ES&S E-Voting Machines Gave Votes To A Totally Different Election

from the i'd-say-that's-a-whoops dept

You may recall last year that when we had a series of posts about the fact that e-voting companies refused to let independent security experts review their machines, we had a representative from e-voting firm ES&S show up in the comments and repeatedly berate us for not knowing what we were talking about. That individual insisted that the machines were perfectly well tested. He also insisted that elections using e-voting machines were "extremely scrutinized and very reliable." Of course, we haven't heard from that individual lately -- not since an independent review of ES&S's machines found that security was seriously lacking leading various states to quickly decertify many ES&S machines. Oops.

Reader Jose Luis Campanello writes in to point out a story we missed from last week, about how some ES&S machines used in a state primary in Arkansas didn't just screw up counting the votes, it assigned votes to a totally different election -- and those "lost" votes changed the result of the election. No one seems to have any idea how this is even possible, let alone how it happened. Somehow, I get the feeling that no representatives from ES&S will show up this time to tell us how their machines are perfectly reliable and don't need any kind of independent review. Luckily, in this case there was a voter-verified paper trail (which some insist are a bad thing), which allowed election officials to backtrack and figure out what had happened and correct the mistake. Without the paper trail, there would have been no way to have even realized this mistake happened.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Anonymous Coward, Jun 5th, 2008 @ 9:02am

    So what pray tell did those people vote for? I hope it was to give me a million dollars. That'd be cool. I'd even forgive ES&S this once.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Trevlac, Jun 5th, 2008 @ 9:07am

    I know I should be angry but I just can't; I laughed so hard!

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Wolfy, Jun 5th, 2008 @ 9:07am

    Any bets that the votes were "mis-placed" to a Republican?

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Tony, Jun 5th, 2008 @ 9:09am

    My thoughts

    Well everytime I read about e-voting machines, i think that it's can't be that hard to keep a simple database with just a few choices.
    Part of my job is to maintain a POS system. we are a small company but have around 8000 items. all being sold through a few checkstands. I've only seen a very few errors in the system with the inventory, that isn't caused by human error, (meaning not ringing the right items, or not putting the item in). I just don't see how it can be so hard to keep track of the votes.

    For the Paper tail. I think it is a great idea. you can verify what it says, and place it in a box for the election officals to use if needed to verify the electionic votes. it reminds me of reciepts. the stores trust reciepts over the electic data.

    From what i see there are systems very simular to what evoting machines should run like. but they do need to add more features to prodect the data then most retail stores have.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    danny, Jun 5th, 2008 @ 9:11am

    Abacus

    The computer (as voting machine) is just a very sophisticated abacus.

    Election criteria is control data that must be entered into the database by humans. Human errors will happen. I see no way to fully automate this nor keep it from happening.

    We require triangulation of data sources to fix the human errors that will occasionally arise.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Trevlac, Jun 5th, 2008 @ 9:14am

    Re: Abacus

    HOLY CRAP, A DALEK!

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Danny, Jun 5th, 2008 @ 9:14am

    Re: My thoughts

    "I think that it's can't be that hard to keep a simple database with just a few choices."

    Tony, as discussed here previously - and as discussed in many eVoting articles, it isn't as simple as a POS system or an ATM. The complexity in voting systems stems from the desire to make individual votes anonymous. The audit trail needs to be complete to provide for error/fraud detection while at the same time preserving anonymity of individual voters.

    Several schemes exist for doing this, but they are not simple.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Jun 5th, 2008 @ 9:15am

    As a database designer and software developer this boggles my mind. How does this even happen? They have no unique identifiers on elections? They have all the results going into tables that are not empty without uniques? At the very least shouldn't they be date stamped? WTF?

    Ok, the only thing I can even guess at is that someone reused a machine without resetting it or something... otherwise they have some of the most "special" data and software guys on earth working on these machines.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Trevlac, Jun 5th, 2008 @ 9:18am

    Re:

    I'm pretty boggled about this myself being a programmer. I just can't see how it's possible to fail THAT hard and still make any machine at all. You're smart enough to make *A* database and tie a user front-end into it. Smart enough to manage all of these machines that use the front-end. But somehow you ...didn't? Yeah, I'm stumped. They say genius has a limit but stupidity isn't bound by that rule.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Kevin, Jun 5th, 2008 @ 9:20am

    So paper trails ARE bad

    After all, if there's no paper trail to prove otherwise, then ES&S machines work flawlessly!

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Me, Jun 5th, 2008 @ 9:22am

    2 cents

    I worked for one of these companies in NC. If you think the portable electronic units are the root of misconduct you need to look into the actual voter databases to store the data...security is no safer than a cobweb...

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Anonymous Coward, Jun 5th, 2008 @ 9:26am

    I am from arkansas, and I live in the county where this happened. I remember last years comments about the voting machine, and defended those machines because there was a paper trail. This occurence backs up my defence of e-voting, provided the machines in question have a hardcopy that the voter can see and approve before submitting.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Anonymous Coward, Jun 5th, 2008 @ 9:33am

    Re: Re: My thoughts

    "Several schemes exist for doing this, but they are not simple."

    Bull.

