BBV: Heads Up Ohio- Diebold Coming Your Way

This has got to be one of the oddest Diebold "miracles" yet:

http://www.diebold.com/news/newsdisp.asp?id=3036

16 Ohio counties are chosing Diebold for their voting systems.

OK, this AFTER:

Johns Hopkins report
SAIC report
Ohio report
The shenanigans in California, where Diebold was caught using
uncertified or never tested software in all 17 counties in
California that have Diebold, DRE and Optical Scan
All the revelations about the murky background of this company
The many, many problems these systems have as documented in their
own memos...

Someone picks Diebold? We know the other competitors had to have delivered competitive bids. We know Ohio has certified a voter verified paper ballot system that is competitive cost-wise with non-paper systems. We know that Diebold can't seem to deliver an election that doesn't involve a lot of Diebold employees to make their equipment work...

Is there such a thing as reckless endangerment of our vote?

I think your conclusions are a little off. Let's look at your reasoning on a case by case basis:



The Johns Hopkins report was almost completely discredited by the SAIC report. Seriously. Read it. You may not want to believe it, but if you don't you're in denial. You simply can't hold up the Johns Hopkins report and the SAIC report at the same time and use them to support your claim: pick one or the other. Here's a tip: pick the SAIC report, it's the more credible of the two.

Unlike the misrepresented claims tossed around here so frequently, the SAIC report identified a small number of potential security issues in the software, which were apparently fixed by Diebold months ago (apparently to Maryland's satisfaction). It also identified a large number of potential security issues in Maryland election procedures and protocols, which really have no bearing on the voting product itself.

The Ohio report looked at the same version of the software as the SAIC report and identified a small number of potential security issues, most of which were (not surprisingly) the same. It stands to reason that the fixes implemented as a result of the SAIC report will still apply. Diebold (and all the other vendors whose products were evaluated) agreed to undertake whatever additional steps were required by Ohio as a result of the study, and Ohio is apparently satisfied. Where's the problem here?


That's your first three arguments gone up in smoke. Let's examine the rest.


As for California, let's be honest. Diebold is taking the blame for using software that reportedly was in the vast majority of cases (14 of 17 counties, if I recall correctly) certified to FEC standards. None of the software was apparently certified for use by the state, which is an entirely separate issue. Obviously the software does need to be certified for use by the state as well, and the fact that it wasn't represents a major problem with the system. But I doubt the blame lies entirely with Diebold in this case -- why are these counties not submitting their selected voting systems to the state for certification, and if they are, why is the state not getting it certified? I agree that Diebold has to share a big part of the blame here, but it seems reasonable to assume that various other parties involved here are getting off scot-free. And regardless of the confusion in California, what exactly is wrong with counties in Ohio picking the FEC-certified product of their choice, getting that product approved and certified for use by the state, and using it in their elections? I assume most other states are smarter than California (I infer this mostly from the fact that none of their governors are Arnold Schwarzenegger).

The background of the company isn't "murky" at all, it's fairly clear and well-documented by the amazing Bev Harris. Aside from one gentleman who apparently runs a printing press (and almost certainly doesn't write any code or build any voting products) none of the people she wrote about apparently have anything to do with the company at this point, and haven't for quite some time.

Finally, as for problems documented in the memos, most of you people who point them out have obviously never done any software development. There are problems in every software product. The problems get reported, and the problems get fixed. Hopefully problems don't make it into official builds or releases, but in practice they sometimes do. That's the way it works: there's never been a non-trivial software product developed that doesn't have any bugs. What makes me laugh is the assumption by activists that every issue ever raised in an internal memo applies to a released build of the product. Some of them probably do. I'm betting the vast majority of them don't. I've worked in a shop where we did daily product builds. Obviously we didn't release them all... they're simply milestones for tracking progress and targeting QA issues and implementation new features.

Clearly your agenda is a specific vendetta against Diebold, not general improvement of the electoral system. What a shame.

Happy new year!

JC

:wtf:

As a voter I can tell you that I absolutely will NEVER accept election results from precincts that use electronic voting machines WITHOUT paper receipts, ballots (whatever you want to call them). NO WAY. NEVER.

How do you know that Ohio hasn't requested paper? California is apparently moving to require paper. Do you have some information that you'd like to share?

JC

If so, please share.

Message removed by moderator. Click here to review the message board rules.

Andy, Andy, Andy.

You say:

"If it isn't broke... don't fix it. Our election system was working fine until Diebold got involved."

Are you serious? Do you really think the election system was working fine aside from Diebold? Did you even notice the big Florida thing in the 2000 election? It was all over the news... and to my knowledge not a single butterfly ballot or hanging chad was attributed to Diebold.

Also, you say this:

"The machines are fine."

Odd... I thought the position of BBV activists was "everyone out of the pool, we need to disinfect it". Last I heard, the only acceptable solution was to get rid of all the broken, unreliable, untrusted machines and go to an all-paper, hand-counted voting system. "Be more like France!" is the mantra, isn't it? (Although this is perhaps why you fail.)

Name call all you like, I'm simply tired of BBV muck-raking instead of going after the real culprits. If a paper ballot is what we need... then we have to get the states to ASK FOR IT. Diebold, ES&S, Sequoia and the rest do not dictate the rules to the states. California is a case in point: they're moving to require paper, and the vendors will have to comply. Simple. It's sad that it takes a state run by a Republican like Arnold Schwarzenegger to take the obvious step to make things better.

The BBV tactic to smear, stalk, and wildly theorize is not working. If activists would work as hard at demanding changes from the states as they do at shameless self-promotion, conspiracy theory development, and pointless smearing of voting companies and their employees then things might really change for the better.

JC

Edited to remind you that speculation about my identity is a waste of time... just get Bev to tell you what you want to know.

and we do need paper ballot. I'll repeat. The machines are fine...but since we are not making headway on the paper issue then we need to stop the machines. As far as "smearing people" The people we have "smeared" smearedthemselves. Sorry for the pain in your eye. I have never claimed to be a writer. Just really good at investigation and getting people to talk to me.

"and to my knowledge not a single butterfly ballot or hanging chad was attributed to Diebold."

