Slashdot Mirror
NY Times Endorses Open-Source Election Software
jdauerbach writes "On its editorial page today, the New York Times called for election system reform, saying among other things that 'Congress should impose much more rigorous safeguards, including a requirement that all computer code be made public. It should require that all electronic machines produce a voter-verified paper trail.'"
The New York Times wasn't hacked?
While I don't disagree in the least with the spirit of the concept of making the system(s) open source, it should be noted that, contrary to popular belief, Diebold asserts that its systems have been scrutinized, including at a source code level, by independent authorities, and that there is also a paper record:
http://www.securityfocus.com/archive/1/375954
I don't know if the paper record is "voter verified", or what mechanism it uses, but there is apparently a paper record nonetheless.
Notwithstanding Diebold's CEO's extremely inappropriate campaign comments, I really do think they're trying to put out the best electronic voting systems they can, but are suffering from the same problems that any large, proprietary system suffers from when it languishes in the comfort of large government-guaranteed long-term contracts: namely, inattention to the details that need to be addressed, that sometimes get lost in not seeing the forest for the trees.
Perhaps opening the source to these critical systems and having it overseen by an independent election agency would be an idea worth considering...
How do we know that the code that is actually on the machines we're voting with is the same as the public code? Even if the public code is compiled and built, then tested to see if it's the same binary instructions as what's going on the mass-produced machines, how do we know that each, individual machine that actually ends up at the voting booth won't be rigged? Who's to say that some dishonest, partisan fuck won't change it at the last minute?
I think Badnarik's solution is the best. Get rid of the official ballots and let everyone bring their own ballot with them so that they can vote for whoever they want, not whoever the ruling government wants to let them choose from. And naysays... believe it or not, but that system is probably less prone to corruption than what we have today.
Click here or a puppy gets stomped!
I'm not convinced that Congress has the constitutional authority to make requirements on state elections like this. Perhaps if a state or county buys a voting system from another state it could come under the 'interstate commerce' clause, but that's a bit of a stretch, and prone to loopholes.
On the other hand, maybe they could claim they are implicitly granted this power under the equal protection clause of the 14th amendment? Any other ideas?
including open source software. If ever there was an arena crying out for inspection it's the voting process both in the US and worldwide. I for one welcome my open source voting software overlords.
Perhaps opening the source to these critical systems and having it overseen by an independent election agency would be an idea worth considering...
And even then, there's nothing stopping Diebold, which has a lot of experience with hardened public computer terminals, from making the interface and infrastructure equipment that runs the code. Yes, they then lose the "lock in" that the proprietary software buys them, but if their other systems and hardware are that good, it won't be a problem. Heck, that kind of openness in the context of the election system code could even be a PR win for Diebold, as the problems become more and more public.
The coming election is probably one of the most important ones in the last few decades, and nothing can really be done to save it from abuses any more.
And after the vote is over, the topic will probably disappear from public consciousness anyway.
When men used to be men
You're kidding! It endorsed an opposition candidate?? Are they even allowed to do that???
Whence? Hence. Whither? Thither.
Despite the fact we have groups tearing up voter registration forms, the actual voting system is the best in the nation. It records your vote in three ways. First, electronically, second it prints who you vote for in plain english on a piece of paper viewed by the voter, and once the voter reviews this paper and accepts the choices, the votes are encoded into a 2D barcode printed after the list of votes, this barcode contains the list of votes for which offices.
The Doormat
If you're not outraged, then you're not paying attention.
...is not the same thing as Open Source. If you doubt me, Microsoft has made their code "public" with shared source. This doesn't mean that Joe Hacker will get a chance to look at it, just that someone outside the voting machine company will.
Granted, I'd prefer if it were truly open source, but I suspect that we're a bit of a ways away from GPL voting code.
Find out about the Lexus Rx400h Hybrid!
Despite the inherent liberal bias of the "New York Times", the "Times" correctly asserts that all voting machines should leave a paper trail. Without a paper trail, we would have no way to verify the validity of the votes cast for a candidate. We also would have no way to identify tampering.
The issue with paper trails has been known in the academic community for a long time. Noted computer scientists from CMU, MIT, and other vanguards of American technology had signed a petition demanding that all voting machines leave a paper trial. The ACM finally officially committed to the cause recently (according to SlashDot). Now, the liberal print media has committed to the cause.
