Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security Government Politics

Ohio Audit Reveals More Diebold Problems 222

armb writes with a link to a Wired Blog entry about irregularities found in Diebold databases from the state of Ohio. The election in question here is November 2006, and the corruption of the entries may raise doubts about accurate tabulations. "Vote totals in two separate databases that should have been identical had different totals. Although Diebold explained that this was part of the system design for separate vote tables to get updated at different times during the tabulation process, the team questioned the wisdom of a design that creates non-identical vote totals. Tables in the database contained elements that were missing date and time stamps that would indicate when information was entered. Entries that did have date/time stamps showed a January 1, 1970 date. The database is built from Microsoft's Jet database engine. The engine, according to Microsoft, is vulnerable to corruption when a lot of concurrent activity is happening with the database, such as what occurs on an election night when results are uploaded and various servers are interacting with the database simultaneously."
This discussion has been archived. No new comments can be posted.

Ohio Audit Reveals More Diebold Problems

Comments Filter:
  • But I know from experience with Citrix that Jet does not scale to more than 1000 simultaneous users. This seems to be borderline incompetence to me.
    • by codepunk ( 167897 ) on Friday April 27, 2007 @11:41AM (#18902229)
      Jet is damn lucky to scale to 10 much less your claimed 1000. I have never seen 1000 concurrent users in a jet database. Not that it matters, I cannot believe anyone would trust it to tabulate election results.
      • I agree. With a plethora of free or easily liscensed SQL databases out there, and the fact that ODBC data sources are every bit as easy to connect as Jet, there is NO excuse. The only reason to drop something like Jet into a production system is to make it crippled by design.
      • Re: (Score:3, Funny)

        by vought ( 160908 )
        The database is built from Microsoft's Jet database engine.

        As Hyneman would say..."There's your problem."
    • Re: (Score:3, Insightful)

      by j00r0m4nc3r ( 959816 )
      Everything Diebold does is borderline incompetence. I can't wait for these bozos to get out of this business and go back to making vending machines.
      • by ktappe ( 747125 )

        Everything Diebold does is borderline incompetence.
        If you are "borderline incompetent" at enough tasks, doesn't that push you over the line into full-blown incompetence?
      • Oh yes (Score:3, Insightful)

        by WindBourne ( 631190 )
        After seeing how they develop, I absolutely like the idea of their going back to handling my money.
        • Different folks. (Score:4, Interesting)

          by pavon ( 30274 ) on Friday April 27, 2007 @02:10PM (#18905241)
          Diebolds electronic voting division was purchased wholesale from Global Election Systems in 2002. GES produced crap back then and it is no suprise that they continued to produce crap under new management. Their incompetence shouldn't reflect poorly on the ability of the engineering staff in the ATM division, although it does say quite a bit about the top-level management.
      • Everything Diebold does is borderline incompetence. I can't wait for these bozos to get out of this business and go back to making vending machines.

        I never knew they made vending machines! This is great! I mean, it's a shame we lost our democracy to trivial-to-compromise voting machines, but at least we all get free Cheetos!

    • 1000?!?!? (Score:2, Insightful)

      Good lord, I'd say anything over 10 users is a problem with Jet, from my experience anyways.

      Jet is fine for what it is, but like any other tool it has a proper purpose and should not be mis-used.

      I don't know the specifics of the Diebold stuff, it would seem to me though if you had one Jet DB on each machine along with a proper upload tool it should work just fine.... at the same time if I was building a voting machine process from scratch I wouldn't think of using it.

      fwiw. ymmv.
    • Re: (Score:3, Insightful)

      But I know from experience with Citrix that Jet does not scale to more than 1000 simultaneous users.

      I bet it doesn't. It's really more of a single-user database engine. It's nice for redistributing with a single user application, but not appropriate in a network setting. Makes you wonder if they (Diebold) just didn't have anyone with any multi-user database experience.

    • that's not borderline at all, that IS incompetence.
    • Re: (Score:3, Insightful)

      by hchaos ( 683337 )

      This seems to be borderline incompetence to me.

      I think the term you are looking for is gross incompetence.

      Maybe they're trying to convince people that even if they wanted to rig the election, they're too stupid to do it properly?

