How Dare You Actually Want Secure And Valid Elections?!?

from the take-that,-whistle-blower dept

Mon, Mar 27th 2006 11:33am — Mike Masnick

Back in December, a Florida county ran some hacking tests on Diebold's ballot counting machine and found them to have serious security issues, which made the county elections supervisor, Ion Sancho, ban the questionable machines. Diebold responded not by showing that their machines were secure, but by cracking jokes about the whole thing. Why were they so amused by the whole situation? Perhaps because they're the ones in the power position. They were able to get around a similar ban in California and now none of the approved voting machine vendors will even sell approved e-voting machines to Sancho, effectively punishing him for daring to make sure the machines were accurate and secure. This is a bit strange, as you'd expect the other two approved firms, Sequoia Voting Systems and Election Systems & Software, would jump at the chance to both replace Diebold and prove their machines accurate and secure. Instead, it sounds like the only firm that is even willing to negotiate with him... is Diebold. But, they want to put in a clause in the contract that would ban him from conducting any such tests again. Instead, he'd only be allowed to perform "authorized" tests -- because we all know that anyone involved in election fraud follows the "authorized" rules for hacking these machines. Diebold also spins things around by complaining that Sancho is responsible for undermining "the public's confidence in the security and accuracy" of Diebold machines. That's funny, we thought Diebold was doing a damn fine job of that entirely on its own.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

33 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

dorpus, 27 Mar 2006 @ 11:44am

Down With Democracy
What's the use of electing "reformers" like Yushchenko if people vote to bring old dictators back? Lukashenka saved us the trouble by Diebolding the elections. Should men in black street clothing be closing down California election booths? Or should it elect a muscular thug to governor?
[ link to this | view in chronology ]
Chief Elf (profile), 27 Mar 2006 @ 1:08pm

How much?
How much has Diebold, et al, spent on political "campaign contributions"?

I find it interesting that as much as U.S. Representatives love to hold hearings to puff themselves up, none of them have even brought up the subject of investigating such anti-democratic efforts.
[ link to this | view in chronology ]
Mark, 27 Mar 2006 @ 1:34pm

Diebold and fraud
I actually had a nightmare last night about voting machines. I dreamed that newspapers were carrying the story that Hillary Clinton had been defeated in a Senate race, and that she officially had received only about 600 votes compared to several thousand for her Republican opponent. Diebold machines were used in the election, and my dream self was very upset that no one was asking whether they might have been used to commit election fraud.

Stories like the above are the sort that lead to further nightmares along these lines.
[ link to this | view in chronology ]
- glenn v, 28 Mar 2006 @ 2:49pm
  
  hillary clinton defeated due to voter fraud?
  my real self is very upset by the fact
  somone would actually vote for hillary clinton..
  [ link to this | view in chronology ]
Anonymous Coward, 27 Mar 2006 @ 1:43pm

There's no such thing as a "secure" computer. A lock is only as secure as the person with the key - or only secure if the locksmith lacks the ability to pick it.

Same with computers - they are only as secure as the people that maintain and program them are. Everyone's got their price and there's no short supply of money in politics when it gives someone power.

So sure - only run "authorized" tests on them, WTF??? What kind idiot came up with that? Some stupid corporate weenie sitting behind a desk with about as much knowledge of computers as my dog.

There's only one thing that's for sure in the world of computers - if someone can code it, someone else can hack it.

Everytime I hear something is "secure" or "unhackable" I think of that ship back in 1912 that "couldn't be sunk".... what was it's name again? I know the experts said it COULDN'T be sunk!!!

haha

But seriously - they should perform ANY test that shows a way to compromise security, even if it involves a chainsaw. Seriously - security isn't even a word they should use in the same sentance if they are only going to run "certain tests". That's laughable - and these electonic voting machines loose credibility every single day.

Diebold's going to tarnish their whole name with this - at one point, I thought they were actually a company concerned with "security". I guess they only test deadbolts with plastic drill-bits, huh?

