Diebold Admits Flaw In Voting Software 281
NewYorkCountryLawyer writes "At a public hearing in California, Diebold's western region manager has admitted that the audit log system on current versions of Premier Election Solutions' (formerly Diebold's) electronic voting and tabulating systems — used in some 34 states across the nation — fails to record the wholesale deletion of ballots, even when ballots are deleted on the same day as an election. An election system's audit logs are meant to record all activity during the system's actual counting of ballots, so that later examiners may determine, with certainty, whether any fraudulent or mistaken activity had occurred during the count. Diebold's software fails to do that, as has recently been discovered by Election Integrity advocates in Humboldt County, CA, and then confirmed by the CA Secretary of State. The flaws, built into the system for more than a decade, are in serious violation of federal voting system certification standards."
Calling into question... (Score:4, Interesting)
...every election that these machines have been used for in each of those 34 states. If the machines should not have passed certification, and yet they were certified (were they?) then the agency doing the certification ought to be brought up on charges as well, and any OTHER systems that they certified ought to be open to question as well. This could get you dizzy.
---
Read my political short stories at http://klurgsheld.wordpress.com/ [wordpress.com]
American Idol (Score:5, Interesting)
Up until the last election it seems that most Americans thought the election for American Idol was more important. I hope that the last election marked a change in this attitude. It'd be nice if we could avoid electing another idiot to high office... Aaah who am I kidding?
Re:Umm, duh? (Score:0, Interesting)
The old system (ballot boxes) could easily be gamed (stuffing, anyone?). Any system is subject to gaming at some level or another (from voter coercion or inducement all the way to crooked supervisors of election).
This is much ado about nothing -- well, it's about something: Slashdot longstanding hatred (and NY Country Lawyer's newfound hatred) of Diebold.
So why all of a sudden is NY Country Bumpkin so anti-Diebold. Has he perhaps found a pulpit here and a bunch of rabble-rabble-rabble sycophants to preach to? Yes he has.
Mod me down, but you know I'm onto something and the metamods will agree we me as well.
Re:and who's going to CARE? (Score:5, Interesting)
But the problem is that they probably have a EULA which excludes any damages in whatever form whatsoever (limited warranty). This would then require the invalidation of that clause, which then could be a devastating result for the software business as a whole. No software company wants to pay for any damage ever...
Re:and who's going to CARE? (Score:5, Interesting)
I've seen it (Score:5, Interesting)
I used to work as a "Computer Audit Analyst" for the Florida Division of Elections, certifying voting systems for use in the State of Florida. Certification for Premier/Diebold, ES&S, and Sequoia was pretty much a given, no matter the fact that their systems are complete shit and the certification process is a joke. Scan a few thousand ballots, have an independent testing lab review your source code, and you're good to go. Google "sequoia yellow button" to see what I mean.
Not to mention the attitudes of the folks who work there. They call people like me "activists" with a sour tone of voice, grudgingly fill public records requests, and the newly-built [2006] voting-systems lab was the size of a damn closet. Think the types of people who think F/OSS is so high-school students have something to tinker with.
Sadly, most American voters don't even think about the voting backend, and are wholly uninterested in the fact that three corporations have a legally-enforced triopoly in voting equipment, sell overpriced shit to the counties, and take legal action against anyone who finds security flaws in their systems.
Re:One Word: Scantron (Score:1, Interesting)
They've admitted lots of flaws. (Score:5, Interesting)
Re:and who's going to CARE? (Score:5, Interesting)
It's a shame your constitution defines treason so narrowly.
Re:and who's going to CARE? (Score:3, Interesting)
Declare all elections held using Diebold equipment null and void. See what happens then.
Re:and who's going to CARE? (Score:2, Interesting)
there is consumer software and there is software for critical applications like
1. medical equipment
2. power plants
3. space missions
4. defense operations
which require very high standards. and even if they cost 10 times as much, you just can't use lower grade replacement there.
Re:and who's going to CARE? (Score:2, Interesting)
No it isn't, believe me. This is bullshit. We walked into this on our own, staring right at it, refusing to see because it might jeopardize their favorite lizard's chances. Now, after doing nothing about it, the "victims" want revenge. Diebold, or whatever they call themselves, should lose their corporate charter, and the offenders fined from their personal accounts, and possibly future profits garnished also. Sweet and simple
Re:and who's going to CARE? (Score:3, Interesting)
But the problem is that they probably have a EULA which excludes any damages in whatever form whatsoever (limited warranty). This would then require the invalidation of that clause, which then could be a devastating result for the software business as a whole. No software company wants to pay for any damage ever...
I don't know about Diebold specificaly, but the licenses I've seen, including those from MS, usually specify that the maximum liability is the cost of the product, in other words, "a full refund" but no more.
Re:and who's going to CARE? (Score:3, Interesting)
Mitch Trachtenberg, a volunteer AFAIK, was able to scan all of the ballots post-election and tabulate them using his own open-source software. The discrepancy between his results and the official results is what led to the discovery of the flaw in Diebold's software.
Whether Diebold is a villian here or not is clearly debateable. But the hero is Mitch and anyone working with him to independently verify the results. In this case, he is the check in checks and balances.
These guys fucked with elections... hang them (Score:3, Interesting)
You don't fuck with elections. The reason we have elections is so that we don't have to murder tyrants all the time. Its a courtesy to the people in power that we remove them from office with a ballot instead of a razor sharp blade.
When stupid worthless moronic assholes like the ones working at Diebold, who intentially designed their equipment to make elections more stealable, start fucking with the electoral process for personal gain on such a widespread level, the only answer is to convict them of treason and hang them from the nearest high tree.
Re:There is a lot of talk, and little action. (Score:2, Interesting)
We like to have anonymous elections in the US.
I should amend that, we used to, and legally should be able too. With pre-voting/Lazy absentee (non absent) balloting the percentage of anonymous votes is going down.
I fear for a time not too far away, where the boss wants proof you voted for their candidate to keep your job. With the ability to have proof of who you voted for (ballots are a matter of public record, and absentee ones are not usually anonymous) the option to be anonymous is worthless.
Re:There is a lot of talk, and little action. (Score:4, Interesting)
And here's your first clue. Diebold is in the business of making ATMs.
Heise security has a story that there's malware around specifically targetting Diebold ATMs running Windows...
http://www.heise.de/security/Windows-Trojaner-auf-Diebold-Bankautomat--/news/meldung/134794 [heise.de] (in German)
http://www.sophos.com/security/blog/2009/03/3577.html [sophos.com] (blog entry the article refers to)
Re:There is a lot of talk, and little action. (Score:2, Interesting)
Well, they are currently trying to elaborate on that cover story by having trojans on their ATMs:
http://www.sophos.com/security/blog/2009/03/3577.html [sophos.com]
So they can believably go for the "yes we are THAT stupid" defense.
Re:There is a lot of talk, and little action. (Score:4, Interesting)
Illinois, with a Democrat Governor, two Democrat Senators, and whose state senators and representatives are mostly Democrat, doesn't use Diebold.
I'd like to see a state by state breakdown of which states use Diebold, and how many of those who use Diebold are "red" states.