Software Bug Adds 5K Votes To Election

eldavojohn writes "You may be able to argue that a five-thousand-vote error is a small price to pay for a national election, but these errors are certainly inadmissible on a much smaller scale. According to the Rapid City Journal, a software glitch added 4,875 phantom ballots in a South Dakota election for a seat on the city council. It's not a hardware security problem this time; it's a software glitch. Although not unheard of in electronic voting, this bug was about to cause a runoff vote since the incumbent did not hold a high enough percentage of the vote. That is no longer the case after the numbers were corrected. Wired notes it's probably a complex bug as it is not just multiplying the vote count by two. Here's to hoping that AutoMark follows suit and releases the source code for others to scrutinize."

How hard is it for a computer to do addition?

[pieterh]

Why is a voting system doing any kind of math at all? I voted yesterday in Belgium on a computer that puts my vote onto a card, which is then tallied separately. This same system has been working since at least 1995 with zero reports of fraud or failure (except normal "computer is broken" style failures).

How can a computer "add phantom ballots"? Software does not just "glitch", it breaks in ways that depend entirely on how it was built.

Re:How hard is it for a computer to do addition?

[rvw]

Why is a voting system doing any kind of math at all? I voted yesterday in Belgium on a computer that puts my vote onto a card, which is then tallied separately. This same system has been working since at least 1995 with zero reports of fraud or failure (except normal "computer is broken" style failures).

How can a computer "add phantom ballots"? Software does not just "glitch", it breaks in ways that depend entirely on how it was built.

How do you know this system is fraud free? Reading your comment doesn't convince me one bit. I voted too, in the Netherlands, and for the first time in years I had to use a pencil again. No guarantee that there are no counting errors, but they won't be systematic on a large scale.

Re:How hard is it for a computer to do addition?

[tangent3]

void vote(int candidate)
{
   switch (candidate)
   {
      case GEORGE_BUSH:
         totalVotes[GEORGE_BUSH] ++;

      case AL_GORE:
         totalVotes[AL_GORE] ++;
         break;
   }
}

Re:How hard is it for a computer to do addition?

Yes, it's a threading issue. If you have multiple threads trying to update the value, some of them won't count. You'd either need to use a lock (and probably mark the variables as volatile) or use some kind of atomic update (like a read-modify-write operation).

Still, you'd have to be an idiot to even try to count votes as they're coming in. A much better approach would be to use a database. Database servers are already really good at handling concurrency and scaling. When a vote is cast, simply add a record to the database. Once the election's over, do something like "SELECT COUNT(*), candidate_id FROM votes GROUP BY candidate_id", and the results will be calculated based on the records in the database.

Really, you could only screw this up if you insisted on developing the entire system from scratch, rather than going with existing, well-tested code.

Re:How hard is it for a computer to do addition?

[Cixelsiduous]

eh...your first case statement is missing a break. As it currently stands, a vote for GEORGE_BUSH also adds a vote for AL_GORE. I dunno maybe you left it out on purpose to make a point? I guess the bigger question is: why do I care? The answer of course is because I have no friends.

Re:How hard is it for a computer to do addition?

[Enigma0498]

How do you know this system is fraud free? Reading your comment doesn't convince me one bit. I voted too, in the Netherlands, and for the first time in years I had to use a pencil again. No guarantee that there are no counting errors, but they won't be systematic on a large scale.

The Belgian government publishes the source code of the voting software the moment the bureaus close. The software of yesterday's election can be found here: http://www.ibz.rrn.fgov.be/index.php?id=1152&L=1

Blckboxvoting.org

[Red+Flayer]

"You may be able to argue that a five thousand vote error is a small price to pay for a national election but these errors are certainly inadmissible on a much smaller scale.

A software error resulting in +/- 5000 votes cast is unacceptable on any level, even if it gets drowned out on the national level in the US.

There is absolutely no reason or excuse for software to miscount votes. It isn't rocket science.

I know I'm preaching to the choir here, but this shit just pisses me off. It's a matter of national and local integrity that our voting systems are transparent. Please support blackboxvoting.org if you don't have the time to get involved in a deeper fashion (calling/writing your legislators, etc).

Note: I'm not affiliated with blackboxvoting.org. I just appreciate their work.

tampering?

[Ltap]

TFA only tells me the numbers and the guy's plans, nothing about the actual bug. What was it? It seems awfully hard to screw up adding two numbers together to get a third number, which is basically what that software was doing. Has it occurred to anyone that it might have been tampering? It seems to me that, with the fairly large (tens of thousands) number of votes, adding or removing just enough to make it a runoff would be the perfect vote tampering scheme - too little to draw much attention, but enough to actually make a difference.

Re:!bug

[link-error]

It's probably more like they aren't rolling back some transaction on a network error or something. Network timeouts, etc, are probably doubling up the votes from that machine. It's probably an unusual error so it doesn't get caught in testing. Like busy networks on election night? It's not that hard to imagine.

It's simple

[Mad-Bassist]

Someone forgot to clear the chad bit!