It's no secret that Diebold's electronic voting gear is, um,
a little lax in the security department, and now a non-profit group known as the Open Voting Foundation has found "what may be the worst security flaw we have [ever] seen in touch screen voting machines" in the company's older TS model. Apparently these devices -- which produce no paper record of voters' choices -- contain a switch on the internal motherboard (pictured above, with handy onboard instructions) that would allow nefarious hackers to toggle between the two pre-installed boot profiles and "change literally everything regarding how the machine works and counts votes." Even worse, the board also sports a slot for external flash memory from which a third profile could be "field-added in minutes," allowing unsavory characters to overwrite certified files with their own data before switching the machine back to its unaltered state -- with no one the wiser. It looks like Diebold has two options for addressing this nagging problem: either they can open up their machines and source code to a thorough external audit and adopt the resulting suggestions (
unlikely), or they can take the simpler route and just get their friends in Washington make it illegal for rabble-rousers like the Open Voting Foundation to play with their toys.
[Via
The Register]
posted Aug 1st 2006 3:41PM
Maybe now Gore could win.
I hardly see this as the worst flaw.. at least in practical terms. Seems like you would need to alter several machines in order to actually change an outcome. I suppose for local races it could work. But would someone really risk that much in order to get their person elected to the school board.. I suppose.
If everyone wouldnt have complained about the chads then we wouldnt have this problem.
As an election judge for the last three elections, I find this article to be total BS. Of course there are "security flaws" in the Diebold machine. It's not designed to be a fortress. It's designed to be reasonably secure under the watchful eyes of the election judges. You can bet that I would notice if someone was prying the case open on one of my machines to get to the "switch on the internal motherboard". That machine would be invalidated and its votes would be considered spoiled. The argument against the flash card is a red herring. The PC card slot which accepts the flash memory is behind a locked door and a flash card that keeps a copy of the internal vote count is usually there during normal voting operation.
Of course, all of this could be tampered with before voting starts, but again the election judge is responsible for making sure that machine vote count is 0 and that nothing has been tampered with.
The Diebold machine is nothing but an intelligent bucket. What makes it secure or insecure is the honesty or dishonesty of the election officials. This has always been the case regardless of the technology used, whether it is voting levers, punch cards or Diebold voting machines.
This can effect very close races, if just several machines in Florida were changed then either side would have easily won. In very close presidental races this can be very big.
Why can't they just alter the basic design of current ATMs for voting machines? They leave a paper trail, have integrated surveillance, can quickly transmit sensitive data, and are apparently cheap enough to put in just about every gas station in America.
All hail manbearpig...............
Let's see... Paper trail plus surveillance. There goes our secret ballot!!
RE honesty of election judges. Considering the election fraud re who can and can't vote in Florida, and hanging chads, rigging election disctricts and now diebold machines, the Republicans must be getting very scared come the November elections.
In Europe we have paper and as old fashioned as it is we can check again and again no complaints about who won. Recently one election here recently was a dead heat they drew lots for the seat. You could never get that in the US.
Hey kbiel,
What I want to know, and what you may be able to answer, is what is wrong with the optical reader system? I've used it in every election I've participated in and it works great. There is an instant paper record of my votes which is the original I make and there is an electronic tabulation. Why do we need to add an expensive touchscreen and hackable hardware/software? Why not just stick with the tried and true fill-in-the-dots?
I'm intrigued kbiel. How as an election judge (not a term we use over here) would you be able to tell if someone had altered this machine to count every 2nd Vote for Person1 as Person2 before you received the machine?
It would seem from the description that all you need is a little alone time *anywhere* on the machine's journey from the point of manufacture to the polling station and you can replace it's entire set of software with your own.
@ kbiel
Hypothetically: When these boxes are delivered, you would open the case and confirm that all the toggles were properly toggled on the motherboard?
So what if someone checked to see the boxes read 0 when they got there. The tampered software could easily make a double vote for every randomth vote given to some politician.
You one or two of these spread out in a voting district and you could almost untraceably add votes to a particular candidate and no one would be monkeying with the internals of the machines. And anyhow, what could the old geezer that monitors the equipment know about the internals of one of these boxes? They probably couldn't read the fine text on the motherboard. Much less discern a vacuum tube from a processor. :P
I wonder what hacker is going to be able to remove the TSx from the stand, open it, insert a card, boot the machine, run code, remove the card, reinsert the machine into the stand, and reboot again in the middle of a polling place without being noticed? Maybe if David Copperfield takes up election fraud it could happen…
Qyiet,
How hard would it be for an election judge to examine and then test a machine before the polls opened to ensure it hasn't been tampered with? If you ask me it is likely that they are tested and that it is easy to do so. Kbiel's point is that it's not the security of the machine we should worry about but the integrity of the election judge. As for voting with a paper trail while under surveillance, please let's never think that is a good idea.
A voting paper trail doesn't mean that votes are not anonymous.
