Diebold used uncertified, untested software to count California votesby Ian Hoffman, The Oakland Tribune
Dec. 17, 2003
Digital voting giant Diebold Election Systems took a staggering blow Wednesday as California officials reported that Diebold ran uncertified — and in some cases untested — software in all 17 counties where it counted votes in the state's last two elections.
What began as a scandal in Alameda County swept statewide as every county served by Diebold realized its software was not state certified, and three counties, including Los Angeles, found that some of their software never had been tested by a federally designated lab.
Marin and San Joaquin counties both used non-state-certified software. Marin also was using a different version of vote counting software than Diebold officials reported to the state, and San Joaquin was using different touchscreen software than the company reported.
Stunned, state elections officials put off final approval of Diebold's latest touchscreen voting machine, the TSX, already purchased in the thousands or contracted by four California counties for $45 million.
Counties such as Solano will be able to use the TSX machines for the March 2004 elections, but state authorities hope retaining the conditional certification will prod Diebold into compliance with state law requiring certified software on every voting machine. Solano spent $4 million on 1,171 of the new Diebold machines, which are now in storage.
Secretary of State Kevin Shelley made a rare appearance before the state's Voting Systems Panel to hammer home his expectations of Diebold.
Shelley said he hoped the panel would not recommend decertifying Diebold, that is, prohibiting use of one or more of its voting machines. But if state officials continue to find "gross discrepancies," Shelley said, "I'm prepared to go down that road."
Diebold sales executives quickly agreed to one panel recommendation: The company will pay for installing the latest, state-certified software in vote-counting servers in the 17 counties it supplies, including the largest — Alameda County.
State election officials also called for random audits of all voting software, fines for violators and routine certification by the state — something that was highly inconsistent in the past.
Diebold officials portrayed the software certification issue as more or less cosmetic, saying the differences were negligible between state-certified software and versions used to count at least a quarter of votes in California's recall and last municipal elections.
That's not altogether clear, said Kim Alexander, president of the California Voter Foundation, a Sacramento-based nonprofit that studies voting systems.
State officials note there's no evidence that the use of uncertified or untested software resulted in lost or manipulated votes.
"While nobody is undervaluing the significance of uncertified and unqualified software, this is not about uncounted or miscounted votes," said Douglas Stone, a Shelley spokesman. "What we're trying to establish is a strong procedure that ensures every voter has confidence in the integrity of our system and in the counting of their vote."
But Alexander says current e-voting systems provide no way to be certain. A recount would be a digital clone of the original count.
"There's no paper trail for those ballots so you can't tell. There's no way to reconstruct the election," she said.
Former weightlifter and actor Arnold Schwarzenegger swept the state by such broad margins that small discrepancies of thousands of votes would not have mattered, Alexander said.
"If we hadn't had wide margins, I think we would have had a fullblown crisis. I think we would have had a Florida-style meltdown in Alameda County, even without the chads," she said. "But we shouldn't have to rely on wide margins and exit polls to confirm election results."
Published by
The Oakland Tribune
|
|
Felons in five Diebold management positionsIncluding one convicted of falsifying computer records
Associated Press
Dec. 17, 2003
SAN FRANCISCO — At least five convicted felons secured management positions at a manufacturer of electronic voting machines, according to critics demanding more stringent background checks for people responsible for voting machine software.
Voter advocate Bev Harris alleged Tuesday that managers of a subsidiary of Diebold, one of the country's largest voting equipment vendors, included a cocaine trafficker, a man who conducted fraudulent stock transactions and a programmer jailed for falsifying computer records.
The programmer, Jeffrey Dean, wrote and maintained proprietary code used to count hundreds of thousands of votes as senior vice president of Global Election Systems, or GES. Diebold purchased GES in January 2002.
According to a public court document released before GES hired him, Dean served time in a Washington state correctional facility for stealing money and tampering with computer files in a scheme that "involved a high degree of sophistication and planning."
"You can't tell me these people passed background tests," Harris, author of Black Box Voting: Ballot Tampering in the 21st Century, said in a phone interview.
Diebold spokesman Michael Jacobsen emphasized that the company performs background checks on all managers and programmers. He said many GES managers — including Dean — left at the time of the acquisition.
"We can't speak for the hiring process of a company before we acquired it," Jacobsen said. He would not provide further details, saying company policy bars discussion of current or past employees.
The former GES is Diebold's wholly owned subsidiary, Global Election Management Systems, which produces the operating system that touch-screen voting terminals use.
Dean could not be reached for comment Tuesday afternoon.
Sen. Barbara Boxer (D-California) announced a bill last week that would require stringent background checks on all electronic voting company employees who work with voting software. The bill, which Boxer plans to introduce in January, would toughen security standards for voting software and hardware, and require touch-screen terminals to include printers and produce paper backups of vote counts by the 2004 presidential election in November.
Harris and Andy Stephenson, a Democratic candidate for secretary of state in Washington, conducted a 10-day investigation in Seattle and Vancouver, where the men were convicted. Harris and Stephenson released the findings in a 17-page document online and at a news conference in Seattle.
Also Tuesday, Washington Secretary of State Sam Reed announced legislation that would require electronic voting machines in the state to produce a paper trail. If the legislature approves it, touch-screen machines in the state would be required to produce paper receipts by 2006.
Voters would get to see but not touch or remove the receipts, which would be kept in a county lock box. Computer programmers say software bugs, hackers or electrical failures could cause more than 50,000 touch-screen machines used in precincts nationwide to delete or alter votes. California Secretary of State Kevin Shelley said last month that touch-screens in the nation's most populous state must provide paper receipts by 2006.
