- Please send as far and wide as possible.
Editor, The Konformist
November 13, 2003
FROM THE DESK OF DAVID POGUE
Maybe Hanging Chads Weren't So Bad After All
New York Times
If there's one thing you learn as you grow older, it's that life is
painted in shades of gray. I find it harder and harder to view any
issue in black and white; if you really think about it, you can
almost always see the other guy's point of view.
Take electronic voting, for example. In 2000, it sure looked like the
old voting systems--punch cards, hanging chads, all that--were
desperately in need of upgrading. It seemed pretty obvious that
electronic voting systems would have avoided the whole Florida ballot
controversy. I, for one, spent two months walking around
muttering, "Gimme a break. They can drive the Nasdaq to 5,000, but
we're still voting with punch cards?!"
Then came last Sunday's New York Times, which presented a terrifying
report on Diebold, a leading maker of paperless touch-screen voting
machines. Eight million of us will be tapping on Diebold computers in
the next Presidential election.
So what's wrong with that?
Wrong Thing 1: Wally O'Dell, the company's chief executive, is a
Republican fundraiser. He writes letters to wealthy Bush contributors
vowing to "deliver" his state's electoral votes to the Bush campaign.
He hosts campaign meetings at his house. He's also a member of
Bush's "Rangers and Pioneers" club (each member of whom must
contribute at least $100,000 to the 2004 re-election campaign).
No matter what your politics, you can't deny that there's a strong
whiff of conflict of interest here.
Still, Mr. O'Dell wouldn't and couldn't go so far as to program his
voting machines to deliver the next election to Mr. Bush, right? Even
Oliver Stone would laugh at that conspiracy theory. But then:
Wrong Thing 2: The code in these machines is so insecure, somebody
managed to copy a version of it from Diebold and post it online. Two
studies--one by professors at Johns Hopkins and Rice University, one
by engineering firm SAIC--found the current code to be sloppily
written, with weak cryptography and "no evidence of rigorous software
Wrong Thing 3: This one boggles the brain: The Diebold systems don't
print. There's no paper trail, no "voting receipts." Data is
transferred to the election precinct on a memory card in a format
that only Diebold can read. If an election is ever in dispute, nobody
can compare the digital results against a backup system. As an
individual, you'd have no way of confirming that your vote was
(My favorite part of the Times article was the story told by New
Jersey Representative Rush D. Holt, who's trying to make electronic
voting more transparent: "Someone said to me the other day, 'We've
had these electronic voting machines for several years now, and we've
never had a problem.' And I said, 'How do you know?'")
Without a paper trail, there's all kinds of opportunity for mischief.
Wrong Thing 4: Diebold points out that the software is inspected and
tested by election officials before it's certified. There's only one
problem: Diebold engineers can slip in and make changes to the
software even AFTER it's been certified.
Worse, they do exactly that. A Wired article quoted a Diebold
engineer as saying that his team made no fewer than three rounds of
software changes to the machines in Georgia's 2002 election for
governor--after the machines had been certified but before the
election began. (That election "ended in a major upset that defied
all polls and put a Republican in the governor's seat for the first
time in more than 130 years.")
But Ren Bucholz of the Electronic Frontier Foundation
(action.eff.org) told me that this kind of thing--casual, uninspected
software updates to voting machines that have already been certified--
goes on all the time.
The bottom line: Diebold's voting machines appear to present an
undetectable, easy, and tempting target for manipulating elections.
See what I mean? Even electronic voting turns out to be a gray area.
No, wait -- come to think of it, maybe it's a black-and-white issue
Calif. will require voting-machine receipts
Nov. 21, 2003 | SAN JOSE -- In a major victory for voting rights
advocates, Secretary of State Kevin Shelley announced Friday that all
electronic voting machines in California must provide paper receipts
Shelley also introduced stricter requirements for testing and
auditing of the software used to record and tabulate votes in the
nation's most populous state.
