Slashdot Mirror
More E-Voting Software Leaks Surface
Christopher Soghoian writes "Sound like something you've seen before? Wired News reports that the software which runs Sequoia's AVC Edge voting machines has been accidentally placed on another company's publicly available FTP server, although this time it's the binary, rather than the source that's been leaked. Machines running this software were used in California's Riverside County for the 2000 presidential election and for last month's California gubernatorial recall election. The system also has been used in counties in Florida and Washington state."
I dont know a whole lot about cyrpto, but if its a big deal if a binary got leaked, perhaps the software isn't that secure to begin with. We all know security through obscurity doesn't work.
Selling software wont make you money, selling a service will.
If these systems were really secure, then finding out the code shouldn't be important. Just because I know the RSA 128-bit algorithem, doesn't mean that I can break it in a second!
Also, why isn't the federal government coming out with a standard software framework for voting?
This seems obvious to me, at least.
Not that I trust my government to be the best coders, but heck... get the DOD on it. They are pretty good at these problem domains.
Maybe they'd run it off of source forge....
-hampton2600.
"I don't want to start a holy war here..."
I think that no matter how many assurances there are (and there aren't a whole lot right now) we're never going to be able to take care of lingering doubts about the security and fairness of e-voting.
Right now, voting software is obviously not ready for primetime and the companies that make it need to have some sort of oversight committee making sure they're not playing games or royally fucking things up.
There was enough of a commotion in FLA about hanging chads that people's confidence in machines are shot. And those are relatively simple compared to secure e-voting software!
It seems that the more we try to "high-tech" the voting process, the more problems and uncertainty we will introduce into the system.
So, right now I'm leaning towards a really low tech solution: simple paper and pen for ballots.
I know I'm a geek and supposed to love technological solutions. And I do, but with something as important as voting, until they get it to be as reliable as pen and paper, I say screw the machines because as a geek, I also know how unreliable software can be.
Humorless sig goes here.
a number of hacks could be discovered, and kept secret by some techie
That's *exactly* why I wouldn't mind seeing the code open for public review...
Perhaps they should just take more care when designing the actual product to make sure it's bulletproof - i.e. hire really good people to write the code.
The problem here is that companies are driven by profit and hiring better people, spending more time in design, doing more testing, and even a formal translation of a formal model for proof of correctness all cut into the bottom line. It only needs to be good enough to sell copies in the current market to satisfy the corporate need.
As I've said before, the agencies responsible for buying this equipment and software should bear a good deal of the blame for anything that goes wrong. It seems to me that some gross negligance or incompetence is going on here. If the government was hiring a private company to do security related work, you bet that they would have standard procedures set out, vetting, interviews, background checks etc. by people who are actually familiar with the security area. Yes I know it doesn't always work, but they give it a decent shot and show a degree of competence. If a problem with security clearances of this magnitude came to public light, you'd bet that they would be announcements of an "inquiry". However as soon as it comes to "computer stuff" it seems like government agencies suddenly try to express how incompetent they really are. A lot of the weaknesses in this software should be blatently obvious by an audit by a computer security professional. As it is the articles I've read suggest that they only audited the source code the companies themselves wrote rather than the whole program ('hey wait a minute what's all this MS stuff? We need to audit this whole thing you know'), only audited for reliability rather than security and didn't even take the audits seriously anyway. It increasingly seems like they made a token gesture at an audit and them simply trusted the companies' word on the matter. And now that things like this are coming to light they are burying their heads in the sand. Sure they are unlikely to be tech experts but can't they just apply the basic principles of security clearances and audits to this software? And surely being 'experts' on managing elections they should realise the importance of a paper trail, since they must be familiar with all the stuff that goes wrong in elections that most of us never hear about? I mean what is about "computers" that suddenly make government employees act like incompetent idiots? They seem to be able to act at least somewhat competent in non-computer areas, but suddenly stick some technology in and it's like they suddenly don't know what to do and any previous expertise they had in the field eg. managing elections suddenly disappears into thin air.
Yeah, because if the federal government does it, it is efficient, reliable, and effective.
Blah blah -- the government boondoggle meme strikes again. Yes, it has its roots in some truths, and that's why it exists. But...
The problem is, there are in fact examples of government programs and agencies working and working well. Our, poor, terribly innefficient government programs are responsible for creating the world's best military. My locality might be an exception, but we've got incredible public library resources that I'm so happy with I'm *glad* when I get library fines. The Interstate Highway system makes cross country travel effecient and quick -- which keeps the cost of goods lower -- at least, those you buy that were shipped from somewhere else.
Yep -- I know, private firms were involved in the creation of each of those things. Doesn't change the fact that some branch of our poor, incapable, incompetent government commissioned and managed those projects.
And yes, I know -- the DMV is frustrating to deal with. But I can tell you that the service of the DMV and even the IRS looks positively stellar compared to any number of private entitities -- several health insurance companies, Sprint, Microsoft Customer support, and the hosting company I called last week (no, not some dinky provider either -- I'm talking freakin' Interland here). All of whom should have, in theory, been erased by the invisible hand or otherwise kicked in the pants by the market. But in fact, these beaurocracies are no better than most mediocre government beaurocracies.
