Slashdot Mirror
E-Voting Glitch: 19,000 Voters, 144,000 Votes
nick_davison writes "The Indianapolis Star is reporting the latest case of 'interesting' E-voting results. Tuesday's Boone County election, using MicroVote software returned 144,000 votes from 19,000 registered voters. After much panicking and tracking down the bug, the actual number of votes turned out as 5,352. With yet another mistake, does anyone still trust closed-source electronic voting?"
Have you tried MacroVote?
"There are more pleasant things to do than beat up people." --Muhammad Ali
I remember at our last national election, the voting was simple - make an X on a ballot and put it in the voting box.
I have to wonder, with all these punch cards, evote, and other problems - why don't they just stick to plain old pen & paper ballots? I mean if you can't figure those out, chances are you'll end up just stuffing your ballot into the funny "circular" ballot box anyways!
...That when they 'fixed' the problem, they did it right. Since they probably didn't want the local county's IT guy to look at the source and fix the problem, there's no guarantee they got it right this time, either.
Cogito ergo sum in Slashdot.
True politics
"If anyone needs me, I'm in the angry dome."
"I probably just put a decimal point in the wrong spot. I always forget some mundane detail..." lol
Personally I like the bit about vote-counting in France. Sounds a lot more advanced (read: secure) than the US way of doing it.
does anyone still trust closed-source electronic voting?
No...
Has anyone ever trusted any kind of voting device? not likely....
Is this how Bush was elected?
Aww. This sounds just like my high school's student council elections.
Oh, fond memories...
Pereant, inquit, qui ante nos nostra dixerunt.
"Confound those who have said our remarks before us."
A lengthy collaboration between the county's information technology director and advisers from the MicroVote software producer ... showed just 5,352 ballots
So an IT director and a number of flunkies have rewritten the results of an election.
How do the good people of Boone County know that the new answer is correct? Because it's less than the number of actual voters? How can they trust the result of that election at all? And why should those too young to vote until next time bother to vote when next time comes around?
Here it is:
#include <stdlib.h>
int main()
{
printf( "%i\n", rand() );
return(0);
}
This would be a great machine, Boss Daly could get back into office without the help of his current constituents... the graveyard vote.
"Ok! Ok! I must have, I must have put a decimal point in the wrong place or something. Sh*t. I always do that. I always mess up some mundane detail."
Depending on your world outlook , it very well could be.
.
If you subscribe to the notion that humanities job is to discover/understand everything it can about our unvirse/life then opensource very well could be the answer to life it self . Or at least part of the solution
What matters is an accurate count. Why oh why is this so difficult? Press a button, tally a vote. Next voter please. Why is this even still being discussed??? Maybe I'm dense, but I just don't get it.
The new Indianapolis Mayor, Richard Daley Jr., said there is nothing to be concerned about. Indiana Governor Martha Daley called to congratulate him on his victory.
Mea navis aericumbens anguillis abundat
And invisible, unaccountable, untrustable computerized voting is the second coming.
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
What is this software, a new module for Sim-Chicago?
When software is used to impliment a matter of law, the public must have an absolute right and need to review such software, even before one speaks of issues of software freedom. We don't make closed source or "secret" laws in this country, ie, laws that effect the public in general, and that the public is not permitted to know or examine, but yet will be held accountable to. We don't have anonymous or secret agencies enforcing laws and arresting people, ie, a secret police force. Yet, for reasons I cannot fathom, we now permit machinary with no public means of review to impliment laws, such as voting. No democracy can exist where voting is a secret or unaccountable process to the public that participates in it.
MicroVote software returned 144,000 votes from 19,000 registered voters.
This is the perfect solution for democrats in the upcoming presidential election.
an ill wind that blows no good
I am thinking about absentee voting for the rest of my life.
Come the revolution, the Bourgeois, Capitalistic, "A PARKING STICKER HOLDERS", will be first against the wall!
This would be a great machine, Boss Daly could get back into office without the help of his current constituents... the graveyard vote.
Isn't that sort of the whole point of this? I mean, the push for e-voting really came on strong from the Administration after the Florida debacle. Stealing a conventional election is messy and results in lowered credibility. Stealing an e-election without a paper trail is much cleaner.
On a completely unrelated note: Did you realize that one of the major party candidates for US president is expected to spend over $100 million dollars of privately raised money on his campaign next year. How good a hacker could 1% of that buy? Do you think you could read up on Diebold enough to make "a difference" next year? We all pretend to be "white hats" doing the right thing in here but let's be honest about it -- the bad guys read Slashdot just as much as the good guys.
Sod that.
With yet another mistake, does anyone trust electronic voting full stop?
(I think that Open Source might be better, but to the majority of voters, electronic voting is the same thing irrespective of how visible the code is - and quite frankly, even with peer review on open coude this sort of bug might still happen)
Avantslash - View Slashdot cleanly on your mobile phone.
I'm just waiting for the first set of votes to come back with either Deep Blue or HAL in the number one spot.
Sure MicroVote will say that it wasn't their fault. 10 trillion voters obviously wanted a computer run US.
Lets be honest even their website looks like 8th rate programming.
VENI, VIDI, VICI, DIXI
So 19,000 voters produced 144,000 votes. That's obviously an error, and was caught and corrected. What you really need to worry about are the little errors; if the votes are off by 500 or 1000 how are you going to know?
...
Having an extra 100,000+ votes clearly stands out as an error. I would have been more concerned if it was a small enough number not to be detected, but a big enough number to affect close races.
Millions of eyes makes a bug fucking scary!!!
what causes me more worry are the bugs (features?) in these machines that are known only to a select few. i was hoping that after the elections last week more hue and cry would be made in the mainstream media about these machines by the candidates who lost. that doesn't appear to be forthcoming, though. pity.
Diebold My fave: Be Dildo
MicroVoteMy other Fave: Evict Room
slashdot = SAD SLOTH & SHALL DOS
[Fuck Beta]
o0t!
I mean really, how difficult can this be. Lots of people vote, you add up the totals, we're not talking rocket science here. When was the last time your local ATM machine gave you $1500 instead of the $50 that you asked for. Doesn't happen too often right? Maybe it's because the banks are damned sure they're not going to give their money away. It's a pity the people in charge don't take democracy that seriously.
Skiing? Check out The Independant Skiers Portal
The Amount_paid variable was used where it should have been Vote_Count...
God bless you for posting this truth. Let us all drink the Kool-Aid of open sourcedness.
> advisers from the MicroVote software producer fixed the votes
Aha!! Proof that it is rigged!!
With our new patent-pending macro-vote system, you too can auto-vote most of your constituents in a single mouse click. And you can do it as many times as you want!
Macro-vote, for a macro generation!
Simon.
Physicists get Hadrons!
Exactly. This doesn't need to be turned into a closed versus open argument. The real questions is, "Do we need electronic voting of *any* kind?" Yes, the UI on the voting machines in Florida sucked. The solution to the failure of the public to understand that UI isn't a full scale rush into electronic voting. The UI on an electronic machine can be just as bad as the mechanical ones.
hanging chd's? ;-P
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
"With yet another mistake, does anyone still trust closed-source electronic voting?"
This infers that open source == no mistakes. That's simply not true. It just means that there *may* be less mistakes as theoretically more people look at it. Think SendMail... that's open source, widely used, but that sure has had plenty of "mistakes".
Read reviews of shopping cart software
No paper trail, no way to verify results.
if you think your vote dont count now wait'll they roll these out on a massive scale.
------- "A Communist is just a Socialist with a gun in a hurry" - unknown
However, I did stop homeschooling once I got to fifth grade, and entered the public school system.
think out of the box
I completely agree that closed source is the wrong way to go for such a public venture as voting, but are there any open source products vying for contracts? i mean, we cant really wait around for govt to say "yes, lets use open source universally" if there are no projects out there for them to use.
If there is one out there, then it needs to be pointed out to the govt buyers.
one world | many people
even with peer review on open coude this sort of bug might still happen
But in that case we at least get to see the bug *and* the fix. Now someone has 'fixed' the count and but he could just as well have done that by inserting some hardcoded reasonable looking numbers.
We have had secret laws since 9/11. John Gilmore
has been trying to find out exactly what the rules
are for having to identify yourself before flying
but hasn't had much success.
There have also been attempts to copyright laws
and prevent them from being published. In at least
one case this failed but in some cases
municipalities may not want to fight this and
may not make copies of laws as available (e.g. on
the web) as they would otherwise.
Electronic voting done right in India
So why is this issue even important?
Once it's electronic, whether open source or not, somebody can screw with it. Plus I'm just plain old tired of all the open source zealots. I've totally turned against it as have many of my friends just because of the attitude. But I digress.
As it is, we have paper. Beautiful paper. Something that people can have and hold in sickness and health and can physically count.
Isn't this all just and indictment of the public school system in this country where some stupid fucks aren't intelligent enough to poke a hole in a card or they poke a hole under Bush and said "oh I thought I was voting for Gore." The evil white man rigged the election.
If you can't read or can't poke a fucking hole I don't think you're going to do well electronically either.
Electronic voting now means that some Hitler type can easily take over.
Whether open source or closed source really doesn't matter. It's the review process if anything that will help. The old way is better. People physically have to work it, and unless you can bully all the ballot counters, the numbers should be less likely to be screwed with.
Open-sourcing the voting software is important, but in my opinion, not as important as maintaining separate systems for ballot printing and ballot tabulation.
I wrote about it in this journal entry.
"Lawyers are for sucks."
- Doug McKenzie
"I must have put a decimal point in the wrong place or something."
"Shit. I always do that."
One more thing. Exit polling and all these bullshit projections on TV should be illegal. Nothing like swaying the vote by projecting a landslide and then people not showing up because it doesn't matter any more.
It's inaccurate and makes the newscasters and us look like total fucking fools.
And it can sway an election.
returned 144,000 votes from 19,000 registered voters.
As it seems you'll still be multiplied by 7.578947..... and randomly assigned to one of the choices;oPP
1. No sig. 2. ???? 3. Profit!!!
With yet another mistake, does anyone trust electronic voting full stop?
Or as some of the American Electorate might say; "with yet another mistake does anyone trust voting full stop". I think the source of the problem is the perception by various interests in the US that there is some form of money to be made in these systems. This is wrong. Get the _process_ of electronic voting designed right (I mean imagine the first elections back in the year dot. All those who vote for Trevor stand to the left, all those for Dave to the right, all those for Ug, um well, you just stand where you are... No dave, stop killing the people voting for Trevor... What do you mean you don't want to vote for Ug, well ok then you just stand over there... No I don't care who you want to vote for they're not here. Oh fuck it, this is too hard). Then the implementation simply becomes a question of reducing cost. There is no "marginal" profit to be had and as such there is almost no way that private enterprise can fund the development of these systems better than the state. The argument for free software systems is equally persuasive.
