NYT: Computer Voting Is Open to Easy Fraud, Experts Say

The software that runs many high-tech voting machines contains serious flaws that would allow voters to cast extra votes and permit poll workers to alter ballots without being detected, computer security researchers said yesterday.

"We found some stunning, stunning flaws," said Aviel D. Rubin, technical director of the Information Security Institute at Johns Hopkins University, who led a team that examined the software from Diebold Election Systems, which has about 33,000 voting machines operating in the United States.

The systems, in which voters are given computer-chip-bearing smart cards to operate the machines, could be tricked by anyone with $100 worth of computer equipment, said Adam Stubblefield, a co-author of the paper.

"With what we found, practically anyone in the country — from a teenager on up — could produce these smart cards that could allow someone to vote as many times as they like," Mr. Stubblefield said.

The software was initially obtained by critics of electronic voting, who discovered it on a Diebold Internet site in January. This is the first review of the software by recognized computer security experts.
...
As an industry leader, Diebold has been the focus of much of the controversy over high-tech voting. Some people, in comments widely circulated on the Internet, contend that the company's software has been designed to allow voter fraud. Mr. Rubin called such assertions "ludicrous" and said the software's flaws showed the hallmarks of poor design, not subterfuge.

The list of flaws in the Diebold software is long, according to the paper, which is online at avirubin .com/vote.pdf. Among other things, the researchers said, ballots could be altered by anyone with access to a machine, so that a voter might think he is casting a ballot for one candidate while the vote is recorded for an opponent.

The kind of scrutiny that the researchers applied to the Diebold software would turn up flaws in all but the most rigorously produced software, Mr. Stubblefield said. But the standards must be as high as the stakes, he said.

"This isn't the code for a vending machine," he said. "This is the code that protects our democracy."
...
http://www.nytimes.com/2003/07/24/technology/24VOTE.html

For more background, here is the link to BevHarris's (Go Bev!) discussion in GD:
http://www.democraticunderground.com/discuss/duboard.php?az=show_topic&forum=104&topic_id=71703&mesg_id=71703&page=

looks like the Repugs have 2004 all locked up.

Dems are half blind and in denial if they continue to place faith in the election process. Its time to impeach the bastards now.

Twiddling your thumbs waiting for the next election won't do you any good when the Rethugs have control of the ballot box. You'll be twiddling for another four years after '04.

columnists and reporters you don't know but think might report it. It's up to us to make sure this story is not buried.

and all the others that worked so hard to bring this to light . . . great job, folks!!! :)

I'm not sure, did Bev's research turn up that they were enabled for wireless access or not?

"We're constantly improving it so the technology we have 10 years from now will be better than what we have today," (spokesman for Diebold, Joe) Richardson said...

Wow! They expect progress over the next 10 years? I'm impressed!

The company, he said, puts its software through rigorous testing.

Yeah. Usually on the day they're delivered to voting precincts, and they try to turn them on.

Mr. Richardson of Diebold said the company's voting-machine source code, the basis of its computer program, had been certified by an independent testing group. Outsiders might want more access, he said, but "we don't feel it's necessary to turn it over to everyone who asks to see it, because it is proprietary."

Everyone who asks? Try anyone who asks...

They're stock was up today. Watch it fall tomorrow.

Diebold shares closed Wednesday up $1.01 to $44.25 on the New York Stock Exchange.
http://www.miami.com/mld/miamiherald/business/6368916.htm

NYT ...YAY.....bout time .:bounce:

GREAT JOB!! BEV! This Could be the shot heard around the world..

...is in a large part responsible for this coming to light. Good job guys!!!!!! :bounce: :dem:

finally see this, but am not surprised that it is not on the front page and appears buried in the paper and website.

This is the right kind of statement to get attention.

I'm glad that they mention the suspicions that the flaws are deliberate, even if they don't give them much credence. The hard evidence isn't there yet. It plants the seed in the event of a real smoking gun.

To paint it as surely deliberate would make it look like a "conspiracy theory," even though most all of us do deeply suspect deliberate tampering.

I can almost feel it coming.....

that the machines in Texas were NOT on the square.