So - I move that we put a motion on the next ballot - to ban any of these voting machines.
[ link to this | view in chronology ]
Anonymous Coward, 27 Mar 2006 @ 1:46pm

A fascist regime is on the rise people... History is repeating itself.
[ link to this | view in chronology ]
Anonymous Coward, 27 Mar 2006 @ 1:46pm

A fascist regime is on the rise people... History is repeating itself.
[ link to this | view in chronology ]
Rainman, 27 Mar 2006 @ 2:05pm

It would be kinda kewl if you idiots actually looked up the test they did ... in order to hack the machine, someone had to break the physical seal on the machine and change an eprom ... so ... no, this was not a real world hack.

Now ... if you get off your liberal agenda soapboxes ... maybe you will actually see that you actually lost the elections ... not because someone stole them, but because the Democrats have no vision.
[ link to this | view in chronology ]
- A. Lloyd Flanagan, 27 Mar 2006 @ 2:16pm
  
  Re:
  >> in order to hack the machine, someone had to break the physical seal on the machine and change an eprom
  
  Sounds like a real world hack to me. Any seal that can be broken can be re-applied. And what about sabotage at the manufacturer, or during shipment? Results have to be verifiable.
  
  >> if you get off your liberal agenda soapboxes
  
  Since when are free, fair, honest elections a "liberal agenda"? Are you really suggesting that conservatives don't care about democracy? I'll predict one thing: if the Democrats win big in Congress and regain the presidency, the Republicans are going to be REAL concerned about the integrity of these systems.
  
  Of course, if I was paranoid, I'd suggest that the only reason to oppose these changes is if you had rigged elections in the past or were planning to in the future. But that's just paranoia, right?
  [ link to this | view in chronology ]
- Anonymous Coward, 27 Mar 2006 @ 2:17pm
  
  Re:
  Excuse me; this is not about being liberal or conservative. Please don't insult the intelligence involved in this thread's postings. This is about facts, and facts point to a undeniably dark election process. I invite you to properly document yourself before posting here and avoid future embarrassments.
  
  I find rather disturbing how sometimes people can get so blind about their governments. Read, do some research, get informed and then act. After all ignorance is the most powerful tool of a corrupt government.
  [ link to this | view in chronology ]
  - parched, 27 Mar 2006 @ 6:52pm
    
    Re: Re:
    After all ignorance is the most powerful tool of a corrupt government.
    Here, here! Well said.
    Couple the ignorance with apathy and we become sheep led to slaughter. The only way to worsen the situation is to top it with a healthy serving of arrogance which will seal our fate for generations to come.
    [ link to this | view in chronology ]
- DCJohn47, 27 Mar 2006 @ 3:24pm
  
  Re:
  Hey Rainman.
  
  I'm a Conservative Republican. I have the same problem with the Diebold machines. I agree with this article. Does that mean that I'm on a "liberal soapbox"?
  
  Just because idiotic politicians polarize people by oversimplifying demographics to suit their own needs doesn't make it okay. There are not 2 kinds of people. You can't lump human beings into "this" or "that".
  
  If the world were that simple, we wouldn't need laws.
  
  j
  [ link to this | view in chronology ]
- Just Me, 28 Mar 2006 @ 6:03am
  
  Re: Idiotic partisan comments
  But we've seen that Diabold machines are vulnerable to a wide variety of problems, including one from just this month where the technician improperly coded the rules and disallowed multiple votes in an election where you were supposed to vote for two people. Also, weren't there a bunch of vote results cards missing?
  
  And I've probably been voting Republican longer than you have.
  [ link to this | view in chronology ]
Tom, 27 Mar 2006 @ 2:20pm

Rainman,

If someone was able to hack the machine, it should be considered a real world attack. What's to stop me from sneaking in to the polling place in the middle of the night and conducting the same hack? Better yet, what's to stop a party from paying a Diebold tech to rig a certain machine to pass the approved tests, then ballot stuff an election?

The issue at hand here is Diebold, demonstrably, can not be trusted.

