NYT Calls For Open-Source Election Machines

anti-drew writes "The New York Times Magazine has an interesting editorial (free reg. req.) calling for open-source voting machines. From the article: 'Electronic voting has much to offer, but will we ever be able to trust these buggy machines? Yes, we will -- but only if we adopt the techniques of the 'open source' geeks.' That's quite an endorsement coming from the Times. Of course, one of the justifications was that open-source enthusiasts are 'libertarian freaks, nuttily suspicious of centralized power', who would 'scream to the high heavens if they found anything wrong'."

Yeah, right

[KrisCowboy]

open-source enthusiasts are 'libertarian freaks, nuttily suspicious of centralized power', who would 'scream to the high heavens if they found anything wrong'.
The same NY Times that got Adrian Lamo busted while he found a f**king open-proxy on their network.

Re:Yeah, right

don't confuse common geeks with criminal intruders please.

Re:Yeah, right

[secolactico]

The same NY Times that got Adrian Lamo busted while he found a f**king open-proxy on their network.

I guess... your point being...?

Re:Yeah, right

[jaavaaguru]

If he found an open proxy and told them about it (as the first post suggests), he's no worse than your neighbor pointing out that you left a window open in your house when you're heading out shopping or whatever.

Re:Yeah, right

It obviously was the open-proxy, and not Adrian "Look at me" Lamo, that happened to ring up $300,000 in database research charges on NYT's Lexus-Nexus account.

What did he, err, the open-proxy, search for using Lexus-Nexus? That's right, "Adrian Lamo". That's some ego.

That reminds me, what on earth does open source enthusiasts have in common with criminals like Lamo?

Re:Yeah, right

don't let the facts stand in your way.

Re:Yeah, right

That's not all he did. He proceeded to exploit the open proxy (before warning NYT). One of the things he did was ring up 300'000 dollars in Lexus Nexus charges. Searching for info on himself. That's one huge ego, which I'm sure will serve him well in prison.

Re:Yeah, right

[SilentChris]

You're joking, right? Lamo proceeded to dive in and conduct searches without the Times permission. It's akin to the neighbor jumping through the window, rooting around inside, using your TV and refrigerator then saying "Hey, you've got an open window," as he walked away.

Yes, of course, information should be free, yada yada yada. Fact is, there's some rules. Lamo knew the rules but didn't bother to follow them.

Re:Yeah, right

That reminds me, what on earth does open source enthusiasts have in common with criminals like Lamo?

Both need to shower more often.

Re:Yeah, right

[EvanED]

"It's akin to the neighbor jumping through the window, rooting around inside, using your TV"

Only if your TV ate through $300,000 worth of power while he was in there.

Re:Yeah, right

[machocomacho]

They see hackers as proponents of linux,what they use most often,open source of course, and open source will be associated hackers...someday soon though........nevermore

Re:Yeah, right

[SiMac]

The New York Times had an unlimited subscription to LexisNexis. They said that Lamo ran a certain amount of money's worth of LexisNexis subscriptions, but this was only if he had been paying by the search. To the New York Times, all this cost absolutely nothing.

Re:Yeah, right

[senatorpjt]

Apparently, since Lexis-Nexis likes the New York Times so much, they charge $100 per search, rather than the $7 they charge everyone else.

Re:Yeah, right

Pssst... a little bird told me that Lexis Nexis has outsourced a LOT of its operations to an Indian company called HCL Technologies

Re:Yeah, right

[karniv0re]

E911 ring a bell to anyone? Companies have been known to inflate their damages and make everything seem much worse than it actually is. And shouldn't the NYT have a flat rate on Lexis-Nexis?

Re:Yeah, right

[jasonla]

Sigh. This is the idea of one person. Look at the byline (By CLIVE THOMPSON). You can't detract from the validity of Thompson's column just because he works for the NYTimes. He's part of the editorial side.

Newspapers work like this: There is an editorial side that knows nothing about advertising, IT infrastructure, administrative tasks, etc etc. They are just there to wrtie.

Then you have the business side that is responsible for making money, security, advertising, administrative tasks. They know nothing about the content of the paper.

Between these two sides, there is an a philosophical wall. The system is setup such that neither side knows about the other. This preserves the editorial (encompasing news, sports, opinion, business, etc. sections) integrity of the paper.

The people who busted Lamo were probably from the business side of the paper.

Re:Yeah, right

[magefile]

Except, NYT doesn't pay by the search - they have an unlimited subscription. Still doesn't make it right, but he didn't cost them $300,000. Don't blow things out of proportion and lie when you don't need to; even though you're right, you'll lose credibility and look like an asshole. That's how OJ Simpson got off.

Re:Yeah, right

[landoltjp]

This is the same argument that people use to justify wholesale piracy of digital media. "It's not like I stole the [item | service]; they can still [sell | read | use] the [item | service] to others".

If you obtain (without paying for) something that is normally for sale, be it a phyisical item, a perfect copy of a digital 'asset', or data from a 'service provider', you are are stealing the equivilient value of the item/service were it to be sold to someone. You are depriving the service/item owner of that revenue.

Re:Yeah, right

[SiMac]

Yeah, except if he had been running all those searches and paying for them, he would've paid by the hour or bought an unlimited LexisNexis subscription. Hell, he could've bought a college education and got a LexisNexis subscription free for the amount of money the NYT says he "stole."

But who will get

First Vote?

"Endorsement?"

It's most definitely not an "endorsement from the Times." Unless the Op-ed was written by the Times editorial board, it will have a disclaimer stating that the statements contained herein only represent the views of the author, and do not necessarily represent the views of Times or its parent corporations.

Re:"Endorsement?"

[fenix+down]

This is the magazine, not an op-ed, so it's even farther seperated. Completely different staff from the Times itself. Practically speaking, you can assume the magazine editors agree with this, but that doesn't mean anything to the Times newspaper.

Also, the Times doesn't really have a parent corporation, it's owned by the NYT Company.

Re:"Endorsement?"

thank god someone said it. this headline should be corrected immediately. it is incorrect and irresponsible.

In Related News...

[k4_pacific]

MSDN Magazine has an article calling for closed source voting machines with .NET Passport validation.

Re:In Related News...

[hugzz]

Do mods ever read the posts? At the time of reply this is 3, Informative.

Re:In Related News...

[ruzel]

Bill Gates is now the President!

Re:In Related News...

Imagine if you did need to use your Passport ID to vote.

I know I wouldn't want to log in to vote as sexychick466@hotmail.com.

Re:In Related News...

[cavebear42]

I wouldn't want you to vote as that either, esp cuz it'f not a real email address.

One armed bandits...

That comment reminds me of a history book of Las Vegas which noted the distrust that regular gamblers had against the electronic one armed bandits, who much preferred the electromechanical machines.

Re:One armed bandits...

What's to trust? In both cases the machines have whatever odds the casino wants them to have.

Re:One armed bandits...

[mikael]

The electromechanical machines had odds of winning based entirely on the distribution of symbols on reels. These were arranged to comply with the odds of winning required by law. The electronic machines would be more "intelligent" in that they would "manage" their win/lose ratio by starting to give out small wins if a punter had a constant run of losses. Then when the punter had a constant run of wins, the machine would make it harder to win. It's basic psychology - the punter's feel that they are on a winning streak, and that the machine is stopping them from hitting the jackpot.

user / pass for those who want it free

[Kalgash]

Use google and google at the prompt.

Screaming?

Of course, one of the justifications was that open-source enthusiasts are 'libertarian freaks, nuttily suspicious of centralized power', who would 'scream to the high heavens if they found anything wrong'."

lets not kid ourselves here ;)

Political Parties

Hey the whole bonus of a two party system is for the one to keep the other in check. If the nerds of America have to keep our voting system straight, then I'm sure we can find a few good nerds.

nutty?

[jtilak]

'libertarian freaks, nuttily suspicious of centralized power' i thought we were socialists? what's nutty about being suspicious of centralized power? it would be naive not to be. read a frickin history book. (or a newspaper, for that matter)

Re:nutty?

[Kiryat+Malachi]

And once again, a /.er bravely steps up to the plate to play America's favorite game:

Proving the point.

Re:nutty?

[Joe+Tie.]

I know, imagine. Suggesting not only reading, but dull history at that. An obvious nut.

Re:nutty?

[sentientbeing]

i think they were being ironic- libertarian freaks suspicious of centralised power.......helping to write voting software for a centralised government.

Re:nutty?

[ValourX]

What you are seeing is the negative side-effect of one Eric Steven Raymond and his public voice. He "seems" to speak for the OSS community and that means that when the Times is looking for a way to pigeonhole OSS people, they assume his insane political beliefs apply to everyone.

People do the same with RMS sometimes, calling us all "communists" instead, even though Stallman is not truly a communist.

What the Free Software world needs is a nonpolitical leader, like Linus only more public. Maybe Bruce Perens?

We also need to downplay and minimize ESR's influence and publicity. At this point I think he's doing more harm than good.

-Jem

Re:nutty?

[kmmatthews]

The intent of that statement is to imply that "good citizens" should not be suspicious of centralized power.

Saying one thing is good necessititates that the opposite is bad.

Re:nutty?

[pilsner.urquell]

'libertarian freaks, nuttily suspicious of centralized power'

I'm a registered Libertarian and I thought that being a libertarian meant that one believes that less government is better government. That the government runs in the way the Constitution, Bill of Rights, Articles of Confederation, and the Magna Carta meant if to run. Libertarians don't believe like the government of the State of Utah, that the separation of church and state is one city block.

Re:nutty?

[ahfoo]

Why does free software need a leader?
I think the closest political analogy for open source enthusiasts should appropriately come from Monty Python's Holy Grail:
We're an anarcho syndicalist commune . . . political power comes from a direct mandate by the masses, not some farcical aquatic ceremony.

Re:nutty?

[ValourX]

Hmm... perhaps I meant more of an official representative. The ones we currently have are very bad at getting their point across without looking like wackos.

I admire RMS very much. Although I think ESR has personality problems (some say RMS does too, but I have not experienced this), I do respect him for what he's achieved on many levels. But they're both too political for their own good... they're fanatically political. They're making all Free Software users, developers and supporters look bad, as this NYT article suggests.

-Jem

Re:nutty?

[Killer+Napkin]

Socialists? I thought we were an autonomous collective.

Re:nutty?

That should read:
Supreme executive power comes from a direct mandate from the masses, not some farcical aquatic ceremony.

Re:nutty?

[awol]

Actually more like an anarcho syndaclist commune, where we each take it in turns to serve on an executive where all day to day administrative decisions are made but any policy determination has to be ratified by a two thirds majority of eligible voters at the next monthly general assembly. Unless of course the ...

(or something like that)

Re:nutty?

[jellomizer]

It is not the fact that RMS and ESR are radicals that pigeon hole Open Source Programmers. Is the fact that there are a large number of people who actually listen to them that makes us pigeon holed. While there are a lot more moderates out their then radicals but like anything the moderates are not is interesting to listen to. So we are not as well publicized what will get more attention in the media if I said "The government should make a law that everyone should use Open Source Software and any company that produces Closed Source Software should be considered a terrorist." or "Use free software when it works for you, develop free software when you feel that it is important enough to be shared. But there is nothing wrong with many closed source applications as well." Which message will spark fury and debate and make it well publicized. This is also why on political TV stations they will often get a staunch Deep South Republican Senator and debate him against from with an Ultra Liberal Senator from say California. It fires up the people sole thus making good ratings.

Re:nutty?

Strangely, the history books I have read are pretty much unanimous in claiming that for hundreds of thousands of years, humans just run around in mud until the glorious birth of civilization which gave us medicine, plentiful food, the protection of laws, and arts and sciences. In other words, the centralization of control known as government is responsible for all the achievements of human kind.

What kind of history books are you reading?

Re:nutty?

[arose]

What the Free Software world needs is a nonpolitical leader, like Linus

Journalist: What's your opnion on closed electronic voting machines?
Linus: I'm an engineer, not a politican. They should use the best tool for the job.
Politican: Closed electronic voting machines are the best tool.
Headlines: Computer experts support closed electronic voting machines!

Re:nutty?

so only politicians should have an opinion on voting machines, according to linus's logic? yeah he's an engineer. but he's a lot of other things too. as a voter, he should have an opinion, in my opinion.

Re:Bad idea?

open source doesn't mean that everyone and his grandma has an CVS account. :)

the NYT Voting initiative

[erroneus]

I think it's a great idea... not a new one but it's probably new to the general public and the NYT clearly thinks there's nothing wrong with free registration required so there you have it! A national publication force supporting a public-trust open-source project. It's the only way to help ensure the public's interests are protected against corruption.

But the machines themselves are only part of the process. There must be audit and process supervision and that still requires people.

Re:Bad idea?

[Gothic_Walrus]

Forgot to mention...this was posted before I RTFA. There's a possibility that this was covered. Time to go find out firsthand...

Go NYT

Of course, one of the justifications was that open-source enthusiasts are 'libertarian freaks, nuttily suspicious of centralized power', who would 'scream to the high heavens if they found anything wrong'."

For once they hit the nail on the head. Although I don't see why anyone might consider the statements to be any sort of insult. The so called "libertarian freaks" are just doing what every citizen should be doing: always questioning "centralized power". Technically, we give them the power, so why not ask why?

Re:Go NYT

[Roger+Keith+Barrett]

'libertarian freaks, nuttily suspicious of centralized power'

Sounds like a description of the American founding fathers to me.

I take it as a complement.

Re:Go NYT

[Entropius]

Minus the rhetoric, the NYT isn't that far off.

