The Alaska Democratic Party is trying to get access to the electronic voting files (as distinct from printouts) from the 2004 election, to verify the results and clear up apparent discrepancies. The state Division of Elections refuses to turn them over, arguing that the "data format" (what is that, exactly? computer geeks, please help) belongs to Diebold, not the state.

http://www.bbvforums.org/cgi-bin/forums/board-auth.cgi?file=/1954/17302.html

http://blackboxvoting.com/s9/index.php?/archives/83-Diebold-refuses-to-allow-examination-of-proprietary-files.html

Is there any justification for this?

The state Division of Elections refuses to turn them over, arguing that the "data format" (what is that, exactly? computer geeks, please help) belongs to Diebold, not the state.
A data format is the way in which the data is structured, not the data itself. In other words, if I have a file that allots 20 characters for the last name, and 16 for the first, that's the format. The actual last and first names themselves are not. This is very simplified, as a typical format has header info, etc., but that's basically what it is, the layout of the data, not the data itself.

Is there any justification for this?Nope, none whatsoever. Even if they had some super secret proprietary data format (they don't), or even used a proprietary database engine (they don't), it's trivial to convert data from one format to another. I can take data from just about any format and get it to you in a file that you could easily open and read in Notepad in about 5 minutes.

I can take data from just about any format and get it to you in a file that you could easily open and read in Notepad in about 5 minutes.In fact, if the powers that be have a representative here, feel free to have them send me the .mdb file. I'll convert it for free. :)

Even if they had some super secret proprietary data format (they don't), or even used a proprietary database engine (they don't), it's trivial to convert data from one format to another.
I'm not sure about your first to claims here; Diebold's lawyer says otherwise. And anyway the Democrats don't want to accept data that's been converted; they are saying that only the raw data in it's native format is acceptable. They don't want printouts, and they don't wanna accept data converted to Excel.

From one of the links:
The latest controversy concerns the database holding the results of Alaska's 2004 general election. Democrats say it's important for them to see the database in its original structure ---- the format in which the data was created and now is stored and reported. That's how they hope to figure out if the votes were registered and reported accurately.


Is there any justification for this?
Sure. Contractual obligations. From the same link, just a couple lines down:
But under the state's contract with Diebold, that cannot be released, Brewster [Diebold's attorney] said.

So the State of Alaska signed a contract saying that the raw election data - the actual data that shows how people voted - can never be publicly reviewed?

That's insane.

This is part of the reason why, irrespective of corporate political affiliations, it's pretty damn stupid for a government to outsource something as critical as the voting process to a private firm with proprietary rights over the data it collects. The results of the electoral process ought to be as transparent as possible.

I'm all for public-private partnerships and innovation and efficiency and cost-saving and all that, but this is an area where accountability must trump every other consideration.

Why is it important for them to see it in the original, proprietary format?

Nope, none whatsoever. Even if they had some super secret proprietary data format (they don't), or even used a proprietary database engine (they don't), it's trivial to convert data from one format to another. I can take data from just about any format and get it to you in a file that you could easily open and read in Notepad in about 5 minutes.

Can you provide a cite for the claim that they are not using a proprietary data format or a proprietary databse engine? They claim they are.

Why is it important for them to see it in the original, proprietary format?



Can you provide a cite for the claim that they are not using a proprietary data format or a proprietary databse engine? They claim they are.

Based on what I vaguely recall of the breach a couple of years back, Diebold is either using an MS Access or an MS SQL Server backend.

Hmm... here it is:


Among revelations contained in the memos was information that the Microsoft Access database used by the Diebold system to collect and calculate votes was not protected by a password. This meant someone could alter votes by entering the database through physical access to the machine or remotely using the phone system.

The memos also revealed that the audit log, which records any activity in the Access database, could be easily altered so that an intruder could erase a record of the intrusion.

http://www.wired.com/news/evote/1,61243-1.html

Now, I suppose it's concievable that they're written an entirely new RDMS from scratch in the intervening couple of years, the fact that they initially used frickin' Access to run a production, high-volume system where integrity and reliability were absolutely critical, makes me doubt that they've got the smarts to do it.

I mean, they don't need Oracle or DB2, but Postgres is free, y'all.

And while Access is technically proprietary, it's owned by Microsoft, not Diebold.

And the answer to Bricker's first question: because any amount of monkeying with the data, either deliberately or due to bugs, can be done at any step in the process. In order to track a particular record through the system and do any meaningful kind of audit, you've got to start with as close to the original record as possible.

Personally, I think they should open source (http://www.openvotingconsortium.org/) the entire process, or at least have some kind of equivalent of SOX for the electronic voting industry, to make vendor officers criminally liable for security breaches and other screwups.

Seems to me that a subpoena, akin to that used by the federal government in the Google case, would be in order. Proprietary format? As I found out recently in a GQ thread, a simple protective order serves to remedy that.

Why not just copyright or patent it?

And while Access is technically proprietary, it's owned by Microsoft, not Diebold.

So the Alaska Dems should be asking Bill Gates for this stuff?!

