Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

N.C. judge dismisses voting machine case; vendor may pull out
CentreDaily.com ^ | November 29, 2005 | Staff reporter

Posted on 11/29/2005 12:19:42 PM PST by Zuben Elgenubi

N.C. judge dismisses voting machine case; vendor may pull out


One of the nation's leading suppliers of electronic voting machines may decide against selling new equipment in North Carolina after a judge declined Monday to protect it from criminal prosecution should it fail to disclose software code as required by state law.

Diebold Inc., which makes automated teller machines and security and voting equipment, is worried it could be charged with a felony if officials determine the company failed to make all of its code -- some of which is owned by third-party software firms, including Microsoft Corp. -- available for examination by election officials in case of a voting mishap.

The requirement is part of the minimum voting equipment standards approved by state lawmakers earlier this year following the loss of more than 4,400 electronic ballots in Carteret County during the November 2004 election. The lost votes threw at least one close statewide race into uncertainty for more than two months.

About 20 North Carolina counties already use Diebold voting machines, and the State Board of Elections plans to announce Thursday the suppliers that meet the new standards. Local elections boards will be allowed to purchase voting machines from the approved vendors.

``We will obviously have no alternative but withdraw from the process,'' said Doug Hanna, a Raleigh-based lawyer representing North Canton, Ohio-based Diebold.

David Bear, a Diebold spokesman, said the company was reviewing several options after Monday's ruling. ``We're going to do what is necessary to provide what is best for our existing clients'' in North Carolina, he said.

The dispute centers on the state's requirement that suppliers place in escrow ``all software that is relevant to functionality, setup, configuration, and operation of the voting system,'' as well as a list of programmers responsible for creating the software.

That's not possible for Diebold's machines, which use Microsoft Windows, Hanna said. The company does not have the right to provide Microsoft's code, he said, adding it would be impossible to provide the names of every programmer who worked on Windows.

The State Board of Elections has told potential suppliers to provide code for all available software and explain why some is unavailable. That's not enough of an assurance for Diebold, which remains concerned about breaking a law that's punishable by a low-grade felony and a civil penalty of up to $100,000 per violation.

``You cannot have a statute that imposes a criminal violation ... without being clear about what conduct will submit you to a criminal violation,'' Hanna said.

But because no one has yet to accuse Diebold of breaking the law, Wake County Superior Court Judge Narley Cashwell declined to issue an injunction that would have protected the company from prosecution. Cashwell also declined to offer an interpretation of the law that would have allayed Diebold's concerns.

``We need to comply with the literal language and the statute,'' Cashwell said. ``I don't think we have an issue here yet.''

Diebold machines were blamed for voting disruptions in a California primary election last year. California has refused to certify some machines because of their malfunction rate. California officials have agreed to let a computer expert attempt to hack into Diebold machines to examine how secure they are.

On Monday, California Secretary of State Bruce McPherson said his office might seek to expand such testing to all systems seeking certification for use in California's 58 counties.

Diebold shares fell 71 cents, or 1.8 percent, to close at $38.93 Monday on the New York Stock Exchange.

------

More technology news and opinion at www.siliconvalley.com


TOPICS: Business/Economy; Front Page News; Government; Politics/Elections; US: North Carolina
KEYWORDS: diebold; votingmachine
Navigation: use the links below to view more comments.
first previous 1-2021-4041-45 next last
To: MineralMan

Yes, open code


21 posted on 11/29/2005 1:06:47 PM PST by Zuben Elgenubi
[ Post Reply | Private Reply | To 3 | View Replies]

To: antiRepublicrat

"It's easy to hide stuff."

It is, indeed. I had a friend in the shareware business who worked out a deal with a publisher to publish a different version of one of his shareware programs. He was worried, though, that the company would end up stiffing him somehow on royalties.

Naturally, the company insisted that he provide source code for the version they bought, and he complied. They looked it over carefully, too.

Well, he did have a routine in the program that was built of carefully hidden bits of code. The routine watched for an open internet connection, and sent an email message to the programmer, containing just a randomly generated number. Once it did that, it set a variable and never did it again. He hid stuff in copyright info statements, and other places, and nobody ever knew it was there.