Really??? Jeff Dean was doing the diebold ballots at the time. Strange how that happens.


By the way don't call me Andy...I'm God_bush_n_cheney to you.

Message removed by moderator. Click here to review the message board rules.

"Er, California is apparently passing legislation to require paper."

Not until 2006. If it isn't good enough for 2006 isn't good enough for 2004.

"You are smearing people. "

No they smeared themselves. I am merely reporting facts. By the way documented facts. At least on that point we agree. We merely reported the facts.

"Saying that they can't be trusted, comparing them to rapists and child molesters"

Show me where I have compared them to child molesters and rapists. You can't because I haven't.

"Actually everyone (except, apparently, you) knows full well that those problems had nothing to do with Diebold."

If they can't vote in this state they should have nothing to do with them either. Especially when the crime Mr. dean committed was the placement of backdoors into accounting software

"When you're secretary of state (heh) "
He who laughs last, laughs the longest. So giggle while you can.

"you can't make people call you by your code name or throw people who don't agree with you "in the iggy bin."

Want to bet? It's called a secretary. But I haven't met anyone that disagrees with me, except of course you.

As for a "code name" Mr. Secretary will work just fine. That is, once I am elected.

Cook County, IL, rejected 7% of its punch-card ballots. If you call that working fine, I'm not sure how good you're going to do in office.

The problem in Cook County was the machines were able to
accept the ruined or spoiled ballots even though
their new $26 million ballot counting machines
had the ability to spot the problems and reject
the ballot returning it to the voter for correction.

The rejecting ability of the counting machines was refused
to Cook Co. at the request of the State Senate. The argument
being that nearby counties with like but older machines
did not have The same feature.

Ironically other nearby counties using optical scan machines
were allowed to use their rejection correction feature.
The argument here was one machine was "apples" and the
other "oranges".


Other factors

This was the first Presidential (high turnout) election
where the straight-party ticket was not an option.

The ballot was 21 pages, with 400 candidates. The part on
retaining 77 judges was spread over multiple pages.
It was likely the largest ballot ever seen in Cook Co.




Write your Representatives and thank them, ask them to
take another 26 Million Dollars of your money that
your schools wont miss, oh heck ask for a Hundred Million
get the best damn been counters on the market.


HAVA BBV DAY

(edit: forget the spell check needed the math checked changed
Quarter to 26)

Allowing these vunerable voting systems to take root in this country only amounts to the END OF OUR DEMOCRACY!!!!!! If you had ANY foresight - you'd realize that two (or more) can play at this game of rigging elections - and you may someday find yourself horrified to discover that a DEMOCRAT stole an election from one of your favorite fascist Repuke cohorts!

have their own agendas. Just like our media.

agenda has been quite clear for quite sometime.

Coup d'etat 2000 redux.

new and improved...No paper record to dispute the results.

Instead, that money can go to the corrupt Repuke politicians stealing the vote for their cronies!

:puke: is synonymous with Republican

Message removed by moderator. Click here to review the message board rules.

You wrote:
The Johns Hopkins report was almost completely discredited by the SAIC report. Seriously. Read it. You may not want to believe it, but if you don't you're in denial. You simply can't hold up the Johns Hopkins report and the SAIC report at the same time and use them to support your claim: pick one or the other. Here's a tip: pick the SAIC report, it's the more credible of the two.

And I must call you on this...what the SAIC report did, in fact, was CONFIRM everything in the John Hopkins report. Of course, there might be things in the SAIC report that discredit the JH findings, but we sure as hell haven't seen them. Perhaps, TFHP, you've seen the FULL, UNREDACTED, SAIC report and know something we don't?????

Every evaluation of the Diebold software has supported the initial findings of the John Hopkins/Rice study. Your selective wording above leads me to believe you know more than those of us who have only been granted access to the redacted report. Why don't you be so kind as to share with us?

on edit:
The SAIC report was basically the same as Diebold's on response to the John Hopkins study - "Well, yeah, that's true, but....." to every allegation.

people like him keep secrets for a reason...

Seems his argument is totally devoid of substance, and therefore undebatable. :D

I don't have an unredacted copy of the report, I'm referring simply to what's publicly available. Read it for yourself. The SAIC report states exactly this:


In the course of this risk assessment, we reviewed the statements that were made by Aviel. D. Rubin, professor at Johns Hopkins University, in his report dated July 23, 2003. While many of the statements made by Mr. Rubin were technically correct, it is clear that Mr. Rubin did not have a complete understanding of the State of Maryland's implementation of the AccuVote-TS voting system, and the election process controls in general. It must be noted that Mr. Rubin states this fact several times in his report and he further identifies the assumptions that he used to reach his conclusions.

In general, most of Mr. Rubin's findings are not relevant to the State of Maryland's implementation of the AccuVote-TS system because the voting terminals are not connected to a network. In addition, LBE procedures and the openness of the DRE voting booth mitigate a large portion of his remaining findings.

We do concur with Mr. Rubin's assessment that if the AccuVote-TS voting system were connected to a network that several high-risk vulnerabilities would be introduced. We also concur with Mr. Rubin's assessment that transmissions of data are not encrypted in transit, and we have recommended that this be rectified.

The State of Maryland procedural controls and general voting environment reduce or eliminate many of the vulnerabilities identified in the Rubin report. However, these controls, while sufficient to help mitigate the weaknesses identified in the July 23 report, do not, in many cases meet the standard of best practice or the State of Maryland Security Policy.




In fact, SAIC devotes an entire 29-page appendix to documenting where Rubin got it wrong. Why would they do that if they supported his findings?


SAIC does acknowledge a couple of security issues in its report, such as encryption of data transfer and updates to smartcard authentication. According to Maryland and Diebold, these changes were implemented in the product. By and large, however, Rubin's concerns are dismissed.

