Feds (NIST) to decertify direct record electronic (DRE) machines.

cy · Dec 1, 2006

Feds (NIST) to decertify direct record electronic (DRE) machines.

"The National Institute of Standards and Technology (NIST) is recommending that the 2007 version of the Voluntary Voting Systems Guidelines (VVSG) decertify direct record electronic (DRE) machines.

DREs are currently used by more than 30 percent of jurisdictions across the U.S. and are the exclusive voting technology in Delaware, Georgia, Louisiana, Maryland and South Carolina.

According to an NIST paper to be discussed at a meeting of election regulators at NIST headquarters in Gaithersburg, Md., on Dec. 4 and 5, DRE vote totals cannot be audited because the machines are not software independent.

In other words, there is no means of verifying vote tallies other than by relying on the software that tabulated the results to begin with.

The machines currently in use are "more vulnerable to undetected programming errors or malicious code," according to the paper.

The NIST paper also noted that, "potentially, a single programmer could 'rig' a major election."

http://www.internetnews.com/bus-news/article.php/3646231

AndyTiedye · Dec 1, 2006

That is excellent news!

BillCurnow · Dec 1, 2006

It's potentially great news. All NIST can do is recommend that the machines be decertified (as the article states). The headline is very deceptive.

cy · Dec 1, 2006

having a nationally recognized authority like NIST decertify paperless machines means... folks that are not technical or don't want to be technical can see this is coming from a non political government agency.

don't see how this could be possibly be deceptive???

BillCurnow said:
It's potentially great news. All NIST can do is recommend that the machines be decertified (as the article states). The headline is very deceptive.

nerdgineer · Dec 1, 2006

Next step is to save a bunch of money by deleting all the electronic stuff and go back to IBM punchcard paper ballots...

BillCurnow · Dec 1, 2006

cy said:
having a nationally recognized authority like NIST decertify paperless machines means... folks that are not technical or don't want to be technical can see this is coming from a non political government agency.

don't see how this could be possibly be deceptive???

The NIST can not, will not, and does not have the authority to decertify DRE voting machines. As the article quoted says, all the NIST can do is recommend that they be decertified. My understanding is that the VVSG is voted up/down by the Election Assistance Commission, but then I've been known to be wrong before.

Don't get me wrong, I hope to hell this happens, but as I understand it, saying the NIST is decertifying the machines is just flat out wrong.

jtr1962 · Dec 1, 2006

Why is everyone so down on electronic voting machines? Frankly, electronic voting machines and eventually voting via the Internet are the way forwards. With Internet voting especially you won't even need a polling place so you'll save on voting machines, won't need to close schools, won't have to pay the politically connected hacks who man the polling places, won't need to give people time off from work to vote, and will likely greatly increase voter turnout. And you can post real-time election results as a bonus.

In fact, a logical progression of democracy would eventually be a system where people can propose and vote on new laws directly, or repeal old ones, via Internet voting, thus eliminating the legislative branch entirely. This would be a true democracy completely unfettered by layers of easily corruptible representation. However, without trusting new technology we can never progress to such a more enlightened society. Doing so via any means other than electronic would be utterly unfeasible.

Remember that we've done banking electronically for quite some time. It has proven to be as secure as doing it the old-fashioned way, maybe even more so. The same system can be applied to electronic voting machines. In all honestly, the more human beings are removed from the loop in repetitive tasks like vote tabulation the better I feel about the whole process. It's relatively easy to tamper with paper ballots or machanical voting machines. While there will always exist back doors in software the sheer level of technical expertise required to tamper with the system would effectively rule out 999,999 out of every million people. That makes finding a list of trustworthy programmers (or potential suspects if tampering occurs) quite easy.

Sorry, but NIST is 100% wrong on this one. I find it quite embarrassing that the entity responsible for many of our standards has more than its share of Luddites. If everyone thought this way (i.e. abandon flawed but better new technology rather than try to fix its flaws) we would still be hunting animals with wooden spears.

cy · Dec 1, 2006

can't believe you have not seen all problems????

John Zink said:

"people don't do what they say
they do what you check"

with current paperless systems. if there's any technical issues.... there's no way to re-check results.

do you think there's any way possible to deploy that many machines without techno glitches?

no one said that electronic voting machines were bad. just electronic voting machines without a paper trail.

the best system out there is paper ballots with optical readers. almost impossible to change results of elections. and you get close to instant results.