    • by hpavc ( 129350 )
      this is from here http://support.microsoft.com/default.aspx?scid=kb ; en-us;Q303528 [microsoft.com] its a hilarious read in this context.

      Microsoft Jet is a file-sharing database system. A file-sharing database system means that the processing of the file occurs at the client. When a file-sharing database, such as Microsoft Jet, is used in a multi-user environment, multiple client processes use file read, file write, and file locking operations on the same shared file across a network. If a process cannot be completed, the f
  • Jet (Score:5, Insightful)

    by truthsearch ( 249536 ) on Friday April 27, 2007 @11:37AM (#18902161) Homepage Journal
    I programmed with the Jet DB "engine" years ago. I wouldn't even run a web site with it. The only thing I found it useful for was business applications, such as connecting an Excel spreadsheet to Access. But that was years and years ago. Why would anyone write such a large and critical system using Jet today, when even Microsoft tells you not to? The only answer is incompetence.
    • Tenured programmers/engineers tend to like what they know. Obviously when the execs walked down the latter and said, "We need a database" this person said, "Alright, we'll use this" and went wax nostaligic about Jet.

      That, or the morass of our government dictated a few things that didn't make sense. They tend to be behind the times in terms of software/hardware advances.
    • I've seen some pretty boneheaded database uses... it's one thing if the in-house tool is in Access (with weekly instances of "everybody out so we can rebuild the corrupt database"), but there is no excuse for some commercial tools I've seen using an improper database platform.

      Proper use of database technology can be difficult, but if a company is unable or unwilling to do it properly, they shouldn't be selling the product. Governments have a responsibility to the perople to slap down companies trying to
    • Indeed - I picked up a client because their Access database was banging against the wall. I wouldn't recommend Jet for much of anything these days, not with the plethora of open source relational database products out there today.
    • Re:Jet (Score:5, Insightful)

      by lawpoop ( 604919 ) on Friday April 27, 2007 @12:35PM (#18903361) Homepage Journal

      Why would anyone write such a large and critical system using Jet today, when even Microsoft tells you not to? The only answer is incompetence.
      There is another answer.

      If you wanted to make an insecure system that was easy to hack and manipulate, didn't have basic security features, data integrity, and no audit trail, and thus no record of how data was altered outside of specifications, you might use such a deprecated application.
      • by Phrogman ( 80473 )
        There is no possible intelligent reason that a developer would choose such an outdated and ill-reputed database engine when so many completely viable options exist at the moment. The *only* reason I can contemplate is that it was a deliberate choice for exactly the reasons you stated. Using this tool would make the fact that the Diebold systems were being actively used to rig an election much harder to trace. No one can be so stupid as to deliberately choose an unreliable DB engine like Jet, knowing its unr
      • Re: (Score:3, Insightful)

        by uab21 ( 951482 )
        The old quote about never assigning to conspiracy that which can adequately be explained by incompetance comes to mind (Machievelli?). People are doing stupid things all the time. That being said... there is no reason that someone with deviousness in mind could not *find* the stupidity and decide to advance and take advantage of it. Use what is available - and stupidity is in rampant abundance.
  • JET?? (Score:5, Insightful)

    by revlayle ( 964221 ) on Friday April 27, 2007 @11:39AM (#18902193)
    That is an old outdated desktop engine. Databases needs compressing and repairing all the freaking time - want to go multi-user? or over a network? forget it, it's have never performed well in that capacity in ANY version. Microsoft even advises not to use it anymore. They push desktop version of the SQL Server 2005 Engine (and now even have a version that just requires a couple DLLs in the application directory, however I do not know if that is available yet).
    • 2 databases?!? (Score:5, Insightful)

      by Artaxs ( 1002024 ) on Friday April 27, 2007 @11:59AM (#18902565)
      Look, let's say I had hired an accountant. Then, let's say that I found out that he was keeping two separate databases of my finances. Let's also say that they had different totals in them, and he was only showing me one of them.

      Not only would I fire his ass, but I'd make sure to press criminal charges of fraud. Why are these creeps from Diebold, Sequoia, ES&S, et. all not in prison yet?

      Diebold makes ATMs; don't tell me that they can't get something as simple as a vote database right. Occam's Razor points to outright fraud, not to simple incompetence.
    • by laffer1 ( 701823 )
      Yeah, and as far as concurrency goes its a terrible choice. When I first started learning ASP years ago, I started with Access databases. My website could not handle over 5 concurrent users without giving errors. I think at that time there was a hard limit of 5 concurrent users. This thing was read only most of the time. The database only changed a few times a week.

