Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
United States Technology

Inside Electronic Voting Machines 398

Alien54 and several other people wrote in about a couple of stories published in a New Zealand webzine: an examination of an electronic voting system, and some less interesting political speculation about it. Diebold voting systems are in fairly wide use, and apparently provide zero security to keep election officials from writing in whatever election totals they want.
This discussion has been archived. No new comments can be posted.

Inside Electronic Voting Machines

Comments Filter:
  • First vote! (Score:5, Funny)

    by Anonymous Coward on Tuesday July 08, 2003 @03:22PM (#6395026)
    We should have a slashdot poll about this.
    And then rig the results. :)
    • by ethx1 ( 532391 )
      Hey! We are not all in Florida you know.
      • Re:First vote! (Score:5, Informative)

        by Anonymous Coward on Tuesday July 08, 2003 @04:23PM (#6395630)
        > Hey! We are not all in Florida you know.

        At least in Florida, no one was encouraged to vote the DAY AFTER the election.. the final "unofficial" recount had Gore winning by a wide margin, except for one thing...

        Ever wonder how in 2000 there were an unusual amount of "Florida military ballots" that went through the postal system LATE and WITHOUT POSTMARK?

        That normally does not happen (especially since mail ballots are sent EARLY and mail can't be routed without a postmark).

      • by Detritus ( 11846 ) on Tuesday July 08, 2003 @05:35PM (#6396103) Homepage
        Sorry, the City of Chicago has been granted a "business process" patent on fixing elections.
    • Re:First vote! (Score:4, Insightful)

      by jacquesm ( 154384 ) <jNO@SPAMww.com> on Tuesday July 08, 2003 @06:23PM (#6396400) Homepage
      right, but it wouldn't make much difference to the crowd here, as much as rigged elections in the real world make (none).

      Think about it: How many people would it need to care about rigged elections in order for it to be brought to light ? There is lots of evidence that the 2000 elections were less than proper, but so far there has been very little response to these allegations. A normal reaction would be absolute outrage by ALL politicians and an inquiry that brings up every last bit of evidence. The fact that this has not happened shows that politicians are happy with the status quo (two parties, for outsiders absolutely indistinguishable that exchange the baton every four to eight years).

      As if the only subjects you can differ on are abortion, healthcare and whether or not we should endorse a government religion.
  • by grub ( 11606 ) <slashdot@grub.net> on Tuesday July 08, 2003 @03:23PM (#6395045) Homepage Journal

    [tinfoil_hat]In the near future we will be given ballots containing RFIDs which will tie the voter to the vote. mwahahahaha![/tinfoil_hat]
    • Re:I need my meds.. (Score:2, Informative)

      by morcheeba ( 260908 )
      They somewhat do this in developing countries - they dye your thumb in an indelible ink so you can't vote twice (at least on the same day). Of course, guerillas who don't want anyone to vote tend to cut those thumbs off... and it isn't just so that the peasents can try to vote again
  • Hanging Chads (Score:3, Interesting)

    by DrWho520 ( 655973 ) on Tuesday July 08, 2003 @03:23PM (#6395046) Journal
    Suddenly hanging chads aren't so silly anymore...
  • Of course (Score:5, Funny)

    by DNS-and-BIND ( 461968 ) on Tuesday July 08, 2003 @03:23PM (#6395048) Homepage
    It's not a bug, it's a feature!
  • by Chef Ramen Noodle ( 651943 ) on Tuesday July 08, 2003 @03:24PM (#6395060)
    http://www.blackboxvoting.com i suggest you check it out.
  • I'll take 500,000 (Score:2, Flamebait)

    by tbase ( 666607 )
    Can you drop ship them to every voting precinct in the U.S. and send the bill to 1600 Pennsyvania Ave.? Thanks! GWB ps- is a check from Halliburton ok?
  • Abuse potential (Score:5, Interesting)

    by Roark Meets Dent ( 650119 ) on Tuesday July 08, 2003 @03:26PM (#6395088)
    It should be required that machines use open-source code, and some mechanism be provided for public inspection of the machines to verify the code hasn't been altered, some sort of checksum mechanism.
    • Re:Abuse potential (Score:4, Interesting)

      by Knife_Edge ( 582068 ) on Tuesday July 08, 2003 @03:41PM (#6395270)
      No kidding, these things have the potential to be a disaster for the democratic process, enabling voting fraud on a scale never before seen. If they ever try to get such devices in my district without making them open and easily accountable, my congressional district is going to hear holy hell about it from me. I almost never care about politics. I don't write letters to my elected officials or to the editor. I don't donate money to political campaigns or consider myself a member of either party.

