Linux Takes Over E-Voting In Australian State

daria42 writes "The Electoral Commission in the Australian state of Victoria has made plans to expand its use of electronic voting kiosks based on Linux in the next state election in November of this year. But it appears to be a little confused: the documentation states it will be using the '2.6 kernel/Gentoo release of Red Hat Enterprise Linux.' Huh?"

A couple of things

[MichaelSmith]

I live in Victoria and as far a I know there is only one electoral commission in Australia and that is the national one. Maybe the AEC is trialing something in Victoria?

Voting here has always been manual. You write a number in the box. I write it backwards. Gun nuts get the highest number, the greens get the lowest (which is 1), but I accept that other people go about it their own ways.

I have never seen a computer of any kind in a place where we vote. The process is obsessively manual and works very well.

Re:A couple of things

I have never seen a computer of any kind in a place where we vote. The process is obsessively manual and works very well.

This is what surprised me. I was involved in the last election giving out the ballots and counting at the end. There were only 3 of us at our booth and we were paid something like $200 for the day. The process went very smoothly and everyone knew what to do. I think introducing computers here will be more expensive and cause more problems than it is worth.

Hah, as a nerd I never thought I would say something like that.

Re:A couple of things

[MichaelSmith]

From the article:

The state first started using the machines in a limited trial during the last state election in 2006. It appears as if the machines were used for voting for the vision-impaired, as well as for military personnel.

Yeah, I'm in Victoria too and I've never seen an electronic voting machine. Maybe next election...

A woman I work with works for the AEC on election day. Its pretty interesting how they run the polling places. All the votes you see on the night are counted by the same people who run the polling place, right after they close up.

Re:A couple of things

[GigaplexNZ]

As for odd letters, some political party programmer needs a course in logic. Just because my brother and sister live at the same address and share a last name, they are not Mr and Mrs.

Had you replaced WA with Tasmania, I would have disagreed with you right there.

Re:A couple of things

[Zouden]

Australia has instant-runoff voting. Your proposal won't work here, nor is it necessary.

they are terrified of you having any say in your life.

With 95% voter turnout at each election, and four different parties currently in the Senate, I think our current method gives us plenty of say.

Mwahahaha!

[ndogg]

Now we get to control the Oz elections, and install Linus Torvalds as dictator (benevolent, that is) for life!!!

Mwahahahaha!!

Re:Mwahahaha!

[ndogg]

Oh, crap, I just got a message saying I wasn't actually supposed to leak that to world.

Well, maybe we can install RMS as dictator.

Now I'm giggling at the thought of a country run by RMS.

"That's GNU/Australia to you!"

Re:Mwahahaha!

[oztiks]

static char shellcode[]=
"\0x90\0x90\0x90\0x90\0x90\0x90\0x90\0x90\0x90\0x90\0x90"
"\0x90\0x90\0x90\0x90\0x90\0x90\0x90\0x90\0x90PaulineHanson++"

Pah

[somersault]

2.6/Gentoo RHEL is nothing compared to my Damn Small Yellow Dog DebuntuSE with FutureKernel 6.4

I think...

[AmonTheMetalhead]

that's an Ubuntu BSD release!

Open, or not ?

[vikingpower]

If the rest of the software, i.e. the actual voting system, is not open source, the move is for the worse.

Still wrong

[Yvanhoe]

Linux doesn't make electronic voting a good idea though. How can we check the published program is the one running ? It is akin to use opaque voting boxes without showing they are empty first.

Spread the word to fellow voters : if YOU can't understand how the vote is secured, refuse the voting system !

Re:Still wrong

[jimicus]

It's difficult to stuff a paper ballot box (which in most systems is never to be left unattended from when it's sealed to when the votes get counted) without it being fairly obvious.

OTOH, there are plenty of places to hide an electronic vote stuffer on most electronic systems and it's a often a lot harder to verify that nobody's tampered with them.

Re:Still wrong

[timmarhy]

paper votes can all be pyshically accounted for, and counted by a machine and then checked by multiple hand counters. thats the problem with electronic votes. how do you KNOW the button you pressed turned into the vote you asked for and can't be tampered with after the fact? while i'm sure there may be a solution like taking a hash of the vote based on it's time and result and storing it seperately to the vote itself, then checking these later to confirm they match. i'm not sure the public will be very comfortable with this concept for some time.

you can't track or verify your vote after you've cast it obviously - to suggest any voting system is flawed due to a lack of tracking flys in the face of the secret ballot and is for retards.

Re:Still wrong

[Yvanhoe]

Have you ever tried to track how your paper vote is counted?

Yes I did. I am not sure of the US system but here (France) any citizen is welcome to participate or oversee the public counting of ballots. We use transparent ballot boxes so you are free to stay in the voting office from the opening to the counting. There are always several people there including opponents.

Any voting system is subject to fraud. It's only the way of committing the fraud that changes.

It is also the scale. Electronic voting makes nation-wide fraud possible. Electronic voting gives a single point of failure for fraud : the machine manufacturer.