      Now if access couldn't handle a Jewel fan site how on earth could it handle an entire state's voting data? Switching to SQL Server and lat
    • Actually, it's called SQL Server 2005 Express edition. .Net 2 programs can either directly access the Database or you can set up a full blown SQL Server and connect via TCP/IP. If you do it via TCP/IP, multiple users can be accessing it without issue.
    • No kidding. Jet doesn't even support true record locking -- it locks pieces of the database in blocks. Diebold would have had less chance of corruption with even something as broken as MySQL 3.x. Heck, they would have had less chance of corruption using a comma-delimited text file stored on a 5.25" HD floppy disk stuck to the fridge with a magnet, but that's besides the point.

      The point is that this is cannot be just mere incompetence. As you say, even Microsoft, who wrote Jet and used it for years as the
      • To be fair, SQL Server *still* uses page locking (less resource intensive) for updates. You can desginate row-level locking for inserts (good for table that do a lot of insert only operations, like audit logs). However, being a server managed database, concurrency is not nearly as much of an issue as it is in Jet.
      • ...even Microsoft, who wrote Jet and used it for years as the basis of Microsoft Access and Visual Basic's database component, says not to use it 'cause it's crap.

        Got a link for that?

        There's always SQL Server 2005 Express/Compact/whatever Edition, and this is what Microsoft recommends today.

        Hmmm, don't use our old product, it sucks, use our new product (which, of course, has no bugs whatsoever) available from us to you today! Have you driven a Ford... lately?

  • Jet Database Engine (Score:5, Interesting)

    by mypalmike ( 454265 ) on Friday April 27, 2007 @11:39AM (#18902201) Homepage
    Jet Database Engine, a.k.a. Microsoft Access.
    • by RingDev ( 879105 )
      Yeah, I saw that "The database is built from Microsoft's Jet database engine." and WTF'd out loud.

      The software used to tabulate votes is build on an Access database!?!? holy crap! Talk about the mother of all bad ideas. There are so many know issues and so many better options that this should never have gotten this far. Who the crap was in charge of designing this system? Jim from Accounting?

      -Rick
    • by afidel ( 530433 )
      I wonder if this is JET Red (aka the Access/MDAC DB engine) or JET Blue (aka the Exchange/AD DB engine). The two are both referred to as JET but they are very different animals. Given the problems it's probably Red, which would be an almost criminally stupid idea, MSDE has been around forever and is MUCH more suited to this kind of application. If it's Blue then it's not such a big deal since Blue runs some of the largest email and LDAP implementations in the world.
  • > The database is built from Microsoft's Jet database engine.

    Jet? Shit.

    I'm gonna submit proposals to program up a new Mars Rover using Visual Basic!
    • to build the space stations onboard inventory system in access.
      Then when it crashed, insist that it can only be fixed 'on site'.

    • [OT] Your .sig (Score:4, Interesting)

      by BandwidthHog ( 257320 ) <inactive.slashdo ... icallyenough.com> on Friday April 27, 2007 @12:39PM (#18903473) Homepage Journal

      Who the f*** decided that sentences on the Internet shall no longer be formatted with two spaces after a period?!

      It was always thus... Two spaces after a period is only appropriate in circumstances where all characters are the same width, such as an old-school typewriter. So nobody “decided” that it would be that way “on the Internet;” we just stopped using the special-case rules that sprung up a few decades prior when we were using technology that wasn’t capable of proportionally spaced type.

  • by mdsolar ( 1045926 ) on Friday April 27, 2007 @11:44AM (#18902293) Homepage Journal
    I've had very few banking errors using ATMs and I'm quite sure that I am not the only user on the system when I do use them. Why would this company have any trouble with this kind of operation? Is it because there is no accounting so they don't bother to get it right?
    --
    Vote with your roof! http://mdsolar.blogspot.com/2007/01/slashdot-users -selling-solar.html [blogspot.com]
    • by Ken Hall ( 40554 ) on Friday April 27, 2007 @12:18PM (#18902899)
      A number of years ago, I was responsible for handling software problem reports for a couple of vendors ATM machines. (We were a third-party service company.)