The majority of Rubin's conclusions are predicated on the assumption that the machines are connected to the internet. I think it's fair to state at this point that the machines are not connected to the internet, despite early activist claims to the contrary (since retracted, quietly). The rest of his conclusions are downright silly: for example, his conclusion that a voter-verified paper trail would address his presumptive scenario of someone trying to vote fraudulently with a pocket full of fake smart cards. (Yes, there are good reasons for a voter-verified paper trail, as I've stated many times -- however in Rubin's idiotic example it would simply let the fraudulent voter vote multiple times and verify each of his fraudulent votes.) In any case, I've devoted way too many posts to re-explaining at great length the technical flaws in Rubin's paper and it bores me to redo it again. Feel free to look up some of my old posts on the issue.

JC

But before we get to specific points of agreement, upthread you wrote this:

"The Ohio report looked at the same version of the software as the SAIC report"

Please source this information. The SAIC report redacted version numbers and you claim not to have seen the unredacted copy.

====================
From Black Box Voting (paperback edition, Chapter 12):

"There are weaknesses in the Hopkins/Rice report. Several sections seem to assume that touch-screen machines are connected to the Internet, but nothing I’ve seen indicates that to be the case. GEMS servers can connect to the Internet, and GEMS also connects to modems which, in turn, connect back to touch-screens.

"The criticism that the Hopkins/Rice report doesn’t take into account all the election procedures is, in many ways, correct. It doesn’t appear that the authors read the user manuals that go with the software; they apparently did not interview any election officials.

"Other areas of the report describe hacks that would be impractical or could not affect many votes at a time. The most publicized security flaw in the report has to do with making extra voter cards (or reprogramming one so that it can vote as many times as you want). These are valid concerns, but checking the number of voters signed in against the number of votes cast is a required safeguard in most states and would reveal such a ploy. This type of hack would also be difficult to achieve on a grand scale; you would have to make rigged smart cards and send people in to cast extra votes at hundreds of polling places at once, which gets into the crazy conspiracy realm.

"The importance of the Hopkins/Rice report:

"1) It correctly identifies weaknesses in Diebold’s software-development process. The code seems cobbled together to fix and patch.

"2) It identifies security flaws that can jeopardize vote data, especially during transmission to the county tabulator.

"3) The Hopkins/Rice report pushed media coverage into the mainstream. When you are researching this story, you can’t even sneeze without finding something new, so coverage of the integrity of our voting system will continue to gather momentum. The longest leap forward in a single day was attributable to the Hopkins/Rice report.

"4) The report triggered another evaluation, this time by the SAIC."

=====================================

Now, tinfoil, I believe you do have access to the unredacted version. Here's why: You continually take me to task for citing the Washington Post's quote, that the SAIC report reveals 328 security flaws, 26 deemed "critical." However, no one I know (including, if you are to believe him, Washington State Director of Elections David Elliott) has been able to examine exactly what those flaws are because they are, in most cases, redacted

So you seem to know the version numbers and you seem to know a great deal about the redacted information.

Now, as for your contention that the convicted felons have had nothing to do with programming "for a long time" -- since Jeffrey Dean was directly involved with programming, it's up to Diebold now to positively I.D. every line of code he wrote so that we can examine it. How do we know that his code isn't still operating inside voting systems? Seems to me it would be, since he was involved from Sept. 2000 through January 22, 2002 and after that, as a consultant.

And the business about John Elder being "just a printer" doesn't quite wash either. He has direct access to some of the most sensitive attack points for punch cards and absentee ballots.

Bev Harris

Nice work Bev. BTW can you give me a call regarding the new mission. You know...the road trip.

Message removed by moderator. Click here to review the message board rules.

Message removed by moderator. Click here to review the message board rules.

Andy,

Bev for the most part agrees with my take. Read it again. She does talk a little craziness about Diebold having to "positively I.D. every line of code he (Jeff Dean) wrote," which actually made me laugh out loud, but for the most part we agree.

Perhaps I'd consider calling you names and throwing profanity in your direction. But I'm not four years old.

I'm a little surprised that you "don't remember stalking anyone." It was just like a week or two ago, and you posted all about it right here. I can dig up the threads if you need to jog your memory.

It's amusing that you think I'm paid to humiliate you. Seriously, I do this work entirely for free.

Also I'm detecting a little anger on your part. If you're this hypersensitive and prone to outbursts of uncontrolled profanity, perhaps you should reconsider running for public office. Maybe you could be a covert agent or something instead, and go on secret missions and stuff.

JC

Message removed by moderator. Click here to review the message board rules.

"Do not "stalk" another member from one discussion thread to another. Do not follow someone into another thread to try to continue a disagreement you had elsewhere."

Here, as well as out there, stalkers have a distorted sense of reality and seek to achieve self-validation through association with the object of their obsession, whether that be an acquaintance or some successful and respected individual they only know through the media.

could be accused of stalking Bev, RedEagle or myself for that matter?

It may be against DU's new "civility" rules to actually accuse any one of any thing, but I think it is ok to point out that the posting patterns are certainly consistent with the definition of stalking as provided by DU. (And Happy New Year to us all!)

may it be prosperous and peaceful.

you should definitely report it. Easy to prove. See in how many threads the potential stalker has posted, and what proportion of them have had disruptive messages directed at you or Bev. If it approaches 100% then you have a case.

Regarding your SOS run, obviously there will be plenty of people trying to put you down, they may be envious they cannot get themselves to try something like this, they may be working for competitors, they may hate you for random reasons... Bottom line is that it does not matter. You're doing what you believe in. At some level it is flattering that you are compelling these people to spend their time and effort to try to put you down...
Happy New Year!

and that is why TFHP does not get under my skin. I understand the game well enough to see what he is doing. It is mond over matter. I don't mind and he doesn't matter.

Let's examine this for a moment.

RedEagle started this thread and I was the first to reply. Andy jumped in, actively read my reply even though he has me on ignore, and chose to respond. Who's following whom?

Eventually Bev Harris showed up and made a completely unrelated post -- it's simply a continuation of a totally different discussion in a totally different thread from the day before. Who's following whom?

I've never looked up people's personal information on the internet and used it to drive to their homes uninvited, for an unspecified purpose. Who's stalking whom?


Now Andy's making a bunch of mysterious references to a "road trip" and a "mission". If I stop posting, call the police. :scared:

JC

The State of Maryland procedural controls and general voting environment reduce or eliminate many of the vulnerabilities identified in the Rubin report. However....

