Slashdot Mirror
NY Times Endorses Open-Source Election Software
jdauerbach writes "On its editorial page today, the New York Times called for election system reform, saying among other things that 'Congress should impose much more rigorous safeguards, including a requirement that all computer code be made public. It should require that all electronic machines produce a voter-verified paper trail.'"
The New York Times wasn't hacked?
While I don't disagree in the least with the spirit of the concept of making the system(s) open source, it should be noted that, contrary to popular belief, Diebold asserts that its systems have been scrutinized, including at a source code level, by independent authorities, and that there is also a paper record:
http://www.securityfocus.com/archive/1/375954
I don't know if the paper record is "voter verified", or what mechanism it uses, but there is apparently a paper record nonetheless.
Notwithstanding Diebold's CEO's extremely inappropriate campaign comments, I really do think they're trying to put out the best electronic voting systems they can, but are suffering from the same problems that any large, proprietary system suffers from when it languishes in the comfort of large government-guaranteed long-term contracts: namely, inattention to the details that need to be addressed, that sometimes get lost in not seeing the forest for the trees.
Perhaps opening the source to these critical systems and having it overseen by an independent election agency would be an idea worth considering...
How do we know that the code that is actually on the machines we're voting with is the same as the public code? Even if the public code is compiled and built, then tested to see if it's the same binary instructions as what's going on the mass-produced machines, how do we know that each, individual machine that actually ends up at the voting booth won't be rigged? Who's to say that some dishonest, partisan fuck won't change it at the last minute?
I think Badnarik's solution is the best. Get rid of the official ballots and let everyone bring their own ballot with them so that they can vote for whoever they want, not whoever the ruling government wants to let them choose from. And naysays... believe it or not, but that system is probably less prone to corruption than what we have today.
Click here or a puppy gets stomped!
...is not the same thing as Open Source. If you doubt me, Microsoft has made their code "public" with shared source. This doesn't mean that Joe Hacker will get a chance to look at it, just that someone outside the voting machine company will.
Granted, I'd prefer if it were truly open source, but I suspect that we're a bit of a ways away from GPL voting code.
Find out about the Lexus Rx400h Hybrid!
There should be no lock in /wrt vote processing.
The only thing I could imagine being ok to sell with respect to voting, is facilitation. But the act of vote counting MUST be transparent. As a result the US government MUST OWN the code that counts the votes. This can never be proprietary.
They can buy communication and data storage and data security products from diebold to protect the voting data and its transmission. But the vote processing portion must always be open for complete public scrutiny.
There are two kinds of paper trails. One is a readable ballot that must be submitted into the ballot box, and the other is a sort of receipt to let you know whom you voted for.
The first kind is acceptable, and I believe the open voting consortium has this idea correct: the machine should print out a barcode, that can then be verified by another scanning machine. This barcode must then be submitted into the ballot box.
The second kind is flawed for two reasons. First, there is no way to verify that what the computer printed is actually what's recorded on the bar code, or what has been submitted electronically. Second, and more importantly, it provides an easy way for proving whom you voted for. I could tell all of my employees to bring in their receipts, and those who vote for candidate A will receive benefits. Yes, this is illegal, but we shouldn't make it any easier.
what's a sig?
I was going to post this very argument, and here you've said exactly what I wanted to say.
So instead of just saying me too, let me add my perspective as an American who now lives in Germany. The way they run elections here was a real revelation to me. After a lifetime in a culture that is fascinated with high-tech solutions, and where high-tech is uncritically assumed to be better, I was amazed to see that a simple solution was clearly superior.
Voters are handed a piece of paper with the names of the candidates. They take it behind a privacy barrier and mark an 'X' in circles next to their candidates' names. Then they fold up the paper, seal it in an envelope, and drop the envelope through a slit in a box. Then at 6 PM, the envelopes are dumped out of the box and the votes are counted and re-counted by hand. Anyone who wants to can witness the counting.
With this system, a fiasco such as Florida in 2000 (or in a number of states in 2004, as I predict) simply cannot happen. The are far fewer possibilities for error, and the credibility of the result is much greater.
The problem in the US is cultural. The very idea that a low-tech solution could be better simply doesn't cross our minds. For some things in life, we really are better off with more computers and machinery, but for elections, we should just dump them all on the trash heap, all they do is compound mistakes.
Always keep a sapphire in your mind
What is "Despite the inherent liberal bias" for? This issue has nothing to do with liberal or conservative viewpoints, although I might add that I've yet to see a conservative news source spend any serious time on election issues.
