home > archives > Election Technologies
October 07, 2006
Nice Diebold Playlist - and New gem from Ed Felten

Nice Diebold Playlist on Dabble of 8 videos on the subject.

Check out all the other cool playlists I've been making at Dabble, and sign up and make one yourself!

Here's a good one by Ed Felten and friends on their latest one minute diebold hack.
Posted by Lisa at 03:15 PM
December 05, 2004
Common Freaky Knowledge About The Affiliated Companies and People Behind Electronic Voting Machines (And The Processing Of The Votes By Those Machines)

Sure, you've heard all this information before. But it is pretty incredible. The foxes are guarding the hen houses big time.
from the google cache of http://www.retrovsmetro.org/blog/.


Diebold
Diebold ranks third behind ES&S and Sequoia. Diebold manufactures an array of machines including ATM machines, ticket machines, and the like, and notably, only its voting machines fail to provide an auditable paper trail. CEO Wally O'Dell, a Bush Pioneer who has visited Bush at the Crawford Ranch, promised to deliver Ohio for Bush in 2004, and indeed he did. O'Dell sponsored a $600,000 fundraiser in his home for Dick Cheney (and attended by Cheney) in July 2003. Director WR "Tim" Timken is also a Bush Pioneer, and has donated over a million dollars to the Republican party since 1991.

Diebold is arguably the most political of the voting machine companies; its directors and corporate officers are staunch GOP contributors, including Louis Bockius III, Donald Gant and Eric Roorda. Since 2000, the company has donated $170,000 to the Republican National State Elections Committee. All of the $240,000 donated by Diebold's directors and chief officers to political campaigns since 1998 has gone to GOP candidates or the party.

SIAC
Admiral Bill Owens, a top Republican Party donor, military aide to Dick Cheney and former Defense Secretary, is a former CEO of SIAC. On the board: Robert Gates, former CIA director, George H.W. Bush's Deputy National Security Advisor and head of the George Bush School of Business. Owens and Gates are now on the Board of VoteHere, another voting machine company with strong ties to the defense industry.

Populex
Populex is responsible for Illinois' e-voting system. Frank Carlucci, former CIA Director, is on its Advisory Board. Carlucci is a business partner of G H W Bush, and head of the Carlyle Group.

Accenture
Spun off from Arthur Anderson in the wake of that nasty Enron scandal, Accenture reportedly has the exclusive government contract to provide electronic voting for the military. Accenture got into the voting biz when it acquired Election.com, a company funded by Saudi money. Accenture's biggest business partner is Halliburton.

Posted by Lisa at 01:05 AM
November 02, 2004
Use mypollingplace.com To Find Your Local Precinct

If you're a new voter or have just moved into your neighboorhood (or just can't remember where you voted last time), or would just like to know more about what methods will be used by your precinct this year, My Polling Place.com
can help.

Just enter your street address and zip code, and you can find your polling place, learn on what type of machine you will use to cast your vote, and get instructions on how to use that machine.

Thanks Josh!

Posted by Lisa at 01:52 AM
October 28, 2004
60 Minutes Explains How Electronic Voting Machines Are Inherently Insecure

This is from the October 27, 2004 episode of 60 Minutes. (Last night)

I'm not sure why they waited so long to put this out there, but I didn't want to waste any time bringing it to you.

It's available as two smaller 18 MB files, and one large 37 MB file.

Sorry the reception was so bad. It's almost as if someone was purposefully jamming the transmission. (Said wearing tinfoil had :-)


Counting the Vote

Posted by Lisa at 02:00 PM
October 27, 2004
Repub Angle Becoming Crystal Clear

Well, after watching Sunday's "Meet the Press," it's becoming obvious what the Repub's angle is going to be this time around.

I'm watching the head of the Republican party talk about how there are too many people registered now. More registered voters than they are people eligible to vote.
Bet you 100 bucks that they are going to contest the election if Kerry wins on these grounds. He's talking about people like "Mary Poppins" registered to vote. Wonder who signed her up? Hmmm.

The Repubs are also talking about Provisional Ballots as if they were something questionable. The Provisional Ballot is a voter's only line of defense when their name isn't on the roster when they show up to vote. Lack of provisional ballots is one of the things that went terribly wrong in Florida in 2000. They are a good thing, not a bad thing. They can be counted (and re-counted) by hand.

It's obvious that this election ain't gonna be over when it's over folks. I'll be here at my post trying to bring as many pertinent clips as I can straight to you.

Well I'm busy preparing the Bill Moyers Now episode on the 911 Commission Report. After that, I've got to put up the Frontline I saw last night on "Rumsfeld's War." After that, I'll put up the Frontline on Bush/Kerry that I blogged about the other night.

Lots to do. Lots to do. Hope any of this will help.

Posted by Lisa at 06:33 PM
October 26, 2004
California Voters: You Cannot Be Forced To Vote On An E-voting Machine -- Demand A Paper Ballot

This just in from our friends at the EFF:


We need your help. California voters who are worried about electronic voting machines have an option to vote on paper this year. We worked very hard to get this from the Secretary of State and it was a major victory -- he was sued over it and won in federal court.