Then there is the deployment of the hardware/infrastructure to actually deliver the voting functionality to the electorate (and that is something that can get better and better over time as well). It is very expensive and the only benefits compared to the counting of paper votes are accuracy and cost savings (for get speed, it's not like there is a power vacuum before the result. so what if it takes a few days). If you can give accuracy then get out of the game and the only way to reduce cost is to fund on a cost basis which means the state should fund the system not enterprise.
"The first thing to do when you find yourself in a hole is stop digging."
what they should have done was create test data (about 19,000 fake semi-random votes) and run it through to check for errors...
Comment removed based on user account deletion
Ok, not really.
With yet another mistake, does anyone still trust closed-source electronic voting?
Open source, closed source, it does not matter. Open source is not a cure for solid software development practices, and open source is not a synonym for solid software development practices. Likewise "closed-source" does not equate to poor practices.
One of the strengths of open source is the price. Free software probably means more people are using it than would otherwise, so the software is being tested more, and the pool of people available to fix bugs is also larger. This works for software that is generally useful, but consider voting software. Who is going to install the full voting suite (voting software is much more than a voting terminal) and then hold mock elections in their home? Granted, the importance of such software may bring out more people willing to try the software but you are still relying on people to do this in their leisure time.
The "many eyes" argument is merely a shotgun approach to quality control. What is needed is strong leadership implemeting a plan which includes rigorous and ongoing testing. Open source does not guarantee this any more than closed source guarantees its absence.
The software was released before it was ready. That's obvious. It seems to me that a closed source shop would be theoretically better positioned to meet an immutable deadline (such as an election date). At least when you own your employees you can mandate overtime and crack the whip harder. When the software is open source you cannot enter "crunch mode" and make the scattered developers put in long hours.
The fault was not in the development model but in the failure of the project leadership.
They can deliver even on none Diebold equipment. Cool, W will win again.
E-Voting Glitch: 19,000 Voters, 144,000 Votes
I hate the word "glitch", I really do.
It's an evasion, a pathetic euphemism.
What it really means is "bad programming", "fucked up", "profoundly fucked up", etc.
-kgj
-kgj
Perhaps someone should suggest using the Slashdot poll for elections. Everyone trusts that.
Oh, wait, do we really want CowboyNeal voted in every time?!
What is the ridiculuous complexity making these things so easy to fcuk up?
Combine it perhaps with a bar code scanner so that every individual can have a street bar code. Add a few simple checks like no more bar codes are counted for a paricular street than were issued.
I still don't see where this becomes a complex task compared to existing systems. Most of the components needed to build a system already existing.
Some one please tell me what I am missing.
As for the open source/free software issue. Perhaps the solution is that the requirements for the system should be published so that anyone can right something to conform. (Oh that's like having open standards).
When software is used to implement a matter of law, the public must have an absolute right and need to review such software
Excellent point. The need for public oversight suggests a modified open source development process and secure traceable binaries. Perhaps we might call this model "exposed source" because the code would be publicly accessible but not publicly modifiable.
I wonder if the FEC (Federal Election Commission) needs to setup a CVS repository to hold voting machine source code. The source would be publicly read-only. Any proposed changes for any reason would need to go through a review process including public and professional scrutiny. Binaries for actual machines would only be compiled for this heavily-reviewed source.
Because of the potential for OS-level vote tampering, the OS of the machines would also need to be provided on an exposed source basis. The single-purpose duty of a voting machine suggests that the machines don't need a large OS - perhaps one that is suitable for running the UI of a medical device would be sufficient. A bit more problematic is the central-office software and OS for totalling all the votes. This heavier system would need to be exposed source too.
Competing makers of the machines might be upset about exposing their vote tally and OS code to public scrutiny, but this would be the price of playing in a very public arena. Machine developers should not be too worried, though. The fact that the source is 100% public means that you could easily see if your competitor had copied you.
Two wrongs don't make a right, but three lefts do.
Quality of code and open vs closed source have nothing to do with each other. There is plenty of crap open source code out there.
Boone county is just south of the county in Indiana I grew up in. It has always been a bedroom community of Indianapolis, full of mindless liberals with too much money and not enough common sense. Hell, with only 19,000 registered voters, you would think that if the old way of counting votes was working, why fix it? Another example of early adopters of technology just because it is 'new' or 'cool' getting burned.....
CMDRTACO CHECK YOUR EMAIL!
We don't want to have to pay someone to tally all the votes.
If your vote is so important to why don't volunteers count the votes? Several states, Texas example, require a human readable ballot. Smaller cities may use hand counts. Most large cities use a machine/human readable "scantron" type ballots. They mark the ballots with a permanent ink marker. Marking more than one selection for the same race invalidates only the section of the ballot for that race. IF you notice you made a mistake you can get a fresh ballot. The spoiled ballot is destroyed while you watch. Observers from all parties can watch the election judges (the people that issue the ballots, destroy the miss-marked ballots and watch you put your ballot in the box).
In Europe and Canada most countries require a paper ballot. They limit the number of voters assigned to each polling place so the votes can be counted and certified within a few hours of the close of the polls. Usually they have next day official results. It does require lots of people to complete the process but most are volunteers.
Yes, this issue does again raise the question of "how can you trust institution X in situation Y". The choices are you either trust institution X (and, for the record, I count "the open source movement" as an institution) for data / product Z, or you do it yourself. The big trouble is, if you take this thinking seriously, you can't trust *anything* that you don't experience, and if you go really nuts you don't even trust your experience because you could live in the Matrix. I think we can all agree that's not very constructive.
If you think the voting machines need work, then you should just start your own company to make a voting machine. Offer an alternative, don't just yap about what's there.
"The only way to really ensure something gets done the way you want is to do it yourself. Assuming you don't change your mind, of course."
"There are a dozen opinions on a matter until you know the truth. Then there is only one." - CS Lewis (paraprhase)
testing is the issue.
Obviously missed the bug in testing - therefore the testing wasn't adequate.
This is one this I like about the extreme programming methodogies, it expounds testing to start with. Like security, it shouldn't be bolt on the the whole development process, but an integral part.
just my 2 pence worth...
Hehe!
This is a lovely coincidence.
Last night, thinking about how to explain the concept of "open source" to a judge (we're in a small legal case, my company), I had exactly this idea: open source software is like open source laws. It's a metaphor that is entirely clear and meaningful. Of course people don't have to read the source code in order to use the product, but when you need to know what's going on, it's the only way you can be sure of your facts.
Thanks for your comment, it is an excellent one.
Ceci n'est pas une signature
Yeah, sorry about that. I *meant* to only vote once, but I accidently voted 139,000 times. You know how sometimes you only *mean* to single-click, but instead you double click? It was like that. My bad...it won't happen again.
We don't have a state-run media we have a media-run state.
Comment removed based on user account deletion
They are still counting the votes in California ...
We don't make closed source or "secret" laws in this country, ie, laws that effect the public in general, and that the public is not permitted to know or examine, but yet will be held accountable to. We don't have anonymous or secret agencies enforcing laws and arresting people, ie, a secret police force.
True -- we don't have Star Chambers.
But we do have "Black Budgets" -- many billions of dollars for covert military/spook purposes, approved by small Congressional committees, the details of which are hidden from Congress at large and from the public. In other words, closed-source spending.
-kgj
-kgj
E-Ballot E-Stuffing. Perhaps there will be an E-vestigation of the E-pplication to look for signs of E-Tampering.
Imagine if you weren't allowed to use roads because a bus company complained about your driving 3 times. --skunkpussy
With yet another mistake, does anyone still trust closed-source electronic voting?
What about the programs running inside of jetliners and air traffic control systems? NASAs programs? The programs running heating and cooling systems where you work? Running the fuel injector in your car? In your PCs BIOS? On the server of any company that lets you buy things via internet? Inside credit card validation boxes? Odds are you never think about these things, but e-voting is a high profile thing to harp on at the moment.
This has nothing to do with open vs. closed source. It has everything to do with bad engineering practices on the part of the e-voting companies.
Where I vote, they seem to have the ideal solution. Voter takes the ballot, draws a line in a box next to the candidate, inserts the ballot into a small machine no bigger than a suitcase. The machine stores all the ballots inside of it. At the end of the night, the machine prints out the results on a piece of register tape. If there is ever a question about their accuracy, you have paper ballots to refer to.
<a href="http://www.joblessjimmy.com">Work is dumb and so is Jobless Jimmy.</a>
RP
"With yet another mistake, does anyone still trust closed-source electronic voting?"
If they reject it, it probably won't be in favor of Open Source software. The way I see it, odds are that people will reject electronic voting entirely, if they are convinced that there's a significant problem. For those who aren't computer literate, it won't matter whether it's closed or open source software, because they would be unable to read the source code anyways. Those people, if convinced that closed source software is inherently unsuitable for the task, will likely demand that we revert back to manual or optical systems, because they can understand those.
As I recall, there was a Mark Twain quote that went something like this: "We should be careful not to take too much from a lesson. A cat who sits on a hot plate and is burned will never again sit on a hot plate, and that is good; but she will never again sit on a cold one, either." (Puddin'head Wilson's calendar, if my faulty excuse for a memory serves...).
Just my $83.25 ($.02 after applicable liscense fees, taxes, levies, and surcharges),
Shimatta
...even those who put their deepest faith in "close-source voting software" as the key to their political career, must be shocked.
45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
Get off the open/closed source debate already. If you use electronic voting, you open the door to electronic voting fraud. Open source is helpful in this regard, but not as effective as keeping to paper voting. Think about it. You can pay people to commit fraud anyway, but the cost goes up with number of votes altered/subtituted/whatever. With electronic voting, one guy can automate the fraud process with much greater effect. You raise the efficiency of the fraud as well as the voting.
People will argue the supposed cost and efficiency advantages of e-voting. Think about the cost of counting YOUR ONE VOTE and compare that to what YOU PAY IN TAXES each year - then tell me it's expensive. It's been working fine for over 200 years, there is little to gain from changing and everything to lose.
You're right about that. If I were going to hire sorcs, then dammit I'd hire them right here in America.
SQUEAK, the Death of Rats explained.
When the software is open source you cannot enter "crunch mode" and make the scattered developers put in long hours.
It's possible to have paid developers working on open source software, you know.
The number 144000 has a great significance in many religions/beliefs.
