Trade secrets wouldn't work well for drugs even if there weren't disclosure requirements--even if they weren't required to disclose the ingredient list, the actual drugs themselves would provide a pretty strong clue. This problem is common to many forms of technology, reverse engineering isn't necessarily difficult.
Rich and powerful interests don't want good patent examinations.
You'd be surprised. Badly examined, bad patents in the hands of a competitor are as much a risk as bad patents in their hands are a benefit.
I have to add, I've been involved in four or five patents, and particularly in the last several years the examiners have been knowledgeable, thoughtful and on-point. I've been impressed, but perhaps I got lucky. Your mileage may vary.
The machines could overwrite their software with a clean version when they turn in the final tally.
Only if the non-volatile program storage was actually writable by the voting machine without additional equipment.
Or they could respond to outside requests to change their tally and that would not be discovered unless somebody accidentally sent this cryptic request. Or the numbers may be changed at the central location and not by the machine.
Which would still leave the trail of code, and, by virtue of the fact that those "requests" would have to be entered manually (The California voting machines I've used are only connected to the outside world via a daisy-chained 120V power cord.). Which leaves us back at the "voting as dead people" being something done more easily, since you'd need about as many people either way, but in this case you'd need more training and you'd be leaving an additional trail of evidence.
That type of fraud is miniscule compared to a fraud where the voting machine switches every 100th vote to the desired candidate. This is the type of fraud that is being feared with these machines.
Assuming any sort of proper procedures, your theory has just left hundreds of thousands of copies of a record of your fraud in the voting machines themselves. Even a few illegal (and indefensibly so) updates for unqualified code in the machines doesn't get rid of the hacks you've left in the remaining machines.
The changes apparently weren't made. FindLaw still lists the "state name and address" as the method used by a voter to indicate to election officials who they are, Calif. Election Code, section 14216. And I think the claim that asking for (really requiring) ID would be illegal probably follows from the fact that it would be putting a requirement on a voter that's not based in law.
But, as I've said before, we should fix this. Required IDs to vote, period.
If you're in California, then that's pretty
interesting.
Note page 15 of this PDF'd election manual. (The document is an election workers manual from the County of San Francisco, I've worked polls in Santa Clara County myself.) Note that it does not state that ID is illegal to ask for, but does say that "Voters are NOT required to provide proof of identity or residence."
I will add that many voters do bring their voting booklet, or present an ID, and it definitely helps poll workers when you do that, it's somehow just slightly quicker to look something up when you have a nicely printed version fo what you're searching for, particularly with hard-to-spell names.
Here is the text of a proposed law, from February 2003, to require IDs to be checked by precinct workers.
I can't, in the few moments I've looked today, find an explicit prohibition, although I believe I've seen one, I'm willing to drop the assertion that it's directly illegal until I can find direct proof of that statement. I will note, however, that if it's not required, it'd be a pretty bad idea to demand it of voters, since it'd be a direct opening to charges of discriminatory, selective checking of IDs.
On the other hand, a mistake by a polling worker on this point is far more likely to be a mistake than a serious attempt at fraud, poll-workers don't get a ton of training.
Yes, except in a corner case, so long as your name is on the roster for that polling place, the polling workers are not to ask for ID. (Giving the choice as to whether to ask for ID would open up the possiblity of discriminatory patterns in ID checking.)
There is, as I suggested above, an exception (you're not on the roster index, you are at your "new polling place", haven't reregistered, have moved (there's some time requirement), but are still in the same county as before.... then you can vote provisionally, and asking for ID is cool in that case.
But, yes, in general, if I know friend Fred dies a few miles away, I could go over to his polling place, say I'm him, and vote as him. The catch there is the poll workers might know I'm lying, and there's gotta be some mechanism to deal with that potential, but....)
And since a copy of all the voters is posted, and even marked a few times during the day with marks indicating who has voted, you can come in late in the day and make sure you pick someone who hasn't voted yet. Nifty, that.
a ballot box with a lock on it that gets a sheriff's escort to the counting room at the local elections office
That may happen in some parts of the country, but not at the California polls I've worked at. This sort of rhetoric is part of an idea that people seem to have that elections in California are hard to defraud when paper ballots are used, it almost seems to me to be a deliberate misdirection from the electoral risks that are independent of voting machines, or specific to the older paper technologies.
