E-Voting Glitch: 19,000 Voters, 144,000 Votes

nick_davison writes "The Indianapolis Star is reporting the latest case of 'interesting' E-voting results. Tuesday's Boone County election, using MicroVote software returned 144,000 votes from 19,000 registered voters. After much panicking and tracking down the bug, the actual number of votes turned out as 5,352. With yet another mistake, does anyone still trust closed-source electronic voting?"

What is wrong with an "X"??

[Mantrid]

I remember at our last national election, the voting was simple - make an X on a ballot and put it in the voting box.

I have to wonder, with all these punch cards, evote, and other problems - why don't they just stick to plain old pen & paper ballots? I mean if you can't figure those out, chances are you'll end up just stuffing your ballot into the funny "circular" ballot box anyways!

Re:What is wrong with an "X"??

[EricWright]

Two reasons:

1) We don't want to have to pay someone to tally all the votes. If its not computerized, someone has to count them all up. When there's around 100 million votes for president, that's a lot of minimum wage hours right there!

2) The US has turned into a nation full of people with a) no patience and b) a very short attention span. We want what we want, and we want it now! And dammit, if other countries can have computerized voting systems, so should we.

My thought is that we should all vote on those bubble sheets that are used for every standardized test given throughout our public school system. Everyone who came through the public schools will be familiar with them, and those that didn't are most likely products of private schools/home schooling and thus smart enough to figure it out!

(Tongue only partially planted in cheek)...

Re:What is wrong with an "X"??

[CaptainZapp]

1) We don't want to have to pay someone to tally all the votes. If its not computerized, someone has to count them all up. When there's around 100 million votes for president, that's a lot of minimum wage hours right there!

So you rather pay voting machine companies some 5'000$ per unit for a glorified Windows CE computer with an Access database that can be hacked by any pimply faced teenager with 100$ worth of computer equipment?

What a bargain

Re:What is wrong with an "X"??

[Detritus]

It doesn't scale to typical American ballots, which can include a huge number of races and questions. You have federal, state, county and city offices. Everything from the President to the dog catcher, plus judges, bond issues, constitutional amendments, referenda, school boards, etc.

Re:What is wrong with an "X"??

[hey!]

2) The US has turned into a nation full of people with a) no patience and b) a very short attention span. We want what we want, and we want it now! And dammit, if other countries can have computerized voting systems, so should we.

Not to rain on your cynicism parade, but quick tallying isn't just a form of political entertainment. The quicker the tally is done, the less opportunity for vote manipulation. In tightly contested elections, it reduces the problem of people forming immovable opinions about who won, and subsequently never accepting the legitimacy of the outcome (e.g. "Not My President").

Of course, speeding up the process of tallying at the expense of clear auditability is to cure the disease by killing the patient.

The answer, then, is optically scannable ballots: tallying as fast as any "voting machine" and auditability as good as any paper ballot.

Personally, if I were to design the system, it would look like this:

(1)Manually filled in ballot, optically scanned;
(2)Tallying machines running off of read only media, recording results to write-once media;
(3) Tallying media, original paper ballots securely stored for a period of several years;
(4)Voters could optionally tear off a bar coded tag from their ballot. They could then go to a specially set up election facility, present their tag and positive ID, then see how their vote was tallied on a secure, private terminal.

This last point will raise some paranoid objections; however I think paranoia cuts both ways in this instance.

Re:What is wrong with an "X"??

[mwood]

"And even if they wern't, it would be putting money back into the economy which is never a bad thing."

Unlike letting us keep our money to spend it on food and shelter -- that doesn't put money back into the economy. No, wait....

Re:What is wrong with an "X"??

[swdunlop]

Right. You simply do it by tweaking the database; much more efficient, and harder to trace with the opaque voting process provided by Diebold, MicroVote and others. One must admire progress, even when it simplifies fraud.

Re:What is wrong with an "X"??

[scrytch]

It doesn't scale to typical American ballots, which can include a huge number of races and questions. You have federal, state, county and city offices. Everything from the President to the dog catcher, plus judges, bond issues, constitutional amendments, referenda, school boards, etc.