The move may prompt changes in the type of voting equipment used
throughout the country as states rush to modernize terminals.
California's reforms address concerns of computer scientists and
voting rights advocates who have been warning that paperless voting
systems are vulnerable to hackers, software bugs and mechanical
Earlier this month, a state agency began an investigation of
uncertified software allegedly used in California's Oct. 7
gubernatorial recall election.
Shelley made the move not because "voting systems are inherently
insecure -- they are not," he wrote in the document detailing the
changes. "But rather because people understandably feel more
confident when they can verify that their votes are being recorded as
Shelley ordered all counties that purchase new touch-screen terminals
to provide a ``voter verified paper audit trail,'' starting in July
In addition, voting equipment companies must retrofit touch-screen
systems already being used in at least four California counties to
include printers and paper receipts by July 2006.
The requirement makes California the first state in the nation to
force equipment vendors to retrofit machines already installed in
Congressman Dennis J. Kucinich
10th District of Ohio
Congressman Kucinich is seeking to ensure that voting is a right
secured for all Americans. During the 2000 elections, there were
numerous and serious problems at the voting booth in Florida and
across the nation. Congress' response was the passage of the Help
America Vote Act in 2001. This legislation was designed to improve
voting machines and voting processes. However, implementation of the
Help America Vote Act, along with its funding and assistance to
states, is far behind schedule. Additionally, recent analysis of
voting machine software shows that these programs suffer serious
internal flaws that threaten the security of votes case on such
Privatized Voting, Private Interests
Under the Help America Vote Act (HAVA), the Election Assistance
Commission is charged with establishing voluntary standards for
voting machine software and creating an independent testing process
for the software. However, this process is far behind schedule. Under
HAVA, the Election Assistance Commission members should have been
nominated by the President in February 2003. Unfortunately, these
nominees have only recently been sent to the Senate for confirmation.
Without this federal review and testing of software, deeply flawed
software has been marketed by companies and bought by states. An
Analysis of an Electronic Voting System was recently authored by
Tadayoshi Kohno, Adam Stubblefield, Aviel Rubin, and Dan Wallach.
This voting software, produced by Diebold, has already been purchased
by two states. According to this study, some of the most serious of
numerous flaws permit a person to:
-vote multiple times,
-view ballots already cast on a machine,
-modify party affiliation on ballots,
-cause votes to be miscounted,
-create, delete and modify votes on voting machine, and
-tamper with audit logs and election results.
States Purchase Insecure Software
As a result of this study, Maryland put on hold its purchase of
Diebold voting machines. Later, an independent review confirmed the
previous findings. It counted 328 security weaknesses, and concluded
that: "The system, as implemented in policy, procedure and
technology, is at high risk of compromise" (pg. 17).
Partisan Conflicts of Interest
The state of Ohio selected Diebold as one of four possible vendors
for computerized voting machines. But in August 2003, the company's
partisan conflicts of interest prompted public suspicion that the
voting machine manufacturer was partisan. In August 2003, after
returning from President Bush's Crawford, TX ranch, Diebold's chief
executive wrote a fundraising letter where he stated he
was "committed to helping Ohio deliver its electoral votes to the
president next year."
Diebold Internal Memos Reveal Knowledge of Software Flaws
These findings of software flaws have been confirmed by internal
memos from Diebold employees. Diebold has harassed internet service
providers with legal action for posting links to these memos.
