Slashdot Mirror
Open Source Program Reveals Diebold Bug
Mitch Trachtenberg writes "Ballot Browser, an open source Python program developed by Mitch Trachtenberg (yours truly) as part of the all-volunteer Humboldt County Election Transparency Project, was instrumental in revealing that Diebold counting software had dropped 197 ballots from Humboldt County, California's official election results. Despite a top-to-bottom review by the California Secretary of State's office, it appears that Diebold had not informed that office of the four-year-old bug. The Transparency Project has sites at humetp.org and http://www.humtp.com." Trachtenberg also points to his blog for the Transparency Project, and his own essay about the discovery and the process that led to it.
Hey, Trachtenberg do you have a sister? And was she somehow the key to all of this?
Papers arriving shortly ...Esq.
It's usually correct to not blame on malice what can be explained by incompetence. But I do find it hard to understand how a seemingly-simple requirement (essentially, count the number of times a button has been pressed) can be so badly botched by a company whose other "secure terminal" products (eg, ATMs) seem trustworthy and reliable, without the implication of a sinister motive.
Stalin told us: "It's not who votes. It's who counts the votes," but we NEVER listen to anybody - huh? (Not that I am a fan.)
In testing. You need to be able to verify the testing mechanism. Open Source will win there because of the ability to view and modify the code. Just verify that you are testing with the same stuff that you reviewed.
-- Who is the bigger fool? The fool or the fool who follows him? --
Sounds like they used humans to count the vote in reality.
A very small percentage. Still a concern.
We don't need this garbage determining public offices. We have to start educating people that don't understand otherwise that these are a bad idea. Don't be condescending or anything like that, just start discussing with your friends and family that these are a bad idea and why they are a bad idea. Might help if you keep articles like this handy.
Comment removed based on user account deletion
Ah, but Al Franken will not be so easily struck down!
Get thee glass eyes, and, like a scurvy politician, seem to see things thou dost not.--King Lear
Any relation to Michelle Trachtenberg (Dawn from Buffy the Vampire Slayer)?
To this guy who took it upon himself to provide this check, and kudo's to the supervisor who made it possible. The idea of providing DVD image scans so anyone can verify the vote is genius. I hope other counties start providing real verification like this.
I've read a few pieces on this including the author's essay. I still dont know what the actual bug is? Did I miss it somewhere? Is the bug that it just drops every 50th batch that is scanned? :>
Step 1) Did the Democrat win?
No - Step 2) Recount!
Step 3) goto Step 1
Yes - Step 2) "The people have spoken!"
Hey, Mitch, your sister's hot, have her call me, mkay?
is not that companies like Diebold would be corrupt. It is that BOTH dems and pubs have pushed NOT to have a paper trail. Basically, they claim to have our best interest at heart, and yet, we have the likes of Cheney, Rove, Libbey, Delay, Hastart, Stevens, Jefferson, Blogovitch, Daley (certainly original ) , possibly Jackson Jr, etc, etc, etc. Even now, some dems are pushing for NO punishment for Stevens and others are saying no investigations into all of W's admin hijinks. Makes you wonder who these ppl are really representing.
I prefer the "u" in honour as it seems to be missing these days.
Comment removed based on user account deletion
Error itself is not a problem in a general election. This assumes that the error is uniformly distributed, which would not generate a meaningful change in the percentage results.
Of course, this is rarely the case since the "error generators" tend to be localized, which may bias the error towards a particular side or candidate. Proof are the "found" ballots in the Minnesota race, which mysteriously (and statistically impossibly) favor a particular candidate.
"SANE didn't work with the serial number imprinter on our Fujitsu scanner, so I contacted [the] "maintainer" of the SANE Fujitsu backend. He was incredible, getting us some initial changes the same day"
..
This is what amazes me about Open Source, if you have a problem, you can contact the developers directly, instead of 'Dave' in some call center in Bangalore
davecb5620@gmail.com
"Error itself is not a problem in a general election. This assumes that the error is uniformly distributed, which would not generate a meaningful change in the percentage results"
..
Total nonsence, error is a big a problem in an election, as you can't make any assumptions, as you don't know what the software is doing and finally discarding votes in an election is illegal
on my planet 1 + 1 = 2 or maybe sometimes 1.9 or maybe 2.01
1100 0101 1100 0101 1100 0101 1100 0101 1100 0101 1100 0101
davecb5620@gmail.com
Just on the face of it...OpenSource revealing a bug in Diebold's gear...isn't that redundant?
If OpenSource comes to a project, it wasn't OpenSourced before. Meaning (these days) it was Windows.
Have we not all been taught that every Windows bug is sanctioned by Redmond, deemed 'what the customer wants' and is forgivable for the next purchase of a computer?
(OK, drawing it to an extreme...)
Closed source makes it hard to spot errors: so few eyes on the code. It limits the input too, from other authors which make it interesting and vibrant.
Diebold the last I looked still relied on Windows for an ATM (mission-critical job) so how is this a surprise?
"it looks like a pretty normal software bug"
..
maybe on your planet the ability to count up in single integer increments is considered too esoteric for the average QA team, but here it's something the average IT student can manage
davecb5620@gmail.com
I have read over and over about unreliable software counting votes. Why not have each vote be counted by two programs? It seems like it would be fairly trivial to have them share the same interface, but the actual methods of counting votes and securing themselves would be completely independent. They would be written by two sources (whether free or not) and then could be used to test each other (in addition of course to humans counting the paper trail the two would print out).
"There are a few differences between ATMs and voting machines. First of all, ATMs are used daily, and if there was a bug in an ATM, it would be caught very quickly. Second of all, ATMs can be reflashed using the same connection that they use to contact the bank"
Firstly, voting machines should be subject to a full stress test before being deployed in a live election. Secondly ATMs can not be remotely 'reflashed', To upgrade required the replacement of the ATM module and the use of an external hand-held unit (plugged into the ATM) and the presence of two bank officials and the use of two unique PINS.
davecb5620@gmail.com
"Sounds like they used humans to count the vote in reality. A very small percentage. Still a concern"
No, not 197 out of 64,161, but 197 votes out of a single precinct, and unknown numbers of others as they were never checked.
"Crnich said she was told that the software begins counting decks of ballots at zero, and that sometimes when a deck is deleted from the machine due to normal complications, the software also deletes the Deck Zero, which in this case was the vote-by-mail ballots from Precinct 1E-45"
davecb5620@gmail.com
You must be a Republican.
One assumption could be that the counters in the most left leaning districts were hiding Franken votes during the initial count.
The other assumption could be that the counters in the most left leaning districts are creating new ballots in response to the number of ballots they need (like they did four years ago in Washington state).
No good chain of custody for the ballots and they should not be counted under any circumstances. Guaranteed they are fraudulent.
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
It may well have been readable, but the first articles I saw on this make it clear that being readable is not a guarantee of your vote actually being included in the result.
The first articles make it clear that votes were counted and then, in some circumstances, From that article:
Still sure your vote counted?
The real "Libtards" are the Libertarians!
In any software that is VERY important, "One doesn't test, one proves". When a test succeeds, you have demonstrated that you have found a bug. When testing fails (no bugs were found), you have not indicated that bugs do not exist. More tests only raise our confidence that the software is good. As one of my professors says, "There always is one more bug"
http://www.xkcd.com/493/. Since your personal hero is apparently our current president, however, I'm not going to predict when he's going to die. But the last surviving member of That 70's Show bites the dust in 2049, however :D.
Comment removed based on user account deletion
I didn't think to check until I was in the parking lot, but the coin dispenser definitely spit out three pennies when it owed me four. Admittedly, I normally leave my pennies, or throw them in the parking lot if given to me by a human, but in this case the discrepancy stood out like a sore thumb. My total bill was $x.21 and I paid an integer number of dollars so obviously I was owed $0.79 worth of coins, and after I took my three quarters (better than pennies in that they're occasionally useful for parking, at least) the wrong number of pennies was conspicuous enough that I did a double-take. Sure enough, three coppers where there should have been four. True story.
Also, a common argument against using open source software in "Fortune 1000" and lesser-numbered corporatist Ponzi schemes, and in favor of using proprietary software, especially Microsoft software and Windows-only compatible software by any house, is the "need for a neck to wring" if ^B^B when something goes wrong. The identical argument, applied to voting, obviously favors paper ballots and human counters over any and all automation schemes and devices.
"I can't imagine how things could get any worse!" (some guy) "That could just be failure of imaginatioÂn on your p
I have no issue with a bug making its way through to production.
I have an enormous issue with Diebold knowing about it for four years and not recalling their machines and finding a fix.
Criminal charges, surely?
Justin.
You're only jealous cos the little penguins are talking to me.
Seemingly unnoticed in this story is the huge breach being perpetrated by our "heroes."
The python program in question is part of a Transparency project to watchdog the Electronic Voting Machines (EVMs). They provide an independent scanner to scan the same ballots, and achieve an independent tally. Sound great. Two different algorithms on separate hardware to double-check each other.
In this case, the open source solutions seems to be more accurate than the proprietary solution. Great.
But then for the rest of the story. The Transparency project then posts all the scanned ballot images online. Then anyone who cares, can feed them into their own scanning mechanism and tally them for a triple- or quadruple-check, etc. Anyone who wants to can do their own studies on all the ballots.
Pretty cool, eh?
Plus, I can draw that little symbol in the upper right hand corner of my ballot that will allow my employer to recognize my ballot and confirm that I earned my election day bonus by voting the right way.
So the Transparency project makes a step forward for democracy, then kindly steps out of the way of those of us whose livelihood depends on our vote.
He is just an uneducated hillbilly who believes the hype!
Stalin told us: "It's not who votes. It's who counts the votes,"
Long thought to be an urban myth, someone has discovered an intriguing possible reference:
Dear Reader (updated):
I'm in the process of revising my comments below, but in the meantime am pleased to inform you that a source has been found for a variant of this quote -- Boris Bazhanov's Memoirs of Stalin's Former Secretary (published in 1992 and only available in Russian, so far as I know).
The passage in question, which appears near the end of chapter five, reads (loosely translated) as follows:
"You know, comrades," says Stalin, "that I think in regard to this: I consider it completely unimportant who in the party will vote, or how; but what is extraordinarily important is this â"- who will count the votes, and how."
Heref: http://urbanlegends.about.com/od/dubiousquotes/a/stalin_quote.htm /
DNA is a Turing machine. You, however, being dynamic and emergent, are not.