If an e-voting machine vendor were held to high standards, there would be little room for after the election finger pointing and accusations. You wouldn't have to make inflammatory remarks because everyone would have sufficient reason to trust the machines provided an impartial election.
[ link to this | view in chronology ]
anonymous Coward, 27 Mar 2006 @ 2:34pm

How Dare You Actually Want Secure And Valid Electi
Regardless of what Diebold has said now, in the past, and in the future, the American public are suppose to have a fair election. If it is found out that they were the cause of a fraud, I would sue the damn hell out of them. How dare Diebold not care about our elections! I would also see just whom Diebold's friends are, if I found out they were friends with high up officials, and getting cash under the table, then I would be very afraid. They are not suppose to be biased or recieve anything from officals.

Security is unheard of when it comes to computers. Which the one thing that could keep them from trying to break into the computers is not to have them online but just a few selected times on voter day. Plus not advertise the times that the computers will be online The rest of the time they are collecting the information and as long as there is a paper trail then there should not be any problems if their is a computer crash. Only thing I could come up with to help security wise.
[ link to this | view in chronology ]
Jim, 27 Mar 2006 @ 3:16pm

Not only touch screen but others
The PC-based touchscreen electronic voting machines are not the only ones afflicted with poor security. In the county I live in (Santa Barbara, CA), they use the paper ballot optical mark scanners by Diebold. Black Box Voting did a test into modified memory cards that were not detected and the electronic vote audits did not show a sign of tampering. Although these have a "paper trail," you should ask any county that runs these to have all recounts done on the paper ballot. Most counties just run the ballots through again. In the case of the tampered memory card, this would have shown a discrepancy, however, other hacks may not have been discovered.
[ link to this | view in chronology ]
Dave, 27 Mar 2006 @ 3:51pm

Um... No one seems to have brought up the fact that the Citizens of the United States shouldn't even be electing the President. That is the job of the electoral college.
The point is moot when you realize we shouldn't even be voting for the president. We should be more worried about the local representatives that ARE the electoral college.
And another thing, this country isn't a "Democracy", It's a Republic.
Has no one read the Constitution?
[ link to this | view in chronology ]
- Adam, 27 Mar 2006 @ 5:01pm
  
  Re:
  The difference between citizens electing the president and citizens electing the people who elect the president is an incredibly fine line that doesn't really matter for these purposes. Likewise, the difference between a Republic and a Democracy is probably not obvious to a majority of the U.S. population. Just because you and I know that everyone gets a vote in a democracy, and everyone just gets to vote for the people who get to really vote in a republic doesn't mean that that's a point that's overly relevant either. The real point is, why are demonstrably flawed voting machines allowed in the first place?
  [ link to this | view in chronology ]
- Concerned Voter, 27 Mar 2006 @ 5:15pm
  
  Re:
  Dave said:
  >>Um... No one seems to have brought up the fact that the Citizens of the United States shouldn't even be electing the President. That is the job of the electoral college.
  
  We know this. What does this have to do with the integrity of the voting machines? No one even mentioned voting for president until you brought it up. This problem affects any election.
  
  Dave also said:
  >>And another thing, this country isn't a "Democracy", It's a Republic.
  Has no one read the Constitution?
  
  Most of us know this too. Really arrogant Dave.
  [ link to this | view in chronology ]
peter e. rozie, jr., 27 Mar 2006 @ 4:52pm

voting irregularities
If there are security issues involved with Diebold voting machines then they should not be allowed to provide voting machine unless the security issues are addressed or another company is allowed to provide a realistic alternative without fear of reprisal---there does however appear to be very powerful forces backing Diebold or why else would Diebold be capable of punishing county elections supervisor, Ion Sancho? Does Gov. Jeb Bush know anything about this and if so is he prepared to do the right thing by backing a public servant doing his job very well? Is Gov. Jeb Bush supporting the efforts of the fine public servants of his state to clean up this blatant disregard for every citizen's right to vote in a fair election and have their voice heard?
[ link to this | view in chronology ]
Anonymous Coward, 27 Mar 2006 @ 4:58pm

