This morning I found a couple of interesting articles (1 2) on a New Zealand website, of all places, about how some of the most commonly used voting machines in the US are rigged. Not can be. Are. Does anyone find this as disturbing as I do? Is this the "smoking gun" that explains what happened in 2000 and 2002? And the $64000 debate question: what should we do about this?

I suppose any method CAN be rigged, if there are enough persons willing to risk prison time to do it, but that is not proof that any method WAS rigged. I could only get link 2, and that little bit of info does not move me to the action of calling my congressman, not that he ever responds anyway.

If our voting system is rigged by the Republicans then how come Al Gore got more of the popular vote?

Platypus, you of all people I thought would be above conspiracy theories...


If that doesn't scream PARTISAN, I don't know what does.

If this were truly happening, then you would expect that most elections would mysteriously prove all polling data wrong (i.e. candidates behind by 20 percentage points would win often).

BTW, they never claim that this IS happening, only that some mysterious anomalies have occurred over the last decade or so.


Interesting link, though.

Can you dismiss the entire article because of that one part? I don't think so, but I suspect the right-wingers will push that fallacy just as hard as they can anyway. The articles give quite a long list of other anomalies that seem to beg for a better explanation, with none forthcoming. You don't have to believe that Diebold is a Republican-run sham to see that there's something very fishy about the way this software works. There's no good reason to be keeping three seconds of records, running checks against one but reporting results from another...but there surely is some sort of reason. What is that reason? Why did Diebold execs lie through their teeth when pressed on some of these issues (such as whether the machines could be or commonly were connected to modems)?



Weren't you one of those people saying that partisanship is good, that it's up to the opponent to poke holes in an argument if they can? Appeals to motive don't count. What's wrong with the theory besides the possibility that Bad People expressed it?

The specific question I would have is : where did they obtain the software?

Isn't it possible they do not have a production copy, but rather a beta copy? One that is either:
1. still buggy.
2. has redundant databases so they can "tweak" each independently. OR
3. Is very different from the actual software being used.

They claim they got the software from some FTP site. That, in and of itself, does not prove that they combed over the actual production software. I find it highly unlikely that the production software would be available for free public download.

EDIT to add:
from their readme file:

Hmm, every vote counting method has been rigged. Interesting premise. It might be true, I guess.


Creating mirror sites is great. Please notify your nearest liberal website when you have done so...


It is things like this that indicate to me that the software being examined is not production software. No need to password protect beta software.

I do, in fact, agree that partisanship is a necessary part of the "watchdog" system. But, every case needs to be judged individually on the merits, and this site just doesn't give enough info to convince me. Maybe we need a Congressional investigation (oh, wait, that is controlled by those evil Republicans...)

It's possible but, as a software architect/developer, I can tell you it's very common for companies to distribute updates in similar fashion, even for sensitive high-value software. A lot of people think that if they just don't give out the address nobody except designated recipients will find it. I don't think we have any reason not to believe this is the same code as runs on live production systems; let's not try to rebut one conspiracy theory with another.

Where is the proof that it IS production software. I think that is the key here. I don't think that is a conspiracy theory, it is a request for pertinent evidence.

Since the FTP site is now down, how are users getting updates?

btw, I updated my above posts with some examples from their site...

EDIT...I always thought you were a hardware guy, Platypus. I am wrong again..

A good article on the problem, that does not appear to be written by conspiracy theorists, can be found here. The voting system obviously needs work.

I mistakenly started a new thread but heres the article about electronic voting fraud, glitches or outright manipulation, and who owns the machines.

http://www.infernalpress.com/Columns/election.html

Especially the last part. Do you trust these people?

Here are a couple more links regarding the insecurity of Diebold voting machines: New York Times and an academic paper by a recognized security expert. Does anyone still want to dismiss this story as a conspiracy theory of interest only to partisan kooks, or should we admit that there's a real problem here?

There is a problem, no doubt about that. I'm sure it's being looked at. However, the implication that republicans are either the only ones who knew about the security holes or are the only party evil enough to use such a tactic is a huge stretch. If the republicans know about security holes, then I gaurantee you the democrats do too. Don't think the democrats wouldn't use the same tactic if given the oppurtunity.

The rest of the stuff is entirely circumstantial and I'm sure, given enough time, I or anyone here could dig up just as much circumstantial evidence that the democrats have been using this tactic for years. But, it wouldn't make it true.

The risk factor alone in such scandal would be enough of a deterrant. It could quite possibly take down an entire party.

The level of conspiracy involved to accomplish this nation wide is unimaginable to me. So yes, based on this 'evidence', I dismiss it as a conspiracy theory.

Yes, its a conspiracy theory because it raises such desturbing questions about the essence of American democracy and the collective American perception and self-belief in themselves in their totality that the "lesser evil" would be to rationalise away, ignore and tarnish these claims rather than treat them with respect.

As a software engineer, the level of conspiracy involved seems utterly unremarkable to me. One person with access to the code could do most of it, and if just a couple more turned the other way they'd get away with it. The scandal here is not that somebody tried to put such a backdoor into the code. The scandal is that there wasn't sufficient oversight or auditing to make sure it couldn't happen.

Here's an interesting link that points that way. Diebold - The Face Of Modern Ballot Tampering, was written a mere week after the election in question. That story begins:
I have read link, after link, after link the past few hours. I started to write a letter to my Republican Congressman, and ended up sending a list of links to a local television station on the premise that they were more likely to have a reporter who could sort out the facts, and an IT who could understand the technical language.

The Rob in the "rob-georgia.zip" file worked for ABSS. On a search engine this morning, ABSS was :
This afternoon, the same search returned "New Page 0" and placed their corporate headquarters in Maryland.

It was interesting to note that It also returned documentation of a conflict of interest with the Air Force. It seems that they had built in software that would allow them to view Air Force budget data.
It ould be interesting to know if ABSS makes a habit of leaving keyholes in their software that they can look back through when they leave their products with their customers.

How widespread does it have to be before it is considered wrong and a criminal offense?

I've been digging a bit deeper into ABSS, the company that advertises "We work together with a team of professional developers based in Russia, which allows us to deliver advanced software applications at very competitive rates."

Rob Behler, the "rob" of "rob-georgia.zip" was the contractor employee interviewed by Bev Harris, who had worked for ABSS and was fired by them when he was questioning their auditing practices before the November 2002 Georgia election.

On July 26, I came across an Internet posting of a United States Air Force Academy letter, outlining a conflict of interest with any contractor needing access to the ABSS system. I went back to reread it, as it seemed implausible that such a military document would be posted with no security clearance.

Then I found one of the ABSS advertising web pages. Budget Execution, describes how to use "CCaR." Clicking on the demonstration links, allows you to see how they are managing the United States Military Budget. Every requisition, authorization, purchase, etc. is routed through their software servers. The ad is out there in case you want them to do the same thing for your company.

If this is the firm that did the last minute program changes on the Diebold voting machines in Georgia, we appear to have a firm, with Russian software developers, a proven ability to route critical data securely through their own servers, a major U.S. defense contract, and they are programming the machines we are using to elect the Congressmen who will authorize their contracts with the U.S. government. Who needs a Republican conspiracy theory? Now there's someone with a vested financial interest.

Today's browsing also turned up The Case of the Diebold FTP Site, an essay by Douglas w. Jones, an associate professor at The University of Iowa, Dept. of Computer Science. It outlines the problems with the voting machines in Georgia, and similar problems with electronic voting machines in Iowa.

Here's yet another story covering various forms of vote manipulation and fraud.

Update: here's Diebold's response to the allegations, and Bev Harris's response to the response. I have to say, I think Harris is being a little unfair in a few places. For example, the Diebold response makes a good point about the relevance of hardware. This is not an "open box" system where users can attach arbitrary hardware. It's a closed system, sold in a particular static configuration. On the other hand, it does look like the possibility for remote compromise is far greater than Diebold claims. It uses wireless cards, ferchrissakes, so an attacker doesn't even have to be inside the polling place. They could be in their car in the parking lot.

The excerpted comments are also hirely amusing. While not conclusive, they certainly don't seem indicative to me of what I'd call a mature development process.

Another tidbit: Rebecca Mercuri, an internationally recognized expert whose website even appears first in a Google search for "electronic voting", had her credentials revoked when she tried to attend a conference on voting systems. A similar fate befell David Chaum, whose work on anonymous networks and security has spawned an entire generation of software to preserve free speech. The lesson here is that the International Association of Clerks, Records, Election Officials, and Treasurers (IACREOT) shuns scientific inquiry into the security of systems built by its members. Any security expert can tell you that when someone tries that hard to keep you from looking, it's usually because they're afraid of what you might see.

