Not Just Diebold That Has Weak Voting Machine Security

from the easy-to-hack dept

With the recent attention given to Diebold optical scanners for voting ballots in Florida, it's worth remembering that many competing machines may be vulnerable to similar flaws. The article also explains, in a fair amount of detail, why the Diebold machine is so badly designed. There are a couple of scary elements that just about any techie would question why Diebold chose to design its machines this way. First, the memory card used in the machine doesn't encrypt the vote counts at all -- making it much easier for someone to access them and change them using an ordinary card reader. Second, and more importantly, the logic to check whether or not the card is zeroed out at the beginning of an election is on the card itself, rather than on the machine. In other words, all anyone has to do is hack the card to tell the machine that the initial results are zeroed out -- even if they're not. As for states where they inspect the code being used, they're inspecting the code on the machines, but not on the card. And, while Diebold cracks jokes about how something like this could never happen in a real election, wasn't it just a month ago that California Governor Arnold Schwarzenegger discovered that the e-voting machines he planned to vote on hadn't actually been zeroed out before the election?
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 21 Dec 2005 @ 10:53am

    No Subject Given

    I think it should be obvious that this is not just a case of incompetence, but criminal intent. These machines were *designed* to be hackable so that votes can be changed - in Diebold's case at least, to "deliver votes to the Republican Party". The only incompetence here is that they did not do a good enough job of concealing the vote-changing mechanisms.

    Voting machines should be based on free, open-source software, AND a single, open, licensable hardware design. Otherwise we should forget about machines altogether and stick with paper ballots.

    link to this | view in thread ]

  2. identicon
    haggie, 21 Dec 2005 @ 11:10am

    No Subject Given

    Isn't Diebold publicly traded? Why don't the Demos just buy up the company, replace the management with liberal stooges, rig the system, and then elect themselves to office next term?

    Oh, wait. That would be proactive. Instead we're just stuck listening to their incessant whining.

    link to this | view in thread ]

  3. identicon
    MissingFrame, 21 Dec 2005 @ 11:30am

    Re: No Subject Given

    Haha now that's the kind of proactiveness I want in my government!

    Besides, what's the old saying, don't look for conspiracy what can easily be explained by incompetence?

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 21 Dec 2005 @ 1:12pm

    Re: No Subject Given

    I believe the quote you are looking for is "Never attribute to malice that which is adequately explained by incompetence"

    Unsure of the origin, and googling for 60 seconds didn't turn much up.

    link to this | view in thread ]

  5. identicon
    Arlene Montemarano, 26 Dec 2005 @ 4:44am

    No Subject Given


    Every week I get dozens of solicitations from the Democratic National Committee, from the Democratic Senate and Congressional Campaign Committees, or from various Democratic candidates and office-holders, each of them asking for contributions. "You can help us achieve victory next November," I am told.

    If by "victory" is meant a majority vote cast at the polls, then the Democrats achieved "victory" in 2000, 2002 and 2004. And yet, the Republicans remain in control of the Congress and the White House.

    Small wonder! Republicans build the voting machines, Republicans write the secret software, Republicans count and compile the totals. The Republican machines allow no auditing of the vote totals they report. So Republicans have the ability to "win" elections, regardless of the will of the voters. There is compelling evidence that they have done just that.

    And so, if nothing is done to end the privatization of our elections and to introduce reliable verification, the Republicans will "win" again in November 2006 and then in 2008. Today, eleven months before the mid-term election, the outcome is fore-ordained – as certain as Soviet elections under Stalin, and Iraqi elections under Saddam. For, as Stalin said, "Those who cast the votes decide nothing, those who count the votes decide everything."

    In the United States today, the GOP counts most of the votes, and there are no means to verify up to 80% of those votes.

    In view of this dreadful situation, when the Democrats ask me for a contribution I must reply: "What's the point? It's already been settled! What remains is an empty charade."

    The evidence of election fraud is overwhelming. You, Dr. Dean, are doubtless as aware of that evidence as I am. In fact, along with millions of fellow citizens, I watched the video clip of you sitting at a table with Bev Harris, as she simulated with a computer, in just a few seconds, a "fix" of an election. If I were to elaborate the evidence of fraud, space restraints would force me to halt after I had scarcely begun, and I would never get to other issues I wish to discuss in this letter.

    Suffice it to say that several independent statistical analyses have put the probability of an honest 2004 election as one in several million. The thirty-plus-point polling discrepancy in last month's Ohio election reform initiatives are off the probability scale – in effect, impossible as random error. Attempts to explain away the 2004 exit poll errors are risibly lame. (For example, the theory that Republican voters were more reluctant to speak to exit pollsters is supported by no independent evidence, and fails to explain why this alleged phenomenon was confined to districts with paperless e-voting machines, and not found in paper-ballot districts).

    Reports of machine failure and error during the 2004 election were overwhelmingly to the advantage of Bush/Cheney. No one has come forth with a plausible explanation of how Bush gained an additional eleven million votes over his 2000 total. (For a "gateway" into the evidence of voting fraud, see The Crisis Papers pages on "Electoral Integrity" and "Election Fraud.")

    The evidence of voting fraud and election theft is no secret – it is out in the open for all to see who are willing to see. In 2000, millions watched as Republican thugs, recruited by Tom DeLay from Washington congressional offices, stormed and shut down the voting recount in Miami. The published text of the majority opinion in Bush v. Gore that handed the 2000 election over to George Bush is a self-refuting travesty. Books, articles and reports by Steven Freeman, John Conyers' staff, Fitrakis and Wasserman, Mark Crispin Miller, and the Congressional Government Accountability Office, to name just a few, all testify convincingly to the vulnerability of the election process and the illegitimacy of the election results. Occasionally a virtual confession of guilt is blurted out by a careless GOP operative. For example, as the votes in the 2004 Presidential election were still being counted, Republican Congressman Peter King was caught on camera saying "It's all over but the counting. And we'll take care of the counting." (You can see it here).

