Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Security Government Politics

Vote Tabulator Security Hole Exposed 530

Doc Ruby writes "Black Box Voting has exposed a security hole in Diebold machines that tabulate votes collected from electronic voting machines. A code entered into the tabulator's user interface duplicates the "secure" counts into an insecure count which can be changed, and counted instead. The "double books" vulnerability and exploit were reported to the manufacturer over a year ago, and confirmed, while major customers (California and Washington states) were notified shortly thereafter. In spite of some revisions, the latest version of the software remains insecure. Diebold voting machines running GEMS version 1.18.x are vulnerable, running in about three dozen states. Although the software is widely deployed, and scheduled for use in shortly upcoming elections, risk mitigations are available, mostly protocols restricting physical or network access to the machines. Other auditing/accountability measures for ensuring only trusted access to the system are recommended."
This discussion has been archived. No new comments can be posted.

Vote Tabulator Security Hole Exposed

Comments Filter:
  • by Izago909 ( 637084 ) * <tauisgod@g m a i l . com> on Monday August 30, 2004 @06:42PM (#10113275)
    For all the banter that goes on here, we all know how this is going to turn out. Everybody bitches and moans about it, and the mainstream press runs toned down stories. In the mean time, people who know what's going on continue to look like crazy conspiracy theorists. End result: The public won't know or won't care until a massive mistake is uncovered after the person enters office and everyone realizes that they've been living under the authority of a false representative. Of course, that's provided said person doesn't pass a law to protect people in his situation once they're discovered.
    • by ackthpt ( 218170 ) * on Monday August 30, 2004 @06:49PM (#10113332) Homepage Journal
      End result: The public won't know or won't care until a massive mistake is uncovered after the person enters office and everyone realizes that they've been living under the authority of a false representative. Of course, that's provided said person doesn't pass a law to protect people in his situation once they're discovered.

      You give people too much credit. The level of complacency after the 2000 fiasco, which no doubt some very sharp minds took note of, underscored that people just really as a whole don't give that much of a damn about democracy in the US anymore.

      So ironic in the face of what's been happening in Honk Kong, as people vie against the Beijing political machine to retain or advance their democratic cause -- the country which lit a the fire of democracy lacks passion.

      It's sad to say, but this system could be hacked 10 ways from Sunday and people would grumble, but you'd hardly see the kind of response it should warrant.

      • by Short Circuit ( 52384 ) * <mikemol@gmail.com> on Monday August 30, 2004 @07:03PM (#10113432) Homepage Journal
        The original country that ignited the passions of democracy was wiped out in a war with Sparta thousands of years ago...

        The country that currently champions democracy, well, yeah, we do lack passion.
        • Things Fall Apart (Score:5, Insightful)

          by jefu ( 53450 ) on Monday August 30, 2004 @08:13PM (#10113786) Homepage Journal
          From the poem "Things Fall Apart" :

          The worst are full of passionate intensity
          And the best lack all conviction...

          But I suspect that that is always true - the best are by their nature capable of empathising with people on both sides of a question, and capable of seeing the logic on both sides. Hence they find it hard to be passionate.

          True passion, I fear, probably comes from ignorance stoked by fear and testosterone.

      • by tedit ( 809575 ) on Monday August 30, 2004 @07:32PM (#10113575)
        When less than two dozen congressional seats are actually contested at any given election due to gerrymandering, and the electoral college system restricts the salient portion of the electorate to less than a dozen states, one wonders why Americans are so apathetic when so many of them are clearly disenfranchised out of the federal electoral process by an archaic voting system (the electoral college), or partisan state legislatures that draw ridiculously shaped congressional districts.

        My theory is that the media, with its constant attention on "poll numbers" and the presidency, neither of which have any bearing on actual electoral results, have conditioned the many Americans who didn't pay attention in history class that we actually live in a direct democracy instead of a representative one.

        On the other hand, in some ways its difficult to argue "disenfranchisment" - after all, California still counts, despite the fact that the Republicans have no chance there, and so does Texas. So does voting for an individual legislator - but only if no one else does. Unlike in Hong Kong, we are afforded a democracy. The distinction here is that it takes far more attention than the average person has, be they American, Chinese, or North Korean to realize how arbitrary and disproportionate our democracy is.
        • The problem is not the Electoral College per se, but the "Winner Take All" system that most states use to allocate their electors. If it was divided up a bit better it would spread it around.

          Example: Under the Constitution, each state is allocated one elector for each Representative and each Senator. Allocate electors by Congressional districts (i.e. for each district, send the elector for the candidate that won said district), plus two winner take all for the whole state.

          Then, if you're a Republican i
      • For starters, the United States is a Representational Republic, not a Democracy. A Democracy doesn't scale beyond a few thousand people.

        One man's lack of rioting and civil war is another man's lack of rioting and civil war. GWB got in on a technicality. About half the country hates him for it. The other half hates the first half for being sore losers. And half of both sides really couldn't tell you what the president REALLY does anyway.

        The Constitution is less about rights than about the orderly functioning of Government. Every handover of power in the US has been peaceful. No matter how bitterly contested, never has the victor been decided by shots fired in anger. (Ok, there was that massive civil war where the North basically burned the South to the ground... but that's merely an inconvient fact in an otherwise perfect theory...)

        • by demachina ( 71715 ) on Monday August 30, 2004 @08:53PM (#10114149)
          Not sure exactly what was insightful in this post.

          "The Constitution is less about rights than about the orderly functioning of Government."

          Excepting that you are conveniently forgetting that attachment to the Constitution called the Bill of Rights, which is about nothing but rights, especially noteworthy being the Tenth amendment:

          "The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people."

          This amendement is the sweet one and was put there by the founding fathers, who had amazing wisdom, vision and foresight, because they dreaded the prospect of a power grab by a central government, a party, a President or Congress, especially if they acquired imperial aspirations much like we are seeing today.

          The Republican party really seems to have concluded that they are the only party able to run America and the Bush family is for all intents and purposes attempting to form a dynasty to lead the empire. The Founding Fathers really dreaded the prospect of a President acquiring the trappings of the monarchy they hated so much in the King against whom they rebelled. His name was George too. How far America has fallen and how ironic that we once again seem to have a King George, just like the one the founding fathers rebelled against.

          The Republicans are no doubt rationalizing to themselves that what they are doing is in the best interest of America, its OK to rig the election to stay in power, since they are the one true defender of the nation. Its OK they are destroying the foundations on which America was built in the process of "saving" it from its enemies, whether they be Muslim extremists or Democrats.

