Tag Archives: Diebold

Loose Change Sept 19 2006

It used to be called Loose Bits, but I prefer Loose Change. For now. It’s the same thing: tidbits I found that might be of interest:

  • First off, NeatReceipts, which sells a small scanner and special software to scan in your receipts while you’re on the road, has announced a new version of its software, which should be in the shops next month. Includes color Scanning, a better Document Organizer and better OCR. Version 2.5 will retail for $200, the same price as the current Scanalizer. I reviewed the product a few months back and was impressed, though you’ve got to really love receipts to get into it.
  • Lost in the Crowd allows you to search the web more anonymously by mixing in with your normal searches entirely random ones sent on your behalf: “What searches did you care about versus those that were just made up? There’s no way for the search engine, or anyone else, to tell.” Nice idea. Only hitch I can think of is if those random searches lead down weird alleys that may come back to haunt me.
  • Forget Google anonymity. Just worry about voting. A blog by two Princeton University types reveals an ordinary “hotel minibar” or office key will open the door on Diebold Voting Machines, allowing someone to remove, alter or replace the memory card that stores the votes.

Electronic Voting And The Criminal Connection

The story of electronic voting machines, and the company that makes many of them, continues to roll along. I wrote in a column a few weeks back (Beware E-Voting, 20 November 2003, Far Eastern Economic Review; subscription required) about Bev Harris, a 52-year old grandmother from near Seattle, who discovered 40,000 computer files at the website of a Diebold Inc subsidiary, Global Elections Systems Inc, beginning a public campaign against a company she believed was responsible for a seriously flawed e-voting system., already in use in several states.

Anyway, now she’s turned up more explosive material, it seems. The Associated Press yesterday quoted her as saying that managers of Global Elections Systems “included a cocaine trafficker, a man who conducted fraudulent stock transactions, and a programmer jailed for falsifying computer records”. The programmer, Jeffrey Dean, AP reports, wrote and maintained proprietary code used to count hundreds of thousands of votes as senior vice president of Global Election Systems Inc. Previously, according to a public court document released before GES hired him, Dean served time in a Washington correctional facility for stealing money and tampering with computer files in a scheme that “involved a high degree of sophistication and planning.”

Needless to say this is all somewhat worrying. When I followed the story I tried to concern myself merely with the technological aspects, which were pretty worrying in themselves; The e-voting system being pushed by Diebold seemed to have too many security flaws to be usable in its present state. But Ms. Harris’ digging seems to reveal a company that is, to put it tactfully, less than thorough in its background checks.

So what’s Diebold’s version? AP quoted a company spokesman as saying that the company performs background checks on all managers and programmers. He also said many GES managers left at the time of the acquisition. “We can’t speak for the hiring process of a company before we acquired it”. Acccording to Ms. Harris’ website, however, that’s misleading. Quoting a memo issued shortly after Diebold bought GES in early 2002, Dean had “elected to maintain his affiliation with the company in a consulting role”. Diebold, the memo says, “greatly values Jeff’s contribution to this business and is looking forward to his continued expertise in this market place”. AP said Dean could not be reached for comment Tuesday afternoon and I cannot find any subsequent report online.

It’s hard to see how Diebold is going to recover from what has been a series of body blows to its credibility in such a sensitive field as voting. The same day as Ms. Harris revealed her latest bombshell, the company announced “a complete restructuring of the way the company handles qualification and certification processes for its software, hardware and firmware”. Diebold hopes the announcement will “ensure the public’s confidence that all of our hardware, software and firmware products are fully certified and qualified by all of the appropriate federal, state and local authorities prior to use in any election”.

Clearly the whole fracas has done serious damage to public confidence in electronic voting. But it’s important to keep perspective. There’s nothing wrong intrinsically with e-voting — it’s a sensible way to speed up the process, make it easier for citizens and, perhaps, to extend the use of such mechanisms to allow the population to have a greater and more regular say in how their lives are governed. But like every technological innovation, it’s got to be done right, by the right people, with the right checks and balances built in, and it can’t be done quickly and shoddily. Most importantly, it’s got to be done transparently, and those involved in building the machines must never be allowed to conceal their incompetence by preventing others from inspecting their work and assessing its worthiness.

For details of Ms. Harris allegations, check out her website Blackbox Voting. A summary of the press conference is here, as are the supporting documents (both PDF files.)

Worm Hits Diebold’s Windows ATMs

It’s not happy days for Diebold, the company behind ATMs and electronic voting. Its e-voting machines have been the source of much controversy — earlier this month it withdrew its suit against people who had posted leaked documents about alleged security breaches in the software. Now its automatic teller machines have been hit — by viruses.

Wired reports that ATMs at two banks running Microsoft Windows software were infected by a computer virus in August, the maker of the machines said. The ATM infections, first reported by SecurityFocus.com, are believed to be the first of a computer virus wiggling directly onto cash machines. (The Register said in January that the Slammer worm brought down 13,000 Bank of America ATMs, but they weren’t directly infected: the worm infected database servers on the same network, spewing so much traffic the cash machines couldn’t process transactions.)

But how can an ATM get infected? SecurityFocus says that while “ATMs typically sit on private networks or VPNs, the most serious worms in the last year have demonstrated that supposedly-isolated networks often have undocumented connections to the Internet, or can fall to a piece of malicious code inadvertently carried beyond the firewall on a laptop computer.” In other words: the folk who write worms are smarter than we are.

Diebold Confirms Dropping E-voting Suit

 Diebold, the electronic voting company and the subject of a recent Loose Wire column, have confirmed that they’ve decided not to sue folk who published leaked documents about the alleged security breaches of electronic voting. 
 
AP reports (no URL available yet) that a Diebold spokesman promised in a conference call Monday with U.S. District Judge Jeremy Fogel and attorneys from the Electronic Frontier Foundation that it would not sue dozens of students, computer scientists and ISP operators who received cease-and-desist letters from August to October. 
Diebold did not disclose specifics on why it had dropped its legal case, but the decision is a major reversal of the company’s previous strategy. Ohio-based Diebold, which controls more than 50,000 touch-screen voting machines nationwide, had threatened legal action against dozens of individuals who refused to remove links to its stolen data.
 

Update: Diebold Withdraws E-voting Suit?

 Further to my column about e-voting a few weeks back, Diebold, maker of electronic voting machines, has apparently withdrawn its suit against an ISP and some individuals for posting leaked company documents about some of the problems with their system.
Stanford Law School reports that Diebold had filed papers with the court saying it ?has decided not to take the additional step of suing for copyright infringement for the materials at issue. Given the widespread availability of the stolen materials, Diebold has further decided to withdraw its existing DMCA notifications and not to issue any further ones for those materials.?
 
No mention of this yet on the Electronic Freedom Foundation’s website (which is funding legal protection for the ISP) or Diebold’s.