Actually AJ.. that was exactly my point, and I believe also XiozTzu's.
I believe it would be *very* hard for an election judge to verify just prior to an election that any given machine had not been tampered with, and certainly *much* harder to verify than manual, or mechanical system. Hence I was interested in exactly *how* an election judge would do that.
kbeil, Considering the people at my local polling place have difficulty just determining the ballot to give me, I'm not sure I believe that every e-machine would be checked for tampering before and after the election.
According to this site (which I have no idea is legit or not), ...A "zero report" was run indicating zero votes on the memory card. In fact, however, Hursti had pre-loaded the memory card with plus and minus votes... http://www.bbvforums.org/cgi-bin/forums/board-auth.cgi?file=/1954/15595.html
The one I was looking for though, was the fact that various Voting Machine Company Employees (not limited to Diebold) were responsible for fixing "damaged" machines, not election authorities. How would you know the machine was working correctly after Diebold or another "tech" fixed it?
@ Eric Cartman
That's funny, I'm cereal.
"RE honesty of election judges. Considering the election fraud re who can and can't vote in Florida, and hanging chads, rigging election disctricts and now diebold machines, the Republicans must be getting very scared come the November elections."
Oh for the love of God, let this canard die already. This horse has been beaten to death time and time again and two separate, independent, boards of jouranlists ascertained that Gore would have lost under every scenario he wanted to use to recount the votes. Get over it.
#1 lol!
I don't understand.
Why don't they just count the votes by hand as they always have done? More secure, more reliable. More verything.
"Why don't they just count the votes by hand as they always have done? More secure, more reliable. More verything."
Because then the libs would have to accept that their candidates actually lost.
I for one welcome our un-democratically elected overlords. At least then, those unholy minorities will get what they deserve.
"Because then the libs would have to accept that their candidates actually lost."
Actually no, I think all of us libertarians pretty much accept it as a foregone conclusion that our candidate is going to lose.
WHy is touchscreen/computer voting being made so difficult? Everything is done by hand now and they are trying to instantly move to the opposite side where everythig is networked.
WHy not just have some standalone PCs in the voting booths (PC locked up behind it, just the screen in the booth). Then the person goes in, votes for who they want and after the confirm their choices, it locks the screen until a voter worker person punches a code or something to unlock it for the next person.
All the data could just be stored on the main server at that particular voting location. Then each voting location could take their results and send them via whatever method (secure FTP, burn a disk and drive it over, etc) to the main office for everything to be tallied up. But they'd have their own total that the admin person at the site could see real time.
There's no way to hack something like this and it saves all the hassle of errors in paper ballots and everything. The sites don't need to be networked (since they aren't now anyway), it's just so the actual person in the booth can't screw up by mistake.
Shouldn't be all that difficult.
To #1, no Al Gore could not win now. It is well known that Diabold Corp is run by a group of ultra conservative Republicans. Perhaps it is how Al Gore lost. It would appear that ultra conservative Republicans support true democracies every where in the world except in the USA.
Its going to be ironic when we will need UN observers to monitor our own elections.
Three words: Vote by Mail.
Why do I want to go to a polling place with at best questionable polling practives to vote.
Oregon has vote by mail and it is the best voting system every. Touch screen voting is stupid. Waste of money, voters time, and as notes above, it does nothing to ensure the integrity of democracy.
And while Al Gore may have lost Flordia, HE WON THE POPULAR VOTE. More people voted for Gore than any other candidate. If thats democracy, then I've got a toll road you can buy for super cheap. Our so called leaders don't care about democracy anyway, they care about power, as in their power to do as they please.
To answer all the questions at once:
I don't know how every county/parish in every state conducts their polling, I can only vouch for how it is conducted, legally, in Texas.
Their is a separate record of the voters who came to vote that is in complete control of the election judge. The election judge is supposed to periodically check the total votes casted versus the total voters every couple of hours (and post the numbers). Therefore, if someone tampered with my machine to double count votes then I would see the discrepancy between the vote count and my records.
As for optical reader ballots, I can't say whether they are better or not than voting machines, that was not the point of my comment.
BTW, I see a lot of people here commenting that there is no paper record with the Diebold machines and that is just bunk. There is an internal paper tape and, to my knowledge, the machine can either be set to print at the time a vote is casted or set to print totals reports when requested. In Texas, we print a zero report before voting begins and a final report after voting has ended. Everthing that happens in between is saved to internal memory and a copy is kept on a flash memory card.
Can this machine be tampered in such a way that I would not detect it? Most certainly. But the same could be said of any voting method. Paper ballots could be premarked or switched later. Optical reader ballots are no different, I imagine.
What it comes down to is the honesty of your election officials. It would be almost impossible to rig an election without having someone inside the election process to help.
Alot of people have said it before me, but it all comes down to trust in your governing officials.... and I think we all know how much we can trust the American Dictators.. *cough*... did I say Dictators? I meant leaders... honestly I did.