Now we've learned that several of the larger counties (including Alameda, Santa Clara and Riverside) have instructed their pollworkers that they cannot tell voters about this choice. They must steer voters to the insecure machines and can only offer paper if a voter affirmatively chooses it.

Needless to say, this is outrageous. To try to raise voter awareness of the choice (and hopefully shame the registrars of voters to change their minds), we've thrown together a website:


http://www.paperorplastic2004.org

Please take a look and send the link on to your friends, family and other voters in the 11 affected counties (the list is on the website). We have very little time to get the word out, and I'm hoping that we can spread this far and wide and hopefully even provoke a little media coverage as well.

Posted by Lisa at 06:28 PM
April 11, 2004
Daily Show On Diebold Evoting Machines

This is from the April 7, 2004 program.

Jon and the gang take a good hard look at evoting machines.


Diebold With A Vengence
(Small - 5 MB)


Diebold With A Vengence - Follow Up Analysis
(Small - 9 MB)


The Daily Show
(The best news on television.)

Posted by Lisa at 06:29 PM
December 25, 2003
Paul Krugman In The NY Times On The Dangers Of Electronic Voting Without A Paper Trail


Hack the Vote

By Paul Krugman for the NY Times.


Inviting Bush supporters to a fund-raiser, the host wrote, "I am committed to helping Ohio deliver its electoral votes to the president next year." No surprise there. But Walden O'Dell -- who says that he wasn't talking about his business operations -- happens to be the chief executive of Diebold Inc., whose touch-screen voting machines are in increasingly widespread use across the United States.

For example, Georgia -- where Republicans scored spectacular upset victories in the 2002 midterm elections -- relies exclusively on Diebold machines. To be clear, though there were many anomalies in that 2002 vote, there is no evidence that the machines miscounted. But there is also no evidence that the machines counted correctly. You see, Diebold machines leave no paper trail...

What we do know about Diebold does not inspire confidence. The details are technical, but they add up to a picture of a company that was, at the very least, extremely sloppy about security, and may have been trying to cover up product defects.



Here's the full text of the article in case the link goes bad:

http://www.nytimes.com/2003/12/02/opinion/02KRUG.html?th


Hack the Vote

New York Times

By PAUL KRUGMAN
OP-ED COLUMNIST
December 2, 2003
http://www.nytimes.com/2003/12/02/opinion/02KRUG.html?th

Inviting Bush supporters to a fund-raiser, the host wrote, "I am committed
to helping Ohio deliver its electoral votes to the president next year." No
surprise there. But Walden O'Dell -- who says that he wasn't talking about
his business operations -- happens to be the chief executive of Diebold Inc.,
whose touch-screen voting machines are in increasingly widespread use across
the United States.

For example, Georgia -- where Republicans scored spectacular upset victories
in the 2002 midterm elections -- relies exclusively on Diebold machines. To
be clear, though there were many anomalies in that 2002 vote, there is no
evidence that the machines miscounted. But there is also no evidence that
the machines counted correctly. You see, Diebold machines leave no paper
trail.

Representative Rush Holt of New Jersey, who has introduced a bill requiring
that digital voting machines leave a paper trail and that their software be
available for public inspection, is occasionally told that systems lacking
these safeguards haven't caused problems. "How do you know?" he asks.

What we do know about Diebold does not inspire confidence. The details are
technical, but they add up to a picture of a company that was, at the very
least, extremely sloppy about security, and may have been trying to cover up
product defects.

Early this year Bev Harris, who is writing a book on voting machines, found
Diebold software -- which the company refuses to make available for public
inspection, on the grounds that it's proprietary -- on an unprotected server,
where anyone could download it. (The software was in a folder titled
"rob-Georgia.zip.") The server was used by employees of Diebold Election
Systems to update software on its machines. This in itself was an incredible
breach of security, offering someone who wanted to hack into the machines
both the information and the opportunity to do so.

An analysis of Diebold software by researchers at Johns Hopkins and Rice
Universities found it both unreliable and subject to abuse. A later report
commissioned by the state of Maryland apparently reached similar
conclusions. (It's hard to be sure because the state released only a heavily
redacted version.)

Meanwhile, leaked internal Diebold e-mail suggests that corporate officials
knew their system was flawed, and circumvented tests that would have
revealed these problems. The company hasn't contested the authenticity of
these documents; instead, it has engaged in legal actions to prevent their
dissemination.

Why isn't this front-page news? In October, a British newspaper, The
Independent, ran a hair-raising investigative report on U.S. touch-screen
voting. But while the mainstream press has reported the basics, the Diebold
affair has been treated as a technology or business story -- not as a
potential political scandal.

This diffidence recalls the treatment of other voting issues, like the
Florida "felon purge" that inappropriately prevented many citizens from
voting in the 2000 presidential election. The attitude seems to be that
questions about the integrity of vote counts are divisive at best, paranoid
at worst. Even reform advocates like Mr. Holt make a point of dissociating
themselves from "conspiracy theories." Instead, they focus on legislation to
prevent future abuses.