Given that you can walk up and vote as anyone you say you are without any worry that you'll be asked for an ID (in fact asking would be illegal in CA), the last thing I'm worried about is someone leaving a software paper trail of having done election tampering. Much simpler to hire people to vote as dead people, and much less tracable. Buy votes, pay cash. No muss, no fuss.
Many folks who don't have driver's licenses do have state ID cards (drivers licenses without the driving privs).
I do agree with you that I don't know how bad this sort of fraud is, there's some belief that it's non-trivial, but I haven't seen the evidence myself.
Around 8:30, the power went out in the apartment complex. The whole thing. *IF* the machines were still attached, I'm not sure they had UPSes. What does that do to the tallying? What does that do to the data stored? What will a reboot do to the system?
Power: The Edge machines have internal batteries good for a few hours, built-in. The machines are left plugged-in the night before the election to make sure the batteries are fully charged. You know you've lost power even if you're outside because a yellow bar appears at the bottom of the LCD, it goes red when your internal battery pack gets within ten minutes of failing. We also had a separate external battery pack. We also could call for additional battery power (we'd have hours) if it looked like we were going to run out. Finally, in case all of this fails, there's a backup plan involving paper and the box you dropped your absentee ballot in.
So, it's unlikely you'd actually reboot due to power failure. Still,
Reboot doesn't seem to kill the results card in most cases. We didn't do that catastrophically, but we did turn (in training) the machine off and then on while the polls open/closed switch was left open, the right thing happens there (it notes it on the log, the counts stay there.)
I wouldn't want to try it during the period immediately after the user presses "Yes, I really want to cast this ballot.", it appears that some sort of NVRAM is written there.
FYI, The results cartridge looks kinda like a PCMCIA card, not precisely, but that's the basic idea.
You don't need extra power to tally the results, etc. The machines have a small printer in the back, they print out totals at the beginning and end of the election (as determined by the turn of a knob.) The internal battery pack could run the printer. You've still got the results card, as well.
It was a little frightening that when I dropped off my absentee ballot, that there was no lock on the box to go to the registrar's office.
We had a small blue plastic seal, it's a little plastic doodad that connects the two zipper pulls, you can close the seal through the zippers but you can't open the seal without breaking it. It's just a small #'d piece of plastic, that seal should have been put on after the first absentee ballot was cast (after showing that first abs. voter that the box was empty), and should have only been taken off during the closing of the polling place. It's more likely they forgot (or didn't know to) put it on.
Similar seals are used to protect against various
bits of tampering on the electronic machines and in the final "bag of results" that is driven to the registrar's office (or some local field centers). The one that protects the results cartridge has its code # paid special attention
to.
If you didn't see a blue plastic thingee (it wouldn't have been big, like a master lock), it's worth mentioning it to the registrar, but more likely mistraining of the poll workers than actual malfaesence. (We had a mistake in our
own implementation there, we used a yellow one instead of a blue one, but no real harm was done to the system thereby, it's just a piece of plastic.)
Note that losing an absentee ballot would be possible after the poll-workers open the box after polling, as well. As during the day during aan election, there'd be some chance another poll-worker would catch you at it, unless you're in cahoots. Still nice to lock the ballot box during the election, though. (If nothing else, it saves you from having to tell someone you won't retrieve their ballot when they cast it and then say they made a mistake!)
My comment you're replying to was only intended to retort Slashdot's use of the word "network trouble", a term I wouldn't use for modem problems. I agree that crashes, are problematic, just not what I was attempting to talk about. My apologies for any confusion.
At least in California if you try hard enough you can get yourself off the books. We had forms for various sorts of changes/corrections to the voting roster, one option was "person has moved", another was "person is deceased". A family member or even, I think (I didn't read the specifics) an election official who knew the person involved could fill out said form.
Not that we filled one out (for those reasons, we did do a correction of the spelling of a name.)