      But if democracy is going to be done away with through the adoption of flawed technology, I feel I have no choice but to act. Luckily, I believe budgetary constraints are preventing these 'upgrades' in my area.
    • Re:Abuse potential (Score:4, Interesting)

      by teamhasnoi ( 554944 ) <teamhasnoi@[ ]oo.com ['yah' in gap]> on Tuesday July 08, 2003 @04:06PM (#6395480) Journal
      This [onlinejournal.com] article talks about how the lack of inspection of the votes and machines is unconstitutional. Interesting read, with case referrences.
  • Diebold. (Score:5, Insightful)

    by FreeLinux ( 555387 ) on Tuesday July 08, 2003 @03:27PM (#6395106)
    This should be of no surprise to anyone familiar with Diebold. You may have noticed that these guys are the makers of bank ATMs, among other banking and security equipment. Most of these ATMs, especially the older ones, use only 56bit encryption. 128bit is available in the form of a ridiculously expensive chip which also costs a few hundred dollars labor to have a tech come out and stick it in. Most banks, being the biggest cheap-skates in business, are unwilling to spend the money for these upgrades so, many of the ATMs that you regularly use likely have 56bit encryption at best.

    • Actually (Score:4, Informative)

      by greechneb ( 574646 ) on Tuesday July 08, 2003 @03:45PM (#6395320) Journal
      The biggest delay is in the manufacturing and installing of the triple DES 128 bit encryption boards to install. Most ATM service providers have already changed it so that any new ATM has to have the new board installed, and existing ATM's have to be upgraded also. With ATM's becoming more popular, and are popping up nearly everywhere(We have 12 ATM's in a town of 5,000). Makers of the hardware encryption boards are backed up, and the ATM vendors aren't hiring enough bright people to get the work done.

      Most banks are rushing to get security features like this in place, because these are the things that government bank examiners have field days on. Don't blame this on the bank, this is out of their hands.
    • Re:Diebold. (Score:5, Insightful)

      by homer_ca ( 144738 ) on Tuesday July 08, 2003 @05:35PM (#6396106)
      As bad as ATM security might be, they're still better than voting machines in one way. There's a paper trail. They print a paper receipt for the user and print an internal receipt for its own records. IMHO a paper trail is even more important than open source or code review.
  • by grennis ( 344262 ) on Tuesday July 08, 2003 @03:28PM (#6395121)
    Here in Georgia we had an electronic voting summit in Savannah and examined products from eSlate [hartintercivic.com], AccuVote-TS [gbsvote.com] and the iVotronic [srqelections.com].

    The short story is that they were all very flashy and glitzy, but all had severe problems with security and/or usability. We eventually decided to run a pilot program in last year's off-year election and try out 5 of the most promising machines in a real-world election. The final winner will be used across the state in 2004.

    No more hanging chad, but I think we are going to have a whole new set of problems to deal with.

  • by el-spectre ( 668104 ) on Tuesday July 08, 2003 @03:30PM (#6395138) Journal
    ... to tabulate the votes of the supreme court? Those are the votes used to selec..., er elect the pres...
  • by dark-br ( 473115 ) on Tuesday July 08, 2003 @03:32PM (#6395169) Homepage
    The Brazilian government converted to fully electronic voting in 2000, deploying over 400,000 kiosk-style machines. Although our elections are often compared to those in the US, they are actually quite different because the voters cast ballots by using numbers assigned to each candidate (this is necessary because of a high degree of illiteracy here).

    Concerns regarding accuracy of the self-auditing systems caused the legislature to mandate a retrofit of 3% (some 12,000 machines) to produce a paper ballot that the voter could peruse and deposit in a box for recount (the first large-scale use of the "Mercuri Method" -- described more fully here "A Better Ballot Box? [ieee.org]").

    These paper-trail machines were successfully used during the October 6, 2002 election, and it is hoped that their other machines will eventually be retrofitted as well. Further discussion on this subject can be found in the article: "The importance of recounting votes [notablesoftware.com]" by Michael Stanton (originally published in Portuguese as "A importância da recontagem de votos", on the website of the Agência O Estado de São Paulo, November 13, 2000, http://www.estadao.com.br/tecnologia/coluna/stanto n/2000/nov/13/194.htm). There is also an informative website: Brazilian Electronic Voting Forum by Amilcar Brunazo Filho [votoseguro.org].

  • Need paper trail (Score:5, Interesting)

    by El ( 94934 ) on Tuesday July 08, 2003 @03:33PM (#6395176)
    Any computer data can be quickly and easily changed. The best solution I can think of is to print out two paper receipts for each vote, one to go to the election commission (for manual recounts) and one to go to the voter. Each receipt would contain a random code which the voter could then type in on a web site to verify their choices have not been changed. Of course, most people wouldn't bother to verify, but it only takes one person to catch vote fraud.
    • OTOH... (Score:5, Insightful)

      by Gorimek ( 61128 ) on Tuesday July 08, 2003 @03:47PM (#6395333) Homepage
      Then again, it would only take one fraudster to falsly claim their vote had been miscounted.

      Also, any system that lets the voter check their vote also lets someone forcing them to vote one way or another to verify that they've done as commanded.
      • No, not "any system". I think you should review the
        few years of cryptography. For example, the voting
        machine could issue a receipt from which any possible
        combination of votes can be derived. Only the
        voter knows which key is correct. The voter can
        report a false key to a coercer.

        But frankly, I think the option of a receipt is
        preferrable, even if the system does not preclude
        vote-buying certification. The amount of fraud in
        the last two elections was orders of magnitude
        higher than in the preceeding decade,
      • Re:OTOH... (Score:3, Interesting)

        Then again, it would only take one fraudster to falsly claim their vote had been miscounted.

        Scrutiny of the system would scale with the amount of interest in it. If ten isolated people in Florida report their votes miscounted, no biggee. If those ten people get their friends to verify their votes as well and there emerges a pattern of claims, an investigation can begin. A single case of claimed miscounting - whether it be genuine miscounting, voter fraud, or senility - need not trigger an investigati

    • by garcia ( 6573 ) * on Tuesday July 08, 2003 @03:50PM (#6395361)
      with less than half the population deciding it's important to vote, I don't see how it would really matter.

      Find 99% of 18 year old's SSNs, enter into voting machine, instant winner.
    • by jeti ( 105266 )
      How can the voter verify that his number is unique?

      And how can you assure voting is anonymous when the
      machine can keep the votes ordered by time and it's
      easy to note when a voter verified his identity?
    • by ianezz ( 31449 ) on Tuesday July 08, 2003 @04:21PM (#6395609) Homepage
      The best solution I can think of is to print out two paper receipts for each vote, one to go to the election commission (for manual recounts) and one to go to the voter.

      Ok for the receipt to the commission, but I'm not completely sure about the receipt to the voter: let's say that some days before the elections someone comes to you telling how you should vote, "or else". And he requires that after the elections, you show him a proof that you actually voted as you were told.

      This went so far in some areas of Italy that on the last (regional) elections the usage of photocameras and videophones were explicitly forbidden in the voting booth. And yes, someone actually tried anyways and was discovered (and his vote invalidated).

      So, in some way, being unable to prove to someone else how you voted is not entirely a bad idea.

      (of course it can be objected that the nasty guys could come after you anyways if the result of the elections is not the expected one, regardless of how you actually voted...).

  • by ikewillis ( 586793 ) on Tuesday July 08, 2003 @03:33PM (#6395181) Homepage
    The primary drawback of electronic voting systems is that they aren't automatically self-documenting. Hardcopies of all electronic votes could be produced, however the act of punching a card is much harder to do surropticiously than printing a modified or forged vote to a printer.