Why not just copyright or patent it?
Because that would make the structure publically accessible. They're trying to claim trade secrets; as I said above, I should think that can be gotten around by essentially putting in place a non-disclosure agreement (until and unless some crime -- such as election fraud -- was determined).

However, thier claim is seriously undermined by this tidbit:
Anyone can examine Diebold's format on a Web site set up by activists who have been raising questions about the company, the Alaska Democrats said.
If true, aren't there legal precedents that say it is no longer a trade secret (and that their claim is therefore null and void)? Of course, that's only if it's true; again, I'd think a subpoena would be necessary to move this forward...

Since it's supposed to be proprietary, I won't post links, but from what is available out there it seems to be a three table Access database. There is nothing secret, complex, or proprietary about an Access database. Any competitor of Diebold's who would want their Access layouts already has them, as anyone who has worked with Access can tell you, it's not hard to see the table structures if you have the .mdb. In fact, I'm a bit scared about Diebold's capabilities if they thought Access was an acceptable solution for a high transaction environment.

A much larger problem to me isn't that the Dems aren't getting the layouts, it's that the layouts aren't open to the public in the first place. Based on this, my understanding is that in the voting world of Diebold, we get no paper trail, no source code verification, and now we can't even see the actual electronic trail that was supposed to be the reason we didn't need a paper trail? Bullshit. Someone either has something to hide, or wants to preserve the right to hide it in the future and get away with it.

I'm not really much of an open source fanboi, but this just screams of corruption, and should either be completely open sourced, or at least be open to the public for peer review. That goes for both the source code and the structure. Hell, for all the public knows, the three tables in question are Voters, Votes, and Adjusted Votes.

Does anyone in this forum truly think that any part of our election process, how it works, the full results, etc., should be closed to the public?

I'm not sure about your first to claims here; Diebold's lawyer says otherwise.According to all of the information that is out there, they are lying. If they're not lying, I'm more worried. Not only is this not rocket science, it's not even data architect science. I know self-proclaimed Luddites that can read Access database structures. Access intentionally exposes the structures, which is why this boggles my mind.

And anyway the Democrats don't want to accept data that's been converted; they are saying that only the raw data in it's native format is acceptable. They don't want printouts, and they don't wanna accept data converted to Excel.With the existing hesitation, that's quite understandable. That's why I was offering to do the conversion for them, as I probably wouldn't trust Diebold to do it at this point either, if I was them.

Sure. Contractual obligations. From the same link, just a couple lines down:Do you want those sort of things to be protected via contract at all in regards to the election process? If this keeps up, George Soros should create an electronic voting machine company and undercut Diebold on prices. I'm betting we'd have laws to open up pretty fucking fast at that point.

Why is it important for them to see it in the original, proprietary format?Because of the hesitation to provide it in the first place. Does taking the fifth make the average juror more or less suspicious of the person on the stand? The problem to me here is that the company shouldn't even have that option, as that has fraud potential written all over it. Aren't we trying to reduce fraud in the process?

Can you provide a cite for the claim that they are not using a proprietary data format or a proprietary databse engine? They claim they are.Not without a mod saying it's okay. It's pretty freely available, but I'm not going to put the board in the middle of this without preapproval. Here (http://tsuredzuregusa.blogspot.com/2004/10/vote-early-vote-often.html) is one place in which the claim is made without links to the actual file formats themselves, but other than the actual formats, I don't know how to prove it. It's not like Diebold is wanting to admit to the public that they use an old version of Jet that was never meant for an environment like the state election process.

Why is it important for them to see it in the original, proprietary format?I find this question a bit odd considering that you just posted the following in another thread:No evidence of vote fraud has been found as yet, and various left-wing groups have been searching desperately for such evidence.If they're not even allowed to look, they sure won't find it. Want to explain the disconnect to me?

Diebold's machines, contrary to all their claims, seem to allow any random shmoe to alter their results in a way that's then completely undetectable after the fact, at least in terms of the code. They make it possible for a single person with a single contact with the machine, to throw an election one way or another... leaving no evidence and no way to verify. That's a great idea, right!

Diebold's machines, contrary to all their claims, seem to allow any random shmoe to alter their results in a way that's then completely undetectable after the fact, at least in terms of the code. They make it possible for a single person with a single contact with the machine, to throw an election one way or another... leaving no evidence and no way to verify. That's a great idea, right!What's even worse is that that single person doesn't even have to be technically skilled. It would be harder to find someone who couldn't change votes than someone who could.

Not only is this not rocket science, it's not even data architect science. I know self-proclaimed Luddites that can read Access database structures. Access intentionally exposes the structures, which is why this boggles my mind.
Hey, DMC, is there now functionality in Access that allows one to embed formulae and such within the structure (y'know, like SQL statements)? I haven't used Access (or done any database programming) in about a decade, so I'm not familiar with any recent advances in database tech.

It just seems to me that that's the only reason for keeping a structure secret (not that what should be a simple tabulator deserves secret status in the first place). Seems to me more likely that they are either corrupt or simply incompetent (and in fear of being exposed). After all, it's not rocket surgery...

Based on what I vaguely recall of the breach a couple of years back, Diebold is either using an MS Access or an MS SQL Server backend.

