Diebold Whistle-blowing

| Comments (11) | TrackBacks (12) |
The Raw Story is carrying a report that claims to be sourced by an insider at Diebold. Allegedly, Diebold installed an untested patch shortly before the Georgia elections:
The insider harbors suspicions that Diebold may be involved in tampering with elections through its army of employees and independent contractors. The 2002 gubernatorial election in Georgia raised serious red flags, the source said.

Shortly before the election, ten days to two weeks, we were told that the date in the machine was malfunctioning, the source recalled. So we were told 'Apply this patch in a big rush. Later, the Diebold insider learned that the patches were never certified by the state of Georgia, as required by law.

Also, the clock inside the system was not fixed, said the insider. Its legendary how strange the outcome was; they ended up having the first Republican governor in who knows when and also strange outcomes in other races. I can say that the counties I worked in were heavily Democratic and elected a Republican.

In Georgias 2002 Senate race, for example, nearly 60 percent of the states electorate by county switched party allegiances between the primaries and the general election.

The insiders account corroborates a similar story told by Diebold contractor Rob Behler in an interview with Bev Harris of Black Box Voting.

Harris revealed that a program patch titled rob-georgia.zip was left on an unsecured server and downloaded over the Internet by Diebold technicians before loading the unauthorized software onto Georgia voting machines. They didnt even TEST the fixes before they told us to install them, Behler stated, adding that machines still malfunctioned after patches were installed.

I'd never heard of the Raw Story before, so it's pretty hard for me to say anything about the accuracy of this story. We do know, however, that Diebold's software engineering practices weren't very good, so it wouldn't be totally surprising. I don't really know enough to have any useful opinion on whether there was any systematic fraud, as suggested here, but it's certainly problematic that Diebold's practices are so bad that you can even ask that question.

12 TrackBacks

Listed below are links to blogs that reference this entry: Diebold Whistle-blowing.

TrackBack URL for this entry: http://www.educatedguesswork.org/cgi-bin/mt/mt-tb.cgi/491

Disney Vacation from Disney Vacation on January 13, 2006 3:36 PM

Disney Vacation Read More

Acne Treatment from Acne Treatment on January 15, 2006 8:02 AM

Acne Treatment Read More

poker casino427 from poker casino427 on February 10, 2006 4:49 AM

poker casino poker 775 Read More

Home Loans Read More

partypoker poker poker party poker party poker Read More

phoenix arizona real estate from phoenix arizona real estate on February 23, 2006 8:25 AM

phoenix arizona real estate kirkland real estate kirkland real estate new mexico real estate Read More

real estate in hewlett from real estate in hewlett on February 23, 2006 7:22 PM

real estate in hewlett real estate in hewlett long island real estate long isl... Read More

Credit Repair Read More

Disney World Vacation from Disney World Vacation on February 27, 2006 3:21 PM

Disney World Vacation Read More

11 Comments

rob-georgia.zip? You had me going there for a minute. I am unalterably opposed to paperless balloting, but this report is dubious.

1) If the swing really was as big as this guy is claiming, the D's would have been screaming so loud it would have been heard on the moon. (And I would have been listening.) The D's are far more reliant upon polling than we R's are, and it simply isn't possible to be this far off.

2) The entire South has been trending R for decades. When the dam breaks, the whole thing often goes all at once. Consider Texas (where I am). We could only win the governorship (occasionally) & Senate before 1998. Then the Lt Gov. died & we have swept all of the statewides ever since.

3) rob-georgia.zip?

One of the biggest problems with paperless balloting is that there is simply no way to prove such allegations wrong, no matter how wild.

As I mentioned, I was skeptical too. I hadn't even noticed the "rob" bit. I'm afraid I'm used to seeing random-looking file names, so I must have mentally assumed it was a patch created by someone named "rob"...

That said, it's not strictly true that no paperless balloting system could provide the security one desires. The literature is actually rife with cryptographic voting schemes. It's just that noone is likely to want to use them....

Well, one issue with a paperless DRE is that there doesn't seem to be any way to go back and work out whether or not an attack took place, short of sampling a few machines and taking them apart in a lab to find traces of the suspected attack.