VS paperless electronic voting machines have been proven to be hackable. so one person could change results of a large election.

state of OK currently uses paper ballots with optical readers. sad to say because of federal monies sitting there to be spent. they will find a way to spent those funds. reguardless of the fact we already have the best system in place.

jtr1962 said:
Why is everyone so down on electronic voting machines? .

BB · Dec 1, 2006

With bank records, you have the monthly bill, video of the person doing the transaction, and ways to dispute the errors... In Theory, we did not want transaction records floating around of how we voted so that others could not influence our private voting (pay for correct votes, punishment for incorrect votes, etc.).

I am old enough to remember when ATM's were first introduced and all of the errors that allowed people to get more cash that they were "charged" for...

One was very simple. You take out $200, money is sent to the bin, then cancel the transaction... Do that a few times, then make the last withdrawal and open the door--only the last transaction was debited.

And, surprise, I just Googled looking for ATMs not working correctly, and what was the first hit... And article from September 2006:

ATM reprogrammed to give out 4 times more money:

VIRGINIA BEACH - Police are looking for a man who broke the bank - literally. Last month, a man reprogrammed an automated teller machine at a gas station on Lynnhaven Parkway to spit out four times as much money as it should.

He then made off with an undisclosed amount of cash.

No one noticed until nine days later, when a customer told the clerk at a Crown gas station that the machine was disbursing more money than it should. Police are now investigating the incident as fraud.

Police spokeswoman Rene Ball said the first withdrawal occurred at 6:17 p.m. Aug. 19. Surveillance footage documented a man about 5-foot-8 with a thin build walking into the gas station on the 2400 block of Lynnhaven Parkway and swiping an ATM card.

The man then punched a series of numbers on the machine's keypad, breaking the security code. The ATM was programmed to disburse $20 bills. The man reprogrammed the machine so it recorded each $20 bill as a $5 debit to his account.

The suspect returned to the gas station a short time later and took more money, but authorities did not say how much. Because the account was pre-paid and the card could be purchased at several places, police are not sure who is behind the theft.

During the crime, the man wore a white T-shirt with writing on the back and a red baseball cap. Police have asked anyone with information to contact Crime Solvers at (888 ) LOCK-U-UP.

I guess we can go from One Man, One Vote to One Man, Many Machines, Many Votes...

PhotonWrangler · Dec 1, 2006

jtr1962 said:
Why is everyone so down on electronic voting machines? Frankly, electronic voting machines and eventually voting via the Internet are the way forwards.

'Scuse me, there's a phone call from Florida...
they want their missing votes back.

jtr1962 · Dec 2, 2006

BB said:
With bank records, you have the monthly bill, video of the person doing the transaction, and ways to dispute the errors... In Theory, we did not want transaction records floating around of how we voted so that others could not influence our private voting (pay for correct votes, punishment for incorrect votes, etc.).
.

Except that it's already done, at least indirectly, especially in poorer districts, by politicians promising entitlements in exchange for votes. Maybe not a direct "pay me $100 and I'll vote for you", but the effect is the same-buying votes with taxpayer dollars. IMHO you shouldn't be allowed to vote for as long as you're receiving any kind of unfunded government largess (SS/Medicare and unemployment insurance are different since you or your employer are funding them).

So what if there's problems with electronic voting machines? We had them with paper ballots and punch cards as well (remember the hanging chads?). I can think of a bunch of different ways besides a paper trail to audit votes. One way is to take a digital image after each voter leaves of the position of the levers or some other indication in the machine of how they voted. One picture per voter and name the picture files with random numbers so there's no way to connect a particular picture with a particular voter.

Another way is to use a flash card which stores the votes in predetermined memory locations. Or better yet a few flash cards per machine for redundancy. Very easy to read the card, even manually if need be, by using a machine which reads one address at a time via hardware only.

Remember also that with the preponderence of electronic bill paying these days a paper trail doesn't always exist except for one generated via software. We no longer have cancelled checks as records, but rather just a few bytes on a server which can be regurgitated in a human readable format only via software.