Hmm... here it is:



http://www.wired.com/news/evote/1,61243-1.html

Now, I suppose it's concievable that they're written an entirely new RDMS from scratch in the intervening couple of years, the fact that they initially used frickin' Access to run a production, high-volume system where integrity and reliability were absolutely critical, makes me doubt that they've got the smarts to do it.


So your only evidence that they are not using a proprietary format NOW is that they weren't using a proprietary format three years ago, even though they were sharply criticized for using an open format three years ago?

Sorry. I find it far more likely that they were using Access, people screamed about it, and they converted (or added) an excrypted proprietary step to the storage of their data.

I find this question a bit odd considering that you just posted the following in another thread:
Why is it important for them to see it in the original, proprietary format?

I find this question a bit odd considering that you just posted the following in another thread:

No evidence of vote fraud has been found as yet, and various left-wing groups have been searching desperately for such evidence.
If they're not even allowed to look, they sure won't find it. Want to explain the disconnect to me?

That's nonsense. If the company were deliberately committing fraud, they could simply overwrite the data the their altered, fraudulent data and then present it as the original. Demanding to see the original format because you suspect the company of altering results is not a meaningful audit step.

Because of the hesitation to provide it in the first place. Does taking the fifth make the average juror more or less suspicious of the person on the stand? The problem to me here is that the company shouldn't even have that option, as that has fraud potential written all over it. Aren't we trying to reduce fraud in the process?

Not without a mod saying it's okay. It's pretty freely available, but I'm not going to put the board in the middle of this without preapproval. Here (http://tsuredzuregusa.blogspot.com/2004/10/vote-early-vote-often.html) is one place in which the claim is made without links to the actual file formats themselves, but other than the actual formats, I don't know how to prove it. It's not like Diebold is wanting to admit to the public that they use an old version of Jet that was never meant for an environment like the state election process.

Again - that claim relates to the 2001-2002 time period. It's now 2006. That's an awful long time to fix things. Diebold says they have.

What is your evidence that they haven't?

Again - that claim relates to the 2001-2002 time period. It's now 2006. That's an awful long time to fix things. Diebold says they have.

What is your evidence that they haven't?

Aren't voter's votes supposed to be secret anyway? I would have to assume that the raw data would include who voted for what, correct?

I do some work for a local candidate and I can get a list from the SecState's office that will tell me who voted in what election, but not how they voted. Maybe the Alaska Dems should try there?

Hey, DMC, is there now functionality in Access that allows one to embed formulae and such within the structure (y'know, like SQL statements)? I haven't used Access (or done any database programming) in about a decade, so I'm not familiar with any recent advances in database tech.

It just seems to me that that's the only reason for keeping a structure secret (not that what should be a simple tabulator deserves secret status in the first place). Seems to me more likely that they are either corrupt or simply incompetent (and in fear of being exposed). After all, it's not rocket surgery...You can indeed put calculated fields in an Access table, but to be honest, in a table for voting information, using those would be a bit on the scary side, with a single exception, a timestamp. Timestamps aren't really rocket science in the Microsoft world, as a single built-in function call generates one. So no, that's not a valid reason for them to hide the raw data.

If you're really asking if they could write a formula that said make 1 out of 10 (or example) votes for candidate A switch to candidate B using a calculated field, yes that's possible.

That's nonsense. If the company were deliberately committing fraud, they could simply overwrite the data the their altered, fraudulent data and then present it as the original. Demanding to see the original format because you suspect the company of altering results is not a meaningful audit step.The company no longer has the data to be able to change it. It's just trying to keep it out of the hands of the people asking for it.

Aren't voter's votes supposed to be secret anyway? I would have to assume that the raw data would include who voted for what, correct?

I do some work for a local candidate and I can get a list from the SecState's office that will tell me who voted in what election, but not how they voted. Maybe the Alaska Dems should try there?

How would the raw data show who voted for what? When I go into vote, my identity is checked off on the voting rolls, and I'm given a card with a magnetic strip that allows me to access the voting machine, but so far as I know, there's no link between my identity and that ballot. The guy just picks up a card from a pile and hands it to me, with no cross-referencing between the ballots and the cards. So the machine can't "know" who voted for whom.

The Republicans don't want to be put in jail for rigging the vote, that's all there is to it.

Again - that claim relates to the 2001-2002 time period. It's now 2006. That's an awful long time to fix things. Diebold says they have.

What is your evidence that they haven't?First, we're talking about what Diebold was using in 2004, not 2006, secondly, yes, there is every indication that they were still using GEMS. In fact, they'd probably use a different stall tactic if it had changed, as the request was quite specfic in nature, and would only work if they used the same format. Here (http://www.votetrustusa.org/index.php?option=com_content&task=view&id=830&Itemid=113) is the request. In fact, I think at this point the impetus is on you to prove that it is in any format other than MS Access. Even their lawyer says no such thing. He simply says that the structure of the database file is proprietary.

You still haven't answered the bigger questions:

Do you want our election process to be this secretive?

Do you still want it to remain secretive when the numbers don't add up?

Who should have control over these secrets?