Over and over again.....what they say amounts to "He was technically wrong, but..." just like the Diebold response to the Hopkins/Rice study....."Well, yeah, he's right, but...."

And, sorry, TFHP we have spoken to the elections officials. They won't accept the blame for the lack of security inherent in the Diebold product. While Diebold would love to lay their lack of security in the lap of the elections official during an election, they simply aren't going to accept that responsibility. Once you get past the bought and paid for Secretaries of State, the local elections officials are prepared to revolt against this bullshit. They will stand beside us in this fight because they aren't planning to go to jail because Diebold couldn't create a secure product.

on edit:
BTW, why don't you ask Kevin Mitnick if he needed the "internet" to hack all those computers he went to jail for.....

No, no, no. You don't get to pull a Bev Harris and use a partial quote to "prove" your point. Here is the full quote to which you refer:


"However, these controls, while sufficient to help mitigate the weaknesses identified in the July 23 report, do not, in many cases meet the standard of best practice or the State of Maryland Security Policy."


The statement in question refers entirely to existing Maryland election procedures, and says very clearly that they're enough to eliminate the issues raised by Rubin. It also says that Maryland's existing procedures (while good enough to address Rubin's issues) aren't up to the state's own standards. That's all. The report goes on to suggest that Maryland update its practices to the point where they meet their own existing standards, which exceed what's required for basic election security. (Good for Maryland, by the way.)

The statement's very clear.

You toss out "lack of security inherent in the Diebold product" but the two official studies of that very issue highlighted only a very small number of issues, all of which apparently were addressed already in response to a request from Maryland or will be addressed in response to a request from Ohio.

I don't actually know any election officials so I'll have to take your word for it that they're all prepared to stand with you in the good fight and all. :thumbsup:


Finally, Kevin Mitnick has nothing to do with anything here. He's a felon, and as such someone to be smeared on the internet. Also he started an internet security company after his release from prison, and was promptly hacked. Go figure. Clearly he's not competent to write computer code... I think that's the logic, right?

JC

That felons should not be counting or handling the votes either. Just seems logical to me.

TFHP-

I posted this as a warning to people in Ohio as to what is coming down.

If you don't think I'm not working on the electoral system, you're dead wrong.

I authored a bill in a state legislature right now. I spend a LOT of time working with legislators, auditors, and informing citizens that it is up to THEM to change the system.

Part of changing that system takes into account things like the Diebold memo that says if California is still thinking paper, perhaps Diebold isn't paying their lobbyists enough. Seems to me voting system vendors should be prohibited from employing lobbyists.

Part of changing that system is making the system accountable to citizens and not the whim of election officials who go on to careers with voting machine companies. California is one with quite a history of that, along with several others.

Are the voting companies to blame? Well, at least in part, or you're not being honest. Do they have to hold out that carrot to election officials? Do they have to lobby against paper? Do they lobby FOR the most accuate, people accountable systems-NO.

The problem with the system is that money speaks and guess who's got it- your innocent voting companys. Do they use that power and money well? I guess not.

Oh, and the chads and such in Florida? What if it was a Diebold plant that produced the chad prone cards? And it was certainly the Diebold optical scan memory card upload that produced the negative 16,000 votes for Gore.

Can't help where the chips fall TFHP. But I, and a lot of others, don't happen to think those chips only fall on Diebold. That's why we are working to change the system, instead of just spreading sarcasm around on those who truly do care.

I can't really disagree with much of what you say. Good on you if you're working the electoral system and helping create legislation. That's a lot more productive than holding childish "press conferences" to smear people and posting a bunch of inaccurate hogwash. I applaud you for your work, and I wish you the best of success with it.

I do disagree with your opinion that voting system vendors shouldn't be allowed to employ lobbyists. But that's fine, I don't take issue with people's opinions on that sort of thing.

Are the voting companies to blame? Sure, in part. I said as much in this very thread, and I don't disagree with you here. But it's up to counties to demand paper if that's what they want. No vendor is going to include an expensive additional bit of hardware when they're bidding against other companies that aren't including it... there'd be no way to present a successful bid. Obviously I'm ignoring the bit players here... I'm aware that Avante and AccuPoll have printers, but they don't seem to have customers.

You ask "what if it was a Diebold plant that produced the chad-prone cards?" OK... what if it was? Is that a condemnation of them? Fair enough I guess... but only if the converse is true, i.e. it's an exoneration if they didn't produce those cards. And you're right about the problem with the optical scan memory card -- but that's an error that was identified on the spot on election night and corrected. No official election result ever included a -16000 vote for Al Gore, as I'm sure you're aware.

Good luck with your efforts. I have no problems with the people who truly care about changing the system for the better, and who aren't simply trying to sell their book.

JC

One can be sent to prison for a single crime. But proving that one has not comitted that single crime does not exonerate one in general because there can be other crimes one has committed. The converse point you make is obvious, and nobody would argue with that. But it applies only with regard to the chad-prone cards, in both directions. Having produced them = guilty. Not having produced them = not guilty. But there are plenty of other violations by Diebold.

>>You ask "what if it was a Diebold plant that produced the chad-prone cards?" OK... what if it was? Is that a condemnation of them? Fair enough I guess... but only if the converse is true, i.e. it's an exoneration if they didn't produce those cards.

So what I think you're saying is "not guilty" because Diebold had nothing to do with the chad-prone cards or the butterfly ballots in Florida. Correct?

Makes you wonder why Andy would bring it up in the first place.

???

JC

What I'm saying is that if the evidence says "not guilty" on this point, then it means "not guilty". But in either case it does not provide generalized exoneration for Diebold. Right ?

>>
So what I think you're saying is "not guilty" because Diebold had nothing to do with the chad-prone cards or the butterfly ballots in Florida. Correct?

Makes you wonder why Andy would bring it up in the first place.

???

