Can You Count on Voting Machines? - Linux

This is a discussion on Can You Count on Voting Machines? - Linux ; Jane Platten gestured, bleary-eyed, into the secure room filled with voting machines. It was 3 a.m. on Nov. 7, and she had been working for 22 hours straight. "I guess we've seen how technology can affect an election," she said. ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Can You Count on Voting Machines?

  1. Can You Count on Voting Machines?


    Jane Platten gestured, bleary-eyed, into the secure room filled with
    voting machines. It was 3 a.m. on Nov. 7, and she had been working for
    22 hours straight. "I guess we've seen how technology can affect an
    election," she said. The electronic voting machines in Cleveland were
    causing trouble again.

    For a while, it had looked as if things would go smoothly for the
    Board of Elections office in Cuyahoga County, Ohio. About 200,000
    voters had trooped out on the first Tuesday in November for the
    lightly attended local elections, tapping their choices onto the
    county's 5,729 touch-screen voting machines. The elections staff had
    collected electronic copies of the votes on memory cards and taken
    them to the main office, where dozens of workers inside a secure,
    glass-encased room fed them into the "GEMS server," a gleaming silver
    Dell desktop computer that tallies the votes.

    Then at 10 p.m., the server suddenly froze up and stopped counting
    votes. Cuyahoga County technicians clustered around the computer,
    debating what to do. A young, business-suited employee from Diebold --
    the company that makes the voting machines used in Cuyahoga -- peered
    into the screen and pecked at the keyboard. No one could figure out
    what was wrong. So, like anyone faced with a misbehaving computer,
    they simply turned it off and on again. Voilà: It started working --
    until an hour later, when it crashed a second time. Again, they
    rebooted. By the wee hours, the server mystery still hadn't been
    solved....

    During this year's presidential primaries, roughly one-third of all
    votes will be cast on touch-screen machines....

    IN THE LOBBY OF JANE PLATTEN'S OFFICE in Cleveland sits an AccuVote-
    TSX, made by Diebold. It is the machine that Cuyahoga County votes on,
    and it works like this: Inside each machine there is a computer
    roughly as powerful and flexible as a modern hand-held organizer. It
    runs Windows CE as its operating system, and Diebold has installed its
    own specialized voting software to run on top of Windows....

    On Election Day, poll workers complained that 143 machines were
    broken; dozens of other machines had printer jams or mysteriously
    powered down. More than 200 voter-card encoders -- which create the
    cards that let voters vote -- went missing. When the machines weren't
    malfunctioning, they produced errors at a stunning rate: one audit of
    the election discovered that in 72.5 percent of the audited machines,
    the paper trail did not match the digital tally on the memory
    cards....

    Nearly a year after the May 2006 electoral disaster, Ohio's new
    secretary of state, Jennifer Brunner, asked the entire four-person
    Cuyahoga elections board to resign, and Platten -- then the interim
    director of the board -- was tapped to clean up the mess. Platten had
    already instituted a blizzard of tiny fixes. She added
    responsibilities to the position of "Election Day technician" -- filled
    by young, computer-savvy volunteers who could help the white-haired
    poll workers reboot touch-screens when they crashed.... Her staff
    rewrote the inscrutable Diebold manuals in plain English....

    What's more, the poll workers regularly made security errors. When a
    touch-screen machine is turned on for the first time on Election Day,
    two observers from different parties are supposed to print and view
    the "zero tape" that shows there are no votes already recorded on the
    machine; a hacker could fix the vote by programming the machine to
    start, for example, with a negative total of votes for a candidate.
    Yet when I visited one Cleveland polling station at daybreak, the two
    checkers signed zero tapes without actually checking the zero totals.
    And then, of course, there were the server crashes, and the recording
    errors on 20 percent of the paper recount ballots....

    One might expect computer scientists to be fans of computer-based vote-
    counting devices, but it turns out that the more you know about
    computers, the more likely you are to be terrified that they're
    running elections.... "Computers crash and we don't know why," Felten
    [computer expert] told me. "That's just a routine part of computers."

    One famous example is the "sliding finger bug" on the Diebold AccuVote-
    TSX, the machine used in Cuyahoga. In 2005, the state of California
    complained that the machines were crashing. In tests, Diebold
    determined that when voters tapped the final "cast vote" button, the
    machine would crash every few hundred ballots. They finally intuited
    the problem: their voting software runs on top of Windows CE, and if a
    voter accidentally dragged his finger downward while touching "cast
    vote" on the screen, Windows CE interpreted this as a "drag and drop"
    command. The programmers hadn't anticipated that Windows CE would do
    this, so they hadn't programmed a way for the machine to cope with it.
    The machine just crashed.

