The image “” cannot be displayed, because it contains errors.


The nation's clearinghouse for election audit information!


Diebold, Incorporated engages in the development, manufacture, sale, and service of self-service transaction systems, electronic and physical security systems, software, and various products used to equip bank facilities and electronic voting terminals principally in the United States. The company’s products primarily include self-service banking products and automated teller machines, RemoteTeller System, vaults, safe deposit boxes and safes, drive-up banking equipment, and electronic voting systems. Its customers include banks and financial institutions, as well as colleges and universities, public libraries, government agencies, utilities, and various retail outlets. The company sells its systems and equipment directly through its sales force to customers in the United States and through manufacturer’s representatives and distributors worldwide. Diebold was founded by Charles Diebold in 1859. The company is headquartered in North Canton, Ohio.

Diebold Quietly Patches Security Flaw in Vote Counting Software PDF  | Print |  Email
By Kim Zetter   
August 12, 2009
This article appeared in's Threat Level Blog and is rposted here with permission of the author.

Premier Election Solutions, formerly Diebold, has patched a serious security weakness in its election tabulation software used in the majority of states, according to a lab that tested the new version and a federal commission that certified it.

The flaw in the tabulation software was discovered by earlier this year, and involved the program’s auditing logs. The logs failed to record significant events occurring on a computer running the software, including the act of someone deleting votes during or after an election. The logs also failed to record who performed an action on the system, and listed some events with the wrong date and timestamps.

A new version of the software does record such events, and includes other security safeguards that would prevent the system from operating if the event log were somehow shut down, according to iBeta Quality Assurance, the Colorado testing lab that examined the software for the federal government.

It’s not known if Premier will offer the more secure version to election officials who purchased previous software. The company did not respond to a call for comment Tuesday.
Report: Diebold Voting System Has 'Delete' Button for Erasing Audit Logs PDF  | Print |  Email
By Kim Zetter   
March 04, 2009
This article was posted at's Threat Level Blog and is reposted with permission of the author.

Following three months of investigation, California's secretary of state has released a report examining why a voting system made by Premier Election Solutions (formerly known as Diebold Election Systems) lost about 200 ballots in Humboldt County during the November presidential election.

But the most startling information in the state's 13-page report (.pdf) is not about why the system lost votes, which Threat Level previously covered in detail, but that some versions of Diebold's vote tabulation system, known as the Global Election Management System (GEMS), include a button that allows someone to delete audit logs from the system.

Auditing logs are required under the federal voting system guidelines, which are used to test and qualify voting systems for use in elections. The logs record changes and other events that occur on voting systems to ensure the integrity of elections and help determine what occurred in a system when something goes wrong.

"Deleting a log is something that you would only do in de-commissioning a system you're no longer using or perhaps in a testing scenario," says Princeton University computer scientist Ed Felten, who has studied voting systems extensively. "But in normal operation, the log should always be kept."

Yet the Diebold system in Humboldt County, which uses version 1.18.19 of GEMS, has a button labeled "clear," that "permits deletion of certain audit logs that contain – or should contain – records that would be essential to reconstruct operator actions during the vote tallying process," according to the California report.

UConn Report Shows Junk Memory Cards Direct From Vendor PDF  | Print |  Email
October 13, 2008
UConn has a new report dated October 7th of the Pre-Election testing of memory cards for the August 2008 Primary, Pre-Election Audit of Memory Cards for the August 2008 Connecticut Primary Elections <read>

There was a different methodology used to gather cards for this report. Previous reports were of an incomplete selection of memory cards shipped to UConn by registrars — which should have been subject to pre-election testing before selection and shipping to UConn. Those reports demonstrated that many election officials failed to properly follow pre-election testing procedures. In addition there were questions about “junk” data cards that could not be read. This latest report avoids the embarrassing level of failure to follow procedures, while getting closer to the source of the “Junk” memory card problem — cards were shipped to UConn directly from the vendor, LHS:
Larger than acceptable number of cards contained what we describe as “junk” data. By saying that we understand that the card does not contain proper programming, and instead contains what appears to be random noise. When one puts the card containing the “junk” data into the AV-OS terminal it issues a prompt requesting to format the card. Thus such cards are easily detectable and cannot possibly be used in an election. It seems unlikely that these cards were (electromagnetically) damaged in shipping. Consequently, it appears that these cards were either not adequately tested by LHS Associates, or they experienced some kind of hardware/software failure at some point. Among the audited cards 5.4% of the cards contained junk data. This percentage is high and this issue has to be resolved in the future.

