Topic: Couldn't be so...
The Next Election: Let's All Join In For The Results We Want
This isn't really a local issue but it is, and it isn't. In his February 23rd Los Angeles Times column, Golden State, Michael Hiltzik, was a bit exercised about this -
Well, they were in a jam and spent over thirty million, so Bruce McPherson saved the day. Of note, just as Condoleezza Rice was appointed by George Bush to be the Secretary of State at the federal level, so Bruce McPherson was appointed by Arnold Shwarzenegger to be California's Secretary of State. Neither is an elected official. The respective legislative bodies advised (like it mattered) and consented (what the heck). Approved.
Well, these are just staff people. They implement what the boss wants. And they want to stay in power, and make sure their friends stay in power.
Now Rice has done some odd things recently. She testified to congress that she needed to spend a whole lot of money, seventy-five million - to fund groups in Iran that would then, being well-funded, rise up and overthrow the theocratic oddballs that run things there now and are building nuclear weapons. But as anyone can see, this isn't exactly effective diplomacy, as now any anti-government group there will be mocked and rejected. You may be against the ridiculous government here, but obviously you're a tool of the Americans fighting our brothers in Iraq - you took their money to do this protesting and plotting - their own Secretary of State said she's funding you! (See this - "It's long been known that pro-democracy groups and their supporters in Iran would be discredited if they were publicly linked to the Great Satan. Worse yet, that open linkage would give Iran's secret police agencies an excuse to crack down brutally on them as enemies of the state, charging their leaders with subversion.")
It's hard to get good staff people these days.
As for Bruce McPherson, he commissioned a panel of computer security experts to look into the Diebold systems and tell him if they were secure. Could they be hacked? Could votes be altered? Well, they reported on February 14 that, yes, they could. Not very clever folks could tamper with the removable memory cards and change the results and no one would be the wiser. And by the way, there were sixteen other software problems that would, as the Times reports, cede "complete control" of the system to hackers who might then "change vote totals, modify reports, change the names of candidates, change the races being voted on." And there were ways to crash the machines, bringing an election to a halt. And hackers "wouldn't need to know passwords or cryptographic keys, or have access to any other part of the system, to do their dirty work." Or so said David Jefferson of Lawrence Livermore National Laboratory, David Wagner of Berkeley, and the assorted others on the panel.
The biggest problem?
That would be this -
Three days later McPherson - shrugging, one assumes - certified the machines.
Close enough? Scientific and technical folks worry too much?
That's what they say at the national level about all those people who say there's this global warming going on. The president listens to the to pop novelist Michael Crichton (see this), so who needs the scientists? (That last Crichton novel on the topic was lively, even if one sees here that Crichton has admitted to once plagiarizing a work by George Orwell and submitting it as his own.)
On the state level? Michael Hiltzik adds more here, if you like detail - Diebold's defense (people do think we're accurate), the experts' report, the Secretary of State's announcement (PDF format) of conditional certification, the summary of the University of Iowa 1997 discovery of the coding problem, and more, including this -
Ah, this cryptographic key written into the source code of every Diebold voting machine used anywhere in the country - F2654hD4!
Cool. And this is not just a California issue.
Diebold responded, three years ago, to the Johns Hopkins' paper, specifically, here - this flaw and the other bug are "manageable by a reasonably careful combination of short-and long-term approaches" Just be careful. Lock everything up, physically? Heck, why not go back to paper ballots?
The Johns Hopkins team responds here - bad code, hack one machine and you can hack them all nationally, and the fix is easy. (Those of us who have been coding since the eighties know you never embed the key to the whole system in the code itself, the code that you can see - that's a rookie, bonehead mistake.)
The major-league commentator at the Washington Monthly, Kevin Drum, who writes from down in Orange County (he used to write under the name CalPundit), covers the same ground here, and he seems a tad amazed -
Good question. But who would rig the vote?
Well, it's easy to do. F2654hD4 It's in there, in each and every machine. Have fun. From Kevin Drum - "And the 8-byte password used for Diebold's voter, administrator, and ender cards is ED 0A ED 0A ED 0A ED 0A. (Aren't you glad this stuff is so easily found on the internet?)"
Yes indeed. But our side plays by the rules. We'd never use this information to cheat.
And as all this above makes it way around the net - Drum has an incredibly wide readership - this will be a problem that gets fixed. The code and password will be everywhere. Diebold will have to do their job. Rove will weep. But that's the way things are these days.
On the other hand, Diebold may stonewall. Have fun, if you have the chops.
As for what's over at the pesky national clearinghouse of information on such matters, Black Box Voting, some of the current items are these - someone accessed forty Palm Beach County voting machines November 2004 and the voting machine logs contain approximately a hundred thousand errors, and convicted embezzler Jeff Dean, the Diebold head tech guy, remotely accessed the voting machines in major California counties for 2000 election when you can't do that (so they say), and on and on.
And our friend Doug Yeats sent is this local news story -
And this -
California, Florida, Alaska. It's not a local story. Pennsylvania and Ohio (this - Hearings On Ohio Voting Put 2004 Election In Doubt - is still unresolved). Diebold's CEO, Walden O'Dell, did say he was "committed to helping Ohio deliver its electoral votes for the president." It worked.
Maybe they just don't want us to vote. Voting and thinking your vote counts? That's for chumps. That's for the Iraqis. We've moved on.
A question from Rick, the News Guy in Atlanta -
Good Question. Yes, the code is in each machine. But, except for isolated precincts at, say, Brokeback Mountain, the voting machines are networked. The key is also hard-coded on the server software of course, so you can get physical access to a single machine somehow, or remotely break into the server linking them (not impossible). Change results at a node, or change results being fed from any of the nodes to the server, or change the tables on the server. Your choice. The usual scenario is one of the Diebold workers, the tech support guy for example, doing routine maintenance, adjusts the votes. If he can, someone else, with a little hacking, can too.