Congressman Kucinich believes that these memos show why transparency
and public oversight are essential in the development of voting
From conversations between employees at Diebold, including upper
management, it is evident that they knew of insecure programs and
made insecure changes to programs. Among these activities, employees:
-Permitted easy access to vote audit logs. Without requiring so much
as a password, anyone could access the tabulation of votes and change
the contents. (Memo from Nel Finber to Ken Clark, and Ken Clark
-Sold uncertified software (GEMS 1.14) that was used in elections,
while knowing that numerous problems existed with the software. (Memo
from Ken Clark)
-Changed voting software by sending uncertified patches and upgrades
to customers, along with possible bugs (memo Ken Clark, re: GEMS
-Contracted to "provide products and services which do not exist and
then attempting to build these items on an unreasonable timetable
with no written plan, little to no time for testing, and minimal
resources. It also seems to be an accepted practice to exaggerate our
progress and functionality to our customers and ourselves then make
excuses at delivery time when these products and services do not meet
expectations." (According to an employee upon resignation)
Stopping False Copyright Claims
Diebold has been using coercive legal claims to intimidate internet
service providers and even universities to shut down websites with
links to its memos and remove the memo content. Under copyright laws,
however, universities are exempt, and posting links to the memos is
not considered a violation of the law. By abusing the Digital
Millennium Copyright Act, Diebold has intimidated numerous internet
service providers to comply with its requests. The damage is two-
fold: 1) limiting the public's information about the security of its
voting machines, and 2) expanding corporate control over our most
free medium of expression, the Internet.
Congressman Kucinich is working to address these problems by
providing some of Diebold's internal memos on this site to increase
public access, drafting legislation to address software security
problems, and working to investigate Diebold's legal abuses.
Congressman Kucinich is working with his Congressional colleagues to
draft legislation that would create an open-source design process for
voting machine software. This process would ensure public oversight
and transparency, as well as establish the most secure voting
software for citizens to cast their votes.
Nov. 22, 2003, 3:32PM
Democrats approve Internet voting in Michigan
WASHINGTON -- The Michigan Democratic Party's plan to allow Internet
voting in its presidential caucus won approval today from national
Democrats. Opponents said online balloting is not secure and
discriminates against poor and minority voters who are less likely to
own a computer.
For the first time, the Michigan party will allow those participating
in the Feb. 7 caucus to have the option of selecting their favorite
presidential candidate over the Internet, in addition to voting by
mail or in person.
Democrats in Arizona used the Internet in the state's presidential
primary in 2000, where voter turnout was more than double the
previous record and about 40 percent of the 86,000 ballots were cast
Twenty Michigan voters objected to the state party's plan, saying it
would disadvantage poor and minority voters and be subject to fraud.
"The costs and risks of transacting ballots on the Internet really
outweigh the benefits," said Kim Alexander, president of the
California Voter Foundation, which made the case against the plan to
the Democratic National Committee.
The DNC's Rules and Bylaws Committee rejected the argument on a 23-2
Michigan is expected to play an important role in determining the
party's presidential nominee. The state will have more delegates up
for grabs than any of the nine states that come before it in the
Internet voting could benefit former Vermont Gov. Howard Dean, who
has built significant support among Web users. A poll taken in
Michigan last month shows Dean with a slight lead among likely caucus-
goers, but his support jumps significantly among those who plan to
vote by Internet.
Seven of Dean's rivals encouraged party leaders to reject Michigan's
plan, citing the disparity in computer ownership among whites and
minorities. The only candidate other than Dean who did not object was
Wesley Clark. He supports Internet voting as a way to increase
turnout and improve democracy.
Leaders of the Michigan party say increasing turnout was their only
goal, not to benefit any candidate.
"The Internet will not just bring the Democratic Party better
together, it expands our base with our young adults," said Tina
Abbott, vice chairman of the state party.
Registered Michigan Democrats who want to vote by mail or Internet
must request an absentee ballot from the state party ahead of time.
They will be sent a ballot that can be returned by mail or it will
include a code that can be used to access a Web site for voting.
A hearing officer appointed by the DNC ruled in September that no
voter will be deprived of participation because of the options to
vote by mail or in person. But she required the state party to take
additional steps to make voting easier for those who want to
participate in the caucuses.
Those steps include increasing the number of caucus sites, setting up
a toll-free hot line to help Internet voters and identifying publicly
available computers with Internet access in minority and low-income