But there's nothing paranoid about suggesting that political operatives,
given the opportunity, might engage in dirty tricks. Indeed, given the
intensity of partisanship these days, one suspects that small dirty tricks
are common. For example, Orrin Hatch, the chairman of the Senate Judiciary
Committee, recently announced that one of his aides had improperly accessed
sensitive Democratic computer files that were leaked to the press.

This admission -- contradicting an earlier declaration by Senator Hatch that
his staff had been cleared of culpability -- came on the same day that the
Senate police announced that they were hiring a counterespionage expert to
investigate the theft. Republican members of the committee have demanded
that the expert investigate only how those specific documents were leaked,
not whether any other breaches took place. I wonder why.

The point is that you don't have to believe in a central conspiracy to worry
that partisans will take advantage of an insecure, unverifiable voting
system to manipulate election results. Why expose them to temptation?

I'll discuss what to do in a future column. But let's be clear: the
credibility of U.S. democracy may be at stake.

Posted by Lisa at 07:27 PM
October 02, 2003
Info On The Department Of Defense's SERVE Voting System

Someone sent me this interesting thread about the Department of Defense's SERVE program. I'm still digesting this myself, but it seemed worthy of passing on to you.

When you recall that military absentee ballots were a critical factor in the Florida election of 2000, the scrutiny the SERVE project should attract a great deal of attention. But it has been running well below the radar since it was announced on June 2nd and and, as Slashdot pointed out, it will be a Microsoft Windows-only election.

In addition to military stationed overseas, citizens of Arkansas, Florida, Hawaii, Minnesota, North Carolina, Ohio, Pennsylvania, South Carolina, Utah and Washington will be able to vote using SERVE. All the voters need to do is submit a form and they'll be registered.

The troubling aspect of the SERVE program is that it appears to have no security features that will allow voters to check their votes were correctly recorded. The privacy statement on the SERVE site suggests that changing information is illegal and that connections will be monitored, but the ability for citizens to have oversight on the process is entirely absent. Say what you will, but hanging chads were important because they constituted a physical record. A vote intercepted and changed on the Internet or changed later by corrupt officials, which the 2000 election demonstrated is a potential factor in presidential elections.

Here is the full text of the post I am referring to:

http://www.correspondences.org/archives/000174.html

Voting By Wire in 2004

The Secure Electronic Registration and Voting Experiment (SERVE), an online voting project of the Federal Voting Assitance Program, is coming to the 2004 election. It will be available for voters in a number of states, but here's the rub: It's a project of the Department of Defense.

When you recall that military absentee ballots were a critical factor in the Florida election of 2000, the scrutiny the SERVE project should attract a great deal of attention. But it has been running well below the radar since it was announced on June 2nd and and, as Slashdot pointed out, it will be a Microsoft Windows-only election.

In addition to military stationed overseas, citizens of Arkansas, Florida, Hawaii, Minnesota, North Carolina, Ohio, Pennsylvania, South Carolina, Utah and Washington will be able to vote using SERVE. All the voters need to do is submit a form and they'll be registered.

The troubling aspect of the SERVE program is that it appears to have no security features that will allow voters to check their votes were correctly recorded. The privacy statement on the SERVE site suggests that changing information is illegal and that connections will be monitored, but the ability for citizens to have oversight on the process is entirely absent. Say what you will, but hanging chads were important because they constituted a physical record. A vote intercepted and changed on the Internet or changed later by corrupt officials, which the 2000 election demonstrated is a potential factor in presidential elections.

Britt Blaser has written about the idea of "See My Vote", the time for which has come. In an environment where data can be recorded surreptiously, people need to be able to check their votes for accuracy and that they are preserved intact rather than changed to ensure a candidate's victory. Additionally, any online system should be able to provide real-time tabulations based on time-stamping of votes to see that the number of votes aren't changing due to manipulation. In other words, we may not want to vote in secret anymore. But using pseudonymous identities (just one per voter), confidentiality on the ballot may be maintained.

Many questions need to be answered before online voting is put in place. New technology always creates opportunities for abuse and the fact that the Department of Defense, the most politicized department in the executive branch under George W. Bush, should raise the volume of the questions. Will we be able to check our votes? Why is the system not built on open source software that anyone could check for backdoors and bugs that might corrupt the election? Nothing against Microsoft, in particular, but Windows hasn't got a great track record on the security front.

Before SERVE is put to use many questions need to be asked. Enthusiastic acceptance of this system just because it is Net-based or niftier than paper ballots would be a grave mistake.

Posted by Lisa at 05:32 PM
September 29, 2003
Some Interesting Slashdot Threads On The Diebold Voting Machine Scandal


Diebold Audit Released, BlackBoxVoting.Org Shut Down


"The State of Maryland requested an audit of the Diebold electronic voting system by SAIC, after a report released by Johns Hopkins University and Rice Researchers (disclaimer: I'm one of Dr Rubin's students) noted several security issues . A condensed, from 200 to 40 pages, and censored version of the report has been released online (PDF link). The report notes that 'SAIC has identified several high-risk vulnerabilities that, if exploited, could have significant impact upon the AccuVote-TS voting system operation.'" However, Diebold says Maryland are moving forward with installation with "new security features" included, and elsewhere, Badgerman points out "Diebold has shut down blackboxvoting.org , apparently with copyright claims made to their ISP. But you can still go to the blackboxvoting.com site..."