So it's fun to repeat, but remember to look at the facts while you're thinking about it. Our beloved commercial driven-to-efficiency-by-the-market companies have produced an absolute steaming heap of bovine excrement when it comes to an e-voting product. And yes, it's still taxpayer subsidized, because our governments are paying for these products -- and not just the costs, but also the profits.
Libertarianism is rich wolves and poor sheep playing gambler's ruin for dinner.
I don't understand how a piece of paper equals coercion.
If you marked a paper ballot with a pen, and dropped the ballot in a box, then that would also be coercion? Seems like that's the way its been done for centuries.
What makes it different if the paper comes out of the voting machine before it gets dropped in the box?
It doesn't, what you're describing is a ballot, not a receipt. A ballot receipt would be something the voter takes with them. If the voter takes anything with them which shows who they voted for, they could be threatened beforehand to vote a certain way and they would have to produce the evidence afterward. More common would probably be the selling of votes since the voter could prove they voted a certain way.
In fact, there is no difference. Why do we even need the voting machine?
I think carefully designed electronic voting machines could be very helpful for improving voting accessibility and preventing voter mistakes. An electronic system could provide the ballot in many formats; large print, different languages, audio (with headphones) and include pictures of candidates. It could prevent people from voting for more than one person for a position and make it harder to accidentally not vote for any candidate for an office. They could be especially helpful when there are lots of choices, such as in the California recall election or when there are many ballot initiatives.
The machine can also make tabulation of votes very fast but ultimately it must print out the voter's ballot on paper which is placed in a secure box by the voter. That (anonymous) piece of paper is, at least, the official ballot in any instance of a dispute over the electronic result. The paper itself should be machine readable but also fully human readable (like the filled in bubbles on standardized tests, not barcodes which are not human readable).
Paper receipts are worthless -- not only do they rely on everyone keeping theirs (and turning it in when asked, etc.) in case of a recount, but there's no guarantee that the vote printed on the receipt matches the vote recorded in the eVoting system.
r yReader$1954) not everyone is so enamored of technology that they overlook the obvious.
h tml) actually put wireless LAN interfaces on their touchscreen machines ("The functionality linchpin of the WINvoteTM system is its wireless LAN (IEEE 802.11b) system - called the Wireless Information Network (WIN) -- that enables the user to communicate remotely with the major components of the voting system.")
The only system that works is having people make marks on paper that they can look at and verify, then put into an independent tallying device to count the votes, which rejects invalid votes immediately so that they can be corrected. And in the even of a recount, the paper can be re-scanned.
Astoundingly enough, such devices not only exist, they're cheap, reliable, and fairly widely used -- scantrons! They have the lowest error rate of any voting mechanism, and cost almost nothing.
I have no idea why anyone would even consider an untested (and un-auditable) touchscreen terminal that costs thousands of dollars instead of a scantron that costs almost nothing (the forms cost about 10 cents, and the election board can borrow the scantron from the local schools).
Luckily (http://newshound.de.siu.edu/spring03/stories/sto
But just to keep us on our toes, these morons (http://clients.enfocom.com/avs/products_winvote.
Isn't anyone with a brain cell writing the requirements for these voting systems? You'd think that secure and auditable would be adjectives that you'd want in a voting system.
Enable 3D printed prosthetics!
It's already in the "hands" of the government. Who picked Diebold?
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Are you sure about that? If someone wished to purchase your vote, would he not simply say, "Here, use this PIN when you vote", and then check your vote himself before giving you the money or breaking your kneecaps?
Jeff
> ...the entire election in the Kashmir state was
> done by EVMs with no room for tampering.
How do you know? Just because the Indian government says so? They, of course, couldn't possibly have any reason to want to nobble an election in Kashmir, of all places.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Between this, and the Diebold fiasco it would seem a good idea for an open source/Linux project to write a secure voting system. With many governments opening up to the idea of open source, it might just fly (and make for fair elections too).
Mundus vult decipi, ergo decipiatur...
There are lots of ways to create auditable trails for e-voting, but they aren't interested in offering the feature. Why not? I conclude it's because the lack of auditing is precisely the point. That's hos Diebold plans to "deliver" Ohio.
That reason why Database Technologies (DBT) was given the job of "scrubbing" felons from the Florida voting rolls was not that they were cheap (500 times more than the company they replaced) nor that they were efficient. Katherine Harris several times shifted the standards to INCREASE the error rate. False positives are a good thing when you are trimming likely Democratic voters, which was the point. (Race was identified, names munged. They were intentionally careless about getting names correctly, so the wrong people were scrubbed, but race was 100% on the money for each entry.) The error rate of 89% was just fine: and resulted in handing Bush the state. Sort of. It took other shenannigans to get the 500 vote margin.
Some Republicans have already proven they like monkeying with elections to gain power. Two of the 3 main e-voting vendors have strong partisan, Republican ties. This is a problem for believers in democracy, Democrats, and principled Republicans.