    The only solution I can suggest for an all-electronic voting system would require extensive use of cryptography. Every voter would have to register a public key and every vote would be cryptographically signed. This would require a database of public keys outside of any political influence and it would also require that voters keep their private keys secure, both of which are enormous problems.

    Given these drawbacks, an antequated punchcard system doesn't seem quite so bad...

    • Or...

      We could use stand-alone systems with a touch screen. Once all of the selections are made, have a 'confirm selections' and print a hard-copy that is automatically put into a sealed tray.

      By sealed, I mean that voters have no access to it, so the officials running the booth have to collect the printouts occasionally. It could even remain locked until a certian number of printouts are collected, say 100, to help ensure anonyminity (yeah, I'm pretty sure that's spelled wrong). There could also be a tim
    • Let's just agree to disagree on everything.

      Nobody can trust anyone else to properly count their votes. So I say to hell with this system based on trust. Anarchy for everyone!
  • Plenty of Security (Score:3, Interesting)

    by kovacsp ( 113 ) on Tuesday July 08, 2003 @03:34PM (#6395192) Homepage
    There's plenty of security preventing people from changing the results. Its called exit polling. If the vote tallies are wildly different from the scientific exit polling done by independent 3rd parties, then I'm sure a full investigation would follow.

    They could certainly be abused, however, in smaller state and local elections where a small handful of votes can make a huge difference.
  • by karl.auerbach ( 157250 ) on Tuesday July 08, 2003 @03:35PM (#6395201) Homepage
    The US military wants to make sure that US servicemen/women overseas can vote. That's not a bad thing and there is a US law that requires this.

    But there is a bad thing - the system they are promoting runs on MS Windows - including Win 95/98 - using Internet Explorer (5.5 and up) and Netscape.

    Somehow they have in their minds that if they run HTTPS and require anti-virus software that the machines will be secure enough so that votes made through those machines won't be buggered.

    Oh, and did I mention that the voter registration occurs through the same machines and same web-browser/https mechanisms?

    Seems to me that this is a recipie for disaster - I don't consider any operating system safe from tampering, particularly none of the MS products. And these machines will likely be shared by many people, configured by DHCP (itself a security risk), perhaps with programs being loaded over insecure nets from insecure file servers, and crossing the internet via web proxies, "transparent" web caches, WCCP, and who knows what else.

    This could make Florida 2000 look like a picnic.
  • The article seems to be slashdotted already from my end, so I haven't read the article, but... how is this any different from more traditional balloting techniques? The machines they use to count paper ballots spit out a total at the end too, which election officals then add to other counts from other precincts. Even with hand counting, a similar thing would happen: a room of people produce a result for a given voting area.

    So long as the data from the electronic machines is still available for a recoun

    • by gurps_npc ( 621217 ) on Tuesday July 08, 2003 @03:47PM (#6395331) Homepage
      But it IS easier to change - a LOT easier to change.

      And a lot easier to forge.

      To stuff a ballot box, you need the right paper, ink, and print format BEFORE the election. This creates a paper trail and gives us time to stop you before you do it.

      It also requires multiple criminals, which may very well turn state's evidence.

      To change purely electronic data, it can be done on the fly, during the election, by one angry man, leaving apparently NO traces, according to the analysis of the machines currently used. And their would be no way to recover the original data.

      The original paper ballots can and DO get checked by hand. To really fix any election that has paper ballots, it is MUCH harder than a pure electron one.

  • and apparently provide zero security to keep election officials from writing in whatever election totals they want.

    This would have saved the Florida election officials so much time in the 2000 elections.
  • by Soong ( 7225 ) on Tuesday July 08, 2003 @03:37PM (#6395231) Homepage Journal
    Make a public domain design&software for a voting machine. Get five companies to build them. No one company can rig the election.

    My only big design point is Dual Receipt, like a credit card transaction. Fast electronic count, paper count for them, paper count for me.
  • Some observations (Score:5, Interesting)

    by binaryDigit ( 557647 ) on Tuesday July 08, 2003 @03:37PM (#6395233)
    Their article is interesting, but a bit misguided IMNSHO. First they harp on the three sets of ledgers. Well what's the big diff. They say that this somehow allows more leeway to fudge, well actually it doesn't. The fact is that you have to know that there are three sets and exactly which sets of reports get their data from which sets (a very lame attempt at security thru obscurity?). Having a single ledger means that you only have to go to a single place to mess with things.

    But the biggest problem with there report is that they spend a lot of time talking about essentiallly one issue, that the tables are available for anyone with the password to edit and manipulate. There doesn't seem to be any type of tiered access and because they use access, a TRUE audit trail can not be created.

    I would think that a voting system would be important enough to warrant the extra time to create a custom DB that audits absolutely everything to a file/table that can't be touched by anyone but the app (e.g. only the app can add rows and rows can never be deleted). I assume that Diebold was able to use Access because it made their bid lower and the company that actually had a decently secure system was underbid.

    I smell a voter's lawsuit, oh to be a lawyer.
  • by dachshund ( 300733 ) on Tuesday July 08, 2003 @03:39PM (#6395253)
    It amazes me. After the 2000 elections, every expert in the world pretty much agreed that electronic voting technology should not be deployed unless safeguards were added, and they went to great lengths to enumerate those safeguards.

    Three years later, and it seems that equipment manufacturers have managed to blithely ignore every bit of it. And apparently, so have the people purchasing the stuff.

  • Using purely electronic voting for anything other than informal polls and amusement is very, very dumb. Besides the potential for tampering, there is also the potential failure of the machine in general. ( How'z about a nice big lightning storm hitting and frying all of the machines in a polling station through a power surge. What'll you do, have the election over again? ) After all, one US judge said that the constitution does not state that election results have to be accurate. Just that they *tried*
  • I went to Diebold's voting machine site, and they seem to be proud that Georga's using (or going to use) their machines. Anyone want to call Georgia and let them know that the 'encyrpted' passwords can be cut and pasted between Access databases to add users who can change votes?

    How many installations do you think are using the default password?
  • by indros13 ( 531405 ) * on Tuesday July 08, 2003 @03:45PM (#6395314) Homepage Journal
    On the issue of electronic security, I have to concede that I have little experience. Given these tests, I am concerned that a dishonest person could edit returns and cause problems with an election. This could be particularly problemmatic in counties that use 100% electronic voting, with no paper trail. It's bad enough that the log is so easily hacked without a trace. It would be even worse to have no real recourse.

    Fortunately, as someone who has served as an election judge (working the polls) in Minnesota, I can tell you that these concerns are a little overblown. We use the optical scan machines here, and we submit the precinct detail report (list 1 for those who read the article) to the county electronically and in paper format (3 copies). Additionally, we have all the paper ballots that were filled out by the voters carefully stored in the machines during the voting period, and then mailed to the county in sealed envelopes and signed by all the election judges.

    Not only is the written process pretty fail-safe, but I worked an election where there was a discrepancy between our ballot count (kept as people vote) and the machine count at the end of the day. We hand-counted all the ballots (they were bubble test style, so no hanging chads or dimples) to make sure the count was accurate. Even if someone had hacked the voting machine, there was little chance for them to bust into the voting machine to steal or alter the ballots.

    Additionally, although some nefarious person could hack the machine, I have no idea when they would. Most polling places have a team of election judges present from the time the machine is unlocked until after the results have been transmitted. Judges are not supposed to linger near the voting machine for any length of time. Certainly it's important to implement appropriate safeguards in the software (such as the automatic numbering system that was disabled for the log file), but chances of election fraud due to machine tampering are pretty darn low.

  • I'm already not so sure I trust our current election system, and from what I've seen of computer security breaches, I would never trust a computerized system. Cheating aside, it would only take one malicious cracker, a bad hard drive or two, a broken communications line, a power failure, or any one of countless possible catastrophes to ruin the credibility of an election or make it impossible to vote. And there would be no hard copies to recount.
  • This could potentially increase the proliferation of democracy as voting should become easier, more reliable and cheaper to administer, if handled carefully.
  • by christoofar ( 451967 ) on Tuesday July 08, 2003 @03:51PM (#6395370)
    Politicians here have to spend lots to get the dead to vote... but they manage to turn out year after year. How failful to their citizenry after they're gone...
  • This week's sign the apocalypse is upon us -

    (From the article - emphasis mine)

    At the county office, there is a "host computer" with a program on it called GEMS.

