As a result the US government MUST OWN the code that counts the votes. This can never be proprietary.
The US government isn't allowed to own copyrights to anything -- anything they develop directly or that's done as a work-for-hire for them is automatically public domain. (For this reason, there's a lot of code that's written by government contractors and remains under their ownership, even though the reason behind its production was government use).
Effectively, then, any government-developed voting system code would be public domain -- which would be, IMHO, entirely ideal.
Your bank? Check. Your brokerage? Check? Your government? Check. Your doctor? No, but thats because your doctor is still using Win95 and Office 97. Once someone consolidates the IT operations of law offices and medical practices, this will happen too...the cost of handling paper records is killing these industries.
It's not all that bad. Practice management systems (for patient scheduling and billing) have almost 100% market share already. It's only electronic medical record systems that are next to unheard of -- and there are plenty of folks (such as the startup I work for) working hard to fill that gap.
No, it's not. People have for years used various "human readable" forms and still the failure rate for the ballots was non-zero.
I'm not talking about a pre-printed form. I'm talking about a machine-printed piece of paper, created by the voting machine that says, in natural language, "President: Snoopy"; "Vice-President: Charlie Brown", and so forth.
Having an external validation mechanism is a Good Thing. Spot-checking take-home receipts isn't necessarily the best way to do it, though -- there's too much potential for unintended side effects such as enabling vote-selling. (Under what conditions can people validate their vote? The more loosely these conditions are applied, the better the chances that the controls will be insufficient to enable vote-selling; the tighter the controls, the fewer the individuals who will take advantage of the opportunity to verify and the higher the likelihood that minor corruption in a very close vote will go undetected).
Keeping voter-verified, human-readable receipts in an on-site lockbox under the care of election officials makes more sense. Since these receipts are human-readable without any database lookup, it's trivial for the voter to ensure that they acccurately reflect their preferences. Since the receipt stays in a lockbox and doesn't go with the voter, it can't be misused to enable vote-selling. Since the paper receipts are all present, a proper recount (and thus error correction, rather than just detection) is possible. [Asking the public at large to turn in their receipts for a recount would result in a nonrepresentative sample]. Paper receipts maintained in secured lockboxes also follow an auditable trail; their locations are known at any time, and procedures already in place for safeguarding paper ballots (such as having individuals representing multiple parties overseeing their safety) can be applied.
If malpractice were really the problem, then there would be no specialists in Houston and Dallas as well.
There aren't none -- but there are less than there should be. That said, I think this post provides an explanation which is consistent with most of the positions voiced here.
ER surgeons are typically independant contractors, so hospital operating and equipment costs (and the expenses of hiring supporting technicians) has nothing at all to do with how feasible it is for them to stay in business as the independant operators they are.
I'm not discussing the percentage of total health care costs, but rather the percentage of operating costs for the doctors themselves -- an entirely different number. If you're using Budget Office figures for the former, it's really quite irrelevant to the issue here (that being whether the MDs themselves can profitably stay in business).
You know what they say about lies, damn lies, and statistics? If I have doctors telling me that people they know have been driven out of business by malpractice costs, I'm inclined to suspect that any statistics which would imply that this is infeasible are, even if accurate, not directly on-point.
I call bullshit. My employer builds a next-generation EMR system (electronic medical records). Our two top executives are doctors, and I think there's a total of about 14 on staff, from a number of different specialties (since we need data for our created for doctors in all the different specialties we want to sell to).
All of them have horror stories about how hard it is to find specialists for certain fields, particularly in rural areas (which Texas, which I'm in, has a lot of), because the cost of malpractice insurance is so high for those specialties.
So no -- malpractice insurance is a real problem, and a big one, I'm not using GOP talking points, but rather hallway-conversation with my coworkers who've genuinely been there.
Nope. You can have a database that maps some value with some vote. You are assuming that the value would be ID or could be used to ID the person. I'm asserting that the code to look up the vote could be done in a way that posession of the DB wouldn't allow anyone to ID any voter.
