Join 3,564 readers in helping fund MetaFilter (Hide)


That's amazing! I've got the same combination on my luggage!
August 5, 2007 11:08 AM   Subscribe

California Restricts Voting Machines: after a source code review of voting machines turned up "significant, deeply-rooted security weaknesses" in voting machines by Diebold, Hart, and Sequoia, the California Secretary of State decertified all three vendors' systems. These weaknesses have been well covered here at MeFi, but some are bad enough to shock even the well-jaded, including the revelation that Diebold "uses at least two hard-coded passwords -- one is 'diebold' and another is the eight-byte sequence 1,2,3,4,5,6,7,8." Time to think about open voting?
posted by jacobian (48 comments total) 9 users marked this as a favorite

 
this needs a batfoodsane tag or something
posted by Anything at 11:20 AM on August 5, 2007 [1 favorite]


By which I mean: hats off!
posted by Anything at 11:20 AM on August 5, 2007


Thank you for this. I shall now go cry in my beer (metaphorically of course - although if anything would drive you to drink on a Sunday at 11:30, is the realization of how fucked our democracy is...)
posted by rmm at 11:30 AM on August 5, 2007


A congressman in the Pat Tillman hearings said something like: "Sufficiently advanced incompetence is indistinguishable from malice."

I think that applies here. I think the reverse may also be true.
posted by empath at 11:41 AM on August 5, 2007 [3 favorites]


The best part is, some people think Diebold voting machines being riddled with security holes is unintentional.

Try to pretend for a second that Diebold's bank machine division could get away with that, and you'll see what I mean.
posted by Pope Guilty at 11:43 AM on August 5, 2007 [11 favorites]


This is scandalous. These poor companies should never have been forced to make their source code open to scrutiny. Does commercial confidentiality mean nothing anymore?
posted by East Manitoba Regional Junior Kabaddi Champion '94 at 11:44 AM on August 5, 2007 [1 favorite]


This just reconfirms my suspicions that the USA as a whole is really just an elaborate sitcom for the enjoyment of the rest of the world.

Sorta like the Truman show, supersized.
posted by Orange Pamplemousse at 11:46 AM on August 5, 2007 [1 favorite]


Thank you, California. May other states follow suit!
posted by John of Michigan at 11:46 AM on August 5, 2007


The best part is, some people think Diebold voting machines being riddled with security holes is unintentional.

Now watch this drive.
posted by Mr_Zero at 11:46 AM on August 5, 2007 [8 favorites]


Still, the idea that George W. Bush may truly never have won a presidential election gives me a glimmer of hope for humanity.
posted by East Manitoba Regional Junior Kabaddi Champion '94 at 11:47 AM on August 5, 2007


Well, at least it'll make it a tiny bit harder to steal votes in California. I hope other states open their eyes and stop this madness nationally.
posted by MythMaker at 11:48 AM on August 5, 2007


Well, at least it'll make it a tiny bit harder to steal votes in California.

California must be sufficiently gerrymandered to where voting no longer matters.
posted by Mr_Zero at 11:51 AM on August 5, 2007


Wow! great minds at work here.
posted by dougzilla at 11:55 AM on August 5, 2007


Deborah Bowen (the CA sec. of state) is very vocal about issues of open digital information and fair elections. She campaigned last year on a platform of strict scrutiny for electronic voting systems. She had my vote after I heard her talk on these issues for about five minutes; she knows her stuff. And I'm sure that this isn't the last we've heard from her. The Friday announcement was a stop-gap measure forced by a deadline for certifying machines for elections in February. We'll see strict standards on voting system enforced over the next three years, and the system that comes out with be much more secure, open, and traceable than anything we have now.

Hopefully this is another issue on which California will lead and the rest of the nation will follow.
posted by mr_roboto at 11:57 AM on August 5, 2007


California must be sufficiently gerrymandered to where voting no longer matters.

This isn't as alarmist as you think. There's currently a proposal to change the way California assigns its delegates- rather than the state winner all of the electoral votes, the winner only gets 2 and the other 53 are assigned as per the winner in each district.

