Slashdot Mirror
OSS Election Systems Desired, but Not Ready
An anonymous reader writes "Even though many American voters are ready for open source systems at the polls, Newsforge (a Slashdot sister site) has an interesting story about why open source may not be ready for the polls. From the article: 'The only open source e-voting effort that Rubin [an e-voting expert] noted was the Open Voting Consortium (OVC). "I don't agree with everything they are doing, but they are all about transparency and open source," Rubin said. OVC President and CEO Alan Dechert says it would take a large investment of time and money to provide an alternative to traditional e-voting systems vendors, but he says an effort known as Open Voting Solutions (OVS) is looking to do just that.'"
What's wrong with paper ballots? They work great in Canada. We even have election results within a few hours, at most. As far as I can tell the only "downside" is that paper ballots are hard to rig elections with.
Religion for nerds. Stuff that really matters
Here in Australia we have a system that works, and has been used already.
http://www.softimp.com.au/index.php?id=evoting
Common sense is not so common
1. Open source. We need to be able to trust these systems and how can we do that without being able to examine the code behind them?
2. Paper records kept for the government. Just in case there is a trust issue, this is a backup method for the recount.
3. Paper records for the voter. Worst case, every voter has a copy of their own vote. Hard to use for a recount, but could help identify irregularities.
So easy. I am all for having the convenience and speed of electronic voting, but I cannot for the life of me understand why we must give up the benefits of paper ballots at the same time, and even improve on them (as in the paper copy for the voter).
"Successful open voting systems that are cheaper, easier to manage, and more transparent than proprietary systems can be found in Australia, Canada, Estonia, and other places."
Perhaps the author meant to say:
"no American vendor offers open source software and systems that are ready for voting."
EVACS started open source under the GPL - but closed the source at a later point.
http://www.elections.act.gov.au/EVACS.html
It is made in Australia, and I was of the impression has been used in elections already.
LetterRip
Can anyone explain me how can I trust OSS running box more than the one running closed software? How can I verify that the software running in the box is the same I verified? How can I be sure the cpu isn't mangled by some foreign goverment? (Since most hw is now made on taiwan..) What's wrong with paper ballots?
I don't care how "open" or secure a system is, I want a paper trail.
We make photo kiosks. Every time someone places an order, we print a receipt. The receipt printer is one of the most reliable pieces of equipment on our systesm. We have about 60 employees. If we can do it, I see no reason why you could not have a voting machine print a paper receipt with your voting selection on it along with a unique, encrypted number. On the way out, the voter places the receipt (or paper ballot, if you will) in the drop box. Once the election is over, if everyone is satisfied with the results, the paper ballots are discarded. If there is a challenge, the paper receipts are counted and compared to the digital count. There should not be much of a difference. If the difference is enough to change the outcome, I'd say go with the paper count. However, if voting fraud is an issue, it will not be a small margin. It is doubtful that someone will try to fraud for only a couple of votes and there should never be more pieces of paper in the box than digital votes cast.
This will allow for a challenge, investigation, and is the only way to provide for a recount.
There is no "I disagree" mod for a reason. Flamebait, Troll, and Overrated are not substitutes.
I haven't really read how this e-voting works, but if it means you can log on to a website and vote from home, wouldn't that make your vote not anonymus? What would happen with the log of your IP, your vote could be traced back to you.
I like paper ballots because they don't get traced back to you, once you put it in the box you have no identity.
I would have thought that the fundamental problem with closed source, in this particular application (not in general), is the fact that it is closed source. For elections to work it is important that the entire process be open to scrutiny. If something goes wrong, you need to be able to look through and find what/where... even if the only remedy is to say "bug x in function y of the source code makes this result invalid, we need to vote again using a different system (eg. paper)". But if the source is not available for scrutiny, you can't do this... you can look at the results and say "that's a bit odd", but you can't trace back to probable cause. This is precisely what closed source software can never get right, whereas OSS does by definition
But if closed source polls can't get it right, what makes us think that OSS polls can?
The difference is that, with an OSS voting system, if there's a problem with the code, the public will (be able to) know about it.
Compare that to Diebold and ask yourself how likely it is that they'd be forthcoming with crucial details if and when something goes haywire with their electronic voting machines.
...my apologies for forgetting Slashdot used HTML formatting for posts by default. Let me repost that entire post, since it's nearly unreadable.
