California Sues E-Voting Firm That Threatened California's Secretary Of State

from the vote-early,-vote-often dept

Remember how e-voting firm ES&S originally refused to hand over its source code to California Secretary of State Debra Bowen? And, then, when it finally did hand over the code, how it did so with a petulent, threatening letter, warning her that they would hold her personally responsible for any disclosure of ES&S trade secrets? In retrospect, it probably wasn't such a good idea for the company to include those threats -- especially when the company had changed the source code on some of their machines without telling the state or bothering to have the new software re-certified. After an investigation, California has now sued ES&S for giving the state uncertified e-voting machines. Perhaps those were the "trade secrets" ES&S was so worried about Bowen leaking out. Or maybe it was how ES&S machines have been found in some cases to count votes in triplicate or not at all. Or maybe it was the trade secret involving how the company knew its machines were buggy and prone to problems. Or the one about how it "forgot" to disclose, as required by law, the fact that some manufacturing took part overseas.

As for ES&S's response to the lawsuit, the company appears to have two defenses. First, it claims that the software changes were only "minor" so it didn't need to inform the state. Unfortunately, that's not what California law says -- and it's difficult to see why anyone would think that ES&S gets to decide what software upgrades are minor or not. Even more troublesome is ES&S's second response, claiming that this lawsuit "isn't in the best interests of California voters" because disabled voters won't be able to vote with ES&S's machines. Unfortunately for ES&S, this isn't about helping disabled voters vote -- it's about helping them (and others) vote reliably and accurately in a way that the state has certified -- and on that point, it appears ES&S fails.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Anon, Nov 21st, 2007 @ 2:01am

    responses

    "isn't in the best interests of California voters" = a weak attempt at making the state look bad if they continue the lawsuit.

    I have seen what some 'minor' code changes can do when released without proper testing. They can take down a companie's system for hours.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Da_ALC, Nov 21st, 2007 @ 2:04am

    I bet Ramses the 3rd covered all his tracks. Goverments and who they employ are beyind a joke now. We all know they lie to us continously and allways have, getting very sloppy these days tho.
    In the UK the gov has lost its way alltogether. Cant do anything right and the whole system needs replacing really.

    E-voting machines really should be so simple, that they cant help but be 100% secure. This is a fact of electronic hardware and programming.

    Now if we werent surrounded by scum everywhere who try and kill you for your opinion, we wouldnt have to hide our votes.. but thats the way of the Human so it seems... Am I wrong?

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    DadsDrive, Nov 21st, 2007 @ 2:46am

    Go back to paper

    I tend to "hug trees" but paper is the only way to insure the votes may be counted. We did it when the population was smaller, more people isn't the problem, we have many more available to count them, and more to watch the counters.

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    tried and true, Nov 21st, 2007 @ 2:59am

    Re: Go back to paper

    they tryied bot in France this year.
    The few unlucky who had to use the machines where in for a surprise :
    some actually couldn't vote until AFTER the results were known.

    Talk about a joke, and the machine were there so that it would take less time....
    On top of that the machines are not designed with the elderly in mind so the UI is a mess and thus a portion of the population can't even use them properly.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    JustMe, Nov 21st, 2007 @ 5:23am

    How about a novel concept - Jail Time

    for executives who knowingly break the law. Instead of a fine or another 'slap on the hand' style punishment what about putting these people behind bars with the scum of the earth*? Give them Mike Tyson's used pink underwear and make them spend a few years in the tent jail out west.

    * No offense Scum, you know we love ya!

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Dan0, Nov 21st, 2007 @ 5:48am

    can

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Dan0, Nov 21st, 2007 @ 5:54am

    can't trust anyone

    with politics and interest groups controlling the global economy, it is hard to put faith in anyone. The democrats and republicans take money from everyone. but more inportantly, any company.

    If have a company create this, do you then have to find out what boards all the executives are on and their party affiliation? If they are public, do you then have to investigate who has a major/minor investment in the company? Can you even trust the government to create the software?

    I'm not a conspiracy theorist, but I am paranoid.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    STJ, Nov 21st, 2007 @ 5:57am

    Doesn't this just open the door for some California geeks to get together and make the machines the right way?

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    SteveD, Nov 21st, 2007 @ 6:10am

    Petulant, not Petulent :P

    Hey Mike, can you link to the part of the letter that contains these threats? The original TheRegister article doesn't quote anything that seemed threatening, or 'petulant' for that matter. The author of the article didn't question any of the letters content itself.

    All that’s mentioned is ES&S's concerns over its IP, and a warning that by accepting the source code the SoS would in turn be responsible for safeguarding this IP. Why is that unreasonable? It seems fairly standard for a business.