    GEMS receives the incoming votes and stores them in a vote ledger. But then, we found, it makes another set of books with a copy of what is in vote ledger 1. And at the same time, it makes yet a third vote ledger with another copy.

    The Elections Supervisor never sees these three sets of books. All she sees is the reports she can run: Election summary (totals, county wide) or a detail report (totals for each precinct). She has no way of knowing that her GEMS program is using multiple sets of books, because the GEMS interface draws its data from an Access database, which is hidden.

    What's next? NASDAQ running off of Access?

  • Idea (Score:3, Interesting)

    by pmz ( 462998 ) on Tuesday July 08, 2003 @04:03PM (#6395459) Homepage
    Why not implement a "paper trail" through punching holes in a metal plate using a laser. Each machine would encode their votes in metal, which would be hard to falsify (the holes will have clear characteristics). The metal plates can then be removed from the machines after voting and kept available for recounts, if needed. Optical scanners could even automate recounts.
  • by Zen Mastuh ( 456254 ) on Tuesday July 08, 2003 @04:07PM (#6395492)

    I found this gem on alternet [alternet.org]:

    All races of voters make errors on paper ballots. But in white counties like Leon (Tallahassee), if you make a stray mark or other error, the vote machine rejects your ballot, and you get another ballot to vote again. But in black counties like Gadsden, you make a mistake and the machine quietly accepts and voids your ballot.
    While we may look at hacking or intentional fraud as one of the only (or few) potential abuses WRT electronic voting, we might forget about structural abuse like we've seen in Florida. It makes me laugh when someone comments on a vote saying "the people have spoken". We should just roll dice instead...
  • I was one of those reporting this story. What wasn't mentioned was that the source code availability, at

    They mention that there is some corruption of some files, and offer

    and some are password protected, and recommend:

    Personally, as someone who also does configuration management, I found the Motherlode in Vol 2: cvs.tar, which does, indeed, have the entire cvs source code tree. Note that it is damaged, and about 1/3rd of the 72M of code won't untar (though I suspect that someone with a good familiarity
  • I don't know about elsewhere but in California, there are many weak points in the voting system.

    1. Voter registration is nothing more than filling out a postcard with name, address and political party. No ID needed. Easy to create "fake accounts."

    2. When you go to the polls. They don't look at your ID. In fact, they are not allowed to ask for ID. Easy to fake as long as you know some voters or previous voters in the area.

    3. Voter rolls are not regularly purged so people that have moved or died can still
    • by davebo ( 11873 ) on Tuesday July 08, 2003 @05:25PM (#6396035) Journal
      I'll respond to points 2 & 3.

      The reason I've been told that one isn't allowed to ask for an ID to vote is that it would be a violation of the Constitution - specifically, the 24th Amendment [findlaw.com].

      Now, you're asking yourself, "why would asking for an ID violate the prohibition of poll taxes?" Think about the time you got (or last renewed) your driver's licence. It wasn't free, was it? Ta-dah! A poll tax.

      So, if you've got to show a photo ID to vote, the state's got to provide a free photo ID. And most states right now are too broke to even think about something like this.

      And as far as point 3 - Purging of the voting roles led to big problems in the 2000 election in Florida. Basically, some voters that shouldn't have been purged were purged. When they showed up to vote, they were told they couldn't. Big disaster. I suspect most places would rather have voting roles with ineligible voters (99.99% of whom won't show up to vote, because they've moved or are dead - and if "they" do show up, it's unlikely anyone will find out about it, thus causing problems for the officials running the election) than voting roles missing eligible voters (who will make a huge stink if they show up and are told they can't vote, which will cause a problem for the officials running the election).