Perhaps, someone can explain why the Department of Defense is still allowing overseas military personnel to cast their ballots by Internet on servers without any paper trail.
Actually, contrary to the subject line of the original posting, the NYT isn't calling for open source code, only publically available code -- the two are obviously very different, and clarity is useful. (Many e-voting experts use the term "disclosed source".)
Could it be that Mozilla's plans to put on a large ad in the NY Times has caused the paper to be more open-source friendly/aware?
I really don't understand the infatuation with high tech voting. For something as critical as voting in a democratic election, I think the engineer's mantra KISS (keep it simple, stupid!) applies. Use paper ballots with the name and picture of the candidate in large print. Above their name, have a big checkbox, and indicate "Check here to vote for candidate". Count the number of ballots issued at each polling station, count the number of ballots that go into the box, and and count the number of ballots that come out of the box. Sure, it will take longer, but how hard is it to screw that up? It could be argued that using a simple enough ballot, anyone who fucks their ballot up is not "disenfranchised", they just fucked up, and it would rightfully be their own fault.
NO CARRIER
There are two kinds of paper trails. One is a readable ballot that must be submitted into the ballot box, and the other is a sort of receipt to let you know whom you voted for.
The first kind is acceptable, and I believe the open voting consortium has this idea correct: the machine should print out a barcode, that can then be verified by another scanning machine. This barcode must then be submitted into the ballot box.
The second kind is flawed for two reasons. First, there is no way to verify that what the computer printed is actually what's recorded on the bar code, or what has been submitted electronically. Second, and more importantly, it provides an easy way for proving whom you voted for. I could tell all of my employees to bring in their receipts, and those who vote for candidate A will receive benefits. Yes, this is illegal, but we shouldn't make it any easier.
what's a sig?
http://www.boomchicago.nl/Section/Latest-News/Boom ChicagoVotingMachine
Mirror: http://politiken.dk/media/wvx/3223.WVX
Let the Slashdot'ing begin ;-)
TCAP-Abort
> systems have been scrutinized, including at a source code level, by independent authorities
These machines are tested in secret and because of IP law and NDAs you will never know the results. The Australians have open source voting machines. Its not that hard to pull off, that is if you CARE about elections. Seems many in power see fraud as par for the course in the US.
So, please excuse me for not trusting my one lousy vote to the CEO of some company which is more secretive with its machines than a 16 year old girl with her diary. Pardon me for taking his partisan comments ("I will deliver Ohio for Bush") as just that: an inapropriate partisan comment.
No conspiracy theories needed. If you keep things secret, someone will find a way to abuse them.
>and that there is also a paper record
Err, people want paper tickets they can verify and put in a box for recounts. Attaching a printer to a voting machine at the end of the day is hardly a "paper trail."
International election observers noted several issues with the US election process this year. One of the criticisms in their report is electronic voting without any transparency or a paper trail. One of their recommendations was also to use open source code software for the voting machines. Here's the link
Your pizza just the way you ought to have it.
I am a very liberal new yorker who gets the times every day at home. And if you read the technology section, in the thursday paper, you will quickly come to the conclusion that this most august of american journalistic institutions does not know its head from its elbow when it comes to comsumer electornics. ONe can only hope the editorial board is better informed.
I am afraid that even if the public pushes the opensourcing of the voting code, they will make it available under a "shared source" license a-la M$. That's better than closed source, but definitely is not enough. The general public might think it's enough, but it isn't since the code creators will continue to have exclusive rights over a piece of software that is of extreme importance to the society. The voting code must be available in the public domain or under a mini-license that could be compatible with all other common licenses like GPL, BSD, CC, CPL, et cetera. The Federal Government publishes its information in the public domain for the common good, why the voting code should be any different since it is intended to benefit the whole society? (whether this happens in practice or not is another story). The Federal Government should pay the code creators not just for the right to use the code but also for the transfer of copyright and then the code should become public domain (since everything coming out of federal agencies is publicdomain).
One of the major problems with keeping track of voting records is that you don't want to give away too much information to the public on who voted what, while at the same time, keeping everything hidden will draw cries of foul play, tampering, et cetera. So here's an idea - one-time voter cards.