          You can slam me for conspiracy theory but I can retort with the simple fact that Richard Nixon, also a Republican, was forced out of office for engaging in illegal activity to insure his reelection and hold on power. There is precedent. The Bush's just seem to have taken it to a whole new level today by exploiting computers.

          Sorry to say it to you but you really don't live in the free country you thought you did unless everyone bands together to take it back.
          • by PsiPsiStar ( 95676 ) on Monday August 30, 2004 @09:07PM (#10114253)
            that we once again seem to have a King George


            Another King George the Third, no less.

            Of course, you don't give the British enough credit. Rebeling against the king was largely a symbolic gesture. The Brits had a parliment then, and while the house of Lords was hereditary, the house of commons at least was somewhat representative.

            Halfway through the Revolutionary war, the Brits actually offered America their demand of representation, but they turned it down. They'd gone too far.

            The reasons for the revolution were partly economic, incidentally, and similar to the later civil war since we've brought that up. The more industrialized sector (England, the North) needed the supplier of raw goods (America, the South) but the supplier of raw goods didn't like the terms that the industrialized sector was offering. So they rebeled.

            I agree with you completly. Parts of the Republican party have really started to believe their rhetoric about how they're the "Only Moral Party" and the end result will be an assault on democracy, coupled with the inevitable justification that their adversaries somehow started it.
            • by demachina ( 71715 ) on Monday August 30, 2004 @09:43PM (#10114454)
              Well I agree with you completely too except I'm missing George III. Thought George W. was George the II. His dad being George the first. His grand dad was Prescott and I think before that it was Samuel though I'm a little hazy that far back. Bert Walker, George H.W. Bush's maternal grandfather was a key Machiavellian figure who helped propell the family to power and wealth along with the Harriman's, Bunny Harriman being a Yale class mate of Prescott Bush, fellow Skull and Bones man. Prescott did the day to day dirty work managing Harriman investments including working at Union Bank which was seized at the start of World War II since it was the American investment front of the Thyssen family, one of Germany's richest industrial families who helped throw support of German industry behind Hitler at a crucial point and helped insure his rise to power. It was quite the embarrassment to the Bush family at the time and appeared in one of the New York papers at the time. They managed to hush it up though. The documents on the seizure of Union Banking listing Prescott's name were declassified a few years ago and are available in the National Archives.

              The Presidents middle names Herbert and Walker are tributes to Bert Walker who was a globetrotting manipulators of empires.

              Another vein of this conspiracy theory is there is actually still a Tory party in the U.S. and its power base sits squarely in Connecticut and at Yale, the power base of the Bush family. They lived in Connecticut before they moved to Texas and there is now at least four generations of Yale alum in their family.

              The wealthy elite that sits there has for sometime been operating on the same basis British nobility did, that most people are rabble and you can't trust them to govern themselves, so you need a cultured, schooled, moneyed elite to run things and that is pretty much what the Bush family and the Republican party is doing today. Of course Skull and Bones, the Yale secret society sits at the heart of this tory party. Wouldn't be suprised if they arranged the Democratic nomination for Kerry, also Yale grad, also Skull and Bones, with it predetermined that he will fall on his sword in by November as another avenue to insure George W. can't lost in November.

              There is probably some truth to the idea that most American's are to dumb to govern themselves but unfortunately the moneyed elite that are doing it in their stead tend to govern in ways that are most likely to increase, enhance and extend their wealth and power, often at the expense of the rest of us.
        • by DreamerFi ( 78710 ) <john.sinteur@com> on Tuesday August 31, 2004 @12:14AM (#10115299) Homepage
          A Democracy doesn't scale beyond a few thousand people.

          I guess Switzerland, amonst others, would take issue with that statement...

      • by John Miles ( 108215 ) on Monday August 30, 2004 @07:53PM (#10113678) Homepage Journal
        The level of complacency after the 2000 fiasco, which no doubt some very sharp minds took note of, underscored that people just really as a whole don't give that much of a damn about democracy in the US anymore.

        One way to interpret hairsplitting fiascos like the Y2K election is that perhaps it doesn't really matter who wins.

        That could explain the lack of revolutionary outrage after the (s)election of Bush. The reason the 2000 election was so close was that the outcome, in the collective hive-mind that is the American electorate, just wasn't that important.

        Landslides tend to happen when things suck, the candidates offer genuinely-different positions, and the need for change is acute (e.g., Carter's loss to Reagan in 1980). We're heading into another epsilon-fest in 2004, it seems, because the public is being given a choice between two rich white guys from Skull & Bones whose policies appear all but indistinguishable [cnn.com].
        • by Skater ( 41976 ) on Monday August 30, 2004 @08:10PM (#10113768) Homepage Journal
          I think you're close, but just a little off: maybe the US in general didn't like either candidate in 2000.

          --RJ
      • 2000 election (Score:3, Informative)

        by dpilot ( 134227 )
        Besides, the chads in 2000 were sleight-of-hand, with differences in the few hundred to few thousand votes. Somehow they distracted us from the systematic disenfranchisement of tens of thousands of black voters by mis-classifying them as felons. The story I read on the topic, link lost, but easy to find on google, made it seem deliberate. But even if it wasn't, it was badly WRONG. Malfeasance or Misfeasance, take your pick. Both are cause for impeachment. Instead, the person at the top of the process is a P
    • by Anonymous Coward on Monday August 30, 2004 @07:03PM (#10113427)
      The number of security flaws with these machines has been tremendous, not to mention odd little programming tricks like dividing and multiplying the number of votes by 1 (anyone doing a little binary patching should know why this is significant).

      The CEO of Diebold is a friend of Bush and, during a charity dinner, has stated that Diebold will do everything it can to deliver as many votes to the Republicans as possible.

      A few gubernatorial elections using Diebold machines have had upset elections going to the Republicans when exit polls suggested a Democrat victory with 60+% of the vote.

      It could be a coincidence but the secrecy and suspicious number and types of bugs does not bode well.
    • by Deep Fried Geekboy ( 807607 ) on Monday August 30, 2004 @07:49PM (#10113656)
      A huge scandal is exactly what this Diebold fiasco needs, and nothing is going to happen until it does. Every ambitious local journo in the country should be assiduously courting sources in the local elections offices. Eventually someone will Watergate it. That's the only way it's going to change.