Aren't voter's votes supposed to be secret anyway? I would have to assume that the raw data would include who voted for what, correct?

Nope, not the raw data from the ballots. As Evil Captor noted, there is no connection between the record of who voted and the information on the ballots they used. Voting ballots are completely anonymous. If the Diebold electoral data did somehow record voter identification in any way, that would be just as egregious a violation of proper electoral procedure as any monkeying around with the vote tallies.

The company no longer has the data to be able to change it. It's just trying to keep it out of the hands of the people asking for it.

if that's the case, what is your objection to the people that now have the data exporting it to a common format? You cannot be accusing them of manipulating the data during such a conversion, right? And this would satisfy Diebold's objection to the release of proprietary data formats.

That's nonsense. If the company were deliberately committing fraud, they could simply overwrite the data the their altered, fraudulent data and then present it as the original. Demanding to see the original format because you suspect the company of altering results is not a meaningful audit step.

What would be, exactly?

Do you want our election process to be this secretive?

Do you still want it to remain secretive when the numbers don't add up?

Who should have control over these secrets?

If someone asked my bank to divulge their data formats so they could be audited, I'm sure they'd decline. I fail to see why forcing Diebold to release their proprietary data formats is crucial to the process of auditing them.

I don't agree that "the numbers don't add up." Ultimately, the state should control the process. But if the state chooses to contract the process out, the contractor is entitled to keep his trade secrets secret when the contract agreed to in advance says as much. Chaging the rules of the contract after everyone signed it and the compnay held up their end of the bargain is wrong.

If you want to do things differently, hire a company that won't use a proprietary data format. I have no heartburn with that. I have a BIG problem with hiring a company, promising them that their data format will remain secret, and then forcing them to reveal it.

if that's the case, what is your objection to the people that now have the data exporting it to a common format?Because it already is in a common format. No need to mess with it.
You cannot be accusing them of manipulating the data during such a conversion, right?Sure I can. Heck, if I did something sneaky in the database, but didn't have to let anyone see the database, that's exactly where I'd cover it up.
And this would satisfy Diebold's objection to the release of proprietary data formats.As noted earlier in the thread, I would be happy to do the conversion. That would allow me to see any funny business on the db side of things. If you think I'd trust that to people who are adamant about not letting me see it, think again.

The more I read, the more I understand exactly why they want to see the original files, in their entirety. Diebold has been using bizarre methods that no honest auditor would accept. For instance, they make copies of the tables that are loaded into the system from the precints, and instead of using the tables that are directly loaded for reporting purposes, they use these copies. I haven't seen anything to indicate to me that there is any sort of referential integrity at play here. Would you like for your bank to have an internal file that they use to access your account information, and a completely separate file showing you your account information? If you worked with data you wouldn't.

If someone asked my bank to divulge their data formats so they could be audited, I'm sure they'd decline. I fail to see why forcing Diebold to release their proprietary data formats is crucial to the process of auditing them.I don't see why your bank would decline that request. In the banking world, the data is what is secret. The formats are usually widely known. Data structures are just not that secretive. Would linking to a ton of data structures to widely used vertical market applications, directly on the vendor's own websites, convince you of this? What if I tell you the structure of any table I've created for any client of your choosing? Nothing secretive there. For instance, we use a datetime column with the column name DlOrdBegDt to signify when a deal would begin that is based on the order date. We use DlOrdEndDt to signify when it would end. My competitors are drooling now.

I don't agree that "the numbers don't add up." Ultimately, the state should control the process. But if the state chooses to contract the process out, the contractor is entitled to keep his trade secrets secret when the contract agreed to in advance says as much. Chaging the rules of the contract after everyone signed it and the compnay held up their end of the bargain is wrong.Have you not read the links? The numbers don't add up.

If you want to do things differently, hire a company that won't use a proprietary data format. I have no heartburn with that. I have a BIG problem with hiring a company, promising them that their data format will remain secret, and then forcing them to reveal it.I do, too. Can we agree that we shouldn't be using Diebold then, since they don't want their's public? I'm fine with that.

I do, too. Can we agree that we shouldn't be using Diebold then, since they don't want their's public? I'm fine with that.

I have no problem with making that a condition of award.

If you're really asking if they could write a formula that said make 1 out of 10 (or example) votes for candidate A switch to candidate B using a calculated field, yes that's possible.
No, no...nothing so devious as that. I'm just trying to give the benefit of the doubt, attempting to ascertain what could possibly deserve "trade secret" status. Certainly a set of fields and data types is a stretch.
I don't agree that "the numbers don't add up."
I'm not sure, but I think you're interpreting that in a broad "something's fishy" sense. I think it was written literally -- the vote tallies don't add up, indicating a tabulating error at best, intentional malfeasence at worst.

No, really, Bricker, what would be a "meaningful audit step" here, to determine whether the votes were honestly tallied or not? How would you go about it?

