More trouble with Diebold

October 20, 2006

Guest Post by Michael J.W. Stickings

(Updated below.)

I was just sent this alert by The Brad Blog. According to The Washington Post, Diebold is once more at the center of the e-voting storm:

The FBI is investigating the possible theft of software developed by the nation’s leading maker of electronic voting equipment, said a former Maryland legislator who this week received three computer disks that apparently contain key portions of programs created by Diebold Election Systems.

But all is not clear: The disks were “delivered anonymously” to Cheryl Kagan, the Democratic legislator in question. The included “unsigned letter” criticizes Maryland State Board of Elections Administrator Linda Lamone and claims that the disks had been “accidentally picked up”. And it gets weirder and more confusing:

Lamone’s deputy, Ross Goldstein, said “they were not our disks,” but he acknowledged that the software was used in Maryland in the 2004 elections. Diebold said in a statement last night that it had never created or received the disks.


But “the Diebold statement said the version of one program apparently stored on the disks is still in use in “a limited number of jurisdictions’ and is protected by encryption”. And the FBI may or may not be investigating the matter.

How serious is this? Pretty serious — so serious as to call into question the very foundation of democratic legitimacy whenever and wherever Diebold (and e-voting generally) is involved:

The disks delivered to Kagan’s office bear labels indicating that they hold “source code” — the instructions that constitute the core of a software program — for Diebold’s Ballot Station and Global Election Management System (GEMS) programs. The former guides the operation of the company’s touch-screen voting machines; the latter is in part a tabulation program used to tally votes after an election.

Methinks someone, or some company, isn’t being entirely honest here. In fact, a few inter-linked companies that are making a lot of money off e-voting may not be telling the whole truth. But what else is new?

Read the WaPo article, and keep checking in at The Brad Blog (including its response to this story), which as many of you may know is doing incredible work following (and breaking) election fraud stories around the country: “[W]ill someone finally understand that this is a massive problem that needs immediate attention?”

For the sake of American democracy, we should hope so.

**********

UPDATE: CBS News is also reporting on the Diebold-Maryland theft story:

Gov. Robert Ehrlich questions the reliability of the touch-screen machines and has suggested that Marylanders use absentee ballots if they have any doubts whether their votes will be counted accurately.

“This raises yet another unanswered question with regard to Diebold technology,” said Henry Fawell, a spokesman for the governor.

This is another recent instance in which the security of electronic voting machines was brought into question, just weeks after a Princeton University study published in September demonstrated how at least one version of Diebold’s electronic voting machines could be easily hacked to switch votes without leaving any trace of the corrupting software. A virus could also be spread from machine to machine via the memory cards used to tabulate votes. Diebold claims that the machine software studied is no longer in use.

The article also includes “other developments” in e-voting from around the country.

If Diebold can somehow be proved as not conspiring to tamper with elections, they have at a minimum been criminally, maliciously and willfully lax in their security for increadibly high-stakes elections. The Diebold states would be well served to go to paper ballots and number 2 pencils instead.

  • Thanks Michael. I think Diebold is on all our minds these days. It might just be dirty tricks by competitor (but what a risky game that would be!) but I don’t think it is outside hackers that we have to worry about. I think Diebold insiders are our ultimate threat. Just don’t trust them.

    I think petorado is right about getting back to basics. And accountability.

    Software is the most powerful stuff and at the same time the most vulnerable stuff.

  • I don’t understand how anyone can support paperless voting. The potential for problems including abuse is so patently obvious. We need paper ballots. Touch screen voting is a menace to democracy.

  • Um … since I can’t get to BradBlog, maybe someone can answer a few questions not clear in this post.

    So the disks were delivered to a former legislator — I’m guessing they were supposed to be sent to a current one? And why?

    Secondly, is there maybe a chance that the disks were sent to Kagan to expose fraud in the software? If they were from ’04, then maybe someone should do some code monkey work and see what they contain (and maybe that’s why they were sent).

    Whatever the answers, just another reason to vote with a paper ballot.

  • I work elections in a county that uses Diebold machines. I’ll say this in their favor: they’re great for people who otherwise would be physically unable to vote w/o assistance.

    I would think they’re an unmitigated good thing if I could see one change implemented: when you’ve gone through the slate of choices, and you’re presented with the entire ballot with your choices marked, and you have the choice between reconsidering something and casting the ballot, when you cast the ballot, the software takes a screen capture of the marked ballot and prints the screen capture to a piece of paper that the voter never sees.

    Why can’t they just do that?

  • I can’t for the life of me understand why the Dems aren’t being more aggressive in pursuing this on a national and state-by-state level.