It's funny you should mention that. About a week ago I found http://crp.org/industries/list.asp , did some investigation, and posted the following summary of interesting points on another site I visit:
- The Republicans received $20 million from oil/gas companies, compared to $5 million for Democrats. This sounds significant, but it actually is only significant in how small this amount is (considering how many people say the Republicans are in the pocket of the oil industry). This amounts to 2.3% of the Republicans' campaign donations for 2004.
- Democrats receive a MASSIVE amount of finance from law firms and lawyers - $149 million, or 16.6% of their total finance, compared to $59.9 million for Republicans. This is by far the single largest industry (and the one with the biggest difference in contributions) that I've found.
- There is no significant difference between the two parties in terms of contributions from lobbyists.
- Republicans received $195.8 million the finance/insurance/real estate industries, compared to $136.8 million for Democrats
- Democrats received $111.8 million from single-issue activists, compared to $68.8 million for Republicans
- Democrats received about 2.5% more finance than Republicans ($900 million for Democrats, $880 million for Republicans).
- Democrats received $53.6 million from labor unions, compared to $7.7 million for Republicans.
This prompted such replies as "same shit, different pile" and "I think you've just summed the near entirety of political science" (in reference to the previous quote). If you think one party is morally superior to the other, or that the character of members of one party is superior to those of the other, reality will crush your misconceptions.
You have tried to support your argument with faulty reasoning! Go directly to jail; do not pass Go, do not collect $200!
It's cheaper to count them by hand. A full county wide voting machine system costs a lot of money, a lot of money that could buy a lot of ballot counting labor hours.
I love a technofix as much as the next geek, but computerized voting machines are not the technology for now.
Start Running Better Polls
VOTER: "Okay need to vote...here we go...."
....
........
VOTER: "Huh, it's a command line terminal...Okay..."
Looks at people running the voting place
VOTER: "Excuse me. How do I vote....?...Uh huh...'ls'? Uh huh...'RFTM?' What does that mean...Oh I see. Thank you very much"
ls
VOTER: "Okay there's a file in here called README and INSTALL. I'll look at README first."
after some time...
VOTER: "Seams to be something about a pissed off guy named Richard and something he humps called a GNU...Okay. I'll take a look at INSTALL instead here"
VOTER: "Generic install instructions....something something something, configure....something something make? Okay worth a shot"
configure; make; make install
Checking for sed.....ok
Checking for awk.....ok
Checking for kernl...
30 mintues latter
Checking for libyourmom....ok
Checking for libkitchensick...Found Emacs....ok
Checking for ruby on rails....
ruby on rails not found...
ruby on rails not found.??
ruby on rails not found.??!!!!!!
RUBY ON RAILS NOT FOUND!!!!!!!!!!!!
Ruby on rails is the latest h4x0r dood!!!!!
Install Ruby rails AJAX0r!!!!
VOTER: "Son of a....!"
The (software|hardware) is only as smart as the person operating it.
The same could be said for democracy...
All available data suggest that regardless of any of this, the sun will still come up tomorrow.
The worst part about OSS election software is that someone else runs 'make', you run 'make install', but the install process installs too much crap and trashes some of your local files.
Then, you try to 'make uninstall' but the process fails halfway through and so you're left with a system in an unknown state, with rogue files hanging out everyyear.
But as Thomas Jefferson said, it's doubful that your current system will remain stable forever. Every once in a while you need to Reinstall the Operating System.
94% of Repubs and 21% of Dems voted to renew the Patriot Act
Look. This is America. The nation that led the world in technological development for two hundred years, put men on the Moon a couple of times and invented the personal computer, and now we're saying that we can't even develop a machine that can count reliably???!!! Please. This is not, repeat not a technological issue. It is a political one, pure and simple.
The only reason that implementing a transparent, auditable electronic voting system is such a problem is because there are certain people that have a vested interest in making it a problem.
The higher the technology, the sharper that two-edged sword.
Is closed source ready for the polls?
A blind citizen given a paper ballot has to get someone to help, raising problems of confidentiality and trust.
A computer UI can, in principle, be made easier to follow than a crowded piece of paper. Googling for "butterfly ballot" will get you an example that turned out to be important. A computerized ballot can do validity checking and spare the counting system from having to divine "voter intent" from a double-voted or unreadable ballot.
Those are the only real advantages I've ever seen mentioned.
A simple, scalable, system.
Anarchists never rule
These are a bit trickier than just building a machine that can add 1 to a column, but not THAT much harder.
I would ascribe every digital ballot paper with a hash value that uniquely identifies that paper and would be hard to forge. eg: Have each ballot paper marked with a serial number, then digitally signed by the electoral authorities.