Fact is that as technology advances ways of doing things change. First we had trade, then we invented money coined from precious metals. Eventually we went to paper money backed first by precious metals, then eventually only by the government. Now we can do business without using physical money at all. Voting needs to logically progress as well. We had paper ballots, then mechanical voting machines. After that came punch cards followed by direct electronic machines. Scanned optical reading of ballots fell somewhere in between the last two. Next step is likely voting via the Internet and elimination of polling places. Eventually we may take the final bold step of a direct democracy where the people themselves can propose and vote on laws directly. Fraud can exist along each step of the way, but the more complex the system the fewer the numbers of those who can interfere. Errors can creep in as well, but the less the human intervention in a process the less the chance of such error. There is a good reason I bank solely via ATMs and the computer. I have a track record of 17 years with no problems. When tellers were involved there was generally a problem several times a year, if not more.

The thing I dislike about this whole scenario is that if accepted you're in effect tying voting to old technology (paper) forever, regardless of how reliable or foolproof any new technology might become. We might as well require votes to be tabulated on stone tablets while we're at. I find the whole thing utterly surreal. I liken it to requiring the use of candles for light because you dislike some of the shortcomings of other forms of artificial light.

cy · Dec 2, 2006

What a bunch of BS!
you may consider reading some background info on diebold voting machines. blackboxvoting.org

anything depending upon digital media can and will be tampered with.
with no paper trail to check ... who can say if elections were tampered with or not.

having a paper trail doesn't mean giving voters proof they voted a certain way to collect $$ for votes.

no one is saying there's not problems with any particular type system. just that in a paperless system, it's possible for ONE person to effect results of a large election. without detection!

VS statistically not possible with paper ballots, read by optical scanners. it may be possible to fake one precinct's results. but no way possible throwing results of a large state wide election.

here's an example of an election gone wrong using paperless voting machines. http://www.bbvforums.org/cgi-bin/forums/board-auth.cgi?file=/1954/45412.html

jtr1962 said:
Except that it's already done, at least indirectly, especially in poorer districts, by politicians promising entitlements in exchange for votes. Maybe not a direct "pay me $100 and I'll vote for you", but the effect is the same-buying votes with taxpayer dollars. IMHO you shouldn't be allowed to vote for as long as you're receiving any kind of unfunded government largess (SS/Medicare and unemployment insurance are different since you or your employer are funding them).

So what if there's problems with electronic voting machines? We had them with paper ballots and punch cards as well (remember the hanging chads?). I can think of a bunch of different ways besides a paper trail to audit votes. One way is to take a digital image after each voter leaves of the position of the levers or some other indication in the machine of how they voted. One picture per voter and name the picture files with random numbers so there's no way to connect a particular picture with a particular voter.

Another way is to use a flash card which stores the votes in predetermined memory locations. Or better yet a few flash cards per machine for redundancy. Very easy to read the card, even manually if need be, by using a machine which reads one address at a time via hardware only.

Remember also that with the preponderence of electronic bill paying these days a paper trail doesn't always exist except for one generated via software. We no longer have cancelled checks as records, but rather just a few bytes on a server which can be regurgitated in a human readable format only via software.

Fact is that as technology advances ways of doing things change. First we had trade, then we invented money coined from precious metals. Eventually we went to paper money backed first by precious metals, then eventually only by the government. Now we can do business without using physical money at all. Voting needs to logically progress as well. We had paper ballots, then mechanical voting machines. After that came punch cards followed by direct electronic machines. Scanned optical reading of ballots fell somewhere in between the last two. Next step is likely voting via the Internet and elimination of polling places. Eventually we may take the final bold step of a direct democracy where the people themselves can propose and vote on laws directly. Fraud can exist along each step of the way, but the more complex the system the fewer the numbers of those who can interfere. Errors can creep in as well, but the less the human intervention in a process the less the chance of such error. There is a good reason I bank solely via ATMs and the computer. I have a track record of 17 years with no problems. When tellers were involved there was generally a problem several times a year, if not more.

The thing I dislike about this whole scenario is that if accepted you're in effect tying voting to old technology (paper) forever, regardless of how reliable or foolproof any new technology might become. We might as well require votes to be tabulated on stone tablets while we're at. I find the whole thing utterly surreal. I liken it to requiring the use of candles for light because you dislike some of the shortcomings of other forms of artificial light.

