Slashdot Mirror
Observer Pans Touchscreen Voting Test
riversidevoter continues: "WinEDS, the program that is used to count votes, was only tested in a pre-election mode. The software was not tested in the configuration that it would be in on election day.
In addition to that, people signed a form that said that they had verified the results of the test before the test had finished running. Mischelle Townsend, the Riverside County Registrar of Voters, told Salon that the form that people signed was just an attendance form. But the form clearly states 'We the undersigned declare that we observed the process of
logic and accuracy testing of voting equipment performed by the Riverside County
Registrar of Voters, as required by law and that all tests performed resulted in accurate
voting of all units tested, including both touchscreen and absentee systems.'
You can see a copy of the Salon article here. You can see a copy of the form that people signed here.
I also believe that the observation group that witnessed the test was given a misleading description of Sequoia's system. For example, the fact that the votes are transferred from the DRE to a SQL Server database to be counted was never fully disclosed to all the members of the group.
Also, the sheer number of times that the phrase 'proprietary operating system' was used, among other things, helped to create the impression that Sequoia's system is not as reliant on Microsoft Windows as it really is.
I have created a website about this issue; please take a look at it.
On the website you can find my report on what happened that day (which outlines several problems I haven't mentioned in this posting) as well as some supporting documents. There is a letter and a note from Mischelle Townsend in which she mentions mailing the results to people or having the test results be picked up 'afterwards'...."
If they don't do it right on the first try, e-voting won't ever take off.
Just when you thought FloridaGate 2000 was out of everyone's mind, we bring you CaliforniaGate 2004: Rise of the Machines
Did they leave out the L?
Nothing like a BSOD (from the proprietary OS) to keep the Governator from getting elected. May have helped them out a bit...
People who used the new voting system are believed to have voted for an independent operating system, dispite the fact that the test was on a faux-presidential race.
According to this text Linux was voted into the White House. We suspect Apache will be selected as running mate, though rumors say Samba is also a consideration.
The Good students at have decided this will not stand.
Help fight continental drift.
People are so crippled by the more expensive == better heuristic they don't notice when the rug is being pulled out from under them. Electronic voting should be unconstitutional.
First, after you vote, a 2-D bar code is printed. That code contains a record of your vote, with an encryption of the machine you voted at and your selected key. Nothing big, 4 digits. The critical part is the hardware key used on the machine.
A copy of this bar code is printed at the same time inside the system.
If there was an audit, randomly call people to determine their key. Although you could decrypt it, it's better than just leaving the votes lying around. Then, verify the accuracy.
Since I have a printed record at the time of the voting, I can use it to verify my votes. The local voting office could decrypt it, and then I can verify my votes.
Thoughts on this approach are very much welcome.
...tizzyd
I'll supply the hardware.
Sometimes boldness is in fashion. Sometimes only the brave will be bold.
And why do americans care, if only half of them vote?
-- Steels
This line: In addition to that, people signed a form that said that they had verified the results of the test before the test had finished running.
Scares the hell out of me.
Let's keep in mind that patents are in place to keep lawyers employed and keep them litigating. -CatGrep
I wish I could get user acceptance sign-off before I started testing.
Pleas join an existing, legitimate effort at http://verifiedvoting.org -
This site, rather than coninually dispairing at the fact that there are problems with electronic voting, has concrete steps that average citizens can take to make change.
The "attendance" one?
The problem with socialism is that they always run out of other people's money. - Margaret Thatcher
This looks like an issue for the courts.
let's just have a vote to decide whether to adopt these machines or not.
An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
This electronic voting is the most serious threat to America that we have seen in our lifetimes. Most here realize that no computer voting system can be secure without serious efforts that are not even being hinted at here. Compromising the secrecy of the vote offers many ways to secure these sysetms. A more reasonable compromise would be a voter-verified paper ballot that is re-inserted into the machine.
Since the most basic steps to provide security are not provided here, it is clear that the intention is to make a system that has completely compromised the validity of US elections. For some reason the mainstream media has not taken note of how serious an issue this is. The people involved in the current electronic voting plans can not be trusted AT ALL. They either want to subvert the voting process themselves, or want to create a system that is easy to subvert at a vastly lower cost than current systems.
What can be done to raise awareness of this issue? How can people be convinved that we need elections that are not trivial to subvert? Is the American public so apathetic as to make this an impossible task? Are we completely doomed?
The Riverside, CA election is already rigged. Quick, call Ralph Nader and Jesse Jackson. We'll have to wait until the actual election to see who is behind this.
issue alive.
Looks like someone else has joined the fight
Why-War?
photosMy Photostream
Seriously, what OS isn't known to hackers/crackers? Fact is, the more obscure the OS the more interesting it becomes to crack.
The old question/answer "Why did you do it? Because it was there." tells the story of what will happen regardless of the OS chosen.
I'll admit that the script kidz may be able to hack-the-vote with a MS SQL server backend but I would hope that the network used (or whatever format of data transfer) would be a little more robust that a windows box in a DMZ.
But I'm sure that with a few days of coding it could be released from the bonds of M$... it is just SQL, right?
Voting technology doesn't need to be any more complicated than that.
Sure, it may take a few hours to count all the votes, but they're verifiably countable and recountable, and seem good enough for most of the other countries in the world. Why does there have to be an electronic solution to this non-problem?
Sometimes the old way just works. There are lots of things like that in this world.
Some distrustful people still keep all their money hidden in a jar in the kitchen or under their mattress. Sure, they don't get interest, and sure, they don't have ultra-convenient access wherever they are. But you know what? They never have to worry about a bank error.
...
Yarrr, be claimed ye scurvy lot... We be the PCFF pirates most feared in all the land... YAR!!!