From Tristero: On Democracy Now Bev Harris of BlackBoxVoting fame, disclosed (near the end of the transcript) that in the compromised 1.8Gigs off Diebold's FTP site they uncovered "an actual election file containing actual votes on election day from San Luis Obispo County, California". Problem is, the date stamp was 3:31pm - during voting hours! The Diebold system uses a wireless network card. Worse: "So that means if they can pull the information in, they can also send information back into those machines.
(Thanks, Tristero.)

Posted by Lisa at 04:21 PM
September 01, 2003
Diebold CEO Declares That He's "Committed To Helping Ohio Deliver Its Electoral Votes To The President Next Year"

Voting machine controversy
By Julie Carr Smyth for the Plain Dealer Bureau.


The head of a company vying to sell voting machines in Ohio told Republicans in a recent fund-raising letter that he is "committed to helping Ohio deliver its electoral votes to the president next year."

The Aug. 14 letter from Walden O'Dell, chief executive of Diebold Inc. - who has become active in the re-election effort of President Bush - prompted Democrats this week to question the propriety of allowing O'Dell's company to calculate votes in the 2004 presidential election.

O'Dell attended a strategy pow-wow with wealthy Bush benefactors - known as Rangers and Pioneers - at the president's Crawford, Texas, ranch earlier this month. The next week, he penned invitations to a $1,000-a-plate fund-raiser to benefit the Ohio Republican Party's federal campaign fund - partially benefiting Bush - at his mansion in the Columbus suburb of Upper Arlington.

The letter went out the day before Ohio Secretary of State Ken Blackwell, also a Republican, was set to qualify Diebold as one of three firms eligible to sell upgraded electronic voting machines to Ohio counties in time for the 2004 election.

Blackwell's announcement is still in limbo because of a court challenge over the fairness of the selection process by a disqualified bidder, Sequoia Voting Systems.


Here is the full text of the article in case the link goes bad:

http://www.cleveland.com/printer/printer.ssf?/base/news/106207171078040.xml

Voting machine controversy

08/28/03
Julie Carr Smyth
Plain Dealer Bureau

Columbus - The head of a company vying to sell voting machines in Ohio told Republicans in a recent fund-raising letter that he is "committed to helping Ohio deliver its electoral votes to the president next year."

The Aug. 14 letter from Walden O'Dell, chief executive of Diebold Inc. - who has become active in the re-election effort of President Bush - prompted Democrats this week to question the propriety of allowing O'Dell's company to calculate votes in the 2004 presidential election.

O'Dell attended a strategy pow-wow with wealthy Bush benefactors - known as Rangers and Pioneers - at the president's Crawford, Texas, ranch earlier this month. The next week, he penned invitations to a $1,000-a-plate fund-raiser to benefit the Ohio Republican Party's federal campaign fund - partially benefiting Bush - at his mansion in the Columbus suburb of Upper Arlington.

The letter went out the day before Ohio Secretary of State Ken Blackwell, also a Republican, was set to qualify Diebold as one of three firms eligible to sell upgraded electronic voting machines to Ohio counties in time for the 2004 election.

Blackwell's announcement is still in limbo because of a court challenge over the fairness of the selection process by a disqualified bidder, Sequoia Voting Systems.

In his invitation letter, O'Dell asked guests to consider donating or raising up to $10,000 each for the federal account that the state GOP will use to help Bush and other federal candidates - money that legislative Democratic leaders charged could come back to benefit Blackwell.

They urged Blackwell to remove Diebold from the field of voting-machine companies eligible to sell to Ohio counties.

This is the second such request in as many months. State Sen. Jeff Jacobson, a Dayton-area Republican, asked Blackwell in July to disqualify Diebold after security concerns arose over its equipment.

"Ordinary Ohioans may infer that Blackwell's office is looking past Diebold's security issues because its CEO is seeking $10,000 donations for Blackwell's party - donations that could be made with statewide elected officials right there in the same room," said Senate Democratic Leader Greg DiDonato.

Diebold spokeswoman Michelle Griggy said O'Dell - who was unavailable to comment personally - has held fund-raisers in his home for many causes, including the Columbus Zoo, Op era Columbus, Catholic Social Services and Ohio State University.

Ohio GOP spokesman Jason Mauk said the party approached O'Dell about hosting the event at his home, the historic Cotswold Manor, and not the other way around. Mauk said that under federal campaign finance rules, the party cannot use any money from its federal account for state- level candidates.

"To think that Diebold is somehow tainted because they have a couple folks on their board who support the president is just unfair," Mauk said.

Griggy said in an e-mail statement that Diebold could not comment on the political contributions of individual company employees.

Blackwell said Diebold is not the only company with political connections - noting that lobbyists for voting-machine makers read like a who's who of Columbus' powerful and politically connected.