One of the saddest aspects of this is that (yet again) I heard about from a New Zealand, not US, news source. The domestic media doesn't have the attention span to cover continuing threats to the principle of one person, one vote.

http://www.informationclearinghouse.info/a...article4573.htm



This confirms my suspicions, the 2002 elections were manipulated by Republican powerbrokers to help the Bush regime, and with the expansion of electronic voting the 2004 elections are already decided. All the threads talking about which Democratic will win the primaries, what the Democrats need to do to win is nonsence, superfical dancing around a American banana republic "democracy".

More links:

• Democracy Now story in which evidence is presented that the Diebold security holes might actually have been used in the last election.
• Slashdot story about the above.
• Commonweal Institute page on electronic voting (lots of good articles)

Here's the possible "smoking gun" from the first article:

I think that Democracy Today site would be more aptly named Democrats Today. Whenever you see a site tout they are an alternative to the corporate dominated media understand that they are most likely dominated by anti-corporate left-wingers.

Having said that I beleve there are serious flaws on all current electronic voting machines and that a paper trail is neccesary. The problem is being addressed:

From this site


Key provisions of The Voter Confidence and Increased Accessibility Act of 2003 include:



1) Requires all voting systems to produce a voter-verified paper record for use in manual audits and recounts. For those using the increasingly popular ATM-like “DRE”(Direct Recording Electronic) machines, this requirement means the DRE would print a receipt that each voter would verify as accurate and deposit into a lockbox for later use in a recount. States would have until November 2003 to request additional funds to meet this requirement.



2) Bans the use of undisclosed software and wireless communications devices in voting systems.



3) Requires all voting systems to meet these requirements in time for the general election in November 2004. Jurisdictions that feel their new computer systems may not be able to meet this deadline may use an existing paper system as an interim measure (at federal expense) in the November 2004 election.



4) Requires that electronic voting system be provided for persons with disabilities by January 1, 2006 -- one year earlier than currently required by HAVA. Like the voting machines for non-disabled voters, those used by disabled voters must also provide a mechanism for voter-verification, though not necessarily a paper trail. Jurisdictions unable to meet this requirement by the deadline must give disabled voters the option to use the interim paper system with the assistance of an aide of their choosing.



5) Requires mandatory surprise recounts in 0.5% of domestic jurisdictions and 0.5% of overseas jurisdictions.

I'm not sure if I support number 4 or not. Otherwise a good bill. It is sad that radicals are trying to turn a genuine concern into a partisan attack.

A little more info, Diebold ain't the only capitalist here. Bev Harris has a book out and look at this...



Let us, as Americans, put partisan *** NOTICE: THIS WORD IS AGAINST THE RULES. FAILURE TO REMOVE IT WILL RESULT IN A STRIKE. *** behind and solve the problem. The one man, one vote principle is more important than any short-term political gain.

Sounds a little ad hominem to me. A little more effort addressing the facts, and a little less addressing the ideological purity of the messengers, would be a refreshing change.



If they do the legwork to gather the facts and bring this issue to people's attention, I'm prepared to grant them a little leeway with regard to interpretation. A partisan attack is less egregious, IMO, than equally partisan denial and obstruction on such an important issue.

Once again someone labels an argument rather than refute it. Democracy Today is an obvious left-wing partisan site which uses half-truths as evidence of some conspiracy. I am surprised they had nothing on the illuminata.

Of course, Platypus, fails to address the rest of my post. The information, that in his usual card stacking style, he failed to present, that Bev Harris and a significant contributor of a study that declared the weaknesses of Diebold's voting machines both were positioned to gain financially from there "stories". A book on flaws in a voting system won't generate many sales. Claim a Republican conspiracy and suddenly you got partisan idiots willing to buy it.

I mean nobody would really vote for a Republican over a Democrat would they? It must be some kind of fraud. If Democrats keep thinking like that they may lose in 2004 to a man who has presided over a rather dismal economic period.

What would be a refreshing change would be if people actually required evidence before making outlandish accusations. Where I come from the credibility of the witnesses makes a lot of difference.