      I know this because I was once an investigative journalist. You would happen upon a story that seemed so shocking it was unbelievable, and when you asked around, everyone involved would say "Oh, yeah, that's right, everyone knows about that".

      In one case (abuse at a psychiatric hospital) there were 600 documented allegations of abuse which had been investigated. Not one had been upheld, because the evidence of psychiatric patients was held to be unreliable. When we exposed it, it became national headline news for several days and resulted in year long government inquiry and, finally, change.

      But everyone already knew about it.

      Diebold is going to blow up horribly and sad to say the sooner it does the better. People are not interested in potential vulnerabilities, only post-facto scandals.
    • Of course, that's provided said person doesn't pass a law to protect people in his situation once they're discovered.

      Dispite being ineligable to run for president due to not being old enough, I fully expect to win by a landslide this year on my one single campaign promise... 100% of the 2004 US treasury divided equally between all of the diebold stockholders, employees and thier respective family members and friends.
  • Email (Score:3, Insightful)

    by Klar ( 522420 ) * <curchin@g m a i l .com> on Monday August 30, 2004 @06:43PM (#10113278) Homepage Journal
    Heh, why not just use email like the article [slashdot.org]earlier today?
  • Let me know (Score:5, Funny)

    by Dwedit ( 232252 ) on Monday August 30, 2004 @06:43PM (#10113280) Homepage
    Let me know when a candidate named "Diebold Sucks" wins 15% of the popular vote.
  • by GillBates0 ( 664202 ) on Monday August 30, 2004 @06:44PM (#10113289) Homepage Journal
    ...just how many of these "holes" or rather bugs were intended to be features.
    • by jd ( 1658 ) <imipakNO@SPAMyahoo.com> on Monday August 30, 2004 @06:58PM (#10113392) Homepage Journal
      Oh, that seems certain. The "enter a code and we'll count the wrong column" 'bug' is almost certainly a left-over from code testing. That sort of "bug" doesn't occur because of a typo in a program, it's a deliberate test for a condition followed by a deliberate change of column selection.


      Once "QA" (or what passed for it) was complete, either they forgot to remove the code, or they thought it might be a useful monitoring/debugging tool in the field.


      Normal coders would wrap any such test-only code in #ifdefs, so that it wasn't active for normal use. But these aren't normal coders, so we can't assume that.


      However, it is entirely on-par with people like Cisco shipping routers with a trivial password for the technicians.

      • by tkrotchko ( 124118 ) * on Monday August 30, 2004 @08:09PM (#10113764) Homepage
        You can't test a program or system of any complexity with some code in, pronounce it "good", and then take out some of the code.

        Its new code at that point. Which is perhaps why its left in. If they take it out, then they have to re-test and re-certify.

        But fundamentally, it shows that Diebold is, at best, incapable of understanding what it takes to produce this kind of code. It sounds like a bunch of junior programmers coding under the "direction" of a mid-level programmer.

        What I'm surprised at is the local government accepted binaries from the vendor without (a) having full access to the source code (b) a mechnism to ensure the source code they audit matches the binaries in the machine.

        When you think about it, the whole thing reeks of a company looking to make a quick buck and local governments too stupid to understand that they lack the expertise to judge this kind of software and make an intelligent decision about deploying it.
    • It isn't a bug at all, according to the article [blackboxvoting.org]. Diebold apparently put it there on purpose. I'm sure they merely want to be able to correct the votes of people who, um, "acccidentally" voted for the wrong candidate.
  • So impatient! (Score:5, Interesting)

    by Anonymous Coward on Monday August 30, 2004 @06:46PM (#10113297)

    Technology is a wonderful thing.

    But come on. Are we so ADHD in this country we can't vote on paper and wait for real people to count them? Yes, there will be mistakes... but at least if a recount is needed, there's a paper trail.

    If you don't have time to do it right, when will you have time (or in this case, an opportunity) to do it over?

    Can it be? A free PC [tinyurl.com]!?

  • by AmazingRuss ( 555076 ) on Monday August 30, 2004 @06:46PM (#10113299)
    It's COUNTING for chrissakes!
    • Because it has to be counting in a repeatable, secure, verifyable, anonymouse, and as accurate as possible manner?
      • Paper seemed to work for the longest time. Hell, it still does. The scandals with voting machines are just another aspect of the productivity paradox [neweconomyindex.org]. People continue to look towards technology to simplify our lives, when in fact, it tends to make it more complex. For example: That nice little PDA that was supposed to make your notepad and address book outdated requires more effort to maintain than what it replaced. Electronic voting machines fall right in line.
    • After watching the last fiasco they called an election in the usa, yes, counting IS a difficult thing. It's so difficult, there was even one state that couldn't figure out how to do it, and instead waited for a supreme court decision to determine election results.

      Multiple choice ballots are to confusing, and counting the results after the fact is to hard. The writing is on the wall, it'll only be a few more years before american elections are simplified even more. Ballots will have only one choice, tha

  • by DroopyStonx ( 683090 ) on Monday August 30, 2004 @06:48PM (#10113316)
    That this election is going to be utterly f'n rigged and even more of a controversy than the last one...

    I can't believe they're actually trusting some random company with handling and counting votes. What makes this company so secure? I've personally never heard of them, and I'm sure most others haven't either, so why should I trust them?

    I don't understand how you can go from traditional voting and in such little time completely switch to electronic methods. Case in point, these exploits that were found. Find one exploit and the whole thing is done for.
    • I can't believe they're actually trusting some random company with handling and counting votes. What makes this company so secure? I've personally never heard of them, and I'm sure most others haven't either, so why should I trust them?

      They probably make the ATM's you use, among other things that need to be secure.
      • by Kenja ( 541830 )
        "They probably make the ATM's you use, among other things that need to be secure." but aren't. I walk away from any ATM that says DIEBOLD. I once saw one crashed to the Windows XP desktop. Scarry to say the least. I'll stick with the old B&W OS/2 based ATMs.
      • They do indeed. Though what they build is things that their clients want.

        In the case of ATM's, their clients not only want, but rather insist most absolutely, that they be secure and fully auditable.

        In the case of these voting machines, their client would like a machine that gives them a voting advantage.

        Damned, it's near genius really in an evil way. The exploits in point don't even need to be used at all to be used as a tool in manipulating the outcome of the next election. Should they win, well they c
    • Huge company (Score:3, Insightful)

      by nurb432 ( 527695 )
      Not defending them, but Diebold makes a LOT of ATM machines..

