The entire article is worth reading (and has actual hot links), but I'll call out how the design failure(?) was exploited by pollworkers to change votes:
<http://www.crypto.com/blog/vote_fraud_in_kentucky/> [...] The Kentucky officials are accused of taking advantage of a somewhat confusing aspect of the way the iVotronic interface was implemented. In particular, the behavior (as described in the indictment) of the version of the iVotronic used in Clay County apparently differs a bit from the behavior described in ES&S's standard <a href="http://www.essvote.com/HTML/docs/iVotronic.pdf">instruction sheet for voters [pdf - see page 2]</a>. A <a href="http://www.essvote.com/HTML/iVotronicDemo1/demo.html">flash-based iVotronic demo available from ES&S here</a> shows the same procedure, with the VOTE button as the last step. But evidently there's another version of the iVotronic interface in which pressing the VOTE button is only the <em>second to last</em> step. In those machines, pressing VOTE invokes an extra "confirmation" screen. The vote is only actually finalized after a "confirm vote" box is touched on that screen. (A different flash demo that shows this behavior with the version of the iVotronic equipped with a printer is available from ES&S <a href="http://www.essvote.com/HTML/iVotronicDemo2/index.html">here</a>). So the iVotronic VOTE button doesn't necessarily work the way a voter who read the standard instructions might expect it to. <p> The indictment describes a conspiracy to exploit this ambiguity in the iVotronic user interface by having pollworkers systematically (and incorrectly) tell voters that pressing the VOTE button is the last step. When a misled voter would leave the machine with the extra "confirm vote" screen still displayed, a pollworker would quietly "correct" the not-yet-finalized ballot before casting it. It's a pretty elegant attack, exploiting little more than a poorly designed, ambiguous user interface, printed instructions that conflict with actual machine behavior, and public unfamiliarity with equipment that most citizens use at most once or twice each year. And once done, it leaves behind little forensic evidence to expose the deed. [...] -- J. Eric "jet" Townsend, CMU Master of Tangible Interaction Design '09 design: www.allartburns.org; hacking: www.flatline.net; HF: KG6ZVQ PGP: 0xD0D8C2E8 AC9B 0A23 C61A 1B4A 27C5 F799 A681 3C11 D0D8 C2E8 ________________________________________________________________ Welcome to the Interaction Design Association (IxDA)! To post to this list ....... disc...@ixda.org Unsubscribe ................ http://www.ixda.org/unsubscribe List Guidelines ............ http://www.ixda.org/guidelines List Help .................. http://www.ixda.org/help