No, no...nothing so devious as that. I'm just trying to give the benefit of the doubt, attempting to ascertain what could possibly deserve "trade secret" status. Certainly a set of fields and data types is a stretch.Other than a timestamp, I can't think of a single possible calculated field that would make sense in an election process. They're also pretty damned rare in databases in general (with a few non-election related exceptions) to be honest, as calculated values can be calculated on the fly repeatedly as needed, both in the application and on reports, as long as the source data doesn't get changed, so there is no real need to store it.
I'm not sure, but I think you're interpreting that in a broad "something's fishy" sense. I think it was written literally -- the vote tallies don't add up, indicating a tabulating error at best, intentional malfeasence at worst.Yep, the numbers just truly didn't add up, which is why someone wanted to look in the first place. More votes were tallied in some reports than there were actual voters.

For any interested nerds out there, here (http://evm2003.sourceforge.net/architecture.html) is an open proposal, and you'll notice by how simple the xml schema is that there just isn't a need for a complex data structure. I really like the combination barcode/human readable printed ballot at the end, and can think of many ways of using that to both reduce fraud, and also reduce the suspicion of potential fraud, which I think is just as important.

Voting in this country should be easy, free, quick, open, and honest for all.

We've kinda switched from, "Was there vote fraud in Alaska and why won't Diebold let us find out?" to "Let's not use propriety databases any more in election machinery." I think the second sentiment is fine, but it sounds like everyone has pretty much conceded the point that Alaska voters don't have the right to know if their elections were conducted honestly or not.

I don't concede that point. Bricker is all incensed that a company should be forced to give up its "proprietary" data -- though all the evidence is that it's in a very common format. Well, I'm all incensed that the voters of Alaska may have been the victims of fraud, and I think their interests trump Diebold's. Easily.

Do you want those sort of things to be protected via contract at all in regards to the election process? If this keeps up, George Soros should create an electronic voting machine company and undercut Diebold on prices. I'm betting we'd have laws to open up pretty fucking fast at that point.
What I want matters not at all. What does matter is the law governing the current contract. I'd like the whole process to be as open as possible, too, just like you. But right now we gotta work with what's in place. Other than that, the rest of your statement is just speculation.

Based on this, my understanding is that in the voting world of Diebold, we get no paper trail, no source code verification, and now we can't even see the actual electronic trail that was supposed to be the reason we didn't need a paper trail? Bullshit. Someone either has something to hide, or wants to preserve the right to hide it in the future and get away with it.
Diebold now makes voting machines in which a paper trail is integral; paper trails were required as part the implementation of HAVA. These new Diebold machines were used in Ohio recently and the first generation machines (which didn't have a paper trail) have been decertified here. One would also assume the Secretary of State has implemented a certification plan which would eliminate most avenues open to fraud and abuse.

We've kinda switched from, "Was there vote fraud in Alaska and why won't Diebold let us find out?" to "Let's not use propriety databases any more in election machinery." I think the second sentiment is fine, but it sounds like everyone has pretty much conceded the point that Alaska voters don't have the right to know if their elections were conducted honestly or not.I haven't conceded that at all. :)

What I want matters not at all. What does matter is the law governing the current contract. I'd like the whole process to be as open as possible, too, just like you. But right now we gotta work with what's in place. Other than that, the rest of your statement is just speculation.What is speculation? That they'd open up if Soros' machines started showing up everywhere? I guess that's speculative, but I'm pretty confident that it would happen. Note that I don't consider that a bad thing.

Diebold now makes voting machines in which a paper trail is integral; paper trails were required as part the implementation of HAVA. These new Diebold machines were used in Ohio recently and the first generation machines (which didn't have a paper trail) have been decertified here. One would also assume the Secretary of State has implemented a certification plan which would eliminate most avenues open to fraud and abuse.If this is a "Voter-verified" paper trail, then I'm a lot happier with it. If it's not that kind, then I'd like to know more about it.

What is speculation? That they'd open up if Soros' machines started showing up everywhere? I guess that's speculative, but I'm pretty confident that it would happen. Note that I don't consider that a bad thing.
I guess I don't really have too much of an issue with your opinion. But if were gonna speculate, we might also reasonably believe that Soros would put up the same fight that Diebold is having before releasing his data.

If this is a "Voter-verified" paper trail, then I'm a lot happier with it. If it's not that kind, then I'd like to know more about it.
Indeed it is. And hard copies of every screen can be printed by election officials to help with their audits.

And looking at the Diebold website, it seems to indicate that ballots are encrypted immediately on submission. Perhaps this encryption process would be exposed if raw data is released. Again, I'm not necessarily comfortable with that, but this might be a legitimate trade secret Diebold wishes to protect.

Q: How do I know my cast ballot is safe and secure?

A: When a voter casts their ballot using the Diebold touch screen system, the ballot selections are immediately encrypted and stored in multiple locations within the voting station. When stored, the order of cast ballots is scrambled to further insure ballot anonymity. The image of each and every ballot cast on the voting station is captured, and can be anonymously reproduced on standard paper should a hard copy of ballots be required for recount purposes. Once voting concludes at a precinct, a printed election results report is printed as a permanent record of all activity at each voting station. This printed record is used to audit the electronic tabulation of votes conducted during the election canvas process, when final, official election results are reported.

