Diebold machines found to have vulnerabilities. Again.

I voted in San Diego and

I voted in San Diego and experienced a glitch on the Diebold machine. I voted for one governor and when I went back to review, another governor had been checked. I asked the poll worker for help and whom I should report this computer problem and they told me to report it to the San Diego County Registrar of Voters. WHen I called the Registrar they said they weren't registering the complaint but I could talk to the Diebold rep standing next to her. Forget it. So I reported this to the news and the California Secretary of State. I hope someone contacts me for more information to correct this problem, both from a computer issue and from a poor governmental reponse issue.

I guessed all along that

I guessed all along that these things would be hacked.. Only it's worse than I thought.

I think that the real issue

I think that the real issue that everyone is dancing around here is trust.

There are holes in every voting system out there. Whether it is paper or electronic, if the system is corrupt it's not going to work right.

How many dead people voted in Chicago?
How many hanging chads have there been?

How the votes are collected does matter to me. What matters to me is that I can trust the people running my election to collect the votes accurately and honestly.

You better believe that a bank is going to test the heck of their software. In much the same fashion, I would think that the purchaser of the voting system should test the voting system out. If the purchaser of the system is content with the way things are, then Diebold has done their job.

If the end users are not happy, then it is up to the company (government) who the customers are working with to work with their supplier to work out the complaints.

When the ATM at your bank is broken, do you call Diebold, or do you call your bank to complain?

Do you trust the people who run your elections? Do you believe that they have done a fair and reasonable job of evaluating the tools they have given you to vote with?

If not, then maybe something needs to be done about them.

The comment comparing voting

The comment comparing voting machines to banking machines and software is a little erroneous. Banking transactions clearly identify and disclose (to the appropriate parties) both the source and the destination of the transaction, a problem on either end can be identified by either party (if the bank takes money out of your account and you didn't authorize it, hopefully you are going to catch it and report it). Voting machines have to correctly record and tabulate votes while maintaining the individual's anonymity, unless we give the officials a list of everyone in the county and how they voted (which I don't think anyone would like), there is no way to track the vote back to the source.

To relate this to the banking analogy, this would be like the bank taking $1000 out of 100 peoples accounts (including $1000 out of your account, when you did not authorize it) and depositing it into a secret offshore, then when you dispute the charge, they say that since the entire 100,000 was deposited into their account, everything is fine and you should just 'trust' them, they know what they are doing after all.

While not a true comparison, there is a huge difference between a system that has checks and balances at both ends like banking (due to the lack of anonymity), compared to voting that is supposed to accurately record our vote, while still maintaining our anonymity.

Just my .02

Properly conducted exit

Properly conducted exit polls have been shown to be very accurate. Recounts are only done if the official counts are discrepant with expectations from polls or if the vote is very close. The effort or cost to recount paper ballots is not significant since recounts are rare and the importance of being correct is so high.

I agree with Steve Hanson. Verifiability is the key. You can tolerate software bugs, hacks, wiped memory media, etc. as long as the voter gets a printed ballot out of the machine, visually verifies it, and puts it in a secured ballot box. If there is any question about the performance of the voting equipment, it is a simple matter to recount the paper ballots.

Complaints about ballot box stuffing can be solved by the U.S. joining the rest of the civilized world and taking the voting process out of the hands of partisan political hacks and allowing members of all political parties to be present for all phases of vote collection and tabulation.

" The voter could be shown

" The voter could be shown the image, just like showing them paper, and a separate party, to prevent collusion, could develop the image display. "

Why the fascination with technology?
Paper is cheap and easily understood by users.

The voter can verify if the paper ballot shows the name of the candidate voted for and drop it in a sealed box, as has been done for many years.
Ballot stuffing is indeed possible, but the scale is limited to one (or a few) polling stations, wheras a virus spreading to all voting machines in the country is the largest scale possible. Next to that, a recount has to be done only if the results of the electronic voting are challenged.

