Diebold Brushes Off Yet Another Damning Security Report
from the accountability? dept
Just a day after Avi Rubin discussed many of the real world problems of some Diebold e-voting machines in action, Ed Felten has come out with his quite damning independent review of the machines -- noting just how problematic the security is and how easy it was to upload malicious programs (including a virus that could spread dangerous software from machine to machine). This is hardly the first time we've seen such a report, but it seems like each report is progressively worse. By this point, you'd have to have lived in a hole to believe e-voting machines are secure. Diebold, in typical fashion, has responded not by admitting to any problems, but by attacking Felten's report -- claiming that his test (done on a machine acquired just a few months ago) was based on older software. Still, given the sheer number of reports of security problems with Diebold machines over the years, it's quite difficult to believe that between a couple months ago and now, they've solved all the security issues. In fact, given Rubin's report from yesterday -- it sounds like their "security measures" are so weak as to be a joke. What's most amazing of all is that Diebold continues to act defiantly about this, despite overwhelming proof that their machines have tremendous fundamental problems. Given the importance of secure and accurate elections, Diebold's continued denial of problems and attitude that there's no problem at all should concern just about everyone. Yet, it seems like they're being used almost everywhere.Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Two months to fix the bugs...
Mike, I don't think that yours is the real point here. You (as we) still have no clue of whether they in fact have solved or not the bugs of their software. I think the reason to dismiss Diebold's response should be more based on reflections such as:
I think that the real issue here is that Diebold keeps on considering election software as just any desktop applications, and behave accordingly as if disclosure of trade secrets to competition were the only relevant issue.
Their change of attitude is more important than their bug fix: election software is a mission critical software that MUST be independently validated before it is allowed to run and control the most fundamental aspect of modern democracies, such as the vote.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
GOP moniker
[ link to this | view in chronology ]
Re: GOP moniker
Regardless, Democrats and Republicans are essentially the same. Right in the middle with little skewing to the left or right. Overall they all approve of what is being voted in as law. They are all owned by Big Business and agree that laws passed should benefit corporations who in turn fund these clowns' election campaigns.
[ link to this | view in chronology ]
Re: GOP moniker
[ link to this | view in chronology ]
Re: Re: GOP moniker
Grand Old Party (GOP) derives from Grand Army of the Patomic (River--runs through the capital district between Virginia & Maryland). It reminds or reminded everyone that it was once perfectly legal to shoot republicans in more than half the country (1861-1872). Shooting republicans was even encouraged and facilitated by state and local governments back then.
[ link to this | view in chronology ]
Re: GOP moniker
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
This, of course, from the perspective of someone desperately trying not to hate this nation.
[ link to this | view in chronology ]
Re: Re:
Don't hate the nation, hate the people. We are run by idiots because idiots elect them (I'm counting Dems here too -- not to discriminate). The nation itself is fantastic.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re:
Instead of proving to me that somenone could screw with the machines, prove to me someone did. On top of that, I don't even care if the machines are faulty as long as the party of my choice wins. You dumb ass socialist should go to Europe and live there.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Voting is one of the most important exercises in a democracy.. but unfortunately, the people behind the Diebold corporation, as well as most politicians, don't seem to care if the elections could be rigged by these dud e-voting machines.
[ link to this | view in chronology ]
A little perspective
[ link to this | view in chronology ]
Re: A little perspective
[ link to this | view in chronology ]
Re: A little perspective
[ link to this | view in chronology ]
Re: Re: A little perspective
[ link to this | view in chronology ]
Look who is the "oversight"
[ link to this | view in chronology ]
Re: Look who is the "oversight"
[ link to this | view in chronology ]
Re: Re: Look who is the "oversight"
Really? With the old machines you would need a person at each and every location to rig the machine. With the new ones, you just need to put out a software update, or get access through the network.
You are way off the mark.
[ link to this | view in chronology ]
The problem isn't with Repub or Dem...
People who've been in Congress for so long they aren't even connected to people any longer.
Let's vote them all out and start with a fresh new batch in November. Term limits would be a good idea too.
[ link to this | view in chronology ]
Re: The problem isn't with Repub or Dem...
[ link to this | view in chronology ]
Re: The problem isn't with Repub or Dem...
People who've been in Congress for so long they aren't even connected to people any longer.
Let's vote them all out and start with a fresh new batch in November. Term limits would be a good idea too.
That's the whole point. It doesn't matter how many people "vote them out". Those in control of the voting machines have a vested interest in making sure the results come out a certain way. The will of the people will never see the light of day. Does anyone really think Bush won in 2004? I mean seriously speaking?
He's already proved that he doesn't bel;ive laws apply to him, so it it too much of a stretch to consider the voting might have been rigged. Actually, there is a lot of much stronger evidence out there to suggest it was. Of course, kinda difficult to prove now that there's no paper trail. Again, this is not by accident.
