Where democracy goes to Diebold

Avi Rubin, the political scientist who has documented many problems with Diebold polling equipment, presents his report on a day at the polls during the Maryland primary. You should read the whole thing, but I am going to excerpt extensively because of how critical the performance of Diebold equipment is to our democracy. This information must be widely discussed.

There were many problems with Dielbold equipment at the polling place where Rubin spent the day as one of 16 election judges. Software errors, despite a story by The Washington Post that emphasizes human errors in the process that, as David Isenberg rightly criticizes, urge readers to miss the real problems with the Diebold systems. Most troubling to me, the errors are so pervasive that there is no systematic approach to trying to monitor for incorrectly counted votes.

One breed of technical error would allow people to vote twice, according to Rubin: 

When we were setting up the electronic poll books, I took over because I was more comfortable with the technology, and the others quickly deferred to me. So, a couple of hours into the election, when one of the poll books seemed to be out of sync with the others, the judges came and brought me to have a look. It appeared that this poll book was not getting synced with the others. I tested it by waiting for someone to sign in with a different poll book, and then a few minutes later trying to sign in that voter on the one in question. The voter was shown as having not voted yet. I repeated this test for about 20 minutes, but it never registered that voter as having voted, and the poll book was falling behind - about 30 by then - the other poll book machines. I suggested rebooting that machine, and we tried that, but it did not change anything. I pointed out to the chief judges who were huddled around me as I experimented, that as time went by, this poll book was going to fall further and further behind the others, and that if someone signed in on the others, they would be able sign in again on this one and vote again.

But another error wouldn't let people vote even once: 

The electronic poll books presented an even bigger problem, however. Every so often, about once every 15-25 minutes, after a voter signed in, and while that voter's smartcard was being programmed with the ballot, the poll book would suddenly crash and reboot. Unfortunately, the smartcard would not be programmed at the end of this, so the poll worker would have to try again. However, the second time, the machine said that the voter had already voted. 

At this point, it seems that Diebold's casual approach to bugs in its systems is based on the belief that they are producing enough errors in allowing voters to vote once, twice or more often that the result is a wash and somehow acceptable because a precinct may end up with the correct number of votes. TechDirt keeps track of Diebold security issues and the company's facile responses, including to the latest reports of serious problems during the election on Tuesday.

There was a human solution to the problem of letting people vote when Diebold machines said they already had, but it is one that, to my eye, seems more time-consuming and prone to error or deliberate misuse by a judge—suggesting that elections may ultimately be contended among judges of different parties vying for control at a particular polling place: 

The first few times this happened, we had some very irate voters, and we had to call over the chief judge. Soon, however, we realized what was happening, and as soon as the poll book crashed, we warned the voter that it would come up saying that they had already voted, but that we knew they hadn't. Then, the chief judge would have to come over, enter a password, and authorize that person to vote anyway. 

And Diebold seems to have no concern about the problems, spending little to put skilled support on-site at the polling place:

Throughout the early part of the day, there was a Diebold representative at our precinct. When I was setting up the poll books, he came over to "help", and I ended up explaining to him why I had to hook the ethernet cables into a hub instead of directly into all the machines (not to mention the fact that there were not enough ports on the machines to do it that way). The next few times we had problems, the judges would call him over, and then he called me over to help. After a while, I asked him how long he had been working for Diebold because he didn't seem to know anything about the equipment, and he said, "one day." I said, "You mean they hired you yesterday?" And he replied, "yes, I had 6 hours of training yesterday. It was 80 people and 2 instructors, and none of us really knew what was going on."  

With another new report, this by a Princeton University team led by Ed Felton, that Diebold machines are very easy to hack, specifically that:

1. Malicious software running on a single voting machine can steal votes with little if any risk of detection. The malicious software can modify all of the records, audit logs, and counters kept by the voting machine, so that even careful forensic examination of these records will find nothing amiss. We have constructed demonstration software that carries out this vote-stealing attack.
2. Anyone who has physical access to a voting machine, or to a memory card that will later be inserted into a machine, can install said malicious software using a simple method that takes as little as one minute. In practice, poll workers and others often have unsupervised access to the machines.
3. AccuVote-TS machines are susceptible to voting-machine viruses — computer viruses that can spread malicious software automatically and invisibly from machine to machine during normal pre- and post-election activity. We have constructed a demonstration virus that spreads in this way, installing our demonstration vote-stealing program on every machine it infects.
4. While some of these problems can be eliminated by improving Diebold's software, others cannot be remedied without replacing the machines' hardware. Changes to election procedures would also be required to ensure security.

Diebold accuses the Princeton study of being uninformed and based on older software, however the very poorly trained polling place support staffing described above does not convince me that Diebold has adequately addressed any upgrade and software maintenance processes needed to ensure systems are actually running the latest software. And, as the study notes, some of these problems are physical hardware issuees that cannot be remedied by software upgrades.

Hopefully this summary gets you started thinking about this issue, so you can vote with your own voice by calling local election officials and urging them to have, at least, back-up paper-based voting options available in your community.