(The specifics I mention for the case where you can ask for ID are incorrect with respect to the time-frame, but otherwise generally correct. It's a case that rarely ever happens.)
Yes, no ID. With the exception of a corner case (where a voter has moved into a new polling area but stayed in the same county in the last 90 days and wants to vote in their new polling place, and is willing to cast a provisional ballot), it is illegal for California pollworkers to ask for ID.
Now, you do sign in, and the vast majority of folks who vote either bring in their sample ballot or just present their driver's license.
But if you know "old Fred" won't be voting, you could walk in, say you're Fred at 321 Iris St. (if that's his address), sign his name, print his address, and be allowed to vote.
Now, that's dangerous to do, because there's a small chance that Fred is known to one of the poll-workers. But yeah, you can't ask for ID.
I can't even begin to imagine why.
Why does it need a full operating system basic on modern hardware?
The machines in the polling place I worked in last night run WinCE, which seems a poor but size-appropriate choice for the task.
Why does it need a touchscreen?
You could ask that of ATMs, too. It doesn't need one, but it fails less, is less subject to a variety of sorts of damage, and ends up being easier for non-computer users to understand than a keyboard.
And for heaven's sake, why does it have to be networked?
It doesn't. The machines in the polling place I worked last night weren't, electronic cartridges were physically delivered (with me watching) to the registrar of voters, along with a printout from each machine which listed the total vote count from that machine between the opening and closing times.
Note that if you read the article, instead of just the slashdot text, it sounds like they just ran out of modems at the registar's office, but it's hard to tell.
Tempting thought, isn't it? I'm curious who took the machines to repair, the
registrar's office or the manufacturer.
As a learning experience and a lark, I worked a polling area in San Jose, California yesterday. The machines were "Sequoia Edge", and worked well, save that some people had trouble figuring out that they needed to push a bit harder to get the voter card into the voting machine.
Had a machine gone down, I can easily see how the folks in that polling place might have allowed the machine to be taken, repaired, and brought back. Each of the four folks full-time at the polling place was required to have only a few hours of training, much of it centered around operational issues and not legal issues.
Poll workers are mostly retired folks who do elections for fun or small profit ($95, covering fourteen hours of work and three of training.)
I couldn't tell you if such a removal and return would be illegal under California law, I bet that's true for most of the poll-workers in California last night.
I do know that down machines would be reported to the registrar's office, where presumably they would have some legal responsibilty to insure the right things happen. How many people would be watching the machine at any given point during the process is open to question.
In my opinion, for the systems I used and the procedures and people in place, the easiest way to cheat the system would be to get a couple poll-workers in on whatever you wanted to do. With that, it'd be easy to tamper with results no matter what voting system was used.
You want fair elections, nine machines whose votes are subject to concern just doesn't bother me to the extent that more fundamental problems with election procedure do. In California at least, in most cases (there's an exception in a corner case called Fail-Safe provisional voting)
there's no requirement that you demonstrate identity when you vote. You just have to sign in.
No IDs, etc. Big deal. Given that voters are never removed from the registration roles in California (I believe this is true even after death, but the cases I've heard of may have been glitches), I'm suspecting there's a lot more vote fraud caused by folks voting who aren't legally entitled to than there is by subversive maniuplation of machines in that particular case.
Not that I'm not bothered by the various Diebold scandals. And I do agree that significant violations of election law should be punished severely. But I hear a lot of this electronic voting discussion as hysteria, and that concerns me as well.
While I have a LJ with such an email addy enabled, I so far (it's been two years) don't get spam at that address. There's an option, which I've always had turned on, to insert spaces or some such in the display of said emails to hinder botharvesting, perhaps it's been effective. *shrug*
While the Wired article raises some serious concerns, the Mark Crispin Miller article pretends to science without delivering any sort of real scientific thought. In particular, the results he describes are quite likely caused by differences in presentation order of candidates. California voting procedure puts candidates in different orders in different parts of the state in order to reduce the bias towards (say) the first candidate on the ballot. However, since all the ballots in Tulare county (or in areas of comparable size to a county), it's quite likely, given the facts as Miller presents them, that this is the only source of the alleged California vote slew. Unknown cadidates are more likely to be the recipients of this sort of bias due to the lack of a specific "none of the above" option.