      So many, you have most likely used one, if you use an ATM in the states..
      • Re:Huge company (Score:3, Insightful)

        by DroopyStonx ( 683090 )
        Well, that might be great and all, but why should we trust them with the election process?

        At least when ATMs screw up you can get your money back.

        It's not so easy when a whole election is botched because of some error.

        At least with ATMs you can spot discrepencies in any transaction... it's your receipt, your statement, etc... how do we know for 100% certain that this company will handle these votes in a proper manner?
      • Re:Huge company (Score:5, Insightful)

        by back_pages ( 600753 ) <back_pages@NoSpam.cox.net> on Monday August 30, 2004 @07:40PM (#10113622) Journal
        The difference between an ATM and vote counting is that with an ATM, the corporation has a vested interest in making sure the accounting is done properly. In vote counting, the individual has a vested interest in making sure the accounting is done properly.

        When we're placing votes on the Diebold machine, WE are the bank, except we are kept as far away from the accounting as possible. You try working that arrangement out with the bank. You ask for $100, they let you into the vault, and you show them the $100 bill when you leave.

        They can trust ya!

        The fact that Diebold makes a lot of ATMs does not make the electronic voting idea valid. They might be the most qualified to make the machines, but the idea is not sound.

    • by mynameis (mother ... ( 745416 ) on Monday August 30, 2004 @07:12PM (#10113486)
      I can't believe they're actually trusting some random company with handling and counting votes.

      Random?!
      Diebold?!

      The company whos CEO, Walden O'dell, is "committed to helping Ohio deliver its electoral votes to the president next year."

      Snigger... Oh the things one really shouldn't put on paper, sign, and mail to a buncha people ;)
      Where's my tinfoil....
  • by major.morgan ( 696734 ) on Monday August 30, 2004 @06:48PM (#10113317) Homepage
    I'm starting to get confused; If you can sue McDonalds for coffee, or just about anyone for not protecting me from myself - why hasn't someone taken Diebold on in court?
  • by powerlinekid ( 442532 ) on Monday August 30, 2004 @06:48PM (#10113318)
    Coming up later on News at 11; Diebold machines found to be insecure. This and a shocking expose proving once and for all that water is wet.
  • Wow... (Score:5, Interesting)

    by autopr0n ( 534291 ) on Monday August 30, 2004 @06:49PM (#10113326) Homepage Journal
    Is anyone else suprised by how bad diebold's coders are? I mean seriously. I know microsoft can't make their products secure, but they have millions of lines of legacy code and compatability issues. This isn't an excuse, but building a secure system from the ground up should be pretty straight forward, honestly.

    Security should have been the top priority the whole way through, but apperantly it wasn't. Pretty amazing, IMO.

    And wtf, they can't fix a bug in a year? They're not going to have it fixed by Nov? Jesus, what is it with these people.

    Also, this is kind of boring. Anyone involved in the RNC convention or the protests around here?
    • Re:Wow... (Score:5, Insightful)

      by LMCBoy ( 185365 ) * on Monday August 30, 2004 @06:55PM (#10113371) Homepage Journal
      Read the fine article, it is NOT a bug. It's a "double-booking" exploit which Diebold apparently put in on purpose.

      From TFA [blackboxvoting.org]:
      This program is not "stupidity" or sloppiness. It was designed and tested over a series of a dozen version adjustments.
    • Re:Wow... (Score:3, Informative)

      by yo303 ( 558777 )

      Is anyone else suprised by how bad diebold's coders are?

      It should be surprising to most people, because Diebold is one of the largest makers of automated bank machines. When was the last time an ATM counted wrong? Conspiracy theorists, now increasing in numbers, are not surprised, because the bank clients want accuracy and security while the Republican election clients don't.

      Widely quoted examples:

      - Jeb Bush, unconcerned about 2002 Florida touch-screen election debacle, says "What is it with Democ

  • So let me understand. Entirely by accident, if you enter a specific code at the machine, a transparent and highly successful process takes the existing collected data and makes a duplicate of that data which can be altered and fed into the combining and counting process.

    Someone must have REALLY misspelled an important constant, no? I mean, what are the odds? When I screw up, the code usually just fails to compile or takes out the vm. Someone needs to find the guy who "accidentally" did that and get him to buy lottery tickets for all of us.

    wow.

  • by chipandrews ( 596486 ) on Monday August 30, 2004 @06:53PM (#10113363)
    http://www.blackboxvoting.org/?q=node/view/25' [blackboxvoting.org] (SQL Injection vulnerability) You'd think that people who knew so much about what's wrong with Diebold security would do their own homework first. Not to let Diebold off the hook but we all have our due diligence to follow. Kudos to putting the pressure on Diebold but let's try to lead by example shall we?
  • by SlowMovingTarget ( 550823 ) on Monday August 30, 2004 @06:56PM (#10113380) Homepage

    Why is it so hard for these people to implement Write-Once Read-Many? Burn the vote(s) onto optical media and be done with it. When the media fills up, replace it and transport the media (you made three or more copies of the same disk, right?) by different routes accompanied by security officers. Look Ma! No network!

    This business of sloshing this incredibly sensitive data around on networks is completely irresponsible.

    Doesn't avoid the issue of having a "central tabulator" designed for manipulation, but you can easily design a tabulator (or better, multiple independent tabulators) that you can prove to be free of back doors, given that the source is available.

  • by Ungrounded Lightning ( 62228 ) on Monday August 30, 2004 @06:57PM (#10113384) Journal
    Public officials: If you are in a county that uses GEMS 1.18.18, GEMS 1.18.19, or GEMS 1.18.23, your secretary or state may not have told you about this. You're the one who'll be blamed if your election is tampered with. Find out for yourself if you have this problem: Black Box Voting will be happy to walk you through a diagnostic procedure over the phone. [Contact information here.]

    Public officials: If you have these versions of the software, the votes can be tampered with by this simple procedure. Black box voting will be happy to give you a short course in how to rig your election.

    Reminds me of the official corruption in Daily's Chicago - which was the "City that Works" largely because ANYBODY could bribe the officials equally.

    By exposing this flaw and showing every election clerk who asks how to cheat, Black Box Voting is insuring that the vulnerable software WILL be used to cheat, and that elections WILL be rigged until the audit trails are installed and used.