Each voter's voting card would have a totally random public encryption key on it, plus a number. On going to the voting machine, the card would first tick the person off on the list of people who had voted. After casting the votes, the machine would encrypt the ballot paper with the encryption key, then it would append the number to the end. The electronic ballot paper would then, after a random delay, be sent back to the central repository via an SSL connection. The machine would keep no tallies and no records whatsoever. Nor would the local office. It would all be central. (The local office could count votes cast, though, as it would be useful to compare against votes decoded.)
The central system would use the number to select a relatively small set of private keys. It would try each key in turn until it found the key that unlocked that ballot paper. That private key would then be deleted. The unlocked ballot paper would be placed into a secure database. The number of valid votes identified would be counted and publicly published in real-time.
Just to be absolutely certain what is meant here, the database must be write-only from the central system and must be in a tamper-proof environment. Once all ballots are uploaded, it will then perform the count and download the results, ALL of the decrypted ballots and ALL of the encrypted ballots.
That way, anyone can perform a recount and although it would be a monumental task to validate the votes, it could be done. This system is pseudo-anonymous, not truly anonymous, using a VERY large base to make anonymity effective. The upshot is that if a random sample of voter cards were gathered (anonymously!), it would be possible to show that each of those cards matches to exactly one encrypted vote and one decrypted vote.
This shouldn't be necessary, as most of the avenues for fraud have already been eliminated. The effort to fraudulently enter a vote in this system would be extraordinary, as it would require breaking the ballot paper generation system, the encryption key system AND the decryption system, in order to be transparent. Failure to break all of these would result in the votes being rejected by the unbroken component.
I don't think an actual voting system need be this complex, but that's not the point. The point here is that it is possible to imagine a system that is (a) Open Source and (b) so damn-near impervious that it would be cheaper to just buy the person who'd been elected than rig so much as a single vote.
Has this been done? Probably not. Could it be done? Sure. Give me a couple of weeks, a few smart-cards, readers, kiosks and a tamper-proof computer case. There should be no difficulty in writing a system that would be close to iron-clad for the next 50-100 years, with so close to zero chance of tampering that it's just not going to happen.
If an OSS election system group has the hardware and would like to play with this scheme, I'd be happy to write it for them.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Seems rather strange that the richest and most powerful country in the world can't afford decent voting systems (whether free or not). There are plenty of really smart people in the USA, good in crypto, systems, architecture etc. So the talent is there.
;).
;).
As for the money: this is the same country that has spent BILLIONS in Iraq for dubious reasons (the official reasons kept changing, so they can't have been the real reasons).
I heard one of the US Gov's "reasons" was to have democracy/free elections in Iraq, but that can't be the real reason since the US Gov was very obviously not pleased when there was democracy/free elections in Palestine and Hamas got elected
I don't know what is really going on with the USA, but I doubt that the main issue is whether a voting system is OSS or non-OSS.
With all this "globalisation" being hyped as such a great thing, maybe the US should outsource their elections to India, and have UN observers for free to observe stuff.
After all India is arguably the world's largest democracy (1 billion citizens). I bet if they had results as ridiculous as "more votes than voters", "negative votes" heads would _literally_ roll. They somehow have managed to get a decent chap as Prime Minister ( Dr. Manmohan Singh seems to be well-respected by most).
If I were a US citizen I'd _demand_ that all the people involved in supplying or approving crappy election systems be charged for _TREASON_.
After all, the USA keeps saying democracy is so important etc.
Prove it with actions and not bullshit.
From the article:
Not only does maintaining "intellectual property rights" not preclude others from distributing copies of the software for a fee (as anyone who understands Free Software licensing already knows), merely inspecting the software is insufficient to get real work done in a way that is beneficial to the public.
I served on the Champaign County election equipment advisory board—an appointed board made up of representatives of businesses and political parties from Champaign County, Illinois. Over months in the past couple of years this board weighed a few machines from a variety of vendors so that we could make a recommendation to the elected County Board who would then make the final decision and sign the appropriate contracts. We were told at the first meeting that we were only to consider machines from "approved vendors" but in the end we learned that even the machines we were considering had not yet all been approved by the State of Illinois. It was just a means of narrowing the allowable debate, effectively excluding a variety of vendors who probably never knew we were seriously considering voting machines.