The Miller article also demonstrates a lack of credibility in other ways. It provides a pseudo-scientific analysis from an unnamed author, one who tries to sound like he's writing a scientific paper but who fails to get enough details right to do a creditable job of such.
It makes an appeal to suggest that certain numbers are significant without disucssing the statistical tests he used (probably none) or a disucssion of confidence intervals is evidence enough of the writers inexperience with statistics. But most importantly, it falls down on the analysis of other parts of the election that could have caused the results listedand many of those are quite obvious to anyone familiar with California election procedure.
There are serious problems with both electronic and non-electronic voting systems, but faux-science and hysteria isn't going to solve anything.
Actually, if the IBM patent is cited, the examiner saw it, and every claim, including claim 1 (the broadest), was likely determined to be different than IBM's practice.
This feature is clearly specified in the patent, which the moderator obviously didn't read before making his comment about IBM's prior art.
...or, perhaps, simply doesn't understand how to read patents and how to determine the legally relevant bits--a problem epidemic to these discussions on slashdot.
Slashdot Mirror
Trade secrets wouldn't work well for drugs even if there weren't disclosure requirements--even if they weren't required to disclose the ingredient list, the actual drugs themselves would provide a pretty strong clue. This problem is common to many forms of technology, reverse engineering isn't necessarily difficult.
You'd be surprised. Badly examined, bad patents in the hands of a competitor are as much a risk as bad patents in their hands are a benefit.
I have to add, I've been involved in four or five patents, and particularly in the last several years the examiners have been knowledgeable, thoughtful and on-point. I've been impressed, but perhaps I got lucky. Your mileage may vary.
Only if the non-volatile program storage was actually writable by the voting machine without additional equipment.
Or they could respond to outside requests to change their tally and that would not be discovered unless somebody accidentally sent this cryptic request. Or the numbers may be changed at the central location and not by the machine.
Which would still leave the trail of code, and, by virtue of the fact that those "requests" would have to be entered manually (The California voting machines I've used are only connected to the outside world via a daisy-chained 120V power cord.). Which leaves us back at the "voting as dead people" being something done more easily, since you'd need about as many people either way, but in this case you'd need more training and you'd be leaving an additional trail of evidence.
Assuming any sort of proper procedures, your theory has just left hundreds of thousands of copies of a record of your fraud in the voting machines themselves. Even a few illegal (and indefensibly so) updates for unqualified code in the machines doesn't get rid of the hacks you've left in the remaining machines.
But, as I've said before, we should fix this. Required IDs to vote, period.
You and I are in complete agreement--proof of identity should be required, and making that required removes any issue of discrimination.
Note page 15 of this PDF'd election manual. (The document is an election workers manual from the County of San Francisco, I've worked polls in Santa Clara County myself.) Note that it does not state that ID is illegal to ask for, but does say that "Voters are NOT required to provide proof of identity or residence."
I will add that many voters do bring their voting booklet, or present an ID, and it definitely helps poll workers when you do that, it's somehow just slightly quicker to look something up when you have a nicely printed version fo what you're searching for, particularly with hard-to-spell names.
Here is the text of a proposed law, from February 2003, to require IDs to be checked by precinct workers.
I can't, in the few moments I've looked today, find an explicit prohibition, although I believe I've seen one, I'm willing to drop the assertion that it's directly illegal until I can find direct proof of that statement. I will note, however, that if it's not required, it'd be a pretty bad idea to demand it of voters, since it'd be a direct opening to charges of discriminatory, selective checking of IDs.
On the other hand, a mistake by a polling worker on this point is far more likely to be a mistake than a serious attempt at fraud, poll-workers don't get a ton of training.
There is, as I suggested above, an exception (you're not on the roster index, you are at your "new polling place", haven't reregistered, have moved (there's some time requirement), but are still in the same county as before.... then you can vote provisionally, and asking for ID is cool in that case.
But, yes, in general, if I know friend Fred dies a few miles away, I could go over to his polling place, say I'm him, and vote as him. The catch there is the poll workers might know I'm lying, and there's gotta be some mechanism to deal with that potential, but....)
And since a copy of all the voters is posted, and even marked a few times during the day with marks indicating who has voted, you can come in late in the day and make sure you pick someone who hasn't voted yet. Nifty, that.
That may happen in some parts of the country, but not at the California polls I've worked at. This sort of rhetoric is part of an idea that people seem to have that elections in California are hard to defraud when paper ballots are used, it almost seems to me to be a deliberate misdirection from the electoral risks that are independent of voting machines, or specific to the older paper technologies.
Given that you can walk up and vote as anyone you say you are without any worry that you'll be asked for an ID (in fact asking would be illegal in CA), the last thing I'm worried about is someone leaving a software paper trail of having done election tampering. Much simpler to hire people to vote as dead people, and much less tracable. Buy votes, pay cash. No muss, no fuss.
Thank you for your eloquent elaboration of my point.
Many folks who don't have driver's licenses do have state ID cards (drivers licenses without the driving privs).
I do agree with you that I don't know how bad this sort of fraud is, there's some belief that it's non-trivial, but I haven't seen the evidence myself.
Power: The Edge machines have internal batteries good for a few hours, built-in. The machines are left plugged-in the night before the election to make sure the batteries are fully charged. You know you've lost power even if you're outside because a yellow bar appears at the bottom of the LCD, it goes red when your internal battery pack gets within ten minutes of failing. We also had a separate external battery pack. We also could call for additional battery power (we'd have hours) if it looked like we were going to run out. Finally, in case all of this fails, there's a backup plan involving paper and the box you dropped your absentee ballot in.
So, it's unlikely you'd actually reboot due to power failure. Still, Reboot doesn't seem to kill the results card in most cases. We didn't do that catastrophically, but we did turn (in training) the machine off and then on while the polls open/closed switch was left open, the right thing happens there (it notes it on the log, the counts stay there.)
I wouldn't want to try it during the period immediately after the user presses "Yes, I really want to cast this ballot.", it appears that some sort of NVRAM is written there. FYI, The results cartridge looks kinda like a PCMCIA card, not precisely, but that's the basic idea.
You don't need extra power to tally the results, etc. The machines have a small printer in the back, they print out totals at the beginning and end of the election (as determined by the turn of a knob.) The internal battery pack could run the printer. You've still got the results card, as well.
It was a little frightening that when I dropped off my absentee ballot, that there was no lock on the box to go to the registrar's office.
We had a small blue plastic seal, it's a little plastic doodad that connects the two zipper pulls, you can close the seal through the zippers but you can't open the seal without breaking it. It's just a small #'d piece of plastic, that seal should have been put on after the first absentee ballot was cast (after showing that first abs. voter that the box was empty), and should have only been taken off during the closing of the polling place. It's more likely they forgot (or didn't know to) put it on.
Similar seals are used to protect against various bits of tampering on the electronic machines and in the final "bag of results" that is driven to the registrar's office (or some local field centers). The one that protects the results cartridge has its code # paid special attention to.
If you didn't see a blue plastic thingee (it wouldn't have been big, like a master lock), it's worth mentioning it to the registrar, but more likely mistraining of the poll workers than actual malfaesence. (We had a mistake in our own implementation there, we used a yellow one instead of a blue one, but no real harm was done to the system thereby, it's just a piece of plastic.)
Note that losing an absentee ballot would be possible after the poll-workers open the box after polling, as well. As during the day during aan election, there'd be some chance another poll-worker would catch you at it, unless you're in cahoots. Still nice to lock the ballot box during the election, though. (If nothing else, it saves you from having to tell someone you won't retrieve their ballot when they cast it and then say they made a mistake!)
My comment you're replying to was only intended to retort Slashdot's use of the word "network trouble", a term I wouldn't use for modem problems. I agree that crashes, are problematic, just not what I was attempting to talk about. My apologies for any confusion.
At least in California if you try hard enough you can get yourself off the books. We had forms for various sorts of changes/corrections to the voting roster, one option was "person has moved", another was "person is deceased". A family member or even, I think (I didn't read the specifics) an election official who knew the person involved could fill out said form. Not that we filled one out (for those reasons, we did do a correction of the spelling of a name.)