    I do think that it’s perhaps not the most optimal mass-market electoral message (Iraq and the economy and Bush are just fine, thanks), but as (a) a message to fire up the Dem base and (b) a procedural issue of potentially greater import than Gitmo/turture/signing statements/NSA spying, it seems to me that the Dem leadership should be showing more, uh, what’s it called … leadership?

  • Thanks for putting this up Mr. Stickings,
    After the first round of Maryland Voting Follies (The dog ate our access cards! My alarm clock didn’t go off so I was late to open the polls!) this story made my hair stand on end. Shouldn’t such software be locked in a concrete bunker guarded by ill tempered rotweillers? Guess not.

    DieVote isn’t going to admit there are huge gaping holes in their system even as people consistently turn up (who’d a thunk it?) huge gaping holes in the system. You have to hang Bill Gates over a vat of boiling oil before Microsoft will admit there are still a few bugs in the system. No company is going to say: “By the way, programming flaws we can’t be arsed to fix might destroy democracy as you know it.” Not good for the bottom line, such confessions.

    Finally, I must note that Gov. Bob Erlich, who is an utter putz about almost everything else, has been the loudest voice in MD for paper ballots. Cynics say this is because he’s afraid system flaws could cost him the election. Um… who gives a flaming damn? He’s right. For once. I’d prefer the purple thumb print method. Getting the final tally might take a while but it can’t be hacked. Or, I guess it could but it would be pretty messy.

  • As an outsider of sorts, I still can’t understand how counting ballots can be so damned complicated.

    In Cannuckistan, we use a simple paper ballot. Put an X beside the name and chuck it inot the box. When they are counted, we have representatives from all the political parties involved in the counting.

    As far as I know, we’ve never needed a machine.

    As an electrical engineer who works on software, I know that we have all sorts of shortcuts in the software that programmers will use for testing. If they are open to outsiders then we get the same security problems like the ones in Windows.

    If you can’t trust the validity of the Software then there is no point in using the machine. If no one acts on this then might as well just hand the election to the Repubs and the world sees another 2 years of goddamned stupidity.

  • Scott (#5)–
    Because what you propose would:

    A. Not allow the right to tamper with elections
    B. Not keep Diebold’s government cronies in power

    Other than that, what you suggeset simply makes too much sense to actually be carried out.

  • To those skeptics who say there’s no evidence that this has been done, read this:

    http://www.bradblog.com/ClintCurtisSummary.htm

    “…Curtis claims to have been asked by U.S. Congressman Tom Feeney (R-FL) to design a “vote-rigging software prototype”. This request took place in October 2000 during a meeting at Yang Enterprises, Inc. (YEI), a computer consulting firm in Oviedo, Florida.

    Curtis, a life-long Republican up until then, had been a programmer at YEI, which had several top-secret clearance contracts with the state, NASA and other government agencies. Curtis’ understanding at the time was that the prototype he was being asked to create (built to the very precise specifications of Feeney) was to address Feeney’s concerns that the Democrats might attempt to electronically rig the election and Feeney wanted to know what to look out for in that event. After informing YEI CEO Mrs. Li-Woan Yang that he would not be able to hide the vote-flipping routines in the software source-code as Feeney had requested, Curtis testified that Mrs. Yang informed him that the program was needed to “rig the vote in South Florida “.

    At the time of the alleged meeting, Feeney was the incoming Speaker of the Florida House, and also a registered lobbyist and the general corporate counsel for YEI. Previously, he had been the running mate of Jeb Bush during his 1994 unsuccessful first bid for Florida Governor. In November 2000, Feeney gained national notoriety after declaring open defiance of the Florida Supreme Court by vowing to choose Presidential electors for George W. Bush regardless of whether a court-ordered recount showed that Gore won Florida…”

  • Im with unholymoses and Racerx – I was just going to bring up the Feeney Curtis issue, which a long video was posted of back on another video site in I think March. The issue was that a code could be inserted into these machines that would flip the vote count to 51 49, to ensure your candidates victory, and since there was no paper trail, the only way you would know was if you had access to the source code, and whether you could determine if there was a subroutine or module which would be initiated somehow, at someone’s request, if needed.

    My feeling is that this disc delivered, may have such code on it, and perhaps someone wants it to be looked into (hint hint – start looking).

  • PS, Thank you Michael for posting this story. Since 80% of the vote will be on electronic machines (and probably close to 100% of it counted on electronic tabulators) we really are hosed if we can’t get a handle on this issue. Our leaders don’t seem to be taking it very seriously.

    • Comments are closed.