Why the fascination with

Why the fascination with paper? Paper is a mess. Fake paper (ballot stuffing, counterfeit bills) is a problem wherever paper is used. Record the votes as an image on a separate physical device (how about DVDs), then use a back office process (from someone else) to re-count all the votes from the images. The voter could be shown the image, just like showing them paper, and a separate party, to prevent collusion, could develop the image display. Banks can balance billions of dollars on dual entry systems - the primary systems count and the back office count should be the same - and be verifiable.

This article is about

This article is about security and reliability of the voting systems. But those are the wrong requirements. The primary requirement should be verifiability. If a voting system is verifiable, follows that it must also be secure and reliable.

We shouldn't have to trust the accuracy or security of the system, or of the programmers or administrators. Anyone who wants to should be able to verify everything in the process, from start to finish.

Each voter should be able to verify that his/her vote is correctly recorded by inspecting the record of that vote. The physical media on which each vote is recorded must be such that it cannot be altered after the vote is recorded. A verifiable chain of custody must be maintained from the time each vote is cast until after all counting and verifying is complete. After the voting, each interested person should be able to verify that the votes have been correctly counted, again by inspecting the media. Those inspections must not require any mechanism that most people cannot personally verify. Hence, the media must be such that it can be inspected directly using only the human eye. Finally, the media must be of a familiar type, so that even stupid people are able to verify that their votes are correctly recorded.

That one requirement, for verifiability, pretty much rules out every proposed voting method except "paper ballots". And, it imposes stringent security, reliability and other design requirements on the use of the paper ballots.

PD, The problem is, it's

PD,

The problem is, it's Diebold, not us, who are failing to take the problem seriously. There are a host of problems that have faced the Diebold machines from the very beginning and Diebold has refused to fix them. I'm not even talking about the specific problems in the paper, I'm talking about relatively easily fixed issues, like a paper trail for non-repudiation and signed and verified software. If you can find me a bank that's willing to allow a vendor to put software on an ATM that hasn't been tested not only by the vendor but by the bank or at least a third party, I'll point you to a bank that's out of business.

I don't want perfection, that will never happen. But I'm also not willing to accept a system that can be broken in less than 2 minutes by a skilled assailant. Billions of dollars isn't all that much compared to the next Presidential election, in the grand scheme of things.

Martin McKeay
martin_cw@mckeay.net
http://www.mckeay.net/
Voicemail: 916.231.9479

Now that the irrational

Now that the irrational sides from both extremes to the problem have been heard, I believe that neither putting Diebold (and all other eVoting companies) out of business nor making an about face and returning to the days of my grandparents with paper and "X" is going to get us anywhere.

I work in this field and know that there are many ways of solving the problems that don't require a lot of specialized coding or any new techno breakthroughs. The eVoting is nothing more that a secure Portal into which peoples chosen information is dictated. In other words e-Bay for politicians. We know that systems can (and are) hacked at will, ballot stuffing (hacking with pencil and paper) and hanging chad due to voter carelessness have been problems with us since the beggining of time.

Reling on a single entity to provide ALL the security is not the answer either, heavens the newest notebook computers these days will not allow you to boot them without a fingerprint. It is not necessary to know to whom the fingerprint belongs, only that it occur ONCE and only ONCE per voting cycle. Many other methods of identification are also possible if one does not like using fingerprints that we carry with us every day that we know are secure. The attack here appears to be at one company Diebold, and that because of failed logistics on behalf of an Election Authority. My company makes software on which billions of dollars of commerce securely flows every day (yes the US and most advanced governments use this software also). And for proprietry software the worlds banking systems appears to run fairly smoothly doing exactally the same thing. What is the difference between penny's, nickels, quarters and so on and the selection of a person that belongs to a certain political party (even perhaps his own party of one person - ever heard of the Susquheana dollar?).

As it stands now we can all take off our shoes and "clog" up the works, or we can take this seriously and march on with the times. The solution is NOT creating something "brand-new" every election, but taking something already existing and proven that is trusted by "we the people" to do our everyday precious chores (like move our money around) and use it. We can keep improving it each time and we can be reasonable. Someone is going to have to keep ahead of the "hackers" each election, the same as we have to keep one step ahead of the ballot stuffers each previous election. Nothing is perfect, but software involving millions of people securely conduct electronic business every day. Let's get a national standard to vote every few years and stick with it!