How does presenting the ballot questions on a tiny screen reduce the complexity? Here in San Francisco, you use a sharpie to connect a line, then you feed it through an optical scanner, which will give it back to you if there are errors.

Why the hell is something so bloody simple being made so complex? It's not a mission to mars or anything, it's simple data collection.

Re:What is wrong with an "X"??

[Washizu]

"(4)Voters could optionally tear off a bar coded tag from their ballot. They could then go to a specially set up election facility, present their tag and positive ID, then see how their vote was tallied on a secure, private terminal."

I don't agree with #4, because it allows someone to verify they voted a certain way. This would allow the mob or some other coercive organization to pay for your vote, you give them your slip, and then they check the result. Currently, it's pointless to try and influence voters this way since you can't proove you voted with the mob.

Re:What is wrong with an "X"??

[Viking+Coder]

Are you seriously asserting that government spending is always a bad thing?

Re:What is wrong with an "X"??

[Alan+Hicks]

And even if Germany is far smaller than the US it has still a not too small voting population.

I think you're dead on here. E-voting is just a thing politicians use to appear cutting-edge to the public. Pen and paper ballots are reliable, easily understood, and not so slow as to be unusuable. The fact that Germany is a smaller country than the USA in population size doesn't really matter because of the way we vote. Only one official is elected by the nation, the President. He is really elected by the States' elctoral college, who traditionally (though not neccessarily) votes according to the way the members of their States vote. You don't have to count all the ballots for the entire country in one big pile, but rather 51 smaller piles, one for each State and the District of Columbia. I doubt Germany is much smaller than most States.

Re:What is wrong with an "X"??

[WhiteWolf666]

You sound knowledgable, so I won't flame you.

Open source != Open Access

I develop an Open Source application.

I refuse to accept ANY submissions to my application.

Anyone can look at the code that I produce, anyone can use the code that I produce, but. . . .

I don't accept any submissions to my source tree.

Open source is not some magical, collaberative coding software. It is not an Integrated Development Environment.

Its just a license whereby I agree to share my source code with the world.

Re:What is wrong with an "X"??

[danila]

And even if they wern't, it would be putting money back into the economy which is never a bad thing...

This shows a serious lack of understanding of economic theory. Money never leaves the economy. In fact nothing matters less than that. What matters is mostly what people produce. If people spend their time making some cool consumer goods, someone will get to consume these, which is good. If they do some science, it is good because we will learn something. If people spend their time counting votes, this is not good, because less consumer goods will be made and we will not have as much scientific progress as possible. Spending resources on useless things is bad, even though jobs are created and money is returned back into the economy.

Accounting

[lgeezer]

A lengthy collaboration between the county's information technology director and advisers from the MicroVote software producer ... showed just 5,352 ballots
So an IT director and a number of flunkies have rewritten the results of an election.
How do the good people of Boone County know that the new answer is correct? Because it's less than the number of actual voters? How can they trust the result of that election at all? And why should those too young to vote until next time bother to vote when next time comes around?

Closed or Open...it doesn't matter

[billmaly]

What matters is an accurate count. Why oh why is this so difficult? Press a button, tally a vote. Next voter please. Why is this even still being discussed??? Maybe I'm dense, but I just don't get it.

Re:Closed or Open...it doesn't matter

[real_smiff]

It matters because if it's open, and you get a crazy number (like here) you have a chance to see how that happened w/o taking it on faith.

But if it's closed and you get a reasonable number, it could either be right, or it could be a believable but wrong number.

I think this is probably what gets people concerned?

Do we also have close source laws? I think not

[dyfet]

When software is used to impliment a matter of law, the public must have an absolute right and need to review such software, even before one speaks of issues of software freedom. We don't make closed source or "secret" laws in this country, ie, laws that effect the public in general, and that the public is not permitted to know or examine, but yet will be held accountable to. We don't have anonymous or secret agencies enforcing laws and arresting people, ie, a secret police force. Yet, for reasons I cannot fathom, we now permit machinary with no public means of review to impliment laws, such as voting. No democracy can exist where voting is a secret or unaccountable process to the public that participates in it.

Closed source?

[Mr_Silver]

With yet another mistake, does anyone still trust closed-source electronic voting?