(The specifics I mention for the case where you can ask for ID are incorrect with respect to the time-frame, but otherwise generally correct. It's a case that rarely ever happens.)
Now, you do sign in, and the vast majority of folks who vote either bring in their sample ballot or just present their driver's license. But if you know "old Fred" won't be voting, you could walk in, say you're Fred at 321 Iris St. (if that's his address), sign his name, print his address, and be allowed to vote.
Now, that's dangerous to do, because there's a small chance that Fred is known to one of the poll-workers. But yeah, you can't ask for ID. I can't even begin to imagine why.
The machines in the polling place I worked in last night run WinCE, which seems a poor but size-appropriate choice for the task.
Why does it need a touchscreen?
You could ask that of ATMs, too. It doesn't need one, but it fails less, is less subject to a variety of sorts of damage, and ends up being easier for non-computer users to understand than a keyboard.
And for heaven's sake, why does it have to be networked?
It doesn't. The machines in the polling place I worked last night weren't, electronic cartridges were physically delivered (with me watching) to the registrar of voters, along with a printout from each machine which listed the total vote count from that machine between the opening and closing times.
Note that if you read the article, instead of just the slashdot text, it sounds like they just ran out of modems at the registar's office, but it's hard to tell.
How 'bout making people show IDs to vote?
As a learning experience and a lark, I worked a polling area in San Jose, California yesterday. The machines were "Sequoia Edge", and worked well, save that some people had trouble figuring out that they needed to push a bit harder to get the voter card into the voting machine.
Had a machine gone down, I can easily see how the folks in that polling place might have allowed the machine to be taken, repaired, and brought back. Each of the four folks full-time at the polling place was required to have only a few hours of training, much of it centered around operational issues and not legal issues. Poll workers are mostly retired folks who do elections for fun or small profit ($95, covering fourteen hours of work and three of training.)
I couldn't tell you if such a removal and return would be illegal under California law, I bet that's true for most of the poll-workers in California last night.
I do know that down machines would be reported to the registrar's office, where presumably they would have some legal responsibilty to insure the right things happen. How many people would be watching the machine at any given point during the process is open to question.
In my opinion, for the systems I used and the procedures and people in place, the easiest way to cheat the system would be to get a couple poll-workers in on whatever you wanted to do. With that, it'd be easy to tamper with results no matter what voting system was used.
You want fair elections, nine machines whose votes are subject to concern just doesn't bother me to the extent that more fundamental problems with election procedure do. In California at least, in most cases (there's an exception in a corner case called Fail-Safe provisional voting) there's no requirement that you demonstrate identity when you vote. You just have to sign in. No IDs, etc. Big deal. Given that voters are never removed from the registration roles in California (I believe this is true even after death, but the cases I've heard of may have been glitches), I'm suspecting there's a lot more vote fraud caused by folks voting who aren't legally entitled to than there is by subversive maniuplation of machines in that particular case.
Not that I'm not bothered by the various Diebold scandals. And I do agree that significant violations of election law should be punished severely. But I hear a lot of this electronic voting discussion as hysteria, and that concerns me as well.
I do get tons of spam at other addresses, sadly.
WinCE, if I recall correctly.
The Miller article also demonstrates a lack of credibility in other ways. It provides a pseudo-scientific analysis from an unnamed author, one who tries to sound like he's writing a scientific paper but who fails to get enough details right to do a creditable job of such. It makes an appeal to suggest that certain numbers are significant without disucssing the statistical tests he used (probably none) or a disucssion of confidence intervals is evidence enough of the writers inexperience with statistics. But most importantly, it falls down on the analysis of other parts of the election that could have caused the results listedand many of those are quite obvious to anyone familiar with California election procedure.
There are serious problems with both electronic and non-electronic voting systems, but faux-science and hysteria isn't going to solve anything.
Actually, if the IBM patent is cited, the examiner saw it, and every claim, including claim 1 (the broadest), was likely determined to be different than IBM's practice.
Actually there were, although they were couched as a software plus a hardware device. Example of a patent issued in 1984.