That doesn't mean you can't use them (adding paper adds its own ugly set of logistical problems), but they don't leave a nice pile of evidence to go back to in case of dispute.

no paperless balloting system could provide the security one desires
You're presumably not including "correctness transparent to a non-expert observer"?

I have to agree with Nathan on this. I don't care to defend Diebold, but the fact that Georgia elected a Republican governor should be no surprize. I lived in Georgia. I have a lot of family and friends that still live in Georgia. That is one red state. The fact that it took so long for them to elect a Republican governor should have raised flags about the old system.

That being said, one of my friends in Georgia did have a temporary job setting up those Diebold machines. The things he told me were atrocious. It sounded like there was very little process or security over the entire thing.

Chris,

You're absolutely right. These schemes are pretty much 100% opaque to anyone without a Fields medal.

...I must have mentally assumed it was a patch created by someone named "rob"...

That's not a bad assumption. The Raw Story account refers to an article from Black Box Voting about the same incident that involved a Diebold contractor named "Rob Behler".

Well, it's worse than that -- if you're presented with some sort of computer-based polling machine, you not only need the Fields-medal-level maths skills to decipher how the protocol is supposed to work, you also need to be an expert in computer architecture and machine language (who's happened to bring their logic analyser and architecture manuals to the polling-place) to be sure that the device is actually doing what it's advertised as doing. That seems to be a bit of a demanding test to require the typical voter to pass....

Well, not quite. The crypto schemes I am familiar with provide proof of correctness of one part of the election process; if you voted and got a receipt, you can verify that this vote was counted without having any way to prove how you voted. So for that particular bit of the election, you don't need to try to determine what's going on in the black box.

Now, convincing yourself the protocols are correct is tricky even if it's your field, and pretty much hopeless if it's not your field. But how much better off are most voters when evaluating the physical and procedural security of ballot boxes in paper systems, or the random sampling and auditing techniques in a wide variety of systems?

I think the critical issue is that the participants with a good chance of winning can convince themselves that the election is not too badly rigged. Then there's a separate issue of whether the majority of voters believe elections are rigged. But that's not really subject to technical security measures, is it? I mean, voting on the same equipment, blacks and whites apparently have wildly different levels of suspicion about the validity of election outcomes. This almost certainly represents a difference in history and a related difference in expectations. But very few of those voters, black or white, have strong reasons to hold these opinions of current systems. There just aren't that many people who know much about how elections are run in practice.

--John

The existence of a voter-verifiable piece of paper with the voter's votes provides assurance that certain classes of vote manipulation either have not occured or can easily be detected and corrected. Such assurance cannot be made with paperless systems, and indeed, black-box voting lends itself to this sort of wild speculation.

It's interesting to see the comments about paper and receipts. New York uses (and has for years) mechanical voting machines (paperless), and in Maryland, where I voted before that, I voted by punching holes in a card, which I then put in a box. I have never voted anywhere where I was able to take any sort of receipt or record of my vote with me when I left.

A box of those punch-cards in Maryland could certainly have gone missing. A van-load of them could have crashed and burned on I-270. And what could have been done? All we could do is say, "Oh, well."

We think we have to understand, in great detail and at the lowest levels, how computer voting machines work, because we're "in the business". But, you know, none of us knows how the mechanical things we use in New York work. I walk in there, I sign the book, I go in and pull the arm that closes the curtain. I flip the little levers and pull the arm back, and I assume that my vote is counted, and is counted correctly. But why do I trust it? If someone from party X messed with a machine in a district that usually voted for party Y, it might be hard to detect. And -- here's part of the point -- even if it were detected, what could be done? We're not going to have the presidential election again, so we'd just have to say "Oh, well."

I'm all for a paper trail for computer voting; no problem with that. And I'm sure that we're not ready to deploy this stuff yet, in its current state (and yet... we are deploying). But all that said, a properly designed, properly secured, and properly validated and audited computer voting system could be far better -- more reliable, less susceptible to tampering, more auditable -- than anything else we have available.

Leave a comment