The title of the article:



Nah, not partisan at all. The article mostly consists of the statements of someone trying to sell a book. Conspiracy theories do sell books. Also, unlike other issues, outlandish conspiracy theories are often more difficult to refute, by link, because few people waste their time bothering to refute the opinions of a few gullible partisans. Yes, Democracy Today prints the news you won't get in the corporate dominated media. You see mass media requires more viewers and it means they must retain some level of credibility. Democracy Today, whatreallyhappened.com and mymotherisaspacealien.net are happy working on the fringes.

Ah, Hugo, so by "obvious left-wing partisan site which uses half-truths as evidence of some conspiracy" you actually mean "a site that honestly publishes known facts". I'll bear that in mind when reading your future posts.


I must admit that, having lived through the last two elections - and in Florida - Walden O'Dell's letter struck me as being more than a little sinister...

If the argument is a clear example of a well known fallacy, the label is sufficient refutation. Everyone thinks their argumentum ad hominem is somehow more justified than everyone else's, but none of them deserve any more detailed response than to call them what they are.



Funny, coming as it does in the middle of a post that itself fails to address the debate topic. I've made my position on that debate topic quite clear, and provided many sources to back up that position. All you've made clear is that you have no respect for any ideology other than your own. Allow me to remind you of what that topic is:

What should be do about it?
If "we" can catch them in the act, find irrefutable proof, or hack into the system ourselves to show it can be done, then we can bring this to the attention of the media. They love a good story and this one would spread like wildfire. Look at the media circus over the "hanging chads" in Florida, that would be tame compared to what would happen if this issue is ever proved to be more than a fantasyland conspiracy.
Seems to me that for that kind of conspiracy to work at the scale required to control the outcome of a national election, it would need too many conspirators to be accomplished in total secrecy.
So even if it CAN be done, it is highly unlikely that it will be done.
And even if it DOES get done, once it is found out (and it probably would) there will be such an uproar in this country that politicians will cower in their homes.

What, then, do you make of the revelation that 57 precincts in San Luis Obispo county reported vote counts to a central location in the middle of the day, in violation of election laws and contradicting Diebold's claims that such a capability does not even exist? Deficiencies in these systems have already been used to violate the law. Must we wait for the actual outcome of an election to be rigged by these means before we try to "fix" the problem retroactively? I'd say we should proactively try to close the holes before an elephant walks through them.



I don't think that's true at all. It appears that one guy with a wireless-equipped laptop, sitting in the parking lot of a precinct in 2004's equivalent of Dade County, could have quite an effect. One of the things you learn quickly if you study computer security (as I have done) is that any system can be compromised if collusion is widespread enough. The trick is to make the required number of conspirators large enough that the statistical probability of such a compromise occurring before someone gets caught approaches - but never quite reaches - zero. The number should certainly be greater than one, which seems to be the number that applies to Diebold voting machines.

If people were to follow some of the links I've provided here, they'd probably notice many suggestions which would guarantee the validity of election results for minimal cost. Many approaches rely on recording every vote to some form of write-once media as it is made, so that they can be used to cross-check if anyone suspects that the electronically stored totals have been altered. The technology definitely exists, but can't be applied as long as industry pressure can be used to exclude serious professional researchers from conferences where they could argue for its widespread adoption, or as long as the federal and state election commissions seem perfectly happy with the insecure and anti-democratic status quo.

One instance does not a conspiracy make. And the link indicates that the final result was not affected.
Widespread collusion, seems to me, would be self defeating. If you want to break the law, you don't want a lot of people knowing about it. There is no gain from this large enough to convince all parties to remain silent forever.

My view is, even in a perfect voting system, the system is already fixed. The general public is too busy with other aspects of their lives to even care. We have 2 parties, either of which could pull off this kind of stunt, but either of which would love to catch the other in the act. The consequences of being caught would be very long term.

If we could prove that one party fixed a national election, or any major election in recent history (excluding the infamous Chicago here), the other party would likely be in power for a long time to come, but again, only if you can get the common American to CARE.

I agree that almost any voting system can be hacked or manipulated, but I also think that no matter how perfectly secure you make the voting method, the bigger part of any conspiracy has already been played out. The final step of voting is just the last nail in the coffin. I see no reason to gold plate that last nail.