"Let me put it to you this way: If there was one person uniquely involved in the political process, that might be troubling," he said. "But there's no one that hasn't used every legitimate avenue and bit of leverage that they could legally use to get their product looked at. Believe me, if there is a political lever to be pulled, all of them have pulled it."

Blackwell said he stands by the process used for selecting voting machine vendors as fair, thorough and impartial.

As of yesterday, however, that determination lay with Ohio Court of Claims Judge Fred Shoemaker.

He heard closing arguments yesterday over whether Sequoia was unfairly eliminated by Blackwell midway through the final phase of negotiations.

Shoemaker extended a temporary restraining order in the case for 14 days, but said he hopes to issue his opinion sooner than that.

To reach this Plain Dealer reporter:

jsmyth@plaind.com, 1-800-228-8272

Posted by Lisa at 07:09 PM
August 10, 2003
Awesome Animation On How Katherine Harris Rigged The Already-Faulty Voting Purge Lists In Florida From 8,000 to 58,000 Voters

...with a little help from Florida's 1998 Voter Reform Law.

Here's an awesome video/animation from Eric Blumrich w/music from Grand Theft Auto:

Grand Theft America

Time's ticking away guys, we've got to do something or they're just going to do it again in 2004.

This animation was based on findings in Greg Palast's report:

Theft Of The Presidency
.

There's real video of it available too.

(Thanks, Jason)

Posted by Lisa at 08:32 AM
July 19, 2003
Peter Coyote Explains Why Proprietary Software Is Bad For Electronic Voting Machines

Actor/writer/activist Peter Coyote MC'd the Howard Dean kick off event that took place on June 23, 2003 at the San Francisco Hyatt.

If there are three parts to taking our country back:
1) exposing shrub corruption
2) getting a good candidate to run against him
3) fixing our screwed up election procedures

I'd say we've got 1 and 2 pretty well under control.

Time to get started on number 3 in a big way!

After Penelope Houston performed, Peter came back to say a few words to the audience about the dangers of using proprietary software within voting machines.

I spoke to him briefly afterwards to let him know that the word he was searching for is "Open Source."

I realized after last year's election that in order for our Electronic Voting Machine software to be trustworthy, it has to be open sourced -- or at least made available for scrutiny. Otherwise, by definition, it can't really be a part of the democratic process.

Making the source and technology available for public scrutiny is the only way to ensure that the proper technological checks and balances can be built into the system (and be double checked afterwards).

I'm about to post an article (and several of the resources referenced by the article) that explains in detail just how badly onen of the current software systems doesn't measure up to even the most basic of security and accountability requirements. Although the only reason we know this is because the software was made available online. (Which is a good thing!)

Peter Coyote On The Dangers Of Proprietary Voting Machines (Small - 3 MB)

Transcript: One last thing on the Georgia Voting Fraud. It can't be proven because the software is proprietary. There's a dress rehearsal. There's a website called Votescam.com, and you need to look at it. And everyone of us needs to write our legislators and say: "We want paper ballots." "We want transparent software." "We want the government supervising the elections."

Otherwise, what will happen is, at the end of the day, the Police will take the voting machines, they will give them to the corporation, and the corporation will tell you who won.

There's a long history of documented voter fraud in this country, and the dress rehearsal was the last presidential election. I narrated a film for a reporter called Greg Palast. 91,000 votes stolen in Florida. 91,000! Go to Greg Palast.com and look it up. Go to Votescam.com. If we don't stop voter fraud, we're not gonna win this election. Thank you all very much for coming.


Posted by Lisa at 08:37 AM
June 09, 2003
Ed Felten Explains How Black Boxes Interfere With Effective Public Policy

A number of distinguished organizations sponsored the Law and Technology of DRM conference that took place February 27 - March 1, 2003.

This presentation by Ed Felten is a real mind blower. The public is expected to tolerate the use of black box technologies in situations where doing so cannot possibly be in our best interest to do so, such as electronic voting machine systems.

The stills below explain a bit about this, but you'll really want to listen to the whole thing for yourself. Please do. It's really important that we all start taking this stuff very seriously so that we can start making our representatives aware of the current intolerable situation.

Ed Felten - Part 1 of 2 (Small - 10 MB)
Ed Felten - Part 2 of 2 (Small - 8 MB)

Ed Felten - Complete (Small - 17 MB)

Ed Felten - Complete (Hi-Res - 226 MB)

Audio - Ed Felten - Complete (MP3 - 12 MB)

Here's a transcript.











Public Domain Dedication

This work is dedicated to the
Public Domain. (Take it and run, baby!)

Posted by Lisa at 01:19 PM
March 30, 2003
More Good Information On Electronic Voting And The Need For Receipts

Oh goody. I'm not the only technologist that has been thinking long and hard about the voting machine problem. In fact, it looks like I'm coming in pretty late in the game!

It's cutting it pretty close, but perhaps there could be enough time between now and November 2004 to enable a fair and verifiable election.

Here's some thoughtful background and analysis on electronic voting from Stanford Computer Science and Electrical Engineering Professor David Dill.