    There is no cogent rebuttal to this evidence of voting fraud: there can't be, for the e-voting machines and compilers have been designed to forbid rebuttal. The software is secret and there is no independent record of the votes. Accordingly, so-called "verification" is nothing more than a re-run of the suspect tallies. Lacking substantive evidence of the reliability of the voting and compiling machines and software, all that remains for the defenders of e-voting is a pathetic plea, "just trust us!" That and ad hominem attacks on the skeptics: "get over it," "sore losers," "conspiracy theorists."

    The response of the mainstream media in the face of all this? Total silence.

    The response of the Democratic Party? Total silence.

    The response of the media and the Party to the GAO report report validating the concerns of the critics? More silence.

    Why?

    Admittedly, with total GOP control of the executive and congressional branches in Washington, federal investigation and legislation are, for the moment, out of the question. But elections are administered on the state and municipal levels where, in many cases, the Democrats are in control. So I ask again:

    Where are the criminal investigations?


    Where are the civil lawsuits, e.g., by Max Cleland in Georgia, Walter Mondale in Minnesota, Al Gore in Florida, John Kerry in Ohio?


    Why is appropriate state-level legislation not proposed and enacted by Democratic majorities?


    Why is the national Democratic Party not publicizing the GAO report?
    I am told that some Democratic politicians are concerned that if the Party raises a ruckus about voting fraud, the Democratic base will be discouraged and will stay at home on election day.

    Well, so what? If the fix is in on election day, what does it matter if the voters go to the polls? Why try to close the gate if the horse has been stolen?

    We also hear that the crime of stealing a national election is so enormous that the GOP wouldn't dare to attempt it.

    Why would they not? Computer experts have shown us that the theft of a national election can be carried out by very few individuals: the programmers who write the secret software and a few centralized hackers working in "real time" as the returns start to come in. We are also told that they can do this without leaving any trace of their crimes.

    Might the perpetrators be deterred by moral qualms or loyalty to our political institutions?

    Get real! We are speaking here of a pack of scoundrels who have lied to the public in order to launch an illegal war costing tens of thousands of innocent lives, who have openly violated treaties and condoned war crimes, who have suspended the civil liberties guaranteed by the Bill of Rights, who have absconded with the national treasury and have put our children and their children in permanent hock, who have sullied the good name and reputation of the United States before the community of nations. In the face of such manifest evil, stolen elections are moral chump change.

    And consider in addition the stakes faced by these traitors: billions of dollars from the public treasury "appropriated" into private accounts and massive tax breaks for Bush's "haves and have-mores" while the rest of us face an increased tax burden and a slash in public services. And for many now in the Bush administration and in the Congress, defeat in the 2006 and 2008 elections would bring Congressional and Justice Department investigations and indictments followed by hard time in the federal slammer.

    In the face of all this, who can doubt that, if given the opportunity, they would fix elections in order to keep their ill-gotten booty and their immunity from prosecution? And it is abundantly clear that they have this opportunity.

    When the defenders of e-voting bother to respond to these concerns, they are heard to demand: "where's the evidence of this alleged fraud?" As noted above, we have the evidence, compelling at least, and many believe, conclusive. But such demands radically misconceive the correct burden of proof. Private citizens and organizations should not have to take upon themselves the obligation to prove their franchise either secure or fraudulent. The free citizens of an authentic democracy have the right to a secure and verifiable vote, and it is the proper task of the criminal justice system to secure that right.

    So there you have it, Dr. Dean. A massive and ongoing crime is being committed against our democracy – a democracy which has now, in effect, been set aside and shut down. A democracy which can only be restored if we the people rise up and take it back.

    Where, in this coming struggle, is the Democratic Party? Is it an ally of the people and a defender of our Constitution? Or is it an accomplice to the crime?

    The American people are entitled to an answer.

    Continuing silence by the Democratic party is, in effect, an answer. But it is not the answer to which the free citizens of a democracy are entitled.


    link to this | view in thread ]

  6. identicon
    Jeremy, 26 Dec 2005 @ 1:34pm

    Schwartnegger's vote problem was not with DREs

    Not in any way to defend Diebold, but you're mixing up two things here. Schwartznegger's problem with already having "voted" was not a problem with the DREs or with zeroing vote counter in the machines, it was with the electronic pollbooks (which list who is registered to vote). Those are a separate system, and I've never seen anything that says whether they're made by Diebold or someone else. [I've also never seen any security analysis of the electronic pollbook systems; they have very different requirements since there's no need for anonymity.]
    There are enough problems with the DREs (and DRE vendors) that we shouldn't accuse them of things that aren't their fault. False accusations just gives ammunition to companies like Diebold that say the anti-electronic-voting crowd doesn't know what it's talking about.

    link to this | view in thread ]

  7. identicon
    The Mother, 5 Nov 2006 @ 11:46pm

    Is That the BEST You Can Offer?

    You feel it's dems 'whining', why? Because the CEO is a well known republican backer? Because he promised Bush Ohio's votes in '04? And if he were a dem suporter, then would YOU be upset?

    It isn't a matter of who is getting shafted so much as the fact that we're ALL getting shafted. When our vote doesn't count anymore, then it's time to stand up and voice our complaints. Call it whining if you want, I want my votes to count, both my dem and my rep votes.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.