Google on 144000
Personally I think that Judgement Day is nigh and that the AntiChrist will use an evoting machine to gain control of the world.
Or perhaps not.
Dubya did have a majority of the votes. It was 5 to 4.
Reminds me of that story (by Asimov?) about an interstellar war in which the losing side was defeated by its *own* superior technology. (Their new spacewarp drive fouled up the radios and they were cut to pieces before they could regroup.)
I said many times that the old lever machines were better. Best UI of any vote-gathering system I ever saw, easier to debug, and way harder to screw up. Luckily this failure was so enormous that it was obvious. I wonder how many aren't?
Electronic voting seems to appeal to ease of use and remote voting, if there ever should come a day when that should happen. With that, the politicians, who decide on a particular voting schema, decide this on the basis of electronics will get the younger population out there, and hopefully get more voters. It's quite a bad premise to automate everything. Perhaps, finally, a downfall in technology at the moment.
But my take is - go back to filling in those bubbled circles on scantron or whatever was once used in your local voting district. Technology doesn't need to be integrated into everything. If we rush and integrate it into everything... well, with electronic voting and mis-counts such as this, we're looking at losing a voting democratic nation. Okay, I will correct myself in stating - we'll lose our appearance of a voting democratic nation.
It looked like they used this machine to scan it: www.essvote.com
Very clean. The number of votes was called in and double checked against the smart card inside which connects by modem. Results 20 minutes after the polls closed and a paper trail if needed. Great stuff.
everyone musta been out voting...early and often.
My problem? I was perfectly gruntled, until some numbnuts came by and dissed me.
Even with a 100% open source solution, you have no real way (as a voter) of knowing that the code you reviewed is the code that is actually used.
I am TheRaven on Soylent News
With yet another mistake, does anyone still trust closed-source electronic voting?
Isn't this what they call... "FUD"?
What should anybody expect from a company that offers "The Infinity Voting Panel"?
Is there really any open source software available that could perform this task? Everyone's always talking about rigged closed-source voting machines...is there an open alternative that's up to snuff for use?
Each case you cite may very well have bugs or errors, but those problems rightly belong to the corporations that sold the product and their customers.
Voting is not a consumer/industrial issue. It is the exercise of legal rights of citizens and ultimately the direction the country takes. Reducing this to "bad engineering practices" belittles the importance of voting in a democracy.
Depending solely on corporations who view issues as purely commercial issues is the problem.
There's a point to be made here.
The fact of the matter is that open source software will do very little to help the issue of the untrustworthiness of electronic voting.
Simply put, being able to read the source code does you no good if you can't be sure that the binary that the voting machine is running was compiled from that code.
With a Linux distro, if I for some reason suspect Red Hat may be compiling back doors into xdm or login, I can go somewhere else. If I don't trust anybody, I can compile the damn thing myself and put it on my computer.
These machines, open source or not, are going to be provided by a company like Diebold. Do you trust them, even if they have to give you a copy of some source code which may or may not be the source code that they used in their voting machines? Are you going to be able to browse the source code on the very voting machine you're using? Are you going to be given the compiler flags used to create the binary so you can re-create it yourself, and access to the voting machine's disk so you can compare them?
It is necessary that any electronic voting system be open source, as a matter of duty to the public. It is not, however, sufficient.
The enemies of Democracy are
It's possible to have paid developers working on open source software, you know.
Yes, I know. I tried to think of a way it would work in this situation. I don't think a company would pay developers just to make that software available to competitors. The government could do it, but at what level? Maybe the best thing is to have the federal government pay for the development of a paperless voting system. That brings up a new set of concerns though...
Well, a number of years ago I got $50 from an ATM in California that *never* got debited from my account, and despite the existence of a paper record that I'd done so, the bank utterly refused to believe this had happened. (That bank has since gone under; funny coincidence, that.)
ATMs are generally "secure" primarily because they operate on a fully-closed network, there's massive cross-checking, and interaction with users is very strictly limited. And they're still only "generally" secure...
"My strength is as the strength of ten men, for I am wired to the eyeballs on espresso."
The software was released before it was ready. That's obvious. It seems to me that a closed source shop would be theoretically better positioned to meet an immutable deadline (such as an election date). At least when you own your employees you can mandate overtime and crack the whip harder. When the software is open source you cannot enter "crunch mode" and make the scattered developers put in long hours.
You have a naive view of software development if you think that anyone, open or closed source, can be made to meet an immutable deadline without some kind of tradeoff. Either the code ships when feature and quality goals are met, or one of those things is slipped. In general the process cannot be speeded up if the team is already working at full efficiency.
Open source is not a cure for solid software development practices
And "Preview" is not a cure for poor proofreading skills. I meant, of course, open source is not a cure for *poor* software development practices...
I voted last month and here we are handed a paper ballot
and a marker and just connect an arrow for the
candidate that we want to vote for. Then we take
the ballot to an election official who directs us
to just feed it into a machine. If there are any
problems reading the ballot they are immediately found.
Since the original ballot is on paper there is
a record to go back to for any manual recounts.
I don't understand why more don't use it.
Are you totally blind or what ? Of course in an electronic voting system, what's to fear isn't a bug (it will be fixed anyway) but a deliberate result skewing. Open sourcing a system means it's harder to introduce a backdoor. Way harder even, if the process is correctly designed and implemented. Closed source systems *guarantees* that nearly no one except paid developers will see what happens. That's frightening - when you love democraty, that is.
I think that closed software/hardware solutions need to be declared unconstitutional. If we can't trust that the results are accurate, we risk our democracy.
I also agree with the people that say you need to have a paper trail...
I'm an Indiana voter, and the most recent elections in my county (Tippecanoe County, encompassing Purdue University) were a complete disaster. Yes, we can thank our good pal Diebold.
1 1l ocal_news1068529632.shtml
I went to vote at 7:00 am after the polls had been open for an hour and was turned away because of "computer problems." Apparently one of the "pick X candidates for city council" votes was not allowing a voter to pick multiple candidates. Our election board had to print up paper ballots at the last minute, delaying the opening of the polls for about two hours. When I finally got a chance to vote, it was the good-old-fashioned way: checking off candidates pen and paper, and counted by hand.
Okay, shame on us for not having a backup in place in case the computer screwed up. But the computer shouldn't have screwed up in the first place. Testing, people?
Elsewhere in our county, first the machine neglected to tally absentee ballots in a very close race. Then it was discovered that one of the voting stations put the wrong candidates on the ballot, which may lead to a special run-off election.
http://www.lafayettejc.com/news20031111/2003111
Ceci n'est pas une pipe.
There was a minor fault in the vote rigging module. It's since been corrected. Move along, nothing to see here.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
I would hope that any company that supplied software for something like counting votes would have to provide evidence of a complete testing procedure that would catch problems like this.
I mean, automated testing of a voting system can't be hard. Build yourself a little network of voting machines in the office, write a bunch of scripts that enter a certain pattern of votes and ensure the correct results come out the other end. Make sure your scripts perform a wide range of possible voting patterns, and do all the 'odd' things your users might do (try to vote twice, mash the keypad with their palm etc).
Or am I being terribly naive about the way the software industry does things?
Open source, closed source -- it does matter. The same "strong leadership" and ongoing testing you call for can be performed on either; the "many eyes" argument is a supplement, not a replacement. It is neither necessary nor sufficient for making a system secure, but it is beneficial, and that's enough.
All of these arguments against open source are spurious because they're actually aimed at "free software", which is not the same thing. The main problem with open source software from a business standpoint is that anyone can copy it and conceal the fact afterwards; however, if all election software were required to be open source, this problem would be much reduced. Intellectual property law would still apply, and violations would be readily apparent.
It's not just that 19000 voters produced 144000 votes; it's that 19000 voters produced 5352 BALLOTS that produced 144000 votes.
Obviously, this was intended as the Chicago or Baldwin release of the software.
//Information does not want to be free; it wants to breed.
>We don't make closed source or "secret" laws in
>this country, ie, laws that effect the public
>in general, and that the public is not
>permitted to know or examine, but yet will be
>held accountable to. We don't have anonymous or
>secret agencies enforcing laws and arresting
>people, ie, a secret police force.
are you serious? two words my friend: Patriot. Act.
get your memory checked now: http://www.thememoryhole.org
Mayor Daily is probably asking "What's the Problem? Don't you always vote seventy times in an election?"
It's good to use your head, but not as a battering ram.
...if you think that anyone, open or closed source, can be made to meet an immutable deadline without some kind of tradeoff
I never claimed there would not be any tradeoffs, nor do I agree that quality must suffer. That's a topic for another day. In reality there are times when longer hours are called for. My point was only that it is easier to work paid employees longer than unpaid employees.
What does that have to do with it? I'm not comfortable with electronic voting. There's enough fraud as it is. Turning the system over to computers that may (and have shown to) have vulnerabilities is crazy at this point. No one seems to have a foolproof method on either side, though the bubble type is pretty good. I can live with the small percentage of bad counts. I think optical scanners are less than 3%. This may sound like alot, but given that many votes are thrown out completely in states where those amounts wouldn't effect the outcome of an election, someone is going to lose a vote anyway.
oo 00 "The Infinity Voting Panel" (tm.) 00 oo a photo: is here.
Love Music? Got a Band? Are you a Label? http://garageradio.com
How on earth can this voting software be so buggy??? I mean, why dont they just load up like, Mozilla and do a freaking web pole or something?!?!?!
Kiss my shiny metal ass
I think if someone does not accept George W. Bush as their president they should take their stupid, unpatriotic slime out of America! They should take their treachery somewhere like Australia....
"Oh SJ, you don't know anything about compootars! E-Voting is t3h futur3!" they say? Well I guess not.
E-voting is blatantly stupid. It's trying to solve problems that don't need multi-million dollar automation projects with multi-million dollar projects. If you've got problems with chads, don't use chads. Instead of complicated voting machines, give the voters a pencil and a piece of paper with the names of the candidates, and a box to check off the person they want to vote for. It's how we did things here in the last election, it's secret, and you don't have to debug a horribly complex process just to figure out how many people voted. Even better, it's a lot harder to tamper with a piece of paper with a big "X" on it than it is to alter a packet, or swap voting software for a hacked alternative, or do one of a thousand things that computer security experts fear.
I swear, people need to stop thinking that "High Tech" is an answer to all, or even most, of lifes problems. Tools have their place, and sometimes the old ways are the best ways.
It's been a long time.
Or "You vote for me once, shame on... shame on you... You voted for me--why not vote again?"