JC
>>

the SAIC report was flawed. Much of it was redacted so that the public could not follow the reasoning. There is no way that SAIC could do a proper analysis of 10's of thousands of lines of code in the short time period allowed by the Maryland state government. In fact, SAIC specifically stated that it would not examine any issues relating to software engineering in its report. Unfortunately, according to IEEE standards, passing judgement on the quality of software engineering is part of IV&V process. SAIC set specific limits on the amount of work it would do in this report. These limitations do not satisfy the criteria for proper risk assessment as defined by IEEE. Elected officials in Maryland have called for an investigation of the SAIC report because of the flaws in it.

The security flaws identified by people working with Bev were BASIC flaws. Stupid stuff like hardcoding keys and passwords in the code. Things like this violate basic security principles. Diebold copied code off the Internet or, at best, used elementary examples out of textbooks. There was nobody on that team who had a basic knowledge of security procedures; otherwise they would not have made the mistakes they made! Diebold did not have anybody on staff who had experience with cryptography. Why didn't they hire someone with blue ribbon credentials in this area? There are lots of ex-NSA or Wall Street types who have decades of experience in this area? Elections are often contested. You can't go to court with a dot-commer as your expert witness!!

The problem is that the FEC standards and processes for certifying this code are not strict enough. The amount of manpower on the team is too small to sufficiently examine the amount of code in question. The head of the team, R. Doug Lewis, does not have a resume that is easily verifiable. We simply don't know his employment record. Nobody is doing a background check on the individuals who are in charge of writing or verifying the code. Also, expertise of personnel is another issue. You can't use just any programmer who has written code for an ecommerce site. You need people who have decades of experience writing software for mission critical, high volume, high reliability (5 9's) systems. We need that kind of accuracy and reliability for our election system. This is why Ohio is wrong to just go with FEC certification. The FEC certification process is corrupt.


The activists are quite correct in raising hell about the state of the software that is being used in the election. The nature of the bugs are not easily corrected without a major rewrite of the system. Let's take a small example: choice of the DBMS. A requirement of the voting machines should be a DBMS that supports network connections (voting machines are not located at the same as the DBMS). There is a requirement under the new FEC standard for performance that should have been a requirement under the old standard (and that there is no excuse to lift that requirement in order to grandfather in old software. Our democracy demands accuracy.): the DBMS should be able to support 1 million transactions over a certain time period. Diebold is using Access. Call Microsoft and see if they will support the use of Access for this purpose. There are lots more bugs like this. Many of these are the system engineering issues relating to reliability that SAIC refused to examine in its report. Unfortunately, there are more flaws than just system engineering. Go back through the archives and read the threads. The issues being raised are not bugs, but major systemic flaws. Just for grins and giggles run some metrics on this stuff.

You cast aspersions on the people who worked with Bev. Some of these people have worked on major systems that are household names. They have worked on systems with very high SLA requirements. By the way, what was the highest SLA that you have ever been required to support? If all that you have worked on is a system that had a mere 95% availability, then your experience does not match theirs. Is your system unavailable for more than 8 hours/year?

On the other hand, in defense of the activists who do not have a technical background, the issue of having an auditable trail is something that non-technical people can weigh in on. An auditable trail is the link that proves to people regardless of their knowledge of computer systems that the computer system has registered their vote properly. The Diebold system like a number of others does not provide an audit trail.

The agenda is more than a specific vendetta against Diebold; it is a indictment against most of the manufacturers of voting machine equipment and the FEC certification process. Because of the insistence of the manufacturers of voting machine equipment on fielding equipment that does not guarantee that a vote will be counted accurately, the activists must continue their campaign. Tell Diebold and others to hold off on fielding their equipment until the issues are resolved. Public trust and confidence in voting machine equipment is sacrosanct.

well put.

I agree with much of what you say. However, there are some logical extensions to make based on your reasoning.


"the SAIC report was flawed."

That constitutes opinion on your part. But for the sake of argument, let's agree that it's flawed. If it is, then it makes no sense for activists to hold it up as support for their claims. Your argument here seems to be "the fact that it doesn't damn Diebold's software is irrelevant because the report is flawed." I think you'll agree that by the same reasoning I can say "the fact that activists think it condemns Diebold's software is also irrelevant because the report is flawed." I can live with that if you can.


"There is no way that SAIC could do a proper analysis of 10's of thousands of lines of code in the short time period allowed by the Maryland state government."

That also constitutes opinion on your part. I have no idea exactly how long SAIC spent on their analysis, or how many resources they allocated for the job. Perhaps you do. However, they spent more time and effort and did a more comprehensive analysis than Avi Rubin and his team did. Thus, if the SAIC team's analysis is to be dismissed on the grounds that they couldn't do the job properly in the allocated time frame, then by the same reasoning we must also put aside Rubin's paper and his occasional idiotic spoutings on the subject.


"The security flaws identified by people working with Bev were BASIC flaws. Stupid stuff like hardcoding keys and passwords in the code. Things like this violate basic security principles."

No argument there. SAIC identified the same things and recommended that the software be changed. Let's not forget that Bev and her team also identified "security flaws" like a makefile that (and I'm not making this up) "appears to send a packet over the network and then remove all traces of itself". Or the infamous accusation (the proof promised by Ms. Harris is still forthcoming) that Diebold inserted code in their touchscreen software to exploit a security hole that wasn't discovered until more than 6 months after the code in question was stolen, in an operating system that it doesn't even use. I have a long list of other hilarious examples. Bev Harris is by her own admission not technical enough to be making these kinds of ridiculous claims -- one assumes that they're coming from her technical volunteers. What does it say about their competence? You be the judge.


"There was nobody on that team who had a basic knowledge of security procedures"

I'll have to take your word for it, since I haven't spent any time checking into the background of any Diebold employees. One hopes that over the past year they've hired someone with security expertise.


"The problem is that the FEC standards and processes for certifying this code are not strict enough."

I agree completely. The FEC standards are stupid. That being said, activist claims that "the software isn't certified to (stupid) FEC standards!" are pretty irrelevant (and often demonstrably inaccurate anyhow).


"The head of the team, R. Doug Lewis, does not have a resume that is easily verifiable. We simply don't know his employment record."

I don't actually care. It seems that the BBV crew wouldn't be satisfied without a complete profile and background on everyone ever associated with the industry. Waste of effort.


