Slashdot Mirror
Maryland Plans Code Review for Voting Software
asmithmd1 writes "We already knew Diebold software is insecure, now the Baltimore Sun is reporting that the Governor of Maryland has asked SAIC to review the software in Diebold voting machines. Diebold has graciously allowed SAIC access to their proprietary code. Why isn't this code open source by law?" In a related story, a trade show for closed-source electronic voting systems is doing their best to keep critics out. Update: 08/07 15:23 GMT by M : Diebold's website security is less than outstanding.
Sorry, but a story filed by a "freelance journalist" from www.EcoTalk.org...I can't help but think that it's slanted in some way. I'd sooner trust a story from the New York Times with no verification than I would this story from a hard-left nutcase.
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
but how many of "us" will realize the necessity of that? People are SO used to MS as being the only thing out there for computers and not knowing that there is such a thing as "open source" and that "trade secrets" aren't the most important thing when it comes to security.
Who's to say that just because we see the source code that they actually use that code when they compile it?
Who's to say that there isn't some hardware interface to mess with the votes?
The list goes on.
Basically what it comes down to is that the ignorance of the general public (and the fact that only a minority even care enough to vote as it is) is what is going to lead to the downfall of our voting systems.
It happened: Link Here I posted this in another voting related story, but it couldn't be more relevant here.
"I don't think it's selfish, to eat defenseless shellfish." -NOFX
Okay I just checked sourceforge, and I saw one open source voting project, with no activity. Why aren't we doing something to change this? Why aren't we writing our own voting software? We can test it out in small groups, eventually use it in communities, counties, states, and finally in national elections. The country is tending toward electronic voting; IT NEEDS TO BE OPEN SOURCE.
A poster said earlier that the only reliable method of tallying votes is counting them by hand. That may be true, but look what happened last election. Wouldn't you feel safer if you could go through all the code line-by-line, and know for yourself it was secure, rather than have to trust some truck driver to not get lost with the ballots?
One huge benefit of electronic voting: we could be a true democracy. Want to decide if we should go to war? Lets all vote for it. Lower taxes? Get your vote in, Sept. 19th. Everyone voted for no taxes, and things got fucked up? We'll schedule another vote Oct. 19th to vote again, and unfuck them. Think about it: technology today is about to allow us to do something that has never before been even attempted on a large scale - rule by the people. The president could be a figurehead! Congress could exist for the purpose of suggesting laws for the American people to decide, rather than making them!
So who's the fucker who registered truedemocracy.org? Why don't you give it up so someone can put it to good use? I'm no programmer, but I'd be more than happy to give up some of my time to coordinate a project like this. Anyone who's interested, feel free to get in touch with me. Oh wait, I forgot - this is Slashdot - a lot of complaining about how things are, but no balls to fix them.
c-hack.com |
The problem is in counting the votes. You have to track the chain of custody from the voting booth to the final number. Every step of the way should require a certification from an election official. The certification states that the official saw the numbers, they made sense. If something is completely screwy the official is obiligated by law to declare shenanigans.
As such, you could stage an election with paper and pencil, stones, or broken clay pots. The computers should only be used to make the counting faster. They cannot be trusted in any other regard.
"Learning is not compulsory... neither is survival."
--Dr.W.Edwards Deming
The state of Maryland just asked SAIC to issue a report on Diebold touch-screen voting machines.
E C LLC
My prediction: They will issue a report that puts a seal of approval on these voting machines. It will be almost impossible to debunk their report.
This is just to shut people up. SAIC = Military.
So far, we have the Pentagon involved with Accenture/election.com
General Dynamics,
Diversified Dynamics,
Northrop Grumman
All getting involved in voting systems -- as are the Saudis and the Pentagon. Why?
Take a gander at the companies run by SAIC and below this, their board of directors
At SAIC we have over 35 companies, subsidiaries and equity partners. A partial listing is provided below.
http://www.saic.com/about/companies/
AMS
Specialists in full ship systems support: command and control systems, combat systems, communications, information warfare, main propulsion systems, hull & deck systems, auxiliary systems.
Bechtel SAIC Company, LLC
A joint venture between SAIC and Bechtel, Bechtel SAIC Company, LLC provides research, engineering and nuclear science capabilities to meet the unique challenge of science and engineering for the Yucca Mountain Project.
Data Systems & Solutions
A joint venture between Rolls-Royce and SAIC, DS&S incorporates Rolls-Royce engineering/controls expertise with SAIC's systems integration and information technology skills.
Hicks & Associates (H&AI)
Defense industry consulting.
Saudi SAI
Installation and maintenance of computer systems, telecommunications systems, and other data analysis systems in Saudi Arabia.