Sod that.

With yet another mistake, does anyone trust electronic voting full stop?

(I think that Open Source might be better, but to the majority of voters, electronic voting is the same thing irrespective of how visible the code is - and quite frankly, even with peer review on open coude this sort of bug might still happen)

Ok....

[cybermace5]

So 19,000 voters produced 144,000 votes. That's obviously an error, and was caught and corrected. What you really need to worry about are the little errors; if the votes are off by 500 or 1000 how are you going to know?

This sucks

[Ripplet]

I mean really, how difficult can this be. Lots of people vote, you add up the totals, we're not talking rocket science here. When was the last time your local ATM machine gave you $1500 instead of the $50 that you asked for. Doesn't happen too often right? Maybe it's because the banks are damned sure they're not going to give their money away. It's a pity the people in charge don't take democracy that seriously.

Re:Let's just hope...

[LordBodak]

Yeah, the IT director and the software provider "fixing" the problem is a little bit disconcerting.

Macrovote - a politicians prayer

[Space+cowboy]

With our new patent-pending macro-vote system, you too can auto-vote most of your constituents in a single mouse click. And you can do it as many times as you want!

Macro-vote, for a macro generation!

Simon.

Open Source isn't a cure all

[m00nun1t]

"With yet another mistake, does anyone still trust closed-source electronic voting?"

This infers that open source == no mistakes. That's simply not true. It just means that there *may* be less mistakes as theoretically more people look at it. Think SendMail... that's open source, widely used, but that sure has had plenty of "mistakes".

Re:Open Source isn't a cure all

[vidarh]

No, it infers that with open source anyone who wants to CAN look at it. The number of errors in and in itself is irellevant in the case of a voting application: If there are serious errors, a new election can be held. But with a closed source voting application it is very hard for people who are suspicious about a result independently review the process.

When the results are blatantly wrong, like in this case, we can be sure that an error will be detected and corrected. However what security do we have that the "corrected" number is truly correct? And what if the result had just been skewed a few percent instead of blown out of all proportion?

Your argument is like saying that public access to government documents is inferring that public access == no mistakes. As with oversight of voting, access to public documents are important not because we're guaranteed that it will result in fewer mistakes being made, but because more people, including those not in power, are given opportunities to try to verify that people stick to the rules should they choose to.

Re:Open Source isn't a cure all

[WindBourne]

Acutally, it is not about mistakes, but about being able to catch mistakes and security flaws. It is in a closed source's best interest to pretend that a mistake did not happen (even though it accidentaly changes the election), rather than take the glaring lime light. Finally, in an open society, the election is the one true item that should be fully trusted. That way we do not get equipment manufactuers stating that they will deliver a certain politician.

Re:Open Source isn't a cure all

[Urd]

"This infers that open source == no mistakes."

That is an entirely false deduction.

What open source means in this case is that the public and maybe even more importantly the politicians can assure themselves the voting software doesn't favor one candidate over the others. It doesn't mean there is no mistakes it means anyone can go point them out.

Re:Open Source isn't a cure all

"No, it infers that with open source anyone who wants to CAN look at it."

Who cares is Joe Schmo can see the source? It's not like because these systems are closed that they can't be seen in an audit process which occurs in every voting system. If there ever was a dispute, they could see the source without question.

Re:Closed source?

[AVee]

even with peer review on open coude this sort of bug might still happen

But in that case we at least get to see the bug *and* the fix. Now someone has 'fixed' the count and but he could just as well have done that by inserting some hardcoded reasonable looking numbers.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Open source cures cancer! Film at 11!

[Call+Me+Black+Cloud]

Ok, not really.

With yet another mistake, does anyone still trust closed-source electronic voting?

Open source, closed source, it does not matter. Open source is not a cure for solid software development practices, and open source is not a synonym for solid software development practices. Likewise "closed-source" does not equate to poor practices.

One of the strengths of open source is the price. Free software probably means more people are using it than would otherwise, so the software is being tested more, and the pool of people available to fix bugs is also larger. This works for software that is generally useful, but consider voting software. Who is going to install the full voting suite (voting software is much more than a voting terminal) and then hold mock elections in their home? Granted, the importance of such software may bring out more people willing to try the software but you are still relying on people to do this in their leisure time.

The "many eyes" argument is merely a shotgun approach to quality control. What is needed is strong leadership implemeting a plan which includes rigorous and ongoing testing. Open source does not guarantee this any more than closed source guarantees its absence.

The software was released before it was ready. That's obvious. It seems to me that a closed source shop would be theoretically better positioned to meet an immutable deadline (such as an election date). At least when you own your employees you can mandate overtime and crack the whip harder. When the software is open source you cannot enter "crunch mode" and make the scattered developers put in long hours.

The fault was not in the development model but in the failure of the project leadership.

Glitch = pathetic euphemism

[handy_vandal]

E-Voting Glitch: 19,000 Voters, 144,000 Votes

I hate the word "glitch", I really do.

It's an evasion, a pathetic euphemism.

What it really means is "bad programming", "fucked up", "profoundly fucked up", etc.

-kgj

Over complicated

[PurpleWizard]

How difficult is it to write a system that takes a input selection, submits it to the count and resets ready to take the next vote?

What is the ridiculuous complexity making these things so easy to fcuk up?

Combine it perhaps with a bar code scanner so that every individual can have a street bar code. Add a few simple checks like no more bar codes are counted for a paricular street than were issued.

I still don't see where this becomes a complex task compared to existing systems. Most of the components needed to build a system already existing.

Some one please tell me what I am missing.

As for the open source/free software issue. Perhaps the solution is that the requirements for the system should be published so that anyone can right something to conform. (Oh that's like having open standards).

quality of code

Quality of code and open vs closed source have nothing to do with each other. There is plenty of crap open source code out there.

Re:We don't want to have to pay someone to tally a

[BobBoring]

We don't want to have to pay someone to tally all the votes.

If your vote is so important to why don't volunteers count the votes? Several states, Texas example, require a human readable ballot. Smaller cities may use hand counts. Most large cities use a machine/human readable "scantron" type ballots. They mark the ballots with a permanent ink marker. Marking more than one selection for the same race invalidates only the section of the ballot for that race. IF you notice you made a mistake you can get a fresh ballot. The spoiled ballot is destroyed while you watch. Observers from all parties can watch the election judges (the people that issue the ballots, destroy the miss-marked ballots and watch you put your ballot in the box).

In Europe and Canada most countries require a paper ballot. They limit the number of voters assigned to each polling place so the votes can be counted and certified within a few hours of the close of the polls. Usually they have next day official results. It does require lots of people to complete the process but most are volunteers.

Don't trust any of it

[gr8_phk]

"With yet another mistake, does anyone still trust closed-source electronic voting?".

Get off the open/closed source debate already. If you use electronic voting, you open the door to electronic voting fraud. Open source is helpful in this regard, but not as effective as keeping to paper voting. Think about it. You can pay people to commit fraud anyway, but the cost goes up with number of votes altered/subtituted/whatever. With electronic voting, one guy can automate the fraud process with much greater effect. You raise the efficiency of the fraud as well as the voting.

People will argue the supposed cost and efficiency advantages of e-voting. Think about the cost of counting YOUR ONE VOTE and compare that to what YOU PAY IN TAXES each year - then tell me it's expensive. It's been working fine for over 200 years, there is little to gain from changing and everything to lose.

Re:Don't trust any of it

[Cyno]

We've already lost. You actually think your vote is counted? Prove it!

Put down the OSS Kool-Aid for a second, people...

[Chris+Burke]

There's a point to be made here.

The fact of the matter is that open source software will do very little to help the issue of the untrustworthiness of electronic voting.

Simply put, being able to read the source code does you no good if you can't be sure that the binary that the voting machine is running was compiled from that code.

With a Linux distro, if I for some reason suspect Red Hat may be compiling back doors into xdm or login, I can go somewhere else. If I don't trust anybody, I can compile the damn thing myself and put it on my computer.

These machines, open source or not, are going to be provided by a company like Diebold. Do you trust them, even if they have to give you a copy of some source code which may or may not be the source code that they used in their voting machines? Are you going to be able to browse the source code on the very voting machine you're using? Are you going to be given the compiler flags used to create the binary so you can re-create it yourself, and access to the voting machine's disk so you can compare them?

It is necessary that any electronic voting system be open source, as a matter of duty to the public. It is not, however, sufficient.

Re:Black Budget = closed source spending

[J.+J.+Ramsey]

But we do have "Black Budgets" -- many billions of dollars for covert military/spook purposes, approved by small Congressional committees, the details of which are hidden from Congress at large and from the public. In other words, closed-source spending.

True. However, the idea is to avoid that sort of thing unless it is truly necessary, since even though there are good reasons to keep the details of military and espionage spending secret, the secrecy can be abused and used to hide unethical and even illegal actions. It's best to keep government activity public by default and only maintain secrecy if there is a compelling reason to do so.

Perfectly Reasonable Explanation

[Greyfox]

There was a minor fault in the vote rigging module. It's since been corrected. Move along, nothing to see here.

Automated testing?

[BenjyD]

I would hope that any company that supplied software for something like counting votes would have to provide evidence of a complete testing procedure that would catch problems like this.

I mean, automated testing of a voting system can't be hard. Build yourself a little network of voting machines in the office, write a bunch of scripts that enter a certain pattern of votes and ensure the correct results come out the other end. Make sure your scripts perform a wide range of possible voting patterns, and do all the 'odd' things your users might do (try to vote twice, mash the keypad with their palm etc).

Or am I being terribly naive about the way the software industry does things?

Not quite

[abb3w]

It's not just that 19000 voters produced 144000 votes; it's that 19000 voters produced 5352 BALLOTS that produced 144000 votes.

Obviously, this was intended as the Chicago or Baldwin release of the software.

Re:Do we also have close source laws? I think not

[professorhojo]

>We don't make closed source or "secret" laws in
>this country, ie, laws that effect the public
>in general, and that the public is not
>permitted to know or examine, but yet will be
>held accountable to. We don't have anonymous or
>secret agencies enforcing laws and arresting
>people, ie, a secret police force.

are you serious? two words my friend: Patriot. Act.

get your memory checked now: http://www.thememoryhole.org

Re:Do we also have close source laws? I think not

[lildogie]

> We don't have anonymous or secret agencies enforcing laws and arresting people, ie, a secret police force.

Yes, as a matter of fact, in the U.S.A., we do have this.

And it's so much easier when you can rig an election.

Re:Do we also have close source laws? I think not

Why does it matter what the source says - the ballots should be printed out on standard form from the e-voting machine. Vote, print the ballots out, done.

If the electronic number doesn't verify, scan or count the paper ballots by hand.

You Know What You Can Do

[ajs318]

Back in the days when votes were counted by hand {or today, in countries where they stil are} the whole process was transparent.

If your country uses electronic voting, you should write to your representative and point out the necessity of opening up the process. Specifically, the need for the public to be able to examine mechanical drawings and software source code. Public scrutiny over the democratic process is more important than any corporate secret.

Voting should be transparent

[eberry]

Fine. I will take this troll.

I don't think the author or anyone else is saying "choose OSS because it's bug free". I believe the point to be made is that Open-source can be inspected by anyone since it's available to the public.

I for one do not trust proprietary software for voting. Government should be transparent and so should the software used to elect those buffoons into office.

And I will go so far to say that not only should the software be OSS. I should be able to download the voting data and run my own analysis of the past election.

Two big differences:

[roystgnr]

When you cheat an ATM machine, the ATM machine owner loses money. When you cheat an electronic voting machine, the machine owner may have no stake in the results or may even be benefitted by your action.

When an ATM machine cheats you, you know it, often immediately. When a voting machine cheats you, in a secret ballot system with the simplistic unauditable voting machines we use now, you never find out.

Re:Open source cures cancer! Film at 11!

[BESTouff]

You got it wrong. Open-source doesn't mean Linux-style development. You can have a company-regulated project, but still open to the citizens wishing to peek at the code.

Re:As an Indiana voter...

[Billly+Gates]

Good old Diebold.

Gotta love them. Good thing they do not have an ulterior motive.