This statement is intended be a message from technologists to the rest of the public, the gist of which is: Do not be seduced by the apparent convenience of "touch-screen voting" machines, or the "gee whiz" factor that accompanies flashy new technology. Using these machines is tantamount to handing complete control of vote counting to a private company, with no independent checks or audits. These machines represent a serious threat to democracy. Much better alternatives are available for upgrading voting equipment...

Compared with most technical issues, the basic problems with most "touch screen voting machines" are forehead-slappingly obvious to almost anyone who knows a little bit about computer security. There is strong agreement among those who have studied the problem in-depth, and I believe that almost anyone who looks into the problem a little (or a lot) will come to the same conclusions.

We realize that election equipment must satisfy many requirements, so we are neutral about the nature of the voter-verifiable audit trail, so long as it allows meaningful audits. Anything from fully manual paper ballots to optical scan ballots to touch screen machines that print paper ballots would do, so long as the voter can check the ballot and the (anonymous) ballot goes into a secure ballot box of some kind to be available for manual counting. In the future, there may be other kinds of physical ballots or even cryptographically based audit trails that satisfy the requirements.

Here is the full text of the article in case the link goes bad:

http://verify.stanford.edu/evote.html

Introduction
I (David Dill) am organizing opposition to paperless electronic voting machines by technologists, especially computer science researchers. I have written a resolution, for which I would like to recruit endorsements.

The Resolution on Electronic Voting

This statement is intended be a message from technologists to the rest of the public, the gist of which is: Do not be seduced by the apparent convenience of "touch-screen voting" machines, or the "gee whiz" factor that accompanies flashy new technology. Using these machines is tantamount to handing complete control of vote counting to a private company, with no independent checks or audits. These machines represent a serious threat to democracy. Much better alternatives are available for upgrading voting equipment.

I'm seeking endorsements for the statement by individuals and organizations. Of course, potential endorsers may feel that they don't know enough about the problem, so I have provided some links to further information below. Having devoted a modest amount of study to the problem, I have to concede that it's a little more complex that I thought at first. However, it's not that subtle. Compared with most technical issues, the basic problems with most "touch screen voting machines" are forehead-slappingly obvious to almost anyone who knows a little bit about computer security. There is strong agreement among those who have studied the problem in-depth, and I believe that almost anyone who looks into the problem a little (or a lot) will come to the same conclusions.

We realize that election equipment must satisfy many requirements, so we are neutral about the nature of the voter-verifiable audit trail, so long as it allows meaningful audits. Anything from fully manual paper ballots to optical scan ballots to touch screen machines that print paper ballots would do, so long as the voter can check the ballot and the (anonymous) ballot goes into a secure ballot box of some kind to be available for manual counting. In the future, there may be other kinds of physical ballots or even cryptographically based audit trails that satisfy the requirements.

What you can do to help.
Our biggest problem at this time is making people aware of this problem. Most people haven't a clue that there is even a controversy. They assume that election officials, manufacturers, politicians, or somebody must have made sure that the voting machines are secure. So you can help with this problem:

* Mention it to friends.
* Link to this web site
* Write letters to your local newspaper, talk to the reporters and columnists about the issue.
* Bring it up on mailing lists and web sites where readers may be interested (but please don't spam people!).
* Communicate (by email, phone, fax, or US Mail) with your elected officials at the local, state and federal level to let them know you are concerned about the issue.
* Find out what is going on in your community and/or state. Are they planning to buy new machines? To find out more, see our web pages about what's happening around the U.S.

Questions or comments can be addressed in email to "elections@chicory.stanford.edu"

Important Announcements
A letter from U.S. Rep. Rush Holt (pdf), expressing concern about the lack of a voter-verified audit trail in many electronic voting machines.

A letter to the Secretary of State of California from Prof. Doug Jones, a computer scientist and election machine examiner in Iowa.

Legislation pending in Washington State!

The state of Ohio has appointed a task force to set requirements for implementing HAVA. It would be great if they required a voter-verifiable audit trail. But there don't seem to be any computer technologists on the task force. I would like to hear from Ohio residents who would can help with this issue.

News about the debate in Santa Clara County.

#

Posted by Lisa at 11:17 PM
Experts Explain The Trouble With Computer Voting: No Receipts, Nothing To Recount

It's very important to keep our eye on the prize guys: a new democratically-elected President in 2004.

That may mean the end of computer voting in some areas -- NOT its introduction into new jurisdictions.

Unless these machines are required to be open source, so that third parties could verify their numbers. I believe open source voting machines are the only way that computer voting can move forward towards producing any kind of reliable results. What do you guys think?

New Voting Systems Assailed -- Computer Experts Cite Fraud Potential
By Dan Keating for the Washington Post.


Critics of such systems say that they are vulnerable to tampering, to human error and to computer malfunctions -- and that they lack the most obvious protection, a separate, paper receipt that a voter can confirm after voting and that can be recounted if problems are suspected.

Officials who have worked with touch-screen systems say these concerns are unfounded and, in certain cases, somewhat paranoid.