So, he had a count of the number of products sold by the publisher. Sure enough...the publisher was stiffing him on royalties for about 50% of the products sold. He sued. He won. Clever lad, that.


22 posted on 11/29/2005 1:13:04 PM PST by MineralMan (godless atheist)
[ Post Reply | Private Reply | To 16 | View Replies]

To: MineralMan

"Let the voter take it home with him/her."

Someone pointed out some of the follies of that to me, such as vote buying.


23 posted on 11/29/2005 1:27:00 PM PST by Blood of Tyrants (G-d is not a Republican. But Satan is definitely a Democrat.)
[ Post Reply | Private Reply | To 12 | View Replies]

To: MineralMan
Understood, but that would not stop the losing RAT politician from having a bunch of people show up with the tickets. Also consider how they can violate the secrecy of the ballot with the driver of the bus of homeless instructing them to return with their tickets showing a straight party vote before the smokes and bottles of MD20/20 will be distributed; or the union boss; or the employer. I understand you meant only good things with your proposal but past threads have itemized fraud schemes revolving around a vote receipt that make it a very bad idea. There is ONE way that an ATM-style receipt could be used, though. The voting machine spits it out, you get to view it to be sure your vote is properly recorded, and you deposit it in a ballot box on the way out of the polling area. Then a chain of custody is maintained and there is paper backup. But why spend the extra money to turn electronic voting back into optical scan?
24 posted on 11/29/2005 1:31:08 PM PST by NonValueAdded (The honorable Richard Cheney, X man!!!)
[ Post Reply | Private Reply | To 19 | View Replies]

To: Zuben Elgenubi; Cicero

Oh, Judge Narley was kind enough to inflict the State of North Carolina with the damn Miss North Carolina (bogus) lawsuit.

RALEIGH, N.C. (AP) — An arbitrator will decide the breach of contract lawsuit filed by Rebekah Revels against the Miss North Carolina organization, a judge has ruled.

Wake County Superior Court Judge Narley Cashwell ordered Monday that an arbitrator would hear Revels’ case against the pageant. He previously had ordered arbitration in her lawsuit against eight people, including five pageant board members.

Revels’ lawyer, Barry Nakell, objected to Cashwell’s order, but said after the hearing that he was satisfied with the judge’s decision. He said he hoped arbitration could begin in late May or early June, allowing a decision before the next Miss North Carolina pageant.

That would be “in time for the new pageant so she could be celebrated as Miss North Carolina 2002 … and then crown the new Miss North Carolina,” Nakell said after the hearing.

Harley Jones, attorney for the state organization, sought the arbitration order after Cashwell denied his request to dismiss Miss North Carolina as a defendant in one of two lawsuits that Nakell has filed in Wake and Robeson counties.

Revels won the crown last June but resigned in July after an ex-boyfriend told state pageant officials he had topless photographs of her. She later said she was forced to step down.

Her successor, Misty Clymer, represented North Carolina in the Miss America pageant, but Revels was invited to represent the United States in the Miss World competition.

After the Miss America pageant, Cashwell ruled that neither woman could claim she was Miss North Carolina until the matter was settled.

Revels’ case against the Miss America Organization is still scheduled to go to trial in Robeson County, Nakell said. Last month, Cashwell denied a motion by the Miss America Organization to send that lawsuit to arbitration.


He's GOT to be a Democrat.


25 posted on 11/29/2005 1:31:59 PM PST by Howlin ("Victory is not a strategy. " ``Jack Murtha 11/18/05)
[ Post Reply | Private Reply | To 20 | View Replies]

To: Howlin

So far, he sounds like the kind of judge who puts on his thinking cap and says, "Hmmm. How can I cause the most trouble?"


26 posted on 11/29/2005 1:34:08 PM PST by Cicero (Marcus Tullius)
[ Post Reply | Private Reply | To 25 | View Replies]

To: NonValueAdded; Blood of Tyrants

You're probably both right. I do like a verifiable second way of counting, however. I mistrust a pure machine count that has no separate verification.


27 posted on 11/29/2005 1:36:24 PM PST by MineralMan (godless atheist)
[ Post Reply | Private Reply | To 24 | View Replies]

To: MineralMan

I'm for the optical forms. Machine count + hard copy. It's the best of both.


28 posted on 11/29/2005 2:01:08 PM PST by beef (Who Killed Kennewick Man?)
[ Post Reply | Private Reply | To 3 | View Replies]

To: Zuben Elgenubi

[The dispute centers on the state's requirement that suppliers place in escrow ``all software that is relevant to functionality, setup, configuration, and operation of the voting system,'' as well as a list of programmers responsible for creating the software.
...The company does not have the right to provide Microsoft's code, he said, adding it would be impossible to provide the names of every programmer who worked on Windows.
The State Board of Elections has told potential suppliers to provide code for all available software and explain why some is unavailable.]

Could it be possible that providing this code information to members of biased state board of elections could lead to the elections being manipulated by less than ethical board members?


29 posted on 11/29/2005 5:04:58 PM PST by kindred ( The LORD of hosts hath sworn, saying, Surely as I have thought, so shall it come to pass; and as)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Blood of Tyrants
Yep. An easier solution is to have a hard printout that is viewable after the voter is finished for postive verification.

How would you find a way that would make sure to protect the privacy of someones vote?

Its almost a guarantee that liberal organizations would use underhanded tactics to verify its members and others voted the way they wanted them to vote.

I can't tell you how many teachers I know in NYC, who voted for Bush but would never ever admit it in public or to the people they work with.

30 posted on 11/29/2005 5:08:27 PM PST by Sonny M ("oderint dum metuant")
[ Post Reply | Private Reply | To 7 | View Replies]

To: kindred
"Could it be possible that providing this code information to members of biased state board of elections could lead to the elections being manipulated by less than ethical board members?"

That's a core issue, regionally.

31 posted on 11/29/2005 5:28:21 PM PST by Zuben Elgenubi
[ Post Reply | Private Reply | To 29 | View Replies]

To: Howlin; Cicero

I've tried to get an affiliation but cannot find the source. Narley ran unopposed in the last election cycle and the news reports did not give an affiliation. But I agree with Howlin', he's got to be a Democrat.


32 posted on 11/29/2005 5:30:06 PM PST by Zuben Elgenubi
[ Post Reply | Private Reply | To 25 | View Replies]

To: Zuben Elgenubi

They tend to cover party affiliation up. Often the only way you can tell is to find the results of the last judicial election. Thanks for trying.


33 posted on 11/29/2005 5:33:29 PM PST by Cicero (Marcus Tullius)
[ Post Reply | Private Reply | To 32 | View Replies]

To: Sonny M

The printout would be behind a view window of the kind difficult to photograph through. The window would have a shutter that would only open after the votes have been registered and stay open until voter verified them. The hard copy would then fall into a sealed hopper so that they would naturally randomize. You could even make the hopper similar to a clothes dryer that would turn 1/4 turn after the ballot is dropped in.


34 posted on 11/29/2005 5:35:55 PM PST by Blood of Tyrants (G-d is not a Republican. But Satan is definitely a Democrat.)
[ Post Reply | Private Reply | To 30 | View Replies]

To: massgopguy

We use the same voting system. Ever since we started using it Republican candidates have started getting a fair count.
No more manipulation of the mechanical voting machines by the Democrats, who are in charge.


35 posted on 11/29/2005 5:37:13 PM PST by jerry639
[ Post Reply | Private Reply | To 8 | View Replies]

To: Calpernia

Any interest (?) ping


36 posted on 11/29/2005 5:58:09 PM PST by Just A Nobody (I - LOVE - my attitude problem! WBB lives on. Beware the Enemedia.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Zuben Elgenubi

More Calls to Vet Voting Machines
By Louise Witt

Story location: http://www.wired.com/news/politics/0,1283,59874,00.html

02:00 AM Aug. 04, 2003 PT

A recent report that showed touch-screen voting machines could be vulnerable to hackers spurred the National Association of Secretaries of State, a majority of whose members are in charge of their states' elections, to consider whether the standards for the machines should be beefed up to prevent tampering.

