while in office.
Re:as well as a list of programmers (Score:3, Insightful)
But I agree - why they can't hire some people to custom-write some software to do this is beyond me. It'd probably end up cheaper and more stable. Kinda makes you wonder what Diebold expects North Carolina to pay them for when Microsoft did most of their work for them.
This Is Just Ass Backwards (Score:5, Insightful)
I am a Citizen and an Elector (member of the Electorate) in the US. That puts me at the TOP of the pyramid in the election process. In the US, the Electorate is Sovereign. Where does Diebold or any other corporate entity get off trying to dictate how elections are held? They act like they have some god-given right to make money off of the process. Fuck that! They have a right to come grovelling, hat in hand, and ASK if maybe, just maybe, we might want to use some equipment they want to sell. We get to set the rules about how elections are held, not them.
My county uses optical scan ballots and ballot box readers. If a precinct shows some sort of wierd result, the elections commissioner, in the company of plenty of witnesses, pops that sucker open and looks at the ballots. End of problem.
I frankly don't give a damn if results aren't available until Wednesday morning, or even Friday. They aren't certified official for weeks, anyway. The only difference early results make is who gets hammered for what reason at what post-election party.
There is nothing more important than the election process. All legitimacy of the government flows directly from it. Diebold has no fucking place dictating any damn thing about that. Paper ballots work. If they are slow and more costly, that is a small fucking price to pay for legitimacy.
[/Rant]
Re:Hmm... (Score:3, Insightful)
Hell, aside from that, ATMs can depend on a well-connected private backbone network, with company owned lines and premise equipment.
Well connected? The last time I checked most ATMs at grocery/convinance stores used dialup to connect. Bank owned ATMs may or may not have a leased line (the ones my credit union uses do).
So how exactly is a hybrid network of 56k leased lines and dialup connections any better connected then most residential homes? Because it's a private network instead of the internet? Are you making that argument for security (probably moot because it's encrypted anyway) or reliability (explain why dialup to private network is more reliable then dialup to ISP -- they both have the same point of failure)?
Diebold is culpable for aquiring them - after a technology assessment - and continuing in this fashion. Possibly with the intent of enabling fraudulent vote recording and tabulation. Certainly Diebold "stonewalls", misrepresents and obfuscates every attempt to legitimately investigate their capability, practice and compliance.
I don't know if I'd make that leap as much as I detest them. This seems to me like the typical corporate nonsense of trying to put out a shoddy protect for a Government contract. That's what a lot of the leaked internal memos read like.... "Oh, just turn on the BIOS tests, since they want to see a screen where our protect does a self test" I have a hard time buying that they could rig them to purposefully record inaccurate votes and keep it a secret. There's got to be one Democrat/Liberal working on the code. Ditto for a Republican/Conservative if they were trying to rig it for the Dems.
Mind you, that doesn't make it any better then if they were trying to rig elections. I've worked as an elections inspector in NY (this was the last year of our lever based machines) and I do not see why we even need electronic voting machines -- paper trail or not.
But I don't worry about their ATMs!
I don't worry about their ATMs because if they made a shoddy product and sold it to a large bank then eventually that bank would find out. At the very least they would no longer do business with them -- perhaps they would even wind up suing Diebold for selling defective products. Unfortunately where voting machines are concerned, Government contracts are concerned -- with all of the politics, backstabbing and ineffective bureaucracy that goes along with them.
Re:Hmm... (Score:3, Insightful)
Verify that a miscount did not take place.
Prove that each voter's vote was recorded as they intended.
Show that only voters eligible to vote voted, and
that each only voted once.
Re:Hmm... (Score:5, Insightful)
Or how about you send each registered voter a voting card, which they hand in at a polling station on election day. They get given a voting paper, go into a booth, mark and seal their paper, then drop it into a black box. Votes are then counted by hand later. Say, that could work
The problem with that is that the votes get counted by a human being and human beings have prejudances. Anybody who tells you that they are 100% impartial is lying.
Care to tell me what exactly is wrong with the lever based voting machines that New York has used for the last 40 years? The voter signs in -- if there are any problems they get challenged by an inspector (very rare) -- they go into the machine, they pull down levers, the votes are counted and that's it.
The way some other states (Florida) do elections dumbfounds me. In NYS you are allowed to take anybody into the poll with you other then your employer or union offical. I watched party hacks challenging 85 year old voters in Florida because they asked their 60 year old children for help. WTF is that nonsense? And ID requirements? Yeah, that isn't a way to screw over poor people who might not have a drivers license or DMV ID -- last time I checked those cost money.
In NYS now you are required to give your social security number or drivers license number at the time you register. The State verifies your information against the SSA or DMV database. If you can't provide that information then and only then do you get flagged for ID. And after you have showed it once then you never need to show it again. What's the problem here? There isn't much room for fraud -- in most of the districts the elections inspectors know most of the voters. And we have the right to challenge anything suspicious.
