OK, Diebold, what's next? Are you planning to issue a "take down" for house.gov?
Via Cyndy Roy at American Samizdat
This probably doesn't make any difference. Diebold is a large company offering many products beyond their e-vote machines, and each division is responsible for their own security vulnerabilities. But Diebold ATMs were compromised by the Nachi worm in August. If this means anything for voting security advocates, it means that truely talented security professions are in short order.
Obviously however, some folks just don't get it, and this time it is the California Association of Clerks and Election Officials (CACEO). Claiming that Shelley had "overstepped his bounds", CACEO head and Shasta County Clerk Ann Reed called the decision "a major defeat for the disabled community, as well as the minority-language communities." Riverside County Registrar of Voters Mischelle Townsend said she could not say yet whether the CACEO would pursue legal action against the state, but the group will be meeting next week to discuss its response.
Comments: Groups like CACEO perhaps are our greatest hurdle because they are the people charged with running our elections (and purchasing this technology). Unfortunately, many of these people are simply in over their heads when it comes to technology issues.
CACEO is of course correct to be concerned with disability and minority-language access to the voting booth. The problem is that they view such access to be unaddressible by technology, when clearly it is not. Whatever solutions have been implemented to provide for these concerns on e-vote machines without printers can certainly be extended to e-vote machines with printers, and if to any extent it might not, no one would object to alternative methods of providing voting booth access to those with problems.
And this is the problem. We have thousands of people making these decisions on e-vote technology when too few of them have and understanding of the technology itself. In business when a similar problem is encountered, the solution is obvious: Hire a consultant to evaluate the options and separate real from imagined problems. The problem is that qualified consultants are quite expensive, and when product selection is at a county level, they are simply too expense. In Maryland, where the product selection was conducted at the state level, the consultant option was indeed used, and though I've previously expressed my reservations regarding what I consider to be their premature selection of Diebold, they at least appear to be on the right track on the security problems they face as a result of that selection.
- Apparently Gore Vidal doesn't think too much of E-Voting either. This interview is a worthwhile read for many reasons, but his comments on E-Voting are close to the end of it.
- According to two political scientists at Spelman College and Western Carolina University, voter turnout is directly affected by the distance voters live from their polling place. Moshe Haspel and H. Gibbs Knotts also suggest that "unscrupulous election officials could manipulate election results by rejiggering the locations of precincts to increase or decrease turnout in certain neighborhoods."
- Residents of Leeds and the Thousand Islands Township in Canada don’t go to the polls to vote anymore. They vote by mail and have found that the method substantially increases voter participation.
Update: It turns out that the problem in Boone County was not a software problem after all. As The London News Review reports (why do I have to go to England to find this?), the MicroVote software requires each machine to be "reset" between elections, and requires all new machines added to also be "reset". Apparently, Boone County election staffers did not do this, hence the error. MicroVote thus dismisses this as user error, but apparently this has happened before with their system (Montgomery County, PA (1995) ~ Initial Report and MicroVote's Rebuttal).
So no, it was not a software problem, because the software worked exactly as designed, ... which makes it a design problem in spite of MicroVote's protestations of innocence. Allow me to put on my "design cap" for a moment, because I've mentioned this before.
Computer types love to design systems. It's one of their favorite things to do. But left to their own devices (as in little user input), they tend to design systems that are easy for people like themselves to use, but not necessarily easy for others unfamiliar with the details of their systems to use. And that is exactly what happened in these instances. It is all too easy for them to claim "dumb user", when in fact the real case is the dumb designer who did not take into account his "dumb user".
Yet this is the exact environment in which these machines will be used. A flurry of temps are hired before each election, and somehow all of these people are expected to suddenly understand and perfectly execute the system designers' intent. The real world simply does not work that way, and any designer who expects it to is a fool.
But read the News Review report because it's got a lot more links than I've used here.