Imagine if you were elected President, and two years into your term some hacker found a bug that had changed the result of the election. Your administration would be undermined big time. You could claim the bug got there by accident and you acted in good faith, but not everybody is going to believe you. The Al Frankens (if you are Republican) and Sean Hannitys (if you're a Democrat) would have a field day. What would we do about this? New elections (if that's constitutional)? This isn't an argument for closed source, ignorance isn't bliss, not with so much potential for abuse. But it's an issue we need to deal with.
Well, think of it this way:
Private company gets contract to provide voting solutions. Private company decides upon OSS. Private company spends $MILLIONS that it gets in producing the software/hardware combo, but at the same time releases sofftware to the "community" to go through. While not everyone is going to be able to setup voting suites for mock elections (indeed, think about hardware differences.. chances are you're not going to be using your uberl33t dual Athlon in a voting machine with touch screens and what not), it does provide opportunities for outside developers (fresh sets of eyes) to find bugs that your regular developers just miss. It happens.
While OSS is not the end-all-be-all approach to everything, I'd certainly be more comfortable if the software being used to choose the leaders of my community/country is open for audit. The big question then would be ensuring that that software is actually the software being run on the machines (I mean, what good is it to have "bug-free" software if someone installs a trojaned version?).
I do agree, though, the geek community doesn't lend itself to centralized development very well (there are exceptions), the phrase "herding cats" comes to mind. In that, you do need a central party calling the shots, the problem is that even with one, you can still churn out a shitty product.. (Personally, I'd say someone like Bruce Perens would make an outstanding leader for such a company/project and he could make himself some money to boot.)
If you were me, you'd be good lookin'. - six string samurai
Open sourcing a system means it's harder to introduce a backdoor.
How about this: open sourcing means it's easier to introduce a back door. Consider the development teams. On one hand you have a larger pool of anonymous developers (unless you require some sort of ID check), some of whom may have an interest in subverting the voting process. The code is being reviewed by people who are anonymous (unless you require some sort of ID check) and may have an interest in subverting the voting process. The people are all doing work on the software as an avocation.
On the other hand you have a company with leadership pushing the company to be successful and you have a paid staff who are dependant on the company's success. There is accountability (civil, criminal, or just plain losing your job).
Sorry guys, I fell asleep on the submit button again...
"Love is like pi - natural, irrational, and very important." (Lisa Hoffman)
> We don't have anonymous or secret agencies enforcing laws and arresting people, ie, a secret police force.
Yes, as a matter of fact, in the U.S.A., we do have this.
And it's so much easier when you can rig an election.
Actually proof that /. moderation is rigged. Read the article and compare that line. It should have been moderated +1 funny....
You act as if you can't pay people to write open source code.
No I don't. I just didn't address that topic. Tell me, who should pay?
I think that closed software/hardware solutions need to be declared unconstitutional. If we can't trust that the results are accurate...
Closed source does not equal untrustworthy any more than open source equals trustworthy. Rigorous testing is necessary, as is a reliable audit trail.
we risk our democracy
We're actually a republic, but I agree with your point that trustworthy results are paramount. My stance is that no one development paradigm will inherently produce more reliable software than another.
When the software is open source you cannot enter "crunch mode" and make the scattered developers put in long hours.
Yes you can. Open source does not necessarily = scattered development. You can have a dedicated staff of paid developers, manage them however you want, make them put in long hours, whatever. Then you can release their work product as open source for public review.
"Who is going to install the full voting suite (voting software is much more than a voting terminal) and then hold mock elections in their home?"
Anyone with an interest in making sure that the voting process is secure -- universities, public interest groups, etc. Security analysts would scour the system in order to compete to issue their reports for their clients. Academics would scour the system for their research/publication. The same organizations that are so critical of the closed source voting systems organizations would audit the system. Heck -- look at the level of inspection that the leaked voting system code and documentation have received so far--no closed source project receives that kinda of effort outside of NASA. And, of course, any organization that holds formal votes (schools, churches, unions, etc.) could also use the system, which would both be an additional benefit (free system for them to use) and more users to flush out problems.
Of course, this all misses the most fundamental point -- voting is a critical function of the government, and must be performed in a transparent and auditable manner in order for people to trust it. Given the long and varied history of people committing voter fraud, there's no reason to think that people would _not_ attempt to manipulate the system. And with a system that can't be audited, doesn't support manual recounts, etc., there's no reason for anyone to trust it.
"The fault was not in the development model but in the failure of the project leadership."
The fault is in election boards allowing themselves to be hoodwinked by a bunch of sleazy opportunists chasing the $4B that the government has committed to updating the voting infrastructure. The closed source development model simply allows those bozos to conceal their shoddy workmanship.
Enable 3D printed prosthetics!
It is quite legal for governmental institutions and representatives to lie as part of their duties. So how can anyone tell if anything they say is the truth?
Not good for democracy, I suspect.
I like pen and paper. It at least takes longer to fake results.
Now i'm not trying to troll, but how hard can it be to create a system that COUNTS? Counting was something I was taught in kindergarten. Granted the voting process can be a little complicated. But you use a simple database. You have an authorization database with the restered voters. You have a couple fields that get filled in when they vote(who they voted for, what time, etc). You dont let them vote twice. That creates an audit trail. THen you also have it increment the database with the canidates. How much harder can it be? The user logs in, pushes the picture/name of the canidate on the touch screen, verify their selection, and their done. If I am missing anything please let me know.
all election software were required to be open source, this problem would be much reduced
That's an interesting idea. How about this? Require that all election software source code be given to the government?
I wasn't arguing against open source or free software; I was arguing that the software being closed source is not why the results turned out as they did.
You do, however, have copyrighted laws. Laws where you have to pay the company that wrote them, before you can have a look at them.
I'm not joking. I think it's not even uncommon with laws that apply f.e. to the building industry.
I'm unsure whether there are any agreements on the price or whether it's possible to enforce a NDA.
I mean,its not like responding to an event and incrementing a variable takes that much programming skill. The only reason these machines are having these problems is becase they are designed to allow people to rig elections. At best, its simply bad programming but I don't believe that.
How about this: open sourcing means it's easier to introduce a back door. Consider the development teams. On one hand you have a larger pool of anonymous developers
You seem to miss the point about the discussion here. The whole opensource argument has nothing to do whith who builds the software and in what way. It's like we whould like everybody and it's cat to contribute fancy features to a voting system.
The point is that, in a democracy, the people should be able to verify the correctness of the voting. It's good enough, IMHO, if it's all done by a commercial company, as long as they show their code for testing and review by the public and proof that's the code that's actually running on the voting machines. They can copyright it, even patent it, just give the public a change to verify it.
I simply cannot trust some binary in some black box machine to count votes in a correct and fair manner.
Don't tell me open source softwares are always bug-free. If an open source voting software has a glitch during an election, it will cause as much panic as a closed source solution. The vast majority of software bugs are not planted by malicious software engineers, they are caused by oversights on behalf of human designers, engineers, and testers. Open source softwares are still developed by humans, hence will contain mistakes. I'm not against open source, but I'm turned off by the arrogant attitude of some open source zealots.
They should have those guys over at www.pollmonkey.com design a voting system for them. Instead of MicroVote...they can call it MonkeyVote :)
Number one I order you to take a number two!
Why does it matter what the source says - the ballots should be printed out on standard form from the e-voting machine. Vote, print the ballots out, done.
If the electronic number doesn't verify, scan or count the paper ballots by hand.
"Maybe the best thing is to have the federal government pay for the development of a paperless voting system. That brings up a new set of concerns though..."
What concerns? If the government issues a grant to, say, a university to develop software that achieves the spec (securely collect votes, auditable, etc.), and the result is open sourced, I'm not too worried about whether the government might perfer a particular election result.. they'd have to affect the NSF (or whoever) to affect the university to affect the developers, and then nobody inspecting the source would notice...
Enable 3D printed prosthetics!
Machines crashing while the polls were open
Central collection point jammed with call-in traffic (understandable)
Machine inflates count almost 30 times the actual figure.
Alright, I give up. Let us at least try to put a positive spin on this issue. Were there any elections that didn't have problems when using the new electronic voting systems? And what was the ratio of non-problematic electronic voting to problematic electronic voting? I'd say that if more than half of the electronic voting machines had problems, the manufacturer should be sued. I'd advocate a lawsuit to get out from under any contracts that may exist for the installation and maintenance of this equipment.
An aside: Does anyone know whether or not computer scientists had any input at all on the design of these beasts? If not, then what a terrible waste of good talent. I don't know, maybe I'm wrong there, because I still think an electronic voting machine wouldn't be very complicated to design.
Fred
"A fool and his freedom are soon parted"
-RMS
But, your argument would equally argue that secret laws are just as good as public laws, as long as "strong leadership" is exercised to implement them.
This way (naive belief that the overlords always and only do good) lies the police state...
"open sourcing means it's easier to introduce a back door."
Open source doesn't mean that everyone can freely contribute code. Look at the Linux or BSD projects, for example. Anyone can read the code, and can make their own branch, but only a fairly rigorous process of code review and debate by well known and trusted people can get code into the project.
Enable 3D printed prosthetics!
Over at MicroVote they have a page for news about the company and its product at, http://www.microvote.com/html/news.htm
I bet this item will get pushed down the MicroVote memory hole in a hurry and if any effort is put into it, it will be by the PR and Marketing departments.
Had this been a free software, GNU style project this event would at least become a permanent record for others to learn from but a private company is motivated to hide the whole thing and make sure nobody ever hears about it again.
"Software that is essential to freedom must be free."
Those are airline rules. The people working at the counter just didn't know that and blamed them on someone else when he asked. Take off the tin-foil hat.
I think if they were in the American electorate they'd say "with yet another mistake does anyone trust voting period".
My summary, slightly modified but same basic idea: 1) select candidate from touch screen; 2) computer prints barcoded ballot with your selections printed; 3) you verify and re-insert paper ballot; 4) ballot scanned to ensure match; 5) matching ballot saved. Voila - accurate counts and an audit trail.
mt
(It's called ironic understatement.)
Yup.
"The glitch that can be named is not the true glitch."
-kgj
-kgj
Back in the days when votes were counted by hand {or today, in countries where they stil are} the whole process was transparent.
If your country uses electronic voting, you should write to your representative and point out the necessity of opening up the process. Specifically, the need for the public to be able to examine mechanical drawings and software source code. Public scrutiny over the democratic process is more important than any corporate secret.
Je fume. Tu fumes. Nous fûmes!
a fairly rigorous process of code review and debate by well known and trusted people can get code into the project
Yes, but this is still less rigorous than the hiring process.
Lisa: "Do you realize what this means?" Bart: "The dead are rising and voting Republican?"
Technology Consulting & Free Downloads
I don't see the problem, this is a perfectly normal voting turnout in Chicago.
Look, I'm a technophile, but I cannot comprehend why there is such a push for these closed e-voting systems which have been shown unequivocally to be fundamentally flawed. I'll take hanging chads over this garbage any day.
Liberal (adj.): Free from bigotry; open to progress; tolerant of others.
I don't agree with your reasoning.
One of the reasons why many people place more faith in open-source code-review & testing is because there is no way to control the distribution of the source code, therefore there is no easy way for any particular group of people to control who is doing the testing, in order to set up a conspiracy like you are describing.
Indeed, it would be much easier in the hierarchical command structure of a typical corporation for a small group of people in the right positions with the same agenda to control the development & information flows relating to a product to make sure that it was perceived how they wanted it to.
As far as "leadership pushing the company to be successful and you have a paid staff who are dependant on the company's success", I think you are either trolling and/or have a really rosy (and unrealistic) viewpoint of typical corporate goals. The company will be a success if they make money. A lot of companies have demonstrated that the highest profit margins are _not_ made by making the highest-quality equipment.
In addition, if the company (or somebody in the company) is offered a _lot_ of money to make sure their machines vote the way the buyer wants them to, then in a closed-development situation, there isn't any easy way for the users (the public) to check that something illegal isn't being performed.
Of course, in reality, just because the source code is open, doesn't mean that the machines will work as designed - there's nothing that would stop a crooked company from using something different in the voting machine than the so-called source code which they open to the public. For full auditing, _all_ the development for such machines, including all of the hardware, has to be open to poking & prodding by testers who have no connection to the company, and who have a desire to find any incorrect behavior of the machines.
That's just gross, a thousand times over.
Tim
Fortunately, MicroVote is an also-ran (Loser, in political terms) with a handful of customers in a handful of states within a couple hundred miles of where they're based. Boone County is probably now thanking the wisdom of choosing an unproven local company for such a "simple" task.
Speaking as an industry insider, though, counting votes really isn't simple. It's damn tough. In about 99.999% of the screw-ups you hear about, the ultimate cause is human error on the part of election workers. Any computer can take an int (which starts out as a correct count) and ++ it correctly pretty much 100% of the time.
Here's one example of a problem inherent in counting votes, though. You can't count 5 million paper ballots on one machine capable of 300 ballots/minute. So you use multiple machines, and you have to combine results. Any time you combine results, you have users who occasionally forget to add the totals from one machine or mistakenly add the totals from another machine twice. Sure, you can build in a safeguard that indicates an error if results from one machine are brought in a second time, but it's about as effective as "Are you sure you want to delete this file?" People want updates every 30 minutes, they want projections...
Forget about Open Source vs. Proprietary. It's hard enough to get things right when you're trying. There are more opportunities for error than any of you probably realize. That's why there is extensive testing with sample ballots in the days before an actual election to verify that the machines are counting properly.
You start with defining all the election information -- did you spell that candidate's name correctly? Was she classified with the correct party? Is that contest appropriate for these precincts, or is it only for the 25 Green Party members in this neighborhood? Don't forget to print each 1/4 of the ballots with a different ordering of the 4 candidates so as to avoid positional bias! I've seen 100 different ballot styles used in a precinct with only a few thousand registered voters...and then the counts must be combined up to a national contest level.
You have potential PostScript errors, printer errors with ballots printed out of spec for the scanners, too few ballots printed, poll workers not showing up, ballots soaked by rain, ballots misplaced by inexperienced volunteers...
And then you have to deal with a candidate either added to the ballot or removed from the ballot at the last minute (literally!). You've already gone through the lengthy, week-long process of validating the counting of all the different ballots in different machines, and now you have 24 hours to change something.
Actually, the best is when some judge decides two days before an election that the way some votes are counted in certain circumstances is illegal and must be changed. The machine firmware was independently examined, tested, and certified months in advance, and now it must be changed with hours to go before an actual election. There's no arguing with the Judicial System!
So tell me counting votes accurately and reliably is simple. I think I'll ignore you and keep working on removing all the instances of "Bush" hardcoded in this tabulator firmware... (that's a fscking joke!)
Are you going to tell me that some ivory-tower egg head (Homer Simpson says it best) hasn't come up with a highly reliable computerized voting architecture based around public/private keys, solutions to the Byzantine Generals Problem, and other distributed algorithms?
It seems like our technology, properly applied, should be able to result in a voting system that is more reliable than the old fashion pen/paper methods. I am sure no matter what, there is always a case for fraud, but if the system is distributed enough, then to rig all of the votes should require someone to comprimise hundreds of distributed nodes throughout the nation.
In other words, make the computer based voting at least as hard to hack as the pen/paper method, and the benefit is not an increase in reliability as much as an increase in efficiency.
I actually believe that having them closed source is a good idea and that having them open source would make things worse on many fronts. Keeping the source closed would make it much harder for the system to be hacked. Also it allows for more competition since it would keep people from being able to copy code very easily. Despite this I'm not against having a federal review process that looks at the code before it decides to buy the machines just to make sure it isn't doing stupid things like using Access databases.
Boone County, Indiana doesn't matter anyway. Hell, the whole state of Indiana doesn't even matter...
It amazes me that even with all this wonderful technology we still can't count correctly. Why is this so difficult? I can understand that making them secure would be hard, but simple math!?!?
"A coward dies a thousand deaths, the brave but one."
In Brazil, it's some 5 years we use electronic votes...
Last election, 120million votes, 3 days, no glitch...
I mean, how hard it is to make a program that works correctly? If we can write a program that has one vote for each person, how hard can that be?
how long until
So I assume a hot fix was applied to the problem. No where in the (too short) article does it state that the fix was certified prior to the recount.
putting the 'B' in LGBTQ+
Fine. I will take this troll.
I don't think the author or anyone else is saying "choose OSS because it's bug free". I believe the point to be made is that Open-source can be inspected by anyone since it's available to the public.
I for one do not trust proprietary software for voting. Government should be transparent and so should the software used to elect those buffoons into office.
And I will go so far to say that not only should the software be OSS. I should be able to download the voting data and run my own analysis of the past election.
Whoa, whoa, whoa, whoa, whoa, whoa, whoa, whoa, whoa, whoa, whoa, whoa. Lois, this isn't my Batman glass. - Peter
Please someone out there help me restore my faith in humanity and tell me that there are some GOOD e-voting solutions out there. It seems like every week we have another story about the horrendous problems with yet another solution. Does anyone know of any e-voting systems that work and are secure? So far it sounds like every one out there in use was architected and written as part of a 6th grade programming project. I know there has to be some smart people out there putting out solid systems, where are they? Please tell me!
Perhaps the code was specifically designed to simulate the actual counting process..
or some silly programmer implemented the 1 for you 2 for me algorithm=)
How Now Brown Cow
Your comments are partially insightful and partially misguided.
Yes, you are correct, open source is not going to automatically make the software more reliable. The article poster was wrong to make that implication.
And no, open-source (alone) is not the silver bullet. For example, it's entirely possible (open source/closed source - it doesn't matter) for the actual assembler of the machines to inject a back door into the software (just before compiling to the machines). Such a back door wouldn't appear in the source code repositories, but it would still break the election. There has to be other security checks (physical security, monitoring) and balances in place.
However, you're wrong to assume that software with a deadline must mean the software has to be closed source. Just make a contract for deliverable software with the requirement that the software be released to public domain. Pay the contractors incentives to be on time. Pretty simple, isn't it? This is what's done with public constructions like bridges, so it's not anything new (the contractors don't get to "own" the bridge).
Furthermore, a deadline for election software cannot be immutable -- for the same reason that you cannot have software for a medical machine have immutable deadlines: it's too important to screw up. If the software isn't working just about damn perfectly by the election time, then don't use it. Period.
But the primary reason for open sourced election software is not to create more solid software - that's where you (and the poster) are completely missing the point.
The fact is that no single closed-source company can provide trustworthy election software. There's too many incentives ($$$) to release buggy software and try to cover your ass afterward. With open-source election software, that's not possible, because any party can check to see if you messed up.
This is not even mentioning companies that have a political bias. The potential for confict of interest is just to great for any one closed-source company.
Sure, you could try and create a system of multiple closed-source companies (one to create the election system, one to create software to verify the election results), but in the end, the best (and simplest) system is to demand that the election software be in the public domain for everyone's view.
Does open source automatically mean better software? No it doesn't. Is open-source mandatory for a public election system? Yes, absolutely.
When you cheat an ATM machine, the ATM machine owner loses money. When you cheat an electronic voting machine, the machine owner may have no stake in the results or may even be benefitted by your action.
When an ATM machine cheats you, you know it, often immediately. When a voting machine cheats you, in a secret ballot system with the simplistic unauditable voting machines we use now, you never find out.
144,000 is a reference to the book of Revelation.
'This American Life' had a great story on Sunday about voting machines, specifically about Diebold's. The theme of the show was The Annoying Gap Between Theory and Practice. The show is supposed to be coming out in RA on Thursday here. /.'ers would probably enjoy listening to it.
:)
Basically they talked about electronic voting and some of its (many) drawbacks. Most
For anyone who doesn't know about 'This American Life', basically they are short stories (about 3-4 per show) revolving around a certain theme. The stories are real life stories from ordinary people in America. Many of the stories are funny, some are sad, and almost all of them are thought provoking. I'd highly recommend listening to a show or two.
And no, I'm not affiliated with the show. Just an avid listener
-- The Genesis project? What's that?
...to seeing Bush re-elected with a 2 billion vote majority.
Opus: the Swiss army knife of audio codec
Open source, closed source, it does not matter. Open source is not a cure for solid software development practices, and open source is not a synonym for solid software development practices. Likewise "closed-source" does not equate to poor practices.
Of course. One argument for open source is the ability to trust the system, that there's no attempts to swing the vote in any way in the code. Would you trust companies buying politicians already to run the election on a system you can't check?
That said, even with source code available, you'd still have the problem of how to trust that the code being run is what you see... Also, these standards need to be applied to the rest of the system, from CPU and up if you want to be completely paranoid...
In the end, paper is just simpler, and you can keep physical evidence of how the election happened.
Bottom line is, it doesn't matter a damn if you review the code, if somewhere along the line some bent policitian or programmer can waltz in afterwards and rewrite the results.