Now, you can debate about whether it's better to use a pull-lever stamping system to write out the ballots, or just marking an X with a plain old pen. The advantage of some kind of a pull-lever system (or press button system) is that you won't get ballots which are unclear (just a printout) and you can have an internal counter on the machine to give you a reasonable idea if your hand-count is correct.
Fundamentally, though, all good systems I've seen are very close to the pen and paper hand counting.
Who is designing these systems? It shouldn't be that hard, seriously. It should be obvious what the design requirements are. In no particular order; Ease and clarity of use, secure and anonymous (as far as who voted for whom), the ability to record who was voted for in a non electronic medium and proof that a vote was registered and receipt to the voter in some form. Not to mention a backup system in case anything goes nutty. An obvious design would be to have all systems offline, when the voting times are over each station has a particular upload time assigned, they upload their data, it is checked for error and checked against their local data, if none of it differs, then all is well. The vote data should be encrypted on sight (inside the voting computer, before it is sent to the locol database) so there is no tampering locally and the keys should be known by the voting commission. They systems should be as fully automated as possible with well trained (and paid fairly) personal there to operate these machines. This is just off the top of my head, is it *that* hard to design these systems, really?
"If you are a dreamer, a wisher, a liar, A hope-er, a pray-er, a magic bean buyer
right out in the open.
If our financial business would never trust their/our money with this type of a system, why should we trust our Nation's seats of political power with the same?
Oh never mind... Hey - isn't Joe Millionaire on?
Read the diebold memos:
/200207/msg00090.html
/200003/msg00034.html
/200009/msg00109.html
/200101/msg00068.html
/200302/msg00069.html
http://why-war.com/memos/s/lists/
Search the diebold memos:
http://why-war.com/memos/cgi-bin/search.pl
MEMO EXCERPTS
"Elections are not rocket science. Why is it so hard to get things right! I have never been at any other company that has been so miss [sic] managed."
source: http://why-war.com/memos/s/lists/announce.w3archiv e/200110/msg00002.html
"I have become increasingly concerned about the apparent lack of concern over the practice of writing contracts to provide products and services which do not exist and then attempting to build these items on an unreasonable timetable with no written plan, little to no time for testing, and minimal resources. It also seems to be an accepted practice to exaggerate our progress and functionality to our customers and ourselves then make excuses at delivery time when these products and services do not meet expectations."
source: http://why-war.com/memos/s/lists/announce.w3archiv e/200110/msg00001.html
"I feel that over the next year, if the current management team stays in place, the Global [Election Management System] working environment will continue to be a chaotic mess. Global management has and will be doing the best to keep their jobs at the expense of employees. Unrealistic goals will be placed on current employees, they will fail to achieve them. If Diebold wants to keep things the same for the time being, this will only compound an already dysfunctional company. Due to the lack of leadership, vision, and self-preserving nature of the current management, the future growth of this company will continue to stagnate until change comes."
source: http://why-war.com/memos/s/lists/announce.w3archiv e/200112/msg00007.html
"[T]he bugzilla historic data recovery process is complete. Some bugs were irrecoverably lost and they will have to be re-found and re-submitted, but overall the loss was relatively minor."
source: http://why-war.com/memos/s/lists/support.w3archive
"28 of 114 or about 1 in 4 precincts called in this AM with either memory card issues "please re-insert", units that wouldn't take ballots - even after recycling power, or units that needed to be recycled. We reburned 7 memory cards, 4 of which we didn't need to, but they were far enough away that we didn't know what we'd find when we got there (bad rover communication)."
source: http://why-war.com/memos/s/lists/support.w3archive
"If voting could really change things, it would be illegal."
source: http://why-war.com/memos/s/lists/support.w3archive
"I need some answers! Our department is being audited by the County. I have been waiting for someone to give me an explanation as to why Precinct 216 gave Al Gore a minus 16022 when it was uploaded. Will someone please explain this so that I have the information to give the auditor instead of standing here "looking dumb"."
source: http://why-war.com/memos/s/lists/support.w3archive
"[...] while reading some of Paranoid Bev's scribbling."
source: http://why-war.com/memos/s/lists/support.w3archive
"Johnson County, KS will be doing Central Count for their mail in ballots. They will also be processing these ballots in advance of the closing of polls on election day. They would like to log into the Audit Log an entry for Previewing any Election Total Reports. They need this, to prove to the media, as well as, any candidates & lawyers, that they did not view or print any Election Results before the Polls closed. ***However, if there is a way that we can disable the reporting functionality, that would be even better.***" (emphasis added)
source: http://why-war.com/memos/s/lis
Lead by none other than Martin Luther King III.. cfm?itemid=14993
http://www.workingforchange.com/activism/petition
There are 10 kinds of people in the world; those that understand binary and those that do not.
Just think, eventually we'll all be getting pop-up ads telling us who to vote for, while we're in the booths!
Yeah those whores all love anal, fucking politician cocksuckers just need to get a dick out their ass and stop smoking that pole, i mean it's a serious issue here!!!
...what are your qualifications to evaluate this system, other than, "a computer programmer familiar with software testing"? That's pretty vague.
Here's a drum you beat incessantly on your website (in bold even):
Whether or not you are a fan of Microsoft Windows, you have to ask yourself: If Sequoia says that Windows is well known and understood by hackers, why are they using it?
This is a total red herring. Are the computers connected to a publicly accessible network? Is there a keyboard or mouse present? Floppy disk/CD-ROM drive and power switch? Or are these hackers skilled at breaking into systems via proprietary software using only a touch screen? "Put 3 fingers in the upper left corner, hold your little finger in the center and then circle your thumb around the menu twice to add 10 votes for the democratic candidate. Circle your index finger twice to add votes for the republican candidate"
Since you're a computer programmer, tell us how this system is vulnerable to attack. You go on and on about Windows but the choice of OS alone doesn't make the system insecure. You must have seen something else to indicate the system is insecure. Perhaps you were thinking of hackers as shown in movies, who can get into any system regardless of interface in under 30 seconds.
