Slashdot Mirror
CA Proposes Rigorous Voting Machine Testing
christian.einfeldt writes "During her successful campaign for California Secretary of State, newly-minted California Elections Czar Debra Bowen spoke repeatedly of the need to use free open source software in voting machines to ensure the integrity of California's elections. Now that Secretary Bowen is acting on that campaign pledge, closed-source voting machine vendor Diebold worries aloud that rejecting its black-box voting machines could snarl California's elections. Diebold's concerns come at the same time that it is suing Massachusetts for declining to purchase those same voting machines." Quoting: "California's elections chief is proposing the toughest standards for voting systems in the country, so tough that they could [have the result of banishing] ATM-like touch-screen voting machines from the state. For the first time, California is demanding the right to try hacking every voting machine with 'red teams' of computer experts and to study the software inside the machines, line-by-line, for security holes."
Thoroughly test the voting machines before deploying them? Wow! Why didn't I think of that?
This guy's the limit!
I thought I read "Computer Associates Proposes Rigorous Voting Machine Testing", and my head started to hurt.
No folly is more costly than the folly of intolerant idealism. - Winston Churchill
I agree with this proposal. They need to double -- perhaps, triple -- check to make sure the code works as intended.
But I also think CA has been otherwise prudent. For example, using Diebold instead of volunteer open source code. I mean, how can they afford all the volunteer labor?
Apology to Ubuntu forum.
One principal of a democracy is that everyone can verify the counting of votes.
Now unless you teach everyone how to program I don't see how you can preserve this principal.
31 machines out of 340 districts? How many were in each district?
Heck, from what I've read, they've had problems with more than 10% of the diebold machines.
At least with an automark type system you still have the paper ballots to fall back on, even if a voter might require assistance to fill it out.
When a diebold type device malfunctions you have the potential for lost and/or erronous vote information, not to mention that NO votes can be taken.
I don't read AC A human right
Any replacement system must preserve the strengths of a paper ballot.
This means
In practice, this means the voting hardware and software must be open to public inspection. The same goes for the procedures used by voting officials.
It also means to the extent possible, the entire process must be observed by interested and neutral parties. Obviously the actual voting must be done in secret but anything that doesn't reveal an individual's vote should be observed. Those things that cannot be easily observed, such as actual electronic count, must be repeatable by another method, such as a hand-count, with the same results.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
is that we seem to keep learning and re-learning that lesson. Back in the 1960 election, there was a lot of evidence that indicated that kennedy won chicago by having the dems cheat. Many systems were put in place to prevent that cheating. Now, with the new current system, the evidence is even more overwhelming and yet, we are back to trying to prevent cheating. In particular, it appears that Ohio, Florida, and even texas had massive amounts of voter fraud during the last couple of elections. I guess that our society will be doomed to re-living the same problems over and over as long as we have politicians like rove ( and the dem == before).
I prefer the "u" in honour as it seems to be missing these days.
The request by Diebold to block Massachusetts from buying from another vendor was blocked: http://computerworld.com/action/article.do?command =viewArticleBasic&taxonomyName=hardware&articleId= 9014518&taxonomyId=12&intsrc=kc_top
s -selling-solar.html
--
The proper use of a silicon ballot: http://mdsolar.blogspot.com/2007/01/slashdot-user
It's a shame you never saw any part of California besides Los Angeles.
four seasons are Wildfire, Mudslide, Earthquake, and Smog
Boy, I'd like to see a shoji screen of these four seasons!
And, wait... are you complaining that your car has stricter emissions standards? I'm certainly not, living in the second-most smog infested state in the US. If it weren't for CA emissions being standard on so many vehicles sold outside that state, it might be even worse here...
Have you been touched by his noodly appendage?
The fact that you bought such a care tells me that you looked at the cars that did not meet the California emissions tests and said "No thank you".
What probably happened is that the majority of the people in the country with needs similar to yours thought that cars should meet California's tests. The few people that did not want the cleaner cars had different needs then you did.
You don't have a beef with California, you have a beef with the majority of AMERICAN citizens. And you personally were still offered a choice to pick another car, but decided not to.
Why don't you stop blaming California, and start taking responsibility for your own actions
excitingthingstodo.blogspot.com
I'm shocked. Deibold generally tries very hard to avoid the appearance of bias or impropriety, and they offer quality e-voting products that they strive to improve in response to much-appreciated constructive criticism from the community. Whenever they fix an issue with their products, like the closed-source software or the easily-copied security key, they are quick to get the updates out and always thank the community for helping them to improve their products. Their recent suit against Massachusetts has given them a serious PR boost with other states. So yes, their response to this move really surprises me.
(Sorry if your sarcasm gland is asploding.)
Interestingly, I can purchase a car in Connecticut, drive it to California, register it, and pass a smog check.
Vehicles with California emissions and vehicles without are smogged to different specifications, even here in California.
The restriction only requires new cars sold in California to conform to different standards.
I live in a county which has spectacularly good air quality, and it happens to be within California.
The worst air quality that I'm aware of in the US is in Houston.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Any electronic voting machines should be regulated to at least the same level as a slot machine. But for some reason we apparently believe that handling the $20 dollars we want to gamble in a casino is more important than the results of an election.
A casino would never field a slot machine (even a 1c machine) that was as insecure as a Diebold voting machine.
The security model for a slot machine is rock solid. The hardware and software (source included) must be submitted and approved by each jurisdiction. The security model ensures that if even one bit in the software has been corrupted, the machine ceases to function. The cash-in and payout of each machine is redundantly logged. The machines are completely power tolerant, meaning you can cut the power at any time; when the power is restored the machine will come back up in exactly the same state that it was in before power loss. The machine can print tickets (for a paper trail), as well as talk securely over a network.
Basically, all the requirements we'd like to see in a voting machine are the same that a slot machine already conforms to. There's no reason to re-invent the wheel here, most of the work has already been done.
Born and raised in Cal, yeah, there are 'kooks' for politicians sometimes, but these kooks are like 'let's see if we can make people happier by making their food less poisonous' as opposed to the kooks that think things like 'let's not tell people the air at ground zero is poisonous because then bin Laden will be even more satisfied with the results'.
We'll keep our kooks, you keep yours and we will both be happy. I hope.
I think that attorneys for the government should be able to demand to see source code for all the machines already deployed. If source cannot be produced (or it does not compile to the same machine code present on the voting machines) then those responsible should be rounded up and tried for treason. Seriously: at no point should *anything* related to how these machines tally votes have been regarded as a secret: that's simply not how voting works in the US.
I believe that California shouldn't have to demand transparency, I think that we citizens have implicitly expected transparency all along.
Donate to the Open Voting Consortium, they've been working with Debra Bowen and many others to fix the system.
don't panic-- clowns can smell fear.
It amazes me that the US can't get their elections done right. They have the technology to power the worlds most important financial systems, to pilote a drone on the other side of the world and beat any given human in a game of chess. WHY THE ##CK haven't they managed to come up with a voting system that's rock solid, transparent, secure and dependable?!? Why is that even a hard thing to do?
Heck, I think even _I_ could design such a system:
- Buy a standard issue PC with a standard issue laserprinter
- Make a simple voting program
- Give every voter a Live CD with a unique hard coded serial.
- The CD is inserted under the supervision of election workers, and the PC is booted up.
- The voters goes behind the curtain where they find a screen, a mouse and a printer.
- The voter casts his/her wote. The vote and the unique ID is stored on the local HD, and two coppies is printed out on paper.
- The voter comes out, ejects the CD AND KEEPS IT, and puts one paper vote in a ballot box. Keeps the other copy.
- The computer is powered down before the next vote.
This way one can always check the DB against the paper ballots afterwords. AND: Every citizen who thinks the election has been tampered with can A: Review the software on their CD. B: Check the official "election website", punch in the unique ID from the CD/paper coppy and verify that it's registered correctly.
This is not complex, this is not expensive, this is not difficult, and as far as I can see; this is practicaly fool proof given a certain degree of random manual chek of wotes. (To eliminate the factor involving electorial workers doing nasty stuff to the PCs etc.)
Or am I over looking something here...?
This issue is actually the very reason this woman got my vote in the last election. I'm glad to see she is holding to her promises. We definitely need more politicians to do this. She, unlike a large number of politicians, seems to have a reasonable grasp on the internets and tech as a whole.
http://www.ss.ca.gov/executive/bio.htm
I suspect they'll really study software outside the machines, code which the manufacturer swears is the same as the software inside the machines, cross his heart. That's still an improvement over the current situation, but it's not good enough for democracy. If a computer is turning your ballot into a microscopic electromagnetic pattern rather than a human-readable printout, you simply can't be certain that your vote was counted. Software audits may make election hacking more difficult, but they'll never make it impossible.