LowBat · Dec 2, 2006

Funny, we trust all of our money to electronic banking, atm cards, and services like paypal, but we can't seem to come up with a secure paperless voting system. Maybe an internet based voting system would get the big voter turnout that has been so low for so many years.

cy · Dec 2, 2006

all those applications of electronic funds transfers listed below, all have detailed records leading back to one person... YOU who then checks on accuracy. all ATM machines contain backups. you guessed it, paper backups. just in case of machine malfunctions.

currently ... paper ballots read by optical scanners is considered the most fool proof voting system available and still give almost instant results.

LowBat said:
Funny, we trust all of our money to electronic banking, atm cards, and services like paypal, but we can't seem to come up with a secure paperless voting system. Maybe an internet based voting system would get the big voter turnout that has been so low for so many years.

AndyTiedye · Dec 2, 2006

I do computer network security for a living and I wouldn't trust those Diebold Republican Electing (DRE) Machinez as far as I could throw 'em.

"...committed to helping to deliver the electoral votes of Ohio to the President"
Walden O'Dell, 2003, when he was still CEO of Diebold Corporation

jtr1962 · Dec 2, 2006

LowBat said:
Funny, we trust all of our money to electronic banking, atm cards, and services like paypal, but we can't seem to come up with a secure paperless voting system. Maybe an internet based voting system would get the big voter turnout that has been so low for so many years.

And the more I'm learning about this the more I suspect the real reason is we don't want to. Given some of the things we've done with technology, I have little doubt that we could indeed come up with a foolproof, utterly secure, completely paperless voting system. After all, counting the number of ticks on a ballot in an accurate, tamper-proof manner isn't exactly rocket science. The reason we don't want to is that politicians want to retain the option of rigging an election. If you can't win fair and square, then paying off people within the system to give favorable results is just as good.

The problem isn't one of technology. Seriously, why on Earth would the government choose some half-baked, politically-connected outfit called Diebold to make voting machines, along with a bunch of no name programming firms to write software, when it could have instead chosen any number of companies with extensive expertise with electronic banking, data processing, security, etc? The reason is that they wanted the new system to have loads of flaws so that they could justify continuing to use the much easier to tamper with paper or punch card systems. If you think about it, a good electronic system with multiple layers of security and security keys might be close to impossible for even a fairly large, well organized group to tamper with, let alone a few individuals with little technical knowledge. However, those same few individuals could easily rig an election with paper ballots.

There is also a question of motive. The many unskilled, low-paid, often temporary workers used in a low-tech voting system are far easier to bribe than a few professional, extremely well-paid engineers in a high-tech system. Short of ideological motives, highly paid people have little to gain and everything to lose by accepting bribes. As for having any ideological reasons to game an election, I've found most engineering types really have little interest in politics perse, and/or see little difference between the two major parties at this point.

BB · Dec 2, 2006

jtr1962 said:
The problem isn't one of technology. Seriously, why on Earth would the government choose some half-baked, politically-connected outfit called Diebold to make voting machines, along with a bunch of no name programming firms to write software, when it could have instead chosen any number of companies with extensive expertise with electronic banking, data processing, security, etc?

You mean a firm with lots of ATM and Security experience like Diebold?

www.diebold.com

Services and Markets Market Position
Diebold's primary customers include banks and financial institutions, as well as government agencies and various retail outlets.

Diebold's service staff is one of the industry's largest, with more than 4,500 professionals in 600 locations worldwide.

Diebold Product Groups

Self-Service Products
Diebold offers an integrated line of self-service banking products and ATMs. Diebold is a leading global supplier of ATMs, and holds the leading market position in many countries around the world.

Physical Security and Facility Products
Diebold's Physical Security and Facility Products division designs and manufactures several of the company's financial service solutions offerings, including the RemoteTeller System™ (RTS). The business unit also develops vaults, safe deposit boxes and safes, drive-up banking equipment and a host of other facilities products.

Voting Solutions
Diebold, through our wholly owned subsidiaries Diebold Election Systems and Diebold Procomp, is one of largest electronic voting system providers in the world.