Also at the Diebold website, available are a couple statements (.pdf format) issued by the company regarding many of the allegations levied against Diebold.
http://www.diebold.com/dieboldes/pdf/rebuttal.pdf
http://www.diebold.com/dieboldes/pdf/activistletter.pdf

Man, reading this thread makes me grateful for our wonderfully archaic voting technology - a paper ballot with an X pencilled in one of the circles.

Diebold now makes voting machines in which a paper trail is integral; paper trails were required as part the implementation of HAVA.

Are you sure? I don't thing HAVA requires that. (Or are you referring to Alaska's implementation legislation?) There is a bill (the Voter Confidence and Increased Accessibility Act of 2003 -- http://en.wikipedia.org/wiki/Voter_Confidence_and_Increased_Accessibility_Act_of_2003) which has been proposed by Congressman Rush Holt (D-NJ) and Senator Bob Graham (D-FL), which would require paper trails, but Congress has not yet passed it.

Diebold now makes voting machines in which a paper trail is integral; paper trails were required as part the implementation of HAVA.I did some checking and there is no requirement in HAVA that this be voter-verified. Having some printer in some back room spitting out numbers isn't going to do anything to eliminate the possibility of fraud.

I guess I don't really have too much of an issue with your opinion. But if were gonna speculate, we might also reasonably believe that Soros would put up the same fight that Diebold is having before releasing his data.

I doubt it. Soros appears to be an honest and civic-minded fellow, despite Dennis Hastert's laughable efforts to smear him. http://en.wikipedia.org/wiki/George_soros#Critics

I guess I don't really have too much of an issue with your opinion. But if were gonna speculate, we might also reasonably believe that Soros would put up the same fight that Diebold is having before releasing his data.I don't think he would, but if he did I'd be here saying that he's dead wrong and that we need to fight him to open it up. This isn't a partisan issue. I want all votes to be counted and accurate, no matter who wins. It's quite easy to find many posts in my history here where I make the statement that I'd much rather lose elections than be wrong.

Indeed it is. And hard copies of every screen can be printed by election officials to help with their audits.That's not what we mean by voter-verified. A voter needs to get a printout that details every single one of his votes, as well as some method of verfiying that the system and his receipt do in fact synch up. It should also have some form of unique identifier so that it could be validated against the tallied data in case of a recount. Having an election official be able to capture a screen shot when requested doesn't really cut it, as it has no identifying information to tie it back to the actual data itself.

And looking at the Diebold website, it seems to indicate that ballots are encrypted immediately on submission. Perhaps this encryption process would be exposed if raw data is released. Again, I'm not necessarily comfortable with that, but this might be a legitimate trade secret Diebold wishes to protect.They use DES encryption, which is publicly documented, and was actually broken a long time ago. The only secretive part of it is the key code used, and as noted, that is attainable for those with the knowledge to do so. On a side note, Diebold uses the exact same code in all machines, and it's embedded in the source code. Heck, I have the key itself, and will happily post it here if the mods allow. :)

I did some checking and there is no requirement in HAVA that this be voter-verified. Having some printer in some back room spitting out numbers isn't going to do anything to eliminate the possibility of fraud.
See page 25 of this .pdf. It's the Ohio Sec State's plan for implementing HAVA. HAVA required the Sec State to submit a plan for approval to the federal authorities.

http://www.sos.state.oh.us/sos/hava/statePlan011205.pdf

On May 7, 2004, Governor Taft signed into law Substitute House Bill 262. The Act requires all direct recording electronic voting machines used in Ohio to include a voter verified paper audit trail and changes the process for counties to acquire voting systems using funds made available pursuant to the Help America Vote Act (HAVA) of 2002.

I have no idea how Alaska implemented HAVA, but I assure you here in Ohio a voter verified paper trail is now required.

Also from the Ohio Sec State's HAVA plan regarding the "backroom counting" (on page 28 of the same .pdf):
Audit Capacity:

• While the system allows the vote to be counted and tabulated electronically, the system also must be capable of producing a permanent paper record that can be audited manually. The paper record must be produced in such a way as to function as an official record for any potential recount or any question that might arise subsequent to the election.

See page 25 of this .pdf. It's the Ohio Sec State's plan for implementing HAVA. HAVA required the Sec State to submit a plan for approval to the federal authorities.Those are two different things. It does look like Ohio is requiring a voter-verified trail, but the second quote bubble in your post doesn't make the same requirement. HAVA doesn't require a voter-verified paper trail, but I am glad that Ohio is going to start requiring one going forward.

Note that I mean the second of your quote bubbles, not counting where you quote me. :)

What the hell is wrong with just using paper ballots? I'm totally baffled by the complex array of punch cards, electronic voting machines, and all the other Rube Goldberg ways of voting you Americans seem to have.

Here in Canada, we get a card. It has candidates names on it, with a big circle or square beside each name. The instructions says, "Put an X in the box beside the person you wish to vote for". We do so. We take it up to the counter, and they run the card into a computer tabulator. If it can't read the card, it rejects it on the spot and you are sent back to fill out another one. If it accepts the card, a worker checks your name off the voters list, and you leave.