Voting machine standards weren't on the agenda at the association's annual meeting, held in late July in Portland, Maine. But after the study (PDF) by Johns Hopkins University researchers was publicly released, the group discussed asking the National Institute of Standards and Technology, or NIST, the government's standards-setting organization, to prepare a white paper on security standards for the new generation of computerized voting machines.

No decision was made, said Kay Albowicz, a representative for the Washington, D.C., group. NIST, a nonregulatory agency based in Gaithersburg, Maryland, works with industry to develop and apply technology, measurements and standards.

Computer scientists have raised concerns about the security of computerized voting machines for the past few years, but they haven't been able to gather much support from election officials, who remain confident that the systems are basically secure from tampering and breakdowns. The Johns Hopkins study is the first piece of evidence that current touch-screen technology could be seriously flawed.

While stressing that more studies will have to be conducted to find out just how vulnerable these are, "there is a sense that in the past (critics of computerized machines) were part of the black box crowd and conspiracy theorists," Albowicz said. "No one is saying that now."

Aviel Rubin, technical director of the Johns Hopkins Information Security Institute, led a team of three computer scientists to examine source code for touch-screen voting machines made by Diebold. More than 40,000 Diebold voting machines are in use in 37 states. Most use touch-screen technology, while the rest use optical-scanning equipment, said Mike Jacobsen, a company spokesman.

The code was downloaded earlier this year from a company FTP site. The site isn't public, but it's also not secure. Diebold's field representatives used the site to fix the company's voting machines. Diebold has since pulled the source code off the Internet. The company's employees now carry discs.

Within a half-hour of examining the code, Rubin's team found its first red flag. The password was embedded in the source code. "You learn (not to do) that in security 101," said Tadayoshi Kohno, one of the report's co-authors. "The designers didn't follow standard engineering processes."

Other "stunning flaws" Rubin said the team found in Diebold's source code included voter smart cards that could be manipulated to cast more than one vote, software that could be reconfigured by malicious company workers or election officials to alter voters' ballot choices without their knowledge and machines that could be electronically broken into through remote access.

"The people who wrote this code didn't have very good security training," Rubin said. "They didn't use encryption."

Diebold spokesmen said the code Rubin downloaded and examined was more than a year old. The code he obtained was "less than 5 percent" of the whole application, they said. In addition, the application Rubin examined "on the whole is not the same" as applications in machines used in elections in places like Georgia and Maryland, said John Kristoff, Diebold's director of communication and investor relations.

Diebold cannot determine whether the lines of code that raised concern for Rubin were used in machines in the field, Kristoff said.

When asked if the source code contained the passwords to the system, Diebold's Jacobsen said, "I can't say. The flaws that the researchers found were found in a very controlled, clinical environment and weren't subject to the stringent auditing and security processes, including the logic and accuracy testing." Jacobsen said he believed Wylie Laboratories tested Diebold's software.

Kristoff also pointed out that Rubin examined code on a networked personal computer running Windows 2000. In the field, no one could connect a voting machine to a network, or attach a keyboard, monitor or mouse to make its innards as accessible as a PC's. Kristoff said the machines run on Windows CE, a specialized, non-consumer version of the Windows operating system.

David Dill, a professor of computer science at Stanford University and a member of the California Secretary of State's Ad Hoc Touch Screen Task Force, said Rubin's report confirms what he and other computer scientists have believed for years: Electronic machines are vulnerable and there needs to be a backup system to verify voters' ballots.

The ad hoc task force recommended a voter-verifiable audit trail. One solution could be a machine that generates paper receipts behind a glass barrier showing voters that their votes have been properly cast. The receipts later could be used for recounts.

"I think it's been obvious that (these machines) can be hacked and Aviel shows that they can be hacked," Dill said. "They've blown up all the arguments that the present machines are OK and the process will solve all these problems."

Mary Kiffmeyer, Minnesota's Secretary of State and the new National Association of Secretaries of State president, said there shouldn't be a "rush to judgment" to condemn the current technology used in touch-screen voting machines.