"You can't use just any programmer who has written code for an ecommerce site. You need people who have decades of experience writing software for mission critical, high volume, high reliability (5 9's) systems."

Yes, actually, you can. People doing the software architecture and design should certainly have a skill set appropriate to the job. It's perfectly acceptable for a team to have people with a variety of expertise levels -- one delegates tasks according to the experience level and skill set of the assignee, and code reviews should be performed to ensure that quality and conformance to the design are maintained. As for your ecommerce example, I'd certainly consider hiring someone who worked on the amazon.com or ebay back-end servers for my team -- I prefer to evaluate people's merits and experience on an individual basis rather than dismiss an entire industry out of some superiority complex of my own.


"The nature of the bugs are not easily corrected without a major rewrite of the system."

No, I can't accept a blanket statement like this one. Your only example is choice of DBMS, and it's flawed in several ways.


"A requirement of the voting machines should be a DBMS that supports network connections"

I respectfully submit that you're wrong. I, for one, would have major problems with connecting either the voting machines or the back-end database to the internet (or another network) since it opens up major and unnecessary avenues of attack. For you to suggest otherwise makes your own knowledge of "basic security procedures" extremely suspect.


"Diebold is using Access."

They certainly were using Access. I haven't seen their database access code. However, I've certainly written enough of it in my time and I think (or at least hope) you'll agree that it's extremely unlikely that they wrote an Access-specific custom database layer -- it's most likely performed through an abstracted, database-agnostic interface such as ODBC or OLEDB. If that's in fact the case, then I submit that changing the database to, say, Oracle, would be a relatively trivial task. Would changing the back-end to Oracle make the product better? I seriously doubt anyone would even notice, aside from the additional installation/setup headache. But if I were a Diebold GEMS architect, I'd invest that week or so to make the change if it made people shut up about Access.


"You cast aspersions on the people who worked with Bev. Some of these people have worked on major systems that are household names. They have worked on systems with very high SLA requirements."

You'd never know it from the stuff that gets posted. Check my examples above. Re-read some old threads. Think about your own assertion that the machines and the database should be connected to a network. I don't accept the unspecified-but-surely-impressive credentials of a bunch of anonymous people who have been shown to make technical pronouncements that are easily demonstrated to be inaccurate or (in some cases, as above) just plain idiotic.


"By the way, what was the highest SLA that you have ever been required to support? If all that you have worked on is a system that had a mere 95% availability, then your experience does not match theirs."

I prefer not to publish my resume in this forum (mostly out of fear that Andy or Bev will use the information to stalk me and harrass my family). Suffice it to say that I have many years of experience working in different capacities on a variety of enterprise-scale systems. I'm not going to play some childish "who has the biggest resume" game... it's the internet, where all BBV experts have programming expertise that dwarfs my own but I have a 41-inch penis. And Andy can be secretary of state.


"An auditable trail is the link that proves to people regardless of their knowledge of computer systems that the computer system has registered their vote properly. The Diebold system like a number of others does not provide an audit trail."

No argument there. I've said many times that I'm in favor of an auditable paper trail. And there's no question that the current Diebold system (and a number of others) don't have one.


"The agenda is more than a specific vendetta against Diebold"

No it isn't. Read the threads. Nothing will satisfy the activists except for Diebold to remove itself from the election business. They can add a voter-verifiable paper ballot (and force unwilling counties to take it) and activists will complain about GEMS using Access. They can switch to Oracle instead and activists will say the optical scan system was programmed by an embezzler. They can do a hand-count of optical scan ballots to prove the results match what the system counted and activists will complain the ballots can't be trusted anyway because they were printed by a coke dealer. The county can get another, trusted, printer to print the ballots instead and activists will say the software's not certified. Election officials, such as the guy from King County, will tell them "no, it really is certified" and activists will simply call them liars. NASED can produce the certification number for them and activists will say that 14 years ago the company had a director who was convicted of money fraud in some vineyard deal. If things get desperate enough, activists will denounce random individual employees on the grounds that they have a Russian or Chinese name. It's disgraceful. Seriously -- what we have is a targetted vendetta against the specific manufacturer that was stupid enough to post its stuff on the internet. The laudable goal of improving the electoral system was lost a long time ago.

Thanks for your post.

JC

1. the SAIC report is flawed. This is not an opinion. It is a fact. The NIST standard for Risk Assessment that the SAIC report cited as its model for Risk Assessment. When you start to assess the SAIC report point by point against the NIST standard that it claims that it was written to, you realize that SAIC just simply decided not to cover key points of the NIST standard in order to either meet its deadline in a timely manner given the resources that the state of MD had given it to perform its assessment or SAIC knowingly participated in a whitewash. Take your pick. Intent is hard to prove. I leave that to the lawyers.

Key sections of the NIST standard were left unaddressed. You can verify this yourself by reading the SAIC report. Search for the NIST standard referenced in the report and then verify the SAIC report to see if it met the NIST standard.

2. There is no way SAIC could perform the assessment in the time that it takes to. Go look at the IEEE standard for Quality Assurance and draw up a schedule in MS Project and see if you can compress adequate review of 10's of thousands of lines of code in a matter of weeks. Not possible. Remember that the standard calls for adequate preparation for review, time spent for the review itself and a report/rework thereafter. Sorry, just not possible in a few weeks. Oh... yeah... and by the way, by IEEE standard, the reviewers need to note how much time they spent preparing for the review. That would be an interesting factoid! Let's see how that lil ole number compares to an industry standard.

3. Transferring the database to Oracle is a non trivial task for Diebold given the lack of system engineering in their system. It would greatly improve their reliability if they did. However, it would up their cost by roughly $200K. I don't know how the state election officials would feel about that one. Diebold certainly isn't going to eat the cost. Never mind instituting a number of other procedures that most high reliability Oracle databases have. Non trivial and costly above and beyond the cost of conversion.

3. The quality of the programmers is certainly in question. When the integrity of the democratic system is in question, why use programmers who do not know how to work in environments that require high SLA's? Why not the best for our democracy? Why should we go to the bottom?


