Slashdot Mirror
CA Proposes Rigorous Voting Machine Testing
christian.einfeldt writes "During her successful campaign for California Secretary of State, newly-minted California Elections Czar Debra Bowen spoke repeatedly of the need to use free open source software in voting machines to ensure the integrity of California's elections. Now that Secretary Bowen is acting on that campaign pledge, closed-source voting machine vendor Diebold worries aloud that rejecting its black-box voting machines could snarl California's elections. Diebold's concerns come at the same time that it is suing Massachusetts for declining to purchase those same voting machines." Quoting: "California's elections chief is proposing the toughest standards for voting systems in the country, so tough that they could [have the result of banishing] ATM-like touch-screen voting machines from the state. For the first time, California is demanding the right to try hacking every voting machine with 'red teams' of computer experts and to study the software inside the machines, line-by-line, for security holes."
Thoroughly test the voting machines before deploying them? Wow! Why didn't I think of that?
This guy's the limit!
I thought I read "Computer Associates Proposes Rigorous Voting Machine Testing", and my head started to hurt.
No folly is more costly than the folly of intolerant idealism. - Winston Churchill
I agree with this proposal. They need to double -- perhaps, triple -- check to make sure the code works as intended.
But I also think CA has been otherwise prudent. For example, using Diebold instead of volunteer open source code. I mean, how can they afford all the volunteer labor?
Apology to Ubuntu forum.
One principal of a democracy is that everyone can verify the counting of votes.
Now unless you teach everyone how to program I don't see how you can preserve this principal.
31 machines out of 340 districts? How many were in each district?
Heck, from what I've read, they've had problems with more than 10% of the diebold machines.
At least with an automark type system you still have the paper ballots to fall back on, even if a voter might require assistance to fill it out.
When a diebold type device malfunctions you have the potential for lost and/or erronous vote information, not to mention that NO votes can be taken.
I don't read AC A human right
Any replacement system must preserve the strengths of a paper ballot.
This means
In practice, this means the voting hardware and software must be open to public inspection. The same goes for the procedures used by voting officials.
It also means to the extent possible, the entire process must be observed by interested and neutral parties. Obviously the actual voting must be done in secret but anything that doesn't reveal an individual's vote should be observed. Those things that cannot be easily observed, such as actual electronic count, must be repeatable by another method, such as a hand-count, with the same results.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
is that we seem to keep learning and re-learning that lesson. Back in the 1960 election, there was a lot of evidence that indicated that kennedy won chicago by having the dems cheat. Many systems were put in place to prevent that cheating. Now, with the new current system, the evidence is even more overwhelming and yet, we are back to trying to prevent cheating. In particular, it appears that Ohio, Florida, and even texas had massive amounts of voter fraud during the last couple of elections. I guess that our society will be doomed to re-living the same problems over and over as long as we have politicians like rove ( and the dem == before).
I prefer the "u" in honour as it seems to be missing these days.
The request by Diebold to block Massachusetts from buying from another vendor was blocked: http://computerworld.com/action/article.do?command =viewArticleBasic&taxonomyName=hardware&articleId= 9014518&taxonomyId=12&intsrc=kc_top
s -selling-solar.html
--
The proper use of a silicon ballot: http://mdsolar.blogspot.com/2007/01/slashdot-user
I'm shocked. Deibold generally tries very hard to avoid the appearance of bias or impropriety, and they offer quality e-voting products that they strive to improve in response to much-appreciated constructive criticism from the community. Whenever they fix an issue with their products, like the closed-source software or the easily-copied security key, they are quick to get the updates out and always thank the community for helping them to improve their products. Their recent suit against Massachusetts has given them a serious PR boost with other states. So yes, their response to this move really surprises me.
(Sorry if your sarcasm gland is asploding.)
Any electronic voting machines should be regulated to at least the same level as a slot machine. But for some reason we apparently believe that handling the $20 dollars we want to gamble in a casino is more important than the results of an election.
A casino would never field a slot machine (even a 1c machine) that was as insecure as a Diebold voting machine.
The security model for a slot machine is rock solid. The hardware and software (source included) must be submitted and approved by each jurisdiction. The security model ensures that if even one bit in the software has been corrupted, the machine ceases to function. The cash-in and payout of each machine is redundantly logged. The machines are completely power tolerant, meaning you can cut the power at any time; when the power is restored the machine will come back up in exactly the same state that it was in before power loss. The machine can print tickets (for a paper trail), as well as talk securely over a network.
Basically, all the requirements we'd like to see in a voting machine are the same that a slot machine already conforms to. There's no reason to re-invent the wheel here, most of the work has already been done.
Many car companies might, this is true. But I'd be willing to bet that some car companies would make it an option, albiet an expensive one.
As other posters have pointed out, there are cars sold that don't meet the CA standard. There's packages of solder that don't contain the "This product blah blah state of California blah blah" label. The point is, CA is deciding what's best for it, not for anyone else. It's not their fault if many large companies go along for the ride.
Have you been touched by his noodly appendage?
I think that attorneys for the government should be able to demand to see source code for all the machines already deployed. If source cannot be produced (or it does not compile to the same machine code present on the voting machines) then those responsible should be rounded up and tried for treason. Seriously: at no point should *anything* related to how these machines tally votes have been regarded as a secret: that's simply not how voting works in the US.
I believe that California shouldn't have to demand transparency, I think that we citizens have implicitly expected transparency all along.
Donate to the Open Voting Consortium, they've been working with Debra Bowen and many others to fix the system.
don't panic-- clowns can smell fear.
It amazes me that the US can't get their elections done right. They have the technology to power the worlds most important financial systems, to pilote a drone on the other side of the world and beat any given human in a game of chess. WHY THE ##CK haven't they managed to come up with a voting system that's rock solid, transparent, secure and dependable?!? Why is that even a hard thing to do?
Heck, I think even _I_ could design such a system:
- Buy a standard issue PC with a standard issue laserprinter
- Make a simple voting program
- Give every voter a Live CD with a unique hard coded serial.
- The CD is inserted under the supervision of election workers, and the PC is booted up.
- The voters goes behind the curtain where they find a screen, a mouse and a printer.
- The voter casts his/her wote. The vote and the unique ID is stored on the local HD, and two coppies is printed out on paper.
- The voter comes out, ejects the CD AND KEEPS IT, and puts one paper vote in a ballot box. Keeps the other copy.
- The computer is powered down before the next vote.
This way one can always check the DB against the paper ballots afterwords. AND: Every citizen who thinks the election has been tampered with can A: Review the software on their CD. B: Check the official "election website", punch in the unique ID from the CD/paper coppy and verify that it's registered correctly.
This is not complex, this is not expensive, this is not difficult, and as far as I can see; this is practicaly fool proof given a certain degree of random manual chek of wotes. (To eliminate the factor involving electorial workers doing nasty stuff to the PCs etc.)
Or am I over looking something here...?
This issue is actually the very reason this woman got my vote in the last election. I'm glad to see she is holding to her promises. We definitely need more politicians to do this. She, unlike a large number of politicians, seems to have a reasonable grasp on the internets and tech as a whole.
http://www.ss.ca.gov/executive/bio.htm
Well, it'll cost the taxpayers a fair bit to do that kind of testing properly - looking at it that way, you'll get a dollar value of how much the taxpayers think a corruption-resistant democracy is worth!
They just take votes and record them. The only remotely novel programming problem should be the security, and they don't appear to have implemented any! How can these machines keep screwing up when ATMs keep on not screwing up?
I'm not a computer scientist, but I know many of you are. Is there some hidden level of difficulty here? Some reason why making voting machines should be such a challenge for Diebold?
Step into a huge movement. Don't Tread In Me.