      The things that went wrong with ATMs were both funny and scary. I have no reason to believe things have changed. The banks and manufacturers go to great lengths to satisfy customers without letting details of the problems get out, because this would undermine confidence in the devices.

      With ATMs, if you're smart, you have a slip of paper to verify a transaction. If there's a dispute with the bank, the bank will usually honor the paper documentation, and the customer has no reason to make an issue of the problem.

      With voting, there's no going back and fixing results after the fact. Often there's no piece of paper. And on top of that, the whole process is under fairly intense public and governmental scrutiny.

      So I wouldn't say there are less problems with ATMs. You just don't hear about them.
      • I guess you're right, my experience of reliability is not an adequate sample. I have had a chance to partially check that my vote is counted a few times. Most recently, our candidate for state comptroller was removed from the ballot for no apparant reason. So, I wrote him back in and saw a vote counted in my precinct. That the system worked in one instance does not mean that it worked overall. He's a fun candidate, won't take any contributions over $100 when he runs and he gives great interviews.
    • I've had very few banking errors using ATMs and I'm quite sure that I am not the only user on the system when I do use them. Why would this company have any trouble with this kind of operation? Is it because there is no accounting so they don't bother to get it right?

      Yeah, accountability is key. If there's money missing from your account, you WILL raise a stink. If your vote wasn't counted, you won't even know about it.

      The other reason: the ATM company doesn't actually maintain the database, the bank does t
    • One key difference is that I'm pretty sure ATMs use a very mature client-server protocol on a dedicated link. As such, ATMs remain single-user devices where the database end is not the ATM maker's problem. Also, compartmentalizing of departments may mean little to no technology is shared between the ATM and voting departments at all...
    • Different People (Score:3, Informative)

      by pavon ( 30274 )
      I posted this somewhere else, but it needs to be restated. The reason that Diebold can't get this right, is because they don't have their ATM engineers working on it. Diebold Elections Systems did not exist until 2002 when Diebold purchased Global Elections Systems. The basic software architecture (including the use of Jet) goes back to a touch screen voting system designed by iMark in 1995. In that system the database was single use - stored on a smart card, and had to be merged together later.

      The purchase
  • I think this is what you call "not ready for prime time." I much prefer my county's system, which has a Scantron-like form that you fill in with pen and which gets scanned on-site, giving you an instant total-- and an immediate notification if there's an overvote or undervote. Plus there's that handy little paper trail...

    Of course, the part that gets me angriest, as a former poll worker, is the fact that there are people who will mess with someone else's vote. You don't do that.
  • by RyanFenton ( 230700 ) on Friday April 27, 2007 @11:47AM (#18902351)
    In the last episode, the capitol building collapsed - and now, the following letter appeared on the broken stairsteps to the Ohio capitol:

    "We're sorry that the capitol building collapsed, but it ends up that we used Licoln Logs to build the dome, and it ends up that it collapses when the wind hits it from multiple directions at once.

    We've gotten some complaints that we should have expected this, and were "total morons" for choosing such a design. We think this is a gross oversimplification, and more than a little unfair. We used multiple layers of high-quality chewing gum to secure the dome, which required countless hours of chewing, along with thousands of gallons of spittle. When you complain against such a massive effort, you insult the sore mouths of our hard working employees.

    Sincerely,
    Halliburton CEO
    Bozo D. Clown"

    Next episode: FEMA picks up the pieces.

    Ryan Fenton
  • by zappepcs ( 820751 ) on Friday April 27, 2007 @11:49AM (#18902387) Journal
    this really isn't about MS having a shitty database. It's really about Diebold not knowing how to design a database application. Other than that, I'm just too shocked to say anything while quietly making a mental note to avoid all things called Jet from MS and anything that comes from Diebold.
    • this really isn't about MS having a shitty database. It's really about Diebold not knowing how to design a database application.

      The fact that it was built with Jet suggests that it was initially designed as a non-networked, single-user system initially. Votes were probably uploaded one machine at a time (batch style) for counting purposes. What happened next was "organic growth" of the product. Let me speculate (harp music plays) . . .