The fact is there is a bill addressing this problem, everyone should support it. Let me repost it:

Key provisions of The Voter Confidence and Increased Accessibility Act of 2003 include:



1) Requires all voting systems to produce a voter-verified paper record for use in manual audits and recounts. For those using the increasingly popular ATM-like “DRE”(Direct Recording Electronic) machines, this requirement means the DRE would print a receipt that each voter would verify as accurate and deposit into a lockbox for later use in a recount. States would have until November 2003 to request additional funds to meet this requirement.



2) Bans the use of undisclosed software and wireless communications devices in voting systems.



3) Requires all voting systems to meet these requirements in time for the general election in November 2004. Jurisdictions that feel their new computer systems may not be able to meet this deadline may use an existing paper system as an interim measure (at federal expense) in the November 2004 election.



4) Requires that electronic voting system be provided for persons with disabilities by January 1, 2006 -- one year earlier than currently required by HAVA. Like the voting machines for non-disabled voters, those used by disabled voters must also provide a mechanism for voter-verification, though not necessarily a paper trail. Jurisdictions unable to meet this requirement by the deadline must give disabled voters the option to use the interim paper system with the assistance of an aide of their choosing.



5) Requires mandatory surprise recounts in 0.5% of domestic jurisdictions and 0.5% of overseas jurisdictions.

I'm not sure if I support number 4 or not. Otherwise a good bill. It is sad that radicals are trying to turn a genuine concern into a partisan attack.

I don't trust any politician or zealot enough not to have a paper trail.

A bit of info from USA today immediately preceding the 2002 election.

Late shift appears to favor GOP
By Richard Benedetto, USA TODAY
Key Senate races in Tuesday's congressional elections are too close to call, but Republicans appear to have gained strength in the final weekend as they fight to retain and perhaps add to their thin House majority.

A USA TODAY/CNN/Gallup Poll this weekend shows that in House races, likely voters prefer Republicans to Democrats 51% -45%.

That marks a 9-point shift from two weeks ago, when Democrats led Republicans 49%-46%.

The 2002 victory for the Republicans did not surprise USA Today.

Well, I've read all the links and I can tell you, Bev Harris is only trying to make money off of this hype. And it appears to be working. She has no clue.

My real day job is a software developer. I develop software for a common security system used in many major airports, hospitals, blah blah blah. I've written tons of code for smart card systems. In fact, I always have an encoder connected to my test PC (you know - the one I can blow up). I've written a ton of code for RFID systems. And I periodically write software for Diebold (one of the projects I'm working on currently in fact). So, I have personal knowledge this is all crap. Diebold is not the bumbling security amateurs somehow people are starting to believe. They are not a leader in the industry because they are idiots.

This Bev Harris glossed over details when rebutting the rebuttal and proved how utterly clueless she actually is. First, you can't simply make your own cards as suggested. You can make cards all day, but the reader won't read them (plus they only have a range in inches - not feet). The systems I use (and highly common) are typically encrypted and the hardware has to match the software. It's not impossible to crack, but it's less likely than poll workers leaving punch card ballots in the trunk of their cars or getting thrown in dumpsters.

But the obvious kicker...which somehow gets squashed in all the hype, is her technical source, Avi Rubin, an associate professor at Johns Hopkins. He co-authored Bev Harris' report. So what about it? Except for his financial interest and a position on the advisory board of VoteHere Inc, one of Diebold's competitors, nothing. Of course, he denies any bias or conflict of interest, claims he "forgot" he worked for a competitor, and admits he is a strong skeptic of e-voting.

Well gee, who do we believe?

Harris' claims to have snippets of source code (and her example of source code was not C++ code - I don't know what the hell it was. Maybe header info? ) is useless. Most of it will be business logic anyhow. The encryption code will be in another class and extremely proprietary. You get THAT code, you're halfway there. Then you need to get the matching hardware. Good luck. If they change anything in the encryption class, anything you have is garbage. But without seeing it, I'd bet my house payment on the encryption code not even being part of the software she thinks she has. It's probably wrapped up in a .dll (or some type of equivalent component) so it's easy to mix up encryption types.