Your shrill website contains little information. Much ado about nothing.
Here's an idea to make the process accountable, without requiring a mound of paper at the voting site.
Later on, a text file is made publically accessible with a row for every vote. Each row would have only the hash and the person they voted for. The algorithm for computing the hash would also be published.
Anyone who is interested in confirming that their vote was properly recorded can look up their hash in the text file to make sure it lists the person they voted for.
Anyone who has a spreadsheet can do a recount.
Any third party with a bit of cryptography knowledge can write a web app for people to confirm that their hash was computed properly.
This method has the advantage of remaining completely anonymous and completely accountable.
Any thoughts?
I release this idea into the public domain.
Relax... Your Vote has been erased......
Who will guard the guards?
That physical record of a vote is a crucial piece of evidence -- if there are no physical records, that's one less thing for any "bad guys" to have to worry about. It's one less audit point for any corrupt party.
With the input and compilation of data all within the same system of computers now, corruption can happen at any step -- input, processing, reporting, or combination -- with no "independent" physical record to be audited that might expose the corrupt results. Imagine a zealot programmer hacks a kiosk and tells it to re-write the votes after confirming it with the voter. The number of voters on the register would match the number of votes cast, so this would be difficult to discover -- there would be no physical records, which can be re-tabulated independently of computers.
Elections are high security risks, historically. Paper is not inherently evil. Just because paperless systems are possible, doesn't mean they're preferable. The more physical evidence, the better, I say...
you are needed at goatse.info immediately. thank you.
I see, I see ... I see a big screen that play the publicity of each candidat, blinking banners who are saying "Me, me, me, me" . I see people wishing that small pen and paper back.
Diebold stories have been a constant presence on /. recently. Here's how to help:
1) The students engaging in this civil disobedience are meeting with the Dean of their college Wednesday, October 22nd at 4pm. We need you to email *nice* and *supportive* emails to rgross1 (at) swarthmore.edu and cc them to info (at) why-war.com *before* October 22nd at 4pm EST. Please help Dean Bob Gross understand the importance of this issue!
2) Download the entire memo archive:
http://why-war.com/memos/s/lists.tgz
3) Join the disobedience by hosting the memos
...when a low-tech one will suffice.
Or even: If it ain't broke, don't fix it.
Yeah, that's the one. Cards work good.
For many elections, there are people outside the polling place who want to find out how people voted for the exit polls. These responses aren't set in stone or official, but they are reported to the news media, so they can get an idea of how the election is going before the polls are closed and the votes are tallied.
Usually, I just decline to respond, but the more I think about it, the more I think it might be a good check system against the voting system. As an example, if the exit polls show someone is going to lose 30% to 70%, then the presumed "loser" comes up with 60% of the votes, there might be a reson to look further into it.
Yes, yes, I know that this is a very flawed idea. Exit polls are unofficial, and have a margin of error, and in the case of close elections (i.e. Florida 2000) they would be worthless, but if the difference between the exit polls and the actual voter data was larger than expected, then it would indicate possible voter fraud.
IMHO, it's going to take some lengthy court battles before we get electronic voting machines that are worth using. Sadly, that means it will probably be several years. Until then, I still plan on using absentee or write in ballots (IIRC, you can still write in someone's name, even if they are on the ballot - YMMV)
What do our voting methods have to do with the war against terror? I am in favor of going after terrorists using all necessary military action. I am also in favor of proper voting methods that are not corrupt.
... I'm sick of the left AND the right-biased media. What we need is a libertarian news source that will cut things right down the middle! LNN... Liberty News Network! I'll start it up once I make my first 10 million... seeya there.
This site is a joke. Here's an example: "After two years of the "war on terrorism," American victories are tenuous at best: Two destabalized countries, no culprits in hand, and a widely-shared feeling that the world is less safe than when we began."
Huh? Iraq is being rebuilt and will be better than before. It is already freer than before. All you read about in most news outlets is the skirmishes, because "if it bleeds, it leads!" You don't see the schools and hospitals being built, the Iraqis working with the coalition. With the other countries coming in now via the U.N., it will only improve.
As for "no culprits in hand." We have a shitload of culprits in hand. Do we need to pull out the deck of cards? What about some of the top al Qaeda that have been captured or killed?
No, we don't yet have the "big two" public enemies, but to then say "no culprits in hand" is the biggest crock of shit... it just makes me want to ignore everything on that site, because it's obvious they are completely biased.
You know what
After the 2000 Florida election, all of Slashdot was clamoring for electronic voting. Or at least it sounded that way. "It's so simple even a geek could use it," they said. "We need to move into the 21st century," they said. But the latest Slashdot meme seems to be that electronic voting is bad. Go make up your minds!
Don't blame me, I didn't vote for either of them!
Under capitalism man exploits man. Under communism it's the other way around.
Considering a replacement in voting tech would have to be secure, and developed with the goal of democratic results (rather than profits), this sounds like a perfect open source project. I don't know if anyone's working on this, but if you are, you've got my vote :) To put things in perspective, as long as I CAN'T see what information is transmitted when I vote against Bush, I'm not going to trust it. However, if I'm able to download the complete source for the system and check it out, I'd be more inclined to trust it (or help fix it). Has anyone heard of such a project? It would be wonderful to have an e-voting system that isn't an Orwellian nightmare ;)
And what better way to help spread the good word about free software (both) than to have the election system as a working example. There's something poetic about trusting American democracy to free software. :)
Your ideas are intriguing to me and I wish to subscribe to your newsletter.
is not accuracy, verifiability, safety, ease of use, or any such thing.