Unless one of their cohorts (the hypothetical corrupt employer) collected a bunch of receipt slips from individuals, thus having a mapping of individuals (who gave them the receipts) to IDs (corresponding with each receipt). Did you actually read all of what I wrote?
Anyhow, I don't want to play the game of "can you think of a system I can't crack?". It'll take too many rounds to come to something that leaves one or the other of us stymied, and there's still no guarantee that the result is secure. Much better is to build a system that is as simple as possible and no simpler -- and one of the best ways to do that is trimming unnecessary requirements... such as a take-home vote receipt.
You mean the ability to grab information people thought was gone off of places it exists on the hard drive?
They already can; they have been able to from before the Google local search engine existed; and they'll continue to be able to after it's gone until folks actually take good care of OS-level security and permissions.
Put a hash in so that it requires a recipt handed to the voter (with no identifying info on it, other than name, and no record of the vote), a PIN input by the voter, as well as access to the central database. You check the ID against the recipt, you let them in the booth, they enter the number from the recipt, their PIN, and the terminal accesses the central database and prints their vote on the screen.
You have a database that maps IDs to votes somewhere, and you're trusting it to be secure. From where I stand, that's a Bad Thing on principal.
Local Corrupt Election Official gets access to the database, and the corrupt business owner he's in cahoots with starts asking to see his employees' receipts -- and $DEITY help them if they didn't vote for the right person. (Yes, it's possible in theory to vote for someone else and and swap receipts, but that's not to say that this kind of corruption won't be effective; there are also mechanisms for the corrupt individuals to prevent that from happening).
Just because you are too stupid to think of a way to do it doesn't mean it can't be done.
A corellary (and perhaps the most important single sentence in my post): Just because you're too stupid to think of an exploit doesn't mean it's secure.
Why would it enable vote-selling? If you only allow vote checking in the same manner as the original vote (private booth, no recipt), then you can't sell your vote any more easily than today's system.
If you're checking it while you're still in the booth, that's not "after-the-fact".
If you're keeping a record such that someone can come back to another private booth and it can be determined who they, specifically, voted for, that means that records are kept in some central repository sufficient to determine each individual's vote. This means that a corrupt individual with access to the local election machinery can determine who voted for who, and thus vote-selling or, worse, retaliation can happen that way. (Corrupt local election officials are absolutely not unheard of in the last century of US history).
There's a legal principal that if you harm someone else, or behave negligently such that someone comes to harm on your behalf and you could reasonably foresee them coming to harm, you're liable.
There doesn't need to be a law regarding the specific way you harmed them, or the specific form of negligence involved.
It's been a few years since I actually studied tort law, and I am not and have never been a lawyer, so this is very much not legal advice and probably not perfectly accurate either -- but the generalities are close.
The point is that there exists a paper copy, and that the voter has had the opportunity to review it before declaring it correct.
Print a single paper copy, display it behind glass with a (visible) mechanism that either drops it into a lockbox or runs it through a shredder based on whether the voter approves or not.
I don't like requiring people to bring their receipts back for a recount -- it means some portions of the population (ie. retirees) will be overrepresented, while others (ie. individuals w/o trivially available transportation) will be underrepresented.
And this is the exact reason that this method is unnecessary. Voting is already a pain in the ass for people apparently as so little people do it. So let's make everyone's lives more difficult by adding MORE steps, more pieces of paper to think about, and more places to screw up.
I'd argue that the actual process that goes on at the polling place has little or nothing to do with turnout. The hassle of getting to the voting place -- sure, I'll accept that that impacts turnout, especially for people without vehicles. What happens once you're there? Naah. If people cared enough to go to the polling place, and once there were so annoyed by the process as to not vote in the future, they'd complain, and we'd hear it in a very big way. Instead, they just don't go.
In any event, there are ways of having paper-backed touchscreen systems that are simpler than that. For instance, the machine could display the printed copy behind glass, and have a button which (in full view of the user) either feeds the paper into a lockbox or into a shredder, depending on whether they confirm it.
(What "current system", btw -- paper-only, or unverifiable machines?)
Perhaps the writer of your ATM's software is also skimming off your account and directing it to the RNC?
Generally Not Done, and here's why:
Voting machines are designed to provide anonymity to their users. ATMs are designed to deny it.
ATMs keep a paper trail
People can and do double-check after the fact that their bank accounts are correct; allowing voting machine users to do the same would enable vote-selling, and so is unacceptable
Based on election officials' positions in the media when some level of innacuracy has occurred, losing one's customer is to a bank is much more serious than losing just one citizen's vote is to an election official
ATM security audits aren't utter and complete jokes -- because there's a serious pecuniary interest to get it right
Sure, we need to move on some time -- after the problems that caused our distrust in the first case are resolved!
The IEEE generally takes the same positions as their contingency -- computer scientists, coders, hackers; and generally the more competant section of the crowd at that.
The ITAA, on the other hand, appears to represent not the folks who actually do IT, but rather the "industry" -- that is, the folks who own IT companies, rather than the folks who actually do all the work and understand what's going on.
I don't want journalists thinking these schmucks represent me.
The odd interface-related snafu here and there gets media attention, surely, but the serious issue is the potential for election rigging with no ability to detect or correct for it after-the-fact. Claiming that the only issues these machines have are interface-related is a slick slight-of-hand, taking attention from where the serious problems lie.
(After all -- interface-related mistakes, like hanging chads, are made by everyone, and on average shouldn't swing the election very much. If there's election-rigging going on, though, that'll swing things in the favor of a specific candidate -- the one favored by the rigger(s)).
Nuh-uh. You still don't own the copyright to the parts you didn't write. The GPL requires that each copy your republish contain an "appropriate copyright notice". If it claims that it's copyright yourself, and it's genuinely owned by someone else, you're arguably in violation of this license license clause, in addition to any other charges (fraud?) which may stem from this action.
It would be worth it just for the story, especially if you rent.
Quite. IIRC, my homeowner's insurance specifically disclaims responsibility for such events, in the same section where they say they aren't responsible for warlike actions or damage caused by nuclear blasts.
If the grandparent poster is a microkernel affecionado, then [s]he could have an entirely valid perspective from which to call the Linux kernel bloated -- it contains entirely too much stuff that ought to be in userland! "What bloat"? Drivers and filesystems and all that other gunk...
Or the grandparent poster could be just be repeating conventional [un]wisdom. Take 'yer pick...
In corporate world you don't need to convince much - just fire them.
Not always possible. Might be that the DBA is the CEO's old friend from college, or that there isn't cash to hire someone more competant, or that the Big Boss just plain isn't good at firing people.
Oops, did I just describe my own situation?
Of course not.
Re:I code C# for a living
on
Java 1.5 vs C#
·
· Score: 1
Its really nice to be able to add new code, change existing code, and arbitrarily set the execution pointer.
Re arbitrarily setting the execution pointer, see gdb's "jump" and "return" commands -- and yes, it also allows arbitrary memory changes. That said, binary patching with gdb is a royal PITA compared to the way VS automates it (yes, it can be done with gdb in some cases, but it's difficult and underdocumented).
Morality is actually important to most Chinese, though I suspect that as an American you are not able to recognise it as such; the way you jeer at the notion suggests that you don't really have much idea about what morality is.
I didn't read the parent post as jeering. Early puritan America, earlier Europe, and the middle East are all examples of societies with a genuine respect for moral behaviour, and likening China to them struck me as not meant as a slight. Likewise, he said nothing about religion -- why do you bring it up?
That said, I agree that he's full of bullshit re the main gist -- oppression as a means of societal release isn't a concept I'm willing to buy.
The topic is $COMPANY_A making a contribution to the Linux Kernel. I'm reminiscing a bit about having worked for $COMPANY_A actually doing all that great stuff. (Well, not quite -- I was mostly userland, though there was a bit of kernelspace work as well).
As a result the US government MUST OWN the code that counts the votes. This can never be proprietary.