They just take votes and record them. The only remotely novel programming problem should be the security, and they don't appear to have implemented any! How can these machines keep screwing up when ATMs keep on not screwing up?
I'm not a computer scientist, but I know many of you are. Is there some hidden level of difficulty here? Some reason why making voting machines should be such a challenge for Diebold?
Step into a huge movement. Don't Tread In Me.
Ahh but thanks to the intervention of well-paid lobbyists Federal standards make 10% an "acceptable rate of failure" for an election.
This situation is unacceptable in critical systems' embedded software. Not only is the source subject to audit, but the entire compilation and installation process is as well.
Have gnu, will travel.
Perhaps you might not have heard the story of the king and the toaster?
This may not be quite that bad, but the point still stands: Don't use more technology than is needed to solve the problem. In this case, it's much simpler than you suggest:
In fact, if you were clever you could even combine steps 1 and 4, saving a line at the supervisor's table.
Oh, and don't give the voter a copy to take home, unless you want supporters for the "wrong" party to start getting their pillows replaced by severed horse heads. "I've got a very good deal for you, and all it needs from you is one little piece of paper . . ."
NO, CA emissions rules suck. Oregon and Washington are looking at adopting California's Emissions requirements. That would mean several freakish things. Namely, no personal Diesel vehicles. You cannot buy a VW diesel or a Jeep liberty Diesel in CA new. Diesels in the state of CA have to be over a certain weight. That is getting rather outdated. You can buy a 7000lb Hummer that burns gas like no tomorrow, tears up the highways with its weight (and even get a tax credit, since because of its weight, its considered a "business delivery vehicle) but I can't buy a VW that gets 55MPG burning biodiesel.
What are we going to do tonight Brain?
While having it on paper is good, it can be better still.
As I've mentioned before when this issue is raised, computers should only be used for electronic ballot preparation. The actual ballot which you use for casting your vote should be prepared in the voting booth, and be done using OCR characters and/or a bar code (or something simple but easy for a voter to evaluate). At that point, who cares what company has actually designed the equipment for the vote processing?
You can establish standards for both document preparation as well as being able to "load" the current election data that lists all of the "official" candidates that have previously registered with the local election board, and all other ballot questions. Writing such a standard would be a generally trivial exercise, and could be easily extended to take care of unusual voting situations (like instant run-off votes or other crazy schemes to count votes).
By having such standards, anybody including a small group of hackers could develop a system for sale to their local election officials, and have some tests to verify that the software and system actually does what it is supposed to do. And more importantly, it could commoditize the election supply business instead of being locked in by one single company like Diebold. Of course Diebold could offer their equipment for sale as well at a competitive price, but that doesn't matter.
Besides, if the voter looks at the ballot and verifies that the information is correct, that is a voter certified election. And it can be recounted dozens of times and get the same results. The largest problems with elections is that voters sometimes mess up the ballot by marking beyond the lines or vote for two people when only one vote is valid. Electronic ballot preparation deals with all of those problems and more. It even helps to stop some types of voting fraud, as these prepared ballots would be easy to spot something that has been tampered with.
There is no reason why the same machines that are preparing and helping voters to cast their ballots should be used to do the counting of the votes. This also helps with the unfortunate situations where you have equipment malfunctions when a voter is in the middle of casting their ballot. They can stop, move to another machine, and perhaps start from the beginning but they have a real chance of making sure their votes actually count for something. Any partially printed ballots can be discarded, and each voter can be verified with the use of tickets or some other system to make sure they only vote once. So even if they sit and press "finished" a dozen times and have a dozen ballots prepared, the judges can accept only one of those ballots and it is up to the voter to decide which one of the ballots they made would be their actual ballot cast for that election.
If casting a ballot with a Dibold machine when you are half way through voting or worse if the machine crashes as you are finishing up your selections, you are screwed as a voter and there is a real possibility that you will become disenfranchised for that election.
In short, a paper trail, while a good start, is not the best possible option. The voter needs to be directly in control of the process of casting their vote, and not trust the reliability of some machine that is known to be tempermental.
Thanks for drawing attention to my inability to avoid insulting someone while trying to set them at ease. Thanks, also, for implying that, by acknowledging that I am an insensitive clod, and being aware that I have a problem, and taking steps towards resolving that problem, I am somehow more of an insensitive clod than a non-self-confessed, non-help-seeking, run-of-the-mill insensitive clod, you insensitive clod.
;)
Don't worry, I'm selling maps to the solution of that for those that couldn't follow