No hanging chads, no butterfly ballots, no Diebold machines, NO COMPLAINTS. My technophobe mother can figure out how to fill out the ballot. The electronic tabulation is instant, and vote counts are sent in minutes after the polls close. And we have paper ballots as backup to check the electronic totals. What is so hard about that?

If you must use the Diebold machines, how hard would it be for the machine to spit out a paper slip at the end, so there's an instant record? Let the voter review it to verify that it recorded his vote correctly.

This isn't rocket science. It baffles me that you guys have so much trouble coming up with workable voting systems.

Oh, and let me add my voice to those who think that storing voter records in an unsecured Access database is completely frickin' insane.

This is why government should not be trusted to run society. It can't do anything right.

What the hell is wrong with just using paper ballots? I'm totally baffled by the complex array of punch cards, electronic voting machines, and all the other Rube Goldberg ways of voting you Americans seem to have.

But technology is cool! :)


I remember from several Thomas Nast cartoons -- in the late 19th Century, apparently a "ballot box" was a glass globe in a wooden frame. So everyone could watch every ballot as it was dropped in the slot. Any pre-election stuffing would be obvious, and you had to break the globe to count the votes. I wonder why we dropped that?

This is why government should not be trusted to run society. It can't do anything right.

To be fair, in this particular instance the problem is that the government contracted out certain public functions to a private corporation.

I have no idea how Alaska implemented HAVA, but I assure you here in Ohio a voter verified paper trail is now required.

*sigh* . . . Progress always comes too late . . .

That's not what we mean by voter-verified. A voter needs to get a printout that details every single one of his votes, as well as some method of verfiying that the system and his receipt do in fact synch up. It should also have some form of unique identifier so that it could be validated against the tallied data in case of a recount. Having an election official be able to capture a screen shot when requested doesn't really cut it, as it has no identifying information to tie it back to the actual data itself.
I know what it means - VVPAT - Voter Verified Paper Audit Trail. It's an integral part of the Ohio plan.

They use DES encryption, which is publicly documented, and was actually broken a long time ago. The only secretive part of it is the key code used, and as noted, that is attainable for those with the knowledge to do so. On a side note, Diebold uses the exact same code in all machines, and it's embedded in the source code. Heck, I have the key itself, and will happily post it here if the mods allow. :)
That's okay. I'll take your word for it. If you say the key to the encryption system is public, I'll accept that.

And stop posting while I'm composing. Damn you, DMC. :D

I know what it means - VVPAT - Voter Verified Paper Audit Trail. It's an integral part of the Ohio plan.I agree that Ohio is now going that route. I'm merely stating that it's not a requirement of HAVA.

To be fair, in this particular instance the problem is that the government contracted out certain public functions to a private corporation.

Which only means they are lousy at outsourcing, too. Was there no oversight? Couldn't the government have hired, say, a 3rd year computing science student to help decide if the private company was totally nuts?

No, and the reason was probably because Diebold got the contract due to some backroom deal between a couple of senators trading favors. Like everything else in the government is done. Like those 16,000 plus 'earmarks' that get added to the budget.

Government is incompetent. It should do as little as possible.

And stop posting while I'm composing. Damn you, DMC. :DWill the mods allow me to tell you to bite me if they are aware that we know (and actually like) each other in real life? :)

Sam, it sure is fun when you and I completely agree on something. I'm thinking that any issue that we both agree on should probably make it into law by default. There wouldn't be a lot of laws, but they'd sure be widely agreed upon. :)

By the way, while I'm not going to link to it without mod permission, even though the DCMA won't protect against hyperlinks (Kucinich actually directly links to some of these on the house website :D ), anyone who wants to get a nice education in this mess would be well served to google the phrase diebold memos, and do some reading. It's entertaining, in a very very frightening way.

No, and the reason was probably because Diebold got the contract due to some backroom deal between a couple of senators trading favors. Like everything else in the government is done. Like those 16,000 plus 'earmarks' that get added to the budget.
This, most assuredly, was not the case in Ohio. There were three electronic voting systems certified by the Ohio Sec State; Diebold makes only one of those three. In order to even qualify to supply a system for certification testing, the candidates had to survive a competitive bid process. The certification tests were designed by a third party (Compuware) and approved by the Ohio Sec State. The certification tests run in Ohio actually uncovered flaws that went unnoticed in some other states - like California. Again, I have no idea how other states have certified machines for electronic voting, but here in Ohio, the process has been very thorough. I posted a lot more detail about this in a November '05 thread.
That stuff may be found here: http://boards.straightdope.com/sdmb/showthread.php?t=343131

Government is incompetent. It should do as little as possible.
I agree with you completely, Sam.

I agree that Ohio is now going that route. I'm merely stating that it's not a requirement of HAVA.
Gotcha. Looking back at my post where I first spoke of HAVA, it does indeed look like I implied VVPAT was required at the federal level by HAVA. This, as you note, is not true. My apologies for the confusion. I had meant only to state that in Ohio, as part of their plan for implementing HAVA, VVPAT was made a requirement. VVPAT is not part of HAVA; it was merely implemented concurrently here.

. . . anyone who wants to get a nice education in this mess would be well served to google the phrase diebold memos, and do some reading. It's entertaining, in a very very frightening way.
I'll do that - next week. Thanks for the lead, DMC.