David Dill, the Stanford University professor of computer science who launched the petition drive, said, "What people have learned repeatedly, the hard way, is that the prudent practice -- if you want to escape with your data intact -- is what other people would perceive as paranoia."

Other computer scientists, including Rebecca Mercuri of Bryn Mawr College, say that problems are so likely that they are virtually guaranteed to occur -- and already have.

Mercuri, who has studied voting security for more than a decade, points to a November 2000 election in South Brunswick, N.J., in which touch-screen equipment manufactured by Sequoia Voting Systems was used.

In a race in which voters could pick two candidates from a pair of Republicans and a pair of Democrats, one machine recorded a vote pattern that was out of sync with the pattern recorded elsewhere -- no votes whatsoever for one Republican and one Democrat. Sequoia said at the time that no votes were lost -- they were just never registered. Local officials said it didn't matter whether the fault was the voters' or the machine's, the expected votes were gone.

In October, election officials in Raleigh, N.C., discovered that early voters had to try several times to record their votes on iVotronic touch screens from Election Systems and Software. Told of the problems, officials compared the number of voters to the number of votes counted and realized that 294 votes had apparently been lost.

When Georgia debuted 22,000 Diebold touch screens last fall, some people touched one candidate's name on the screen and saw another candidate's name appear as their choice. Voters who were paying attention had a chance to correct the error before finalizing their vote, but those who weren't did not.

Chris Rigall, spokesman for the secretary of state's office, said that the machines were quickly replaced, but that there was no way of knowing how many votes were incorrectly counted.

In September in Florida, Miami-Dade and Broward counties had a different kind of vote loss with ES&S touch-screen equipment: At the end of the day, precincts that reported hundreds of voters also listed virtually no votes counted. In that case, technicians were able to retrieve the votes from the machines.

"If the only way you know that it's working incorrectly is when there's four votes instead of 1,200 votes, then how do you know that if it's 1,100 votes instead of 1,200 votes? You'll never know," said Mercuri.

Because humans are imperfect and computers are complicated, said Ben Bederson, a professor of computer science at the University of Maryland, mistakes will always be made. With no backup to test, the scientists say, mistakes will go undetected.

"I'm not concerned about elections that are a mess," Dill said. "I'm concerned about elections that appear to go smoothly, and no one knows that it was all messed up inside the machine."

...if customers want receipts, he said, his company will supply them. And Williams said receipts may have a place in the system. "The advantage of a hard piece of paper -- one that a voter would hold in his hand and say, 'That is who I voted for' -- that is psychological, and there certainly is value to that. We need public confidence in our elections," he said.

Similarly, the official overseeing Maryland's program would accept paper if it were available.

"I've been doing voting systems for 15 years," Torre said. "I don't care if they give voters a piece of paper or not. If they come out with a receipt, that's fine. Maybe with the momentum out of California, we'll have receipts before too long."

Here is the full text of the article in case the link goes bad:

http://www.washingtonpost.com/wp-dyn/articles/A39241-2003Mar27.html

New Voting Systems Assailed
Computer Experts Cite Fraud Potential


As election officials rush to spend billions to update the country's voting machines with electronic systems, computer scientists are mounting a challenge to the new devices, saying they are less reliable and less secure from fraud than the equipment they are replacing.

Prompted by the demands of state and federal election reforms, officials in Maryland, Georgia, Florida and Texas installed the high-tech voting systems last fall. Officials in those states, and other proponents of electronic voting, said the computer scientists' concerns are far-fetched.

"These systems, because of the level of testing they go through, are the most reliable systems available," said Michael Barnes, who oversaw Georgia's statewide upgrade. "People were happy with how they operated."

In Maryland, "the system performed flawlessly in the two statewide elections last year," said Joseph Torre, the official overseeing the purchase of the state's new systems. "The public has a lot of confidence in it, and they love it."

But the scientists' campaign, which began in California's Silicon Valley in January, has gathered signatures from more than 300 experts, and the pressure has induced the industry to begin changing course.

Electronic terminals eliminate hanging chads, pencil erasure marks and the chance that a voter might accidentally select too many candidates. Under the new systems, voters touch the screen or turn a dial to make their choices and see a confirmation of those choices before casting their votes, which are tallied right in the terminal. Recounts are just a matter of retrieving the data from the computer again. The only record of the vote is what is stored there.

Critics of such systems say that they are vulnerable to tampering, to human error and to computer malfunctions -- and that they lack the most obvious protection, a separate, paper receipt that a voter can confirm after voting and that can be recounted if problems are suspected.

Officials who have worked with touch-screen systems say these concerns are unfounded and, in certain cases, somewhat paranoid.

David Dill, the Stanford University professor of computer science who launched the petition drive, said, "What people have learned repeatedly, the hard way, is that the prudent practice -- if you want to escape with your data intact -- is what other people would perceive as paranoia."

Other computer scientists, including Rebecca Mercuri of Bryn Mawr College, say that problems are so likely that they are virtually guaranteed to occur -- and already have.
Lost and Found

Mercuri, who has studied voting security for more than a decade, points to a November 2000 election in South Brunswick, N.J., in which touch-screen equipment manufactured by Sequoia Voting Systems was used.