[ link to this | view in chronology ]
Re: The problem isn't with Repub or Dem...
Once they've been in too long, they get just as corrupted as the old guys.
We definitely need the Big Guys to have term limits. No one can stay objective who has made a living perfecting his career as a politician.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
To the contrary, dear Overcast. Those of us who are most polarized are the only ones paying attention. But you are right - it is not funny. It's fucking sick. Believe me, you think republican bashing is tired and worn out? Believe me, it hasn't even started yet.
[ link to this | view in chronology ]
Re: Re:
Yeah, the bashing's worn out - I don't even listen to it anymore, it's just brainless drivel.
And no, I pay quite a lot of attention that's why I'm not a mindless polarized partizan drone who can't think for hisself.
But go on, Bash bush like the rest of the 'enlightened' ones. I'll just laugh and continue to agree with Einstien when he said there's no limit to human stupidity..
But go one now... go join your fellow Bush bashers for a latte. Maybe you can stroke your own ego a bit more. Bush bashing's so cool!!
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Expected this response
Having read the actual report in full, I expected Diebold to come up with exactly this remark. On page 2 of the report it states:
The machine we obtained came loaded with version 4.3.15 of the Diebold BallotStation software that runs the machine during an election.1 This version was deployed in 2002 and certified by the National Association of State Election Directors (NASED) [11]. While some of the problems we identify in this report may have been remedied in subsequent software releases (current versions are in the 4.6 series), others are architectural in nature and cannot easily be repaired by software changes. In any case, subsequent versions of the software should be assumed insecure until fully independent examination proves otherwise.
The real issue at hand, which Diebold refuses to accept responsibility for, is that their previous claim of the software being secure has now been shown to be absolutely false. Why should we now, absent any proof whatsoever, accept that the new version is any different? Hopefully this study will get some attention and we'll see some change.
[ link to this | view in chronology ]
Re: Expected this response
[ link to this | view in chronology ]
Re: Expected this response
A hand count of the votes may prove the machines were right or wrong.
Another legislator that lost by 18 votes asked for a hand recount and was denied.
In my opinion our elections are no better than 3rd world countries.
[ link to this | view in chronology ]
Alternatives to Diebold...
[ link to this | view in chronology ]
[ link to this | view in chronology ]
All it's gonna take...
[ link to this | view in chronology ]
they are all going to hell anyway
[ link to this | view in chronology ]
Show me just one case where there has been a real world exploit of any of an electronic voting machine.
[ link to this | view in chronology ]
Why is it when republicans lose by a slim margin and there's some voting irregularity (and there's always SOMETHING) they're mostly willing to let it go, but the reverse is not true? Really it was prefferable before, cuz if something weird happened, you could point to it, hold it in your hand. Now, you might never even realize, and the effects could be much more pronounced.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Real world exploits?--How would we know?
Show me just one case where there has been a real world exploit of any of an electronic voting machine.
One of the major problems with the lack of security and accountability of electronic voting machines is that we may never know if tampering occurred. People such as this Anonymous Coward (#21) allow companies like Diebold to continue pushing the "security through obscurity" scam. For the most part, advocates for secure voting machines are not doing so out of some political agenda, but statements made by Diebold executives guaranteeing certain election results certainly provoke partisan mudslinging. We only ask that the system has accountability, which a thorough paper backup system should offer. Elections will always be subject to tampering, but every reasonable effort should me made to secure fair elections.Finally, Republican-bashing does nothing to help the cause of securing voting equipment. In fact, the name-calling-blame-game only weakens the credibility of those who truly want to see fair elections.
[ link to this | view in chronology ]
I'm not worried in Sanford, FL
Not to mention, for whatever reason, there were 4 men sitting at a desk off to the side who did nothing but watch the 2 - 3 people voting like hawks. Out of sheer boredom or what, I don't know.
My main concern: Low turnout. Wtf does it matter if voting is 98% fair or 99% of the time fair if turnout is as abysmal, and getting worse, like it is? At 20, I was the youngest person there, except for some grandkids a couple grandparents brought with them. Again, the people voting were like the AARP members who didnt pull the short stick and have to work the polls themselves.
[ link to this | view in chronology ]
Re: I'm not worried in Sanford, FL
[ link to this | view in chronology ]
Silly Rubin...
Do you really think anyone wants security?
If the voting machines are slippery regarding security then that's just the way they ordered them.
See, George and his henchmen can slip another one of themselves into office with a customizable voting machine. Without it, they don't have a hell of a chance.
[ link to this | view in chronology ]
rigging the old machines was easy
Personally i think we should just get it over with, elect an army of killer robots to reign over us carfully watching our every organic move through the cold steele eyes.
alos, their eyes shoot lasers cuz lasers are neat!
[ link to this | view in chronology ]
Re: rigging the old machines was easy
[ link to this | view in chronology ]
election misconduct
[ link to this | view in chronology ]