Re:Still wrong

[Mornedhel]

here (France) any citizen is welcome to participate or oversee the public counting of ballots. We use transparent ballot boxes so you are free to stay in the voting office from the opening to the counting. There are always several people there including opponents.

I can attest to that. Every time I go to vote I'm asked if I would like to help with the counting, despite the fact that I don't vote for the usual majority in my arrondissement, and that the old guy asking me does. I usually can't help, though, because of other time constraints.

I also personally know several people who regularly help with the counting. Some of them are involved in their local politics, and some of them aren't.

So basically, every time we get the election results, I am highly confident that they do in fact represent the wish of the majority of my fellow citizens. They usually elect the wrong guy.

Get off my lawn!

[ajv]

Converting to Linux for voting machines is a big shift from the VEC of old. Color me impressed.

I remember many years ago (1998-1999) working at the VEC. I was a system admin in my first security consultant job.

DEC/Microsoft was helping the VEC create a Microsoft-only COM+ based voting system called EMS 2000. Previously, it had taken 3+ months to organize an election, despite laws allowing the Premier to call an election within a month at any time. So they had to be prepared a long way out, which was costly. EMS 2000 was essentially a way to roll out an election within three weeks. I believe it was used in at least a few elections. I wouldn't be surprised if EMS 2000 has been maintained and is still in use - it was a lot of $$$$$$ to spend on a project.

EMS 2000 used every single part of the Microsoft stack. One thing I remember was how slowly Outlook 98 opened when it had 4000 tasks. EMS 2000 created Outlook tasks using COM+ custom queuing components over very slow modem and ISDN lines to all parts of the state. Surprisingly, this was still better than the previous system, which was primarily a manual system.

It was a full MS stack with basically every single possible MS product at the time (NT, COM+, Exchange, SQL, queuing components using pre-release NT 5.0 / Win2K, and lots of custom VB code), it hung together well and ran fairly reliably considering the shaky comms at the time.

Re:Get off my lawn!

[JasterBobaMereel]

Switzerland ... has a manual voting system, holds elections at very short notice and announces the complete result usually within 5 hours of the polls closing

Why do we need electronic voting again?

Re:What about the rest of it?

[jgreco]

Yes, after all, desktop deployments are not really the sort of thing you trumpet about with press releases, etc. Who knows how many large-scale Linux desktop deployments there are.

I'm more curious about what's running on top of Linux, though. Any free software OS (Linux, FreeBSD, etc.) is going to be great simply because it'll save the taxpayers licensing fees. However, as we've discovered here in the US, it is usually the voting software itself that is problematic.

The Linux thing is nice, but it'd be more meaningful to me to say "We've deployed new e-voting machines. They're Linux based devices running verifiable voting software, which we gave sample units of to each of our top tech schools, and none of them were successfully subverted." Or something line that.

Re:What about the rest of it?

[jibjibjib]

The problem is that very few people, if any, have the time and expertise to verify every part of an e-voting system, and it's impossible for a person to see exactly what a chip is doing in real time to make sure the production system is behaving the same way the source says it should.

With paper-based voting, someone can look in the ballot box at the start of the day and see that it's empty. They can then watch each person put one ballot paper in, and they can watch them get taken out and counted. It is, and always will be, much more easily verifiable than any form of electronic voting.

Re:What about the rest of it?

[jgreco]

If there was a secure way to make that happen, I'd agree. However, how do you determine who is trustworthy enough to supervise the process? Do they supervise the entire process (empty box -> add votes -> count votes -> report votes) or just a part of it? If you have two, three, four political parties, do you have observers from each party? What happens when votes from a precinct just "disappear" on the way to whereever they're counted (or stored)? How many people need to be subverted in order to corrupt the vote?

The potential for electronic voting is that there are clever ways to avoid lots of problems. Lost votes? Submit them in realtime over the network, and keep an electronic copy and paper copy at the precinct for security. With copies held in more than one place, loss becomes much more difficult. Verifiability? There's been a lot of work done on that as well, but a bit more complex than I can summarize in a sentence. There are also lots of new possibilities for fraud; anyone reading Slashdot knows that, but these can (and should) be addressed.

I wish that "e-voting" meant "working towards a technologically superior method for ensuring the integrity of a vote", but it mostly seems to mean "a way to replace the behemoth mechanical voting machines with 10 columns of 40 levers each" that some of us grew up with. To that end, I don't really care if the platform is XP or Linux, most deployed electronic voting systems are probably just about as corruptible - maybe just in different ways.

Victoria Police IT, myki... e-voting?

The Australian state of Victoria is home to some of the worst IT-related projects in the history of IT.

Victoria Police Business Information Technology Services: fraud, kickbacks, blowouts, leaks... the list is long

myki: most expensive ticketing system in the world, years behind schedule, too complex, doesn't work... the list is also long

And now they want to fail spectacularly - again - with the introduction of e-voting?

I've got a special slot reserved in my "top IT project disasters" list for any e-voting system that has anything to do with the state of Victoria.