      You can read about the Florida voting list purge here [gregpalast.com] if you wish, and check the mention in the U.S. Commission on Civil Rights' report here [usccr.gov].
  • It's possible for you to change things [house.gov], but only if you pick up your phone and call your representative's office.
  • by ChaosDiscord ( 4913 ) on Tuesday July 08, 2003 @04:47PM (#6395774) Homepage Journal

    Electronic voting machines are a bad idea. There is NO reason to use them for general voting.

    By electronic voting machine, I mean a machine with a display that allows you to select candidates and keeps the tally electronically. You the voter directly interact with this machine.

    Ultimately there is no way to be 100% certain that the machine is doing what you want. The only real backup is a paper trail for a hand recount. These machines don't offer that. Result: the machine can make up numbers and you'd be hard pressed to tell.

    Okay, so the machine can print out a verification receipt that you also file. That solves the problem. Of course, then what has the machine gained you? The voter still needs to verify that the printout says what it should (and what do you do if it doesn't?). This just adds an unnecessary double check that voters have to worry about.

    You might as well just initially fill out a paper ballot and have a machine scan it. Machine scanned paper ballots can be simple for voters to use, simple for machines to scan, and simple for a hand recount. If a machine doesn't like the ballot it can reject it and a poll staff person can explain the situation ("The machine rejected your ballot. I can force it through, but one or more of your votes might be thrown away. Or I can shred this ballot and give you a new one. If you like, a poll staff member can help you fill out the new ballot.") This is exactly the situation here in Madison, Wisconsin and it works great. The ballots are really simple (there is a two inch arrow with a one in gap in the middle pointing to each candidate's name with, you just fill in the gap on the arrow pointing to your choice). It's easy to fill out. It's trivial for a machine to scan (it's like the fill in the bubble tests, but with much larger, easier to read fill in areas). The big arrows are trivial for a hand recounter to check. You can do occasional random hand recounts to verify that the automatic tabulators are working correctly.

  • Bev Harris' Black Box Voting: Ballot-tampering in the 21st Century [blackboxvoting.com] has much to offer on this, most notably a chance to preorder Harris' book on the topic. I don't have any connection to her or the book, and I make no money from saying this. My awareness of her comes from reading the website and listening to her radio interviews describing her findings and research. She offers compelling evidence on what has gone wrong with Diebold's machines, Sen. Hagel's connection to Diebold, and how votes get lost. She writes in a manner that is accessible to technical and non-technical people alike. I think this book will be another must-read investigative journalism highlight just like Greg Palast's "The Best Democracy Money Can Buy" on the 2000 presidential election in 2000.

  • Canadian? (Score:5, Insightful)

    by BrainInAJar ( 584756 ) on Tuesday July 08, 2003 @07:36PM (#6396780)
    During the 2000 election mess, Canada just happened to have an election. We found out our results about 15 hours after ballots were closed.

    This isn't a troll about Florida, etc. but rather a comparison. America uses punch cards and fancy voting machines and all that stuff.
    Canada, OTOH has a piece of paper. With some names on it, and circles next to the names. you put a mark (check, X, your initials, whatever) next to the person you want to vote for. If there's a mark in more than one (and not just a small pencil mark like a dot. Something that actually looks like you meant to vote for more than one person) or no marks at all, the vote is thrown out. Everything is counted by humans.

    So, why is it that they're looking for new fancy ways to (screw up) voting, when countries like Canada managed to use circa 1868 technology and have a more efficient (based on 2k elections) system?
  • Digital Magic (Score:3, Insightful)

    by pete-classic ( 75983 ) <hutnick@gmail.com> on Tuesday July 08, 2003 @07:37PM (#6396786) Homepage Journal

    Diebold voting systems are in fairly wide use, and apparently provide zero security to keep election officials from writing in whatever election totals they want.


    Where did the perception that replacing a practical solution with a technical one erased all need for the practical precautions associated with that solution?

    "We used to keep personnel files in a locked cabinet in a locked room, but now we just keep them on a SMB share with a null password."

    "We used to keep voting half-way honest through careful ID and ballot controls, but now it's just Diebold's problem."

    What gives?