How the hell can other states fuck this up so badly?
Re:Hmm... (Score:3, Insightful)
Centralized vote counting is the root of the corruption in the US voting system. Moving ballot boxes to "counting centers" is wrong - it allows focused corruption. Computer counting is wrong - it allows focused corruption. Distributed counting is *much* harder to coopt.
Re:Hmm... (Score:5, Insightful)
Re:Put up or... (Score:1, Insightful)
Voting machines use software. Software does nothing but manipulate numbers. Any software can be proven mathematically correct (assuming it actually is correct). It is very expensive to do so. Generally, it is only done in safety-critical systems such as medical devices and nuclear power plants. When it comes to voting machines, proving the code mathematically correct is well worth the expense. It should be a prerequisite to the machine being certified.
Re:Hmm... (Score:4, Insightful)
Wrong. A script that purports to be a copy of the source may be open for everybody to read. The source that actually gets used is on a corporate computer where it can only be read by a few programmers, and the binaries that are produced are invisible magnetic patterns that can't be read by anybody. In between the purported source code and the actual binary code are half a dozen places where someone could have broken in to the system (whether physically, electronically, or just by handing over enough money) and inserted a back door.
Although it may be possible [voterverifiable.com] to create a primarily electronic system which doesn't allow votes to be undetectably changed or removed, it's not simple, and it requires you to cope with the possibility that the hardware or software may be tampered with. This isn't an easy problem, which is why most democracy advocates want to replace it with a simpler problem: creating a primarily paper system with electronic interfaces that allow paper ballots to be more easily and accurately created and counted.
Re:paper trail, seriously. (Score:5, Insightful)
Because that would make it easier to prove election-fraud. See? It's simple when you hear the answer.
TWW
Re:Hmm... (Score:5, Insightful)
And there is no way that you could play tricks when counting, either. There'll always be at least six people there at the same time, counting; people who do this are recruited randomly (it's much like jury duty). Furthermore, more often than not, officials from the local administration will be present to oversee the whole thing; and also, the vote counting is open to the public, so everyone who wants to can come in and watch the votes getting counted.
The votes are counted twice, too, so it's relatively unlikely that an error would creep in. If there is any error at all, the whole counting process starts again from scratch.
And finally, the paper ballots are kept for a long period (I know it's a two-digit amount of years, although I'm not sure how long exactly - I'd have to look that up), so *if* someone - anyone! - thinks that the election results are invalid, a recount will be done.
Compare that with the things like the 2000 presidential elections in the USA, where the supreme court ruled that a vote recount was *not* legal - how can you *ever* justify a decision like that? Vote recounts should always be possible.
There's other differences that also give me more confidence in the German voting system; for example, we typically have participation levels around 80 to 85 percent in nation-wide elections, there are no lines when you want to vote (I think the longest I ever had to wait in line to vote in my life was two minutes or so), and you don't have to register to vote - if you're over 18, you'll get a notification in the mail.
So... a paper-based voting system not only can work, but it also can inspire much more confident than an opaque system where you just pull a lever or touch a touchscreen or do something similar without ever knowing how the machine supposed to record your votes actually works - and whether it works at all.
No, electronic voting is a bad thing that needs to be gotten rid of; the whole concept is so open for abuse that it should just be thrown out completely. Even when you have a paper voting trail, who says that the machine recorded the same vote that it printed on your paper slip? The only way to make sure would be to collect the paper slips from *everyone* in the same precinct, but that's pretty much impossible - not to mention that there certainly would be a court again that would forbid it, too.
Stick with paper voting. Everything else is bad for democracy, and voting is such a fundamental process in a democratic system that it should be treated with the utmost care. If you cannot *prove* that the new system you're proposing is not only as safe as the old one but also brings tangible improvements, then it shouldn't be adopted, and electronic voting, in whatever form, does neither.
Re:*Who* threatens? (Score:3, Insightful)
What has the free market to do with this?
This is a political issue, with political intent behind. Federal administration wants Diebold, some states resist. It is very obvious why.
USA citizens have a charming naivete about their political system that's kind of amusing.
For the rest of the world, a government insisting on a black box voting machine, is shouting FRAUD! FRAUD! from the rooftops.
Why do you believe your govenment is somehow less corrupt than the rest is beyond me.
Cheers,
Re:Hmm... (Score:5, Insightful)
It's a productive system for what it's supposed to produce- an honest count. It's not designed to produce millions of counts an hour. It's not designed to do things fast. It's designed to do things ACCURATELY.
Hanna basically said: (Score:3, Insightful)
Re:My thoughts... (Score:3, Insightful)
One down and 49 to go.