We performed pre-election audit of cards for all districts, and in this sense it is a complete audit. However the cards do not contain the results of pre-election testing done by the districts, and they were not randomly selected by the districts for the purpose of the audit. Instead the cards were provided to us directly by LHS. The results of the audit would be strengthened if it covered also the pre-election testing done by the districts. Our previous memory card audits in fact included this. However, our forthcoming companion report (to be available at will document the results of the post-election audit, covering most of the districts, and containing the observations about the card usage in pre-election testing at districts and in the election itself.
This is a useful report as it gets closer to the source of memory card errors and is an example of UConn’s excellent work. We must also recognize that none of the memory card reports accomplished so far have really covered a complete and random selection of memory cards.
Ohio Secretary of State Files Counterclaim in Lawsuit with Premier Election Solutions PDF  | Print |  Email
By Ohio Secretary of State Jennifer Brunner   
August 06, 2008
Documents Equipment Malfunctions in Premier Voting Machine Counties

Secretary of State Jennifer Brunner on Wednesday responded to a lawsuit filed by Premier Election Solutions against the Cuyahoga County Board of Elections and the Secretary of State in which Premier seeks a court order that it has met its obligations to the State of Ohio under its voting machine contract negotiated by the former administration.

Secretary Brunner filed counter charges against Premier and urged the Franklin County Common Pleas Court to find that Premier has failed to live up to its contractual obligations.

She seeks damages, including punitive damages, against Premier for voting system malfunctions that have caused problems in at least 11 of the 44 counties using the Premier voting system and for Premier’s claims that warranties on voting equipment have expired.

The Secretary of State’s counterclaim is based in part on new findings that reveal sharing violations on 11 county servers using the Premier voting system. These malfunctions resulted in dropped votes when memory cards were uploaded to the server. The votes were recovered – many hours later, in most cases – thanks to the extraordinary efforts of county board of elections staff.
Election Software Lost in Transit PDF  | Print |  Email
By Kim Zetter   
December 20, 2007

This article appeared on the Threat Level Blog and is reposted here with permission of the author.


FederalexpresstruckMore than a hundred computer chips containing voting machine software were lost or stolen during transit in California this week.

Two cardboard shipping tubes containing 174 EPROMs loaded with voting machine software were sent via Federal Express on December 13th from the secretary of state's office in Sacramento to election officials in nineteen California counties that use optical-scan voting machines made by Diebold Election Systems.


But on Monday, two shipping tubes arrived empty to one of these counties.


In San Diego County, one of the empty tubes arrived with no lid on the end of it to close the tube; the second tube had a lid, but it was loosely taped shut.


Nicole Winger, spokeswoman for the secretary of state's office, says that the California highway patrol and the Sacramento County sheriff's department are investigating whether the chips fell out of the tubes or were stolen.

Why Nobody Wants to Buy Diebold Election Systems PDF  | Print |  Email
By Avi Rubin, Johns Hopkins University   
August 17, 2007

This article appeared on Avi Rubin's Blog and is reposted here with permission of the author.


In an Associated Press story today, Diebold confirms that they tried and failed to sell their voting technologies business. Given the recent reports in California and Florida, I imagine it will be even harder for them now. I think people, even within Diebold, are coming to the realization that DREs are the wrong model for voting systems. There are several reasons for this.

  1. DREs are too complex. There are typically 50,000+ lines of code in a DRE, much of that involves user interface and audio capability, and providing the DRE interface and user experience is not worth the hit in complexity.

  2. DREs serve as a bottleneck on election day. DREs are expensive, and so it is unlikely that precincts will have more than they need. Since voters typically spend several minutes voting, and I've observed as a poll worker that quite a few voters take more than 10 minutes, the potential for long lines is tremendous. Once a backlog of voters is created, it only gets worse, as the effect propagates much like the airline systems gets backed up in a positive feedback loop of delays once some flights are late.

  3. DREs are non-transparent. The public justifiably does not trust them. They cannot be independently audited, despite the vendor's insincere claims to the contrary. Even DREs with a VVPAT cannot be properly audited because they just don't work as we would hope. Voters often do not check the paper. The paper rolls used by most vendors do not lend themselves to easy recounts, and the retrofitting of DREs with VVPAT has led to awkward and sometimes ill defined procedures, especially when a voter disputes the printout.

  4. Finally, a much better model for voting systems exists, namely, paper ballots with optical scan precinct counting and ballot marking machines for disability access.
So, it is no surprise that Diebold can't sell their voting business. They'd be as likely to sell 8 track players instead of ipods.
Florida SAIT Report Highlights More Diebold Problems PDF  | Print |  Email
By Avi Rubin, Johns Hopkins University   
August 01, 2007

This article appeared on Avi Rubin's Blog and is reposted here with permission of the author.


