Electronic voting seems to be popping up again thanks to our favorite digital ostrich, Diebold. Martin Mckeay’s also writing on this a bit, and it’s well worth reading.

This isn’t the first time I’ve mentioned this, and I didn’t come up with the idea, but with the most recent Diebold gossip I think it bears repeating.

Gambling systems, electronic or physical, undergo extensive testing, validation, and auditing. We’re not just talking hacking, they shock the darn things with cattle prods and attack them using such phenomenally creative techniques that I’m awestruck the few times they show it on Discovery channel specials. And it’s the complete system that’s tested and audited constantly- even the odds distributions among video poker clusters in casinos (which are audited externally by various gambling commissions in the sin city of your choice).

What does this have to do with voting?

Gambling systems are somewhat unique in that pretty much everyone involved has an incentive to cheat everyone else. Were talking about a system where no one can really trust anyone. Sure, casinos (at least in Vegas) are on the up and up, but do any of you really trust them? They sure can’t afford to trust us, and pretty much no one trusts the government.

The result? Some fracking good security.

So here we have a highly secure system of numerous specialized electronic devices operating in a networked (or non-networked) environment with near-perfect auditability. Hmm, where else might we want a similar system? Heck- they even already have testing labs and audit standards. Funny how closely related gambling and politics are. I wonder if cattle prods are illegal in voting booths?

I wonder how long Diebold would survive in Vegas?

(I’ll be the first to admit us security types have a habit of blabbing on any topic we can possibly stuff into the security bucket, but electronic voting happens to be one of the areas where our experience is directly applicable. I don’t know too many (any) security types that try to justify Diebold’s positions. They’re either criminal or mentally incompetent.)

((And speaking of casinos- one of my favorite memories of Defcon was how none of the stores in the casino would take credit cards during the event.))