Tennessee to purchase black-box voting machines

Posted by R. Neal

Jumping on the "Free-Federal-Funding-for-Black-Box-Voting-Machines" bandwagon, Tennessee is set to spend $25 million on new electronic voting equipment. Except we haven't had the kinds of problems they had in Florida and Ohio, and nobody can explain what's wrong with our current equipment or why we need new equipment. Sure we have a bunch of Democratic Congressional districts, and a so-called Democratic governor. But we went for Bush twice in a row. What's the problem? Seems like the $25 million could be better spent on TennCare or Katrina reconstruction.

In related news, poor old Diebold says they won't sell their black-box voting machines to those mean old election officials in North Carolina who insist on reliability and accountability:

Diebold Election Systems is worried it could be charged with a felony if officials determine the company failed to make all of its code -- some of which is owned by third-party software firms, including Microsoft Corp. -- available for examination by election officials in case of a voting mishap.

[..]

The dispute centers on the state's requirement that suppliers place in escrow "all software that is relevant to functionality, setup, configuration, and operation of the voting system," as well as a list of programmers responsible for creating the software.

That's not possible for Diebold's machines, which use Microsoft Windows, Hanna said. The company does not have the right to provide Microsoft's code, he said, adding it would be impossible to provide the names of every programmer who worked on Windows.

Who knew Windows had election specific functionality buried deep in the operating system? That's just about the stupidest argument I've ever heard. What are they hiding?

I seriously doubt that NC state law requires deposit of the source code for the operating system or any other software not written by the election system vendor. No escrow agreement I've ever seen or heard of requires the operating system to be on deposit. That would be ridiculous. If there's some ambiguity or flaw in the statute, I'm sure it can easily be fixed.

Software escrow is common in many industries, for the purpose of audit similar to this case, or for business continuity in the event of vendor default or bankruptcy. Software vendors understandably don't like it because they want to protect their source code and proprietary trade secrets from competitors and other prying eyes, but they routinely do it. And it certainly seems appropriate for something as critical as election systems.

Besides, hackers and computer science researchers already had a look at their source code when Diebold was too stupid to secure their FTP servers. Researchers at Johns Hopkins analyzed the software, and concluded that it had serious security flaws. California officials decertified the system just prior to the 2004 elections after problems with the machines surfaced in California, Maryland, and Georgia. And don't forget, the president of Diebold, an Ohio company, said in 2003 that he was "committed to helping Ohio deliver its electoral votes to the president next year". And we all remember how that turned out.

Anyway, I'm not so paranoid yet as to believe that Diebold is an evil company out to systematically rig elections. Heck, I trust their ATMs without reservation. But black-box voting machines have too many problems, and Diebold is the dominant vendor in the industry. They should be leading the way with secure, reliable, and verifiable equipment open to inspection. At the very least these systems should have a paper audit trail that can be independently verified by human eyes. Otherwise, there is no overall accountability and "recounts" are a joke.

OK, then.