    Here ya go. Give each user a UUID code. have the user enter it for their vote. Hash it before entering the vote into the DB. When a new code comes in, hash it and do a search before recording the vote. If it matches any record, don't let it vote. If it doesn't, then let it.

    There ya go. Annominity without letting someone vote twice.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Rich Kulawiec, Jun 5th, 2008 @ 9:35am

    This isn't surprising

    Everyone's who has been following the ongoing debacle of electronic voting systems is well aware that none of them are secure and accurate, nor is there any reasonable chance that any will be so in the forseeable future. They're merely a scam by the vendors, who have taken advantage of episodes like the Florida 2000 general election nightmare in order to peddle their overpriced garbage to fools.

    The solution is not to demand a paper trail; the solution is to demand the immediate and complete withdrawl of these systems from use.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Ben Smith, Jun 5th, 2008 @ 9:54am

    Democracy?

    What democracy? Or Democratic Republic, or whatever you'd like to call it.

    The fact is, the powers that be have hijacked our right to vote with these machines. They should be banned immediately, or required to open up their code.

    Open source is the answer if we want to have e-voting. Putting the power back in the hands of the people won't be so easy with all the behind-the-scenes bullshit that goes on with our government and these companies, who are (shocker) all huge Republican donors.

    These companies should all be brought up on charges of defrauding the voters in this country. It's criminal, pure and simple.

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Rocketboy, Jun 5th, 2008 @ 9:59am

    Sink them all...

    New York State has some of the most secure and error free mechanical voting machines. They were made by a company that also made safes. You know, someone know knows clockwork, and their business depended on it. Now, we have to get rid of them all for buggy, insecure, hackable electronic voting booths. We can't have just one or two for the people who physically cannot use the old style machine. Nooo, that would make too much sense. Instead the federal gov't basically outlawed our voting machines. Thanks to the feds, and thanks to the idiots in Florida who couldn't figure out how to vote which caused this whole mess.

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Xuan, Jun 5th, 2008 @ 10:00am

    Why do we need e-voting systems?

    The problem that prompted this "need" for e-voting is the strange system in Florida that punches holes on a card. The obviouse solutions would have been, 1: make certain the punch go through the card completely each and every time, while everything else on the card is left completely intact; or 2: replace the punch with a permanent marker, and people use the marker to mark up a voting card directly. But no, people had to go to this fancy electronic system, making some well connected people millions of dollar no doubt. I mean, if students in middle and high school can conduct multiple choice exames using paper and scanning machines some twenty, thirty years ago, how hard is it to build something similar for voting purpose?

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    ES&S, Jun 5th, 2008 @ 10:04am

    This is ES&S

    Dear Techdirt,

    This is ES&S. We are sorry.

    Sincerely,
    ES&S

    PS: This is really ES&S

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Doug B., Jun 5th, 2008 @ 10:07am

    Re:

    You may want to read the article before taking any bets.

    The article explains that the votes cast on two machines for a constable race were recorded as votes in a Democratic primary for one of the district's State House seats. So all of the misplaced votes went to Democrats. Plus, setting this scheme up would require knowing the results for the constable race beforehand on those two machines. Sorry, Wolfy, no conspiracy this time, just more poor system design and/or implementation.

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Alimas, Jun 5th, 2008 @ 10:11am

    Re: Re:

    Damn. A good conspiracy is just way more interesting.

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Alimas, Jun 5th, 2008 @ 10:17am

    Previous Story

    I wasn't going over your blog for when the previous article with the ES&S associate was berating you guys, so I went back for a read and WOW, what a crackpot.
    That guy was spinning conspiracy theories left and right trying to explain how this consortium of webmasters and book authors and media outlets were manipulating the public at large in order to make you falsely think the machines wouldn't work.
    You guys spanked his idiocy quite well.
    Good work. :)

     

    reply to this | link to this | view in thread ]

  22.  
    icon
    Alias (profile), Jun 5th, 2008 @ 11:07am

    Re: This is ES&S

    >>This is ES&S. We are sorry.

    Dear ES&S,

    This is Techdirt. At least we agree on one thing: You are sorry.

    Sincerely,
    Techdirt

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    GHynson, Jun 5th, 2008 @ 11:24am

    Dead People Voting?

    Last I heard of eVoting Machines,..
    There were registered dead people voting for a "Certain"
    candidate.
    We all know the eVoting machines are put in place so the
    "System" can manipulate the votes.
    We the people, really haven't voted for anyone since the
    early 90's

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    Anonymous Coward, Jun 5th, 2008 @ 11:27am

    trust me, the cars fine

    no no dont look there

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    Rich Kulawiec, Jun 5th, 2008 @ 11:56am

    Re: Democracy?

    At one point, I too thought that open-source software would suffice. But I've come to realize that it won't. Read both Ken Thompson's "Reflections on Trusting Trust" paper as well as Bruce Schneier's essay "How to Steal an Election" and put the two together.

    Among the conclusions we can reach by considering these together is that a sufficiently large budget (and it's available) will allow a sufficiently clueful attacker (and they exist) to subvert any such software system -- if necessary, by modifying the hardware.

    The bottom line is that we do not know how to build (or operate, equally important) such systems in a fashion that guarantees their integrity. That "we" includes the vendors, who continue to lie about it for profit.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This