    Even extremely careful programmers can accidentally create bugs like
    this. But critics also worry that touch-screen voting machines aren't
    designed very carefully at all. In the infrequent situations where
    computer scientists have gained access to the guts of a voting
    machine, they've found alarming design flaws. In 2003, Diebold
    employees accidentally posted the AccuVote's source code on the
    Internet; scientists who analyzed it found that, among other things, a
    hacker could program a voter card to let him cast as many votes as he
    liked. Ed Felten's lab, while analyzing an anonymously donated
    AccuVote-TS (a different model from the one used in Cuyahoga County)
    in 2006, discovered that the machine did not "authenticate" software:
    it will run any code a hacker might surreptitiously install on an
    easily insertable flash-memory card. After California's secretary of
    state hired computer scientists to review the state's machines last
    spring, they found that on one vote-tallying server, the default
    password was set to the name of the vendor -- something laughably easy
    for a hacker to guess.

    But the truth is that it's hard for computer scientists to figure out
    just how well or poorly the machines are made, because the vendors who
    make them keep the details of their manufacture tightly held. Like
    most software firms, they regard their "source code" -- the computer
    programs that run on their machines -- as a trade secret. The public is
    not allowed to see the code, so computer experts who wish to assess it
    for flaws and reliability can't get access to it. Felten and voter
    rights groups argue that this "black box" culture of secrecy is the
    biggest single problem with voting machines. Because the machines are
    not transparent, their reliability cannot be trusted...

    If the machines are tested and officials are able to examine the
    source code, you might wonder why machines with so many flaws and bugs
    have gotten through. It is, critics insist, because the testing is
    nowhere near dilligent enough, and the federal regulators are too
    sympathetic and cozy with the vendors. The 2002 federal guidelines,
    the latest under which machines currently in use were qualified, were
    vague about how much security testing the labs ought to do. The labs
    were also not required to test any machine's underlying operating
    system, like Windows, for weaknesses.

    Vendors paid for the tests themselves, and the results were considered
    proprietary, so the public couldn't find out how they were
    conducted....

    When a machine crashes or behaves erratically on Election Day, many
    county elections officials must rely on the vendors -- accepting their
    assurances that the problem is fixed and, crucially, that no votes
    were altered....

    In essence, elections now face a similar outsourcing issue to that
    seen in the Iraq war, where the government has ceded so many core
    military responsibilities to firms like Halliburton and Blackwater
    that Washington can no longer fire the contractor. Vendors do not
    merely sell machines to elections departments. In many cases, they are
    also paid to train poll workers, design ballots and repair broken
    machines, for years on end.

    "This is a crazy world," complained Ion Sancho, the elections
    supervisor of Leon County in Florida. "The process is so under control
    by the vendor. The primary source of information comes only from the
    vendor, and the vendor has a conflict of interest in telling you the
    truth. The vendor isn't going to tell me that his buggy software is
    why I can't get the right time on my audit logs."

    As more and more evidence of machine failure emerges, senior
    government officials are sounding alarms as did the computer geeks of
    years ago over the growing role of private companies in elections.
    When I talked to Jennifer Brunner in October, she told me she wished
    all of Ohio's machines were "open source" -- that is, run on computer
    code that is published publicly, for anyone to see. Only then, she
    says, would voters trust it; and the scrutiny of thousands of computer
    scientists worldwide would ferret out any flaws and bugs.

    On Nov. 6, the night of the Cuyahoga crashes, Jeff Hastings -- the
    Republican head of the election board -- sat and watched the Diebold
    technicians try to get the machines running. "Criminy," he said.
    "You've got four different vendors. Why should their source codes be
    private? You've privatized the essential building block of the
    election system."...

    Amazingly, the Diebold spokesman, Chris Riggall, admitted to me that
    the company is considering making the software open source on its next
    generation of touch-screen machines, so that anyone could download,
    inspect or repair the code. The pressure from states is growing, he
    added, and "if the expectations of our customers change, we'll have to
    respond to that reality."...

    And the original, left-wing opposition to the machines in the 2004
    election focused obsessively on Diebold's C.E.O. proclaiming that he
    would help "Ohio deliver its electoral votes" for Bush. Those fears
    still dominate the headlines, but in the real world of those who
    conduct and observe voting machines, the realistic threat isn't
    conspiracy. It's unreliability, incompetence and sheer error....