      Along comes the idea that they need to network the voting machines

  • So... (Score:4, Insightful)

    by Lithdren ( 605362 ) on Friday April 27, 2007 @11:49AM (#18902397)
    When does someone bring them to court over SCREWING UP AN ELECTION.

    Seriously, I dont care if the errors caused changed the outcome or not, its fairly clear that they failed, in the worst possible way, to maintain the level of creditability needed for a damn election. This isn't a "oops, my bad" This should be a federal offence with manditory jail time.

    No system is perfect, but come on, JET!? Might as well have the vote counted in diffrent states by the party currently in power, would be just as accurate.
    • Feel free to take your suggestion to the Department of Justice. I'm sure Attorney General Gonzales will give your suggestion the careful attention it deserves. [cough]
  • They make horrible voting machines, and in TFA it's claimed they tabulate results at the precinct level not the machine level. DUMB.

    I do understand why Republicans get so defensive about this,but these machines have to GO.

    The /. articles will likely continue until they're no longer used, for obvious reasons.
  • I smell fud (Score:5, Interesting)

    by ericlondaits ( 32714 ) on Friday April 27, 2007 @11:51AM (#18902429) Homepage
    I smell FUD here...

    The engine, according to Microsoft, is vulnerable to corruption when a lot of concurrent activity is happening with the database, such as what occurs on an election night when results are uploaded and various servers are interacting with the database simultaneously."


    Now, I'd never think about developing this on a Microsoft Jet DB, since it's been somewhat deprecated for the MS Desktop SQL Server (MSDE) and SQL Server 2005 Express, which are much better and lightweight enough for a current desktop.

    Nonetheless... what MS probably stated is that basically access to a JET Db is not thread safe, which means that concurrent access will cause corruption with a probability directly proportional to the amount of activity. YET if you serialize access to a Jet Db (which is a necessary and basic requirement given that it's not thread safe) there shouldn't be a fear of corruption, unless the API is buggy. If each voting station has a Jet Db and they all get exported to a central (thread safe) db then there's no need for concurrent access to any of the individual Jet DBs, and there shouldn't be a big fear of data corruption (which, anyway, can be verified somewhat easily).
    • by RingDev ( 879105 )
      The fact that they are using a Jet DB in this way should give you a clue as to their ability to write thread safe code.

      -Rick
    • and there shouldn't be a big fear of data corruption (which, anyway, can be verified somewhat easily).
      And what do you do if there is a discrepancy due to data corruption? It's not like there is a paper trail to go back to...
      • I mean Data corruption during the merge of all the voting stations. That can be checked through a hash or similar procedure. Assuming of course that the merge is done in a serialized fashion and not exposed to a very likely corruption.

        During the voting, assuming each station has it's own Jet db, then the db is hit with a single INSERT every N minutes. Hardly critical. It could be trusted to a simple comma separated file as well. The fact that the jet db doesn't keep a log only means that a vote might be lo
    • by EvilTwinSkippy ( 112490 ) <yoda@nOSpAM.etoyoc.com> on Friday April 27, 2007 @12:08PM (#18902701) Homepage Journal
      That's a bit like saying you can run a traffic light with a Lego Mindstorms on a massive intersection where 8 lanes of traffic intersects another 8 lanes, with both right and left turns allowed.

      You just have to boost the 5v output using an op-amp, and secure the lead with a clamp or some electrical tape so it won't wiggle out.
      • Re: (Score:2, Informative)

        by blindd0t ( 855876 )
        Honestly, that has a much better chance of working than a voting system using a Jet database. ^_^
    • Yes, Finally Understanding Deceit or Fraudulantly Undermining Dependability. These guys tried to hide that they were peddling junk by saying it was proprietary. There are no accurate time stamps. You can verify corruption as has just happened, but you can't recover from it. Every single elections official that signed a contract with Diebold needs to be investigated. If there were no kickbacks, and they really knew nothing of this, then this surely is fraud.
    • Kudos. That's the best explanation I've seen posted here yet.
      A simple C# code fragment to serialize access to the Jet DB can go like this.
      -----

      // NOTE: To Diebold -- Please copy and paste this into your application. Thank you.

      public class DbWriter
      {
      private static object _sync = new object();

      public static void WriteSomeData(/* args ....*/)
      {
      lock(_sync) {
      /*Put statements here to write data */
      }
      }

      private DbWriter() {/* hidden ctor
      • A simple C# code fragment to serialize access to the Jet DB can go like this.