2. A false or spurious electronic signal caused by a brief, unwanted surge of electric power.
THAT was the original definition. Unfortunately the term has been hijacked by computer programmers to mean something slightly different, and that usage is now the most common one. It's too bad, because the word "glitch" used to have a very specific and useful meaning. It should NOT be a general term for a fuckup.
Right you are. Now I'm twice as disgruntled -- !
-kgj
-kgj
And I concur, it works very well.
The number of persons who would have to cheat to change a vote is high (at least four volunteers, plus the "overseers" from each parties and from the municipality); in addition, the "paper trail" remains behind to allow recounts.
And in presidential elections (with something like forty or fifty million potential voters, so big if not quite US-scale), projections accurate to the % are available the minute the polls close.
It's only drawback is that it require a non-ridiculous number of volunteers, who are (rightly, IMHO) not remunerated.
What do you know about World Politic? Find out in this quiz
How hard could it possibly be to design a voting system, for chrissakes????? There must be a HUGE glitch in the programming if it can't even do a row count.
144,000 / 5,352 is almost 27. If 27 candidates were running, your theory would probably be correct. However, it means that it wasn't some random hard to find bug, but a very obvious bug that would be noticed on the first test run, so I doubt this is the case. At least, I hope the people writing our voting software test it...
It's nothing but crumpled porno and Ayn Rand.
You got it wrong. Open-source doesn't mean Linux-style development. You can have a company-regulated project, but still open to the citizens wishing to peek at the code.
Voting procedure to be followed by every voter to authenticate open-source software on the voting machine:
/vote/src ./configure
% cd
% md5sum *
(user then checks md5sums of each source file against expected values published by independent code reviewers before the election)
%
% make depend
% make
% make install
% vote
Oops, this relies on the md5sum program not being faked, and on there not being any backdoors in the compiler. So we're back to square 1.
That should help Bush to steal another election.
It is necessary that any electronic voting system be open source
Then why do you refer to it as Kool-Aid?
I mean, I agree with your comment 100%, but I disagree with the subject line.
Most cash registers do the same thing. Yet, apparently and inexplicably, the current electronic voting systems don't have such a thing even as a backup. Why is this so complicated? The problem has been solved for at least 50 years: everytime someone votes, you print out "12:47PM|Pres:Gore|VP:Lieberman|Ballot4755:No" or whatever on a piece of paper tape. You could even setup the paper tape with a bar code if you wanted to be able to read it automatically, while still preserving an audit trail that was human readable.
Geesh, some people will never learn that low-tech is sometimes the way to go, and that most problems with high-tech can be overcome with the judicious application of paper and ink.
"He who would learn astronomy, and other recondite arts, let him go elsewhere. " -- John Calvin, commenting on Genesis 1
"You can't prove you voted with the mob."
You are absolutely right, for normal "go into the little booth with the curtain" voting. Every voter has deniability about how they voted.
But absentee ballots have no such protection.
The main thing is that there should always be a paper receipt as backup. When you go to the ATM you get a receipt, when you use your credit card, you get a receipt. When you vote electronically, a matching receipt should be printed, signed by the voter, and retained in a locked ballot box. The receipts in the ballot box can then be counted if there is a question about the electronic results.
I think we need to consider keeping the ability to match voters to ballots in order to reduce the chance of ballot-box stuffing (either electronic or physical). Of course safeguards would need to put in place to restrict and prevent the abuse of knowledge about how someone voted. For example, after a certain amount of time, all ballots should be destroyed, etc.
Hi, im Mexican. Youre probably wondering why would someone start a comment like that, but actually it has a lot to do with the issue. You see, Mexicans know, first hand, what electoral fraud is. We practically invented it and perfected it through 30 years of mass electoral fraud.
//And, in this newer case, //uncomment to get the latest behaviour // //votecounter.add_seq(seq(25,000,number.random/NOR M));
By 1994 we (well, not we, the assholes who did it) had refined the techniques to the point that dead people got to vote.
Now, to the point. Todays mexican electoral system is the most technologically advanced in the world. Our voting card is one of the most secure documents that exist of their class, and the votes are openly and transparently counted, on the naked eye of people from all parties at least a couple of times.
Now, thats expensive! you say, its better to have eVoting cause its much cheaper!
Well, it may be so, but then again your president stole the election because his bro fiddled arround a bit with a couple of classic "shaving" (thats what we call this kind of fraud) of the voting lists in florida.
Now, i find it sad that the modern craddle of democracy (post industrial revolution at least) and the people that conform it are just numb about all this facts, numb about their electoral system being fiddled with be it electronic or just classicly tampered with.
Participative democracy is whence the citizens directly get involved in policy making, either by representation of a non-goverment association, by direct lobbying with their congressmen or simply by participating actively in the policy decition making process.
Cant u see guys? Youve been framed. And now you have wifi enabled voting boxes that are voting for you, and the powers that be are so incredibly stupid they cant even make a vote counting software (come the fuck on, the slashdot poll is probably harder to do than that), and americans are not scandalized about it. You guys are NUMB, youve been taken advantage of, you have people destroying the 'cool' factor of america by removing your freedoms.
Okay, maybe americans are right not to be so paranoid. Id probably wouldnt be as well if i was there and i get it, i mean, who would be so bad as to abuse this kind of glitches. Its an almost impossible thought.
But nay, nay i say, if you dont see the florida thing in your presidential election as the first abuse of the ingenuity that so calssically defines american people, you shurely cannot see the danger, the sheer danger your country is to being abused by evildoers.
I dont know, its an opinion. I got voted down for ofering the code snippet for the eVote Boxes in florida once. Here it is again:
if(vote.for('gore'))
{
vote.set('bush');
}
votecounter.add(vote);
NO SIG
I can't help but think your sig would be funnier if it were something along the lines of
...guaranteed what? See the problem? It's got potential for humor, but it's just not there yet.
Guaranteed Insightful!*
*Insightful not a guarantee.
As it is, your sig says your comment is Guaranteed.
Reminds me of the Gabbo episode of the Simpsons...
Krusty: If you watch my show, I'll send you a check for....FOURTY DOLLARS!
Announcer: (Softly and rushed) Checks will not be honored.
Your mare would never fake voting results, no matter, paper or electronic, proprietary or open source!
"With yet another mistake, does anyone still trust closed-source electronic voting?"
As if open-source would 'just make it better'. Get real. It is a software project like any other.
Why not get started with a dual-method voting system. Those that trust the electronic method as of currently can go electronic, those that trust paper can go paper.
In the end, you can go with electronic once it catches on and becomes more secure... but why not at least have paper for backup? If a voting machine goes down, break out the pencils and pulped-dead-trees... you aren't supposed to play with machines once voting has started anyways.
I wont trust ANY voting machine that doesn't produce a long-term, auditable paper trail. Furthermore, NO voting machine should have ANY connection to any network by any means. It should be absolutely standalone. No wireless card, no ethernet, NO MODEMS. Nothing. At no time should there be any connection to any network...at least once the certification and voting process starts.
Unless you are using generic parts, rather than secret propriatory hardware, I still wouldn't even trust open source voteware (one of two major reasons for a requirement for a printed, auditable paper trail)...how do I know that the OS being audited/certified is TRULY the only software installed and involved in the vote process. Perhaps when you are doing a test or certification, you, the certifier, only has access to a fully OSS os. Perhaps there exists intentional backdoors built in to the hardware/software such that an actual vote gets altered while test votes don't.
Even if that isn't a real issue, bits DO get flipped no matter whether software is OSS or not. There ARE random glitches. There ARE bugs. A printout that can be checked against what the voter INTENDED and then used for recount sidesteps spurious data errors in volatile memory.
No more nonsense about secret ballot counting by corporations either. The vote doesn't belong to any company, no matter whether their software was used to collect the vote or not. The votes themselves, and the final tallies, belong to the PEOPLE. The PEOPLE (duly appointed representatives) should be the only people involved in vote tallying. It is unacceptable, for instance, that a Senator's vote machine company should be the sole entity to count votes, ESPECIALLY IN A CAMPAIGN IN WHICH THAT SENATOR WAS COMPETING!
There is too much wrong with e-voting to make a go of it. Until it is SUBSTANTIALLY altered and fixed, it has no place in elections in what is supposed to be the "model" democracy in the world (the late, great USA, pre-GWBush).
In Bushworld, they struggle to keep church and state separate in Iraq as they increasingly merge the two in America.
To me, the issue is all about how to make EVERYONE - even those who we disagree with - trust the outcome of the vote as something that fairly reflects the intent of the voters.
Toward this end:
Right now, electronic touch-screen voting meets none of these criteria. So, it simply should not be used, especially closed-source code. Why is there even a question about it?
Third-party verification should be possible, so that recounts can be done multiple times by different people/parties/agencies.
We should be able to trust the voting system so that we can mistrust administrators and politicians. The voting system has got to reflect the intent of voters, and voters must trust the outcome.
I'm guessing you live in Hamilton, Ontario?
Someday, you're going to die. Get over it.
We sure do. http://www.abovetopsecret.com/pages/agencies.html
My guess is that the 23% of voters who actually voted here each cast around 20 votes.
Hopefully, no one cast more than one ballot.
No, it's not. People lie on their resumes, their applications, lie about their skill sets, their experience. A good interviewee can cram himself full of polished answers to interviewers, and look quite good. A good lie can foil even the best of managers and HR.
Think about the motivation. People would lie, to get a job, to keep a job. Would obfsucate code, might even deliberately break it. It's in the money. 'Hiring' someone has no advantages over someone working on a non-commerical open-source project, except you can fire them. Oh wait, managers of open source projects can choose not to accept code and discontinue a person's work on a project. Just like firing someone.
I've not heard of people lying to get commit rights to open source software projects; contribution is encouraged. Both the other contributors and the read-only public can immediately tell if Joe Q Programmer's code is crappy or not. If he doesn't contribute to the desired standards, BOOT.
If we combine these two worlds, we can get commerical open-source projects. Employeers get what they want, employees get what they want, and the public can serve as the ultimate bug-finder and peer-review. And judging from the number of bugzillas, sourceforge projects and code-related security advisories with patches, I'd say it working fine.
What came before the Big Bang? Hum, it must have outside of time...
How would the polling center staff know that the bar-coded slip went with the ID presented?
The only reason anyone cares about doing computerized voting is because the companies that make voting machines want us to care. After the 2000 debacle, Diebold and others jumped on the opportunity to tell us how screwed up our voting system is and that voting with their crappy Windows CE and Access database would somehow solve the problem. The problems surrounding Florida and the 2000 election really had little to do with dangling chads and more to do with voter fraud and disenfranchisement. More about disenfranchised voters here and here.