She pointed out that Georgia used new touch-screen machines in its 2002 elections without incident. But she said the association will push for the federal government to release additional funding from the Help America Vote Act, or HAVA, to study what standards should be in place.

"Standards are being revised as new equipment comes along," she said. "We need to speed up the process and focus on (the standards) as we are rapidly making decisions about our equipment."

Congress passed HAVA in 2002 in response to the November 2000 presidential election debacle, with its hanging chads, butterfly ballots and messy voter-registration records and administration.

Congress authorized $3.9 billion for HAVA to replace outdated punch-card and lever voting machines, to improve voter education, to provide better ballot booth access for the disabled and to modernize statewide voter-registration databases.

Congress also appropriated $1.5 billion for HAVA in the fiscal year ending in September. Of that, the federal government gave states $649.5 million to buy new voting machines and to improve their electoral administration. Another $830 million is waiting to be dispersed as soon as an election commission is established. Congress appropriated only $500 million for fiscal 2004.

Penelope Bonsall, director of the Federal Election Commission's Office of Election Administration, said the president has named the commission's four members, but they have not been officially nominated. Congress is now in recess and won't be able to approve the commission until it returns in September.

The 2006 deadline for states to comply with HAVA looms. Even though new standards may be needed for computerized machines, states and local governments are rushing to buy equipment.

At the end of 2002, 19.6 percent of votes nationwide were recorded on touch-screen equipment, up from 3.9 percent in 1992, according to the Federal Election Commission. Another 31.6 percent were recorded using optical-scanning equipment. Georgia had all new machines in place for its elections in 2002. Maryland just placed a $55 million order with Diebold for 11,000 machines -- the state will have all new machines. Maryland first bought Diebold machines in November 2002.

Some computer scientists say HAVA's deadline should be extended to give the government more time to establish better standards for new computerized voting machines. Rebecca Mercuri, a research fellow at Harvard University's John F. Kennedy School of Government and president of Notable Software, a consulting firm in Lawrenceville, New Jersey, says that in the absence of new standards, the Institute of Electrical and Electronics Engineers, of which she is a member, has formed a committee to create standards for the machines. One of the committee's concerns is a voter-verified audit trail.

Rep. Rush Holt (D-N.J.) introduced a bill, H.R. 2239, in May to amend HAVA to require computerized voting machines to provide voter-verified audit trails. So far, his bill has 26 sponsors and it's unlikely to get out of the Committee on House Administration.

"As the computer scientists at Johns Hopkins recently reported, these new machines are vulnerable to massive fraud," Holt said in a statement. "Unless Congress acts to pass legislation that would make sure that all computer voting machines have a paper record that voters can verify when they cast their ballots, voters and election officials will have no way of knowing whether the computers are counting votes properly."


37 posted on 11/29/2005 6:29:00 PM PST by Calpernia (Breederville.com)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Coleus; OldFriend; Sub-Driver

>>>>Diebold machines were blamed for voting disruptions in a California primary election last year. California has refused to certify some machines because of their malfunction rate.


Since Rep. Holt (D-NJ) introduced a audit trail bill, is that why Codey made mail ins easier this election?


38 posted on 11/29/2005 6:37:04 PM PST by Calpernia (Breederville.com)
[ Post Reply | Private Reply | To 37 | View Replies]

To: Justanobody

Thanks for the ping. See my 37.


39 posted on 11/29/2005 6:37:29 PM PST by Calpernia (Breederville.com)
[ Post Reply | Private Reply | To 36 | View Replies]

To: Calpernia
Voting should not be this complicated.

We need a sheet of paper with the photos of the candidates, for those that can not read, and a black permanent magic marker. Draw a line through the face, dip your finger in permanent purple (or some bright color) and go on with your day.

No repeat voting, nothing to guess at. Voila - problem solved and money saved.

40 posted on 11/29/2005 6:48:26 PM PST by Just A Nobody (I - LOVE - my attitude problem! WBB lives on. Beware the Enemedia.)
[ Post Reply | Private Reply | To 39 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-45 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson