Slashdot Mirror

← Back to Stories (view on slashdot.org)

Punchscan Wins Open Source Voting Competition

Posted by kdawson on from the at-least-they're-foss-hanging-chads dept.

An anonymous reader writes "Punchscan emerged victorious at the open source university voting systems competition, VoComp. For their efforts, they will receive the US$10,000 prize provided by ES&S (which has recently been named in a scandal in Florida). The second-place team put up a good fight: 'Per Ron Rivest, one of the contest's judges, the runner-up team, the Pret-a-Voter team from the University of Surrey in the UK, gave Punchscan a tough run for the first-place money until the Punchscan team dug through Pret-a-Voter's source code and found a significant security flaw in their random number generation. Oops.' It will be interesting to see if these systems ever make it into the mainstream. Kudos to ES&S for showing their forward thinking in this area, as the other voting machine vendors, such as Diebold, did not support the competition."

10 of 98 comments (clear)

  1. Re:So by inaequitas · · Score: 5, Insightful

    What do you expect, when one with an undocumented number of security flaws is marked for real-life use?

    But an interesting competition. Puts responsibility back in the way people write their code, not license it and hide behind the legalese.

  2. Irrelevant by Gothmolly · · Score: 2, Insightful

    To quote a now dead, but once very powerful man: "He who votes decides nothing. He who COUNTS the votes decides everything."
    It's charming to see people coming up with Open Source voting and other governmental tools, but extremely naive to think that they'll ever be implemented. Even if they make their way into governmental dialog, they'll be co-opted by Diebold, et.al. in the 11th hour before any policy is changed.

    --
    I want to delete my account but Slashdot doesn't allow it.
  3. More publicity for OSS voting machines, please. by TheDarkener · · Score: 4, Insightful

    We need more than preaching to the choir - everyone should link to this from their blogs, post it as a bulletin to their friends on Myspace, etc. etc. etc.... the more people hear about these things, the more likely it will be that we actually start using OSS-based voting machines on a large scale.

    3 2 1, GO!

    --
    It is pitch black. You are likely to be eaten by a grue.
  4. Re:Why do they use a random number generator? by raddan · · Score: 2, Insightful

    Without knowing the specifics of the system, I'd guess it's probably used as some part of an authentication token. You want to make sure that you can verify that the printed paper receipts correspond to a vote, but you don't want to give away the voter's identity, right? Random numbers are frequently used where you need a shared secret or seed for an encryption algorithm to work on, and encrypted secrets or seeds are often a part of an authentication system. Numbers that are "random enough" are difficult to achieve, even for people who know what they're doing, so it's not surprising that the US-Canada team looked there first.

  5. Re:public key techonology by Anonymous Coward · · Score: 1, Insightful

    And then after the election, cousin vinnie comes along and says "ok, now you prove that you voted for uncle enzo, or I break your kneecaps". Since you do have a method of proving who your vote was for, you're kinda stuck...

    The solution to high-tech fraud is not "make low tech fraud easy". We've seen this sort of low tech fraud in the past; while scale problems make it hard to pull off for president, it's common in smaller-scale elections.

    Moreover, a fraudster now just has to be careful to not change votes, but instead just add them; in most districts there are plenty of people who don't vote, so your corrupt poll worker just checks the boxes next to a few people at the end of the day and puts in votes for them.

  6. Re:public key techonology by bobdehnhardt · · Score: 3, Insightful

    Voters would be able to see that their vote counted in the right direction, and unless someone else knows your private key, nobody would be able to tell who you voted for.


    That "unless" part is the biggest problem with this approach. Digitally signing the ballot eliminates the anonymity of it. On measures that are controversial or highly contentious (stem cell research, gay marriage, abortion, legalization of drugs, to name a few), people need to be able to cast their votes without fear of reprisal or being ostracized be their community. If I'm digitally signing my ballot, that creates a solid link between me and my votes, which may make me reluctant to vote in ways that don't conform with the views of my neighbors.

    Of course, the Government has a solid reputation of keeping secrets, so there's no chance that the ballot data could be stolen, hacked or otherwise compromised, or have their contents improperly made available to the general public. And encryption never, ever gets cracked. And the public would never fall for any tricks to get them to divulge their passphrase or surrender their key (for example, a phishing site claiming to be a Voter Verification Portal). Nope, the security here is 100%, nothing to worry about, just go about your business....
  7. Re:How can reciepts ever work? by Not_Wiggins · · Score: 2, Insightful

    And if their point was to try to change an election, they would need a large group of people to be in on it to guarantee their desired outcome, and the larger the group, the more likely their fraud would be to be exposed.

    More to your point, if you could organize that many people to swing the vote a certain way, couldn't you have just gotten those same people to vote your way at the start without any fraud?

    --
    Diplomacy is the art of saying, "Nice doggie!" until you can find a rock.
  8. Color me unimpressed by Phoenix+Rising · · Score: 2, Insightful

    While the Punchscan system appears to resolve the problems of auditability and vote tampering quite well, the issuance of a ballot receipt - no matter how indirect - allows verifiable vote buying.

    The system also does not resolve one of the key points of HAVA - which, while deeply flawed, addresses some very deeply held concerns of disabled voters. That problem is one of ballot access - Punchscan is not disabled-friendly.

    --
    Let us live so that when we come to die, even the undertaker will be sorry -- Mark Twain
  9. Re:What's wrong with good ol paper ballot? by CastrTroy · · Score: 2, Insightful

    We do it in Canada, and since counting ballots scales perfectly well, no matter how many people you have, there are no problems. The more ballots you have to count, the more people you have to count the votes, the more people you have to watch the counting, to ensure that it's done properly. I don't understand why we need any other way. For hundreds of years (if not longer) paper voting has worked just fine. Why all of a sudden are we trying to fix something that was never broken.

    --

    Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
  10. Open source, crypto, and random numbers by Stochastism · · Score: 2, Insightful

    Well, this flaw found in the second place team's code is the perfect example of why e-voting software should be open source. If it was hidden, odds are that flaw would never be discovered; and might not require a deliberate attack to cause problems in the future.

    There is a strong correspondence between e-voting and encryption technology. The assumption for all encryption technology is that evesdroppers will always know your method (i.e., the source code), so instead you make that knowledge useless by using encryption that require a secret key.

    One reason an e-voting system would need a random number is to generate some kind of key sequence. So a flawed random number generator is serious indeed.