Diebold has an excellent system (maybe not the best) that is no less perfect than the system we use now (lost/destroyed ballots, hanging/dimpled/pregnant/fried chads, etc). Nobody is going to have an access database they can double-click on and modify the contents. This is absurd and I can't believe someone is having success in trashing a system they obviously have no knowledge of. This is taking advantage of cynicism the public has about voting so she can push her consulting business.

You contract for Diebold and you're trying to cast aspersions on someone else's objectivity? Ad hominem attacks are bad enough in general, but yours just takes the cake.



All that irrelevant jargon might impress the rubes, DR, but I'm a software developer too. We don't know what code she has, and the reason only headers and comments were presented might have something to do with trade-secret law. If you've had any role beyond "grunt coder" in such a secretive part of the industry you'd know that publishing someone else's code is a little risky.



...and yet, in the San Luis Obispo case, the law obviously was broken using these systems. Bev Harris is not the only critic, and not even all of her criticisms are invalid (even though a few might be). You can't prove Diebold systems are secure by attacking critics. What good reason could there possibly be for having duplicate databases, with integrity checks run against one and results reported from another?

Hey, why not just peel the words you want out of context to make a point? Why stop at snippets of text bunched together?

The crux of my point was experience in developing smart card software. Not voting machine software. My point with Diebold, is I know first hand they are not the idiots these consultants are making them out to be. You've summed that up to mean I'm voting Diebold for president. That's not the case at all.

As far as being a lowly "grunt coder", whatever. Obviously, we should all be humbled by your programming prowess and superior intellect, but if some one posts code to the internet, it's part of the public domain. Pieces of it can be used without infringing on copyright laws (fair usage) or we'd never be able to talk about many issues here because we couldn't legally cite a source. But that's a moot issue because Diebold has confronted the code claims head on with the example source code.

I don't get paid by Diebold to write or promote their voting software. I do not write product code for Diebold. However, Avi Rubin was paid by one of Diebold's competitors to trash Diebold. Yet you make the same comparison?

There is nothing new or unique about double entry accounting. That's exactly what two databases are used for. I saw a detailed explantion for it, but I can't find it right now, but as soon as I do, I'll post it. Which is fairly useless because the data is not stored directly to a hard drive. The memory cards are loaded to a collection center where they are tallied. And that's not over the internet. It's a private connection.

So, to recap, here's what's required for Diebold voter fraud:
1) The software developers and company would have to all conspire to write fraudelent code and release it. (if you're thinking the code will count votes wrong).
2) Somebody would have to get the encryption code and matching hardware to create his own votes (if you're thinking you can make your own ballots)
3) Somebody would have to dial into a VPN, get through all the security, and upload bogus data from double entry databases (a type of checksim method. One source of data is not enough). This includes OS/dialup protections, database passwords, and all the other levels of security.

Of course, it would take les effort to drain an ATM machine, but I see nobody's worried about that.


But here's what's required for punch card ballot fraud:
1) Throw the ballots in the trash
2) Stuff the ballot box


Anyhow, here's another response from Diebold that dissects every issue one on one. It spends a lot of time dealing with the "flaws" found in code STILL UNDER DEVELOPMENT. This code was never, EVER released. http://www.diebold.com/checksandbalances.pdf

What's out of context there? How did it misrepresent your claims or statements? Editing for brevity is a good thing, bogus accusations such as yours notwithstanding.



Example code means absolutely nothing; it's only the real code that counts. As for your interpretation of the public domain...well, it's wrong. This code was accessible via the internet, but it's highly questionable whether it was published in the sense that matters for it to be considered public domain. Publication is a voluntary act, not an accidental one. Given a highly motivated potential litigant, prudence demands that one assume it's not in the public domain and it therefore would not be safe to disclose it. I know this because I've had to deal with patents and copyrights and trade secrets before, as is generally the case for anyone past a certain level of experience and responsibility. It's nothing to do with skills, so you can put your ruler back already. Keep telling yourself you're the uberprogrammer around here if it makes you feel better.



This is nothing like double-entry accounting. Double-entry accounting is about having the same information in two places so the results can be cross-checked, but in this case there is no cross-checking. What Diebold is doing is more like a secret set of books, which is not kosher in accounting and not kosher in voting machines either.

Oh geez...no wonder this debate is going downhill. You don't even know what double entry accounting is and are making arguments about it's merits.