My only concern is the ignorance of the American voter who believes in this corrupt administration.

of course, no one but Techies would be interested in this, right?

good ol NYT...NOT!

in my copy of the NYT, it was in the front section. :bounce:

:kick:

should have been front page above the fold

way to go Bev :toast:

peace

This is no coincidence! :bounce:

Americans better fight this! :bounce:

Please delete me!

1) It is an axiom in the computer industry that any system that is attached (network, wireless, modem, etc.) is, BY DEFINITION, hackable. The only thing you can really do to protect a system is to disconnect and disable all external inputs to the system. This means that each voting machine would have to be not wireless enabled, not networked and with no modem installed. Beyond that, some basic principles of security have been violated in almost every "electronic voting" story I've read, such as allowing unknown persons to perform "updates" that caught the poll workers unprepared and who were unable or unwilling to say what the "update" was for.

2) Until people realize that the only way fraud-proof elections can exist is under the old Soviet-style system (e.g. - one candidate... you can vote for them or not), we'll keep on having to fight this fight.

What I recommend for "electronic" voting works something like this:

a) Each system is disconnected from all external inputs except the touch screen. The systems are verified in working order one week before the election, and NO ONE (and I mean NO ONE) touches them before election day after the dry run. That means no last minute updates, fixes, patches or anything else.

b) Each voter receives a unique ID that can be used to vote once in each election. The system has to be written in such a way as to prevent the tracking of specific votes to specific IDs to preserve the privacy of the balloting.

c) ALL software must be available for public review both before and after the election, but only for review. Any changes made to the software will be done by certified programmers, not by uploading the code to a "secret" FTP site.

d) All voting systems MUST record the vote electronically and on a paper ballot that will be placed in a sealed ballot can. The results from the electronic voting are used for "preliminary" results, and the results are verified by multiple unaffiliated organizations by doing a manual (as in hand count, not scantron) count of the ballots. The final results are from the paper ballots, not the electronic voting machines. If everything goes as expected, this could eventually be scaled back to a percentage dictated spot-check, but I would always push for a LARGE percentage (60% or more) to reduce fraud potential as much as possible.

e) Start teaching people that SPEED of result is uniomportant. The critical factor MUST be accuracy. Think about it... why do we need the results on the morning following an election? This is just another symptom of our "instant gratification" lifestyles. Our forebears waited as much as two weeks for the results of an election. I think we can stand to wait a few days...

f) Have voting for several days. The best way would ensure that the time frame includes at least one of each day of the week (hey, some folks work M-F, some work Tu-Sat, and others work W-Sun. Let's make sure EVERYONE has a chance to cast their ballot). This would help prevent the "I can't get there when the polls are open" syndrome, and also provide more flexibility for the people to vote when it is more convenient.

g) Vote tallies must be kept in a single database on the systems when the vote is recorded. There MUST NOT be multiple databases. Additionally, the database design must ensure that the actual tally is only kept in a single table in the database to prevent manipulation of the tally.

h) All manual counts MUST be done in the presence of observers from all political parties. No counts which are conducted without oversight of the public will be accepted. The only exception to this would be in the case of a court challenge which would allow for the plaintiff and defendant to mutually select and screen the counters, just like they do for a jury.

Now, I realize that this seems a little extreme at first pass, but I'm trying to ensure that we get as fair and accurate a vote as possible. That means multiple checks and multiple redundancies in the counting methods so as to reduce the number of places fraud COULD take place. I'm not interested in SPEED of result, only in ensuring that the vote totals ACTUALLY reflect the will of the people.

What do you all think?

We've seen what happens to our country when we have voting problems. NOTHING is worth this mess...not convenience, not time, not shit.

This ONE issue alone could save what's left of our Democracy.


:kick::kick::kick::kick::kick::kick:

Computer should be used only for the front end to print out a voter-verifiable paper ballot which the voter then places into a ballot box. Then you can stick whatever you want on the comptuer and it won't matter.

Note, a very simple tallying machine (separate from the voting booth) can be used to count the paper ballots, just as is done today and has been done for a while.

I don't believe the tallying machines are accurate or untampered with. I also don't believe those tallies are what is REALLY used to call elections. The old VNS that supposedly used exit surveys would never reveal, even after the election, where they conducted their exit surveys. Now the networks are doing the same thing, only supposedly independant of each other. Somehow I find that difficult to believe. You ought to check out http://www.votescam.com for some eye-opening stuff. I hate to be a cynic, but I don't believe we'll ever take back our democracy until we get the machines OUT of the voting process again.

Mithras61 said:
"What I recommend for "electronic" voting works something like this:"

"I don't believe we'll ever take back our democracy until we get the machines OUT of the voting process again."

http://www.ajc.com/news/content/news/0703/24votemachines.html http://cronus.com/electionfraud/efresources.asp http://slashdot.org/articles/03/07/24/153258.shtml?tid=103&tid=126&tid=128&tid=99 http://slashdot.org/comments.pl?sid=72311&threshold=1&commentsort=0&tid=103&tid=126&tid=128&tid=99&mode=thread&pid=6523238#6524050

I thought different articles were supposed to be posted in separate threads.

I posted the AP article, too (http://www.democraticunderground.com/discuss/duboard.php?az=show_topic&forum=102&topic_id=32767&mesg_id=32767&page=) - I assume you'll want to lock that one as well.

:dem:

Voting machine fails inspection

By Robert Lemos
Staff Writer, CNET News.com
July 24, 2003, 5:25 PM PT

University researchers delivered a serious blow to the current crop of electronic voting systems in an analysis of one such system's source code in which they concluded that a voter could cast unlimited ballots without detection.
Using an earlier version of the source code that powers machines manufactured by Diebold Election Systems, the security experts--three from Johns Hopkins University and a colleague from Rice University--performed an audit and found numerous security holes.

"Our analysis shows that this voting system is far below even the most minimal security standards applicable in other contexts," said the researchers in a paper published Wednesday on the Internet, concluding that "as a society, we must carefully consider the risks inherent in electronic voting, as it places our very democracy at risk."

<snip> http://news.com.com/2100-1009_3-5054088.html


High-Tech Votes Can Be Hacked, Scientists Say
Thu July 24, 2003 06:06 PM ET
By Andy Sullivan
WASHINGTON (Reuters) - Software flaws in a high-tech voting system could allow vandals to tamper with election results in several U.S. states, computer security researchers said on Thursday.

Interest in electronic voting systems has grown since the 2000 presidential election, when problems with primitive punch-card systems in Florida led to a bruising, weeks-long recount battle ultimately settled by the Supreme Court.

But researchers at Johns Hopkins University and Rice University said they had uncovered bugs in a Diebold Inc. DBD.N voting system that could allow voters and poll workers to cast multiple ballots, switch others' votes, or shut down an election early.

"It's unfortunate to find flaws in a system as potentially important as this one," Tadayoshi Kohno, a graduate student at the John Hopkins Information Security Institute, said in a telephone interview.

<snip> http://reuters.com/newsArticle.jhtml?type=technologyNews&storyID=3155955


Security Of E-Voting Systems Seriously Questioned
July 24, 2003
Computer researchers claim to have found 'critical flaws' in software used for U.S. electronic voting.
By George V. Hulme (InformationWeek)

Three computer researchers from the Information Security Institute at Johns Hopkins University, with help from a computer scientist at Rice University, say they've uncovered vulnerabilities in the software purportedly used by Diebold Election Systems. As a result, one person can cast multiple votes, elections can be delayed, the anonymity of voters can be breached, and cast votes can be modified or even deleted, the researchers say.

<snip> http://www.informationweek.com/story/showArticle.jhtml?articleID=12803024



US researchers critical of electronic voting systems
By Online Staff (The Age, Australia)
July 25 2003


Researchers at the Information Security Institute at Johns Hopkins University in the US have given electronic voting systems in use in the country the thumbs down, pointing out that even common voters could cast unlimited votes without any insider help.
<snip>
The researchers took issue with the fact that the voting system itself was written in what they considered an unsafe language - C++.

"...the software is written entirely in C++. When programming in an unsafe language like C++, programmers must exercise tight discipline to prevent their programs from being vulnerable to buffer overflow attacks and other weaknesses. Indeed, buffer overflows caused real problems for AccuVote-TS systems (the name of the system) in real elections," they said.

<snip> http://www.theage.com.au/articles/2003/07/25/1059084190013.html