Members of the board:
D.P. Andrews
Corporate Executive Vice President, Federal Business, SAIC
W.A. Downing
General, US Army (Ret.)
B.R. Inman
Admiral, USN (Ret.)
H.M.J. Kraemer, Jr.
Chairman and CEO,Baxter International, Inc.
M.E. Trout
Executive Vice President, Cytyc Corporation (?? someone want to look this up?)
J.A. Welch
General,USAF, (Ret.)
A.T. Young
Executive Vice President, Lockheed Martin Corp. (Ret.)
Well this past week on NPR's Talk of the Nation they had a Professor from MIT I believe who discussed the problems with these voting machines. He mentioned that they had "stumbled" upon the source for one of these machines and that they found many disturbing problems.
What struck me as interesting was that there was a long discussion of why these should be open sourced, the callers, the moderator, and the professor all seemed to be on the same page. This is NPR, however that makes me feel a little better since I think its safe to say that more people who listen to NPR vote than those who listen to KROQ or some other Pop music station.
http://www.vote.caltech.edu/
If you think about it, an election is like a high speed race. The only difference is that the voters are behind the wheel. With that in mind, I'm surprised the system allows uninformed voters to actually cast a vote without knowing about the issues and the politicians.
Before you can drive, you take driver's ed. Every election before vote time, there voter's ed should be a requirement. The issues are constantly changing, as well as the politicians. If this was manditory like a driving test (written or hands on, doesn't matter), then the people would be far better informed. Imagine the difference that could make. Imagine the turnout.
...May be to throw up such discouraging obstacles that people will simply stop voting.
Call me paranoid if you want, but it strikes me as odd that the US government is even allowing voting machine software to be closed-source. SAIC has been a virtual lap-dog for all kinds of well-shrouded government and DoD contracts for decades, most of which are heavily classified (I know this because a friend of mine used to work for them).
And Diebold is now allowing SAIC to "review" its code? Given SAIC's heavy federal connections, does this not strike anyone else as a Fox-Guarding-the-Henhouse scenario?
Don't even get me started on the possibility of back doors in voting software that would allow special interests who shelled out enough $$ to easily rig an election.
Like I said, I hope this is just my paranoid side jumping at shadows. Unfortunately, I have little proof one way or the other.
Bruce Lane, KC7GR,
Blue Feather Technologies
even if the code is opensource, how can you be sure the voting machine executable has been compiled from the genuine source code ?
And herein lies a nice can of worms straight outta RISKS. Not only do we need to know that the binary in use has been compiled from the genuine source code, you also need to be confident that it was compiled with a trustworthy (preferably also Open-Sourced, GCC perhaps?) compiler in a trustworthy environment.
And then there's the firmware on the machine itself.
Geek that I am I can still see enormous strengths to our wonderfully archaic paper-ballot system here in the UK. You put a cross in a box on a piece of paper with a pen. If you mess up the cross you spoilt your ballot. At the count, for each person actually sorting and bundling ballot papers there are two people watching like a hawk (I tend to be one of these) to make sure they're counting and sorting OK. So long as the contituencies are reasonably sized, a result by the next morning seems OK when Right definitely outweighs Quick or Cheap. And therein lies the crux. So WHAT if it takes a week to get the correct result?
TomV
Two interesting points, one which was brought up in the article and one which wasn't:
I'm a resident of Maryland, and employed by a state university. The previous administration made a mess of our finances (which were excellent up until then), and now the state is suffering budget cuts, particularly in higher education. This has resulted in hiring freezes, elimination of positions, and layoffs.
I've been voting in elections here for almost 8 years now, and I don't seem to recall us having problems like Florida's. Baltimore uses a system where you mark a paper with a special pen, and the paper is fed to a machine. It looks like a standard multiple-choice test, not confusing at all. Why is it absolutely necessary for us to be the first state to buy these shiny new toys when our financial situation is so dire? This will just bring more pressure to legalize gambling (although we already have a state lottery and Keno, so I don't see why people upset about real casinos aren't protesting those).
Second, remember that Maryland is a UCITA state. Under UCITA, isn't software required to be fit for the purpose for which it is designed? There's also something in there WRT implied warranties concerning data. It will be interesting to see whether this plays a part.
WMBC freeform/independent online radio.
Absentee electronic voting.
"H.R. 1377, the Military Overseas Voter Empowerment Act of 2001 introduced by Representatives Mac Thornberry, Duke Cunningham, Sam Johnson and Helen Tauscher would be a major step in improving the process. This legislative initiative provides for the Secretary of Defense to expand an electronic voting pilot program to test the system in the 2002 general election for the implementation of the ultimate solution - Electronic Voting."
I've had some conversations with SAIC types. Given a choice between civil liberties and cool surveillance technology, they will always pick the surveillance technology.
If you've ever worked in an office, with a boss who is being pressured to release a product, you know why something needs outside audits if it's supposed to be secure.
If this is a regular project, up for bid, it's going to be as absolutely horrid as they can get away with. You know, trillion bit encryption, rotating one-time pads, etc, etc. All the snake-oil you can shake a stick at.
Open source doesn't guarantee security, but I wouldn't trust corporate-produced security unless it's open source.
The voting mechanism in use in Canada is very open source. They give you a piece of cardboard and let you stand in a little room with a pencil. You mark the square directly corresponding to the person you want to vote for, fold the ballot in half, and walk out into the open, and drop your ballot, into the same cardboard-box-with-a-slit-in-the-top as everyone else. Representatives from every party are there, as well as any voters who want to simply watch the process.
Later, the box is taken to a room with the same multi-party auditors and opened. In plain view of everyone, ballots are counted into different piles.
I won't accept a voting machine until every stage of the process is as auditable as that cardboard box with paper ballots. You can have fancy ways of printing those ballots if you wish, but they need to be clear and human readable. You can electronically count my vote for up-to-the-minute poll results, but the authoritative answer has to the the paper, or something just as auditable to the average Joe.
Hold the phone.
Why NOW? We have managed to survive as a people for 250 years before the invention of the computer, and as a civilization for 10 millenia.
Computers and Open Source are not a fix, an improvement, or a reform in unto themselves. They are a means. You can implement some pretty crappy things in Open Source, or some earth-shatteringly well engineered things. The Open Source, while it helps, does not mandate quality.
Electronic Voting is a bad toy. It delivers one and only one improvement over our existing ballot system: instant returns. That's it. There are no improvements in reliability, security, or oppertunity inherent in electronic voting. I for one am sick of election night being covered like sporting events.
Votes cast must still go through the rigorous checks and certifications that existing paper and mechanical ballots go through. Not so much to satisfy beaurocracy, as to satisfy the voter. The process of democracy wins regardless of which candidate is elected. Being able to go back and reconstruct an election bolsters winners, and reassures loosers. It occasionally will upset the original results, but only rarely and only in extreme cases.
Crap processed electronically is still crap. Anyone who uses computers and has not gained a healthy skepticism about them is a danger to themselves and their profession.
"Learning is not compulsory... neither is survival."
--Dr.W.Edwards Deming
Prevention alone can never be an adequate security measure.
This is a very simple principle that any person should be able to understand, if they only have the moral courage to accept it. This would greatly clarify situations like this one, because people would be asking the right questions.
I'm not saying that prevention is not useful, just that a wise assumption has to be that any preventive measures we take and and probably will be. These systems are not crackable because their preventive measures were bad although they may have been bad. They are crackable because any system is crackable. What I am afraid of is that an evaluation of these machines only will look at how robust the protective measures they provide are. While it is a good idea to get an independent review of these measures, it is a bad idea to put much credence in them. The fact is that even the brightest and most professional person in the world is not going to be able to anticipate all the ideas in the world.
Security has to consist of a number of independent goals, including:
We need to ask what any system provides in each of these areas in order to asses security.
For example, if I put Grandma's diamond ring in a a safe deposit box in the bank, the thick vault walls and doors do provide prevention. However without alarms (detection) and police (response), those walls wouldn't stand much of a chance to a determined attacker. Detection and response capabilities are in themselves the single most powerful preventive measure -- much more so than the vault design itself.
On top of that, if I am wise, I take out an insurance policy on the trinket (damage mitigation).
Looked at this way, how would we evaluate a voting system?
Looked at this way, the manual paper ballot would be an almost miraculously robust system if it were a piece of software. It is capable of accurate counting the voter's intent, while completely anonymizing the voters choices. Prevention is accomplished by physical control of access to the ballot box, and by chain of custody of the ballots to the counting place. The greatest opportunity for manipulation comes up in tallying the results.
However it is possible to detect and mitigate such manipulation by recounts. Of course we want to avoid situations where recounting is necessary, but the recounting process itself is not to blame. Electronic methods of vote recording eliminate recounting at the expense of making it impossible to establish independently whether fraud took place.
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
So. .
The people will be watching closely the left hand of the magician, (misdirection). Maybe there will be some election fraud, maybe there won't be. It doesn't matter, because the people will get their president of choice. --I'm guessing, Democrat, Howard Dean.
Still theorizing here. .
Now some say that Bush need only set another war going during the campaign, and that this will assure his re-election. Maybe. --Thing is, to do so, he'll need to do some very unpopular things. Like recalling tens of thousands of reservists to active duty. --Because the U.S. military is spread very thinly. Or even more un-popularly, calling a Draft. (Collective shudder. Is everybody here over the age of 21? No? I see. Hope all you youngsters like combat boots and DU.)
So maybe this will be enough to piss everybody off. --There's already a scandal brewing on the back-burner about Bush's lying to congress. There's the crappy shape of the economy, thanks to Bush's complete mis-management. And there's the fact that he's an ex-coke head who can't even talk properly without making a hundred and one creepy Freudian slips. (I lost my link, but there are long lists of his verbal screw-ups all over the web. Go look. It's just crazy!)
.
.
.
Of course, if things get really bad, all Bush need do is punch that big red button and call down a state of emergency, and that's the end of the show. Democracy over, bub. Welcome to the new Amerika.
However, this Howard Dean guy. .
Looks bright and new. He's saying all the right things. --While he was governor, he managed to keep Vermont out of deficit while the rest of the country went to shit. He's openly criticizing Bush's stupid war on Iraq, (a war which is getting a couple of kids killed every day. --And those are just the official numbers.) People are losing faith in Bush, and Dean sounds like a good guy. He's also talking about some social welfare reform which all the millions of people too broke to afford medical coverage, might just perk up enough at the sound of to head in droves to try out those new DieBold machines. .
Problem is, Dean is also being backed by the Zionists. (Now, please, moderators, curb your knee-jerk desire to mod me into dust at the first sound of Jewish conspiracy, and at least finish reading this. There's no hate here or Trollish nonsense. Just listen). .
A man named, Steve Grossman, is Howard Dean's head of campaign Fundraising.
What does that mean? I'll tell you:
Steve Grossman was ALSO the president, -not just some pamphleteer, but the president- of one of the most powerful Israeli lobby groups in the entire world, the American Israel Public Affairs Committee (AIPAC).
Immigrants can't vote until they are citizens, so your analogy is flawed. Besides, if they become citizens they would be encouraged to turn someone like that in to INS by the process of becoming a citizen, not something a fraudster would want to risk.
However, it would not be impossible to force someone to absentee vote in your favor, but there is less risk associated with just voting in the name of deceased voters or just outright poll fraud. Less witnesses, less risk.
Hammer of Truth
Unfortunately paper records are nearly worthless.
Great, I've got a receipt that says I've voted for Bob Nifty. How do I know that the machine actually counted that? Or worse, what if a bug (or evilness) in the code caused 1 in 1,000 ballots to be handled wrong. I'll look at the receipt and it says "Bob Nifty", but I actually voted for "John Keen". With odds of 1 in 1,000, it's likely than some voters will never look at the receipt and notice the problem. So maybe 1 in 10 actually complains. At 1 in 10,000 complaints (basically, 1 per polling location), poll workers are likely to just chalk you up as an idiot who made a mistake. Even if they acknowledge the problem, can they really correct it? Even if they do, what about the people who never noticed because they assumed that the machine would do the right thing?
Given all that, I'm being given a paper record that I need to review (if the voter doesn't review it, the computer can just record with erroneous result in its database and print it and no one will know). What's the advantage of the computerized voting machines over just writing my choices on paper in the first place? We've still got the paper, still got the occasional need for hand recounts. All we've done is add a complicated piece of machinery between me and my vote!
Well, perhaps the paper record is completely anonymous, and I have to give it to election staff. Then, if there is a question about the validity of results, you can hand count the paper records and compare it to what the machine claims. Well, so long as a reasonably large number of people verify that the paper record that they get is correct, I guess. But what have we gained over using machine readable paper ballots? Nothing, really. Actually, we've gained additional complexity (and thus, potential problems).
Take a well designed machine readable paper ballot. My locality uses some. It's a big sheet of paper and there is a large arrow pointing directly to each candidate's name. There is an inch or inch and a half gap in the arrow. I fill in the arrow of the candidate I like. I then feed my ballot into the counter machine (which is very simple). The most important benefit is that "my vote" is an actual piece of paper that I marked. There is no machine between me and the canonical representation of my vote. If there is a concern that the counting machine is misbehaving, you can simply pull out the ballots and easily hand count them. There is no risk of someone claiming that the machine wrote the wrong candidate on the ballot since you made the mark yourself. Power outage? System failure? Break out the candles and keep voting! Just pile them up and feed them through the counting machine when you get the chance.
Computerized voting is a terrible idea. Getting paper records out of the computerized voting machines is a bandaid that destroys the meager benefits that the machines provide while failing to fundamentally fix the problem.
Search 2010 Gen Con events