The way California's districts are drawn up, it would likely toss ~20 electoral votes to the GOP. That's no small potatoes, and requires no vote rigging whatsoever.
posted by mkultra at 12:02 PM on August 5, 2007 [1 favorite]


IN mid-August [of 2003], Walden W. O'Dell, the chief executive of Diebold Inc., sat down at his computer to compose a letter inviting 100 wealthy and politically inclined friends to a Republican Party fund-raiser, to be held at his home in a suburb of Columbus, Ohio. 'I am committed to helping Ohio deliver its electoral votes to the president next year,' wrote Mr. O'Dell, whose company is based in Canton, Ohio.
posted by Blazecock Pileon at 12:17 PM on August 5, 2007 [3 favorites]


The real crazy thing: The security analysts had only one month between starting the project and their report. In some cases, they didn't get the source code until two weeks before the deadline. And they broke all of the systems.

Look anyone who works in IT understands that the vast majority of system are jerry rigged and have tons of flaws that are just below the surface. The basic problem is that there is a huge gap between "working" and "done". The other problem is that there are tons of incompetent "programmers" who develop software throwing crap at the wall and then fixing the glitches they see.

Voting machine software needs to be developed the same way you would develop encryption software or the like. Writing the code is only a small part of the real work, which is making sure it's "perfect." The only people who should be working on voting machine software are security experts, but instead, you have barely literate MS-Access junkies writing this stuff. It's too bad, especially for the voting machine companies.

Blazecock Pileon: O'Dell did apologize for that comment.
posted by delmoi at 12:34 PM on August 5, 2007 [2 favorites]


O'Dell did apologize for that comment.

I'm also sorry that he helps rig elections.
posted by Blazecock Pileon at 12:44 PM on August 5, 2007 [3 favorites]


This just reconfirms my suspicions that the USA as a whole is really just an elaborate sitcom for the enjoyment of the rest of the world.

The problem is that, like most sitcoms, it really bombs sometimes.
posted by srboisvert at 12:51 PM on August 5, 2007 [3 favorites]


I'm also sorry that he helps rig elections.

Don't for get that Bob's brother runs ES&S.

Diebold and ES&S combined count an estimated 80% of U.S. black box electronic votes.
posted by Mr_Zero at 12:54 PM on August 5, 2007


Blazecock Pileon, that sounds like a huge conflict of interest to me.
posted by Meatbomb at 12:55 PM on August 5, 2007


Happy belated 20th Spaceballs.
posted by MrLint at 1:10 PM on August 5, 2007


In case anyone wants to know what 'ECB' is and why it is so stupid to use, there is a good Wikipedia article which covers it. The penguin is an awesome illustration of the problem.

This shit is like crypto 101, folks.
posted by blenderfish at 1:22 PM on August 5, 2007


What's wrong with paper? Paper can't be hacked.
posted by joannemerriam at 1:35 PM on August 5, 2007


"Blazecock Pileon, that sounds like a huge conflict of interest to me."

Gee, ya think??

That stuff has been shouted all over the internet for the past 4 years, since pretty much right after Bobby Diebold sent that letter. Where've you been? Watching CNN?

*facepalm* for america
posted by zoogleplex at 1:38 PM on August 5, 2007


zoogleplex, check your sarcasm meter, it is experiencing a critical failure.
posted by Meatbomb at 1:43 PM on August 5, 2007


What delmoi said. You can't just slap together code for a voting machine as if it were any other crappy commercial application and expect it to be secure just because you told the coders to make it secure. They don't usually teach security programming in undergraduate programs, (I only took a 6 week class in grad school so I only have the most basic knowledge), so most general programmers are not going to have training in the best practices and common mistakes in security design and implementation.

Obviously management didn't even take the most basic steps to setup procedures that would catch stuff like hard-coded passwords and buffer overrun vulnerabilities. Like most software companies, they just didn't give a crap, as long as it shipped on time and mostly worked, they're happy. If you want secure code, that security has to be designed in from the beginning and you have to review the implementation of that design line-by-line through every revision to make that the design has actually been implemented and that no other vulnerabilities crept in. But that takes time and money and not too many companies are willing to pay for that.
posted by octothorpe at 2:01 PM on August 5, 2007


If you want secure code, that security has to be designed in from the beginning and you have to review the implementation of that design line-by-line through every revision to make that the design has actually been implemented and that no other vulnerabilities crept in. But that takes time and money and not too many companies are willing to pay for that.