        Sure, you could lock the database on the server every time a client updates a record. And you could make sure that the clients know how to wait and retry if the server table is locked. In theory, that works fine. In practice, though, the clients probably update the server tables piecemeal, not nice atomic commits. So we'd have a recipe for deadlock.

        You are correct that it could be done, but with the amount of work it would t

        • You're right. It's just fun to post a simple code fragment in an attempt to make Diebold look foolish. You know, kick the man when he's down type of thing. It's not straight up but it's still a lot of fun.
    • Re:I smell fud (Score:5, Insightful)

      by sholden ( 12227 ) on Friday April 27, 2007 @12:18PM (#18902909) Homepage
      1. The data is corrupted (totals are different)
      2. There's a known data corruption issue in the engine caused by concurrent activity

      A reasonable conclusion is that the programmers were idiots and wrote an non-thread safe application with multiple threads. Another conclusion would be they intentionally attempted to fix the election. Incompetence before dishonest is the usual way to approach those things...
      • Re: (Score:2, Interesting)

        whenever a successful company, that should know better, doesn't know better, i can't help think that somewhere, someone said: "well let's put joe on the job. he's never actually programmed before, but the bug fixes will keep this contract going for years."
        i wonder if, to encourage problems, either diebold, or the government contracts with diebold, deliberately enshrined incompetence in some way via timelines, pricing, obtuse/antiquated software requirements.
      • by Secrity ( 742221 )
        Except for the fact that the company who built the machines seems to have an agenda that was better served by having properly corrupted data.

        In a Republican fund raiding letter, the president of Diebold indicates his bias by saying that he is "committed to helping Ohio deliver its electoral votes to the president next year."

    • The problem is not simply that the chosen db back-end has some significant drawbacks.
      Any system can and will have bugs and weak areas... What makes this scandalous is that Jet (MS Access) is literally THE crappy database engine and everyone knows/knew this.
      If a DB admin or programmer is going to make a joke about a farked-up database project the db will be ms-access.
      If you are going to mock a competitor you might suggest that they build their software using visual basic and a JET database.

      None of this is
  • by Anonymous Coward
    I consider voting machines to be a pretty straightforward application of computer technology: counting things. There are thousands of examples of this being done with complete accuracy. Heck, Wal-Mart always knows how many boxes of ice cream it has in every store and the exact temperature of each freezer. Diebold gets the contract and you'd think they were trying to land a man on Pluto.

    Voting machines need to be an open-source project anyway. We ALL need to know what's going on in those things.
  • by MosesJones ( 55544 ) on Friday April 27, 2007 @12:07PM (#18902693) Homepage
    Reading this made me think about my time doing safety critical systems (it fails, someone dies) and its really stunning to think that something like voting in a democracy isn't considered mission critical to the country.

    There really is no excuse for voting to not be done on a comparative basis e.g. every vote to be checked via 3 different software lines (this isn't rocket science) and a voting system to then confirm that the vote is being applied correctly. This vote should then be written to two (at least) data sources to enable reconciliation at the end.

    This is a freaking implementation of a check-box system where is the sodding complexity that means its expensive to be professional.

    Voting in a democracy is mission critical, to not consider it that way is to say that voting doesn't matter.
    • Lets put it this way. More care goes into checking tickets at a rock concert.

      Your paper ticket has a barcode on it. The nice people at the turnstile scan it, the number is checked in the database and you get a nice instant feedback if the ticket has been used or is totally bogus. They handle thousands of people crushing into the gate in the space of minutes, on the outside hours. And they use off the shelf equipment and standard DSL or T1 lines.
    • No, it isn't (Score:3, Insightful)

      by Shadowlore ( 10860 )
      its really stunning to think that something like voting in a democracy isn't considered mission critical to the country. ...to not consider it that way is to say that voting doesn't matter

      You are incorrect on both counts.

      First, if something is "mission critical" do you entrust it to people who have no idea of the necessary details, or will just use a default position to produce the end result as opposed to careful thought and analysis? No.

      Perhaps you don't understand what "mission critical" means. I'll clue
  • Isn't this fraud in so many ways?

    Calling something a voting machine AND selling it, when it isn't a voting machine fit for that purpose at all.