The Florida Secretary of State has just released a report from the Security and Assurance in Information Technology Laboratory (SAIT) at Florida State University titled "Software Review and Security Analysis of the Diebold Voting Machine Software". This report is the output of a study that Florida commissioned to determine whether flaws reported in previous studies of voting systems, including my group's study, had been fixed yet. I was a reviewer of this report, and my graduate student, Ryan Gardner, played a key role in the study. The group was led by Alec Yasinsac who led the previous FSU study on voting machine security for Florida.

I am pleased to see that there are so many studies of voting systems being performed. In this past year, Connecticut, California, and now Florida have conducted thorough reviews, and all of them have highlighted serious problems with the voting systems. All this is happening as the House is considering federal legislation to improve the auditability of voting equipment.

Once again this new report shows serious, serious problems with Diebold, and that they clearly have not fixed some of the most egregious problems. One of the weaknesses that our report in 2003 pointed out was that Diebold used a single, fixed encryption key for all encryption in the system. Diebold has moved from using DES to AES. However, the key management is just as bad as before, and possibly worse. Here is an excerpt from the new report released today.

UConn Report: Integrity Vulnerabilities in the Diebold TSX Voting Terminal PDF  | Print |  Email
By University of Connecticut Voting Technology Research Center   
July 20, 2007

Download the UConn Report on the Diebold TSX Terminal

The University of Connecticut Voting Technology Research Center has released a report , which presents certain integrity vulnerabilities in the Diebold AV-TSx Voting Terminal. We present two attacks based on these vulnerabilities: one attack swaps the votes of two candidates and another erases the name of one candidate from the slate. These attacks do not require the modification of the operating system of the voting terminal (as it was the case in a number of previous attacks). These attacks against the voting terminal can be launched in a matter of minutes and require only a computer with the capability to mount a PCMCIA card file system (a default capability in current operating systems).
The security problems are present in the system despite the fact that a cryptographic integrity check appears to be employed in the voting system’s memory card. The attacks presented in this report were discovered through direct experimentation with the voting terminal and without access to any internal documentation or the source code from the manufacturer.


the AV-TSX voting terminals are quite different from the AccuVote Optical Scan terminals, and the vulnerabilities presented in this report do not apply to the Optical Scan terminals used by the State of Connecticut. The AV-TSX terminals are not used in Connecticut. 

More Election Officials in Diebold Sales Literature PDF  | Print |  Email
By Kim Zetter   
July 06, 2007

This article was posted at the Threat Level Blog and is reposted here with permission of the author. 


Maryland's Linda Lamone isn't the only election official appearing in literature to market Diebold voting systems (see this post from last week). Another, older, brochure has surfaced featuring photos and quotes from four other current and former election officials from Maryland and other states. Conny McCormack, the registrar of voters from Los Angeles County; Margaret Jurgensen, election director of Montgomery County, Maryland; Cathy Cox, Georgia's former secretary of state; and Connie Schmidt, former election commissioner of Johnson County, Kansas. All four appear in a Diebold brochure titled "We Won't Rest" touting the company and its machines.


Last week Lamone, Maryland's Board of Elections administrator, was chastised by the governor after Wired News revealed Lamone's participation in a Diebold brochure praising Diebold's new e-pollbook product -- a product that experienced widespread failure during the state's September primary last year. The governor ordered Lamone to tell Diebold to cease using the brochure, which she did, and asked the state ethics commission to look into the matter. Lamone's actions violated a state ethics law.

Diebold Accuvote TSx DREs Fail Spectacularly PDF  | Print |  Email
By John Washburn, VoteTrustUSA Voting Technology Task Force   
April 09, 2007

The Diebold AccuVote TSx, like those used here in Washington County, Wisconsin, were discovered to have a failure rate of between 23% and 38% in Montgomery County, Ohio.


The failure here is very noteworthy because the failure is the failure of the AccuVote TSx to accurately record the ballot within the invisible computer memory. This was not a failure of the poorly designed toilet paper VVPAT printer. This was not a failure within the insecure GEMS server. This was not data corruption created by the unstable Microsoft JET database used by GEMS. This was a failure of the AccuVote TSx DRE to accurately translate the screen touches of the voters (testers) into invisible, electronic ballots stored within the flash memory of the AccuVote TSx.

<< Start < Prev 1 2 3 4 Next > End >>

Results 1 - 20 of 76
Diebold Resources
Company Links
California 05
North Carolina
: mosShowVIMenu( $params ); break; } ?>
Vendor Pages
Voting Equipment Vendors
Advanced Voting Solutions
Danaher Corporation (Guardian Voing Systems)
Election Systems and Software (ES&S)
Hart Intercivic
Liberty/NEDAP Powervote
VoteHere (Dategrity)
Voter Database Vendors
VoTing Technologies International
: mosShowVIMenu( $params ); break; } ?>