Also, I'd hardly call the Times "liberal", it's been pro-Bush for most of the Bush's administration and during the Clinton adminstration it attacked the sitting president on a daily basis - on the front page. Perhaps you are referring to Dowd or Krugman? These arn't part of the NY Times Editoral board, they are OP-ED contributors, pushing one position or the other, in the same manner as William Safire (Nixon's Speech Writer) and David Brooks are there to push so-called conservative positions. The NY Times is far less "liberal" than you think -- perhaps if you stopped listening to Rush Limbaugh for a while you might realize that news papers should be free to explore all sorts of positions, popular or not. A "liberal" news source would be the American Prospect.
NIST did a great job with the AES competition (to develop and standardize a new block cipher to replace the aging DES) - why don't they have a competition to standardize a electronic voting machine platform? There's no reason this shouldn't be done on a national basis.
I think that if we as a community put enough pressure on NIST, they'll do it. And since NIST is a non-partisan body, there's no good reason for congress to not support a design that is sponsored by NIST.
Such a process would promote both openness of participation and review of designs. The winning design could then be standardized and vendors could simply implement them to spec.
Wish we had that here in Venezuela las august.
The voting machines here for the presidential referendum produced a paper trail.Suddenly when there was a doubt of the transparenncy of the whole process (because the voting machines were black boxes, noone knew what the code on them did) the government refused to count the papers from each machine.
Instead, they performed an "audit" where a member of the national electoral council on TV announced that a certain number of boxes would be chosen at random...by another computer running who knows what code on it and after the program was done "generating" the number of the boxes to be audited he proceeded to open a Word document with the numbers on it.
Of course, when the audit was done nothing was found amiss.
Transparent indeed...
Diebold's "paper trail" is an end-of-day record on a long thin "cash register strip" showing how many votes each machine took in for each candidate and issue.
:).
...and:
Problem 1: it's glitchier than a Microsoft Windows early beta. I've talked to Alameda and San Diego County pollworkers who tried to collect these at the end of the day, only to find that in some cases nothing printed and in others the printout didn't agree with the on-screen end-of-day tallies! And that was different machines in a single polling location.
Problem 2: this printout isn't done as the votes happen, but rather as a single end-of-day "run" under polling place supervisor control. If the machine crashes at any time during the day (which happens often enough), that'll cause the tallies between the memory card "electronic ballot box" (PCMCIA) and printout to vary.
Problem 3: this printout isn't open to public scrutiny. I've seen Public Records Act/FOIA type queries for copies fought by county elections officials across the nation, probably because photocopying a 12ft strip of 3" paper is a bitch
As to code scrutiny by independent labs:
The Federal Election Commission approves testing labs for reviewing voting machine code and products. They're the only ones allowed to see the source code on this stuff. The two biggest are Wyle Lab's elections operation in Huntsville, AL and "Ciber Inc" (formerly Metamore) also in Huntsville.
First, all of the voting machines in current use are certified by these labs to standards written by the FEC in 1990. You heard that right. There's also a 2000 standard by the FEC but since all of our electronic voting machines were built prior to 2000, they can be re-certified under the 1990 standards "forever", until the vendors announce significant enough upgrades/revamps to trigger the Y2000 review process. Which NONE have seen fit to do so far.
It gets worse.
We have 13,000 leaked Diebold memos floating around that document, among other things, Diebold lying to the testing labs. In one case, huge amounts of customized code used in WinCE was declared to be "Commercial Off The Shelf" ("COTS") and not subject to source code review.
The exact phrasing of these internal memos and a security analysis of their implications can be found at:
http://www.equalccw.com/sscomment.html
http://www.equalccw.com/sscomments2.html
Ain't puked quite yet?
Diebold Corp. in Ohio bought Global Election Systems in 2002 (Canadian company) and renamed it Diebold Election Systems. Global's first voting products were written on Unix boxes, where they wrote their own "Accubasic" compiler for some core vote-tally processes. When porting to Windows, they went to great lengths to get Accubasic working on the new platform. OK, query me this: if I'm writing the compiler and I'm publishing source code for scrutiny that's run through that compiler, how in the hell is the source code reviewer supposed to know what's REALLY going on!?
Ahh, but this presumes "bad intent" on Global's part, which normally isn't something you presume. Except that Global was founded in 1988 by three guys name of Norton Cooper, Charles Hong Lee and Michael K. Graye, all three of whom have prior felony convictions in the US and/or Canada for stock fraud, investment scams and the like. By 2000, Global hired a guy name of Jeffrey Dean as lead programmer on the central vote-tally product (GEMS, "Global Election Management Software", still part of the Diebold product line). Dean was a charming chap - convicted of 23 counts of computer-aided embezzlement from a Seattle law firm in what a court called a "sophisticated computer-aided accounting fraud". He was literally recruited while still in prison by another Global employee also doing time. See also this document for more details on these clowns: