California bans digital voting machine

by brian d foy

Related link: http://www.ss.ca.gov/executive/press_releases/2004/04_030.pdf



Yesterday, California Secretary of State Kevin Shelley banned the Diebold TSx touch-screen voting system, citing an April 20th report by his office that details abuse and fraud by Diebold. "We will not tolerate the deceitful conduct Diebold."


This is not the first time that Diebold has had problems, either. The Department of Budget and Management of the Office of Information Technology for the State of Maryland said in >Risk Assessment Report: Diebold AccuVote-TS Voting System and Processes (Sept 2, 2003):



This Risk Assessment has identified several high-risk vulnerabilities in the implementation of the managerial, operational, and technical controls for AccuVote-TS voting system.


That is pretty damning. They identified not vulnerabilites in just software, but in managerial and operational controls.


Avi Rubin, et alia, discuss the technical problems with Diebold in their Analysis of an Electronic Voting System, due in May's IEEE Symposium on Security and Privacy.


Last year, This American Life aired
a story by Jack Hitt that showed how easy one could rig a Diebold machine.


Diebold's problems go back further than that even. You can find plenty of digital ink about Diebold screwing up the Florida vote count for the 2000 presidential race, and Florida still uses Diebold in Volusia county, among others.


I have two words for this: "open source". If the government uses software, it should get the source, and in most cases, the people should get to see it. That does not mean the we get a license to use it---just to look at it. Words like "fraud" or "deceit" do not apply when we can inspect the source ourselves.


In the end, our elections should not be a commercial activity, and we should demand something more than just competition in the marketplace to decide what we are going to use. How many states have to connect their election debacles to Diebold before someone goes to jail?


4 Comments

savvysooner
2004-05-02 00:08:37
Paper Ballots on Demand
Using GNU software why not build a smart ballot printer for every polling place? It would be a sealed unit with data for the production of a paper ballot for that location on demand as the voters appear. Lower costs, better ballot security. This is completely independent of counting. It is about producing paper ballots on demand as needed. Perhaps electronic voting machines without verifiablity is a wasted effort. I am opposed to them until a LOT of problems are cleaned up - if ever. My ballot on demand idea could be expanded to include "Instant Absentee Ballots" for registered voters from outside that precinct, but that is for another time.
brian_d_foy
2004-05-02 17:18:09
Paper Ballots on Demand
From what I have been reading, election officials are starting to ask for paper receipts, and California standing up to Diebold is a good step.
adamsj
2004-05-03 14:14:20
Just What The Trainer Ordered
I sure agree with brian about almost all of this paragraph:


I have two words for this: "open source". If the government uses software, it should get the source, and in most cases, the people should get to see it. That does not mean the we get a license to use it---just to look at it.


Hmm...I wonder where I could read about e-voting systems like that?


Words like "fraud" or "deceit" do not apply when we can inspect the source ourselves.


Here, though, I'll quibble. I'm a proponent of e-voting, but I don't believe even the most transparent system is cheat-proof. Nor is it impossible to commit (okay, at least to attempt) fraud or deceit in an open process--openness is less a deterrent than a preventive. If someone does commit fraud or deceit in this manner, then fraud and deceit are still what they are.

brian_d_foy
2004-05-03 14:21:51
Just What The Trainer Ordered
Thanks for the link to the article---I had missed that one.


As for fraud, I meant my commets to apply only to what the supplier told the end user about the system, rather than security problems some other person could exploit.


"Trust, but verify" :)