Double entry is NOT the same information in two places. It is information about a transaction in two places, but the sum total of the two has to equal zero (credit/debit) or it's not balanced. This makes it extremely difficult for someone to start just changing numbers or they could never get it to balance. That's the purpose of the system and why it is used in business everyday. If you could just go changing crap, there would be no need for anything other than a single entry system. You've explained a single entry system with a copy - something it is not - and have made up your mind why it is/could be fraudelent.

And thus my point. The Diebold system could be the crappiest thing ever created for all I know, but in looking at the arguments, most from Bev Harris and her VoteHere.com compadre border on slanderous. They are simply not true or so far-fetched, it would be easier to fly Martians in to get more votes.

Let's try not to get into personal programming prowess...

The subject for debate is :


Let's stick to it...

That's a distinction without a difference. The point is that the purpose of having two entries is to allow cross-checking, and in the Diebold system the results are reported from a table that is not used for integrity checks. In other words, whatever accounting minutiae about double-entry accounting you just looked up on the web, Diebold's system is exactly contrary to the purpose of such accounting. It's designed to defeat an audit, not to enable one.

Another point, which I meant to make earlier, is that the existence of even crappier systems - such as punch cards - means absolutely nothing. It doesn't prove that the Diebold system is in any way adequate. If there were a bug in something you wrote (of course that's hypothetical, I'm sure your code never has bugs) that trashed customers' data, would the existence of even buggier software make that OK? Of course not. That's called proof by fallacy, and it is itself a fallacy. Electronic systems can be more secure than paper systems, if the advice of people like Mercuri and Rubin and Chaum is applied, but those people are being excluded from the process and all available information seems to indicate that the Diebold systems as they exist today fall far short of that ideal. There are many things we might do about this, but the first step on any road to recovery is to get past denial and obstruction from people with vested interests in the status quo.

Double entry accounting is "accounting minutiae"? And "a distinction without a difference"?

lol...nevermind. I've heard all I need to know.

Okay, DaytonRocker and Platypus , as a former Controller for hotels, I can tell you both that I am more than familiar with double entry accounting.

DaytonRocker, your explanation is correct, as far as accounting goes, if the databases are properly written. But from what I've read on this system from Diebold, Platypus is correct, in that both databases are not reporting exactly the same(but opposite) transactions (your debit/credit offsets), and therefor, they are not "in balance". In fact, in one instance I read about, election officials were actually bypassing the program, going into MS Access, and adding some overlooked absentee ballots or some-such, into the second database. They did this, because only the results of the second database are used when the reports are generated. This sounds like it could be a problem.

So, help me out here. Not being a programmer, I don't know how difficult it would be to get to these databases, and alter them, during the voting process, but having worked with Access for years, I know that once I am inside, I can make changes that won't necessarily be detected.

The question is, what would it take to get to that point? Altering each precinct voting machine would certainly be too time consuming, and therefor pointless. But what about at the election headquarters, once the precincts have uploaded? Or maybe altering said database by an employee of Diebold just prior to loading them on the machines?

Edited to add last question

Of course anything is possible. My uncle could grow boobs and become my aunt, but that doesn't make it likely.

Diebold has answered most of the "what if"'s in it's rebuttal to accusations made by Bev Harris and the guy from VoteHere.com. To do what you suggest would take a a very grand conspiracy. All code is audited, tested, certified, blah blah blah. It would have to get through a heckuva lot of people to do that.

Not knowing the design of the software and database, I can only assume that the database normalization (getting both databases to balance) is more complicated than a simple entries (i.e. register entries). For example, I'm sure each transaction has an ID which probably has to match one ID in the other. Assuming these are created by triggers (in lieu of direct access or stored procedures), there can only be one transaction for each in each table. If more exist, you know that vote has been tampered with. And this discounts the log histories that generally are made in decent size relational database designs. And not to get too technical, but a trigger in a database runs script based on certain conditions (typically editing, adding, or deleting data in a table). Meaning, if someone goes in a tries to change a number from 50,000 to 5000, a trigger would create another transaction. The databases could never match from that point on. You'd have to modify the ID for THAT transaction in another table, but it wouldn't exist. There would be no way to get that done. This is the double entry accounting method that someone here has discounted as "minutiae". As if this isn't a "real" accounting method. Just some obscure type I stumbled upon on the web (nevermind I've owned my own business since the late 80's and much like most businesses, use double entry accounting). But I won't attempt to debate the methods they use here because we don't know all the details. But I can assure you it's not "two sets of books" as someone previously has intimated.