The corporations that seek to make millions upon millions of dollars selling computerized voting machines are feeding our cultural desire for everything to be fast and computerized. They know we don't want to wait two or three days to have all the votes tallied by volunteers - that's just backwards. We need to use computers to do all that counting because that's what computers do well - counting that is. As usual we are solving the wrong problem with the wrong solution. There is no reason we can't vote with pencil and paper and have our votes counted and with proper exit polling we would know the winner of the horse race the same day. In a close race the results may not be certain for a couple of days, is that so aweful to wait 2 or 3 days to find out the winner and be certain he/she is in fact the winner.
We are so fickle in this country and have such a short attention span that we become easy prey for the corporations that seek to make millions and millions of dollars selling districts these inferior voting machines/computers that simply don't work and seem to invite fraud. Can we have a healthy democracy if we don't have a voting system that is accurate and can be trusted? I don't understand people who so quickly toss democracy into the gutter for the sake of convenience or a false sense of security, I think it's insulting to all the men and women who have died to protect our democracy. Let's get the voting process right in this country or we are going to be in serious trouble very quickly. All the people that were pissed after the 2000 debacle may not just sit on their hands next time and so oh well.
Read more about this topic here here and here. This is a serious problem that we can't just sit by and watch play itself out - get involved.
LoRider
Judging from the last Quebec referendum, quite a lot. Volunteers counted the ballots, and most of them were honest, but the few of them who were not exclueded ballots differently depending on the vote.
Hmmm, there is an obvious X on the no side, but it is 0.01 degrees out of center, so the ballot is spoiled. Ahhh, there is no X but there is a faint mark on the yes side, obviously we must allow the intent of the voter to rule, it's a YES.
Then you have Germany in the 1930s. OK, it wasn't really a democracy, the political parties all had private armies/street gangs intimidating voters, but they followed some of the forms. Hitler lost the first election, but his brownshirts used invisible ink to identify people who voted against him. After much intimidation Hitler did much better in subsequent elections, and voter turnout was much lower.
Of course there is still a question as to whether electronic voting will solve or exacerbate the above problems.
You got me into this! You were the ideologue! I'm only a poor assassin! - Twenty evocations, Bruce Sterling
Anti-Bush flamebait usually gets modded up on Slashdot. Taco must have put Diebold in charge of handing out the mod points.
I tried to think of a way it would work in this situation. I don't think a company would pay developers just to make that software available to competitors.
http://www.mozilla.org
I love the Subject. OSS zealots, like myself, tend to miss the point from time to time.
What people need to realize here is that technology does NOT always solve a problem. Even if it appears to solve the problem it may create numerous other problems. Why put the election results into the hands of a few campaign-funding corporations? Our government has a history of setting up phony elections to install leaders in other countries, why make it easy to do so here. Read here or here. You can argue that Michael Moore is a wacko, he isn't, but history often has a way of telling us the truth behind the rhetoric.
LoRider
The real question is, does anybody still trust electronic voting? There are plenty of things that are better left in their traditional forms, and voting is one of them. Any data that is collected and stored digitally and networked is inherantly vulnerable to data loss or alteration, intentional and accidential. There is really very little that is (or can go) wrong with the traditional voting system where you write down the number of your candidate and insert it into the ballot, note that I'm not talking about the press-and-guess method used at Florida. Tell me again, why do we really need electronic voting?
You said: No I don't. I just didn't address that topic.
I think you did address it. You said:
In that paragraph, you are clearly linking open/closed source to being able to pay people, and thus "crack the whip" to meet deadlines, or not. I don't believe open/closed dictates anything about how the software gets written. It dictates who owns the software once it is written. I think it should be owned by the taxpayers who paid for it, and open to scrutiny by them.>Tell me, who should pay?
The same people who are paying for proprietary solutions now! The government bodies who are paying Diebold and other companies to create propriatary e-vote solutions.
Again, I have to disagree with you. The issue is not just quality assurance. It is a question of trust. In a closed source situation, we all have to trust the manufacturer that they did not put in trogan horses, etc. With open source, anyone, including the common citizen, can verify the operation of the software. He can scrutinize it, test it, and even verify that the binary that HE builds is the same as the binary running on the actual voting machine.That's my issue - I don't want to have to trust that a corporation, or some employee of that corporation, doesn't have an agenda that includes tampering with votes.
There are still ways to spoof with open source, so I still want a paper trail. But I think open source makes it that much more difficult to launch an attack on an election. Right now, it appears to be laughably easy, and that makes me very very nervous.
I've not heard of people lying to get commit rights to open source software projects
Sure, who wants to sabotage PHPMyAdmin? But the voting software used in the US? That's a different story...
Building codes aren't closed-source, but they can be copyrighted. Slashdot ran a story about this in 2001. Some company writes a section of the law, and if you want to read it, you have to pay. Many cities/states can't post their own building codes on the internet because they're copyrighted.
This isn't quite the same thing as a closed source law, but don't just assume all the laws are freely available for anyone to read.
Remember the days when Republicans were the party of fiscal responsibility?
It always surprises me on /. to read so many geeks afraid by e-voting. Should it not be the opposite ?
:
Banks trust electronic payments and ATM to be accurate to the last cent. Why could e-voting not also be that accurate ?
I am a Swiss citizen and we are used to vote between 4 and 8 times a year. The attendance rates are usually low, due to the high frequency of voting.
Switzerland has already made some small scale trials and is considering applying e-voting (via Internet, SMS) at larger (state, federal) levels.
The expected benefits are
- Higher turnrate (especially by young voters)
- Reduced costs (less people needed to man physical voting booth)
Tha last benefit is important, because it would allow more voting sessions at the same cost, so more democracy.
Of course, the swiss people are used to voting and are confident that the authorities will handle the voting process in a fair way. I do not see that the US citizens have such confidence, so maybe the USA will be ready for e-voting by the next century.
hmm,
Vote Early, Vote often?
Let's face it - voting is dead - all elections will go to the guys with the money, the oil, or the guns...
I am suprised they just don't put the government offices on eBay - and sell it to the highest bidder...
at least that would be honest!
Even if you compile it yourself, it may not be free of trojans. See the following link Reflections on Trusting Trust by Dennis Ritchie.
Since I'm personally not going to review any open-source voting code, I don't see why I should trust OSS voting sw either. Why should I believe it's any better given all the bugs in OSS software? The only solution is to have the machines produce a paper trail that can be counted independently for verification.
"even with peer review on open coude this sort of bug might still happen"
...
Witness NASA missing Mars cause of a conversion error. I love that story, cause if they can screw up, any coder can
What is needed is open results -- a voting machine that stores its tallies in a form that can be independently verified. For example, paper. Have the machine print out a piece of paper in nice friendly letters that says "You voted for [foo]." Keep all the papers in a box. At randomly selected polling places, count up all the papers and see if the tally matches the machine. Or skip the machine's tally, and just use the papers. Or skip the machine, and just use a pen --
Sorry, that's crazy talk. But you see what I mean.
>> With yet another mistake, does anyone
>> still trust closed-source electronic voting?
What mistake?
Removing unwashed semiilliterates
from the political loop
can't be a bad thing.
Kudos to the political-electoral-industrial complex for finally putting
right-thinking adults in charge of the world's one and only superpower!
Jail that Soros communist agitator!
Bomb Iran (or was it Iraq? Whatever. Both.)
And buy MSFT & SCOC stock gift certificates for Christmas!
banned for good reason?
You might want to do a little research on why ballots are secret, and what happens to voters when you give them receipts that show how they voted.
Hint: bullies hanging around the polling place can now verify that you voted the way they told you to.
And, no, that's not paranoia. That's US history.
Clear, Dark Skies
In what sense? I still remember the Philly Inquirer doing an article on how to hack a mechanical voting machine. favorite part: using a torch to remelt the lead seal so no one would notice that you "preinitialized" the vote count.
Clear, Dark Skies
The people who staff the polling booths and count the vote are unpaid volunteers.
Maybe you would know this if you had any awareness of the actual process.
the fear isn't so much that there will be subtle minor mistakes, but that there will be intentional manipulation of votes.
Why wouldn't it be possible to just modify ATM software to do voting and reporting instead of monetary transactions. They are already touchscreen/button operated. Many even have GUI's now. They are portable. They are already secure.
Voters could simply receive a voter card and voter pin, and use it just like an atm card/pin. You vote, it prints a receipt for you, and a log of the transaction inside of the machine. Transmission of the vote to some centralized/semi-centralized location is immediate. Current Talley inquiries can be instantaneous.
Why bother with reinventing the wheel when all of the elements already exist in a commodity form.
no no you got that all wrong. We don't want the open source community to write the code...we just want the code to be open to public review and scrutiny. weirdo.
exactly. The real problems are legal and regulatory in nature. The software might collect and tally the votes perfectly, but if Diebold is dialing up remotely and performing "end runs" in the database between the collecting and the tallying,then we have a problem. It's a matter of security. You gotta look at the potential points of attack. They would theoretically embed a chip in the machine, so that the source code for collecting and tally is perfect, but another, undocumented routine, running on a ROM they didn't tell anyone about is manipulating the results. Don't think this isn't possible, we are talking about millions and millions of dollars going into these elections.
I shouldn't have to point this out, but if an error is small enough to not be detected, it will probably not be detected.
Chances are that small errors are more common than big ones, so there could easily be plenty of these erroneous results going undetected.
Sounds like the Cheney/Bush software company just started producing code. To win the election this time by popular vote!!! Or is it a matter of "Vote early and Vote often!"
I think its a sign of the end of the world. I mean really 144,000 saved(Rev. 7:4 I think). Now I just have to go take the place of one the people that is saved and Im as good as goold B-)
But can I borrow 100 bucks...
Banks trust electronic payments and ATM to be accurate to the last cent. Why could e-voting not also be that accurate ?
Of course e-voting could be that accurate. The problem is that Banks have an obsessive interest in keeping their numbers straight. They're obsessed with money. However, those who exert influence over political voting systems are obssessed with power, and keeping the numbers straight is exactly the sort of thing which can often prevent the acquisition of power.
-FL
Yep. You pretty much have to do that. People in North America, (that's Canadians, too!), have been trained not to respond unless made to feel special first.
The fact that it's true, helps, although I'd cough soundly at the idea that this was the first time this sort of abuse has been perpetrated!
-FL
The actual balloting and counters are almost the simplest computer program you could write and are equally trivial to test. It's got to be the special code that gets run on election day that is problematic.