It has to do with recounts. The purpose is to have a system that will always give the same result after every recount. Recounts make people unhappy because the result is never the same, so people assume the the mistakes continue to exist and are in favor of the other guy. We want the voters to be happy.
This is what I love about these electronic voting discussions - people always come up with these solutions, and then ignore the fundamental principle of designing voting machines: it must not be possible, under any circumstances, for an outsider to verify your vote independently. Now, that sentence is worded poorly, so I'll give an example of the problem with this proposed system:
1. CREEP announces that they'll give $200 to anyone who votes for person X
2. Joe Public says "OK, I'm in"
3. Joe Public votes for X and remembers his PIN number
4. Joe Public goes to the local CREEP office and tells them their PIN, their VRN, and who they voted for
5. CREEP, using the freely-available hash function, creates their hash using the supplied information
6. CREEP then checks the list and sees if the vote was recorded
7. If yes, $200
Now replace "CREEP" above with "The Mafia" and "$200" with "the life of your family." Now you see the problem.
My proposed solution has always been the following:
-Vote on a computer (with a well-designed interface), which records votes and prints out a receipt with the name of the candidate and a simplified 2D barcode on it.
-Have a poster on the wall inside the boot saying "if you voted for X, your barcode should look like this"
-Deposit the recipt in the ballot box on the way out, as usual.
This allows us three counts: the machine, the barcodes, and the names. Any political party can request a count based on the barcodes, and if it's close they can get one based on the names on the ballots. As far as I can tell, this system is - at worst - no more prone to fraud than the current paper-based one. And you can't buy votes, since no personally-identifiable information is stored on the receipts (which voters can't keep anyways).
There's probably a logic gap in my solution: any suggestions?
Cue The Sun...
spin from the registra of voters/ vvpat/in dex.htm
http://www.co.riverside.ca.us/election/ts
You're right.
And that's the whole idea.
I can individually audit my personal vote, and my political party (if it so desires) can demand a recound and audit the physical votes (the receipts). Or change the rules so anyone who has the cash to pay for a recount (to pay for the physical counting process - wages and the like) can request one.
But any system where the public can independently associate me with my vote (as with the parent to which I replied) is open to abuse.
Cue The Sun...
It's a generally understood concept.
Computers are not. Software is even worse. Information security has barely reached public awareness.
I am a software developer but I prefer a original paper trail over any computer print out.
Just my $.02
You people need to chill out just a little bit. Because:
;-)
The first time these machines are used, regardless of what the election is for and who wins, the results will be appealed by the losing party.
In court, the losing party's lawyers will easily demonstrate flaws in the system and show that there's no trail to do a recount.
The court will have no choice but to throw away the election results as void and have a paper election. Even if the results of this vote are identical to the ones electronically recorded, every oponent of the digital voting systems will have a legal precident to support his point.
Personally, I do not vote, but the idea of someone being able to tamper with election outcomes is sinister enough for most people to take note when the issue arises in the proper context.
Geeks bitching about it on a technical forum is not this context. But it will happen, and these things will go away.
I promise. Relax
Ecce Europa - Web Design for Business
Why is electronic voting so tough??? Go in, cast a vote, verify a vote, print the result on a strip of paper, hell, two strips of paper and move on. What's the holdup here??? I don't get it.
There is one obvious solution to this Diebold mess.
If the most progressive people were voted in -- people who otherwise couldn't win against the career politicians and party fund-raising machines -- it would shake up everything.
Or Linus and Alan as Pres and VP.
This is a historic chance for a poorly-protected, unverifiable voting system to HELP everyone rather than screw us over.
This may be the greatest opportunity to make a difference in our lifetime.
As much as I believe virtually ANY report of Diebold malfeasance, this guy is absolutely the WRONG guy to rely on. He's got a huge credibility problem of his own: he's a candidate for the "Peace and Freedom Party." In other words, he's a Trancendental Meditator and disciple of Maharishi Mahesh Yogi. I've heard that in England they refer to the P&F Party as "The Looney Party" after a Monty Python sketch. P&F's believe in human levitation, they insist that their houses have toilets that point north, etc etc. They're nutballs. Let's find someone as an impartial observer who doesn't have these huge credibility problems, and who doesn't spend thousands of dollars trying to learn to levitate.
Final election results:
G. Bush: 2 votes
X. Democrat: 3 votes
W.T. Beef: 58,321,742 votes
Actual congress transcript:
Joe X: We see that increasing the M1 money supply will help to invigorate job development in my riding...
President: Where's the Beef?!?
I, for one, welcome our touchscreen voting system masters!
I voted on one of these machines in Riverside County. I was taken aback because I didn't know beforehand that an electronic voting system was in place. Immediately after voting, I had the same concern that no paper trail was created - and therefore no manual way to verify votes in a close election. The visual representation was close to what was mailed to me, but it was not exactly the same - the names were not in the same order... No big deal if you were planning on voting for Schwarzenneger or Boustamante but it took me a while to find the candidate that I intended to vote for. I didn't have the impression that any of the volunteers present were technically proficient enough to resolve any technical problems that might come up. I wonder what would happen if one of the machines crashed? Do you disregard that machine's votes? Do you accept the data on that machine as valid? I'm very concerned about the scripted testing process that was in place. A voting system should go through the most strict level of testing prior to each election. It's plainly not acceptable to lose any votes. What action can I take? Can I bring forth a lawsuit to enforce strict testing? In my mind, the actions of the administrators was fraudulent and criminal at best. A lack of understanding of the technical issues is not an excuse.
I've voted twice with a dial and select type electronic voting machine.
It's much better than the punch card.
Then again, I could actually read and understand how to use a punch card ballot a long time ago.
Consider a few scenarios:
Great, the machine produces a paper trail and so immediately in an election I have my printer produce its own paper trail that matches the results that I want. I just have enough of a record to demand a recount, cast the election in doubt...
