Tuesday, January 24, 2006

Susan Pynchon: Diebold in Florida

There's been big questions from the 2000 and 2004 elections about whether the election system is rigged. In the 2004 elections a big sideshow formed around electronic voting machines, especially those from Diebold. The electronic voting systems (a.k.a. touchscreen voting) was supposed to fix the glaring problem with the 2000 election fiasco, which centered on the punch card system. But that's presuming touchscreen voting is the only alternative, which it is not.

"I Saw It Hacked": Diebold in Florida by Susan Pynchon relates a test performed in Leon County Florida of the Diebold voting system installed there. This test has become rather infamous as the "Harri Hursti Hack".

What she describes is a staged test. They ran a small mock election in which Harri Hursti demonstrated a vulnerability with the Diebold voting software.

Her article contains this very powerful paragraph:

And there, on the central tabulator screen, appeared the altered results: Seven "Yes" votes and one "No" vote, with absolutely no evidence that anything had been altered. It was a powerful moment and, I will admit, it had the unexpected result for me personally of causing me to break down and cry. Why did I cry? It was the last thing I thought I would do, but it happened for so many reasons. I cried because it was so clear that Diebold had been lying. I cried because there was proof, before my very eyes, that these machines were every bit as bad as we all had feared. I cried because we have been so unjustly attacked as "conspiracy theorists" and "technophobes" when Diebold knew full well that its voting system could alter election results. More than that, that Diebold planned to have a voting system that could alter results. And I cried because it suddenly hit me, like a Mack truck, that this was proof positive that our democracy is and has been, as we have all feared, truly at the mercy of unscrupulous vendors who are producing electronic voting machines that can change election results without detection.

Okay, so she managed to put together a powerful paragraph, but I don't see her report demonstrating what she claims. Nowhere in her report is this claim substantiated:

However, the Hursti hack is individually significant because the flaw it exposed is a planned vulnerability in the system, not something that is accidentally there. It had to be PUT there (programmed) on purpose.

I work with software and software quality in my job. I know very well that every piece of software has bugs in it. The existance of a bug doesn't constitute proof that the author purposely put that bug there.

She has not demonstrated that Hursti's hack is anything more than a bug in Diebold's software.

It's easy to point a finger at the Diebold corporation and claim they're evil. Their CEO was widely quoted before the 2004 election as boasting about how GW Bush would win the election. And of course it's easy to think, that might not have been bravado, but knowing that he can go in and twiddle the election results and ensure that GW Bush would win the election.

I agree with her theory -- it's very possible for Diebold or any other election hardware vendor to be selling machines which contain backdoors allowing elections to be rigged. For our democracy to succeed we have to ensure that's not the case, and that has to involve independant auditing of the voting machines. The secrecy surrounding the election hardware is troubling as it impedes the public from independantly verifying the voting machines are trustworthy. Unless the people can trust the voting machines, how can the people trust that our representatives were properly elected?

But that's just a theory until you can prove the assertion. In her story she brushes over the proof, jumping from describing the test to concluding that therefore Diebold purposely implanted the backdoor which Hursti walked through.