I knew early on (and did my darndest to convince my fellow board members) that we want complete source code to the machines we'd buy so that we could make repairs and improvements while enjoying the benefits of global competition. Locally we have lots of talented computer programmers, the University of Illinois at Urbana-Champaign is in this county. It is a shame to waste all the talent we have by getting into a monopoly.
Politically, there are good reasons to need the source code too: it's your machine paid for with your tax dollars, so you should not be restricted from getting it fixed when it breaks, running it any time you want, and not just inspecting what it ostensibly does. But we should also not constrain ourselves to the features the machine has today. Locally, we could switch from a first-past-the-post to some kind of ranked voting system (like instant run-off or some Condorcet system) for local elections. But so long as we can't get the vendor to do what we want and as long as we can't help ourselves because we're choosing to buy into a monopoly for support (which is what you do when you get proprietary software), we have an additional restriction to overcome with our voting machines—we can't switch to the voting system we want because the proprietor won't let us and we can't afford to simply switch to another set of machines.
I discussed Free Software voting machines on Counterpunch.
Digital Citizen
Belgium is a small west-european country where every person over 18 must vote.
The major part of the votes since more then five years have been entered electronically.
The majority of the systems are made by Steria (formally, Integris, a part of Bull) http://www.steria.be/
The system consits of PC running some old M$ DOS version (4.5 I think) with a pen-screen and a magnetic card reader.
Secrecy of vote + audit trail: each voter gets one anonymous card. The card is writtten using the voting computer (in a ballot box) and is then dropped into a drop-box vault. You see the parallells with paper-and-pencil voting I suppose...
Counting happens afterwards and recounting remains possible (untill the cards are wiped for the next elections)
Open-Source: Even though the software is written by a commercial company (Steria) the software is open for scrunity (by any citizen) at the Interior Ministry. Before last elections, Steria's source was examined by a professor and he detected one weak point (regarding the use of a random generator using the PC's BIOS) but it requires physical access to the voting card (in the vault) and it only couldcompromises secrecy of the vote (if you manage to track the order in which cards have been written).
There is also a competitor with some (similar) voting computers, but they represent a minority and that same professor called their coding "very bad spaghetti code that is impossible to understand"...
One big difference with the rest of the world: like I said, every adult citizen has to vote, meaning that the number of vote(r)s is perfectly known. Also, since it is a nation wide occurence there is only one voting day. The benefit of this is that the effort of actually organising the vote, including the counting (there are still votes on paper!) can be perfectly predicted.
There are some communues that (in last elections) still voted on paper.
In those communues the time allowed to vote is much shorter (only untill noon often), and still the results of those communes are the last to come in: electronic voting really does have major benefits here: longer opening hours of the polling stations and faster results.
120 chars is not enough!
AKA the world's biggest democracy...
"Elections in India are events involving political mobilisation and organisational complexity on an amazing scale. In the 1996 election to Lok Sabha there were 1,269 candidates from 38 officially recognised national and state parties seeking election, 1,048 candidates from registered parties, not recognised and 10,635 independent candidates. A total number of 592,572,288 people voted. The Election Commission employed almost 4,000,000 people to run the election. A vast number of civilian police and security forces were deployed to ensure that the elections were carried out peacefully. The direct cost of organising the election amounted to approximately Rs. 5,180 million.
"Voting is by secret ballot. Polling stations are usually set up in public institutions, such as schools and community halls. To enable as many electors as possible to vote, the officials of the Election Commission try to ensure that there is a polling station within 2km of every voter, and that no polling stations should have to deal with more than 1200 voters. Each polling station is open for at least 8 hours on the day of the election.
"On entering the polling station, the elector is checked against the Electoral Roll, and allocated a ballot paper. The elector votes by marking the ballot paper with a rubber stamp on or near the symbol of the candidate of his choice, inside a screened compartment in the polling station. The voter then folds the ballot paper and inserts it in a common ballot box which is kept in full view of the Presiding Officer and polling agents of the candidates. This marking system eliminates the possibility of ballot papers being surreptitiously taken out of the polling station or not being put in the ballot box."
No, your children are not the special ones. Nor are your pets.
Though I have nothing wrong with OSS, an open source voting machine just smells bad. There are tons of great and nice people out there willing to make the system better and help fix holes, but there are others looking for the holes and trying to exploit them. Though I am a techie, I would prefer paper ballots. Maybe a different method of paper ballots so no more "hanging chad" incidents, but paper none the less. Now we just have to work on getting people other than people that can't count higher than 10 to count the ballots.
Click Click Bloody Click PANCAKES!