It's always something when the liberals lose. DCJohn, not buying you're a conservative. Sorry, just don't buy it. So tired of hearing Bush stole the first election, then he stole the second election and yet he got more votes then Clinton got in either of his victories. I didn't hear the left preaching to Clinton about the fact that he had to represent the majority of people who didn't vote for him. I do recall hearing the left say that G.W. needed to remember that there were 48% of the people who didn't vote for him but that he needs to consider too. I am a conservative for one reason, Liberals want a social government, I don't. There are other countries with socialist governments, none like our present form of governement. If you don't like the team, get out of the ballpark. Why should I elect anyone who wants to take the country in a direction I don't want? Until someone actually finds someone playing nasty with the machines, get over it. You lost, you lost big.
[ link to this | view in chronology ]
- Zossima, 27 Mar 2006 @ 11:31pm
  
  Re:
  It's always something when the liberals lose. DCJohn, not buying you're a conservative. Sorry, just don't buy it. So tired of hearing Bush stole the first election, then he stole the second election and yet he got more votes then Clinton got in either of his victories. I didn't hear the left preaching to Clinton about the fact that he had to represent the majority of people who didn't vote for him. I do recall hearing the left say that G.W. needed to remember that there were 48% of the people who didn't vote for him but that he needs to consider too. I am a conservative for one reason, Liberals want a social government, I don't. There are other countries with socialist governments, none like our present form of governement. If you don't like the team, get out of the ballpark. Why should I elect anyone who wants to take the country in a direction I don't want? Until someone actually finds someone playing nasty with the machines, get over it. You lost, you lost big.
  
  That you are an admirer of GWB is evident in your similar commands of the English language which you and your fellow GWB fans have aided your leader in nearly annihilating.
  
  Along with the native tongue, you've bundled reason, logic and The Constitution of The United States of America as unnecessary items getting in the way of a future enriched through the constant production and consumption of mindless, illiterate rhetoric.
  
  "Better living through babble".
  
  Perhaps this explains your infatuation for the Diebold machines; you are fightened by a paper ballot because the sight of paper and pencil conjures images of days when schools boldly subjected students to the horrors of spelling and grammar.
  
  You'll be glad to know that under the current administration these are a couple of tortures never inflicted on anyone.
  
  After all, educating the public only makes it harder to rig elections and who wants that?
  [ link to this | view in chronology ]
Dave, 27 Mar 2006 @ 5:33pm

I think it has a lot to do with it.
It makes the whole "voting machines issue" null and void. We should be more worried about local representation and not what a voting machine did or didn't do when we don't even need them.

Our electoral college doesn't vote by e-voting machines.

We should do away with the fallacy of presidential elections.
Once that has been done, then there are no arguments over voting machines.

Fix the main problem not the symptom of the problem.
[ link to this | view in chronology ]
Anonymous Coward, 27 Mar 2006 @ 6:36pm

Local Representation
Hey Dave, guess who gets voted for with these possibly unsafe machines? Everybody, including the local representatives. I understand your point, but you seem to be missing the fact that the machines are used to vote on more than just who the people think should be president.
[ link to this | view in chronology ]
- Dave, 27 Mar 2006 @ 7:01pm
  
  Re: Local Representation
  No one has raised any concern over one of their representatives or senators losing votes to a faulted machine.
  [ link to this | view in chronology ]
  - David Harris, 27 Mar 2006 @ 7:26pm
    
    Re: Re: Local Representation
    It must be nice in your world.
    [ link to this | view in chronology ]
David Harris, 27 Mar 2006 @ 7:19pm

Diebold
I've hacked there election software myself. Anything using Access is bound to get hacked even if password protected the program passware will break any access password out.
[ link to this | view in chronology ]
David Harris, 27 Mar 2006 @ 7:24pm

Don't make fun of my spelling
I'm outraged by Diebolds continuous attempts to cover up flaws in the MS database they use. Come on, they should of at least used RSA encryption.
[ link to this | view in chronology ]
TechNoFear (profile), 27 Mar 2006 @ 9:24pm

Rainman.
I take issue with your post. Please provide evidence of your assertions that physical modification of the vote machines EPROM and seal is required.