In a race in which voters could pick two candidates from a pair of Republicans and a pair of Democrats, one machine recorded a vote pattern that was out of sync with the pattern recorded elsewhere -- no votes whatsoever for one Republican and one Democrat. Sequoia said at the time that no votes were lost -- they were just never registered. Local officials said it didn't matter whether the fault was the voters' or the machine's, the expected votes were gone.

In October, election officials in Raleigh, N.C., discovered that early voters had to try several times to record their votes on iVotronic touch screens from Election Systems and Software. Told of the problems, officials compared the number of voters to the number of votes counted and realized that 294 votes had apparently been lost.

When Georgia debuted 22,000 Diebold touch screens last fall, some people touched one candidate's name on the screen and saw another candidate's name appear as their choice. Voters who were paying attention had a chance to correct the error before finalizing their vote, but those who weren't did not.

Chris Rigall, spokesman for the secretary of state's office, said that the machines were quickly replaced, but that there was no way of knowing how many votes were incorrectly counted.

In September in Florida, Miami-Dade and Broward counties had a different kind of vote loss with ES&S touch-screen equipment: At the end of the day, precincts that reported hundreds of voters also listed virtually no votes counted. In that case, technicians were able to retrieve the votes from the machines.

"If the only way you know that it's working incorrectly is when there's four votes instead of 1,200 votes, then how do you know that if it's 1,100 votes instead of 1,200 votes? You'll never know," said Mercuri.

Because humans are imperfect and computers are complicated, said Ben Bederson, a professor of computer science at the University of Maryland, mistakes will always be made. With no backup to test, the scientists say, mistakes will go undetected.

"I'm not concerned about elections that are a mess," Dill said. "I'm concerned about elections that appear to go smoothly, and no one knows that it was all messed up inside the machine."

"We're not paranoid," said Mercuri. "They're avoiding computational realities. That's the computer science part of it. We can't avoid it any more than physical scientists can avoid gravity."

The Miami-Dade and Georgia terminals were reprogrammed right up until the eve of the fall elections. The last-minute patches don't go through sufficient review, Mercuri said, and any computer that can be reprogrammed simply by inserting an update cartridge cannot be considered secure or reliable.

Dill said hackers constantly defeat sophisticated protections for electronic transactions, bank records, credit reports and software. "Someone sufficiently unscrupulous, with an investment of $50,000, could put together a team of people who could very easily subvert all of the security mechanisms that we've heard about on these [voting] machines," he said.

People who have sold or administered electronic voting systems, however, say the scenarios of fraud or widespread, election-changing error were not of the real world.
'We'd Detect It'

Howard Cramer, vice president for sales at Sequoia, one of the nation's largest suppliers of electronic voting systems, noted that his company has been supplying the systems for a decade and a half. "Our existing approach is verifiably accurate, 100 percent," he said. "Some of the things they're saying are flat-out wrong. Some are conceivable, but outside the likelihood of possibility."

The designer of Georgia's security system, for example, said nobody could insert a secret program to steal an election when the machines are created, because no one even knows at that time who the candidates will be, and the only people with access to the machines at the last minute are local officials.

"They're talking about what they could do if they had access to the [computer program] code, if we had no procedures in place and no physical security in place," said Brit Williams, a computer scientist at Kennesaw State University. "I'm not arguing with that. But they're not going to get access to that code. Even if they did, we'd detect it."

He also said that Georgia's patch was checked before it was installed and did not affect the tallying of votes. And no one, he said, could reprogram Georgia's terminals by inserting a cartridge.

"On our machine, the port is in a locked compartment. The only person in the precinct who has a key to that locked compartment is the precinct manager. [Critics are] looking at it from a purely computer science point of view, saying the system is vulnerable, and it would be vulnerable if we let anyone walk up and stick a card into it, but that doesn't happen."

After Dill launched his campaign, officials in the Silicon Valley county of Santa Clara delayed a purchase of 5,000 touch-screen voting machines. Despite insisting that their systems are reliable and secure, the nation's leading vendors all immediately agreed to provide paper receipts, and the California secretary of state announced a task force to review the security concerns. A month ago, Santa Clara went ahead with its $20 million purchase, insisting that receipts be provided once the state approves the new equipment.

Georgia and Maryland officials said that providing paper receipts may create more problems than it solves -- that paper would have to be transported and monitored with security, and printers could jam. Cramer of Sequoia said paper is unnecessary, costly and may pose a problem for blind voters.

But if customers want receipts, he said, his company will supply them. And Williams said receipts may have a place in the system. "The advantage of a hard piece of paper -- one that a voter would hold in his hand and say, 'That is who I voted for' -- that is psychological, and there certainly is value to that. We need public confidence in our elections," he said.

Similarly, the official overseeing Maryland's program would accept paper if it were available.

"I've been doing voting systems for 15 years," Torre said. "I don't care if they give voters a piece of paper or not. If they come out with a receipt, that's fine. Maybe with the momentum out of California, we'll have receipts before too long."

Posted by Lisa at 11:43 AM