And with that, I gotta bow out for the weekend. I'm off to Chicago to see [url="http://boards.straightdope.com/sdmb/member.php?username=porcupine"[/url]. Y'all have a good weekend, too.

The certification tests were designed by a third party (Compuware) and approved by the Ohio Sec State. The certification tests run in Ohio actually uncovered flaws that went unnoticed in some other states - like California.This brings up a funny little story. While I don't question for a minute Compuware's diligence in attempting to find problems with the software of the various bidding vendors, the reason I don't question it is that they are developing software for a competitor (http://www.compuware.com/pressroom/customers/1371_eng_html.htm) to those who made bids. Not only is there a potential conflict of interest (which in this case happened to end up positively, by forcing a vendor to fix things), it sort of punches big gaping holes in the whole "trade secrets" arguments.

And with that, I gotta bow out for the weekend. I'm off to Chicago to see porcupine (http://boards.straightdope.com/sdmb/member.php?username=porcupine). Y'all have a good weekend, too.Tell her I said 'Hi!'.

. . . anyone who wants to get a nice education in this mess would be well served to google the phrase diebold memos, and do some reading. It's entertaining, in a very very frightening way.

Hmm . . . First hit I got was from Indymedia -- http://www.indybay.org/news/2003/09/1649419_comment.php:

The following is a link to the incriminating stash of Diebold Election Systems memos... please take copies of this data and redistribute...

http://www.sentry.nu/s/lists/

This set of emails has been posted all over the place and shut down all over the place. Webmasters - especially those out of the reach of the DMCA - are encouraged to take a full copy of the memos at the above link.

For background.... the following summary was posed on DU when the Italian set of files was posted...

But the embedded link doesn't work. Very interesting . . .

If you must use the Diebold machines, how hard would it be for the machine to spit out a paper slip at the end, so there's an instant record? Let the voter review it to verify that it recorded his vote correctly.

This isn't rocket science. It baffles me that you guys have so much trouble coming up with workable voting systems.

I bet it would be one HELL of a lot easier if our elections were run by an independent voting commission instead of the party that holds power in state government. Fix that central fuckup, and a lot of other "insurmountable" fuckups will go away very quickly and easily.

I bet it would be one HELL of a lot easier if our elections were run by an independent voting commission instead of the party that holds power in state government. Fix that central fuckup, and a lot of other "insurmountable" fuckups will go away very quickly and easily.

How would the commissioners be chosen?

How would the commissioners be chosen?

Hell, set up a politically neutral board to choose them. I realize that "Politically Neutral" as an ideal is gonna be tough, but apparently it works in other countries. I find it hard, very hard, indeed, ALMOST IMPOSSIBLE to believe that any halfway honest attempt at political neutrality won't beat our corruption-enabling system all to hell.

Hell, set up a politically neutral board to choose them. I realize that "Politically Neutral" as an ideal is gonna be tough, but apparently it works in other countries. I find it hard, very hard, indeed, ALMOST IMPOSSIBLE to believe that any halfway honest attempt at political neutrality won't beat our corruption-enabling system all to hell.

In Florida, the Committee for Fair Elections -- http://www.committeeforfairelections.com/ -- is trying to pass a constitutional amendment to take the redistricting power away from the state legislature and give it to an independent commission. The commission would not run the elections, it would only redraw the legislative (including U.S. House of Representatives) district boundaries; but it could be a model for what you're thinking of. The commission would have 15 members:

3 nominated by the majority party in the state Senate
3 nominated by the minority party in the state Senate
3 nominated by the majority party in the state House of Representatives
3 nominated by the minority party in the state House of Representatives
3 nominated by the state Supreme Court, from a list of names provided by the judges of the five appellate District Courts; each District would provide a list of five names, all of whom must have been registered voters, but not with either major party, for the previous two years.

So, in sum, the commission would have 6 Dems, 6 Pubs, 3 independents; none would be office-holders; 10 of the 15 would have to agree on any redistricting plan. Elaborate, but balanced. The commission would be created at redistricting time (decennially), then dissolved when its work is done.

What the hell is wrong with just using paper ballots? I'm totally baffled by the complex array of punch cards, electronic voting machines, and all the other Rube Goldberg ways of voting you Americans seem to have.
.
The argument in California for electronic machines is that they allow the disabled to vote. They are easier to use than the old chad-friendly ones, but not as easy as paper ballots.

Since Diebold machines seem to have failed California's screening, there is a move afoot to use 100% absentee ballots. In the last election I think my county was up to 50%. Seems to solve the problem nicely.

BTW, I think a lot of people in this thread are mixing up two meanings of proprietary. A proprietary format, like that used by Microsoft Office, is owned by one company, and is proprietary in that sense even if it is published. Proprietary information is stuff not revealed outside a company, except under special license or agreement. Proprietary information does not have to be innovative or patentable. The ordering of the fields of Diebold's records would be proprietary. Thus, I think they are right that the formats are proprietary. The issue is whether the public good should require them to publish it, and what harm would they suffer if they did. Mr. Bricker might tell us the factors involved in making that decision.