Re:Proprietary shitware (Score:4, Insightful)
Exactly. And that's a great requirement. The application in question is so sensitive, so important, and so specialised that I'm happy, as a taxpayer, to pay 2 or 5 or 10 times what it would cost to develop an off-the-shelf solution. The software in most military hardware is (or at least was until very recently) all purpose-built by contractors operating under some restrictions very similar to these: security clearances for all employees involved, which means names and background checks, code escrow, and even multiple independent implementations from different contractors used together in failsafe configurations. All of these safeguards and any others we can think of are appropriate for voting machines as well. I can't imagine that our nation is imperiled any more by a defective Tomahawk than it is by crooked voting machines. Death and slavery are, from the perspective of a democratic state, indistinguishable.
The requirements are entirely reasonable. If they can't be met by Diebold's current designs, Diebold can either design something that can meet the requirements (and increase their bids accordingly) or decline to bid on the project. Undercutting the competition by deciding not to honour some of the constraints isn't fair to the competition and it doesn't serve the needs of the buyer. Since the bidding process in NC is long since over, the only options at this point are altering the software to meet the constraints and eating the cost, or withdrawing from the contract. I don't really care which they do but simply refusing to perfom is not an option.
Re:Hmm... (Score:4, Insightful)
Uh. How about, "To ensure that the someone has not hidden code in the graphics drivers to rearrange the names of the candidates onscreen so the votes get tallied for the wrong person".
Why would you NOT want to review all the code? Blissful ignorance?
Re:Hmm... (Score:4, Insightful)
Certainly. However, there are many issues at play here, some of which may have not been reported (or with any emphasis) overseas.
The first big issue is that the rules for determining a valid ballot were changed for the recount. So, the rest of the US was using one method, and a few counties in FL were using another.
The argument made by Democrats is that the vote distribution would be same no matter the method. The argument made by Republicans is that the vote distribution would change, given that the method changed.
The second issue is that individual counties were being cherry-picked for recounts. Republicans wanted a few where Republican voters turned out strong, Democrats wanted a few others where Democrats turned out strong. Third parties were ignored.
The third issue was the worst. The FL state supreme court is completely made up of Democrats. The US Supreme court is more balanced, but with a conservative (Republican) edge to it.
With the first count, the Republicans won by a slim margin of votes. Close enough that the Democrats filed a lawsuit for a recount. The FL supreme court allowed it. The gap between the Republicans and Democrats closed a little. The Democrats wanted another recount. The FL supreme court allowed it. The US Supreme court steps in, and rules Bush the winner. Later (press initiated) recounts declare Bush the winner.
So, this is the source of continued controversy, in which each side continues to report misinformation about the events that took place.
Re:Hmm... (Score:5, Insightful)
Damn hard to PROVE when the machines in question were quickly locked up after the election, and there was NO official investigation into the complaints after Kerry ignored his constituents and conceded the election in Ohio. I heard the report on Air America Radio nearly a year ago now- in among other reports of 14 hour lines when the polls were only open for 12 hours due to misallocation of voting machines, ballots that were cast on paper but never counted, and upper class Republican neighborhoods getting preferential treatment for problems. I believe you could probably find something about it in Randi Rhodes' blog- which is about as useful for proof as Rush Limbaugh's blog.
btw, I do think Diebold's machines are probably corrupt, but your claim is ridiculous.
Why? If the code can be done as a joke, why NOT in a corrupt voting machine? And besides- my claim is only thirdhand knowledge at best- I said that there were reports of such behavior, not that I had seen it myself! I was 2000 miles away at the time!
Re:Hmm... (Score:3, Insightful)
The actual sequence of events seems relatively accurate, however I think the more important fact here is that studies after the fact showed that a full statewide recount would've been decided in Gore's favor (there was an issue about the overvotes that never got counted, all the disputes dealt with undervotes ). So what it looks like really happened is that the Gore team made tactical errors in cherry-picking their recount requests (there was some reason for it that I forget at the moment, I think having something to do with filing requirements).
Now, this is all an unpleasant trip down memory lane that none of us wants to really revisit, but I walk away with the clear impression, between the butterfly ballots, the staged Dade County riot (remember that one? ) disenfranchised non-felon felons, etc, etc that the majority of people in Florida went to the polls in 2000 intending to vote for Gore. I believe this was sustained by subsequent studies. I suppose the relevance in the context of the current slashdot article is that there's lots of ways to steal an election, as with many other things, technology just makes it more efficient (e.g. the career of L.B.J)
This could of course be a longer post, I don't think anyone's got the appetite for that. There's a fair amount of evidence, BTW, that e-voting threw Ohio to Bush in '04 for example, here [freepress.org]
Personally the day the Supreme Court decision came down in 2000 was the day I stopped believing that I live in a democracy. I know this might strike some as tinfoil hat country, I think I'm a reasonable guy and there's a fair amount of evidence to support this conclusion.
Re:Hmm... (Score:1, Insightful)
Re:Hmm... (Score:3, Insightful)