State fights Diebold over e-voting security

In Friday's IT Blogwatch, a slightly hung-over Richi Jennings watches Maryland wanting its $8.5 million back from Premier Election Solutions (née Diebold). Not to mention disappointing Christmas gifts...

Lisa Rein reports:

Diebold logo
Maryland Attorney General Douglas F. Gansler filed a claim against Premier Election Solutions to recover $8.5 million spent by the state to fix problems with the company's touch-screen voting machines.

The claim against Texas-based Premier, formerly Diebold, alleges that state elections officials were forced to spend millions of dollars to address a host of security flaws in the machines from 2003 through the November election.

Many of the problems could have compromised the integrity of the election had they not been fixed, officials said. Now the state wants its money back.

Robert Daniel adds:

In December 2001, a Wednesday statement from Attorney General Douglas F. Gansler says, the state contracted for the touch-screen system with Premier ... The state has spent some $90 million on hardware, software, documentation and support service under that contract, the statement says.


But later, "independent investigations revealed concealed security vulnerabilities" that had to be repaired before the system could go into operation ... [So] the state will not pay nearly $4 million that Diebold has billed for services it provided for the 2008 state election.


Dave Byrd, president of Premier Election Systems, said in a statement that Maryland's charges are "inaccurate and unfounded" and that the 2008 vote was one of the smoothest in the state's history.

Cornwallis told you so:

And this is what pisses me off so much! People like Avi Rubin WARNED of the pitfalls in Dielbold (and other) systems years ago and the pols didn't listen. I remember writing to my Maryland State Rep YEARS ago about inherent problems in Diebold systems and referred him to Professor Rubin's work and got the pat-on-the-head response telling me not to worry.

Screw all of them. I can't believe how angry this makes me.

Stop! Pay troll8901:

I feel sorry for Stephen Heller, the whistleblower who was charged with three felonies for revealing Diebold's legal problems, in Feb 2004.

Frosty Piss is galled:

Diebold's problems have ... everything to do with incompetent design and execution. Which is all the more galling considering the relative straight-forwardness of the programming task.

Steven James says there's more to it:

The programming itself is quite straight-forward but the system design is subtle due to the need for verifiability at every step, not just for experts, but so that interested laymen can at least grasp the verifiability in overview.

The Diebold systems fail on all counts including the straight-forward programming. They also managed to fail at version control, source audit and binary certification by loading unapproved patches onto unknown binary versions the night before an election while refusing to reveal the source even to government auditors ... A voting machine should only accept new executable code through a JTAG or similar port locked safely inside the case.

InsertWittyNameHere inserts a witty comment:

They should hold a referendum so people can vote for getting rid of these flawed electronic voting machi.. oh wait.

And finally...

Buffer overflow: Other Computerworld bloggers:

Like this stuff? Subscribe to the RSS feed.

Richi Jennings is an independent analyst/adviser/consultant, specializing in blogging, email, and spam. A 23 year, cross-functional IT veteran, he is also an analyst at Ferris Research. You can follow him on Twitter, pretend to be Richi's friend on Facebook, or just use boring old email:

Previously in IT Blogwatch:

Shop Tech Products at Amazon