    -Peter
  • "Paper Trail" Bill (Score:5, Informative)

    by tunesmith ( 136392 ) <siffert@musewo[ ].com ['rld' in gap]> on Tuesday July 08, 2003 @07:38PM (#6396790) Homepage Journal
    I can't believe no one has mentioned this yet - please mod this up if you can. Congressman Holt (D-NJ) has introduced a bill to require paper trails in electronic voting machines. This needs *aggressive* support as it is currently stuck in committee. Please review the bill:

    http://holt.house.gov/issues2.cfm?id=5996 [house.gov]

    and contact your congresscritters...

  • by pseudoelfling ( 687937 ) on Tuesday July 08, 2003 @08:14PM (#6396978)
    Try to reconcile these comments with how the system is secure with the system that was described by Bev Harris... It is full of strawmen. I think my favorite part is that they'll keep it secure by never allowing patches to be applied to the Microsoft Windows OS.

    - begin here -

    Security in the Georgia Voting System
    Britain J. Williams, Ph.D.
    April 23, 2003
    Introduction: The State of Georgia replaced all voting systems statewide with a computer-based voting system. This system, known as a direct recording electronic (DRE) voting system, was first used in the November 2002 election. This voting system, described in the next section, is computer based. As a result, questions have been raised regarding the vulnerability of the system to attacks by hackers and persons attempting election fraud.

    Overall security of any computer-based system is obtained by a combination of three factors working in concert with each other. First, the computer system must provide audit data that is sufficient to track the sequence of events that occur on the system and, to the extent possible, identify the person(s) that initiated the events. Next, there must be in place well defined and strictly enforced policies and procedures that control who has access to the system, the circumstances under which they can access the system, and the functions that they are allowed to perform on the system. Finally, there must be in place physical security; fences, doors, locks, etc.; that control and limit access to the system. This article describes how these factors are incorporated into the election system in the State of Georgia.

    Overview of the Georgia Voting System: The computer-based election system deployed in the State of Georgia is classified as a direct recording electronic (DRE) system. The components of the system consist of the following:

    Standard personal computers running an executable module known as GEMS, Global Election Management System. This system, called the GEMS computer, is used to define the election, enter the candidates and questions, and format the ballots for the voting devices. This computer also accumulates the votes after the polls close and prints various reports and audits.

    Touch-screen voting stations are used for in-person voting.

    Optical ballot scanners are used for absentee and provisional voting.

    Each county election office in the State is equipped with a GEMS computer. This computer is used to define elections and format the ballots for both the touch-screen voting stations and the absentee (paper) ballot scanners. The system also produces files that can be sent directly to a printer to print the absentee and provisional ballots.

    When the election definition is complete, the GEMS system produces PCMCIA cards, also called PC memory cards, which are used to program the touch-screen voting stations and the ballot scanners. One card is produced for each voting station and ballot scanner.
    While still in the county warehouse the voting stations are arranged by precinct and the PC cards are inserted. In the days just before the election a series of tests called Logic and Accuracy tests are conducted. These tests are designed to confirm that the voting stations have been properly prepared for the election and that they correctly register all votes cast. These tests are open to the public. At the completion of the Logic and Accuracy tests the voting stations are sealed and delivered to the precincts.

    On the morning of Election Day the Precinct Manager and Assistant Precinct Manager break the seals and prepare the voting stations for the election. The first step in this process is to print out a 'zero totals tape'. This tape verifies that no votes have been recorded on the voting stations prior to the opening of the polls. As the voters cast their ballots on a touch-screen voting station their choices are recorded on the PC memory card. The absentee ballots and provisional ballots are processed through ballot scanners and their votes are r
    • I live in Georgia also. I've noticed one thing about the new voting machines - no privacy. Before they set up the new Diebold systems, we always had a little closet to vote in. It had cloth walls and a curtain at the back you could close. Once you finished with the ballot, it would go inside a metal sleeve that hid your choices until you slid the ballot inside the locked box.

      Now we have big flatscreen computers - backlit screens with huge fonts and a color behind each candidate's name. There's no curtain,

If you steal from one author it's plagiarism; if you steal from many it's research. -- Wilson Mizner

Working...