The right way to do this sort of thing is to get rid of anonymous voting.
This is my sig.
/Jeremiah Akin, a 28-year-old computer programmer/ /It should be noted that Sequoia has referred to the Microsoft Platform as "...well known and understood by computer hackers..." You would think that if Sequoia says that the Windows operating system is well known and understood by hackers that they would not use it./
No, you'd think that a 28 year old computer programmer would know that it is a good thing for hackers to know and understand an operating system. That forces the manufacturer to deal with any issues - it's called full disclosure and every legitimate security expert advocates it. Look at this mess with Diebold - would you rather that hackers not "know and understand" Diebold's insecure code? Would that make you comfortable with voting on a Diebold?
You've shot your credibility there Jeremiah. Sounds like you a) had it in for Microsoft and b) they made you sign an attendance sheet early. Whoop de-doo.
1. Need a paper trail that can be recounted, and cannot be tampered with. 2. The paper trail should be inspected by the voter to ensure accuracy. 3. The electronic side of things (if it exists at all) should be secure so it cannot reasonably be tampered with. 4. Each machine in the process should generate checksums of aggregate data, eg total votes per machine. 5. Every system that receives or processes results should make every effort to check the integrity of the data.
So, for the voting machine paper trail, how about a printer that feeds into a box below, with a perspex sheild to allow the vote to be inspected but not tampered with, also care should be taken to ensure the previous vote cannot be read.
In Australia we still use paper voting systems, and I don't see a reason to change at the moment. While everyone must vote, and counting must be performed by hand, our population is smaller.
09F91102 no, 455FE104 nope, F190A1E8 uh-uh, 7A5F8A09 that's not it, C87294CE no. Ah! 452F6E403CDF10714E41DFAA257D313F.
Greetings,
Recently, there has been a rise in the number of stories in the press surrounding the topic of electronic voting. I live in Oregon where we have chosen to vote by mail. At first, I wondered exactly why my State chose this route because electronic voting seemed to be attractive for a number of reasons.
After reading the various news stories and web postings present on various Internet web sites and forums, I have come to the realization electronic voting in its current incarnation is a highly suspect process.
The majority of voting machine manufacturers today wrap the inner workings of their machines inside contracts and licenses designed to cloak their products in secrecy. These cloaks when combined with the current state of intellectual property law make it difficult for the American people to understand and discuss the nature of the machines and their potential effect on the democratic process.
The American people need to engage this issue with all the facts at hand. The spirit of the law is not in line with the letter of the law in this case. The action of your students is commedable and worthy of your support.
"Those who cast the votes decide nothing. Those who count the votes decide everything." --Stalin
The right to vote is one of the founding principles behind our great nation. Changes to this process will have nationwide consequences on our society that we might not understand, but for the actions of a few people concerned about preserving the trust inherent to the core of the democratic process. These changes will affect each and every one of us and should not be made lightly or without due consideration of all the facts involved.
I urge you to consider the nature and purpose of the student actions along with the potential issues at hand before rendering your decision.
Respectfully,
( name )
Blogging because I can...
Also, how on Earth can you relate MS's closed code to "full disclosure"?
"A worthy cause has never been harmed by the truth" - Gandhi
It would probably work, but it's a little complicated. Most people are not going to have the faintest idea how it works. Even most techies don't understand SHA hashes.
You're making it too complicated. Simply have the voter fill in a form with a pen, and put it in a box. A machine counts these bits of paper, logging all the ones it considers to be invalid. Any question about the accuracy, and humans can count them.
You don't know your Monty Python very well... bad Geek!
You have confused the Peace and Freedom Party with the Natural Law Party -
The P&F Party has nothing to do with the Natural Law Party - we are a left wing party with 80,000 members in California - and no cultic tendencies.
also, I am not a candidate for anything - I was asked to monitor the test on behalf of the party.
Take a look at my Graphical Voter Interface.
I watch Brit Hume on Fox News
Isn't the obvious problem with touchscreen technology the marks left by previous voters? I mean, if Arnold Schwarzenegger had massive amounts of finger prints on his box, and other candidates had near-zero prints on theirs, couldn't that alter my choice?
Why does anybody want to get rid of the paper system? Sheesh.
Those of you who think that there's no problem check out Bev Harris's web site www.blackboxvoting.com She's assembled some of the top professionals in the computer and statistical fields to examine these systems, and found them sadly lacking. The owner of one of the companies just publicly promised to deliver Ohio's votes to Bush in 2004. Another is partly owned by Sen. Chuck Hagel, who was trailing by 20 points the week before the election but whose machines gave him a landslide. Another company is owned by Halliburton. There's an extensive discussion and many, many links in this thread at the Alternet forums. http://forums.alternet.org/guest/motet?show+-ugYdK G
Machines in a precinct in Iowa counted 3,000,000 votes from less than 1,000 voters. The Arkansas gubenatorial election was won narrowly by a Democrat, but mysteriously 7,000 votes disappeared overnight, throwing the election to the Rethuglican. Miami reported votes from 254 precincts, but there are only 252 precincts in that area. Diebold queried the machines in San Obispo County in the middle of election day, apparently by dialing into them via modem. What else did they do while there?
Punch card machines had a three percent error rate. The best of the touch screen machines have a seven percent error rate. We are moving to the only modern vote counting system with a HIGHER error rate than punch cards.
"Think about how stupid the average person is. Now, realise that half of them are dumber than that." - George Carlin
Step 1. Give all vote collecting devices a public/private key pair. Sign all votes and include a timestamp and random number/sequence number to identify replay attacks.
Step 2. Give a list of public-keys to the vote collection server/system that is offline and locked up for the entire voting process (ie. tamper-proof).