I would say it was very much a real world hack as Accu Basis is not protected, not even with a CRC, and is capable of modifing the machines functionality.

EPROM != Memory card.

>> in order to hack the machine, someone had to break the physical seal on the machine and change an eprom

Actually the Harry Hursti Hack was using only a modified memory card or via remote access to the GEMS server through TCP/IP.

The memory card is loaded with a modified .abo (AccuBasic exe file) and this modified exe can change vote totals, install a 'cheat code' ect, ect. This can be done months in advance and turned off and on as required.

The other approach of attacking the AccuBasic version on the GEMS server requires no physical access.

Niether of these approaches require physical access to the actual vote machine.

There is a report on BlackBoxVoting.org detailing the testing.
http://www.blackboxvoting.org/BBVreport.pdf

Rainman, Please post a link to your version of the hack.

>>Does Gov. Jeb Bush know anything about this and if so is he prepared to do the right thing by backing a public servant doing his job very well?

Yes. Sancho got a letter from J Bush threatening to take over Leon County elections.
http://www.bbvforums.org/forums/messages/2197/sanchothreat-19504.pdf

>>And another thing, this country isn't a "Democracy", It's a Republic.

Republic being a subset of Democracy...
[ link to this | view in chronology ]
Dan, 28 Mar 2006 @ 6:59am

I don't understand where the partisan debate is coming from? Republicans, democrats, and all other parties look to benefit from a more secure and more accurate voting system. No matter what your political ideals are, you have to agree that a fair and accurate vote is required.

We have everything to gain and nothing to lose, the only people with anything to lose are those corrupt politicians that rely on possibly innaccurate results (not that these people really exist, but it is possible).

I want to make the point that I do not believe that the latest presidential election was "stolen" nor was the one before that. The numbers came out close, but decisions were made and our current president won. If you must know, I did not vote for him (that does not mean I voted democrat instead), but that is really beside the point.

And as to the whole electoral college/local politicians part of the comments: I am not sure where you are from, but here we vote for ALL offices using the same format. An insecure voting machine affects ALL elections, from township trustees to governor of the state. This whole line of reasoning is of no significance.
[ link to this | view in chronology ]
- Anonymous Coward, 28 Mar 2006 @ 9:27am
  
  Re:
  An insecure voting machine affects ALL elections, from township trustees to governor of the state. This whole line of reasoning is of no significance.
  
  ...maybe, but you must concur that an arranged presidential election is something very atractive to do. Why bothering in the subordinates when you can control the ruler's chair?
  [ link to this | view in chronology ]
AlcoholicPrankMonkey, 28 Mar 2006 @ 11:27am

Why bother with electronics at all?
I'm not normally one to argue the benefits of going Lo-Tech but what the hell was wrong with just putting an 'X' in a square beside your candidates name and then just slipping the piece of paper in a big locked box? Then get a room full of people to count who got how many 'X's, with other people double-checking and an impartial invigilator(s). It worked well enough before and still does. Well it does in the UK anyway. The only time we start having problems is when we start to mess with that system (postal voting fiasco, anyone?). On voting day I'd love to have a nice touch screen to place my vote but if I think my vote is going to end up being counted for someone I don't want elected I'd rather be given a pencil and a square to mark my 'X' in, thanks all the same.
[ link to this | view in chronology ]
Anymouse, 28 Mar 2006 @ 8:38pm

Full Comment Thread!
Many people here know we live in a republic, but 92% of the population doesn't.

I would like a receipt to verify later the vote I cast.

"It's not the people who vote that counts, it's the people who count the votes"
-- Josef Stalin
[ link to this | view in chronology ]