Integrated Security Solutions
Diebold Integrated Security Solutions provide global sales, service, installation, project management and monitoring of original equipment manufacturer (OEM) electronic security products to financial, retail and commercial customers. These solutions provide Diebold customers a single-source solution to their electronic security needs.

Software Solutions and Services
Diebold offers software solutions consisting of multiple applications that process events and transactions. These solutions are delivered on the appropriate platform allowing Diebold to meet customer requirements while adding new functionality in a cost-effective manner.

Diebold also provides professional services to assist in the implementation of software solutions. These services include communication network review, systems integration, custom software and project management that encompass all facets of a successful implementation.

-Bill

cy · Dec 2, 2006

not true...

no matter how secure you think you can make a paperless system. it can be beaten! there's no such thing as unbreakable. security is a moving target... there has to be a way to backtrack results. until someone comes up with a better method. paper ballots with optical scanners is currently the best and most fool-proof model.

it's possible to skew results of a few precincts by rigging paper ballots. it's impossible to skew enough paper ballots to make a statical difference for a statewide election.

jtr1962 said:
If you think about it, a good electronic system with multiple layers of security and security keys might be close to impossible for even a fairly large, well organized group to tamper with, let alone a few individuals with little technical knowledge. However, those same few individuals could easily rig an election with paper ballots.

PhotonWrangler · Dec 2, 2006

cy said:
not true...

no matter how secure you think you can make a paperless system. it can be beaten! there's no such thing as unbreakable. security is a moving target... there has to be a way to backtrack results. until someone comes up with a better method. paper ballots with optical scanners is currently the best and most fool-proof model.

Exactly. And one well-placed EMP event could wipe out a truckload of electronic voting results. Without a paper trail those bytes are gone forever.
I'm not a Luddite about electronic voting, but implementing a system without some sort of a paper trail is insane, ill-intended or both.

BB · Dec 2, 2006

Like too like mark and scan ballots... In the last election they offered both mark and scan, and a touch screen system.

I, the hardware engineer, used the mark and scan. My wife, the software engineer, chose the touch screen.

Mine was quick and easy to mark and slide into the scanner. My wife like the touch screen but found it took longer to vote because of all the "are you sure" type conformations.

In any case, this is humans voting, so having paper stating what you are voting for, and a mark next to it, is so much easier to audit than a software database where you have independent fields joined to display data and votes... A recount could catch a rigged/miss-programmed scanning machine. There is very little that can be done to, after the fact, try and find/fix errors/rigged votes in a computer--let alone tens of thousands of independent computerized voting around the nation.

The punch card systems originated from the turn of the 20th century (1890), as a method to run the 10 year US census. Punch cards in themselves are pretty reliable (my first Fortran programing class was on punch cards--and I know that all of those errors had nothing to do with hanging chad).

However, the punch cards used in voting have pre-scored punch spots that allow voters to easily punch holes... Probably not the best system out there. There is a known error rate with these system for every time a card is handled/sent through the reader.

History of Punch Cards:

One of the last important uses of punched cards has proven to be be voting. Use of pre-scored punched card ballots was introduced in the 1960's, and despite problems in the 1968 general election in Detroit, where a sudden rainstorm drenched at least one load of ballots in transit from a polling place to the counting center, this format quickly grew to become the most widely used computer-based election technology. By the time of the contested presidential elections of the year 2000, it was estimated that 1/3 of the polling places in the United States still used punched card ballots.

Any system that can be gamed / corrupted (the old mechanical voting machines I remember from the 50's and 60's were well known for "worn" counters and "pre-loaded" results). It is just that I would prefer to make them work at it (trying to change 1,000's to 100,000's of pieces of paper vs a couple lines of code in a touch screen/totalizing system).

-Bill

Feds (NIST) to decertify direct record electronic (DRE) machines.

Flashaholic

Flashlight Enthusiast

Newly Enlightened

Flashaholic

Flashlight Enthusiast

Newly Enlightened

Flashaholic

Flashaholic

Flashlight Enthusiast

Flashaholic

Flashaholic

Flashaholic

Flashlight Enthusiast

Flashaholic

Flashlight Enthusiast

Flashaholic

Flashlight Enthusiast

Flashaholic

Flashaholic

Flashlight Enthusiast

Similar threads