Step 3. Ensure that you delete all traces of private keys except for those in the actual devices.
Step 4. Vote (print voter and government paper receipts with timestamp and number for vote verification in case of emergency).
Step 5. Collect PK signed votes electronically.
Step 6. Bring collection system offline, obtain public keys for voting devices, tally votes.
Step 7. Announce results.
Is this so hard?
I really wish people would expend as much energy attempting to understant election science as they do attempting to capitalize on people's by-and-large unjustified fears of paper ballots engendered by the last presidential election. That would actually make the world a better place, rather than simply making a few people a litte richer and the rest of us a little poorer.
--Lawrence Lessig for Congress!
I would change the order of the counting to:
1. Barcode
2. Candidate's name
3. Computer record
with the order of weight going:
1. Candidate's name
2. Barcode
3. Computer record
After all, if you can verify the barcode visually with the candidate's name on your printout, you can then deposit it into the tally box for later counting by a barcode reader which can be the first official tally. The computer record can be used to verify the barcode count, and any discrepancy can be solved by recounting the barcode/name ballot printout manually, since you can read in human form the candidate's name if necessary.
You know, this may actually be a workable electronic voting scenario, because it doesn't rely on a computer only count that no one can see, yet it makes the act of voting easy to actually do and doesn't require huge ballot sheets.
Well done.
Visceral Psyche Films
http://www.equalccw.com/dieboldtestnotes.html
Before this, Diebold was a good trademark. Now, it is becoming worse than useless. If things continue, no one will even buy a Diebold lunch bucket.
Ah yes, that solves a lot of issues with the lack of immediate electronic results for primarily paper solutions. I presume there's some sort of unique barcode on the voting form to prevent accidental or deliberate rescanning.
In the UK, where I'm from, the only discussions about the election process is multiple voting (dead people, collecting cards from student halls, etc) - of course still an issue with these electronic methods - and the general "people too lazy/disenfranchised/dischanted to get out to vote" issue, and all these rightful concerns about unreliability (let alone the alleged fraud cases!) with electronic machines is only going to make people less likely to bother to express their democratic rights.
... there is a techno-fix for everything. Trustworthy, reliable voting machines record ballots for advanced election methods and we incontrovertibly know the will of the people within a minute of the polls closing.
On the other hand, I wonder if we could do better by paying minimum wage to two people per precinct to count each plain-old-paper-ballot twice, by hand. bc-of-envelope says $12/hr labor divided by 120ballots/hr processed = $.10 per ballot processing. About equal to the paper it's printed on. Sounds reasonable to me.
Start Running Better Polls
Its definately a challenge.
People are barely talking about it in my country as well and they are extremely apathetic.
Perhaps an approach is to invoke visions of a similar device that in practice, has gotten a lot of press lately as being unsafe.
Diebold does not just make voting machines. They make ATMs, and it has been shown time and time again that they can be subverted from the inside or outside with relative ease.
People lose money and their identities all the time. Fortunately this one's life! Authenticity is easy to prove.
A voting machine is precisely no different, since there is no way authenticity can be proven at any time- only this time instead of losing your savings or identity- you lose your freedom to choose.
I live in Canada, and these things will be in use here soon if they aren't already. I am going to start collecting info, for my own propoganda, re-educate myself on the issues, and go pass out some homemade fliers.
I suggest each and every one of you Americans do the same, if you are real patriots.
---Up Up Down Down Left Right Left Right B A START
It always comes down to dead presidents:
m
http://www.tvacres.com/admascots_clarapeller.ht
Let's describe a voting system that works:
...but this would be too easy.
1) There's a program somewhere running inside the
2) Each person gets a smart card or similar secure device. As it counts, it burns out gates inside the card. The count can only go up.
3) Back at the main counting station, a similar thing happens. People insert their cards, and counters go up by burning out gates (i.e. FPGA)
The cards are disposable. There is no database. There's no way to decrement any of the counters. It just works.
I find it remarkable how silent the mainstream media is on this issue. When even the New York Times fail to mention any of the controversy over Diebold in a recent article on voting machines you know this is going to be an uphill battle.
However, if these machines are already in use, the next step would surely be legal action? Someone with the right to vote in an election should demand the right to cast their vote by means where there is proof their vote will be counted.
Keep It Simple Stupid
It was always obvious that receipts would be the best way to verify vote.
Apart from initial outlay, cost is minimal - the only reason somebody would not want verification is because vote would be easier to corrupt. Apart from reason of moronic stupidity that is.
This system should be kept for all time - to prevent any fiddles in future.
People would cast their e-vote, get the receipt, verify it is correct and put the receipt in a new type ballot box.
Vote is not cast or recorded until receipt is put into ballot box (incorporating reader).
There are very reliable readers already on market for cheque validation.
Recount is always possible when number counts are close.
At all votes though, use equivalent of bank note counter to see total receipts match the votes. Also, use spot checks to see no attempt at fraud with candidate mismatch on ticket.
We can solve all of these Trust issues simply by switching to Secure Microsoft Palladium voting machines!
Heil Gates! Heil Gates! Seig Heil! Seig Heil!
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
On The FORM the last two persons are the same person with different signatures, i wonder why?
The lunatic is in my head
Ironically, e-voting may take off precisely BECAUSE it didn't work the first time... (miscounting votes to put e-voting friendly folks into office)
Well, that settles it, I'm running for President... Sure I'm not technically old enough yet, but I figure that's not going to matter much as I expect to win by a landslide like never before imagined. My platform? Well, simply this: I promise to take the entire GNP of this country for the first year of my term and split it evenly amongst the ballot machine vendors. No social programs, no tax cuts, no foreign spending, no paying off the debt, nothing... it *all* goes directly to Diebold, Sequoia, and ES&S. I won't even take the time to actually run a campaign, nor sign up to be on the ballot... this is going to be a write-in land slide, I'm sure of it.