4. You don't have to publish your resume to answer my question. But surely you must know what the largest system that you have ever worked on is and what are the most stringest requirements for reliability and availability that you have ever been required to support. Sharing these figures with the rest of us adds to your credibility. If your systems are household names so much the better. There are a number of people who post to this thread that must be working on some little itty bittty web site that have no SLA requirements. These people would be happy if the voting system functioned at the level that they can write code. Unfortunately, that level is not enough to safeguard the integrity of our democracy. Why shouldn't our voting systems work with the same reliability as the rest of the major systems in this country? Establishing yourself as an authoritative source would add credence to your argument. So what was the largest system that you worked on and the highest reliability requirement that you were called upon to maintain?

5. The agenda is more than a vendetta against Diebold. It is an indictment against MOST of the voting machine manufacturers. Most of them have been selected as the lowest cost bidder -- Imagine that!
Your democracy being safeguarded by the lowest cost bidder. I have such a warm fuzzy feeling! It is not just ONE thing that is wrong with Diebold -- it is FUBAR (F---d Up Beyond All Repair). Almost every IEEE/NIST standard or coding standard has been violated! Start matching up the Diebold System against these standards and you will go to town with a list of deficiencies. When you assess the impact of these deficiencies, you realize that this system can not work as advertised and is not cost effective to repair.

Problems with people's criminal backgrounds would have surfaced had background checks been run. The very standard that SAIC references in its report calls out for background checks of key employees to ensure adequate system security. Use of foreign programmers has been always suspect in sensitive governmental systems. DOD (who performs the security checks for all governmental agencies) does not have the resources to check on someone's personal history in Russia or China. These countries would be loathe to let a DOD investigator enter the country to vet the person never mind share criminal databases with DOD. Unfortunately, at least in Russia, under Communism, most of the top notch programmers worked for their Defense Department/KGB. That was just the way the system worked then. I don't feel very comfortable with an ex-KGB employee working on my election system. Sorry. I just think people should be vetted. Under standard procedures, we don't allow ex-felons, people with financial problems, or people with relatives (never mind people with direct ties to foreign defense establisments) to work on sensitive governmental systems. The government has strict standards for making exceptions. In general, it is against all procedures to allow people with these characteristics to work on sensitive governmental systems.

5. Diebold should not feel picked on. Many other contractors share the same deficiencies as well. Well.....so little time.... and so many problems.... We just haven't gotten around to the others yet. Their time will come as well! :) Gosh... just matching up Diebold code against industry standards like NIST or IEEE gives one hours (shall I say days or weeks ) of fun! So little time....and so many errors.

What we want is for these systems not to be fielded until adequate provisions and safeguards have been met. If Diebold thinks it can patch this system into adequacy, let them burn their dollars. Just don't do it on taxpayer money. If Diebold et al were trying to do the right thing, they would have willingly held off on fielding these systems!

Since you repeat the exact same thing you said the first time, let me reiterate. I'll be a lot more concise so you don't get bored or confused.


1. the SAIC report is flawed. This is not an opinion. It is a fact.

Then stop using it to support the anti-Diebold argument. If it's flawed, neither side can use it to support their position. End of story.


2. There is no way SAIC could perform the assessment in the time that it takes to.

Then stop using it to support the anti-Diebold argument. And throw out the Rubin report on the same grounds, since it was conducted over even less time. It was also conducted by less-qualified people (i.e. grad students, for the most part), and was certainly not conducted to IEEE standards either. If a long-term, in-depth study conducted to rigorous IEEE standards is your criterion for acceptibility, then I don't want to hear about a single report that isn't conducted to that level. You can also throw out all of the "informal" analysis conducted by anonymous (but surely super-qualified) BBV volunteers. They (to my knowledge) haven't conducted any studies to IEEE standards either (although they've made a lot of hilarious statements like the ones that I've mentioned and you've conveniently ignored). By your own argument, the verdict must remain out on the reliability and security of the system until such time as an acceptable study is performed. You can't have it both ways.


3. Transferring the database to Oracle is a non trivial task for Diebold given the lack of system engineering in their system. It would greatly improve their reliability if they did. However, it would up their cost by roughly $200K. I don't know how the state election officials would feel about that one.

You have no idea what you're talking about, unless you're privy to the GEMS source code. The rest of us aren't. To my knowledge, the only code that's been made available is the code to their touchscreen voting terminal, which (as I'm sure you know) doesn't use a database at all. Therefore, any conclusions that you make about the scope of the effort involved, putative increases in reliability, or costs associated with the change are nothing more than sheer speculation. I maintain that if database access is performed through a common abstraction layer such as ODBC or OLEDB, then changing the underlying database represents a relatively trivial exercise. Which is also speculation, obviously, but at least my speculation has a rationale -- yours is simply presented as fact based on your alleged superior wisdom.


3. The quality of the programmers is certainly in question.

By whom? On the one hand we're led to believe they're incompetent, on the other we're led to believe that they've managed to insert nefarious, undetectable vote-rigging code and remote-access back doors into their product. :rolleyes:


4. You don't have to publish your resume to answer my question. But surely you must know what the largest system that you have ever worked on is and what are the most stringest requirements for reliability and availability that you have ever been required to support. Sharing these figures with the rest of us adds to your credibility. If your systems are household names so much the better.

I let the logic of my arguments speak as to my credibility. For all your talk of SLAs and five 9's, it was still your assessment that Diebold should hook up their voting machines and their back-end database to a network. Even Bev Harris, who has no discernible technical experience whatsoever, can explain to you why that's a bad idea. So you can keep telling everyone how great your credentials are and questioning mine -- in the meantime I'll stick to simply pointing out where you're wrong.


5. The agenda is more than a vendetta against Diebold.

No it isn't. I've already explained why in my earlier post, and you've added nothing new.


Most of them have been selected as the lowest cost bidder -- Imagine that!

Welcome to the real world. That's the way the system works. Seriously.


Your democracy being safeguarded by the lowest cost bidder.

No it's not, it's being safeguarded by state laws and county election procedures, as well as the manufacturers of voting equipment. Why must you exaggerate?