In the late-breaking "E-Vote Firm's Bill Comes Due" (11/11), California has announced that it will not continue with the certification of Diebold voting machines until the company pays for an audit of all the company's voting machines used in the state. The halt in Diebold certification is causing problems for counties that have selected Diebold, but California election officials would "rather err on the side of inconvenience and delay."
So starts this extensive New York Times article, which runs through a host of other problems Diebold has faced lately (the Hopkins/Rice study [239 KB, PDF], the FTP-software discovery, the leaked e-mails, and the Maryland/SAIC study (See "Did I say that?" below). Over all, a good "go to" article for anyone just getting into the Diebold e-vote issue.
Other Diebold Election Systems in the News:
- Electronic Voting Firm Sued Over Threats ~ 8:52 PM 11/4/03 - AP Online
- Voting machines face two tests ~ 9:33 AM 11/4/03 - CBS MarketWatch
- Diebold Warns on Electronic Voting Papers ~ 10:21 PM 10/29/03 - AP Online
- Reality check in the election booth ~ 10/3/03 - Maryland Gazette ~
- Diebold Election Systems Tabulates Accurate, Secure Votes In Boston ~ 10:32 AM 10/3/03 - Press Release
Let me explain further my feelings on the Maryland Risk Assessment Report [Body (1.25 MB, PDF), Appendix B (response to the Hopkins/Rice study, 700 KB, PDF)]. While this was a good study in that it highlighted many important vulnerabilities, it missed two critical issues:
- It addressed security vulnerabilities as if Maryland election workers were honest. Now I am not suggesting that they are not, but it is a far more trivial problem to design and build a secure system when you assume employee honesty. It is much harder when you have to provide for the possibility of employee dishonesty. This is especially troublesome in voting systems because a large influx of temporary workers are hired only for a particular election.
- It failed to address the fact that this software simply shouldn't have all of these problems!. Let me explain. You're sitting in front of your computer. It's a pain in the ass. Software doesn't always work right. It crashes, sometimes with no apparent cause. But this is just what computers are like, right?
No, they're not! If computers were like that, they never would have gotten this far. But it is apparent that the authors of this report think that they are, and that is simply a bad assumption. Here's the difference:
- Your home computer: It runs on an operating system (O/S) that can run on many different computers. Each of those computers has a different set of input/output (I/O) devices attached, and more can be added or deleted per your needs. Your O/S will run thousands of different programs, each with different needs. It can run several dozen of these simultaneously (multi-tasking). It handles dozens of different communication protocols, some local (your printer, your DVD, etc.) and some remote (your home network, the internet, etc.) And all of this stuff goes on simultaneously. Pretty amazing. And consider also that you can buy one of these for less than $1,000, the O/S and your programs being a small fraction of that purchase price. And you wonder why your home computer is tempermental at times? Easy. You get what you pay for.
- Now contrast that with a touch pad voting computer: First, hundreds and perhaps thousands of identical touch pads are purchased at a single time. Each of these runs at most four programs: Receive the ballot, record the vote, (perhaps) transmit the results, and (perhaps) run in test mode. And none of these run simultaneously. Communications protocols? Five: Run the display, accept input, read/write hard drive, read/write votes, and (perhaps) communicate externally. Compared to your home computer, this is a walk in the park. And the price tag? Millions of dollars. So why so many problems? There is only one answer to this: incompetence.
So here are the key points of this situation. Maryland's purchasers of these computers have expectations of them that are consistent with their own experience with their home computers. But the authors of this study are clearly "computer professionals". As such, they should have written this study from the perspective of their own experience and expectations, and not from the perspective of the experience and expectations of their client. But they did not. Why?
On a side note, no sooner than Ehrlich got done giving the go ahead on the state-wide Diebold installation than it was learned that Gilbert J. Genn, a well-known Annapolis lobbyist, represents two companies involved in the overhaul of the state's voting machine system. Mr. Genn, a former Montgomery County delegate, is registered as a lobbyist for Diebold Election Systems Inc., the company that has a $55 million contract to provide the state with its electronic voting system, and Science Applications International Corp., the computer security company the state recently hired to examine the Diebold voting machines for flaws. Ehrlich has ordered an investigation.