    I can think of nothing that will create a bigger push for audit trails on electronic voting than showing every election official in the US how to stuff the ballot boxes at this wholesale, vote-tabulation level. B-)
  • I other news... (Score:3, Insightful)

    by Pan T. Hose ( 707794 ) on Monday August 30, 2004 @06:57PM (#10113388) Homepage Journal
    I other news, the novel innovation of marking "X" on a piece of paper found invulnerable against this exploit. Film at 11!
  • by ayeco ( 301053 ) on Monday August 30, 2004 @06:58PM (#10113397)
    Sure, it's horrifying to see that someone could cheat, and most likely someone will try, but the polls have both parties monitoring, counting, and watching the process. Announcing the fact that the machines aren't fool proof or perfect is a wonderful thing for the process - aka more eyes will be watching and helping protect our election process.

    These problems will be fixed, but there will always be voter fraud (ie dual voting [xinhuanet.com] - The paper found that 68 percent of the dual registrations are Democrats, 12 percent are Republicans, and 16 did not claim a party).
  • by Noryungi ( 70322 ) on Monday August 30, 2004 @07:00PM (#10113403) Homepage Journal
    Exit polls, 2004 US presidential election:
    • Georges W. Bush: 43.25%
    • John Kerry: 44.70%


    Official results of the 2004 presidential election, once all votes have been 'counted' by voting machines:

    • George W. Bush: 44.95%
    • John Kerry: 43.82%


    Since these numbers are within the margins of error, Bush is not going to need the Supreme Court this time.

    It sounds like something from a Mastercard joke:

    • New voting machines for everyone: $ 2.2 million per state.
    • Financing smear groups to attack John Kerry: $ 1.75 million.
    • Winning an election: Priceless.


    Be afraid. Be very afraid.
    • Re:Florida, anyone? (Score:5, Interesting)

      by DAldredge ( 2353 ) <SlashdotEmail@GMail.Com> on Monday August 30, 2004 @07:11PM (#10113479) Journal
      "# Financing smear groups to attack John Kerry: $ 1.75 million."

      Do you get this worked up over 527's like moveon.org?
  • by daveschroeder ( 516195 ) * on Monday August 30, 2004 @07:03PM (#10113436)
    If you've been following this, and RTFA, you'd know this is an extremely complicated situation, both from a technical standpoint, and a management one. There are hundreds of people at various levels of local government, contractors, Diebold, temporary agencies, printing companies, and other entities that have, as a matter of course, various levels of access to the voting infrastructure, including the GEMS software itself.

    That isn't to say that we shouldn't answer these questions - DEMAND answers - and do EXACTLY what we should be doing, which is holding officials responsible for our elections accountable in every way. But must we attribute exclusively conspiratorial ulterior motives to this, straight away? This isn't about Bush or Rove or Cheney or Ashcroft. It's about the integrity of ALL of our elections, under all circumstances. Don't pretend that only one side wants to win.
    • by Kenja ( 541830 ) on Monday August 30, 2004 @07:18PM (#10113512)
      "Why must negative motives ALWAYS be ascribed?"

      Lets see, a company whos leader claims to want to reform the US as a theocracy and has sworn to give the ellection to George Bush has a product used for e-voting that has a "feature" (sorry, this is not a bug) that allows someone to rig an election. Gee, I have no idea why anyone whould think this was anything negative.

    • by Cid Highwind ( 9258 ) on Monday August 30, 2004 @07:31PM (#10113572) Homepage
      "I am committed to helping Ohio deliver its electoral votes to the president next year." --Walden O'Dell, CEO Diebold Inc.

      Untwist your knickers. If he had said something about helping to "defeat Bush" or whetever, it would all be an evil left-wing conspiracy instead.
      • And Diebold is headquartered in Ohio. I'm not saying it doesn't look and sound bad (and will agree it probably IS bad, and represents at the very least a conflict of interest on its face), but Diebold is a corporation located in Ohio. Executives at various companies routinely make political statements to the effect of helping candidates win geographic areas. Walden O'Dell didn't literally mean he was going to rig elections to "deliver" Ohio to Bush. (Unless of course you believe that he would unabashedly ma
      • Yes, if O'Dell had said he was committed to delivering Ohio's electoral votes to Kerry, it would be an evil Democrat conspiracy.

        But he said BUSH. It's an evil Republican conspiracy. Why don't you care about that? Why do you hate America?
  • by BadluckShleprock ( 654660 ) on Monday August 30, 2004 @07:06PM (#10113456) Journal
    Back in 2002, Miami-Dade had an election using touch-screen voting. In some circumstances there were more votes than registered voters, and in at least one instance an entire day's votes in one machine were "accidentally" erased. No paper backup means the votes were lost in the ether.

    Since each state is responsible for operating the voting process, you'd think that Jeb Bush (the Governor) and former Orlando Mayor and now Secretary of State Glenda Hood would have been outraged. Jeb's reply was "why can't Democrats learn how to vote?". Glenda Hood's response was "that doesn't mean that we need to have a paper trail." She has this big bug up her ass that printed receipts would cause a repeat of the 2000 debacle when in reality the 2000 debacle was 100% caused by the old punch cards being difficult to scan. A paper printout would simply be a way to recount votes that aren't up to speculation by the person doing the recount (i.e. they know exactly which votes are cast.)

    P.S. Diebold Sucks!
  • Why this is scary (Score:5, Interesting)

    by tedit ( 809575 ) on Monday August 30, 2004 @07:09PM (#10113465)
    While a lot of people will say that screaming about insecure voting machines is a bunch of FUD, I think there is a legitimate reason to be far more scared of insecurities in digital voting than in the traditional kind. The nice thing about paper/punchcards/crayon is that the scale of fraud is limited by the physical nature of the medium. It's tough to dispose of a lot of votes without anyone noticing a precinct is missing, and it's difficult to make much of a differece forging individual ballots. The problem with electronic voting is that like every other industry that's gone digital (accounting to spreadsheets for example), the scale and efficiency of mundane tasks is amplified by many orders of magnitude. It's tough to make much of a dent in an election by registering under ten names and voting ten times. It's easy (if you have an exploit) to to click once to change 10,000 votes in a manner that looks utterly plausible. So for all the talk of just giving red meat to the media to have another thing to panic about, I'd say why the heck can't we force Florida to print paper reciepts? [go.com]
  • by gorehog ( 534288 ) on Monday August 30, 2004 @07:11PM (#10113475)
    I asked this before and am going to ask again.