That statement should read "suspicious of unecessary centralisation". Distrust of centralisation is very much a part of the geek world: internet rather than one-to-many media like broadcast TV, bittorrent rather than ftp, the bazaar development model, the division of a working OSS system into hundreds of chunks (the kernel, kde, X, etc.) that can be arranged to suit, enthusiasm for P2P technology that goes beyond free pr0n/warez, etc. etc. etc.

This "screaming to the high heavens" isn't unique to politically-sensitive bugs. This is how the OSS development model works: let a bunch of eyeballs go over something and raise red flags if something is wrong. People would scream to the high heavens if, say, a version of KDE was released with a major memory leak; it's just part of the process.

(Side thought: when does American democracy get a bugzilla page?

Bug #41298: Voters in non-swing states effectively disenfranchised by electoral college system
Assigned to: FEC
Status: IS_FEATURE_NOT_BUG

Aargh!)

Re:Go NYT

[jcomeau_ictx]

Goddamn right. "I resemble that remark" too. About time we got credit where credit is due; we need more libertarian nutcases in this world! Like my hero esr, the gun-carrying geek!

Re:Go NYT

[MillionthMonkey]

It's not commonly known that many of the American founding fathers were libertarian computer consultants chafing at high tax brackets from England. In fact, Alexander Hamilton himself often spent weekends dispensing toy plastic muskets to inner city ragamuffins. And the foundations of libertarian thought are written right into the preamble to the Constitution:

"We the People of the United States, in Order to form a more perfect Union, establish Justice, insure domestic Tranquility, provide for the common defence, promote the general Welfare, and secure the Blessings of Liberty to ourselves and our Posterity, do ordain and establish this Constitution for the United States of America."

If that doesn't say "every man for himself" I don't know what does.

Re:Go NYT

[M.+Baranczak]

when does American democracy get a bugzilla page?

While we're at it, I should be able to get a few like-minded friends together and fork my own democracy. The one we have now is just too buggy and resource-hungry.

Re:Go NYT

[Graabein]

> Side thought: when does American democracy get a bugzilla page?

Excellent idea, but why limit it to just American democracy? With globalization and all, it seems to me we need to address some larger issues and deal with the fundamental bugs as well.

Bug #1: The people not really in charge as their elected politicians are just puppets of the big international mega-corporations
Assigned to: none
Status: pending

Now say "Aargh!"

Working Link Via Google

[thedogcow]

Click here

Re:Working Link Via Google

[Jon+Abbott]

Just so the NYT knows, we are "nuttily suspicious" of free registrations as well. :^)

Re:Working Link Via Google

[aggiefalcon01]

Thanks! And by the way, "Moof!"

Re:Bad idea?

[Jardine]

I could be mistaken, but wouldn't open source code for voting machines make it that much easier for someone to hack the machines if they so desired?

Wouldn't open source code for an operating system make it that much easier for someone to the hack a computer if they so desired?

The thing with open source voting machines is that anyone should be able to look at the code and notice a bug that would allow this. With closed source voting machines like Diebold's, the only ones who know if there's some backdoor or buggy code are the people who programmed it.

Another argument

[gregmac]

I think a strong argument that you could put forward would be that the current system of manually counting votes is the equivalent of 'open source'. Everyone knows what they do (count votes), and how they do it (by looking at each one and recording the number). I believe you can even watch them do it, if you'd like. Open source is pretty much the equivalent. You can see what the code is doing, and how it's doing it.

Re:Another argument

[redfcat76]

I agree with your analogy of open-source to the way that votes are currently counted. I think also that it is important that the binary running is the same one as the source code provided for the public actually compiles as. Maybe there should be a way, at the machine, to do a md5sum of the running software, and compare with previously snail-mailed md5sum or something? It sounds like a great way to discredit open-source..."Whoa look at that huge back door, it's the same program name as the program the open-source compiled!"

Re:Another argument

[lfourrier]

The current system of manually counting votes is not the equivalent of 'open source'.
It is a system designed to deliver a provable result, even if the different actors during the vote and the counting don't trust each other.
Going voting machine move the trust relationship, to some technical system managed by (paid or volunter) experts.

And now, some gramatical questions from someone who is not a native english/american speaker :

When you ear about thinking machines, do you think of :
- machine that help to think or
- machine that think ?
(without speaking of an old company of the 90)
When you ear about voting machines, do you think of :
- machine that help to vote or
- machine that vote ?

Re:Another argument

[Tony-A]

Right.
Remember, "The Emperor Has No Clothes" was broken, not by the smart elite, but by a dumb street urchin.

Re:Another argument

[ndpatel]

although i think that's an issue of context-specific meaning, it's very easy to argue that "voting machines" means "machines that vote." they're actually doing the voting, counting, etc. they're just doing it in reponse to user input.

Re:Another argument

[Kafka_Canada]

When you ear about thinking machines, do you think of :

I think: "My CPU is a neural-net processor ... A LEARNING MACHINE" --Ahnold

Re:Another argument

[ACPosterChild]

It's "hear". "Ear" is the thing on your head than "hears" sounds.

You do have a good point about "thinking machine" vs "voting machine". I think of "a machine that thinks" and "a machine that helps voting". Context and familiarity with a given phrase have a lot to do with interperating some things.

well.. not completely true

[Haydn+Fenton]

alas, my memory fails me yet again (please, no lame 'upgrade' jokes), i know my explanation will suck due to lack of facts, but here ya are anyway;

there was *some guy* who placed some code into a compiler once, so that even if there was no malicious code in the actual souce, once compiled, the executable had a block of code enabling the original author to do things (i.e. a backdoor). if i remember correctly, even if you were to recompile the compiler, the code would once again be placed into the compiler (and therefore future copies of the executable), i know its extremely unlikely that it will happen in this case, but im just pointing out that it can happen.

Re:well.. not completely true

[psykocrime]

That *some guy* is Ken Thompson. Here, here, and here is some more info about the infamous "compiler backdoor."

Re:well.. not completely true

You're probably thinking of Ken Thompson's Reflections on Trusting Trust. A very good read for anyone involved in computer security.

Re:well.. not completely true

[Sweetshark]

there was *some guy* who placed some code into a compiler once, so that even if there was no malicious code in the actual souce, once compiled, the executable had a block of code enabling the original author to do things (i.e. a backdoor).
You are talking about Ken Thompsons backdoor in early unix ...
more of the story

Re:well.. not completely true

[flossie]

alas, my memory fails me yet again (please, no lame 'upgrade' jokes), i know my explanation will suck due to lack of facts, but here ya are anyway;

I think that Reflections on Trusting Trust by Ken Thompson might be what you are referring to.

Re:well.. not completely true

[Animats]

there was *some guy* who placed some code into a compiler once

That was Dennis Richie. As an exercise for the original poster, find the famous published paper in which Richie described this.

Re:well.. not completely true

That was either Ken or Dennis. It was a hole that recognized the login shell when it was being compiled and added a backdoor. It also recognized the compiler and put the same secret function into it. However, this can't work unless everyone uses the same compiler. That was only possible then because it was the only C compiler, and every compiler that compiled it had been compiled using it.

Re:well.. not completely true

[14erCleaner]

As a further exercise, find the real author's name and spell it correctly. (hint: several slashdotters have already posted it :)

What's the problem

[lakeland]

There's a lot worse images we could have. They even chose libertarian instead of marxist.

Besides, I think the quote is fairly accurate -- just look at how much we jump up and down about 'trivial' licence details. In the closed source world they'd just pirate the software and forget about it.

Re:What's the problem

There's a lot worse images we could have. They even chose libertarian instead of marxist.

They think that ESR is typical of us. If you don't find that scary then I may have to shoot you for your own good. I meant to say club you to death, I am NOT a gun nut. I'm going to have to burn my Jedi costume now as well :(

Re:What's the problem

[lakeland]

Hey, I agree with ESR most of the time. Now, if they thought RMS was typical, then I'd agree you had a point :-)

Not an "editorial"

[gkuz]

The New York Times Magazine has an interesting editorial

It's an interesting piece, but it's not an editorial. An editorial states the opinion of the newspaper as a whole (actually of the Editorial Board, if you're feeling pedantic) and as such carries a fair amount of weight, as in saying, for example, "The New York Times has endorsed Kerry for President." This is just an opinion piece by one of the paper's writers, and is a lot lower on the food chain than an editorial.

Re:Not an "editorial"

[crashnbur]

One term that gkuz left out in his comment above is that opinion articles that appear on editorial pages that are not representative of publication itself are either op-eds (what this article is) or letters to the editor (much, much lower on the editorial food chain).

Re:Not an "editorial"

[hashbrownie]

This is just an opinion piece by one of the paper's writers, and is a lot lower on the food chain than an editorial.

Moreover, it's also part of the Sunday magazine, which is a very different entity than the daily paper and its opinion writers. In fact, there is more than a bit of tension at the NYT between the "daily" people and the "mag" people. Since the Editorial Board (and its op-ed writers) are part of the "daily" staff, we should not assume anything about their opinion of closed-source voting machines based on this article.

Finally, people are seeing reason...

[schmidt349]

A long time ago, Linus Torvalds gave an interview in Maximum PC in which he pointed out that some people thought that open source "somehow was tied to communism." This type of thinking is still around, I think, and it's part of what fuels the Ken Browns and Darl McBrides of the world. They see something that looks a little like something they've been trained to hate with unreasoning passion, and then the blinders go on and the brains turn off.

Fortunately, I think that people are finally starting to understand exactly what the open source software movement stands for and the benefits we stand to accrue from it. 'Communism' - either in its real form or the corrupted understanding that some people seem to have of it - simply doesn't enter into the equation anymore. Open source, to many mostly computer illiterate people that I know, looks much more like an exercise in free speech than an expression of the Marxist dialectic.

Open source voting software is the best way to deal with the problems in electronic voting machines. Will it be an absolute panacea? Probably not. But in any case, it will doubtless produce more trustworthy software than anything produced by a proprietary company using proprietary software development methods on a proprietary operating system with proprietary political causes and motivations.

Re:Finally, people are seeing reason...

[crashnbur]

Right. "Communism" emphasizes collective public ownership of property, which is contrary to American ideals. That's not what the open-source movement is going for. Open source is closer to "socialism", which emphasizes the collective public ownership of the means of production -- not the products of production -- and the freedom of the entire community to exercise political power.

In this particular case, the open-source movement advocates the individual's right to public information, especially information behind public processes that have a huge impact on government functions and operations. We have a right to understand exactly how such critical processes work in order that the integrity of such processes is preserved.

Re:Finally, people are seeing reason...

"Communism" emphasizes collective public ownership of property, which is contrary to American ideals.

Maybe you should talk to some people who, for some reason or another, couldn't pay the tax(rent to the government) on their property.

Re:Finally, people are seeing reason...

[garcia]

Nothing will prevent post scruinty tampering. That's what I fear most about any of this. With the fascists running the show and wanting to remain in power over those they need to "care for" I fear any method that isn't tried and true and basically tamper-proof.

Re:Finally, people are seeing reason...

It's not that either! I don't like socialism but I love the idea of Free software.. it makes economic sense: don't charge more than the marginal cost of production in the long run, and for software, that's ZERO.

Free software is wonderfully capitalistic, once you get past the notion that a copyright monopoly is the same as personal property (it's not, obviously, or there would be one set of laws for both, similar violation statistics for both, and there'd be a Free Cars Foundation alongside the FSF...).

Re:Finally, people are seeing reason...

Maybe you should recheck your definition of the word "ideal".

Re:Finally, people are seeing reason...

[crashnbur]

it makes economic sense: don't charge more than the marginal cost of production in the long run, and for software, that's ZERO.

That is far from true. That's one of the biggest problems with our purely monetary system -- there is no measure for the labor hours, or the quality of those hours, that go into the production of much of anything. The cost of things that can't be measured monetarily is all too often assumed to be "ZERO", but that simply isn't true. Even freeware costs somebody something to make.

Also, let's keep in mind that the "free" in "free software" does not refer to money -- it doesn't mean that the software should cost $0.00. Rather, it means free as in freedom, as in we should have the freedom to use, redistribute, copy, and modify the software at will as long as any copy or modification always keeps the freedom associated with the original.

Re:Finally, people are seeing reason...

[ScrewMaster]

The reason that people (and by "people" I mean those individuals who decide in what direction to throw IT resources) are taking Linux and open-source more seriously has far more to do with economics than politics, neo-McCarthyism aside. Your average CEO really couldn't care (from a functional standpoint) whether his company runs Windows, Linux or anything else. What he cares about is a. how much does it cost and b. does it do the job. Open source is proving, at the corporate level that it can, in fact, do the job, and do it well.

Honestly, I don't think that Darl McBride got into this mess because he "hates" Linux and Open Source, not in the way Americans used to "hate" Russians. Hell, SCO sells the stuff, or used to. He's hardly the anti-Stallman: I doubt he has that much emotional investment in the Open Source movement. On the other hand, RMS is passionate about his cause, consistent in his expression of it, and more to the point, time has proven him right on a lot of counts.

The McBrides and Ken Browns of the world don't have blinders on: they know precisely what they are doing and why. The reason has little to do with hatred of us "communists" or any other political motivation: it has to do with opportunism and greed. I could respect McBride and those of his ilk (while vehemently disagreeing with them, of course) if they had anything resembling an ethical stance, or at least a position that doesn't change with the phases of the moon.

Re:Finally, people are seeing reason...

[M.+Baranczak]

An interesting view. I've always thought that the OSS model is closer to Anarchy than Socialism.

(Hint: don't throw either of those words around when you're trying to sell Linux to MBAs. They find them alarming.)

Re:Finally, people are seeing reason...

"there is no measure for the labor hours, or the quality of those hours, that go into the production of much of anything."

Wages.

Re:Finally, people are seeing reason...

[Russ+Nelson]

Sigh. What does my signature say? Go ahead, read it, what does it say??? It says "Don't piss off the Angry Economist." Okay, so you went and did it. You said something that was total economic bullshit. If you want to find out what it was, go read my blog in 1/2 hour, when I get finished writing the reply.
-russ

Re:Finally, people are seeing reason...

it makes economic sense: don't charge more than the marginal cost of production in the long run, and for software, that's ZERO.

He's basically right, and so are you. He said marginal cost, not the production cost you're talking about.

Re:Finally, people are seeing reason...

[finkployd]

The word you are missing is MARGINAL. Marginal cost, which is certainly 0, or as close to 0 as to make it effectivly 0, I know electrons technically cost something, so does the iron oxide you are using to save to magnatic media.

There are certainly up front costs, but absolutly no cost to reproduce the product once it has been designed (unlike, say, a car).

Over time, the price of most goods approches the margial cost, we are beginning to see this with software.

Finkployd

Re:Finally, people are seeing reason...

[Hobobo]

"collective public ownership of the means of production"

That is exactly what communism is--the state controls the facotrs of production: land, labor and capitol.

Re:Finally, people are seeing reason...

[gnovos]

The cost of things that can't be measured monetarily is all too often assumed to be "ZERO", but that simply isn't true. Even freeware costs somebody something to make.

By the same token, people playing basket ball on the court at the park are giving "free" entertainment to anybody watching. Those people are "losing" millions of dollars that professional players would have otherwise made, so, even though they are having fun, they are actually paying quite a price... er, right?

Re:Finally, people are seeing reason...

[crashnbur]

Public ownership and state ownership are not the same. Socialism means the people own it as a collective, and there is no higher authority to control it. Communism means the people own nothing and the state owns everything. The end result is ideally the same -- everyone works equally and is compensated equally.

The difference is that socialists trust the public to be intelligent enough to manage their own assets; communists do not trust the public, and therefore require the government bureaucrats to manage the public's assets. Or something to that effect.

Re:Finally, people are seeing reason...

[crashnbur]

After fumbling through the links on your home page, I found the blog and added it to my favorites. I'll peruse it later.

Re:Finally, people are seeing reason...

[eventhorizon5]

Some problems with that statement. Socialism was described by Marx as the "abolition of private property". Also Socialism relies on a centralized distribution of resources (usually from a government), and also somewhat on the collective ownership on the products of production (not just the production itself). For example, a socialized health care system involves taxing the population at a very high amount (thus resulting in 'collective ownership'), and then having a political power use the money/resources and distribute the services among the population; the quality ends up always being extremely low since the government tries to use as little money as possible to expand its use - usually people with 'connections' (interventionist position) get the good health care, while everyone else gets crap. If open-source was socialist, there would need to be a centralized power that would need to 'own' the developed product, and for a forced collective development to be enacted (similar to slave labor). There would also be no personal ownership of code created (which personal ownership is protected by the GPL).

Open source resembles a free market Libertarian philosophy the most, due to its decentralized, private property-based (GPL), open-ended infrastructure.

Re:Finally, people are seeing reason...

[Dingel]

1. There is a measure of the valuable of the labor's contribution to the production. They're called wages, buddy.

2. Economists include opportunity cost when drawing cost curves, which is most definitely non-monetary.

3. Marginal cost is not zero for software. That's the basis for Levine and Boldrin's theories about why intellectual monopoly isn't necessary. Check it at http://levine.sscnet.ucla.edu/general/intellectual /against.htm

Re:Finally, people are seeing reason...

[crashnbur]

Because we're paid so much for the freeware we develop on our own time at home...

Re:Finally, people are seeing reason...

[crashnbur]

1. I thought the conversation was about freeware developed on personal time, not for wages. If this isn't the case, my mistake.

2. True, but most people have no idea what any of that means.

3. Okay, okay. I didn't see the word "marginal", or at least I didn't process it. My mistake.

Re:Finally, people are seeing reason...

Socialism was described by Marx as the "abolition of private property".

And "Socialist" was also part of the name of the Nazi party. Karl Marx doesn't get to define Socialism any more than Hitler does.

Also Socialism relies on a centralized distribution of resources (usually from a government), and also somewhat on the collective ownership on the products of production (not just the production itself).

No, see, that's what we call "Communism." There's a reason we have two different words; they describe different systems.

As for health care, how is there any difference between only people with "connections" getting good medicine and only people with "lots of money" getting it?

Re:Finally, people are seeing reason...

[TheUser0x58]

I never bought any of the analogies of open-source to communism or socialism, or libertarianism for that matter.

• (Commun|social|marx)ism refer to all-encompassing economic systems. Open-source is simply a way of distributing software, which doesnt make much sense beyond than that. Open source computer hardware? medical insurance? bread? No.
• There is no such "collective public ownership of the means of production" in open source. Sorry, but nobody here owns gcc or perl, etc., unless you are FSF, or Wall, respectively. The public does not own open source software, but the owners (the copyright holders) have graciously decided to give it to whoever accepts the terms of its license.

Comparisons to economic systems really just open the door to anti-OSS FUD, in my opinion.

My ~2.19 yen

Re:Finally, people are seeing reason...

except that open source is by nature decentralized, and not controlled by any one party. its like a "pure" democracy (no proxies like senators or presidents).

Re:Finally, people are seeing reason...

[Geoff-with-a-G]

That's one of the biggest problems with our purely monetary system -- there is no measure for the labor hours, or the quality of those hours, that go into the production of much of anything.

No, this is the beauty of the Capitalist system, it measures extremely well the value of the labor hours and their quality. If you create something that you think is really great, but nobody wants it, then it's not valuable. If people aren't willing to compensate you for your work as much as you think it's worth, then don't do it. If you find yourself still wanting to do the work, despite the lack of monetary compensation, then it means you are already being compensated sufficiently (maybe through satisfaction in the work itself, or maybe through recognition of your contributions, or maybe through a sense of belonging to something greater than yourself).

As Russ' blog (which I quite like) will tell you (albeit somewhat confrontationally; he calls it the ANGRY Economist for a reason), value is subjective. Diamonds and gold are valuable because people want them, and because they are scarce (whether naturally or artificially). Not because there is some intrinsic moral value in them, or because of the labor involved in getting them. Many people find the "value of labor" an appealing notion because they personally find that they appreciate things more which they have worked hard for than the things which they are given. This makes sense in economics too, the value of that thing is what you were willing to trade for it. In this case, your labor, but if you had to trade your car or house or first-born-child for it, you probably would also have really appreciated it.

The best way to completely misunderstand Capitalism is to focus on money. It's about how much people value things, and what they're willing to trade them for voluntarily. Capitalism simply says if you have something, and you want something more than the thing you have, then you should trade for what you want. If you want the thing you have more, then keep it. That way, everyone ends up with the things they want the most. Example, a Britney Spears CD may not be worth $15 to you, so don't buy it, but it's worth that to someone else, so you and the music store get to keep $15 and the other person gets the CD.

In the case of labor, which you're addressing, if you think your labor is worth more than you're being compensated (maybe with dollars, maybe with something else) then look for someone else who will compensate you more for it. If there's nobody who will, then you were wrong about it's value, so don't do it. You can pour lots of labor into moving rocks 500 feet to the east, then moving them back, but if it doesn't benefit anyone, then that labor has no value.

"Free Software" is not a term of art properly defined somewhere. Sometimes it means free of cost to the user, sometimes it means unrestricted. Hence the tags often used "Free as in speech" or "Free as in beer". Yes, creating free software, such as Linux itself, has value to people, because if they had to, they would probably trade money for it. They don't have to, simply because the distribution system doesn't require it. From the "consumer" standpoint, this is great. You're getting something you value without paying for it. The concern is from the "producer" side: are the programmers being ripped off? Well, without coercion being present, no, they aren't. If they required more compensation, then they'd stop coding.

Re:Finally, people are seeing reason...

[crashnbur]

I was talking about software developed without the intention of being paid for it in anyway -- that's what freeware is. And as I said, individuals who develop freeware on the own time without being paid have no measure for the value of their work except the work they put into it and the utility they (and others) find in the finished product.

Re:Bad idea?

You sir, are a dumbass.

It would be HARDER to hack an open source voting machine for several reasons.

First: Security holes WOULD get fixed. Diebold leaves their machines open to known exploits.

Second: If the machines were open source, you can bet your complacent American ass that every CompSci doctorate student or professor would try and hack it for prestege, then submit a patch to fix it. All that BEFORE an election.

Third: At least we would know how the machinese worked. Currently our knowledge consists of: The Machines fuck Up.

Fourth: we might get a paper trail. Florida election fuckups would no longer exist.

Re:Bad idea?

[flossie]

I could be mistaken, but wouldn't open source code for voting machines make it that much easier for someone to hack the machines if they so desired?

Yes. We all know that security by obscurity is one of the best methods of ensuring that systems are secure. That is why nobody has ever been able to hack into a system running closed-source software such as Microsoft Windows.

Sarcasm aside, if the software is not open-source, there will still be many, many people that will have access to the code. The difference is that the general public won't be able to check what the code does. Are you sure that you trust every employee of Diebold (for instance) to be honest?

Open Voting Consortium

[coshx]

No mention of an open-source voting project currently gathering a lot of support. Their idea is to keep what people trust about voting, and just computerize the parts that will make the process easier and more accessable.

Open Voting Consortium

Re:Open Voting Consortium

[gordonius]

The article actually did mention the open voting consortium:
"A group of civic-minded programmers known as the Open Voting Consortium has written its own open-source code."

Ugh

[Avalerion]

Can't we all just get along?

Open source voting would allow us to work out all the flaws. When one company believes they know everything [Diebold], they overlook and become exploitable. Ugh.

Re:Ugh

Linux isn't flawless. Why do you think OSS is any better?

The most patriotic thing you can do.....

[i_want_you_to_throw_]

is be suspicious of centralized power, especially the US government.

As far as being nutty people, I'll take advocacy for open source wherever I can get it thank you.

wait... what?

[hellmarch]

librertarian freaks? i think not. i'm a compasionate conservative anarchist.

Make $5250 Guaranteed!!! All you need is a PayPal account and $25. We'll do the rest. Click here to find out how.

Re:Bad idea?

[borud]

if you don't trust the public, then who do you trust?

I wrote something about this in my blog a while ago. I think putting your trust in the public is exactly what needs to be done. don't you?

Consider the source

[MillionthMonkey]

If the New York Times were to print an article saying the sky was blue, it would be proof positive that the sky was some other color.

Come on, the NYT isn't that stupid.

[k98sven]

The quote in the article is that open source folks 'are often libertarian..', not are. There's a difference there.

Not that I think that is a fair description either, but given that it is a pretty accurate description of guys like ESR, it's not hard to see how such an opinion could be formed.

Re:Come on, the NYT isn't that stupid.

[black+mariah]

Can't forget RMS. Seriously, that's the #1 and #2 guys of OSS/FS and they're both nutty enough to keep Planters in production for a few years.

Re:Come on, the NYT isn't that stupid.

Maybe a more accurate description would be "open source folks are often libertarian who strongly believe that governement's role should be kept to the absolute minimum level necessary to restrict outsourcing and maintain artificially high salaries for programmers"?

So how do you prove...

[JessLeah]

...that the source made available is actually the code running on the machine?

I could write a closed-source proprietary OS and have it go:

printf("Kernel version: Linux 2.4.26\n");

...but that wouldn't actually make it Linux.

Re:So how do you prove...

Simple. Just explicitly specify the compiler (and compile arguments), then run a hash (SHA1 or similar) on the binary.

Re:So how do you prove...

[JessLeah]

printf("Compiled with: %s\nHash: %s\n", FAKE_COMPILED_WITH, FAKE_HASH);

No, seems to me that the ONLY way to do a truly "secure" e-Voting scheme would be for people to actually RUN THE VOTING SOFTWARE ON THEIR HOME COMPUTERS. Which I don't see happening any time soon, given government-types' fetishistic fascination with centralised control...

Re:So how do you prove...

[Stray7Xi]

Duh... that's where TCPA comes in

err no really..

Re:So how do you prove...

[man_ls]

If such a system were set up by the states it might be easier.

I.e.:

State voting site.

You enter SSN and DL # for your identity, and vote away.

I assume each state knows the SSN of everyone legally allowed to vote in that state...or could get the list from some Federal authority.

Re:So how do you prove...

Just one huge problem with that: It would make really _buying_ the votes of others possible. That is, checking what somebody types at a computer is trivial for a "vote buyer" whilst checking what somebody writes (or presses) behind a curtain isn't and consequently buying isn't possible (nobody buys anything if they have no way of knowing whether they got what they wanted).

Re:So how do you prove...

[HybridJeff]

You know, if they actually did allow people to vote from their home computers, I have a feeling that the voter turnout rates would skyrocket.

Re:So how do you prove...

[SpaceLifeForm]

Home voting? Not if you can lose your anonymity due to ipaddress tracking. If the software wants to 'call home' with your choices, forget it.

Re:So how do you prove...

[DunbarTheInept]

The solution is to use a checksum of the code in the following fashion:

Rule 1 - The voting hardware and OS must be rather uniform, with only a few variations for regional preferences (it wouldn't be fair to force a small precinct to be forced to buy an overpowered version intended for high-volume voting places, therefore there would be a few different configurations available, but the number of allowed combinations of hardware and software must be discrete and small in number, not something where you can just put together whatever parts you want all willy-nilly.)

Rule 2 - The entirety of the machine, including the OS and the voting software on top of it, must all be considered a single 'thing' for the sake of verification. (i.e. if you have a third party verify a setup, then that setup is verified ONLY on that exact configuration. For a second configuration of hardware, a seperate verification is needed.)

Rule 3 - When a third party verifies that the system is good, they take a checksum of *everything* including the OS. (basically, do a checksum of the root directory, recursively descending everything under it.)

Rule 4 - The list of checksums of verified systems is given to voting poll station workers. When the system turns on, the first thing you do is run an automated checksummer on it (from a boot floppy or something like that, which is external to the machine itself and removable - and therefore is not part of the system itself, and is produced by different people entirely). When it spits its number out, compare that against the list of known "good" checksums. If it's on that list, the machine is safe and can be used. If it's not, then this fact must be logged, and a call must be made to the elections board, and the machine must not be used that election day (and must be inspected later when there's time to see what the problem is and determine if something untoward was being attempted.)

I'm picturing that the list of known "good" checksums would only have 5 or so numbers on it. Basicly, it's a mechanism to allow for upgrades and improvements or to allow for a few different hardware configuration options for different sized polling precincts.

Re:So how do you prove...

[Zachary+Kessin]

A few problems with this:

1) Not everyone has a home computer. Its that pesky voting rights act.

2) Home computers are hackable

3) the protocalls would have to be reasonably open, and therefore hackable.

I personally I'm partial to the make an "X" on a piece of paper voteing, Its simple, easy to varify and we all know how it works.

Re:So how do you prove...

http://www.acm.org/classics/sep95/

The moral is obvious. You can't trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level verification or scrutiny will protect you from using untrusted code.

Re:So how do you prove...

[rthille]

What OS are you using to run the checksum program? What's to keep the 'voteOS' from returning good checksums, but executing different code, either from ROM, or from hidden files on the disk, or if net-connected, from code loaded from the net?

Re:So how do you prove...

[DunbarTheInept]

I was picturing that the checksum is run from an external media device, like a bootable floppy or zip drive. It acesses the hard drive of the machine and runs the checksum on it. Thus it could in theory be a totally different OS. In fact it doesn't even have to look at the filesystem intelligently - just read the disk in a low-level "dd"-like fashion and make a checksum off of that. But the crucial thing is that the checksum program is not produced by the same people who make the voting system. The election commission contracts out to one vendor for the voting machines, and to a totally different vendor for the simple little checksumming mechanism. The two never talk to each other.

Wow...

[SbooX]

'libertarian freaks, nuttily suspicious of centralized power', who would 'scream to the high heavens if they found anything wrong'.

I guess they read /. at the NYT.

NYTimes, geeks, and suspicious inspectors

[cemkaner]

Open-source enthusiasts, by contrast, are precisely the sort of people you'd like to see inspecting the voting code; they're often libertarian freaks, nuttily suspicious of centralized power, and they'd scream to the high heavens if they found anything wrong.

As one of the geeks who is nuttily and loudly suspicious of the electronic voting machines, I appreciate columnist Clive Thompson's compliment and endorsement. But I think he's missing his own point.

If 10 voting equipment vendors publish their open source (remember, "open source" is not necessarily "free") software for inspection, then for each vendor, the other 9 vendors will have a strong incentive to inspect and criticize that 10th vendor's code. ("You really should want to buy *my* voting machines . . . their code sucks. Here, let me prove it. . . .")

I predict that competing commissioned salespeople can be even more nutty, suspicious, and enthusiastic than computer science professors.

Re:NYTimes, geeks, and suspicious inspectors

[don.g]

There's just one problem: how do you know that the code that has been subject to public scrutiny is also the code running on the voting machines themselves?

Re:NYTimes, geeks, and suspicious inspectors

[DunbarTheInept]

A third party must do the checksumming, and comparing the checksum must be part of the job of the poll worker turning the machine on at the start of the day. (Imagine if the checksum program was on a boot floppy that was not part of the software provided by the vendor - the checksummer would be programmed by the elections board or a group they contract out to. Then you use the checksummer on the code that you put under scrutiny and "bless", and publish that checksum to the polling workers. They stick the boot floppy in the machine and it tells them a checksum there too - then they just compare that to the published "blessed" checksum. If they are the same number, the machine is good. If not, the machine is "broken".

Making the checksum be calculated by a third party means the only way the vendor could trick out the
checksum is to hope that they can find a change to the code that just so happens to result in the exact same checksum, while simultaneously skewing the results they way they want. That's going to be an exceedingly unlikely possibility - while there are a large number of possible binaries that yield the same checksum, the chance that one of them is actually something useful to the vendor is so close to nil as to be ignorable.

Re:NYTimes, geeks, and suspicious inspectors

MD5 checksums?

Re:NYTimes, geeks, and suspicious inspectors

Well, yea. And as soon as they name it, it gets fixed. Now that's a service you'd go for. Compare that to the other 9 ones... that will have to go and find some more again. Nice, all those 9 ones marketing employees are working for #10. They'll get sacked :D

Re:NYTimes, geeks, and suspicious inspectors

[WuphonsReach]

There's just one problem: how do you know that the code that has been subject to public scrutiny is also the code running on the voting machines themselves?

Well, that's why you need to have a paper-ballot printed out, that is human-verifiable at the time of casting the vote, and re-countable at a later date. Sure, stick a bar-code on there to make re-counting quick, but still print human-readable text in case there is suspicion about the contents of the bar-code.

Other then physically securing the machines after auditing them by a 3rd party (much like securing the old mechanical voting booths). There's not much that can be done on the end-user side to verify the voting software in the unit is legit. Anything that the system displays can be hacked to display something else. So while you may trust the voting system to record the proper votes, there should be a means to verify those votes.

Gee, kinda like the "Trust, but Verify" thingy.

Re:Bad idea?

if you don't trust the public, then who do you trust?
Who do you serve?
Who do you trust?
[pause]
Who do you serve and who do you trust?

Sorry, had to be said.

But will it be enough?

[zalas]

I'm sure a lot of geeks will be convinced that the voting software would be safe if all the able coders can look at the voting software at their leisure and find bugs, if any. However, how do you convince the general populace this? Just saying there are random people in the world finding bugs in it doesn't seem convincing enough to a normal person who knows nothing about computers except that they can use it to get email and buy flowers. While I'm all for open source voting, I think it doesn't inspire the amount of trust necessary or as much trust as most Slashdot readers would think.

Re:But will it be enough?

[Spellbinder]

right now you have to trust the people counting votes
where is the diffrence???

Re:But will it be enough?

[zalas]

I'm not saying that our current system is any better. I'm just looking at where the proposed system may have some problems. The ideal solution (impossible) would be to have everyone in a room with votes taken place in the room and the vote counter dumping all the votes on a table and counting. With my previous post, I was just pointing out that 'open source' may not inspire as much trust as many people online might think.

Re:But will it be enough?

[EvanED]

But it would certainly help to have tons of CS Ph.D.s say "I've gone over this code and tried to hack it and it looks good" instead of "I broke into the state board of elections, completely changed the results, and erased all traces, and did it in five minutes."

Re:But will it be enough?

[NoTheory]

How about more NYT articles, and articles from other news outlets. How about endorsments from political figures?

i don't think it'd be that hard to convince people that this is a good idea.

the problem is attempting to drag those who have a vested interest in keeping the vote closed along.

All the people who bitch about closed voting schemes should email this article to their Senators and Representatives.

Re:But will it be enough?

[gnovos]

"I broke into the state board of elections, completely changed the results, and erased all traces, and did it in five minutes."

I'm sure you did, Mr. President.

A well-oiled WHAT?

[14erCleaner]

From the article:

Already, Australians have used the open-source strategy to build voting software for a state election, and it ran like a well-oiled Chevy.

The last Chevy I owned was a '74 Vega, and it burned a quart of oil every 100 miles. I guess that's what he's referring to here.

Re:A well-oiled WHAT?

[Artega+VH]

I would wanna hope it didn't run like a Chevy.. we don't drive them... It should run like a well oiled HQ ute :p

Re:A well-oiled WHAT?

[aebrain]

Not As Such.

The data about the ACT (Australian Capital Territory) election, the open-source software, the open-source operating system it ran on, and the open-source compiler that compiled it all is available via the makers, Software Improvements Pty Ltd.

The independant review, lab results of testing, and report on how it all worked in practice are available through the ACT Electoral Commission.

Not so much a well-oiled Chevy as a Holden Monaro which in the US is called a Pontiac GTO. As the GM site says, What Makes an American Legend? But it doesn't say the answer - good Aussie Engineering. Oi! Oi! Oi!

Some reasons why this is a good idea

[cluge]

One of the biggest problems with voting machines is cost per use. Voting machines are relatively" expensive and are used at most twice a year, and often only once every 2-4 years. If they aren't being used, they are simple taking up room in storage (which costs money).

Cost Advantages:
NOW as distros like knoppix have proven, putting a full featured desktop on a CD is possible. That being said - putting your "voting machine" on a CD, and using standard PC hardware makes a lot of sense. You don't have to buy a bunch of larg proprietary machines that only get used ones in a while. The CD's can be verified. If one is careful it would even be easy to use hardware already in place - or obsoleted hardware. Such a system would also use a simple standard printer to print an encrypted voter verification (audit) record in case a recount is requested. This should eliminate the long standing problem with most other electronic voting systems (no real audit trail).

Development is spread out over a large not for profit group of programmers with the end result being free. The only real cost is the certification procedure each state decides to institute - and thus it is the state that becomes accountable. If a states procedures are not robust enough to catch dangerous bugs then it's their own fault. I would think that several states go in together and split the certification costs. Since the buy in price is almost nothing (essentially media) the states have more money to play with and spend on voter training AND certification.

Considering Diebold and others - this seems like a natural, easy and simple solution.

Ask not what your country can do for you, ask what you can do for your country - Come up with a simple, secure, reliable voting system on a CD that will boot from standard PC hardware.

SIDE NOTE: If my county uses electronic voting machines that do not have a paper trail - then I will vote by absentee ballot. I would STRONGLY urge any US voter to do the same.

cluge
AngryPeopleRule

Re:Some reasons why this is a good idea

[StormReaver]

I like the idea of using Knoppix on commodity PC hardware for e-voting in combination with Open Source software handling to voting process.

If e-voting is going to be used at all, transparency in the process is paramount. This type of system would guarantee that.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Companies can still make money with open-source

[foidulus]

voting machines. Someone has to provide tech support in case something goes wrong, or barring being able to fix it, idemnity. And who better to do that than the people who made the code?
Just because something is OS doesn't mean that everyone is going to steal your trade secrets. If I were on a local voting comittee, I would almost certainly give the contract to the developer, because their people have the most experience with the machines.
Food for thought for Diebold, but who am I kidding. It will take a long time before people come to see open source as something more than just a bunch of punk kids who don't know how to make money.

Open source is only the start

[YrWrstNtmr]

Publically verifiable code. Sure. The geeks who can read and understand it will, far more than current distros and projects. If only for the novelty.

But then what is needed is a strict, multiparty custody chain, to ensure that the specific, compiled, verified code, as well as the machines it is run on, are what was actually verified.
it does no good to verify codebase X, if what finds its way to the machines is codebase Y

Re:Bad idea?

I'm sorry to inform, but your slashdot account will be suspended until you have read what ESR has to say about Open Source security on this paper: The Case of the Quake Cheats

Hmm, thanks NYT!

[coupland]

libertarian freaks, nuttily suspicious of centralized power', who would 'scream to the high heavens if they found anything wrong'

Hmmm...

libertarian...
suspicious of centralized power...
scream to high heaven if there is a loophole in the democratic system...

Wow, three compliments in a row, Thanks NYT!!!

Re:Hmm, thanks NYT!

[kunudo]

I'm no fucking libertarian. The last person I met who called himself a libertarian had a lookout post by his house where he was always sitting with a huntig rifle & binoculars, spikes on his road ( and sometimes on the public road), and had covered his house in steel plates to withstand gunfire... I don't feel like sharing a label with him. The other two are fine compliments though...

Re:Hmm, thanks NYT!

[loftis]

I'm not sure, but 'nuttily suspicious of centralized power' seems to be opposed by 'sanely contented by centralized power.' Could we reword that as blythly unaware? Or maybe we could call those people sheep. OR better yet, sheeple.

Who was it who said the price of liberty is constant vigilance? Gimme the source code, or don't use it.

Re:Hmm, thanks NYT!

libertarian...

Yeah, try saying that with a straight face next time out sourcing gets discussed. Libertarian as in protectionist.

Re:Hmm, thanks NYT!

[Dhalka226]

Who was it who said the price of liberty is constant vigilance?

Thomas Jefferson. Nitpick: "eternal vigilance," not constant.

Misses the point

[14erCleaner]

While this article was nicely supportive of open-source software, the author misses the real problem of computerized voting: lack of auditability.

There is a growing consensus that, in order to be trustable, election machines have to produce a paper ballot that can be hand-counted in case a recount is required. See, for example this article for a authoritative discussion of the issues by a recognized expert in the field.

Re:Misses the point

[gonzo_bozo]

Come on people! Just like no single person can be trusted for counting votes, a single machine no matter how much it is verified cannot be trusted either. There is a zillion places where you can put backdoors in a machine. Don't just think software you herds of code monkeys :), think hardware! Chips can be easily substituted or even tampered with at the synthesis, place and route or when produced at the foundry and detecting this tampering is in most cases totally out of reach of any human being. The worth of winning an election for political parties and some mammoth companies is so ridiculously high that virtually nothing is impossible for them.

What we need is as many machines as possible designed by as many people as possible with opposite interests and that have to come to a consensus on each vote cast. These "machines" already exist folks. There are human beings.

And a paper trail "in case a recount is needed" is no panacea. You can still steal an election with a paper trail if it is not systematically recounted.

It *IS* mentioned.

From TFA:

A group of civic-minded programmers known as the Open Voting Consortium has written its own open-source code.

A little late

[demachina]

Its unfortunate the U.S. is just waking up to the massive threat evoting poses to democracy. As slowly as most local governments move I wager most of them are going to go in to the next election with machines that are easily rigged. I would now lob out the conspiracy theory that the Republican's are going to use them to steal the next election but I'm starting to have my doubts. If the Republican's hold the White House and both houses of Congress, and even better achieve their holy grail of a filibuster proof majority in the Senate, which is where I think rigged voting machines is most likely to come in to play, the next election will be meaningless because the Republican's will have a defacto dictatorship in place by then, especially if they are blessed with another 9/11 they can use as an excuse to trash whats left of the constitution.

The doubts I have about this scenarios is that I'm of the opinion the election was really stolen when the media, the DNC and DLC moved Kerry from also ran to front runner and all the Democratic primary voters followed along like so many lemmings.

With Kerry as the Democratic nominee we are faced with a situation where Bush may win no matter how awful a job he does, or how dangerous he is, because no one can stand Kerry, especially after the Republican's shred him with $200 million in attack ads. He is unfortunately a two faced hypocrite and totally unlikable. I'm pretty sure Karl Rove danced a jig in the White House when Kerry moved to front runner status. I find myself hoping that the Democrats will come to their senses at the convention in Boston and realize what a loser he is and throw the nomination to Edwards. He may be inexperienced but at least he is likable in a Clintonesque sort of way.

If Kerry does win I doubt the establishment will mind, he is after a spoiled rich kid and member of Skull and Bones so he will look out for the establishment interests first, and the people's interest not at all(except to get reelected). He really doesn't seem to differ all that much from Bush. He's pretty much a fan of the war in Iraq, the only time he wasn't was when that was necessary to get the Democratic nomination. He seems to be a fan of the Patriot act and intrusive big brother government, again the only time he wasn't was when that was necessary to get the Democratic nomination. As soon as he had the nomination sowed up he rushed to the center and his first proposal was for a tax cut for corporations. He is a man in the pocket of the establishment if there ever was one.

I hate to say it but democracy is in a state of complete collapse in the U.S. There is a very small group of powerful people who decide who will be on the ballot, the media en masse anoints them and by the time it gets to the voters they are little more than a rubber stamp.

Rigged, closed source evoting is just another level of control to make sure the American people don't make a mistake and elect somebody that might upset the apple cart.

You can look at Iraq at the moment and see this same process in action. Iraq was supposed to get sovereignty and a U.N. representative was supposed to choose an interim government. Instead the U.S. appointed Iraqi governing council suddenly picked the government with massive back stage manipulation from the U.S. and surprise, surprise they are picking a man who has been on the CIA payroll for years as prime minister. He is a carbon copy of Chalibi who was the U.S. man until he fell in to disfavor. The U.S. is even interfering in the choice of the figurehead president to make sure he is pro U.S. versus the previous frontrunner who wasn't entirely a fan of U.S. occupation.

Our government is great with the empty rhetoric about freedom and democracy but if we ever found a way to actually get it they would freak and the current plutocracy would put a stop to it in a heartbeat. I find myself truly wishing Nader had a shot at the Presidency. He would be a train wreck but it would upset a very entrenched and corrupted kleptocracy. I'd just like to see it and we could start a pool on how long he would last before he was assassinated.

Re:A little late

[mtrisk]

Democracy in the U.S.? Now that's a novel idea! No, seriously, presidential elections have never been democratic. Thanks to the electoral college, the entire country could vote for Bush or Kerry, but the electors for each county don't have to vote that way. Instead, they could all vote for Nader if they want!

That said, I think somehow this lack of democracy actually prevents this sort of "dictatorship" because even if a party rigged an election, the electors don't have to follow the vote.

And it's been done before - there are cases of electors casting their votes for other people than their county voted for, to prove a point or because they don't like the candidate.

So, lack of democracy saves democracy. It looks like our founding fathers were insightful genuises after all.

Re:A little late

[obdulio]

In Brazil, where electronic vote was used in the last presidential election, the guy who was running for the ruling party,Jose Serra, lost. And the guy who was running for the opposition, won by a 70-30 margin.

Maybe it's time that you challenge your concepts.....

Re:A little late

[demachina]

Not sure I follow your point. Just because electronic voting can be rigged doesn't mean it will be. If it is rigged it doesn't necessarily have be the ruling party that does it. It is thouroughly possible to make electronic voting reliable by tightly controlling the source, the builds and the signs on the binaries as well as having a paper trail to allow a recount. Unfortunately the U.S. machines have none of this. Does Brazil, or India?

Who manufacturers Brazil's machines and do they have poltical leanings? Did Brazil's voting machines produce a paper trail and has there been a recount using that paper. If not how do you know if Brazil's elections were honest. The same applies to India's recent election where the party out of power won.

In the U.S. it happens that most of the companies that are manufacturing electronic voting machines are controlled by rabid Republicans, Diebold in particular, so the Republicans have a much easier go if they want to tamper with the election using these machines. The 2002 Georgia election sets off all kinds of alarm bells that someone may well have tampered with the election to the benefit of the Republican candidate. The victory of the Republican Senate candidate in particular was crucial to Republican control of the Senate which dramaticly improved their ability to implement their agenda without interference from the Democrats(though the Democrats can use the filibuster to stop the worst of the Republican agenda).

Its also a weakness in the American case for "Freedom and Democracy" that the CIA in particular has had a long and well documented history of rigging and influencing elections outside the U.S. CIA veterans have in fact already attempted to influence U.S. elections, that was at the root of Watergate, though everyone seems to have forgotten about that.

Since the current administration has some really disturbing totalitarian tendencies its not a huge leap to posit they might be willing to apply the CIA's methods domestically to cement their hold on power.

Maybe it is a farfetched conspiracy theory, but the only way to make sure it doesn't happen and to protect real democracy is constant vigilance, healthy distrust of those in power and a grassroots effort to insure elections are tamperproof. Since American elections have historically been tampered with by both major parties you know its always a possibility. The introduction of electronic voting machines without a paper trail just made it vastly easier to do on a large scale.

Re:A little late

[pommiekiwifruit]

But with these machines, you will get proof that America is behind the president 110% !

That would be perfect!

[crashnbur]

...because Microsoft would be in charge of validating our ballots!

Re:That would be perfect!

[WindBourne]

...because Microsoft would be in charge of validating our ballots!

I suspect that it would be however wrote the best worm that would control the election.

Re:That would be perfect!

[The+Original+Yama]

In a way they are already... Diebold machines run Windows.

No Paper Trail, No Confidance.

[Suburbanpride]

I voted on one of the new Deibold machines here in San Diego, and it didn't instill much confidence in me, thanks to everything I had read about Diebold. but even if the machine was open source, it still wouldn't make me confidant unless there was a paper trail. It was spooky just go up to a console, insert a card and hit a few buttons. It didn't feel like voting.

As bad as the old punch card system were, I liked the feeling of knocking out a chad, and then being able to see an actual physical representation of my vote.

With the amount that counties are already spending on these machines, it can't cost much more to add a printer.

Re:No Paper Trail, No Confidance.

[Radon+Knight]

Here's an idea... you enter in your vote to the computer. The vote is registered electronically (easy counting) and then the machine spits out a card with the votes you just picked mechanically punched on a card that's clearly labeled so that the voter can scan it and verify "hey, yeah, that's my vote!"

The voter then must deposit the mechanically punched card in a box on the way out... maybe the card has a unique bar scan so that the vote isn't electronically registered until the card is returned at the end.

Benefits? (1) Ease of electronic voting, (2) paper trail, (3) you can't prove you voted a certain way to someone who wants you to throw the election.

Ok - what's wrong with this system? Why won't this work?

Re:No Paper Trail, No Confidance.

[man_ls]

There must also be no way that the vote tally is readable by a human ... being able to prove you voted for who you marked also means you can prove to someone else you voted a certain way -- and this opens up the possibility of selling/buying votes, leveraging votes for employment purposes (boss says "prove you voted for Canidate X or you are fired.") and the like.

Optimally, have the machines store the vote using a *proprietary* hashing algorithm. Open-source the entire thing except for that module, which would be developed by, I don't know, the Census Authority or some other agency. Or perhaps developed by the local Supervisors of Elections, such that the algorithm could be localized and it wouldn't matter to anyone outside that area. Something like a reversable hash of the sum of the voter SSN and binary string of possibly canidates and votes -- thus someone couldn't vote for the "acceptable" canidates, get a baseline hash, and then force everyone to compare to that or fail.

Have the computer generate two copies of the ballot on a label printer. You take one, you drop the other in the box. The Supervisor has a program at their office which they read, it deconstructs the hashes into something meaningful, and scores them up.

This has the benefit of:
*You have a printed copy of exactly the same thing they have.
*There is no way for the average human, without "insider knowledge" or at least insider access to a scanning device, to determine who you voted for.
*You have a receipt of your vote, machine-readable in case there is a descrepency.

In essence, it's a double-blind voting system. The only people knowing what numbers correspond to what votes would be the developers of the hash algorithm, but the entire rest of the codebase would be open-sourced so there is no possibility for "losing" votes in the machinery somewhere.

Re:No Paper Trail, No Confidance.

[Pantheraleo2k3]

Here's another idea: Once you're authenticated, you select a candidate and the machine prints a receipt, which goes into a window. If it's good, you push a lever so it goes into the counting box. If it's not, you push the lever the other way (kinda like your epiglottis) and the recipt falls into a shredder/high-head environment/vat of ink/other instrument of destruction and you start over

Re:No Paper Trail, No Confidance.

[zsau]

I quite enjoy using a pen and paper to cast my vote. I still don't understand what the US has against it.

Re:No Paper Trail, No Confidance.

[thayner]

Problem is politicians would have easy access to scanning devices. They are as you say "insiders" and election officials work for them. So soon, people would be selling their votes. Admittedly, both sides would be buying them so nothing would really change, but still not a good idea.

Re:No Paper Trail, No Confidance.

[man_ls]

At least here in West Palm Baech, FL, the Supervisor of Elections controls all the voting........only election staff actually get to play with the equipment.

Sure it's a public building, but it's not public to where people can go in and play with stuff.

Re:No Paper Trail, No Confidance.

[Flingles]

"I voted on one of the new Deibold machines here in San Diego, and it didn't instill much confidence in me"

I know why. Here is an actual snippet of code from the voting machines. I worked hard to get this.

printf("Enter a number to vote");
listoptions();
//Gives the user a list of options
scanf("%d",&fakevote);
//Store their choice in this variable
actualvote=rand()%(10)+1;
//Tell them to bend over

Would be nice, but unlikely considering government

[SilentChris]

At first I was going to say "Of course the government should adopt open source voting machines," but then I looked at the current situation:

* The government doesn't display the diagrams to locks it has in its buildings.
* Most of our miltary documents and weapondry are completely classified (can you tell me what exactly Area 51 does)?
* Some of our most cherished documents (like the Constitution) are protected by systems meant to place them underground in the event of a nuclear war (Google it). But how exactly does it work? Who has access to the documents afterwards? The secret shadow government that's up and running in case of an emergency (Google it).

Fact is, very little of government is open source anythin. And yet the US has gotten along for over 200 years. While that doesn't necessarily mean things have been done "correctly", it does mean they've been sufficient enough to keep the country going. The chances we're going to change course now is unlikely.

Re:Bad idea?

[AstroDrabb]

It seems you are confused about how open source works and its benefits. Imagine 3 detectives looking over a murder crime scene for clues. There is only so much that three detectives can do. Now imagine 1,000 detectives all looking over the same crime scene for clues. Your odds of finding clues goes up considerably. This is similar to open source. An open source voting application would literally draw thousands (including myself) of developers interested in looking at the code. The final code would be a version that ran through the "guantlet" and passed. You wouldn't put out just any-ole-code. That would be silly and _would_ defeat the purpose of open source and would make it easier for a crimianl to under-hand the system. The code that we would use in the voting machine would be the code that passed the communities scrutiny and thus most likely found all possible holes, espeicially those that a criminal would want to take advantage of.

Re:Bad idea?

I fucking hate TNT.

Re:Bad idea?

You sir, are a dumbass.
Besides this part, your reply is a very good one. He very clearly told that he could be mistaken. No need to call names, ok? :-) Let's tolerate and behave.

"Nuttily suspicious of centralized power"?

Are they crazy? Were they asleep throughout the 20th century?

Re:Bad idea?

I trust me. Ultimately I serve me. Therefore if I am in a position where you need to trust me it is in your interest that you can make sure I don't screw you.

Actually, it is in your interest that you don't NEED to trust me and that even if I wanted to screw you, you would have ways to find out and deal with it.

I am sorry, but what was your point?

The Quote is partly inaccurate and out of context

[voss]

"Open-source enthusiasts, by contrast, are precisely the sort of people you'd like to see inspecting the voting code; they're often libertarian freaks, nuttily suspicious of centralized power, and they'd scream to the high heavens if they found anything wrong."

The actual complete quote is saying that open source paranoia and nuttiness is a GOOD thing
and notice the word "often" which is not in the slashdot posters quote. It changes the tone and the facts of the article.

Exactly

[commodoresloat]

If you can't trust the public with information about voting machines, why trust them to elect our leaders at all?

Re:Exactly

[smagruder]

This is also the one of the arguments I make about making democracy more direct. If the people cannot be trusted to directly decide issues, then why should they have any say?

Re:Exactly

[ndpatel]

because one of the things the founding fathers attempted to protect against was the tyranny of the majority. an elected official can (theoretically) recognize that while a large percentage of people feel one way, a small minority feels a different way, and make policy to reflect that. if you just let the majority decide, the minority opinion nevers gets taken into account. besides, even if democracy was more direct, someone has to come up with the choices....

Re:Exactly

[shepd]

Q: Should we end emacipation?

A: ( ) YES / ( ) NO

Re:Exactly

because one of the things the founding fathers attempted to protect against was the tyranny of the majority. an elected official can (theoretically) recognize that while a large percentage of people feel one way, a small minority feels a different way, and make policy to reflect that. if you just let the majority decide, the minority opinion nevers gets taken into account.

Good thing too. Otherwise the opinions of poor little Big Oil would never be heard over the oppressive rule of the common people.

Re:Exactly

[smagruder]

Yes, this is the typical high school civics class propaganda. The reality is that there's no such thing as a stagnant "majority".

Re:Exactly

[smagruder]

You're making the typical (wrong) assumption that more direct democracy removes Constitutional protections automagically. Nobody in their right mind advocates direct democracy as a full replacement to the republican framework.

Re:Exactly

[shepd]

>You're making the typical (wrong) assumption that more direct democracy removes Constitutional protections automagically.

Ahhh, sorry. I suppose constitutional amendments don't count. That's fine. Allow me to rephrase, then:

Q: Should everyone making less than $250,000 be without any form of tax, while those making over $250,000 be imposed a sliding tax rate to produce a total income after tax of less than $250,000?

A: ( ) Yes / ( ) No

Re:Exactly

[smagruder]

If that's what the people decide after a period of deliberation, then Yes. It doesn't matter if it's right or wrong in your eyes. If the people decide it, then it's the law. On top of that, if they realize at a later time their choice was incorrect, they are free to roll it back.

Of course, your response is a good representation of the hobgoblins of mob rule that are trotted out in response to any calls for expansion of democracy. "Oh no! but the people are stupid and won't consider at all what they're doing! The world's going to hell. Oh no!"

The people as a whole are far smarter than anti-democrats think they are. They *have* to be smarter than the shitheads we elect. 100,000 heads are better than 535.

Re:Exactly

[shepd]

>The people as a whole are far smarter than anti-democrats think they are.

If only. To prove adults are just as stupid, Penn and Teller did their own DHMO questionnaire and presented it to a set of people who should be best informed on such issues, environmentalists. The majority of them voted in favour of banning water.

200 year tradition of open source method

[wombatmobile]

In Australia voters get a piece of paper and a pen.

Uh.............. that's it.

The counting takes a lot less time than it took the New York Times to organize the Florida recount, and the method supports unlimited error checking.

Re:200 year tradition of open source method

[weapon]

And the only problem you could ever encounter is a bad pen!
I'm also from Australia and usualy we know the winner of the election, if not on the night by monday if it is close!
Dave

Re:200 year tradition of open source method

[bill_mcgonigle]

Same here in New Hampshire. Not all of the US is so stupid. The "issue" is getting enough people to count the votes - apparently in urban areas there simply aren't enough volunteers interested in democracy. I say BS, but that's the story.

Of course they could pay people to count votes for much less than voting machines cost. That never occurred to them, apparently. Nor did knocking on the high school's door.

Let the candidates count their own damn votes...

[kippa]

WTF is the problem? Let Bush count his votes and Kerry count his...whoever gets the higher number of votes wins! Yay! Even with dead people and Martians voting for Bush, there's no way he can count past his toes and fingers.

Re:Bad idea?

[demachina]

"the only ones who know if there's some backdoor or buggy code are the people who programmed it."

A correct statement but in need of a slight clarification. The only people who are likely to know about intentional rigging are the ones who do the build that actually gets installed in the machines. I imagine most of the geeks who developed the software in Diebold's machine would have no clue about any wrongdoing. The rigging is more likely to be done by a group resembling Nixon's plumbers who are highly loyal, believe what they are doing is right in some twisted way and able to keep secrets.

Thats why its extremely disturbing to hear about massive last minute changes in the software loads on Diebold's machines in the eleventh hour before the 2002 election in Georgia, which resulted in a stunning Republican upsets for the Senate and Governor, or in the last election in California.

Trust an open-source voting machine?

[mbottrell]

Not as long as Linus is a republican! Gawd, I would just settle for a GPL program that gave me next weeks lotto numbers... hmmm. maybe they ar the same?

Re:Bad idea?

/me thinks geeks should be less distracted by computers and more involved in Politics .. Your country (USA) is quickly losing all of its rights.. a Vote for John Kerry isn't exactly a good one.. I hope you realise he is in the Order of Skull and Bones just like Bush.. many informed people are considering him a patsy.. I'm sure he will continue the Bush trend.. so in the end i guess all is lost. You can't exactly vote for Nader either because that just means Bush has more of an edge. The same goes for Canada also. The conservatives are no good. Paul Martin has yet to show his real face. He is heavily hooked up with big business and the elite societies. A vote for the Green party would be a moral one but i'm not sure it is of any help.. The next big 'terrorist' attack i fear for both of our countries.. and the worlds.. EU = Evil Union..

Electronic voting machines. Bah humbug!

Instead of using the current electronic voting machines, I propose a significantly more robust and secure system:

Everyone email me their votes. I will tally them in my head and dump the results on IRC.

Voting has always been 'open'

[YrWrstNtmr]

Mark an X, punch a hole in a piece of paper, write a name...and a bunch of your fellow citizens (from all sides of the political spectrum) count them, by hand. Any questions - "I demand a recount!"

Only recently has it gone into a black box. The magical computer.

A move to continue the 'openness' would be advisable, no matter what the technology.

And there's a reason the exact capabilities of military weapons are classified. If someone were to want to attack you, would you want them to know the exact maximum range of your guns and where they are deployed?

Re:Bad idea?

[Tim+C]

Well, if you're going to be that paranoid, then you need some way of confirming that the code running on the machine you're about to cast your vote with is indeed the code that you have access to. Also, you need to know that the hardware isn't compromised.

Open-Source is NOT the answer

[yawhcihw]

Through code review and auditing IS the answer.

Look at OSS today: yes, the code IS there, but NO, it is NOT inherently more secure than closed source, because few people seriously review the code. OpenBSD does it right: they have independent review of their code on an ongoing basis, and look at where it's gotten them. The security of their software is well above average.

Experiments have shown that it takes solid, talented auditors to expose weaknesses in any code: Joe Schmo can't just glance at OSS and tell whether it's good or not. So the answer ISN'T Open Source, it's through, independent code review.

Re:Open-Source is NOT the answer

[GodOfNothing]

What you say has merit. It is the independent code review by experts that will reveal the flaws.

However, if the software is not open source then someone must choose the independent experts. What if a decision was made to only allow access to a selection of these experts, denying access to certain others?

What if the body that chose independent reviewers has been compromised? Some of those chosen could be shills or incompetent. What if the expert who would have spotted a critical flaw was among those not selected to review the code?

In short, how do you guarantee that independent code review occurs without open source?

Votes wouldn't be lost under this program

[Stevyn]

They'd just be under /dev/null

Actually, regular voting is open source if you think about it. The ballot is checked off and goes into a box Everyone can see the process and how it works. Using proprietary machines is like giving your vote to an employee of a private company who hauls them off in a van and then reports the tally. If these machines were based off open source software, then you could possibly have a huge number of developers working on the project in their spare time that diebold could never compete with. Think of how many people would be going through the code to find mistakes.

I don't think we should imediatley switch over, but slowly as to allow many people the chance to look over the code and find bugs or backdoors. The system doesn't need to be that overly complicated either. We're not talking about installing a huge linux environment on these but rather something from emebeded linux.

Going open source shouldn't be the issue here, it's why we went to a closed source like diebold that is what's the question.

It is the protocol that is insecure, NOT the code.

[barfy]

Electronic voting machines need to make human readable paper ballots that *can* be hand-counted. Anything short of that opens up the elections to all sorts of tampering that can be undiscoverable, even if the code is "open source."

You can collect the votes, in a variety of electronic methods, that will meet the needs of quick reporting, but ultimately the votes need to be auditable, which means being able to recount by some manual method.

The ballots need to be human readable so that they can be verified by the voter AND the auditor.

If the protocol is secure, then it doesn't matter if the code is open source, or closed source. Whatever. As a taxpayer, I would hope that they choose something that is as inexpensive as possible that provides a secure and auditable voting record.

Re:Bad idea?

[mikeswi]

"I could be mistaken,"

You were correct until you got past that first comma.

You seem to be missing the point of open source software. Anyone with the interest to do so can look at the code. If there is an exploitable flaw, it will be spotted and corrected. If the system allows someone to rig it to favor a certain candidate, that also will be spotted.

Re:no reg req link!

I love tartar sauce.

OSS is not necessarily the answer

the answer is to NEVER USE COMPUTING DEVICES for voting (unless they are used to create a physical artifact like a punch card).

It doesn't matter if the code is open or closed. All the open code does is make it cheaper, simpler and probably more well-audited. But that doesn't solve the fundamental problems: nobody can ever know what goes on inside of a computer.

You don't know if the code you compiled from the voting machine website is the same as the code on the machine. Even if you got a computer expert to recompile all the code for all the machines and check with MD5, you still have no idea that the machine's screen isn't *lying* to you.

Human beings can't see bits and bytes and electronics. But they can see holes in a punch card or marks on a scantron. If the election is contested you can still count by hand, 50 times if you need to.

Open source software, great, sure, but make sure there's a paper trail!

Geeks are "un-American"...

[mariox19]

Because only "nuttily suspicious" "freak" would be upset to find out there was voting fraud!!!

Here in the U.S. today is Memorial Day, the day we remember all the "nutty freaks" who fought and died for our country -- very many of whom fought to protect our freedoms. Some, in fact, even died to ensure the right to vote for those that had been denied.

There's a kind of haughty cynicism among those who write opinions like that in the NYT op-ed.

Re:Geeks are "un-American"...

Because only "nuttily suspicious" "freak" would be upset to find out there was voting fraud!!!

Of course!
Everyone else would stay as quiet as possible about them. They don't want their own plots and frauds revealed, do they? ;)

Our future? In geek's hands!

[General_Tso]

I don't know about you, but I don't trust these geek people whoever they are. And the stuff they write and read on the internet! Oh, awful. Don't trust them, I tell you!

Re:Bad idea?

[ron_ivi]

"I could be mistaken, but wouldn't open source code for voting machines make it that much easier for someone to hack the machines if they so desired?"

If it was a serious question... the answer is no. If it's open source, you will have a higher ratio of "good honest skilled people" vs. "bad people" trying to find security problems with the software.

If it's closed source, almost all the people looking for security holes will be "bad people".

(PS: Was this a serious question or a shot at Funny?)

New York Times...

[Badanov]

I, for one, welcome our leftist journalistic overlords

Verification

[simpl3x]

I think that the idea of open source, paper trails... is that people are quite capable of policing themselves. Whenever we're required to trust the white middle-aged man behind the curtain, it leaves a certain distaste. Democracy should have democratic, open tools. If I could check my vote on a website, as with a lottery ticket, you'd be damn sure that I would if my candidate lost. Oh Yah, he did...

Perhaps this is exactly what we need as a democracy... people invested enough to check on their votes.

Auditing is the real problem

[5n3ak3rp1mp]

If every one of these voting machines printed out a line on some old dot-matrix printer in another room the instant every vote was cast, a technical difficulty would be a minor inconvenience instead of the catastrophe it is now, due to the audit trail. Cringely hints as much in this column: No Confidence Vote: Why the Current Touch Screen Voting Fiasco Was Pretty Much Inevitable

What about india?

[mindstrm]

I mean, they are a democracy that's voting population absolutely dwarfs the US of A.

THey have an electronic system that, although not impervious to fraud, is simple, elegant, and cheap, and gets the job done. The systems are so simple that it would be very difficult in practice to actually cheat.. and if you could doctor one machine, the damage you could do would be quite limited.

Re:What about india?

[ashwinds]

The EVM system introduced this year made a big difference. Though the voting process took over 3 weeks, the results were counted and out in about a day!!! bet the TV networks were not too happy about that - usually they have over 2 days to mull over this. No "invalid/doubtful votes" either - now wonder if Bush would be in power without those ??? There was FUD that EVM's could be rigged too - but not sure about those articles.

Re:What about india?

[mindstrm]

I'm sure they could be rigged.. but such rigging would have to be on a massive scale, on par with rigging a paper election, to be effective, at least, that's my understanding.

The problem with the diebold system is that it would have been far, far too easy to rig the results of a machine with devastating consequences.

Security vs Obscurity

[Gathers]

"If you take a letter, lock it in a safe, hide the safe somewhere in the city and then tell someone to read the letter, that's not security. That's obscurity. On the other hand, if you take a letter and lock it in a safe, then give someone the safe along with the design specifications of the safe and a hundred identical safes with their combinations so that he and the world's best safe crackers can study the locking mechanism - and you still can't open the safe and read the letter - that's security."
- Bruce Schneier in his book Applied Cryptography

dead kennedys: please save us !!!

democracy über alles !!!
we don't need no machines, please !!!

Lluis Vila

Come to grips, pal

[coupland]

It's this kind of right-wing republican rhetoric that really pisses me off. Do not voice an opinion if you have no idea what you're talking about and are only looking to fill /. with your ignorant fear-mongering. I DID NOT cover my house in *aluminum siding* to withstand gunfire. You're a quack.

I did it to keep the aliens from reading my thoughts...

Re:Come to grips, pal

[kunudo]

Actually, I'm not even close to republican (I vote socialist... :) but whatever... I was simply stating facts about the last person I met who called himself a libertarian...

Oh, and by the way, you should have bought tinfoil, it's cheaper... quack quack

Sure

[ScrewMaster]

Would it be reasonable to expect a typical New York Times columnist, nuttily supportive of centralized authority, to "get it" when referring to open source? Still, I suppose we have to take it where we can find it.

NEW YORK TIMES DETECTED

Better double-check the facts to make sure they're not lying again.

Re:It is the protocol that is insecure, NOT the co

A friend used to be an election judge in Florida several years ago, and he described to me the electronic voting system they had in his county. I think it's the best protocol for electronic voting.

Voters were given a mark-sense ballot and a pencil. They colored in the bubbles for their votes, and then inserted the ballots into an electronic ballot box. The ballot box would read the ballot, display its interpretation of the voter's choices on the display, and ask the voter to verify. If any part of the ballot was unreadable or bubbled wrongly (i.e., they voted for both Bush and Gore), the machine would kick out the ballot and ask the voter to try again. Upon the voter accepting the verification of their ballot, the machine would drop the ballot into a locked bin.

This gave instant voter verification of the machine's ability to read the ballot correctly, provided the election authority with an instant estimate of the result upon closing the polls, and kept a paper trail marked by the voters themselves for any contingencies. I'm not sure if they routinely counted the ballots by hand to certify the result, but clearly that would be possible with this system.

Re:Bad idea?

[E_elven]

>I could be mistaken, but wouldn't open source code for voting machines make it that much easier for someone to hack the machines if they so desired?

To amend the other posters: like modern cryptography, this issue shouldn't be about whether you can hide what you're doing so no malicious user can exploit that knowledge, simply because eventually someone will find a way into the system.

The system should be designed so that even when it is clearly visible what is being done, it's impossible/unfeasible to break into the system. Again -all modern hashing and encryption algorithms (=instructions) are fully public and viewable by all. The reason they're secure is that even when knowing all the information (bar the passphrase), it would take millions of machine hours to forcibly break the encryption.

Re:It is the protocol that is insecure, NOT the co

[/dev/trash]

What we don't need is proof on how I voted. Too easy to manipulate someone that way.

Re:Bad idea?

Exactly...some of us are still in high school, and relatively stupid when compared to the rest of the Slashdot community. In any case, this has become a +0 comment...so who cares? :)

--GW

Re:Would be nice, but unlikely considering governm

[/dev/trash]

If the shadow gov't is a secret how do you know about it?

Re:Bad idea?

[initialE]

He's got a point here. Whereas open-source exposes vulnerabilities that could be exploited, the reality is that it would take far too long for anyone to detect these vulnerabilities, publish them etc etc. And what do we do when you realise it's susceptible to fraud? Recall the president you elected 6 months ago? Even worse is the fact that even though you show a system is vulnerable is no evidence that someone has exploited it. You'd possibly be invalidating results with no partiicular reason. Lend me 2 cents, will you...

Re:Bad idea?

[SomeGuyFromCA]

Have *you* really read and understood that paper?

Have you understood that the two major problems (wallhacks and aimbots) stem from the facts that a) in order to keep the GAME running smoothly, the GAMEplayer's computer needs to know stuff that the GAMEplayer doesn't and b) the GAMEplayer can cheat by taking advantage of the computer's superior reflexs and calculating abilities?

Did you even read the paragraph where ESR points out that the problems mostly come from trading off security for performance? Did you see the sentence where ESR states that "a closed-source program [...] is indeed a good idea for security -- but only if you're a hyperadrenalized space marine on a shooting spree."?

Or did you just skim the essay and then run off to post?

Yeah, thought so.

New York Times

Where they one that got defaced by that Amo guy?

Carnivore, Echelon, whatever

I think I just made the watch list by replying to this post.

Ba-bah booie, baw baw booey, Howard Stern's penis. Bah bah booie.

I thought that you would end it with this link:

[PaulBu]

www.reason.com, judging from the subj of your message... ;-)

Agreed with everything else you said though. And let them call us "libertarian freaks" rather than "dirty hippies"... ;-)

Paul B.

Re:Would be nice, but unlikely considering governm

[Pendersempai]

Voting isn't like other governmental processes. It's way more fundamental than anything the government does. That is, its openness and reliability are prerequisite to the political mandate upon which we (ideally) found our trust for the government to do other things behind closed doors.

Re:Bad idea?

[M.+Baranczak]

1. Yes, you SHOULD be that paranoid, unless you don't care if people steal elections.

2. There have been various schemes proposed to guarantee the integrity of the code - basically, a super-secure source control system to keep people from making unauthorized changes, and an independent auditing body that oversees development, tests for bugs, and supervises the installation of the software, then seals the boxes. The idea being to have multiple, redundant levels of oversight for EVERY step of the process, and to keep that oversight transparent to the public.

Doing it right will take a bit of work, but it's definitely possible. It'll never be 100% secure, but way more secure than just handing Diebold a check and trusting them to act professionally.

Re:It is the protocol that is insecure, NOT the co

Anything short of that opens up the elections to all sorts of tampering that can be undiscoverable, even if the code is "open source."

You must be new here if you've never heard of crypto...

In BRAZIL

[obdulio]

The last presidential elections were completly done in Electonic Machines and the results were damm right. Jose Serra, the candidate of the ruling party (the one that the ones in power woudl have favored )lost by a 70 to 30 margin and Lula Da Silva, the opposition candidate (whose people had no way to turn the results in favor of him) won.

The code is open to everybody to audit, everyone one can open up the machines to verify that the code they are using is the same that was audited. And a printed ballot is generated for every vote, just in case someons complains, so the results from the electronic machine can be verified against the printed ballots.

In the last US Presidential Elections, in Florida (a state whose governor is the BROTHER of one of the candiates, and the one who won in that state), the voting was manual. And the results were contested.

Being from a South American country, I was completly pissed off. If what happened in Florida, had happened in an underdeveloped country, everyboby would have cried "FRAUDULENT ELECTIONS".
What does make you, FUCKING AMERICANS, better than the rest of the world? Why do you believe that your country is an example of democracy, what makes you believe that you are a superior people?

Americans are the same as everyone else in the world, simple humans beings, without any superiority due to the fact that you were born whitin certain boundaries and I was born outside that boundaries.
http://yro.slashdot.org/users.pl
Wit h what reason do you invade other countries, support dictatorships and dictators like Pinochet and SADDAM? If you are not aware of the facts, SADDAM HUSSEIN was a creature of the US, and the WMA that he used against Iran and the Iraqui Kurds were provided by the U.S. in the REAGAN era.

Why do everybody hates THE UNITED STATES OF AMERICA (not AMERICA, which is a continent)? I'm Brazilian, I have traveled all over the world and I never, EVER, meet someone who hated Brazil. But I meet hundreds of people that hated U.S. of AMERICA. Can anyone of you, yankies, explain it?

Great!

[kreyg]

I hereby transfer all rights to this invention to the public domain:

Pen
Paper

But that's not where the biggest problem is....

It's a voting system. No matter how secure it is you still won't be able to fix the type of user errors that result in votes for George W. Bush.

Open source code is key

[texas+neuron]

The key is not if the code is open source where anyone can submit modifications, the key is that the source code be open so anyone can verify any potential issues with the software. A second written record that is the official vote is also key. This way you can routinely recount a number of boxes to look for programming errors and actually conduct a 100% recount if required.

Wait...

[pympdaddyc]

Of course, one of the justifications was that open-source enthusiasts are 'libertarian freaks, nuttily suspicious of centralized power', who would 'scream to the high heavens if they found anything wrong'."

Are you suggesting that it isn't true?

WTF

Why in the hell is this idiot anarchist rant modded +5 Insightful?

Pretty much every point is factually incorrect, and that's just the parts that aren't paranoid and delusional. Seriously, if anybody smoked more crack than the ranter, it's the mods.

A Republican dictatorship? The evil of the establishment? A kabal of kleptocrats?

This isn't Reed.

Re:WTF

[demachina]

Perhaps you would care to provide some point by point rebuttal to make you're case. Until you do you're the one thats ranting.

As for the Republican dictatorship I'd suggest you just watch CSPAN when a major piece of controversial legislation comes up. The gem last year was the so called "Medicare reform". The Republicans have taken to rewriting legislation in secret conference committees, no Democrats allowed which is a blatant trampling of congressional rules, where, rather than reconciling the bills between the House and Senate, they rewrite the legislation at the behest of the White House, usually in the form of Dick Cheney. They then force it through with a party line vote unless the Democrats filibuster. I don't think you will find any scholars on the congressional process who will tell you what the Republicans have been doing the last two years even vaguely resembles how the founding fathers laid out our democracy. They knew their design was fragile and it was just a matter of time before it was trampled, and we have reached that point.

The only three brakes on the Republicans at the moment are the Senate filibuster, the Supreme Court, and the conscience of Republican congressmen. If in the next election the Republicans managed to get 60 senate seats and Bush gets to appoint one or two extremist supreme court judges two of those brakes will be gone and the U.S. is headed for a velvet gloved dictatorship unless Republicans congressman rebel. That is basically what Jeffords of Vermont did in 2001. He was shocked by the extreme track Republicans were taking and switched to Independent to briefly break their control of the Senate and stop them. Thanks to the suspect election in Georgia in 2002 it was a brief respite.

If the Republicans don't get 60 senate seats I wager they will try to change the Senate rules to defang the filibuster next year. They were already hinting at it in the floor debates over the fact the Dems were using it to block extremist judicial nominees.

As for kleptocrats what else would you call all the companies that are currently feeding at the Federal trough, whether it be insurance and drug companies feeding off the travesty of a medicare bill, Haliburton, Bechtel and Blackwater war profiteering in Iraq, energy companies waiting their turn if the Energy bill ever passes, defense contractors raking in money from a sky rocketing defense budget. Republican's may talk the talk about free markets but when the U.S. government is redistributing the massive sums it is, much of it borrowed, there isn't any free market in sight. It is a kleptocracy where the backers of the people in power get to engage in wholesale theft of tax dollars.

Re:WTF

Come on, it is obvious that the guy is a part of the republican astroturf campaign.

Re:WTF

Are you another one of those individuals who have an opinion on everything but don't really know what's going on and don't want to find out?

Insightful because there were good point made, such as:

I hate to say it but democracy is in a state of complete collapse in the U.S. There is a very small group of powerful people who decide who will be on the ballot, the media en masse anoints them and by the time it gets to the voters they are little more than a rubber stamp.

Though in my opinion, "Democracy" in the U.S. is in a state of complete collapse because people simply don't care anymore. All they want is their SUVs, cheap gas and the government to take care of them.

Reg Free Link

[saroth2]

Registration Free Link to NYT Mag Article You can make a reg free link by searching for the article name on google news and copying the url.

Re:It is the protocol that is insecure, NOT the co

[skasingularity]

If the electronic voting system can't be trusted beyond 1 tally, why use it at all? I'm all about integrating new technology into society, but it just seems like what we will end up with is a touchscreen that prints a ballot and counts the votes. If anyone suggests a recount, the paper balltos will be counted, and we will be back to square one.

Re:Bad idea?

And the people who successfully hack it.

-- vranash

My Theory of World Events

[Pair+Annoyed]

Arnold the Govenator will progress in political power and skill and become a well known Sentator. Compared to Boxer/Feinstien, that isn't hard to do. People in the Senate will hear his constant pleas to let foreign born citizens be president and will eventually help him champion his cause with the millions of donations from Hollywood. After all, Arnie will do so much good, why wouldn't we want him. Meanwhite, Saudi Arabian backed US company HonestElections buys Diebold and continues its products. Next presidental election, many, many foreign born citizens run who were excluded before. The election is a nightmare to predict and oddly enough, a Saudi Arabian born citizen becomes president. The vote count is guranteed by Diebold, as it is today. Nobody can question it as there are no permanent records that Diebold couldn't fake. The US takes a change, perhaps for the better but definately not due to voter's desires. Now if you wouldn't trust a foreign owned Diebold, why would you trust an American owned one who has so much more at stake with each election?

Why closed source (Diebold) was chosen

[YrWrstNtmr]

Because, currently, there is no alternative .

Governments, at all levels, are not necessarily averse to open source tools. Linux and others are used in many state & local governments.

But there is no finished, deliverable, open source voting method. Right now. Today.

So when they looked around for an e-voting solution, what other choice did they have? Start a new project, which may or may not be done in time for whatever election they wanted to use it for? Or listen to the nice man from Diebold, with a packaged solution, ready to go.

Unfortunately, now they are finding out some of the problems in that choice.

endorsement

[The+Big+Ugly]

bah! what endorsement? are we forgetting that the NYT is part of the liberal media. who needs 'em.

Re:Bad idea?

[snoig]

I think the issue here goes deeper than security. When software is created to enforce laws, they become the law. So the issue boils down to should we have laws that we can't review. If we have no way to check up on a law, then we really don't know what that law is and there is no way that we can allow this to happen in a democracy.

Re:Bad idea?

[tmyklebu]

A minor point, but it has not been proven that it is computationally infeasible to break midern cryptography. We don't even know if factoring and discrete logarithm, for instance, are NP-complete. (Nor, famously, if P = NP or not.)

How about...

[jte]

...suspicious of unchecked privilege.

And

>With closed source voting machines like Diebold's, the only ones who know if there's some backdoor or buggy code are the people who programmed it.

And the politician(s) that paid them to put it there.

It only works if the whole process is verified...

[WhiteDeath]

And exactly what will guarantee that the people who progam the machines used the "open" code, not a copy they hacked for a fee?

You would have to have several people bring in a copy they checked, or trust, then run a diff on all the copies (so that even if you paid off almost all the people, you would still get a difference somewhere). Then compile and upload it to the machines under group supervision.

The biggest problem here is not reducing the number of people that have to be compromised to an insignificant number (such as one or two).

Re:Bad idea?

many informed people are considering him a patsy

Patsy for what?

Why the snipe against EU. I have great hopes for it.

Not a bug, but a feature

[highwindarea]

Geeks being "'libertarian freaks, nuttily suspicious of centralized power', who would 'scream to the high heavens if they found anything wrong'." is not a bug but a feature.

Libertarian? This is a fucking joke.

First off, fuck you NYT!
The Libertarian party is nothing but a means of dividing the left. Most Libertarians have very liberal social views, ie pro personal rights and anti government intrusion. This pro personal rights agenda, has been and always will the policy of the left. This is a liberal idea, you know like it doesn't take a freakin' genius to see that the "L-I-B" in Libertarain is the same L-I-B in liberty and gasp, astonishment from the crowd . . . yes, it's the same L-I-B in liberal.
And yet, these fucking morons who call themselves Libertarians fall for the dupe of the convervative right that wants to limit every damn thing anybody does and get into everybody's private lives by splitting from those who share their liberal values over petty minded nitpicking crap about fucking taxes. If you don't want to pay your goddam taxes then start a goddam business.
The Libertarian party is the best trick the right has ever come up with. For that, I applaud them. But for the NYT to paint the whole Open Souce community with this epithet I spit at them. You fucking pigs!

Re:Libertarian? This is a fucking joke.

[Nephilium]

Wow... as a Libertarian... I'm surprised to hear that my political views are the same as the left... I'd be surprised to hear that they are the same as the right as well...

The arguments against the left is the whole "Big Government is good for you"... the argument for the left is *some* of the beliefs on the personal rights side...

The arguments against the right is pretty centrilized into the religious right and the drug war... the arguments for the right is *most* of the tax policies fit closer into the Libertarian idea...

The arguments for the Libertarians are the stuff that most people don't care about and or know about... Personal property rights (Eminent Domain abuses)... licensing to keep business markets closed... The hamstringing of personal rights (smoking in bars... what I'm allowed to do on my own property)... and stuff like the enumerated powers act (Sure... right any law you want... then please reference inside the bill where the Constitution gives you the ability to regulate this...)

And starting a business to not pay taxes... are you insane??? Have you ever seen the tax laws for businesses??? Realize that employers need to match most of the taxes you pay...

Nephilium
"The difference between a moral man and a man of honor is that the latter regrets a discreditable act even when it has worked." -- H. L. Mencken

Re:Libertarian? This is a fucking joke.

[psykocrime]

That's just ridiculous. Libertarians have much in common with the Right... so much so that we're often referred to as "Right of Right." Likewise, we have much in common with the Left... so much so that we're often referred to as "Left of Left."

Given your logic, it makes just as much sense to suggest that "the Libertarian party is the best trick the left has ever come up with."

Re:Bad idea?

[MrNonchalant]

Well obviously a lot of people do, with much more their single vote. Next time you insert your bank card into an ATM check the manufacturer's name on the front. There's a fair chance it's Diebold. Personally I trust just one person, myself.

Re:It is the protocol that is insecure, NOT the co

[fucksl4shd0t]

Jesus fucking christ! Why are there so many people posting that printing a receipt from a voting machine somehow provides proof on how an individual voted? Why can't the voting machine just punch a regular ol' card and give it to you? Why can't it just print out a register-style receipt and give it to you, without any name/number/individual identifier on it? So you vote for Kerry and the machine prints out a receipt that says "Kerry-D" and you go dump it in the box. At the end of the day, we get a nice report from the software that says "Looks like Kerry won, waiting for confirmation." So we all *know* Kerry won, but we're waiting for all the human counters counting up all the receipts that say "Kerry-D" "Bush-R" or "Nader-I" or whatever. In the meantime, we get our immediate satisfaction.

After confirmation, we can now archive *electronically* the voting record, which, if you recall doesn't include any personal identifiers. We also stick the other votes in whatever archival format. Ideally there'd be another count and a record-by-record count of the database to ensure the electronic record is identical to the paper record, any differences are noted, and the whole thing is cryptographically signed and proliferated to various mirrors and put up for download by the general public. So now we can all run our own reports on it.

What's so hard about that? It's about as cut and dried as it gets. We get all the benefits of having electronic voting, and we get all the error checking of our current voting system, and we lose *nothing* in the process (except a few bucks implementing the thing). But we gain in speed of reporting (but wait the same amount of time for confirmation, which we would have waited anyway), we gain the ability to archive every single election that ever happens, and we gain the ability to push those archives out to the rest of us for review. Democracy gets better! Hurray computers!

Socialists - what's that?

[Frodo420024]

I thought we were socialists?

I hardly remember who said that - was it Microsoft? Don't listen, they don't know what they're talking about :)

Libertarians may be a pain in the ass (myself included), but they're good for Freedom. Founding fathers would have taken the NYT statement as a compliment, I do.

Re:Socialists - what's that?

[Atzanteol]

Founding fathers would have taken the NYT statement as a compliment, I do.

Can you be so sure? Many just didn't like the idea of a hereditary government, but still believed in a strong central authority (John Adams, for one, thought the 'president' should have more power than he does).

So many people love to put words in the mouths of the 'founding fathers', yet rarely does anyone know anything about them...

And yet another argument...

[joel.neely]

Here's another metaphor that supports the same position: food product packaging (in the US, at least; I'm ignorant of international regs) is similar to open source security. When buying a can of soup (or whatever), I'm entitled to a label that tells me what's actually in the can - both ingredients and nutritional breakdown. Unethical manufacturers *HATE* this, because it allows the consumer to make informed choices, thus giving us leverage on quality and price, but they simply aren't allowed to sell a product labeled "This is good for you; just trust us!"

(Just how much they hate it is evidenced by the occurrence of labels with weird arithmetic, such as a container I saw recently which claimed to contain 1.8 servings! They're still trying to pull something on those who don't read carefully, but at least the "open label" gives us access to the data - even if they try to obfuscate the source. ;-)

Re:Bad idea?

Well, the point is that they DONT know the bugs. They just know there ARE some (due to lex statistica).

Re:It is the protocol that is insecure, NOT the co

If the protocol is secure, then it doesn't matter if the code is open source, or closed source. Whatever.

If an attached printer produces the critical audit trail, then one must establish trust in the software that produces that audit, and all of its inputs. A bug in the keyboard handler could produce an audit trail that agrees with the electronic tally, but does not represent the voter's choice.

For the all-time scary software story, read about Therac-25

You mean....

[sepluv]

You mean there are closed-source voting machines in the USA? LOL.

Ummm...what happened to the voting/counting process being open and open to insepction by anyone?

You would think that they'd at least give some source to fool USans into believing that they live in some sort of pseudo-representative democracy (as Bush claims that he was democratically elected and that the US is a democracy).

Process

[awol]

Jeez, people. All this demand for "paper trails" in electronic voting is just neo-luddite crap. How do you think scruitineering works in reality anyway? Most scrutineers will watch the count with their exit polls in their hot little hand and a fairly good idea about how that electorate has voted in the past (that's why they are often the oldest hands in the process). They might from time to time check the tallying process being performed by the various counters but generally the results are being monitored by all sides and everyone knows when something doesn't smell right, because it is so at odds with the result they expect. This is why exit polling and the like are an integral part of the process.

The whole thing is about trust. What is needed is an acceptable, _permanent_, _public_ record of the votes cast. We can even design a means by which this public record can store a means of allowing a voter to identify their vote (there should be no need to store the identity of the voter with the vote). That way if the returning officer has doubts about the result (via their own suspicions or complaints raised by candidates) then they can return to the public record and if the worst comes to the worst get those that are worried about the result to confirm their votes. You see, if the votes tallied are not the same as the votes cast then some of the complainant voters _must_ have had their vote recorded incorrectly. Identify one such voter and then the result in that polling station is clearly problematic and should be passed further up the process in the court of disputed returns (or whatever it is called in your jurisdiction). This scenario can only really occur in the case of fraud or a bug in the software. In either case, the CoDR should have the legislative framework to enable it to act upon the scenario and resolve the issure even if that means a new election for that station should be the result if it matters (remember a given polling station may have no impact on the result of an election, depending on the voting mechanism).

Needing to have a paper trail is really a lack of trust in using technology in the process. Which is fine if thats what you want, but in that case let it go and just use paper ballots. However, technology can really make democracy very effective in a number of ways... Simplifying the distribution of the voting apparatus to remote locations, counting votes on a huge scale, rapid and accurate results to name but three. That is without even considering the potential to have many more decision passed through plebecite vote if the tech could make it really simple. Which it can. I think?

Whatever

[essreenim]

This is really at the fabric of OSS.

Of course OSS is the choice for e-voting.
This is yet another slow and awkward tripup of a stumble of a walk for mankind.
We could have and should have been using e-voting with paper trails in a proper PUBLIC implementation many moons ago, but like most issues, paranoia and synicism are were too rampany in most of the Earthlings and alas here we are...

Re:It is the protocol that is insecure, NOT the co

[/dev/trash]

Seems redundant to me. Just punch the card and put it in the box.

Re:Bad idea?

Yep. Have read it. Have you? Or did you just skim the essay and then run off to post? ;-) It's a good paper and there's more than you pointed out. Reasons why Open Source based security models beat closed source. Yes, the point is there, but I'm not going to summarize it to you. Maybe you should try to read it again and this time understand.

ESR and RMS are not the same.

[jbn-o]

I wouldn't say the same is true of both ESR and RMS. What RMS says and does is far more sensible than what ESR has been known to stand behind. For instance in this kerfluffle, ESR chimed in with an essay which contained this example:

"You claim that 'To date no other product comes to life in this way', presenting Linux as a unique event that requires exceptional explanations. This is wrong. Many other open-source projects of the order of complexity of the early Linux kernel predated it; the BSD Unixes, for example, or the Emacs editor. Torvalds was operating within an established tradition with well-developed expectations."

But to those who know the history of the two movements it comes off oddly, as though ESR were trying to get credit for work he didn't do; to claim that the Emacs text editor was in any way an "open-source project" doesn't jibe with the timeline of what work started when. Emacs was started by RMS for the movement he helped found -- the free software movement. This work and the work of the other two examples ESR gives all occurred before the open source movement began, so it seems like a revisionist view to push aside the important philosophical differences of the two movements. I'm reminded of an essay by fellow open source advocate Mark Webbink (chief lawyer for Red Hat) on software licensing which dishonestly uses the concept of copyleft to break up various licenses for better understanding without giving any credit to the FSF folks or using the word "copyleft" which predates the essay by about 20 years. Torvalds may find some philosophical common ground with the open source movement, but the Free Software Foundation continues to tell us that they stand for a different philosophy than that of the Open Source Initiative.

In another instance, the differences between ESR and RMS were noticed by one Usenet poster (also this article which refers to personal attacks from ESR).

Calling all 'nutty libertarian' types!

[Seth+Cohn]

Have you looked at the Free State Project?

From the intro:
The Free State Project is a plan in which 20,000 or more liberty-oriented people will move to New Hampshire, where they may work within the political system to reduce the size and scope of government. The success of the Free State Project would likely entail reductions in burdensome taxation and regulation, reforms in state and local law, an end to federal mandates, and a restoration of constitutional federalism, demonstrating the benefits of liberty to the rest of the nation and the world.

The current Libertarian Presidential nominee, Michael Badnarik is a member, as are almost 6,000 others. New Hampshire is a very tech friendly state, considered to be one of the best places to live, no income tax, no sales tax, low unemployment... Join us! We're already making a difference in NH, and most of us haven't even moved yet!

Check of the voting system

Could be done in other ways too. E.g. the voting machines could print something like the receipts and the random small pattern of the voters could be checked after the voting if their votes were included correctly. It needs to be sophisticated a bit to include a good level of the anonymity of the voter and on the value of his vote but in the principle this can check the results better than the scrutiny of the code.

Attn Mods: grandparent of this post is stupid

[coshx]

yup, i totally missed that line. nonetheless, it's noteworthy that the OVC is not trying to be a replacement for Diebold-type systems, but rather is stressing a different attitude towards eVoting (besides the idea that it should work!).

thanks for catching my error.

A meta-note: the Times is not what it should be.

[jbn-o]

It's unfortunate that this article appears in the New York Times because of their role in promoting the invasion of Iraq based on lies (everyone from Judith Miller up the chain of power through Arthur Sulzberger, Jr. at the head of the Times organization should be fired or resign). Thousands and thousands of Iraqis died because of this war based on lies, hundreds of American servicepeople died because of this war based on lies and the Times was a big conveyor of the lies. As a result, all of their articles (even ones which call for reasonable measures like this article does) will be thought of as less than what it could have been.

Listen to the last segment of Democracy Now! today or read this chapter of "The Exception To the Rulers: Exposing Oily Politicians, War Profiteers and the Media That Love Them" and you'll hear an argument for putting a social stamp of reduced value on the New York Times. I would rather people judge all articles in all publications ad-hoc, in a case-by-case basis and then promote those that call for reasonable things (like this article promoting electronic machine source code mostly does) and dismiss those that are lies (like Miller's articles promoting war against Iraq). But I doubt people will somehow become so independant.

It was proper to fire Jayson Blair and his superiors for his lies, but nobody died because of those lies. The Times apology is half-baked and there largely for political sake. At the Times, Sulzberger Jr., Miller, and everyone in between them at the Times still have jobs and the Times is still seen as the imprimateur of high quality journalism. It should be obvious to everyone now that that is shameful and inappropriate.

Why Change ?

[rtb61]

Why is there any pursuit of electronic voting at all. A manual vote count process re-affirms the concept of democracy, by the involvement of people in the full process and reflects that an election is all about the people and their choices about the future direction of their government. This desire to reduce human involvement in the election process just dosn't make any sence and dosn't reflect the importance on an inclusive election process. Electronic voting just seems to be a pointless excersize in achieving a cheap (with all its connotations) election and a cheap democracy. So what if it takes longer and costs more, the election process should include as many people as possible, after all it is all about people.