Slashdot Mirror
Seeking The Source For Ireland's E-Voting System
WeeBull writes "Michael Cunningham from p45.net tried to request 'the source code of the electronic voting system first used in Ireland's May 2002 general election, plus any supporting technical documentation supplied to the Department of Environment and Local Government including the functional specifications' under Ireland's Freedom of Information legislation. The result wasn't what he expected ..."
The result wasn't what he expected
You mean he got everything he asked for, overnight, with no questions asked?
They don't even have the source code to software they used to run their elections?
Doesn't that mean that IF there was any fraud during the elections, that it is now impossible to prove whether or not it had to do with the software? Since the government doesn't have the actual code, any code they get from the authors in the future cannot be proven to be the code used in the election...
What a mess.
using namespace slashdot;
troll::post();
Americans have too been scammed by voting machines owned by corporations. Go figure.
t _G roup_Manipulates/secret_group_manipulates.html
w Me ssage?topicID=7.topic
http://www.americanfreepress.net/11_10_02/Secre
http://www.talion.com/election-machines.html
http://pub103.ezboard.com/fsoldiervoicefrm4.sho
You mean a company or government actually bought a piece of software without the source code!
What kind of world are we living in?
Karma: SELECT `karma` FROM `users` WHERE `userid`=138474;
Over in Germany, we use some of the least advanced voting machinery
imagineable. Paper and pencil. Votes are counted by hand, with peer
review, faxed in and published in detail in the newspapers.
So far we didn't have any real problems with fraud, ambiguous votes or
anything like that. And the results are usually in by the evening or the next
day.We have like 70 million inhabitants and I don't see a reason why this
shouldn't scale up.
So is there any real reason to replace that with a system that is not
transparent and where you have to blindly trust some tech companies?
Pencil marks can be erased thus creating problems with fraud, ambiguous votes and the like. I suggest that you guys over there in Germany switch from pencil to pen, and solve that particular problem.
See, the source code for Germany's voting system is open source, and I quickly saw a potential problem and proposed a solution.
If Mr. Edison had thought smarter he wouldn't sweat as much. --Nikola Tesla
I can tell you that if I were told that I had to provide source code for a product to compare against a compiled version for legal reasons (such as this case, where election results can be compared) in an after-the-fact case where binaries were produced by a compiler compared to the original...
I'd have to quit my job immediately (probabally not tell my employer that I'm quitting either, just not show up to work), grab my family, max my credit cards/home equity loans, donate my household furnishings to charity (like Salvation Army), and move to a non-extraditable country in a real hurry.
Really. I can't even imagine the legal BS you'd have to go under if something like this came up after an election was contested by powerful interests. If something like this had happened in Florida during the last U.S. Presidential election, people would have gone to jail, even if they had been completely honest and just "doing their job".
The best possible outcome in something like this is that the developer would be made the sacrificial lamb in the following witch hunt, given a felony criminal record, and serving a year or two in jail.
Well, the best outcome would be that the government would admit that it screwed up, and the company that made the elecion equipment would back the software developer throughout the whole legal mess that would still mean a couple of years of being a legal assistant rather than a software developer.
Maybe I'm just being paranoid, but I think with some of the past employers that I've had I would have been dumped immediately and the blame fixed straight on me. I've had to deal with lawyers as it is because of contract disputs, and I can't even imagine what it would be like in a public firestorm where this would really be an issue.
I've just found this document - which appears to be the minutes of an Irish government selection commmittee debating the merits (amongst other things, search for neda) of this system.
Interesting quote: "The integrity of the electoral process will be assured for both the electorate and candidates"
Not all of the electorate it would seem.
Further on in the document
[emphasis mine]
"(2) No equipment may be approved for the purposes of subsection (1) unless a full technical description of the said equipment (including all source code and information regarding independent testing and verification relating thereto) has been laid before both Houses of the Oireachtas and a resolution approving a draft of the order approving the said equipment has been passed by each such House.".
Intesting hey?
Thats just one of the committee's opinion - and it looks like they got slapped down - but if I was Irish, I'd be finding out who this Mr Gilmore was & voting for him.
Secret Group Manipulates Vote Machines - The widespread use of electronic voting machines has severely undermined the integrity of elections in the United States. Behind the companies that make the voting machines is a small and secretive group of men, including a well-known U.S. senator.
Voting machine companies: Ownership disclosure, "private" vote-counting codes, potential for manipulation - This is an article about just three things: disclosure, conflict of interest and potential for manipulation. It is not a conspiracy theory or a political point of view. I think you'll agree with me: We don't care who wins the election, as long as it's who was VOTED FOR.
Senator Hagel campaign treasurer owns voting machine co. - Election Systems & Software, the firm whose machines were involved in the 2002 flubbed Florida primary election(4)-- and the recent huge flub in Dallas, where early voting had to be shut down when machines kept registering Democratic votes as Republican (See the 31 mistakes link, top of page) and the company that now makes the voting machines for most of America--is a private company that does not like to tell the public who owns it.
No, they didn't get slapped down. The government ran a large number of tests on the system, but because they only had it for the trial run, could not make the source public.
Hopefully (I am too cynical to say "presumably") the source will be made available on the pruchase of the full system. While this is less than ideal, it's a start. Incidentally, the relevant quote about making the source public is given in one of the posts above.
My gripe with this system is the choice of underlying system that is being used. I shit you not, it is a custom Windows embedded, and the database is a modified Access one. That thought does not fill me with confidence
Rational thought is the only true freedom
all sourcecode of the three systems used is available for download and public review on the site of the federal government.
o kunnl/broncodes/Cdoku7nnl.htm
http://www.verkiezingen.fgov.be/Nouveau/NieuwNl/D
(clik on one of the three software systems and then on 'Hier')
During last weeks general election here in .be, 44% of the people voted on a PC.
All registered polical parties participating in the elections, could appoint a few experts who were granted access to the source code of the program that was used...
In 1991 nobody except private company had the code.
In 1999 official expert asked for the state to own the code and suggest publishing it.
In 2000 they published partial code and documentation with most important security part removed.
In May 2003 they published full code (but no doc) of new system (AES added).
Feel free to download analyse and report problem to us
We have no way to check if that code was really in use. Because they use the same floppy disk to boot the system and to save the result, we have no way to make sure what was on the floppy at the begining of the election day. This is explained here but only in french.
But having the code is not enough... actually Richard Stallman had something to say about Free Software not being enough.
Now if you are Belgian and unhappy about the status of our election system, you can join or contact PourEVA.
I personally believe that if we want to reduce the repetitive task of counting the ballot, we could use optical scanning (and make test manual recount). But we should never put a computer between our vote and the expression of our vote. Paper and Pen rules.
Don't let the computer/expert control the election. Information for Belgium in french: http://www.poureva.be/
Commercial companies usually refuse to release sourcee code on the basus (reasonable) that others could rip it of, despite its being copyright, and it would be very difficult and expensive to trace and sue them.
Bit in this special cas, that doesn't apply. If every suppier of voting software has to provide the source of their system, any supplier who thinks he has lost a contract to a ripoff of his own system can obtain the source code and check it. Piracy would be trivially easy to expose, and a powerful ally (the Government) under pressure to clean up the electoral system.
So the usual excuse of Commercial Confidentiallity does not apply, and and any seller hiding behind it should be excluded from the tender.
Consciousness is an illusion caused by an excess of self consciousness.
I suppose more details of the electoral system are in order...
:-)
For General Elections (to the Dail - main parliment) Ireland has a multiseat-Proportional Representaion election system - meaning there are more than one seats available in each constituency.
Firstly each voter can vote in order of preference for every candidate - For example say there are 10 candidates for three seats (my case last election) You can vote in order of 1 to 10.
PR works by counting first how many ballots are cast, dividing by some ammount (IIRC Number of seats + 1). This is set as the "quota". Then counting takes place. Once a candiate reaches the quota they are deemed elected. Then the amount of votes over the quota is distributed to the other candates, going on the next choice of the voters concerned.
If no one reaches the quota, the person(s) with the least votes accrued currently are eliminated, and their votes are distributed to the remaining candidates.
This is a complicated system and electronic counting would be an advantage - sometimes it can take up to a week to recount a constituncy, last time there were three recounts in one case, with the final seat going to the candidate with three more votes than the other!
Electronic voting was used last time in three places, with the results out the night of the election, rather than a day or two later. This lead to some problems when a sitting TD (equiv MP) lost her seat, and was told rather cruely, normally you get the results of each count so you are prepared for the result, long in advance of the declaration.
In my opinion, ideally Electronic voting is the way to go. However I don't trust the machines or the companies who make them, regardless of the published nature of the code. It would be very difficult to catch fraud taking place, and personally I like the current method (pen and paper). It is very satisifing putting a 10 beside the candidate who you hate
tom.
the United States of America just switched to an electronic voting system.
In an unrelated matter, Bill Gates is now President despite not even being present on the ballot or this being an election year. George Bush was called a "sore loser" by the media; why can't he just accept that the recount clearly shows Gates ahead by 8 million votes?
You can't judge a book by the way it wears its hair.
In January, 2002 the State Elections Board approved two closed source touch screen voting systems, the ES&S Votronic DRE and the GBS Accu-Touch EBS 100 DRE.
This spring I raised the system integrity issues with the Board, and persuaded them to revoke the certifications.
Ben Masel: 51,282 votes for US Senate in the Wisconsin Democratic Primary
Why would we want the source code in the first place? It's probably not motivated by a GPL-like desire to build on it; rather, it's an attempt to verify the validity, honesty, or security of the code involved.
But at the point where one is concerned about a grand conspiracy to rig national elections and control the government, viewing the source is not nearly enough.
Imagine that we vote electronically in ominous black boxes once per year, and the boxes tell us who our leaders are. You request the source code to these voting machines, and the government gives you some source code. As far as you can tell, it's valid. But what guarantee do you have that that code is actually running the black boxes?
As I see it, there are three main possible points of failure. The manufacturers of the boxes could distribute the machines with false election code pre-installed, the government could substitute such malware to remain in office, or a technician specializing in the repair of the machines could covertly substitute the code. The three are not equiprobable, but in any of the three cases, requesting the source code does not address the problem. Even if you mandated that the boxes themselves display their own code, quinelike, on a screen before you vote, you still have no guarantee that the code displayed is the code in operation.
How is this any worse than a system of punch-cards or a mechanical voting box? Because these other mechanisms are hard-wired and validated locally before the election commences. Re-wiring them on a massive scale is not feasible. The same is not true of a more versatile solution like electronic voting; such could be rigged to behave correctly in all pre-election tests and revert to its more insidious behavior on election day during polling hours.
If you're worried about a conspiracy, requesting the source code is not nearly enough. You'd need a system designed specifically to thwart tampering, even by its creators. And even so, you can only solve for one or maybe two of the possible points of failure. Allowing electronic black box voting assumes a certain amount of trust in the system. I don't know how much trust is necessary, but if one is worried enough to request source code, one shouldn't accept the voting method to begin with.
However, Job Bush systematcially attempted to 'cleanse' the voting lists, in direct contradiction of a court order (See page 34 of The Best Deomocracy Money Can Buy, by Greg Palast). There are at least 40,000 ex-felons that are allowed to vote in Florida, so this is not an insignificant number, given that the election results were so close.
But there were some amaizingly slopply errors in the 'data cleaning'. For example, the state of Texas supplied a list of 8,000 convicts that were not eligilble to vote. The company overseeing the error, ChoicePoint DBT, called this a simple data error. However, the list was for misdimeanor convictions, so the people on this liste were eligible to vote. In fact after a 1997 law, even convicted felons in Texas are eligible to vote after doing their time. There were similar irrgularities for convicts from other states (Ohio, Illinois)
Standing up for the rights of 'criminals' may not be popular, but they do have rights and when one person's rights are denied, the rights of all are attacked. This too is not a abstract concept. One of the 'felons' on the Florida purge list was a Thomas Cooper, who was 'convicted' in 2007. There is also a Jonny Jackson, Jr., who was purged from the list because of a felon conviction by a John Fitzgerald Jackson. The voter lists were not verifed with the dilligance given a Visa card application.
Think global, act loco
Your Vote is Now the Property of a Private Corporation
Now recounts and audits are being barred so as not to violate the "privacy and trade secrets" of the the company whose software is used to count the votes. Check out some of the excellent commentary on this issue by "Thom Hartmann" at:
"If You Want To Win An Election, Just Control The Voting Machines"
"Now Your Vote Is The Property Of A Private Corporation"
An excerpt: (credit to Thomm Hartmann)
"Chuck Hagel was re-elected to his second term in the United States Senate on November 5, 2002 with 83% of the vote. That represents the biggest political victory in the history of Nebraska. What Hagel's website fails to disclose is that about 80 percent of those votes were counted by computer-controlled voting machines put in place by the company affiliated with Hagel. Built by that company. Programmed by that company.
"When Charlie Matulka (the opponent) requested a hand count of the vote in the election he lost to Hagel, his request was denied because Nebraska has a just-passed law that prohibits government-employee election workers from looking at the ballots, even in a recount. The only machines permitted to count votes in Nebraska, he said, are those made and programmed by the corporation formerly run by Hagel.
Scary?
-Scott
in an electronic voting system is a printout that gives the time and date of the vote, which candidate I voted for, and a cryptographic signature from the machine. Then the votes are revealed after the election and anyone with a computer can verify the signatures, and I can grep for my vote in the list. Then if everyone checks his own vote, he can raise a big stink if his vote isn't in the list, and he has a printout with a signed vote on it that gives proof of his claim.
Every voting system is based on trusting the government. The government runs the election, the voting booths, does the counting in paper elections etc, so no matter what the system - we have to trust that the government is not going to cheat us in anyway. The bottom line is they could if they wanted to ( I realize we could make a super secure system at some point that would bypass this, but the technology is not there yet, or at least the funding for it isn't) I think there is an obvious disadvantage to releasing the source: it lets other people get at the intricate details of the voting process. So if someone outside of the government wanted to screw up the voting, if it's possible you are giving them the resources to do it. We have to trust the government not everyone who can read voting systme code. Also, the government there says they don't have the code... that doesn't mean they couldn't easily get it.
The web site and source code for the Australian system referred to in the article is worth a look.
It's quite simple. Intentionally, as the ACT states in their design goals (http://www.elections.act.gov.au/EVACS.html). The source includes the client and server application components--160 files and 12739 lines of very straigtforward C. (Of course, that doesn't include the OS/libs.)
I've browsed through a fair bit of the code, and everything I've seen is GPL. Ensuring accessibility to software used for public elections is, I think, a Very Good Thing. (I wouldn't mind seeing a law that required all election software be GPL'd.)
The sensible thing to do is to use technology to make the existing system more efficient. Ie use scanners and optical recognition to count the ballot papers. Fall back to traditional counting if there is any doubt or if the technology fails.
The Irish Lotto (nation Lottery) is an example of such a paper/electronic hybrid system in operation.
The current system is analogous to having our votes shipped abroad, counted using an unknown system, by persons unknown with no outside review allowed. Having all the votes shredded and then a final answer announced with no possibility for recount.
Its amazing, when it comes to technology people in general are so clueless. Even very fundamental changes in the workings of our democracy can be changed with very little resistence.
This isn't directly related to the post, but I'm wondering whether electronic voting stops people from deliberately spoiling their ballot.
In the UK, we still use a paper voting system in general elections, and I (and a number of friends) have deliberately spoilt our ballot papers in past elections, to indicate a RON vote (Re-Open Nominations -- basically, we believe that all of the candidates listed are total wankers, and want other people to stand instead.)
It would be a damn shame if the ability to vote RON is lost, since there will be no other way for people to register their disgust with the slime presenting itself for election.
Who was it who said that the best person for King/President/Emperor was the one who didn't want the job?
Tubal-Cain smokes the white owl.