Ok, I've been thinking about this each time a /. article comes up about electronic voting machines. Here is what is needed at a minimum:
Have a printed copy that is stored in the voting maching. Make it be like a calculator/cash register roll of paper, but have it not physically accessable to the voter, just visible.
You would vote on the screen, and on the right it would print your vote so you could verify that the machine was recording accurately how you voted. Perhaps in an abbreviated format like:
"AA," "BB," and "CC" are the initialize of the canditates this example voted for (use 3 initials or 2 initials an a number or whatever for uniqueness), and Yes to Measure 1 and 2, No to Measure 3. It would display this summary off to the right of the main graphical display, and perhaps at each graphical display you had to say "CONFIRM" before it would print and "finalize" the vote.
It would only move forward, so you couldn't see the previous voters votes.
From here, someone who is intent on rigging an election still has the same power to do so as someone with a classic ballot: the could diddle the data and print out matching paper tape rolls to match.
An extra nice feature, but not required: Once you were thru all the voting screens, it should print you a copy to keep that has a history of your voting. An md5 hash that used your name + voting choices should be included.
-Is that Awareness determines the outcome of your experienced reality.
Okay, it's Qunatum Theory with the Fantastic Lad twist. .
All there is are lessons. As such, in the best interest of efficiency, there is no need to duplicate experiences. Being fully cogniscent of a possible outcome, planning and imagining it in full detail in your mind is often enough to complete the lesson without the need for the physical manifestation. As such, you will experience some variation of events you did not prepare for.
Ever wonder why the conversation with that girl/boy you like never goes the way you hoped? Or why worst case scenarios you fret over never seem to unfold? Or more the point, why you sometimes are able to prevent disaster with subtle actions taken on an instinct?
This is why it is important to NOT believe the lies. --The lies told by the Bush administration are warm and fuzzy lies, and if you believe them and embrace them and imagine them, then they have no need to happen. --They will happen in some other reality where they are unexpected outcomes. In this reality, where so many people expect outcomes to be warm and fuzzy, we are ripe for being hit with extremely miserable turns of events.
Look at the reality people hoped for in Iraq. "The war is expected to last for only 10 weeks." "The Iraqis are joyful of their liberators." "We will find many Weapons of Mass Destruction." Etc.
The interesting truth of guys like me is that we spit and scream about the ugliness which is unfolding. We even make predictions, (and will continue to do so), and if we are lucky, if enough people start to become aware, then those possibilities become unglued. They do not happen.
Diebold is such an example. Enough people are becomming aware, and see? The Diebold threat is beginning to unravel. If the pressure is kept up, then perhaps that battle will be won in this war. But the pressure must be kept up.
Awareness!
-FL
A Candidate receive 4096 extra vote more likely because cosmic ray can change the value of a bit.
For more information about voting in Belgium (electronic and traditional).
More information about Belgium e-voting on PourEVA.be
Don't let the computer/expert control the election. Information for Belgium in french: http://www.poureva.be/
"Sure, who wants to sabotage PHPMyAdmin? But the voting software used in the US? That's a different story..."
I would hope that since voting is such a sensitive issue, it would be managed as tightly as the Linux and BSD kernel projects, where only well known, trusted people can check code into the project, and all code must be thoroughly reviewed by a whole team of people before it can be considered for checkin.
Enable 3D printed prosthetics!
How often do your programs fuck up "arr[i]++;" ?
I'm aware of this.
I believe it was Tannenbaum (saw it in Jargon File, but can't find it now, so I could be wrong) who put a back door into the original Unix login. Of course since the code to login was available, anyone could find and remove the back door. So he altered the compiler so that it would detect that it was compiling login, and insert the backdoor. Of course the code to the compiler was available, so to hide that he made the compiler recognize when it was compiling itself, and insert the backdoor-generator into itself. Once that's done, he could safetly remove the backdoor code from cc and login, and the backdoor would simply silently propagate.
Unless you build your computer yourself out of discreet components (or your handy "Mr. Silicon Fab") you have to at some point trust something.
Oh, and that article was written by Ken Thompson, not Ritche.
Okay, and now that I read it, he is describing exactly the hack I mentioned. And he describes it as something he did himself, which means I was wrong about it being Tannenbaum.
The enemies of Democracy are
Welfare is essentially vote buying with the governments money. The candidate gets votes because he promises certain people money
"We have got to make Stan understand the importance of voting, because he'll definitely vote for our guy." - South Park
Because the problem is not a lack of trust in closed-source. It's a lack of trust in the providers of the systems. Diebold and MicroVote and whoever else could distribute the source code tomorrow without changing my trust (or rather lack thereof) on bit.
That's what I'm saying. Open source is better, but is not a panacea and in fact does not address this issue of trust at all. Those who believe that it is a panacea (the tagline "anyone still trust closed source?" implies that not-closed should be trustworthy) are wrong and will only be given a false sense of security by an open source voting system.
That's why I call it Kool Aid.
The enemies of Democracy are
Welfare is essentially vote buying with the governments money. The candidate gets votes because he promises certain people money
Pandering is nothing new, and campaign promises are often (usually) forgotten. Vote buying is completely different in that the voter receives a cash payment upon proof of the *correct* vote, which would lead to the rich winning any election they wanted to pay for. Our current system makes vote buying unlikely at best.
You know what is even more odd is that 144000 is one of those special numbers. In the book of Revelation there are 144,000 people sealed with the mark of God:
7:4 And I heard the number of them which were sealed: and there were
sealed an hundred and forty and four thousand of all the tribes of the
children of Israel.
Apprently some apocalyptic cults and the Jehovah's Witnesses take this to men that onlt 144,000 people will be allowed into paradise. At any rate, it is odd that they came to that particular number. Is this perhaps a sign of the apocolypse or an obscure programmer's joke?
The same people that pay for voting systems now will pay for them later. They are purchased from private companies who employ people to write the software.
Rigorous testing of the closed-source code in use consists of the company that made it saying it good. There is no way for anyone else to test it without very expensive test runs to simulate real elections (and if the company that made it is the one that prepares it for elections, then most tests are done in a manner that would still allow fraud). Rigor can be much more easily achieved with multiple simultaneous tests and inspections that you could expect if the code was publicly visible.
We are a democracy and a republic. There are a number of places in the US where people can draft and enact laws without any intervention by the legislatures. The federal government may be solely a republic, though.
My stance is that no development paradigm will inherently produce more reliable software than another, but one will encourage outright fraud, and the other will discourage it.
It's not all about whether the software does what it is intended to do by the programmers, but also what the programmers intended it to do.
Learn to love Alaska
How hard is it to implement
?I don't think it's a matter of open- or closed-source (although I'd feel better about it being open), but, my God!, how hard is it to take basic imput and tally it?
Aren't these companies bonded? If they are selling a voting system to the government and atesting to its accuracy, they should be fined BIG TIME if their quality control is so bad.
Give me a break. Complex programs are written and used all the time without this sort of cock-up (Banking industry, computerized slot machines, auto-pilot software). For a company to produce and sell [relatively] simple software like this and have the "glitches" they do borders on criminal negligence and stupidity!
Am I wrong in thinking that you could assign this project to a class of undergrads and have a tighter, more accurate system?
"terrorism" and "pedophilia" are the root passwords to the Constitution
In the race for Boone County Dog Catcher:
Jim Brewer: 2,890
Deborah Thomas: 2462
George W. Bush: 138,648
One might ask the same about birds. What ARE birds? We just don't know.
I'd trust closed-source voting before I'd trust open-source where a potential exploiter can easliy scan the code finding and exploiting bugs. Though I don't see how it can be so hard to design a secure voting system. You wouldn't want it to run on anything more than the most basic kernel though, so the best idea is probably to use a simple proprietary OS. And you could architect the thing so that it only runs some sort of registered instructions. Also, the whole thing would have to be closed-circuit obviously.
Clear, Dark Skies
Since an outsider can't tell from your number which way you voted.
But I still didn't know they did that. Thanks for the info.
Clear, Dark Skies
To my mind, the problem that these computers were meant to solve was the production of legible, non-ambiguous, easily tallied ballots that accurately reflect the voter's intentions in the booth.
I see a computer terminal that is very straightforward and relatively low tech. All this terminal does is display the choices, record the user's input, and spit out a chit with the voter's choices displayed in human and machine readable form. These votes could easily be placed through a bubble reader or cross-checked by humans.
This is tech people can understand and verify on the spot before they cast their ballot into the box. Is there really any reason to have that terminal record the votes, tally the votes, and wire the totals to centralized servers? How many points of failure/corruption do we really want here?
"The world is a construct of forceful imagination. Those who don't know walk around in the reailties of those who do"
check it out
Just listen to "The Annoying Gap Between Theory and Practice" audio found on this page.
My no to the question asked at the end couldn't be bold enough.
"The greatest obstacle to discovery is not ignorance - it is the illusion of knowledge." - Daniel Boorstin
Sure, but they have to get the trust of the users *before* they do that, and if they keep coming up with howlers like this, nobody will ever trust them.
Skiing? Check out The Independant Skiers Portal
I really don't know why you Americans are so concerned about the voting system because it really doesn't matter. You only have a choice of one corporate whore over another, and neither can get as far as getting the party nomination without being effectively approved by the vested interests and power brokers who really run your country. Face facts, it really is a choice of Kang or Kodos, the voting system is pure window dressing.
Don't forget, choice is an illusion created by those with power to control those without.
You can't win Darth. If you mod me down, I shall become more powerful than you could possibly imagine
I am not a Open Source fanatic (maybe a bit but with good reasons), but I am glad when I see things like this happening.
We all know the story , the hard thing is convincing these Management people who have no idea about real technology.
i just see this as one use when closed source would be better. same goes for mission critical military, intelligence, and government applications.
Please read Bruce Schneier's Secret's & Lies to understand why this is the antithesis of how things really work.
Schneier provides a good high-level view on security issues and helps explain why security within complex systems requires as many perspectives as possible. He also provides numerous examples of "perfect" closed-source security systems (e.g. DeCSS DVD encryption, broken by a seven-line program), "uncrackable algorithms" broken by trivial attacks and other illustrations.
*scoove*
Mercuri has been interested in electronic voting since the 80's. She put up a web site when she noticed the 2000 Presidential election falling into confusion, and within 15 minutes had a call from the Associated Press - who had found her web site. She has testified before Congress and the U.S. Supreme Court about voting systems.
She devised the Mercuri Method of electronic voting, whereby the electronic voting machine prints a paper ballot for the voter to verify after casting the vote.
I hate call waitin`~+~~~
NO CARRIER
it would be just a way to calm thousands of mindless technically incompetent guys to believe voting system is working