    As Candice Hoke, the head of Ohio's Center for Election Integrity,
    puts it: "If it was Florida in 2000 and Ohio in 2004, everyone is
    saying it's going to be Pennsylvania in 2008."...

    It's also possible that any complex software isn't well suited for
    running elections. Most software firms deal with the inevitable bugs
    in their product by patching them; Microsoft still patches its seven-
    year-old Windows XP several times a month. But vendors of electronic
    voting machines do not have this luxury, because any update must be
    federally tested for months.


    http://www.nytimes.com/2008/01/06/ma...gewanted=print

  2. Re: Can You Count on Voting Machines?

    ____/ nessuno@wigner.berkeley.edu on Sunday 06 January 2008 18:25 : \____

    > It's also possible that any complex software isn't well suited for
    > running elections. Most software firms deal with the inevitable bugs
    > in their product by patching them; Microsoft still patches its seven-
    > year-old Windows XP several times a month. But vendors of electronic
    > voting machines do not have this luxury, because any update must be
    > federally tested for months.
    >
    >
    >

    http://www.nytimes.com/2008/01/06/ma...gewanted=print

    Typical Windows.

    ,----[ Quote ]
    | "Nineteen machines had 21 screen freezes or system crashes, producing a
    | blue screen and messages about an "illegal operation" or a "fatal
    | exception error."
    |
    | "Especially with this blue-screen problem, you don't know whether it's
    | the printer drivers, you don't know whether it's Diebold's own code or
    | whether it's Windows,"
    `----

    http://www.verifiedvotingfoundation....le.php?id=6257


    ,----[ Quote ]
    | Problems found in an audit of Diebold tabulation records from an Ohio
    | November 2006 election raise questions about whether the database got
    | corrupted during the tabulation of election results...
    |
    | The database is built from Microsoft's Jet database engine. The
    | engine, according to Microsoft, is vulnerable to corruption when a lot
    | of concurrent activity is happening with the database, such as what
    | occurs on an election night [and Microsoft advises againt using Jet in
    | a complex environment]...
    |
    | The report mentions that election staff had trouble with the server
    | crashing and freezing on election night....
    |
    | The report notes that with punch card machines election officials used
    | to be able to determine definitively if all ballots had been counted
    | in the results....
    `----

    http://blog.wired.com/27bstroke6/200...d_vote_da.html

    And why do they still choose Microsoft?

    Microsoft Muscles the NYS Legislature

    ,----[ Quote ]
    | Microsoft’s proposed change to state law would effectively render
    | our current requirements for escrow and the ability for independent
    | review of source code in the event of disputes completely meaningless
    | - and with it the protections the public fought so hard for.
    `----

    http://nyvv.org/blog/bolipariblog.html [moved to a different URL]


    --
    ~~ Best of wishes

    Roy S. Schestowitz | No Makefile, no business
    http://Schestowitz.com | RHAT Linux | PGP-Key: 0x74572E8E
    02:05:02 up 27 days, 14:53, 4 users, load average: 1.78, 3.15, 2.65
    http://iuron.com - Open Source knowledge engine project

  3. Re: Can You Count on Voting Machines?

    * Roy Schestowitz fired off this tart reply:

    > Microsoft Muscles the NYS Legislature
    >
    > ,----[ Quote ]
    >| Microsoft?s proposed change to state law would effectively render
    >| our current requirements for escrow and the ability for independent
    >| review of source code in the event of disputes completely meaningless
    >| - and with it the protections the public fought so hard for.
    > `----
    >
    > http://nyvv.org/blog/bolipariblog.html [moved to a different URL]


    In his message Mr. Gleim writes: "It is not possible to design
    new equipment with new operating systems, new EMS and new hardware
    all with vendor developed software and source code in less than a
    couple of years. And that is, if the vendors wanted to do this."

    Mr. Gleim fails to note that voting system vendors have already had 2
    years to produce equipment which complies with New York State
    election law. Section 7-208 of Election law has been in force since
    June 2005 and states in part, "...shall place into escrow
    with the state board of elections a complete copy of all programming,
    source coding and software employed by the voting machine..."
    It should not be news to anyone in the software industry that
    Microsoft would never allow their source code to be escrowed -- they
    have rigorously defended this for many years. . . . In the two-year
    period between passage of the law and Mr. Gleim's message, it would
    have been fully possible to develop systems using open source code
    systems like Linux. Mr. Gleim acknowledges as much in his statement
    above. But they chose not to. Why?

