Slashdot Mirror

← Back to Stories (view on slashdot.org)

More E-Voting Software Leaks Surface

Posted by simoniker on from the cheating-for-election-and-profit dept.

Christopher Soghoian writes "Sound like something you've seen before? Wired News reports that the software which runs Sequoia's AVC Edge voting machines has been accidentally placed on another company's publicly available FTP server, although this time it's the binary, rather than the source that's been leaked. Machines running this software were used in California's Riverside County for the 2000 presidential election and for last month's California gubernatorial recall election. The system also has been used in counties in Florida and Washington state."

10 of 283 comments (clear)

  1. Whatthewhata huH? by strange_attract0r · · Score: 2, Interesting

    How do you "accidentally" put software on a public FTP server ... this is ridiculous. Makes me glad to not be an American :)

    --
    This sentence no verb
  2. Open Source by ottothecow · · Score: 2, Interesting

    This wouldnt be a problem if they used OSS to vote. The problems could be caught and fixed before a vote...and nobody has to keep the info secure.

    --
    Bottles.
  3. On-Topic: Diebold Lists Posted to Freenet by Anonymous Coward · · Score: 4, Interesting

    Earlier today I posted the lists.tgz archive of Diebold's damning mailing list exchange to Freenet, as has been requested repeatedly in threads related to the electronic voting issue.

    The key is:

    CHK@sgOjWAy4g-0bf0m5biyqnEzWloENAwI,OXw8OfHPfsmL d0 68BtICKg/lists.tgz

    If I can obtain the AVC Edge binary, I will do the same with it.

    Let loose the DMCA notices, boys. It won't do you a damned bit of good now.

  4. Re:Code shouldn't be important! by Anonymous Coward · · Score: 1, Interesting

    I once had a job doing Software Verification and Validation to the then new Federal Election Commission standards for voting machine software. The standard was really loose (even kind of funny in places) and there was nothing to bind a government to use a certified electronic voting system. I'm sure things have changed since then.

    The system I was verifying was probably typical of the current systems, though. The machine itself was well done, an embedded system with well documented software coded in 680xx assembly language. My V&V job was easy and the machine did what it was supposed to do. The hardware was also very robust and had been successfully tested to military environmental standards.

    However, the software that tallied and reported the votes gathered by these elegant machines was written in interpreted BASIC to run on an x86 PC. This software was presented to me for verification as a box of fan fold paper where the source had been dumped with a dot matrix printer. Aside from the sloppy presentation, the system was just complete spaghetti code (the FEC standard specifically disallows "egregious spaghetti code" in favor of "structured programming techniques". I found out later that this code had been written by the 17 year old son of one of the principles of the company.

    I flunked the company because of the tally system software and caught a lot of heat for doing so. A government in Pennsylvania was persuaded by the manufacturer to use the uncertified system anyway in a local election. The results were, predictably, disasterous and my analysis was vindicated.

  5. where you from? by alizard · · Score: 2, Interesting
    I know that in at least 1 EU nation, the request to examine voting machine and vote counting software was responded to by "Oops, the foriegn company forgot to give us a copy."

    The company was NOT a USA company

    --
    Tech Public Policy stuff
  6. Idiots... by herrvinny · · Score: 2, Interesting

    Why the hell are all these problems cropping up? Voting is simple enough, add one to the vote counter of a candidate/issue, like this:

    vote++;

    (WARNING: The code above is probably owned by SCO too, so just to be safe, I'm mailing a check for $699 tomorrow morning)

    Is this really so hard? I'm working on my own OSS voting program. You can see the early version at herrvinny.com. It supports multiple choice (you can select several options together, or just one option), write in, no choice, etc. Anyone in UW-Madison want to help me test it, let me know.

    Anyway, from my experiences writing this program, it doesn't seem so hard. And my program is done in Java, so all you little Java == SUV people out there are just plain wrong, the program works great.

    Anyone have a mirror of these files? I'll mirror them myself, and we can play a game of keepaway with Sequoia just like with Diebold.

  7. Where there's a will, there's a way by windside · · Score: 1, Interesting

    I think it's a shame that this software is getting leaked because it throws a significant wrench in the gears of the natural progression of democracy. Although I agree that the paper ballot system works just fine, the bottom line is that computerized voting - if implemented properly - stands to improve elections in terms of accessability of ballots to the electorate, workload for electoral officials and overall cost.

    That said, as long as there are elections, there will be people for whom cheating or rigging the results is a very appealing prize. There's a great deal of hand-wringing going on about the leaking of this software, but in the long run, it's not a big deal - the people who run the elections will simply have to come up with some new solution that circumvents the existing problems and, of course, creates new ones.

    --
    ...Whether my Maker is prepared for the great ordeal of meeting me is another matter.
    Churchill
  8. over simplification or a good idea? by Shakrai · · Score: 2, Interesting

    Maybe I'm over simplifying the issue, but am I the only one that thinks the only way e-voting of any kind is trustworthy is if there is a paper record of the vote?

    Why not use an E-Voting machine to generate a paper ballot of some sort that could be read by scanners? More or less like a punch card ballot, but generated by a machine with multiple language support and all that good stuff. People get to _review_ their ballot before they put it in the box (giving them faith in the system), there won't be any hanging chad or bufferfly ballots (the interface would remain as a touchscreen), and most importantly, if you needed to do a recount, you'd have _paper_ records.

    I'd trust this a little bit more then some software designed by a corporation with special interests to worry about.

    --
    I want peace on earth and goodwill toward man.
    We are the United States Government! We don't do that sort of thing.
  9. Re:From the designers of the DMV..... by kableh · · Score: 2, Interesting

    Wired had a rather telling story about this the other month: http://www.wired.com/wired/archive/11.09/bagscan.h tml?pg=1

  10. Re:paper ballots by Anonymous Coward · · Score: 1, Interesting

    One advantage is to decrease the undesirability of going to the polls. If you have a slow process, the lines get long. Some people do not vote for the same reason they don't take public transportation or go to the state fair or hang out at the greyhound station: They want to minimize their exposure to the lowest common denominator of humanity. Seriously. If you can make the line to the voting booth shorter, you might have a better chance of attracting voters.

    Another advantage of course, would be to minimize human error in the counting process. Obviously we see the problem with that goal if the mechanical counting process cannot be validated, independently validated, all the way to having the process of testing and validation completely open and subject to intense independent scrutiny.