They seemed to manage ok with their banking machines.
posted by Mr_Zero at 2:11 PM on August 5, 2007 [1 favorite]


Mr_Zero:
Are you sure?
posted by Freen at 2:25 PM on August 5, 2007


Yeah, see, that's the thing Mr_Zero.

Diebold has been making banking machines for decades now, and they are several orders of magnitude more complex. Those are totally secure. Anyone who thinks that the same company can't make secure voting machines is delusional.
posted by dirtynumbangelboy at 2:39 PM on August 5, 2007


Thank you for taking the time to vote today. Please select from the following canidates:

[ ] Romney/Rice
[ ] Clinton/Obama
[ ] Nader/Ru Paul

[ ] Press here for maintenance

*presses maintence*

Please enter your password

D - I - E - B - O - L - D

Thank you.

Maintenance Menu

[ ] Delete random% Clinton/Obama votes
[ ] Invalidate voter profiles matching "Black_Names.txt"
[ ] Invalidate voter profiles matching "Mexican_Names.txt"
[ ] Activate "Mandatory Reading Test" (poor districts only)
[ ] Activate "Unauthorized Voting carries 5 years in prison penalty" warning (Mexican districts only)
[ ] Exit to Windows
posted by Avenger at 3:49 PM on August 5, 2007 [8 favorites]


Sounds like there's a market for voting machines that vote Democratic.

*Begins furiously drafting up business plan and financing*
posted by basicchannel at 3:52 PM on August 5, 2007


The obvious solution remains to just use the electronic voting machines as ballot printers. You do your thing, you get a ballot you can look at. If it's kosher, you put in the reader and it gets stored. If the machine fucked up, you try again.

Easy as hell, just expensive (relative to other voting machines).
posted by ROU_Xenophobe at 3:55 PM on August 5, 2007


No, ROU, the obvious solution is paper ballots that you mark with a pencil.

Seriously, USA. It's not that hard. I know you vote for everything from the POTUS down to Chief Assistant Deputy Dogcatcher, but it can still be done.
posted by dirtynumbangelboy at 4:12 PM on August 5, 2007


Of course it can. That's how I have voted for the last ten years or more. (Except it's a permanent marker, not a pencil.) Before that, it was punch-out ballots. Before that, it was machines, with lots of little levers. When you opened the curtain, the machine counted your votes and added them to its totals. All mechanical, and I never heard of anybody rigging those machines.
posted by Kirth Gerson at 4:41 PM on August 5, 2007


Those machines are expensive, as are computer systems. Paper's pretty cheap. If we had a machine that was cheap and couldn't be hacked, people would be on it like white on rice. So why aren't we that excited about paper? Is it because paper companies aren't bankrolling politicians, or is it because it doesn't fit into America's lifelong love affair with geewhiz tech? I suspect a little of both.
posted by joannemerriam at 5:05 PM on August 5, 2007 [1 favorite]


Mr_Zero: "They seemed to manage ok with their banking machines."

Here's an old story about a Diebold ATM crashing and rebooting into a logged in XP desktop. The students who discovered it only exploited the situation to get the machine to play audio files.
posted by octothorpe at 5:36 PM on August 5, 2007


The last thing the far right wants is a legitimate election. There are too many progressive people with liberal leaning ideas in America to let the people decide an election.
posted by disgruntled at 5:49 PM on August 5, 2007


No, ROU, the obvious solution is paper ballots that you mark with a pencil.

Seriously, USA. It's not that hard.


DNAB, paper ballots are the most commonly used method of voting in the US. But usually a felt-tip marker is used instead of a pencil, AFAIK for security, and they're almost always scanned.