    I spent 20 years as a software developer, with the latter half of my
    career spent as a project manager leading world class software
    development teams. If my boss had come to me in July of 2005 and
    said, "There is a potential $300 million contract at stake in
    New York State, and we have to develop products that comply with
    their laws so we can compete in that market. Your job is to get it
    done in a year." I could have done it. Give me a team of five
    experienced programmers and we could have easily developed such a
    compliant system.

    Gliem is a VP of Avante Int'l Technology.

    But, rather than develop a system that complied with New York State
    law, voting machine vendors chose to use Microsoft Windows as the
    operating system for their PC based Election Management Systems, and
    in some cases for their touch screen DREs. As noted above, Microsoft
    has always made it crystal clear that they would never, ever
    surrender their source code - they never have and they never will.
    Microsoft has rigorously defended this for years. However, voting
    machine vendors, knowing full well that using the Windows operating
    system could not possibly comply with New York State law chose to
    market their existing Windows-based products anyway.

    --
    This sig has expired. Please reactivate your sig by paying $0.25
    and entering the 30-character activation key that will be emailed to
    your account.

  4. Re: Can You Count on Voting Machines?

    ____/ Linonut on Monday 07 January 2008 13:04 : \____

    > * Roy Schestowitz fired off this tart reply:
    >
    >> Microsoft Muscles the NYS Legislature
    >>
    >> ,----[ Quote ]
    >>| Microsoft?s proposed change to state law would effectively render
    >>| our current requirements for escrow and the ability for independent
    >>| review of source code in the event of disputes completely meaningless
    >>| - and with it the protections the public fought so hard for.
    >> `----
    >>
    >> http://nyvv.org/blog/bolipariblog.html [moved to a different URL]

    >
    > In his message Mr. Gleim writes: "It is not possible to design
    > new equipment with new operating systems, new EMS and new hardware
    > all with vendor developed software and source code in less than a
    > couple of years. And that is, if the vendors wanted to do this."
    >
    > Mr. Gleim fails to note that voting system vendors have already had 2
    > years to produce equipment which complies with New York State
    > election law. Section 7-208 of Election law has been in force since
    > June 2005 and states in part, "...shall place into escrow
    > with the state board of elections a complete copy of all programming,
    > source coding and software employed by the voting machine..."
    > It should not be news to anyone in the software industry that
    > Microsoft would never allow their source code to be escrowed -- they
    > have rigorously defended this for many years. . . . In the two-year
    > period between passage of the law and Mr. Gleim's message, it would
    > have been fully possible to develop systems using open source code
    > systems like Linux. Mr. Gleim acknowledges as much in his statement
    > above. But they chose not to. Why?
    >
    > I spent 20 years as a software developer, with the latter half of my
    > career spent as a project manager leading world class software
    > development teams. If my boss had come to me in July of 2005 and
    > said, "There is a potential $300 million contract at stake in
    > New York State, and we have to develop products that comply with
    > their laws so we can compete in that market. Your job is to get it
    > done in a year." I could have done it. Give me a team of five
    > experienced programmers and we could have easily developed such a
    > compliant system.
    >
    > Gliem is a VP of Avante Int'l Technology.
    >
    > But, rather than develop a system that complied with New York State
    > law, voting machine vendors chose to use Microsoft Windows as the
    > operating system for their PC based Election Management Systems, and
    > in some cases for their touch screen DREs. As noted above, Microsoft
    > has always made it crystal clear that they would never, ever
    > surrender their source code - they never have and they never will.
    > Microsoft has rigorously defended this for years. However, voting
    > machine vendors, knowing full well that using the Windows operating
    > system could not possibly comply with New York State law chose to
    > market their existing Windows-based products anyway.


    It is not ironic that, based on the latest article, patching of the voting
    machine code (top application layer) is very slow because it needs federal
    approval? Do the feds also have the capacity to review all that junk that lies
    underneath? Should they not rely on something like Linux, which is watched
    constantly but just about every company that develops Linux products? That's
    peer review.

    As the above shows, Microsoft does gymnastics with logic. That won't last for
    long. Several countries choose an open and free (as in beer! *gasp*) operating
    system to make a better election whose outcome can be trusted.

    Microsoft is playing a losing game. It's losing and it knows it, so in recent
    years it resorted to lobbying (legalised form of arm bending and at times also
    some gentle bribery).

    --
    ~~ Best of wishes

    Roy S. Schestowitz | $> apt-get -not windows
    http://Schestowitz.com | GNU/Linux | PGP-Key: 0x74572E8E
    Mem: 515500k total, 444324k used, 71176k free, 2924k buffers
    http://iuron.com - next generation of search paradigms

+ Reply to Thread