Top Scoops

Book Reviews | Gordon Campbell | Scoop News | Wellington Scoop | Community Scoop | Search

 

The Diebold Bombshell

The Diebold Bombshell


By David Dill, Doug Jones and Barbara Simons
OpEdNews.com & Truthout.org
Sunday 23 July 2006

Most computer scientists have long viewed Diebold as the poster child for all that is wrong with touch screen voting machines. But we never imagined that Diebold would be as irresponsible and incompetent as they have turned out to be.

Recently, computer security expert Harri Hursti revealed serious security vulnerabilities in Diebold's software. According to Michael Shamos, a computer scientist and voting system examiner in Pennsylvania, "It's the most severe security flaw ever discovered in a voting system."

Even more shockingly, we learned recently that Diebold and the State of Maryland had been aware of these vulnerabilities for at least two years. They were documented in analysis, commissioned by Maryland and conducted by RABA Technologies, published in January 2004. For over two years, Diebold has chosen not to fix the security holes, and Maryland has chosen not to alert other states or national officials about these problems.

Basically, Diebold included a "back door" in its software, allowing anyone to change or modify the software. There are no technical safeguards in place to ensure that only authorized people can make changes.

A malicious individual with access to a voting machine could rig the software without being detected. Worse yet, if the attacker rigged the machine used to compute the totals for some precinct, he or she could alter the results of that precinct. The only fix the RABA authors suggested was to warn people that manipulating an election is against the law.

Typically, modern voting machines are delivered several days before an election and stored in people's homes or in insecure polling stations. A wide variety of poll workers, shippers, technicians, and others who have access to these voting machines could rig the software. Such software alterations could be difficult to impossible to detect.

Diebold spokesman David Bear admitted to the New York Times that the back door was inserted intentionally so that election officials would be able to update their systems easily. Bear justified Diebold's actions by saying, "For there to be a problem here, you're basically assuming a premise where you have some evil and nefarious election officials who would sneak in and introduce a piece of software... I don't believe these evil elections people exist."

While Diebold's confidence in election officials is heartwarming, Diebold has placed election officials in an awkward position, with no defense against disgruntled candidates or voters questioning the results of an election. The situation is even worse for those states and localities using Diebold touch-screen machines that have no voter-verified paper records to recount.

Diebold voting machines have been certified to be in compliance with 2002 Voting System Standards, as required by the Help America Vote Act. These standards prohibit software features that raise any doubt "that the software tested during the qualification process remains unchanged and retains its integrity." We must ask, how did software containing such an outrageous violation come to be certified, and what other flaws, yet to be uncovered, lurk in other certified systems?

There have been many significant problems - some resulting in lost votes - involving paperless voting machines produced by other vendors. Recognizing the intrinsic risks of paperless voting machines, the Association for Computing Machinery issued a statement saying that each voter should be able "to inspect a physical (e.g., paper) record to verify that his or her vote has been accurately cast and to serve as an independent check on the result." Without voter-verified paper records of all the votes, and without routine spot audits of these records, no currently available voting system can be trusted. With such records, even when machines do not function correctly, each voter can make sure that his or her vote has been correctly recorded on paper.

Our democracy depends on our having secure, reliable, and accurate elections.

*************

David L. Dill is a Professor of Computer Science at Stanford University and the founder of VerifiedVoting.org. Doug Jones is an Associate Professor of Computer Science at the University of Iowa. Barbara Simons is retired from IBM Research and a former ACM President. Jones and Simons are writing a book on voting machines to be published by PoliPoint Press.

© Scoop Media

 
 
 
Top Scoops Headlines

 

Using Scoop Professionally? Introducing ScoopPro

ScoopPro is a new offering aimed at ensuring professional users get the most out of Scoop and support us to continue improving it so that Scoop continues to exist as a public service for all New Zealanders. More>>

ALSO:

Don Rennie: Is It Time To Take ACC Back To First Principles?

The word “investing” has played a major part in the operations of the ACC since 1998... More>>

27-29 Sept: Social Enterprise World Forum Live Blog

1600+ delegates from more than 45 countries have came together to share wisdom, build networks and discuss how to create a more sustainable future using social enterprise as a vehicle. Attending the Forum were social enterprise practitioners, social entrepreneurs, policy makers, community leaders, investors, activists, academics and more from across the globe... More>>

HiveMind Report: A Universal Basic Income For Aotearoa NZ

Results from this HiveMind suggests that an overwhelming majority of Kiwis believe that due to changing circumstances and inefficiencies in the current system, we need a better system to take care of welfare of struggling members in our society. More>>

ALSO:

Scoop Hivemind: Medical Cannabis - Co-Creating A Policy For Aotearoa

Welcome to the fourth and final HiveMind for Scoop’s Opening the Election campaign for 2017. This HiveMind explores the question: what would a fair, humane and safe Medical Cannabis policy look like for Aotearoa, NZ in 2018? More>>

ALSO:

 
 
 
 
 
 
 
 
  • PublicAddress
  • Pundit
  • Kiwiblog