    Why do we insist on using voting computers which are reprogrammable. These are all Von Neumann architecture machines. As computer scientists we should be able to find a more appropriate architecture for voting. Something where the code is not alterable, something where the counts are not chanegable.

    Think about it. And if you dont understand the question then learn about computing architecture. There are computers other than the multi purpose kind. They tend to be single purpose and far more efficient at their designed jobs.
  • Diebold at it again? (Score:3, Informative)

    by Reene ( 808293 ) on Monday August 30, 2004 @07:13PM (#10113491) Journal
    I keep wondering when the states are finally going to give Diebold the proverbial finger. This isn't the first time this sort of thing has happened with Diebold machines and it probably won't be the last. A quick search on The Register reveals that this sort of thing has been going on for quite some time [theregister.co.uk]. Among several concerning incidents from 2003:
    The Oakland Tribune reported last week that several thousand voters in Alameda County used electronic voting machines made by Diebold that were never certified for use by state and county voting officials. Diebold altered the software running on the machines prior to the election, but never bothered to submit the software for testing
    or even notify the state that the software update had been made.
    Come on. Enough is enough, you know? This kind of thing is too important to leave it to people and/or technologies with a track record like this.
    • Yeah every time I use one of their ATMs I get really nervous. I'm not being sarcastic. Ever since all of this crap with their voting machines has happened, I've had to wonder -- how secure are my account number and PIN with them?
  • by jxs2151 ( 554138 ) on Monday August 30, 2004 @07:16PM (#10113506)
    I had a nice little conversation with a Diebold guy at the Maryland State Fair Saturday. The State of Maryland had a booth set up there allowing people to "vote", showing how "easy" it was to use the machines. I turned around and asked the guy for my paper receipt or some proof of who I voted for. He got real defensive when I suggested the that machines had been compromised. He tried to move me away from the crowd that was there, even though I wasn't being loud. I stated that unless the source code was open to inspection that the public had no way of trusting the voting process. He replied that the code would be held in escrow by a trusted authority- the State of Maryland. I laughed, and laughed some more at the thought of those who had the largest vested interest in the outcome of the vote being "trusted" to ensure the accuracy of that vote.

    Diebold has a huge investment in this and sees dollar signs well into the future if their machines become the standard. Just think about how long the mechanical machines have been around. Diebold wants that kind of longevity for their product.

    I am not against a company making money, far from it. However, making your money off the most important process in America cannnot be ethically supported. I left telling the Diebold guy that I enjoyed toying with him. He was left with a chagrinned look on his face, knowing that the road ahead is gonna be tough.

    I was not willing to return and pay another entrance fee to bring materials back to prove this guy wrong so do me a favor- if you are planning on going to the MD State Fair, take along some materials to back up your arugment and take some potshots at the Diebold guys.

    • I stated that unless the source code was open to inspection that the public had no way of trusting the voting process.

      Why do people always bring up the source code has to be open. Open source has absolutely nothing to do with this issue.

      This isn't a binary you are going to build and install on your home computer, you have no way of knowing that the source code in escrow was used to build the binaries on the voting machine. In fact, Diebold has been repeatedly caught installing uncertified software on

  • by josevnz ( 647715 ) on Monday August 30, 2004 @07:18PM (#10113513) Journal
    Venezuela was the victim of one of the bigges frauds in its history, thanks to the electronic voting machines provided by a company called 'Smartmatic'.

    Americans (and the rest of the world) should learn about what just happened in Venezuela; The real chances to prove than there was a fraud are minimal.

    Here are some articles you can red to get more informed about the problem:

    http://www.miami.com/mld/miamiherald/news/847151 7. htm
    http://news.phaseiii.org/article3109.html
    ht tp://www.newsmax.com/archives/articles/2004/8/20 /131240.shtml
    http://www.wjla.com/news/stories/07 04/158551.html
    http://gnosis.python-hosting.com/v oting-project/Ju ne.2004/0259.html

    Hopefully things like this will never happen in the US.
    • by flimflam ( 21332 ) on Monday August 30, 2004 @08:53PM (#10114153)
      Three are purely speculative, one is about supposed problems with the elections that had nothing to do with the voting machines, and the last is about how the machines actually do provide a voter-verified paper-trail. While voter fraud may or may not have occurred in Venezuela (frankly, it's a little hard to trust most of the news out of Venezuela for the last few years), if it did happen it almost certainly happened the old fashioned way.

      (I lived there during the second election of CAP, and I remember finding with a few friends of mine a ballot box lying in a ditch about a week after the election.)

  • by SnprBoB86 ( 576143 ) on Monday August 30, 2004 @07:18PM (#10113514) Homepage
    Ok so you present a login where the user enters a voter registration number. You show a list of canidates. You double click. Type "yes" to confirm. Increment a number in the database and set that voters "HasVoted" property to true.

    After a 10th grader finishes that project, have a real coder step in for 15 minutes, throw in a little encryption and all you've got to do is run this bad boy on a palm pilot locked in a box and chained to a desk. When the votings done, ship the locked up palm pilot off to some goverment facility where the data will be merged into a master database.

    Wheres the challenege? I feel like I could make THE BEST VOTING SYSTEM EVER in one weekend and make it rich off government contracts...
  • by Anonymous Coward on Monday August 30, 2004 @07:23PM (#10113536)
    several hundred times.
  • by Anonymous Coward on Monday August 30, 2004 @07:23PM (#10113537)
    In other countries were the election is likely to be bungled and/or falsified UN observers are often called in to verify the authenticity of the results.

    I think concerned citizens should demand the UN make sure that we have fair and free elections.
  • Hack them... (Score:3, Interesting)

    by DF5JT ( 589002 ) <slashdot@bloatware.de> on Monday August 30, 2004 @07:27PM (#10113554) Homepage
    With all the security holes exposed in the electronic election gear it should be easy to hack them in such a way that any abuse can be made visible.

    Log incidents, put them online and show the world that some very powerful people have a strong interest in these pieces of machinery being insecure to such an extent that the election becomes a joke.

    Expose the vulnerabilities and use them to make it impossible to use to the advantage of those who have a strong interest in influencing the outcome of the election.
  • Why is it so hard? (Score:4, Insightful)

    by karmatic ( 776420 ) on Monday August 30, 2004 @07:30PM (#10113567)
    Why is having a voter-verified ballot so hard? Here is how to do right:

    1) Voter selects what to vote for
    2) Computer punches holes in a paper ballot, _and_ prints a barcode representing the votes on the ballot.
    3) Counting machine reads optically, and checks barcode.