One simple query could give you every transaction that doesn't match and you could get an entire report of what doesn't match. I have no doubt the voting commission gets that report and has been getting it in the states that are currently using this process.

As stated in a previous link, the smart card data is loaded into a memory stick - not a database. All this equipment is sealed and verified by the voting commission. It's all encrypted. And what continually gets ignored in this debate, is the process itself. This process is heavily regulated and audited. There are very specific procedures used to maintain integrity regardless of what type of system is used. Contrary to how this subject is painted, it's not like some disgruntled employee at diebold who hates democrats releases bogus software with all the backdoors he needs to alter totals.

This does not mean it's a perfect system. People may find a way to cheat the system much like they do punch card ballots, but I doubt it. Again, ATM's are very secure (which Diebold makes) and people have much more incentive to "cheat" those. But it's very, very tough in contained proprietary systems. And that's why you don't have the type of paranoia with ATM's that exists with e-voting.

The paranoia is so bad, that Bev Harris and Co. states explicitly that C++ code is unsafe. That is preposterous beyond words and clearly diminishes much of her credibility. Maybe they'd prefer it be programmed in .NET so anybody can run akarino against the executable and GET EVERY FREAKING LINE OF CODE IN THE PROGRAM???

If people truly wanted a count of votes, what is there to be afraid of? People who are vision impaired are guided via voice through this electronic system. You can validate and correct your ballot before submitting it. There is no question as to what your intent was in voting (which the entire Florida recall centered around). And people can't stuff the ballot box or leave the ballots in the trunk of their car like they did in Florida.

Most of what you hear is based on software that was never released. The people making money off of book sales on this (umm...that would be Bev Harris again) dissected code in progress. It wasn't even finished. Software in development has tons of code commented out, comments made for reminders, etc. Personally (and like many programmers), I don't delete old code right away. I leave it there as a reference for later by commenting it out. It may not have ever worked. It may have had problems. But sometimes we keep it as our learning tool for later. Diebold is accused of crappy code writing because they did this during the development cycle.

And a lot of stuff is just rumor and myth.

Silence is golden, if there was any truth to this Republican conspiracy the Democrats would be screaming bloody murder.

You seem to be assuming a lot, and your assumptions seem just a tiny bit self-serving. You admit you don't know the design of the software at database, so your suppositions are no more credible than anyone else's.



Again you're assuming that triggers are being used. Does MS Access - the database in question here - even support triggers or stored procedures? Even if it does, do you have anything at all to prove that the Diebold programmers use them? Even dedicated database weenies often don't use much more than simple inserts and selects, and the Diebold folks are likely to specialize in entirely different areas of computing. It would actually be a bit surprising to see an embedded-system programmer use triggers.



I didn't discount double-entry accounting in toto as minutiae; I discounted the distinction between same information vs. information about the same transactions as minutiae. That was perfectly clear from the context, and whining about my dismissal of that meaningless distinction really doesn't help to move the debate along.



Appeal to (unverifiable) authority, followed by a strawman. I said that what Diebold is doing is like having two sets of books. For someone who complained about being quoted out of context when you weren't, you seem awfully quick to spin others' statements into something unrecognizable.



Another assumption. Anything to back it up? Anything at all? BTW, it's not just a simple query when the data reside in separate databases - not tables - as in the Diebold case.



Proof by fallacy again. Bev Harris could be the biggest idiot in the world - OK, second biggest - and it still wouldn't prove your point.



Enough with the ad hominems already, Mr. Contracts-for-Diebold; try facts for once.



Do you typically put such intermediate versions of code in an archive on a website? No, I don't think you do, and I doubt Diebold does either. If it was on the FTP site, even if it wasn't meant for public consumption, it was there for someone to get. Who? And why?



Yes, I agree, there has been far too much rumor and myth about how the software was designed, from people who know even less about it than Bev Harris. Let's stick to facts, shall we?

Here's another story from a different New Zealand source about the same thing. It doesn't even seem to mention Bev Harris, and does quote some people who have actually looked at the code, so maybe we can skip the cheap ad hominem attacks and irrelevant technobabble this time.