What a way to run an election. As the Washington Post, suggests, "Why leap?"
- Two parishes use 3,992 iVotronic voting machine by ES&S. (iVotronic machines were in use during the troublesome Miami-Dade County elections in 2002, although equipment quality is not believed to have been a source of those problems.)
- Sixty-two parishes remain on an assortment of older manual voting machines (4,272 machines total).
"It's been a little overwhelming. We're getting phone calls from all over the state, ringing off the hook. Everyone is telling me that I'm the only moderate, electable candidate."
Voting Without a Choice
"The point of elections is to test ideas and hold officials accountable. This process is short-circuited when like-minded voters are so concentrated in districts as to render the outcome a certainty. Lack of competition amplifies ideological differences and further polarizes U.S. politics, because Republican officeholders need not answer to Democratic constituents and Democratic officeholders can ignore Republican voters."
Originally published November 12, 2003
From the archives: Chris Floyd publishes a weekly editorial column in the Moscow Times called "Global Eye". About a month back, he published an editorial on the American voting system called "Last Rights".
"It's dangerously naive to believe that such a gang, coming to power in such a fashion, will allow a legitimate electoral contest to take place next year. They have too much to lose. They haven't expended so much effort -- and so many thousands of innocent lives -- to build this vast engine of repression and profit only to turn it over to Howard Dean or John Kerry, just because the stupid American people say so."
Originally published November 5, 2003
- If you want to know if your voting district uses Diebold voting machines, BlackBoxVoting.org (thanks, Bev) has published a list of such locations [890 KB PDF, approx. 3 minutes download on dial-up] covering both the US and Canada. This is a two-part list, the top covering locations that use any type of Diebold equipment, and the bottom covering locations using their touch pad equipment.
[A couple of notes on this. First, while the Diebold touch pad equipment contains security vulnerabilities, their centralized vote tallying software and hardware is far more vulnerable, especially in terms deliberate wholesale tampering. Second, just because your district does not use Diebold voting machines doesn't mean that you are not exposed to similar vulnerabilities; simply that there isn't sufficient info out about these other systems to know for sure. There is sufficient information out to suspect that other manufacturers machines are vulnerable in similar fashions.]
- Maryland's Campaign for Verifiable Voting is a great example of what local citizen activists can do on-line when they get behind an issue like this. Lots of articles of both local and national interest.
The State of Maryland, by the way, did a serious computer systems vulnerability audit of the Diebold machines before implementation, certainly in some part due to the efforts of this group. You can get that report here [1.3 MB PDF, approx. 4 minutes download on dial-up]. Some notes on it from my review of this report:
- The report is heavily redacted, with only 69 of the full 200 pages viewable in this download. I went through it in detail noting exactly where the redactions occurred and what would be in those sections. I have a high level of confidence that all redactions in it were made solely to protect the integrity of Maryland's implementation of the Diebold equipment.
- This report is exactly the type of effort that needs to be made by every state/county/district implementing any voting machinery. If anything annoys me about the State of Maryland report, it is that a lot of this stuff should not have to be done by Maryland staffers; it should be in the Diebold product when sold.
- First, most of the people involved in the purchase of these systems are simply not qualified to purchase computer systems involving high security requirements. To be truthful, most of these people cannot even envision the threats that are out there, even if they can understand the incredible security needs involved in the voting process. This leaves a gap between user expectations and the provider's ability to satisfy these. Now Maryland indeed recognized these, and took substantial action to close this gap. Maryland, if not perfect, did well. Contrast that with the Georgia implementation (Chapter 9 of the book "Black Box Voting", 120KB, PDF), and the difference is obvious. Maryland "got it" and Georgia did not. (Hail, Zell Miller.)