    See? It's simple! The person can't walk out with the audit trail; if the ballot isn't presented on the way out, it's not counted. We already have optical reading systems; the barcode removes any reasonable chance of error.

    100% accurate, can be checked by hand, can be done [relativly] cheaply, you can fall back on paper if the computers go down. Why aren't we doing this?!?!

    Ok, I know the answer, but I don't have to like it.

    --
    Complete an offer, get a free Orkut invite, Gmail invite, and a copy of The Core Media Player Pro, to boot! [freeipods.com]
  • by Deep Fried Geekboy ( 807607 ) on Monday August 30, 2004 @07:38PM (#10113610)
    There's a javascript demo of the Diebold Election System on the Diebold site.

    Guess what? In Safari 1.3 at least, it doesn't work.

    (Try voting for one candidate on each ballot, then on the next page, you appear to have cast no votes, confirmed by 'review').

    Try it here: http://www.diebold.com/dieboldes/OnLine_Demo/scree n1.html [diebold.com]
  • by VeryProfessional ( 805174 ) on Monday August 30, 2004 @07:39PM (#10113614)

    It has been discovered that Paper(tm), a voting system planned to be widely deployed in the coming elections, suffers from numerous vulnerabilities.

    A security assessment taskforce has found that the system, in which a stylus is used to infuse chemical dyes onto a thin cellulose-based wafer, is vulnerable to a Denial Of Service attack in which the wafer is exposed to heat until fully oxidised. This renders the results unreadable. Furthermore, the wafers are unencrypted, which makes them vulnerable to replay and other man-in-the-middle attacks. Another attack involves exposing the wafers to lateral force until they are compressed, rendering them easier to dispose. This is known as the 'scrunch-it-and-trash-it' attack, which was made famous in the underground hacker classic Election [imdb.com], starring Matthew Broderick and Reese Witherspoon.

    Members of the security community are said to be flabbergasted at the general level of public apathy towards these vulnerabilities, which the taskforce has given its highest threat rating.

  • Senator Hagel (Score:5, Informative)

    by ortholattice ( 175065 ) on Monday August 30, 2004 @07:49PM (#10113660)
    There is speculation that the election of Nebraska Republican Chuck Hagel [petroleumworld.com] could have been rigged by electronic voting machines, but there's no way to prove or disprove it since there's no paper trail. But with purposely programmed-in cheats like this one it makes you wonder. Excerpts from this article by Thom Hartmann:

    "Perhaps it's just a coincidence that the sudden rise of inaccurate exit polls happened around the same time corporate-programmed, computer-controlled, modem-capable voting machines began recording and tabulating ballots..."

    Unfortunately "...if any of [it] is true, there's not much of a paper trail from the voters' hand to prove it..."

    "Back when Hagel first ran there for the U.S. Senate in 1996, his company's computer-controlled voting machines showed he'd won stunning upsets in both the primaries and the general election. The Washington Post (1/13/1997) said Hagel's "Senate victory against an incumbent Democratic governor was the major Republican upset in the November election." According to Bev Harris of www.blackboxvoting.com, Hagel won virtually every demographic group, including many largely Black communities that had never before voted Republican. Hagel was the first Republican in 24 years to win a Senate seat in Nebraska."

    "Six years later Hagel ran again, this time against Democrat Charlie Matulka in 2002, and won in a landslide. As his hagel.senate.gov website says, Hagel "was re-elected to his second term in the United States Senate on November 5, 2002 with 83% of the vote. That represents the biggest political victory in the history of Nebraska."

    "What Hagel's website fails to disclose is that about 80 percent of those votes were counted by computer-controlled voting machines put in place by the company affiliated with Hagel. Built by that company. Programmed by that company...."

  • Get the news out. (Score:5, Insightful)

    by johnjay ( 230559 ) on Monday August 30, 2004 @08:00PM (#10113712)
    Call/write to your local news station. Upon checking Google News, only /. is covering this press release so far. The more informed people are about this, the more likely they are to complain. You might want to call your local congresscritter, too.

    This isn't the type of esoteric security vulnerability that only nerds are going to understand. Your average voter will grasp the issue pretty quickly.

    When trying to alert people to the problem, you may want to mention that there are serious concerns that Venezuela may have suffered electronic election rigging in the recent Chavez recall election.
  • by KB1GHC ( 800065 ) on Monday August 30, 2004 @08:08PM (#10113758)
    If anyone wants to watch a really good documentary about the 2000 election, and the security of the 2004 election. I recommend a documentary called "Ballot Battles" on the Discovery Times Channel.

    In part of this documentary. a woman who is against electronic voting machines (who isn't a computer expert) was googling a manufacturer of electronic voting machines, and she stumbled apon all the firmware and source code to all their voting machines, she downloaded it, and filled 7 CD's and brought it to a computer security expert, and they were shocked about the poor coding of the voting machines operating system. With this information, she was able to easily hack the voting machine, and was able to teach an 8 year old to do it too.

    it's a really good documentary, check it out.

    unfortunatly, i don't know when it will air again, i just checked the TV schedule and didn't see it anywhere.
  • Problem found! (Score:4, Insightful)

    by joranbelar ( 567325 ) on Monday August 30, 2004 @08:16PM (#10113813)
    The GEMS program runs on a Microsoft Access database.

    But seriously, did anyone else shiver when they read that?

  • by xyr0 ( 678756 ) on Monday August 30, 2004 @08:25PM (#10113911)
    Those who cast the votes decide nothing. Those who count the votes decide everything. - Stalin
  • Call Me Stupid... (Score:3, Insightful)

    by feloneous cat ( 564318 ) on Monday August 30, 2004 @08:52PM (#10114143)
    But if this is REALLY the land of the free, then why don't we allow those who REALLY trust the friggin' Diebold machines to use them, and those who prefer things that can be audited (recounted in Mr. Newsmedia-speak) use punched cards/marks on tablets, whatever.

    We have the technology to put marks on paper. No, really, I'VE SEEN IT. Diebold even makes one!

    I believe they call it an Aye-Tee-Em...