    Perhaps this is down to interpretation, but the title of this entry seems rather sensationalist and isn’t supported by any of the facts contained. It implies (if not directly states) that the company is being sued for threatening the SoS, when in fact it’s being sued for supplying uncertified voting machines. There is no mention of the ‘threatening letter’ in the SFGate article.

    While I’m on your side when it comes to the importance of openness and impartibility as a requirement for companies working in this area, such headlines in turn don’t do your own credibility any favours. I normally read techdirt to get away from such tabloid journalism. : /

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Brain, Nov 21st, 2007 @ 6:39am

    How hard is it to program a voting machine?

    How hard is it to program a voting machine and have the ballot printed out on register paper so the voters can double-check before putting it in an actual box? It could be done in about 20 lines of code and run on 25 year old, 64k machines.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Anonymous Coward, Nov 21st, 2007 @ 6:40am

    I don't understand what is so complicated about making these machines work right. Maybe I'm oversimplifying but isn't a voting machine just a beefed up counter? That's like the second thing you learn how to code. What could be so hard about pressing a button and increasing a counter? It's one line of code - candidate1++

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Fernando From Brazil, Nov 21st, 2007 @ 9:38am

    e-voting

    Brazil (182 million people and bigger than US minus Alaska)has been using e-voting for some ten years now with absolute reliability. We've developed the hardware and software. We vote in small, simple machines. A B&W small LCD screen, a telephone like big keys keyboard (with dots for visually impaired people) and a internal printer. When you come to vote, the person in charge check your name from a list, enter his or her personal code that unlocks the machine, you go in, punch the number of your candidate, his or her photo shows up and you have two options: confirm or not. You can also press a white key which means a blanc vote or you can enter an invalid candidate number and confirm, it equals to voting null (like voiding your ballot). The votes are printed and fall into a small sealed bag for checking in case of doubt. At the end of the day the data stored in the machine (which is encrypted) is transmited to the tribunal via a dedicated line and counted. We have more than 90% of the votes counted in less than 8 hours! GWB wouldn't stand a chance with this system!

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Fernando From Brazil, Nov 21st, 2007 @ 9:45am

    e-voting, The machine

    You can check the machines on the link below. http://www.google.com/images?q=urna+eletronica&sourceid=navclient-ff&ie=UTF-8& rls=GGGL,GGGL:2006-29,GGGL:en Or enter "urna eletronica" at Google Images.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Anonymous jerk, Nov 21st, 2007 @ 10:39am

    Not that these were/are high profile targets anywa

    Does anyone remember those automated custom card printers from several years ago? They were all but tamperproof, if I remember correctly. There wasn't a way to plug in any sort of drive (not that USB drives were that common back then anyway).

    How about the photo printing machines at Walmart/Meijer/Target/every corner drugstore. They make their money by HAVING a way to plug in an external device, and the hardware and software on those systems is designed to stop outside applications from running.
    Perhaps Diebold and ES&S should take a cue from Kodak

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    spanky, Nov 21st, 2007 @ 10:52am

    e-voting

    Well, I don't know if it is just me. Since every library and a great percentage of homes has a computer why not use these? Why waste taxpayer monies on systems that apparently far less reliable than a pencil and paper ballot. I am pretty sure the last time I used the electronic machine ( it was Nov 6 ) it sneezed on me . While I felt no ill effects my computer seemed to be ill after using it. Anyone else have this problem?

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Anonymous jerk, Nov 21st, 2007 @ 10:54am

    RE: e-voting

    I noticed that too!! I wondered what was up with that!

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    DadsDrive, Nov 22nd, 2007 @ 9:09am

    Paper don't have BOTS or spyware

    Even IF we were to vote via online computer using our S.S.N. or National I.D., how would you know the vote was counted?
    Seriously, How?
    Secure web page? Don't make me laugh
    Paper and water proof marker X marks the spot.
    All paper ballots would remain a permanent record and held in public view, not in a warehouse, until such time there were no issues and recounts (mandatory) were completed.
    Why if these elected to terms spanning years need to have our fate sealed within hours after an election?
    What is it that you people do not understand about software?
    On route to the central tabulation data processing station a simple process can alter all the data. Opps
    Surely you wouldn't trust Microhard's Internet Exploder browser to deliver the goods?

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    r. decline, Nov 26th, 2007 @ 8:15am

    why don't they work?

    why is it that these companies can build a reliable atm machine but can't seem to build one that adds one vote and prints proof that it did? i can withdraw, deposit, get a statement, set my language prefs, transfer funds etc etc but for some reason i can not trust a machine to add my one vote to someone?!?!?! maybe i'm missing something and adding up votes is more complicated than banking but i don't think so.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This