[quote user="Alex Papadimoulis"] You're right, I could have expressed my points better. I did not mean to come across as dismissing all critics as zealots, only some of the posters on this thread:- "Has all but admitted tampering with elections"- "Diebold is a WTF job ... because they use Access at all"[/quote]Yes, some of the comments here border on (or cross) the innane boundary. I'm sorry if I hold you to a higher standard =), but you've earned it.I've heard that Lockheed also uses Access internally, but I don't think it's in the missiles.[quote user="Alex Papadimoulis"]And this is another part of the simplification. They weren't given a lot of money to build a product: they developed a product, marketed it, and sold it to customers who nickel-and-dimed them on every last detail.[/quote]Doesn't that make it worse?  That removes the small-budget/short-schedule excuse.  I guess it highlights the real WTF here: WHY DID WE (the customer) BUY IT?  <remark type="nasty"> If I had a vote in the matter... </remark>[quote user="Alex Papadimoulis"]It'd be pretty easy for me to trash any security - be it servers or alarm systems - if I say, "well the sysadmin could easily use his super-access and get around it." The fact that Schneier and so many others ignore is that Election Officials are Trusted Administrators (to use our terminology) and have been for the past two hundred years or so. Why has this suddenly changed?[/quote][quote user="Alex Papadimoulis"]What you, and so many others, are missing is that the security of the election has always been placed in the hands of Election Officials. That system works; the only way to break it is to consipre with hundreds of officials.[/quote]The difference is the level of threat.  With paper ballots, the counts are tallied by hand and the most an election official could theoretically do is replace all the votes in one district ('cause humans will range-check numbers). The Volusia error shows that negative numbers were happily tallied along with positive ones, so I don't think that simple sanity checks like range-checking is a priority here.So in theory it doesn't take "hundreds of officials", it takes 1, and yes, it also requires a huge oversight on the part of everyone involved in that district/state whatever.  But if we're going to automate tallying, and less and less people are actually involved in counting votes, tallying votes, and we're just going to look at the computer and trust it, then we should automate validation; the volusia error tells me that these numbers are going from computer to website and never being validated at any step.  Forget error correction, or even error detection, there (seems to be) absolutely nothing done.And yes, it may be easy to fix, yes it's updatable, yes I know!  But it should have been the first thing in, with automated emails sent to law enforcement to arrest (or at least question) the election officials who tried to screw up the counts.I don't mind big brother if big brother is programmed right (and no, I don't think we've quite hit 1982 yet).  But this one is programmed wrong, and I don't think anyone (except diebold?) is denying that.I like to think of myself as a fairly reasonable person.  I'd like to say that maybe I'm oversimplifying the problem and diebold really put together a decent product given its requirements.  But I can't.  If 16,000 negative votes coming from a district of 600 voters gets noticed, it just begs the question: what else was missed?[quote user="fluffy777"](from what I've heard) Diebold also does good work with ATMs and such[quote user="Alex Papadimoulis"]Why would they be so bad in elections then?It just doesn't add up.[/quote][/quote]I know, that's why it's scary.But then again, in response to the ATM worm: "Diebold's response is to install all new ATMs with firewall software." (and they didn't have firewalls before?) It is all starting to add up... *sigh*...