    Feloneous
  • by Anonymous Coward on Monday August 30, 2004 @09:47PM (#10114491)
    As a country that has such a long history of voting for our representatives, we have taken for granted the single most important aspect of democratic governance: Transparency. No democracy since the invention of clay voting markers has survived without this fundamental facet of the process. It does not matter if it is a pure democracy or a representative government. It does not matter if we use electoral colleges or parliamentary votes. It does not matter if we use clay tablets, punched cards or write-once CDs. What every election-monitoring group is designed to enforce is transparency.

    Why? Because the loser has to concede to the fact that he has lost. We do not force the loser to lose, the loser allows the winner to win. "I lost in a fair fight. Better luck next time." The concession speech is just as important to democracy as the acceptance speech.

    If a loser of an election disputes the results and the winner cannot defend the vote count, then the loser has every right to appeal to other means--in most countries, violence.

    In the last American election, the loser disputed the vote count. The winner could not defend the results, so the loser appealed to other means--the Supreme Court.

    The fact that there was no outbreak of violence (at least of any significance) was not due to the voters' acceptance of the count. It was due to the voter's acceptance of the Supreme Court as the final word in American government. The loser accepted the Supreme Court decision and allowed the winner to win. The voters (some begrudgingly) accepted the decision.

    But please note: the last disputed election had something that the next one will not: chads--a paper trail--transparency. Win or lose, everyone had the hope that eventually, the truth would be known. It may take days, weeks or months to determine, but the truth would be known. The system would work.

    Ignore conspiracy theories. Ignore corporate donors. Ignore programming loopholes. The threat of the next disputed election is the notion that even if the election is honest, even if every vote is counted, even if the outcome truly matches the intent of the voters, the loser will be able to dispute the outcome and the winner will not be able to defend it.

    Imagine the turmoil if after the last election, over a million of the punch ballots had gone missing. That is what these systems offer. It does not matter who wins this fall. The loser will dispute the result and the winner will not be able to defend it.

    As counter-intuitive as it may seem, Bush may be the most likely candidate to suffer from the paper-less voting system. If Kerry wins, I do not believe Bush will have much of a case for vote tampering as the systems are being used primarily in districts controlled by Republican party members. If Bush wins, it is very likely that the results would be thrown out altogether for the sake of another election. The anger pent up by Democrats in the last election fraught with claims of 'unfair' would be mild in comparison to an election that lead to charges of treasonous fraud. Nixon was impeached for election tampering and all he did was spy on his opponents.

    Many comments have offered ways to counter the threat of the new systems and most them are good. Yes, it is helpful to point out the possibility of fraud. Yes, it is helpful to write/call representatives demanding change. Yes, it is helpful to create more transparent technical solutions (yes, open source is one option, but not the only one). In the meantime, the best way to ensure that 1.) your vote is counted, 2.) your vote can be recounted, 3.) your vote will not be disputed is to ask, NOW, for your absentee ballot. It is exactly the reason that both the Republican and Democratic Parties have started a "get out the absentee vote" campaign in areas where the new systems are being installed.

    If the Supreme Court does not ask for a recount, they may look to the absentee ballot as the measure of voter intent. The next President may be elected by the voters that do not even show up.

  • by nietzsche_freak ( 804786 ) on Monday August 30, 2004 @10:26PM (#10114707) Homepage
    If you read TFA, hopefully you'd have caught this:
    By entering a 2-digit code in a hidden location, a second set of votes is created. This set of votes can be changed, so that it no longer matches the correct votes. The voting system will then read the totals from the bogus vote set.
    That isn't a bug, or some l33t haX0r exploit--that is proof positive that these machines were made to be 'tampered' with, designed intentionally with election fraud in mind.
  • by SlashCrunchPop ( 699733 ) on Tuesday August 31, 2004 @06:01AM (#10116351)

    For many years now Bruce Schneier has been writing on this topic extensively and since I share his views I decided to put together the most relevant excerpts from his excellent Crypto-Gram newsletter and let them speak for themselves. If you really want to get up to speed on this topic, this is what you've been looking for.

    Crypto-Gram: September 15, 2003 :: News [schneier.com]:

    Interesting report on the security of Diebold's voting machines. Scary stuff, especially if you consider that these are already being purchased for use in U.S. elections.
    http://avirubin.com/vote.pdf [avirubin.com]

    Crypto-Gram: October 15, 2003 :: News [schneier.com]:

    Despite admitting that Diebold voting machines have a high risk of compromise, the state of Maryland is going to buy them:
    http://www.wired.com/news/business/0,1367,60583,00 .html [wired.com]

    Crypto-Gram: December 15, 2003 :: Computerized and Electronic Voting [schneier.com]:

    There are dozens of stories about computerized voting machines producing erroneous results. Votes mysteriously appear or disappear. Votes cast for one person are credited to another. Here are two from the most recent election: One candidate in Virginia found that the computerized election machines failed to register votes for her, and in fact subtracted a vote for her, in about "one out of a hundred tries." And in Indiana, 5,352 voters in an district of 19,000 managed to cast 144,000 ballots on a computerized machine.

    These problems were only caught because their effects were obvious--and obviously wrong. Subtle problems remain undetected, and for every problem we catch--even though their effects often can't be undone--there are probably dozens that escape our notice.

    Computers are fallible and software is unreliable; election machines are no different than your home computer.

    Even more frightening than software mistakes is the potential for fraud. The companies producing voting machine software use poor computer-security practices. They leave sensitive code unprotected on networks. They install patches and updates without proper security auditing. And they use the law to prohibit public scrutiny of their practices. When damning memos from Diebold became public, the company sued to suppress them. Given these shoddy security practices, what confidence do we have that someone didn't break into the company's network and modify the voting software?

    And because elections happen all at once, there would be no means of recovery. Imagine if, in the next presidential election, someone hacked the vote in New York. Would we let New York vote again in a week? Would we redo the entire national election? Would we tell New York that their votes didn't count?

    Any discussion of computerized voting necessarily leads to Internet voting. Why not just do away with voting machines entirely, and let everyone vote remotely?

    Online voting schemes have even more potential for failure and abuse. Internet systems are extremely difficult to secure, as evidenced by the never-ending stream of computer vulnerabilities and the widespread effect of Internet worms and viruses. It might be convenient to vote from your home computer, but it would also open new opportunities for people to play Hack the Vote.

    And any remote voting scheme has its own problems. The voting booth provides security against coercion. I may be bribed or threatened to vote a certain way, but when I enter the privacy of the voting booth I can vote the way I want. Remote voting, whether by

"jackpot: you may have an unneccessary change record" -- message from "diff"

Working...