One of the P&F drones was a candidate for the position of mayor in my town. He got 2 votes, out of 14,500 inhabitants. Some say that includes his own.
Maybe we deserve this world ?
...but it is certainly not hard to pretend to be someone who died 50 years ago. This has happened before. If they could make a secure E-voting machine...
Yes, a secure voting machine that depends on the motor voter registration system so all the non-resident and undocumented aliens can vote along with all the dead people. You'd most likely jump up and down with glee if they web enabled the registration and voting systems because Secure e-Voting (TM) has to be better. Right?
From what you say you seem to think someone stands in line and votes the graveyard. The Chicago method is to get control of the voter registration rolls for a district and 'add' the graveyard. Then the 'impartial' volunteer election judge checks off the extra names and stuffs the ballot box after the polls close.
Any voting system without a 100% human readable audit trail that is accessible to the voter at the time they place the vote and without a 100% reliable method of matching a ballot to the registration list is vulnerable. What plagues the voting system in the US is we are too cheap to devote the required resources to the system. The UK and many European countries have next day election results using paper hand counted ballots. They however don't try to have only 17 polling places in a city of five hundred thousand, as is the case in so many US cities.
You guys were much more interested when you were trying to delegitimize the President by seeking discredit the Florida votes....
The whole concept of paperless voting is insane. Making voting easier doesnt mean no paper.. it just means changing the way things are done.
What about a touch screen that generates a card with your choice on it.
Ie, you push "bush, or "democrat" it generated a card that says the candidates name and party, and you jsut drop that in the box. It would be good for the growing minority of illerterate americans, they could put the party mascott's next to the name, that way people know to either vote for the donkey or the elephant party.
Welcome to the End
Although they do 95% of their voting using a more reliable technology (optical scan machines and paper ballot cards), they use the Diebold touchscreen units for accessibility reasons - it supports audio-only voting for visually impaired voters using a numeric key pad for navigation, etc.
So, here's how a Diebold engagement works for the touchscreen units. They send a representative up to program the units with the appropriate races, candidates, etc. They use a plain old windows workstation and an application that appears to be Visual Basic. This application stores election metadata in a MS Access or SQL Server database. This metadata is then transferred to the touchscreen units over a LAN. It appears to me that the touchscreen units are Microsoft CE boxes. Can't be sure about the database format they use on the touchscreen unit to store this metadata and the actual votes but I suspect they use Microsoft Access.
The Diebold staff provide a few hours of training for the staff who have to manage the machines. During the election, Diebold staff are not on hand, although they do show up at the end, when it is time to aggregate results from all of the touchscreen units. Diebold staff download the data from all of the touch screen units to a central aggregation point for which takes on the responsibility of totaling the results. Now, I know what all of you conspiracy theorists are thinking but note that election supervisors can print paper aggregate totals from each machine before this happens.
My observations:The touchscreen units do not have an administrators manual that election supervisors can use for the purpose of understanding how to manage these machines. When prompted about this, the Diebold representative replied that there were no manuals and that you shouldn't need them - "the machine is intuitive."
One of the things that the Diebold representative expected was within the realm of capability for non-technical staff:
- Put a PCMCIA Network card in the touch screen units & attach the appropriate ethernet cabling
- Assign the touchscreen unit an IP Address (FYI: DHCP was mispelled in their UI, I think it was 'DCHP')
- Specify the network address of the host machine (i.e., the workstation that has the election metadata)
- Provide the path name on the host machine to the election metadata file
- Download the election meta data to the touchscreen unit
I didn't actually fully execute this use case - it wasn't clear to me how this part would work & I wasn't prepared to do anything serious without a manual. Anyway, that, in my opinion, goes way beyond what a non-technical person is capable of doing themselves without a manual.That matter aside, my view is that machine is in general, not intuitive, as the Diebold rep claims. Although machine only supports somewhere in the neighboorhood of 9 use-cases for the supervisor user and none them involves more than a 2 step flow, it took me about an a couple of hours to figure out how to manage an election on it. Further, I wouldn't have been able to do it if it weren't for some of the cryptic notes that one of the election workers scribbled down about programming voter cards when the Diebold rep was running the training session.
My point: We need to trust election results. One important factor is that we have to have confidence that election supervisors are capable of properly administering this equipment. My view: limited training + no manuals + non-technical administrators = potential for disaster.
Read some of the investigations of the Deibold computers. They don't even use SQL Server, they use ACCESS, a personal database that was never meant to be used as a secure database - we are supposed to use SQL Sever in MS-land. At the VERY LEAST, the logs for this system must be recorded on an write-only medium, so you can't just run Access to alter the log records.
Think global, act loco
We don't need loonies with beliefs like that informing us of what's going on. We need good people who believe that a diety in the clouds formed the whole univers in six days, that men have one fewer rib than women, that a man put two of every animal on a boat, and that a virgin gave birth to a man who could rise from the dead. That's what really gives people credibiltiy.
- Hail to our fearless misleader! Fool speed ahead!
Great point. A few years ago I really wondered why there was such a push for motor-voter laws.....
Then they started handing out drivers licenses to illegal aliens and it all became clear.
Robotic prostitutes would cut down on non-consensual abuse of sex workers, unwanted pregnancies, number of abortions, and transmission of disease, and probably would have other social benefits I haven't thought of yet.
One need merely optimize for customer pleasure, within the target demographic (Which would be patrons of prostitutes I'd guess).
And incidentally, I'm really tired of all the "we need a constitutional amendment" knee-jerk reactions I hear all the time. If constitutional amendments weren't incredibly infrequent, they'd be no more useful than any other law.
atm machines seem to have a pretty secure method of operation. There are some flaws involving the PIN and such, but overall the ATM, made by Diebold I might add, seems to be a pretty solid device.
When money is involved, things get worked out pretty well. Votes? Not a worry, we can buy those with enough money right?
Hmmm....
Blogging because I can...
First, after you vote, a 2-D bar code is printed. That code contains a record of your vote, with an encryption of the machine you voted at and your selected key.
Giving the voter a record of his vote which he can use to prove what his vote is to a third party is illegal in most jurisdictions, because it facilitates vote-buying schemes.
(Whether vote-buying should be illegal is a separate issue, of course. B-) )
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Here's an idea: every cash register I see prints two reciepts. One goes to the customer, one stays in the machine and is just viewable through a little window. How hard would it be to add that to the voting machine? Just have it print a reciept that the nmachine keeps. Have it locked under a glass shield so the voter can verify before leaving the booth. At the end of the day, collect the receipts and archiv them for recounts, etc. Wouldn't this work? Am I missing something?
AB HOC POSSUM VIDERE DOMUM TUUM
how repetitive these Slashdot discussions about e-voting have become. It is pretty damn clear that electronic voting technology is a long ways off from being suitable for electing our representation, and it is probable that electronic voting simply is inappropriate for this absolutely critical aspect of our nation.
If anyone who is a member of a congressperson's staff or works with other people in policy-making roles is reading these things, make sure to point them out to your boss. This single action is probably worth a thousand letters from constituents, as Slashdot is a forum that includes comments from every state in the USA (and beyond). Not only that, many comments contain links to websites archiving evidence of corruption within Diebold and possibly corruption in our political process itself.
This is big-deal stuff, so I urge anyone who can to spread the word from the inside.
Healthcare article at Kuro5hin
A citizen enters the voting center, is authenticated as a registered voter by the volunteer staff, and given a vote card.
The citizen enters a voting booth (behind a privacy screen) and activates the selection kiosk using their vote card.
Once their candidates and referendums have been chosen, the machine prints out a 2D barcode on the vote card and returns it to them.
The citizen exits the voting booth with his completed vote card.
The citizen has the option to verify his barcode using a separate verification kiosk which deciphers and displays the barcode (behind a privacy screen, of course). Once satisfied, the citizen leaves the verification kiosk.
Why encrypt the card? That way you must trust the decryption machine, which ALSO may be corrupt.
Print the card in the clear. Then the voter can check it without mechanical intervention.
Rely on the physical security of depositing the ballot in the ballot box. There is no need to verify that the ballot was printed by the machine, both because that process can ALSO be corrupted and because it does not address the single issue at hand: "How did the voter vote?" Not "Did he vote in a particular machine?"
To prevent ballot box stuffing have poll watchers from each interested group watch the ballot box - just as is done with hand-marked paper ballots.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
As well as making voting compulsory, you should also add a 'None of the Above' option. (I believe something like this has been discussed here before). If 'None of the Above' gets a plurality, the election is declared void and nominations are re-opened.
Also, votes have been tallied electronically for some time. The only difference is that you don't fill out a paper ballot, your votes are recorded by touching a screen. When you fill out a paper ballot, the computer counts it electronically and the ballot is thrown into a box. With touch-screen voting you don't have the paper ballots to verify the results. That doesn't makes me worry though seeing how many extra votes mysteriously materialized for Al Gore in Florida when the ballots were counted by hand.
I think electronic voting would be fine, just assign a random number to each ballot that is linked internally with the voter but is never seen outside. Print them off a little ticket after they verify and submit their votes with their unique vote number on it. Then let anyone check all votes on the web given their number. They couldn't be linked back to an individual person without the secret list so anyone could see each and every vote in each precinct without worrying too much about privacy. If you know which number is yours, you can verify your vote online to make sure it was counted correctly. That way the counting of the votes could be done by anyone to get the correct totals, and the verification of each individual vote could be done by the person that voted. If each vote had to be matched back to an actual person, that could be done internally, but you shouldn't give out the list of people linked to their votes.
Then obviously you've never worked in a pre-computer or early computer accounting office. I have. There are so many things you can do with paper records that you can't do electronically, it's just beyond belief. All sorts of good stuff can happen to paper.
Q) How do you CRC or digitally sign a drawer stuffed with paper?
A) You can't.
Q) If I get a stack of absentee ballots against my guys in the mail, what do I do with them?
A) Stuff them in my shirt and walk out.
Keep pushing for paper, and I'll be scraping chads for my guys, come fall. That's for sure.
This is my sig.
It's all about rigging the US presidential election.
Yay me!
It seems to me that if the majority of people do not think of this problem and therefore the companies feel they can ignore it, it requires a major failure to highlight the problem to the public. Most people had no understanding of problems in the power system, now everyone in New York etc knows there is stuff wrong.
For example if at the next election a party was to have the first reports from a state (from the centralised tally.) read a massive swing to a stupid entry, or even better just be so out of whack with reality that a recount is ordered. Then it will be discovered and show to the public at large how broken the process is. Imagine a repeat of Florida several times with the blame placed at the feet of Diebold.
Maybe someone needs to hack the system and screw with the data just to force the issue. How though would the US handle such a situation. Can a rerun of the election be ordered, would 20% (or what ever portion) of the states be ignored, maybe Darth Vader is declared president.
Of course I am writing to you from a place that does the whole paper voting thing. (Actually worked in a booth twice now, quite fun and makes you feel useful.)
Here in Aus, the votes are counted in voting centre on the night, then counted again in the following week in the central electorate office. In the next month the count is redone, and during the period till the next election each electorate office does at least one dry run count of the old election and quite often does one for a different electorate. If there are discrepensies there are some serious investigations. And as everyone on the roll has to at least show up and submit a blank form there can not be ballot stuffing.