And there are real, honest to god decent reasons to like electronic voting, at least as a ballot printing device. Using electronic voting means that *every* ballot can be in large print at the same time that every ballot is not. It means that you can have every ballot in English, and every ballot in Spanish at the same time, and every ballot in Tagalog, and French, and Chinese, and any other language you care to translate the ballot into. It means that the machine can warn you about undervotes -- you didn't vote for President; did you mean that? And it means that the machine can simply disallow overvotes instead of spoiling the ballot -- you voted for two candidates for dogcatcher; go back and try that again. These are all good things.
posted by ROU_Xenophobe at 5:57 PM on August 5, 2007


They seemed to manage ok with their banking machines.

To an extent, yes, but part of the way banks do this is by being as slow as glaciers. Their systems change very little, very slowly. Even then, there are mishaps, and a small one can cost them a ton of money. But by and large, they've done OK because the records processed by these systems pretty much are the bank, and we're talking about ridiculous sums of money.

Even then, the "outside" systems like web banking and such are generally less secure, the core transaction processing systems (which still run on mainframes using COBOL, for example, at many banks) are the real key. Security is less of an issue since far fewer people have direct access to these systems (still a huge issue, but easier to solve than the problems faced by Diebold or even the web banking interfaces).

This is not the same as for Diebold, who is risking a considerably smaller amount of money on the security and reliability of their system. Sure, the country pays a huge price if our voting is screwed up, but from what I can tell the financial liability/penalties are probably very insufficient to give their management enough concern.

(Many bank systems are also starting to go through a crisis now of the established engineers/programmers retiring, and the newer ones are often less skilled since the banks pay way less than the generic commerical software industry... so this may get worse)
posted by wildcrdj at 10:23 PM on August 5, 2007


"zoogleplex, check your sarcasm meter, it is experiencing a critical failure."

Apologies. I've had it up to here with this ridiculously transparent realignment of our government and society which is apparently completely unnoticeable to a vast majority of my fellow citizens, so my sense of humor about it is getting pretty thin.

I need all the power I can muster just to keep my frustration/rage restraint module holding, so the sarcasm meter's on cold standby.
posted by zoogleplex at 10:42 PM on August 5, 2007 [1 favorite]


How is it that scanning-to-count a paper ballet is any better than a computer interface? It seems to me that if a computer system is doing the tally, it might be hacked. Come to think of it, if computers are used to tally even paper counts, it could be corrupted. That leaves it all dependent on physical recounts, perhaps with outside tallying.

And what zoogleplex just said. The humor doesn't play so good on this particular topic. Ultimately, when you vote, you're selecting who gets to hold a gun to your head, and tell you what to do.
posted by Goofyy at 6:21 AM on August 6, 2007


How is it that scanning-to-count a paper ballet is any better than a computer interface? ... That leaves it all dependent on physical recounts, perhaps with outside tallying.

Better in that the current electronic systems have no provision for physical recounts. That leaves it all dependent on whoever hacked the system last.
posted by Kirth Gerson at 6:36 AM on August 6, 2007


In case it wasn't clear, I wasn't writing my caution regarding alternatives in order to support the current crop of blackbox disenfranchising devices.
posted by Goofyy at 8:14 AM on August 6, 2007


How is it that scanning-to-count a paper ballet is any better than a computer interface?

You have all these nifty ballots to count again by any means you want to, any time you want to, and all of them were in principle verified by the voter before they were submitted.
posted by ROU_Xenophobe at 8:21 AM on August 6, 2007


I never could understand why people stopped using these.

We still do in Buffalo. No problems I've ever heard of. They're quick, easy, and unfortunately, have some of the nastiest privacy curtains I've ever seen given that no one seems to make them anymore from lack of demand.

Some enterprising sort could try and get those rolling again.
posted by Kellydamnit at 9:10 AM on August 18, 2007


i can either whine about this on metafilter, or go out and fix an election myself. wish i had the technical skills...
posted by bruce at 10:26 AM on August 18, 2007


So Diebold's fix for how hackable their machines are? Change their name to Premier Election Solutions. What bastards.
posted by chance at 1:56 PM on August 18, 2007


« Older When Kevin Gilbert died unexpectedly at the age of...  |  Similar Diversity is a data vi... Newer »


This thread has been archived and is closed to new comments