Almost every IEEE/NIST standard or coding standard has been violated! Start matching up the Diebold System against these standards and you will go to town with a list of deficiencies.

Show me where adherence to IEEE/NIST standards is a requirement for voting equipment and we can debate the point.


Problems with people's criminal backgrounds would have surfaced had background checks been run. The very standard that SAIC references in its report calls out for background checks of key employees to ensure adequate system security.

Four of the people mentioned by Bev Harris in her "five (sic) felons" press conference are not key employees (point of fact, they are not employees at all). One of them is not even a felon. And one of them is, in fact, an ex coke dealer who runs the printer. He should be fired immediately.


Use of foreign programmers has been always suspect in sensitive governmental systems.

Well that's going to be a problem, because it seems that all the programmers in question are Canadian. I have no counter-argument to make here, since Canadians are in fact foreigners. Guess we better shut Diebold down now.


DOD (who performs the security checks for all governmental agencies) does not have the resources to check on someone's personal history in Russia or China.

Fascinating. When have we established, exactly, that any of these Russian and Chinese people Bev refers to are actually Russian or Chinese? Or is having a Russian name or Chinese ancestry enough cause to disqualify them? What if they're all, in fact, Canadians? Is that better? At least they're probably not Republicans or right-wingers.


Unfortunately, at least in Russia, under Communism, most of the top notch programmers worked for their Defense Department/KGB. That was just the way the system worked then. I don't feel very comfortable with an ex-KGB employee working on my election system. Sorry.

Just for the record, communism in Russia hasn't really been an issue since the Reagan era. And as I pointed out earlier, I'm not sure where it's been established that there are any Russian nationals involved... just one guy Bev dug up in Canada with a Russian-sounding name. It's a pretty big leap you're making to "ex-KGB employee" but that is, of course, the BBV way.


What we want is for these systems not to be fielded until adequate provisions and safeguards have been met.

Yes, yes... and in the meantime, we can all espouse the cherished "let's be more like France!" argument. Or its distantly-related cousin, "let's be more like Canada! (just don't let them program our election systems)."


If Diebold et al were trying to do the right thing, they would have willingly held off on fielding these systems!

Your naivete is shocking.


Thanks for the effort, but you've added nothing new here except for a bit of deplorable anti-communist fear-mongering. My original points remain the same, and I'm not going to waste any more time repeating them for you again. Just re-read as required.

JC

I just read this at random, so forgive me for not reading the rest because I assume it is all based on the same lack of logic.


Below you are saying that if it takes one a minute to find a problem in a system, not even using stringent standards, then that information cannot be used against that system. That is ridiculous. The SAIC report in not stupid for what they found, but for what they concluded and for what they did not report. I would not be surprised at all if it came out that somebody was bribed, at some level.
The fact that Rubin found problems in such a short time proves how bad the system is, not how good it is, no ? And certainly it's not irrelevant information. If a cursory analysis find problems then a more thourough analysis will find even more problems.


>>>>
2. There is no way SAIC could perform the assessment in the time that it takes to.

Then stop using it to support the anti-Diebold argument. And throw out the Rubin report on the same grounds, since it was conducted over even less time. It was also conducted by less-qualified people (i.e. grad students, for the most part), and was certainly not conducted to IEEE standards either. If a long-term, in-depth study conducted to rigorous IEEE standards is your

Your contortions of logic defy description.

I never said the software is "good" or that the report says it is. All I ever did was correct the usual misinterpretation of the SAIC report that one sees on this forum. The report says there were a couple of problems identified in the software and it makes recommendations for addressing them (recommendations that were apparently carried out). Nobody disputes the software issues they identified. Not even me. Not once, ever. It also makes recommendations about improving Maryland election procedures, which it evaluates as sufficient to mitigate most security issues but not up to Maryland's own published standards.

Various people hold up the report and say "See! this documents how terrible the system is, and supports the findings made by Rubin!" It clearly says no such thing, and moreover it specifically devotes over 29 pages to documenting why Rubin's conclusions were wrong. When I point this out and correct the misinterpretation, the very same people who were holding that report up as evidence for their claims immediately turn around and dismiss the report as meaningless because "well the report was flawed" or "they didn't spend enough time on it" or "it wasn't conducted to such-and-such a standard." You simply can't have it both ways. Either the report is valid (in which case the software has a couple of specific security issues which have since been addressed, and Rubin got it wrong) or the report is not valid (in which case you can't reasonably hold it up and misinterpret its findings to support your pre-conceived notion that the software is bad -- if the report is flawed, then its findings are suspect.)

You can't pick and choose random statements from the report and use them to support conclusions that report simply doesn't make (or specifically concludes otherwise). You also can't dismiss the report as invalid and simultaneously use it to support your own pre-conceived conclusions about the software. If these things aren't obvious to you after I've explained it in detail at least three times on this thread alone, then I can't help you. Just close your eyes and wait for the black helicopters to arrive.

JC

Only sophistic arguments.

Empires aren't overly concerned with weaknesses like voting.

Vikant Corp., a Chicago area company owned by Alex Kantarovich of Minsk, Belorussia, supplied the control cards to ES&S. When The Spotlight inquired where Vikant cards are produced, Kantarovich said, "I cannot disclose where the cards are made," but admitted that they are not made in America.

Kantarovich told The Spotlight that he has been in America for 11 years but declined to discuss his employment prior to running Vikant Corp., saying , "I don't want to disclose that information."

Kantarovich said he had obtained his degree in the Soviet Union and initially refused to answer questions about how his product was chosen for the ES&S voting equipment.

It is "inside information that I cannot disclose," he added. Kantarovich said later that his firm was chosen over larger firms like IBM and Panasonic because Vikant was able to meet the specific requirements of ES&S and provide the cards on short notice. He added, however, that there had been some "problems" with the cards from other suppliers.
www.voxpolitics.com/weblog/archives/000186.html

in WV at a Quick stop. I circled it a while to make sure it was a Diebold truck and indeed it was. Now, that doesn't mean a thing other than the driver needed gas but it was the first one I had seen in my neck of the woods.

Thanks for the laugh, this thread desperately needs it. :)

JC

telephone poles. It would not be the first time. :D