Guest Blogged by Ellen Theisen of VotersUnite.org
Many jurisdictions are realizing their voting systems are horribly flawed and they want to get them fixed before November. But the new systems currently under test by the federal Election Assistance Commission (EAC) have so many defects that the manufacturers have to keep repairing them before testing can continue. Consequently the EAC has not certified anything yet.
Kudos to the EAC for this!
But Gracia Hillman, one of the EAC Commissioners, recommends a way around this “roadblock” for the jurisdictions using systems that are no good. She suggests a contingency plan that would allow the jurisdictions to use new and different systems that are no good, but at least they would comply with their state laws. Her ideas:
2) Waiver of EAC Certification;
The systems are so bad they can’t meet the federal standards, so to get around this “roadblock,” Commissioner Hillman proposes to bypass the testing process.
She wants the EAC to bless new, defective systems for the vendors to sell to replace the old, defective systems that are currently in use.
But that’s what NASED (National Association of State Election Directors) did when it oversaw the voting system testing process, and the decade-long, widespread use of Premier/Diebold’s vote-losing software is one of the results.
After ten years of use in election after election, all across the country, Premier/Diebold’s vote-dropping software flaw has finally come to light — thanks to Butler County, Ohio’s Elections Director Betty L. McGary and Ohio Secretary of State Jennifer Brunner...
After the March 2008 primary, McGary discovered that the Premier/Diebold system had dropped votes. Two memory cards with votes from touch-screen voting machines were not uploaded to the central tabulator on election night – even though the computer reported that all cards had been read.
Original reports indicated that a “sharing violation” had occurred in the GEMS central tabulation program when the computer tried to read two cards at the same time. However, no error message appeared to warn the administrators. The error in the totals was accidentally found later when officials were examining the database in an unrelated investigation. Forty-four counties in Ohio use the same voting system.
A month later, Premier issued an advisory claiming that the error was caused by an incompatibility between the GEMS program and McAfee anti-virus software, which was also installed on the GEMS tabulation computer, and that the users had failed to understand the error messages reported by the system.
We have to ask:
- Why is McAfee installed on a standalone system that is not (supposed to be) connected to the Internet and therefore cannot get the essential updates required for the anti-virus software to be of any value at all?
- If McAfee was installed on the system (supposedly) tested under NASED, why wasn’t the incompatibility found during system testing? (this question will, of course, provoke gales of laughter among election integrity activists who know the (un)quality of the NASED testing process)
- If McAfee was not installed on the system (supposedly) tested under NASED, then why was it installed afterward, thus voiding the NASED qualification?
Secretary of State Jennifer Brunner, however, refused to depend on the vendor for a valid investigation — Kudos to her — and took matters into her own hands. In August, IT (Information Technology) professionals from the Secretary of State's office worked with Butler County and Premier/Diebold technicians to see if they could replicate the problem and figure out what was causing it.
A summary report released by the Secretary’s office on August 21, 2008 clarifies why it’s such a very, very bad idea to trust vendors to investigate their own systems:
-- Sharing violations occurred during multiple memory card upload tests, leading to dropped votes.
-- Sharing violations occurred with and without antivirus software enabled, leading to dropped votes.
-- Following strict processing protocols allowed users to identify and correct the errors, recovering the dropped votes.
After the state discovered that Premier/Diebold’s first advisory was wrong, and that ten other counties had experienced vote-losses, too, the company issued an advisory admitting that there was an error in the logic of the source code. Bearing in mind that the company’s first advisory was not correct, here’s their second explanation.
David Byrd, Premier’s president, admits that the error occurs whether or not anti-virus software is installed on the system (after Brunner discovered it). Byrd claims the error occurs only when multiple memory cards are uploaded at once and the first card takes longer to process than the second. He admits that the error affects version 1.20.2 of the GEMS software and earlier versions — in other words, all the versions that were qualified by NASED to meet the 1990 and/or 2002 federal Voting System Standards.
This raises several obvious questions:
- Are there really no versions of GEMS in use today — or in use in previous years — that do not have this vote-counting defect?
- Have any elections tabulated with GEMS yielded accurate results?
- Will Premier/Diebold work pro bono with its customers to help them understand the problem and implement the procedures established by Ohio to recover lost votes, or will they just issue the advisory and call their job done? (again, I can hear gales of laughter from election integrity activists)
And the most important question:
What can we, as citizens, do to make sure our local officials are informed of the GEMS defect and the procedures that can be used to recover votes that GEMS loses?
Here’s one suggestion: Don’t use the vote-losing GEMS software to tabulate the votes. Enter the individual precinct totals into a spreadsheet and/or add them the old-fashioned way.
Premier/Diebold has demonstrated once again that computers aren’t accurate. They are obedient. The GEMS tabulators in the eleven Ohio counties obeyed the logic error in the source code and dropped votes — just as the software told them to.
But don’t think that Premier/Diebold is the only company to have a previously unpublicized vote-counting defect in its system. No software is defect-free. And no amount of testing can ensure that all the bugs have been caught. If the NASED testing missed this glaring defect, what are the chances it caught all the other ones in all the other vendors' systems?
Shortcutting or bypassing the EAC certification process — as Commissioner Hillman suggests we do — is a serious step in the wrong direction. It can only lead to more malfunctioning, mis-counting systems available for the vendors to sell to localities — at the expense of the taxpayers and democracy.