Slashdot Mirror
NY Times Endorses Open-Source Election Software
jdauerbach writes "On its editorial page today, the New York Times called for election system reform, saying among other things that 'Congress should impose much more rigorous safeguards, including a requirement that all computer code be made public. It should require that all electronic machines produce a voter-verified paper trail.'"
Actually, contrary to the subject line of the original posting, the NYT isn't calling for open source code, only publically available code -- the two are obviously very different, and clarity is useful. (Many e-voting experts use the term "disclosed source".)
Well, if they controlled both, but the Republicans would still control the House, you would still have a split system. I was just accounting for all possibilities that would lead to a split system.
And with the Senate, anytime a party has more than 40 seats, it can be a major impedimate to getting legislation done (not that that's a bad thing!). A 51-49 majority in the Senate doesn't guarantee that you can do what you'd like either, although it's easier.
A fine is a tax you pay for doing wrong and a tax is a fine you pay for doing all right.
IIRC, The paper record is per machine, not per vote. After the polls close, each machine prints out a record of the votes recorded on it. So therefore there is a way to double check that the tabulations from all the machines is correct, but not that the tabulation on any given machine is correct. Now granted this does make it harder to modify the final tally, but it is far from impossible.
It also doesn't address machines crashing, poor user interfaces etc.....
Monstar L
International election observers noted several issues with the US election process this year. One of the criticisms in their report is electronic voting without any transparency or a paper trail. One of their recommendations was also to use open source code software for the voting machines. Here's the link
Your pizza just the way you ought to have it.
What people mean by "verified voting" is:
a) the voting machine produces a 'voucher'
listing the canidates whom the voter selected
b) the voter can, in the privacy of the voting
booth, review this voucher for accuracy
c) the voucher is placed into a ballot box
for the vote to be counted, the voucher
itself _is_ the legally binding vote
You are absolutely correct to rail against a receipt which the voter takes home with them. I've personally witnessed Diabold people purposefully mis-represnet verified voting as providing a take-home receipt. Worse, I've had people I've talked to randomly on the air plane talk about it as if it is a good idea!
I was at a conference for Privacy, Security, and Trust a few weeks ago here at the university where I work, and there were two very interesting papers presented by people who had given this idea serious thought. Both papers, in PDF format, are available here and here.
Diebold's "paper trail" is an end-of-day record on a long thin "cash register strip" showing how many votes each machine took in for each candidate and issue.
:).
...and:
Problem 1: it's glitchier than a Microsoft Windows early beta. I've talked to Alameda and San Diego County pollworkers who tried to collect these at the end of the day, only to find that in some cases nothing printed and in others the printout didn't agree with the on-screen end-of-day tallies! And that was different machines in a single polling location.
Problem 2: this printout isn't done as the votes happen, but rather as a single end-of-day "run" under polling place supervisor control. If the machine crashes at any time during the day (which happens often enough), that'll cause the tallies between the memory card "electronic ballot box" (PCMCIA) and printout to vary.
Problem 3: this printout isn't open to public scrutiny. I've seen Public Records Act/FOIA type queries for copies fought by county elections officials across the nation, probably because photocopying a 12ft strip of 3" paper is a bitch
As to code scrutiny by independent labs:
The Federal Election Commission approves testing labs for reviewing voting machine code and products. They're the only ones allowed to see the source code on this stuff. The two biggest are Wyle Lab's elections operation in Huntsville, AL and "Ciber Inc" (formerly Metamore) also in Huntsville.
First, all of the voting machines in current use are certified by these labs to standards written by the FEC in 1990. You heard that right. There's also a 2000 standard by the FEC but since all of our electronic voting machines were built prior to 2000, they can be re-certified under the 1990 standards "forever", until the vendors announce significant enough upgrades/revamps to trigger the Y2000 review process. Which NONE have seen fit to do so far.
It gets worse.
We have 13,000 leaked Diebold memos floating around that document, among other things, Diebold lying to the testing labs. In one case, huge amounts of customized code used in WinCE was declared to be "Commercial Off The Shelf" ("COTS") and not subject to source code review.
The exact phrasing of these internal memos and a security analysis of their implications can be found at:
http://www.equalccw.com/sscomment.html
http://www.equalccw.com/sscomments2.html
Ain't puked quite yet?
Diebold Corp. in Ohio bought Global Election Systems in 2002 (Canadian company) and renamed it Diebold Election Systems. Global's first voting products were written on Unix boxes, where they wrote their own "Accubasic" compiler for some core vote-tally processes. When porting to Windows, they went to great lengths to get Accubasic working on the new platform. OK, query me this: if I'm writing the compiler and I'm publishing source code for scrutiny that's run through that compiler, how in the hell is the source code reviewer supposed to know what's REALLY going on!?
Ahh, but this presumes "bad intent" on Global's part, which normally isn't something you presume. Except that Global was founded in 1988 by three guys name of Norton Cooper, Charles Hong Lee and Michael K. Graye, all three of whom have prior felony convictions in the US and/or Canada for stock fraud, investment scams and the like. By 2000, Global hired a guy name of Jeffrey Dean as lead programmer on the central vote-tally product (GEMS, "Global Election Management Software", still part of the Diebold product line). Dean was a charming chap - convicted of 23 counts of computer-aided embezzlement from a Seattle law firm in what a court called a "sophisticated computer-aided accounting fraud". He was literally recruited while still in prison by another Global employee also doing time. See also this document for more details on these clowns:
in austria (as well as germany and most other countries i know if), we use paper ballots described in the parent. the election ends at 5 pm. the unofficial end result is presented at 7:30 pm. ok, we're a small country but this really scales. germany has like... 50 million voters and the unofficial (99,9% accurate) result is presented 2-3 hours after the election ended. so, this really doesn't take too much time...
christian
As a result the US government MUST OWN the code that counts the votes. This can never be proprietary.
The US government isn't allowed to own copyrights to anything -- anything they develop directly or that's done as a work-for-hire for them is automatically public domain. (For this reason, there's a lot of code that's written by government contractors and remains under their ownership, even though the reason behind its production was government use).
Effectively, then, any government-developed voting system code would be public domain -- which would be, IMHO, entirely ideal.
He is not the editor in chief of the "Times" as you say. He is the "public editor" aka ombudsman aka watchdog.
This map was in a recent issue of Newsweek. It shows what voting technology is used in each county of the US.