Lemme explain. They would be plastic cards, about the size of a credit card, with a random ID and password on them in print - long enough not to be memorized by passer-bys, but short enough to make it humanly possible to type later on. Also on the card is a magnetic strip - think something like a credit card. Now, when you show up at a voting center, they hand you one out of a pile - it's in a sealed envelope, so they haven't a clue as to which one they hand you. You go in the voting booth, slide your card through the machine, and vote. A paper trail is produced with your barcode and adjacent votes - but not anything that could be used to ID you later on - and you slide your card again. It registers your votes on the card, and you leave.
Now, the votes are tallied, and the results are given. However, the election isn't over yet. An open database is publically produced, with barcode/vote combinations, and the voters then mail their cards to be tallied and compared to the database. If the paper trail doesn't match up with the card count, something has gone wrong, and all votes without cards, cards without votes, are cast out.
I know this still has some flaws, but I'm curious as to what the Slashdot community thinks. One thing I was worried about is that in checking on your barcode, you may become ID'd in that manner - although compared to other methods, I think the chance of something like that, for example, through an encrypted channel online, is a lot less likely. Comments?
NIST did a great job with the AES competition (to develop and standardize a new block cipher to replace the aging DES) - why don't they have a competition to standardize a electronic voting machine platform? There's no reason this shouldn't be done on a national basis.
I think that if we as a community put enough pressure on NIST, they'll do it. And since NIST is a non-partisan body, there's no good reason for congress to not support a design that is sponsored by NIST.
Such a process would promote both openness of participation and review of designs. The winning design could then be standardized and vendors could simply implement them to spec.
What people mean by "verified voting" is:
a) the voting machine produces a 'voucher'
listing the canidates whom the voter selected
b) the voter can, in the privacy of the voting
booth, review this voucher for accuracy
c) the voucher is placed into a ballot box
for the vote to be counted, the voucher
itself _is_ the legally binding vote
You are absolutely correct to rail against a receipt which the voter takes home with them. I've personally witnessed Diabold people purposefully mis-represnet verified voting as providing a take-home receipt. Worse, I've had people I've talked to randomly on the air plane talk about it as if it is a good idea!
Pen and paper don't malfunction
What happens when the lead on your pencil breaks? What then? Answer that, Mr. Scientist!
That's right. All your base.
The most important aspect of a voting system is that how one voted remains anonymous. If it is possible for an employer, spouse, parent, or anyone else to have someone 'prove' that they voted red or blue, then organized coersion is likely.
Another important aspect is that the person's vote should not be "sellable". If this mechanism admits the possibility of a card to be sold, then it is a non-starter.
There will be lots of allegations of election fraud and election screwups for the upcoming vote. The closer the races, the louder and more widespread the allegations will be.
However, we won't be hearing "The voting system is confusing and insecure. We need to change it!". We'll be hearing the Democrats say "The Republicans screwed with the results and stole the election!". The Repubicans will be making the same allegations about the Democrats. And both sides will be so busy pointing fingers and slinging mud, the process itself will be completely ignored and will remain as broken as ever.
I am NOT a man!
I am a free number!
Wish we had that here in Venezuela las august.
The voting machines here for the presidential referendum produced a paper trail.Suddenly when there was a doubt of the transparenncy of the whole process (because the voting machines were black boxes, noone knew what the code on them did) the government refused to count the papers from each machine.
Instead, they performed an "audit" where a member of the national electoral council on TV announced that a certain number of boxes would be chosen at random...by another computer running who knows what code on it and after the program was done "generating" the number of the boxes to be audited he proceeded to open a Word document with the numbers on it.
Of course, when the audit was done nothing was found amiss.
Transparent indeed...
Diebold's "paper trail" is an end-of-day record on a long thin "cash register strip" showing how many votes each machine took in for each candidate and issue.
:).
...and:
Problem 1: it's glitchier than a Microsoft Windows early beta. I've talked to Alameda and San Diego County pollworkers who tried to collect these at the end of the day, only to find that in some cases nothing printed and in others the printout didn't agree with the on-screen end-of-day tallies! And that was different machines in a single polling location.
Problem 2: this printout isn't done as the votes happen, but rather as a single end-of-day "run" under polling place supervisor control. If the machine crashes at any time during the day (which happens often enough), that'll cause the tallies between the memory card "electronic ballot box" (PCMCIA) and printout to vary.
Problem 3: this printout isn't open to public scrutiny. I've seen Public Records Act/FOIA type queries for copies fought by county elections officials across the nation, probably because photocopying a 12ft strip of 3" paper is a bitch
As to code scrutiny by independent labs:
The Federal Election Commission approves testing labs for reviewing voting machine code and products. They're the only ones allowed to see the source code on this stuff. The two biggest are Wyle Lab's elections operation in Huntsville, AL and "Ciber Inc" (formerly Metamore) also in Huntsville.
First, all of the voting machines in current use are certified by these labs to standards written by the FEC in 1990. You heard that right. There's also a 2000 standard by the FEC but since all of our electronic voting machines were built prior to 2000, they can be re-certified under the 1990 standards "forever", until the vendors announce significant enough upgrades/revamps to trigger the Y2000 review process. Which NONE have seen fit to do so far.
It gets worse.
We have 13,000 leaked Diebold memos floating around that document, among other things, Diebold lying to the testing labs. In one case, huge amounts of customized code used in WinCE was declared to be "Commercial Off The Shelf" ("COTS") and not subject to source code review.
The exact phrasing of these internal memos and a security analysis of their implications can be found at:
http://www.equalccw.com/sscomment.html
http://www.equalccw.com/sscomments2.html
Ain't puked quite yet?
Diebold Corp. in Ohio bought Global Election Systems in 2002 (Canadian company) and renamed it Diebold Election Systems. Global's first voting products were written on Unix boxes, where they wrote their own "Accubasic" compiler for some core vote-tally processes. When porting to Windows, they went to great lengths to get Accubasic working on the new platform. OK, query me this: if I'm writing the compiler and I'm publishing source code for scrutiny that's run through that compiler, how in the hell is the source code reviewer supposed to know what's REALLY going on!?
Ahh, but this presumes "bad intent" on Global's part, which normally isn't something you presume. Except that Global was founded in 1988 by three guys name of Norton Cooper, Charles Hong Lee and Michael K. Graye, all three of whom have prior felony convictions in the US and/or Canada for stock fraud, investment scams and the like. By 2000, Global hired a guy name of Jeffrey Dean as lead programmer on the central vote-tally product (GEMS, "Global Election Management Software", still part of the Diebold product line). Dean was a charming chap - convicted of 23 counts of computer-aided embezzlement from a Seattle law firm in what a court called a "sophisticated computer-aided accounting fraud". He was literally recruited while still in prison by another Global employee also doing time. See also this document for more details on these clowns:
Feel free to send me an email if you ever want to say something on this topic that I could use while talking to a Free Software fanatic that believes having the source code is enough to guarantee democracy or to publish on our web site.
After a talk with Richard Stallman about the use of Free Software for Electronic Election, I emailed him. RMS sent me the following:
Free software is not enough to ensure that elections are carried out properly.
The software used in and for government should always be free software; the government should always have the freedom to run it, study its source code, change it to suit government needs, and distribute copies to others either unchanged or modified. That way, software owners will not have power over the government's computers. But that is not enough to ensure that computerized elections are fair and honest.
It is easy for a programmer to change a program so that it tells the user "You voted for Mr Smith" but actually record a vote for Mr Brown. Unfortunately, free software does not prevent this. There is no known way to prevent this.
With free voting software, a government election committee can study the source code. If the program has been published, anyone can study the source code. But there is no way to be sure that the program actually running when you cast your vote is the same program that you and the election committee studied. Someone could have installed a fiddled version an hour before the election and replaced it with the authorized version an hour after it ended.
To assure honest elections, we need physical ballots that can be used for a recount.
Don't let the computer/expert control the election. Information for Belgium in french: http://www.poureva.be/
Look at the 2000 election. Look at current presidential polls. The country is pretty much evenly split.
Those of us on the right have been feeling the Republican party jump left for quite some time now.
The Republicans are traditionally the US's conservative party, in favor of (generally) keeping things as they are. The Democrats are traditionally the US's progressive party, trying to change things. The conservatives hold back the progressives so they don't adopt too many short sighted ideas while the progressives keep society adapting to new problems. So Democratic ideas get slowly adopted by the culture and the Democrats of 40 years ago are Republicans today.
This post written under Gentoo-linux with an SCO IP license.
....your quote:
"I am not trying to imply that Diebold was purposely obfuscating their code for any reason..."
I WILL
I will state the diebolds actions to date, and what we have found out, are way more than enough evidence for a serious grand jury investigation that they have tried to obfuscate the code and that it is for some particular reasons, ie, the profits to be gained by controlling the US elections. Let's talk untold trillions of dollars and the most powerful nation on the planet, and what control of the political process is really worth as an incentive for criminality. No other possible criminal "prize" comes close to these potential profits of power and money. these folks should have long ago been investigated VERY seriously, not pseduo play acting investigastions, but serious and highly detailed investigations into attempted electioneering fraud, and RICO violations at a minimum, and if implemented honestly, would probably result in the indictments of a lot of diebold officials and some high level politicians and businessmen.
They are, IMO, attempting to hijack the national vote for massivepolitical and economic gain. They are far worse than Microsoft or SCO in this regard.
And it looks like they will be successful at it, because, frankly, the US people have hit a cognitive dissonance point of disbelief and little action with the sheer overlapping and overwhelming levels of corruption and malfeasance coming from the collusion of government and very large business in this nation. The people have reached a saturation point, gone beyond a pain threshold, been terrorized into sub servience and obedience. Not everyone but such a high percentage of the general population and an even higher percentage inside the governmental and justic system apparatus have been swamped into disbelief and inaction that nothing of any worthwhile results will come of this other than we will have a full bore dictatorship shortly.
It is 2/3rds the way there now, once they finalise their ability to completely manipulate the news, the casting of ballots, the count, the results of the count, and can also control any opposition from any scale by disappearing them or arresting them on bogus charges, then they will have completely won, and it sure looks like they are about exactly at that point in time now.
That is my opinion, based not only on just diebolds actions and realities, but on the state of the nation as a whole, the gestalt now. We have been kicked from so many angles simultaneously and continuously that there's no adequate defense other than curling up into a ball, metamorphically speaking. Yelling STOP THAT isn't working and hasn't worked. "Sueing" the perpetrators WON'T work as they control the justice system almost entirely. Relying on the "enforcers" to notice reality and act accordingly is beyond ludicrous, they just follow orders. Hoping that millions of drones in the bureaucracy will one day act in the interests of the nation rather than their checks is a lost cause, forget about it.
And I'm not being cyncical, I am trying to be as realistic and down to earth as possible.
There is no fix available following traditional business as usual methods. None. It has gone too far for that.
Why would that be "contrary to popular belief"?
I don't care whether Diebold has someone else looking at the code or not.
I care what the code does and how secure the system is.
Without public review, there is no way to determine EITHER of those. You're just relying upon someone else's honesty and integrity (in an election no less).
As others have pointed out, it's useless for the individual voter to verify his/her vote.
Ummm, how BLATANT does the warning have to be before you would choose not to use their service?
Great. Really. And I suppose that having a retarded 10 year old as police chief is okay as long as he's trying to do the best he can.
"the best
What the fuck? They're building a system to record votes. How complicated can it be?
PAPER has worked for CENTURIES. They can't match the capabily of PAPER? They are either incompetent or have an agenda.
"worth considering"? People here have been harping on it for months!
If you cannot provide the same level of security and authentication and validation with a computerized ballot that you can get from a fucking 1 cent PAPER BALLOT then you need to either fire that firm (buh bye Diebold) or re-evaluate your rational for computerization.
As noted in TFA, slot machines are held to a higher standard than voting machines.
Yet thousands of people hammer on slot machines every day.
And the easiest way I can think of doing that is with a nice, old fashined punch card.
The voter chooses at the computer, the computer records the vote electronically, punches the card, and prints the names of the candidate chosen on it.
That way, the voter looks at the card, checks whether the person they've selected is printed on it and then drops it in the box.
Each machine can be verified by matching:
#1. The electronic count to
#2. The punch cards to
#3. A hand count
It's quick and easy to tally punch cards if that's request and if a hand vote is necessary, it's just as easy (but not as quick).
That way, any problems can quickly be tracked to the machine(s).
When are you guys going to wake up to the question of eavesdropping? One I/O bit attached to a slightly long trace that appears to go nowhere, and the machine could squeal on every voter in real time. That may not make it easy to influence the first election, but it would make it easier to make the people who voted "the wrong way" to start feeling paranoid.
Let's say there are going to be ballots provided by the election officials (I just noticed someone talking about Badnarik*'s idea of every voter bringing his own ballot, never thought of that angle before). I'd rather have a slightly more involved, even if more expensive, elections process that invited two or more companies to supply the machines used *at every polling place.* In the fashion of the time-stamp cards in some workplaces -- like the Hallmark store I worked in during high school -- such a device could tell you with a satisfying "WHOMP!" that Yes, this vote has been registered on one side or the other, and visibly increment the "total votes" column by one. Then let the second machine WHOMP the same ballot, and finally put the ballot into locked box for later recount purposes if the two machines disagree.
The kicker: pay only expenses up-front, with a bonus going only to the most accurate machine. There will be votes that are lost / spindled / folded / mutilated; sorry. Mistakes and bugs may be inevitable, but that doesn't mean that "just any system" is good enough.
timothy
* My candidate of choice
jrnl: http://tinyurl.com/c2l8yr / foes: http://tinyurl.com/ckjno5
He is not the editor in chief of the "Times" as you say. He is the "public editor" aka ombudsman aka watchdog.
Experience says that when there is much controversy over solutions to a particular problem it is often because the problem hasn't been properly defined.
Current definition of "The problem:" How to change government in a democracy with open, accurate elections which allow the voter to remain anonymous.
The solution is in the history of U.S. democracy. History tells us that a small group of elite folks (Founding Fathers) decided that the electorate could not be trusted (Electoral College) and that the best overall solution was a restricted form of democracy (representative democracy.) In the years since, the attitude of our ruling class has blossomed into a degenerate, self-serving incompetence-towards-the-whole which threatens the longevity of the nation.
Ask yourself why only the two parties can play and any third party or other outside group gets lead weights hung around the necks of their efforts. Don't think it's true? Go check the election rules for your city, county and state. Two-parties-only is the end result of many very suspicious rules and requirements for other groups or parties wishing to play. The same game of Restriction-via-Rubric-Rules exists at the federal level.
Redefinition of "The Problem:" How to get an entrenched (and very rotten) ruling class to open up the process to open, accurate elections and thus move closer towards achieving a true democracy? In most of the rest of the world -- and throughout human history -- such efforts usually result in civil war.
If you think any elite group will just give it up, open your eyes and your brain at the same time and witness the current bitterness over voting methodologies: When none of the players are willing to be open and honest, then none of the players _are_ open and honest. Bluntly, the last thing either party wants is open, accurate, direct elections.
Do we have a democracy or an illusion, a national delusion that we are a democracy? Has not representative democracy failed when a small group of the very richest individuals and corporations (hey, same group of folks, imagine that) severely restrict who can participate in governance?
You fix this by not sending the same rotten bastards back to Congress time and time and time again. One term and they reek with the stench of corporate cash. In other words -- and let me make this as simple as possible -- the focus on the Presidential election is a red herring, a sleight-of-hand, a trick of the light, a cheap trick, social engineering on a colossal scale, a setup for a SUCKER PUNCH!
So what did the Harvard Republican say to the Harvard Democrat? "You're either with me or against me! *wink wink, nudge nudge*"
Cheers and ciao.
Everything in the Universe sucks: It's the law!
So why does a large related group of Chimp's split into seperate groups. After which the males from each group attack & kill each other (ala Jane Goodall observations). I think human language has evolved to reflect our behaviour not the other way around. The answer as to "why otherwise sane people group and attack each other" is something that is much deeper than name calling. The fact that your post labels a large chunk of the population as "sheeple" should show you that nobody is immune to the behaviour. The best you can hope for is to be aware of it and how it can be used. Sun-Tzu is a good example of using human behaviour. I notice that Bush uses extreme simplification when talking about groups. Everything boils down to, "you're either with us, or against us", I have no idea who is in the "us" group. To belive in "good" means also to belive in "evil". Most people think it is "good" to stop "evil", usually with any means they can. Yet everyone has a different definition of "evil" until they join a group with a "standardized evil". The "standards" are passed on down the generations since it is easy for children to pick up the "standardized evil" used by the family group and modify it in adulthood if you have to.
And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.