    It's as much a voting machine as my bedsheet is a certified parachute fit for skydivers.

    They're lucky they're in the USA. In other countries they might actually get lynched by angry voters or executed (for treason?) if they escape the mob.

    But it'll be hard to convince the rest of the world that the US is interested in democracy and fair elections in Iraq if this sort
  • by hey! ( 33014 ) on Friday April 27, 2007 @12:32PM (#18903273) Homepage Journal
    Real database engines keep complete transaction logs.

    Which is why when explaining a result matters, you use a real database engine, not something like jet, which is simply a library to maintain indexed files.

  • This is nearly unbelievable! So essentially the voting machines were running Access. Even Microsoft says that the Jet DB engine should not be used in situations when a lot of concurrent users are expected. So I guess this is one case where Microsoft cannot be the bad guy, shocker!

    Why would they do this? If cost was the issue, Jet vs SQL server say, then why not go with PostgreSQL, MySQL, or other free alternatives? Even if you're a Microsoft shop, it isn't that hard to make MS stuff interface with OSS DB ba
  • George W. Bush!!!!!....wait a minute...WTF?!?!?!?....
  • We can use any tools we want. Hell if they want to shrink down tiny scribes who are placed in the machines to write everything down, then fine. But they have to fully disclose everything. Otherwise what will happen is that eventually we'll be unable to find problems and problems will continue to occur w/o our knowledge until at some point the whole process is a sham.
  • The database is built from Microsoft's Jet database engine

    Why not just put a degaussing coil in all the door frames?
  • by tom448 ( 1094321 ) on Friday April 27, 2007 @01:21PM (#18904313)

    Back in 1995 I came in touch with the JET engine for the first time. It was used in a database application for a commercial aircraft carrier (!) Databases were corrupt all the times. It was obvious that the technology was a mess. At that time, much better alternatives were available for a little more $$. Hence I could not understand why anyone would spend time and money with such broken technology.

    Now we see the use of this technology again, and in an application that is crucial to the future of the U.S and to the future of many other countries... the same mistakes are being made again.

    But that is not the real problem. Yes, we know that electronic voting machine manufacturers have a long record of being lazy, careless, and incompetent. The actual problem is with the opinion of the decision makers in the administration and with the opinion of the public. Information technology is widely accepted as a means to make collecting, sorting, and counting, of numbers, names, addresses, etc. more reliable and more efficient. So why not use it also to collect and to count voter ballots?

    There is this subtle difference between paper and electronic storage. If you write something on a paper or make a hole, then it will be very difficult and time-consuming to remove the writing or the hole. In any case, too much work to alter ballots in significant numbers! And, if you still do, you leave a trace to be discovered by the forensic experts. In contrast, the information stored on a hard disk, in a flash ram, or transferred via network, can be altered very quickly and, if done well, without leaving any trace. Hence it is by nature that electronic voting machines are insecure and unreliable.

    Badly designed and badly implemented electronic voting machines just add up to the insecurity and the lack of reliability that this technology has by its virtue. On the other hand, measures like paper audit trails are certainly very helpful, but these are mere attempts to improve a technology that is bad from the outset.

    Looking at people's difficulties in understanding and dealing with today's computer security threats, I guess that it will take a lot of time until the aforementioned difference is in the heads of majority of the public and of those involved in the voting process. In the meantime, we will have many more "voting machine news": For every major election where electronic voting machines will be used, there will be stories about malfunctioning machines, missing audit trails, about elections being stolen, and so on. This is the wrong approach to "strengthen the democratic tradition".

    My credo is that running a democracy has a prize that is called "counting by hand".

  • Now they've done it... there's an element of plausible deniability now. It may not be that Diebold is corrupt and in the pocket of the GOP. It could also be that they're a bunch of idiots who are unqualified to deliver voting equipment upon which a large part of our democratic processes depend. Either way, though, they should go.
  • What is M$' liability? Surely they were collecting licensing fees and knew what the machines were being used for. Given their warning, should they not have refused to license? Does their warning get them off the hook? Didn't work for Napster....
    --
    Rent solar power: http://mdsolar.blogspot.com/2007/01/slashdot-users -selling-solar.html [blogspot.com]

Be sociable. Speak to the person next to you in the unemployment line tomorrow.

Working...