Published by
Associated Press
|
|
More states and politicians demand paper trailEven mainstream media starts waking up to threat posed by black-box electronic voting machines
by John Schwartz, The New York Times
Dec. 15, 2003
High-tech voting is getting a low-tech backstop: paper. Most new voting machines are basically computers with touch screens instead of keyboards. Their makers promise that the new machines will simplify voting and forever end the prospect of pregnant and hanging chads. But as the market for computerized voting equipment has intensified, a band of critics has emerged, ranging from the analytical to the apoplectic.
The opponents of the current machines, along with the people who make them and election officials who buy them, gathered to spar in Gaithersburg, a Washington suburb, last Wednesday and Thursday, at a symposium optimistically titled, "Building Trust and Confidence in Voting Systems."
The critics complained that the companies were putting democracy into a mystery box, and that the computer code for the systems was not written to standards that ensure security. Critics are uneasy about the major vendors' political ties, and they worry about what a malevolent insider or a hacker could do to an election. But above all, they complain that few of the new machines allow voters to verify their votes, whether with a paper receipt or another method, an idea favored by computer scientists including David L. Dill of Stanford University.
The companies generally respond that the lever-style, mechanical voting machines offer no such backup, either. The critics counter that the computerized systems are the first to need voter verification methods.
Now a growing number of election officials and politicians seem to be agreeing with the skeptics. Last week, Nevada said it was buying voting machines for the entire state, and it demanded paper receipts for all voters. Nevada Secretary of State Dean Heller said he received an overwhelming message from voters that they did not trust electronic voting. "Frankly, they think the process is working against them, rather than working for them," Mr. Heller, a Republican, said. Last month, the California secretary of state, Kevin Shelley said that his state would require all touch-screen voting machines to provide a "voter-verified paper audit trail."
Senator Hillary Rodham Clinton, Democrat of New York, has introduced a bill that would require a paper trail and security standards for voting machines. Her bill is similar to an earlier entry sponsored by a fellow Democrat, Representative Rush D. Holt of New Jersey. "What's required for money machines should be required for voting machines," Senator Clinton said in introducing the bill. "We must restore trust in our voting, and we must do it now."
Rebecca Mercuri, an expert on voting technology who is affiliated with Harvard's Kennedy School of Government and attended the symposium, said the tone of the discussion had changed from acrimony and accusation to the beginnings of civil conversation. The old corporate view, she said, was that "we have the safest, most secure voting machine — and by the way, it's a secret," Ms. Mercuri said. But that "is not going to provide the trust and confidence that we need," she said.
The symposium was at the National Institute of Standards and Technology. The institute, part of the Commerce Department, plans to develop programs to test and accredit voting systems under the Help America Vote Act, passed in 2002 after the bitterly contested 2000 elections. That law requires state and local officials to replace outdated voting systems, calls for minimum standards for the systems and provides federal funds to move the process along.
Companies that make electronic voting machines have scrambled to dominate the lucrative new market. They include Diebold Election Systems (a division of Diebold Inc.) Sequoia Voting Systems, Election Systems and Software, and Hart InterCivic.
The industry insists that its systems are secure and trustworthy, with or without paper. Harris Miller, who leads a new trade association for the industry, said that the group had no position in favor or against paper trails, but dismissed the issue as a "theological debate within the academic community." Mr. Miller, who is also president of the Information Technology Association of America, called some opponents of electronic voting "black helicopter theorists" and Luddites who "want to go back to the bad old days" of stuffed ballot boxes and chad wars.
But some of the critics know a lot about computing, security and elections — like Prof. Aviel D. Rubin at Johns Hopkins University, who led a team that analyzed purloined code from Diebold and found flaws that he said even basic training in secure coding would prevent. His work was cited in Nevada's decision to choose Sequoia's machines over Diebold's. "The only way that vendors are going to produce auditable machines is if they are forced to,'' Professor Rubin said. "So the recent moves of California and Nevada to require voter verifiable paper are huge steps in the right direction."
A spokesman for Sequoia said that providing paper had less to do with security than with voter confidence. "I still don't believe that paper is essential," the spokesman, Alfie Charles, said. "But it's becoming more important — for perception if nothing else, and perception is critical in the voting process."
A spokesman for Diebold, David Bear, said that the company did not oppose the idea of voter receipts, and was happy to sell whatever kind of voting machine election officials wanted to buy. "We're in the business of providing products that our customers need," he said. In fact, the company's machines already have thermal printers that are used to produce end-of-day reports, so providing individual receipts would not necessarily require an enormous change.
Not all of Diebold's employees are so supportive of change, as Web sites that have sprung up in opposition to the machines have shown. Among the thousands of internal e-mail messages from the company that have made their way to anti-Diebold Web sites is a Jan. 3 message to colleagues by an employee identified only as Ken. Referring to criticisms of the Diebold, he wrote that news articles about a paper trail missed an important point, which he italicized: "they already bought the system."
"At this point they are just closing the barn door,'' Ken wrote. "Let's just hope that as a company we are smart enough to charge out the yin if they try to change the rules now and legislate voter receipts." In a later note he explained that he meant, "Any after-sale changes should be prohibitively expensive."
Mr. Bear, the spokesman for Diebold, said, "It's safe to say that an e-mail does not represent the policy of Diebold."
Professor Rubin said he was heartened by the increasing demand for a paper trail, but said it was only the first step toward ensuring that election security moved forward instead of backward. "We still don't have a process for ensuring that the people writing the code of those machines know what they are doing, or are not malicious," he said.
Published by
The New York Times |