- Second is the uniqueness of the voting environment itself. Most of the staffers on election day are not full time staffers, and so have little if any experience in the technology presented before them. They are "temps" with no prior experience in computer security. They are honestly trained to do what they are hired to do, and they mostly and honestly try hard, but computers have exceptions of wildly different kinds. When such exceptions occur, these people will inevitably defer to anyone who simply claims a solution to the problem. This does not necessarily have to be a person with ill motives (though it may be), but at this moment, all security of the vote is lost.
Originally published November 4, 2003
- One of my local TV stations carried a very good segment on touch screen voting machines on their Sunday 11 P.M. News program. This ran approximately 8 minutes (very long segment for them) and was surprisingly good. Both sides were presented fairly (Rebecca Mercuri was cited several times), but the segment opened and closed with an older woman very afraid of her vote, and so the impression was definitely left that there might be a serious problem.
- On the subject of older women, my mother (who lives in a retirement community of about 20,000) had a visit from a neighbor this weekend. There was some chatting about voting which led this woman into asking my mother if she would be willing to use an absentee ballot in the coming elections. So we clearly we are starting to have an impact among our seniors, and this is certainly good news.
- The New York Times is out with a major (5 page) article on the Diebold memos controversy: File Sharing Pits Copyright Against Free Speech. Lots of good stuff here of course.
- The Diebold memos controversy coverage continues at Why War with weekend updates. While Diebold continues with its "take down" requests, there are now over 40 active mirrors on campuses around the country with estimated copies of the data base from some of the earlier mirrors running over 30,000.
- Along with this, the Online Policy Group (a non-profit internet provider) has also received a take down request but has decided to defy it. You can read their Diebold take down request here and their own response to it here. This is a lot more than just a bunch of legal mumbo-jumbo. between the two memos, you'll get a very good framing of the copyright vs. free speech argument.
Originally published November 3, 2003
- About a third of the way down, activist Jim March is mentioned as one of the leaders in this fight. I was glad to see him mentioned, as I've been working with him on and off for a number of months.
- About two-thirds of the way down, the AP states, "... it is not known how many copies exist." From my own scan of the controversy, I would have to estimate that there are at least 10,000 copies of this (11 MB) data base now in private hands, and I would not be surprised if their were many times more than that. [UPDATE: The latest estimate I've seen is 50 thousand copies, and that was based on site stats from only the first three mirrors.]
- A mention of Swarthmore College (where I got my copy from) concludes the article. The college has forced students to remove the data base, and has told students that even accessing sites with links to it will be grounds for forfeiture of computer access. Much more about this in the following article.
- Note that this story was also carried by the LA Times, the Washington Post, and Newsday, as well as dozens of other newspapers around the country. The story has also been picked up by the Canadian and European presses.
Originally published October 29, 2003
- Korea Life Blog
- Academic Secret
- African Food Blog
- Second String Swap
- Work at Home News
- Just Another Opinion Blog
- Dip Dot
- iPhone News iPad Review
- Cheap Hotels Travel
- Retirement Planning
- Intelligence Online
- Small Business Victories
- Swap & Hop Sports
- Health Consulting Group
- Genius Duck
- Atlas Travel
- American Electronics and Furniture News
- Elite Kitchens
- Kitchen and Bath Corner
- Oops! Diebold can't be happy about this! After all...
- California Gets E-Vote Paper Trails ... maybe Cali...
- From the Archives: "None Dare Call It Treason" Per...
- Short Takes:Apparently Gore Vidal doesn't think to...
- Boone County, Indiana election officials reported ...
- More on California's Diebold certification: Wired ...
- Kudos to Jim March: When I first heard that Califo...
- This just in from Wired News: California Halts E-V...
- Much to offer today. We are getting a lot of cover...
- Diebold Legal Action Backfires: Diebold warns on e...
- * * * End of Black Box Notes * * *
- ▼ November (11)