The US government isn't allowed to own copyrights to anything -- anything they develop directly or that's done as a work-for-hire for them is automatically public domain. (For this reason, there's a lot of code that's written by government contractors and remains under their ownership, even though the reason behind its production was government use).
Effectively, then, any government-developed voting system code would be public domain -- which would be, IMHO, entirely ideal.
Your bank? Check. Your brokerage? Check? Your government? Check. Your doctor? No, but thats because your doctor is still using Win95 and Office 97. Once someone consolidates the IT operations of law offices and medical practices, this will happen too...the cost of handling paper records is killing these industries.
It's not all that bad. Practice management systems (for patient scheduling and billing) have almost 100% market share already. It's only electronic medical record systems that are next to unheard of -- and there are plenty of folks (such as the startup I work for) working hard to fill that gap.
No, it's not. People have for years used various "human readable" forms and still the failure rate for the ballots was non-zero.
I'm not talking about a pre-printed form. I'm talking about a machine-printed piece of paper, created by the voting machine that says, in natural language, "President: Snoopy"; "Vice-President: Charlie Brown", and so forth.
Having an external validation mechanism is a Good Thing. Spot-checking take-home receipts isn't necessarily the best way to do it, though -- there's too much potential for unintended side effects such as enabling vote-selling. (Under what conditions can people validate their vote? The more loosely these conditions are applied, the better the chances that the controls will be insufficient to enable vote-selling; the tighter the controls, the fewer the individuals who will take advantage of the opportunity to verify and the higher the likelihood that minor corruption in a very close vote will go undetected).
Keeping voter-verified, human-readable receipts in an on-site lockbox under the care of election officials makes more sense. Since these receipts are human-readable without any database lookup, it's trivial for the voter to ensure that they acccurately reflect their preferences. Since the receipt stays in a lockbox and doesn't go with the voter, it can't be misused to enable vote-selling. Since the paper receipts are all present, a proper recount (and thus error correction, rather than just detection) is possible. [Asking the public at large to turn in their receipts for a recount would result in a nonrepresentative sample]. Paper receipts maintained in secured lockboxes also follow an auditable trail; their locations are known at any time, and procedures already in place for safeguarding paper ballots (such as having individuals representing multiple parties overseeing their safety) can be applied.
If malpractice were really the problem, then there would be no specialists in Houston and Dallas as well.
There aren't none -- but there are less than there should be. That said, I think this post provides an explanation which is consistent with most of the positions voiced here.
ER surgeons are typically independant contractors, so hospital operating and equipment costs (and the expenses of hiring supporting technicians) has nothing at all to do with how feasible it is for them to stay in business as the independant operators they are.
I'm not discussing the percentage of total health care costs, but rather the percentage of operating costs for the doctors themselves -- an entirely different number. If you're using Budget Office figures for the former, it's really quite irrelevant to the issue here (that being whether the MDs themselves can profitably stay in business).
You know what they say about lies, damn lies, and statistics? If I have doctors telling me that people they know have been driven out of business by malpractice costs, I'm inclined to suspect that any statistics which would imply that this is infeasible are, even if accurate, not directly on-point.
I call bullshit. My employer builds a next-generation EMR system (electronic medical records). Our two top executives are doctors, and I think there's a total of about 14 on staff, from a number of different specialties (since we need data for our created for doctors in all the different specialties we want to sell to).
All of them have horror stories about how hard it is to find specialists for certain fields, particularly in rural areas (which Texas, which I'm in, has a lot of), because the cost of malpractice insurance is so high for those specialties.
So no -- malpractice insurance is a real problem, and a big one, I'm not using GOP talking points, but rather hallway-conversation with my coworkers who've genuinely been there.
Nope. You can have a database that maps some value with some vote. You are assuming that the value would be ID or could be used to ID the person. I'm asserting that the code to look up the vote could be done in a way that posession of the DB wouldn't allow anyone to ID any voter.
Unless one of their cohorts (the hypothetical corrupt employer) collected a bunch of receipt slips from individuals, thus having a mapping of individuals (who gave them the receipts) to IDs (corresponding with each receipt). Did you actually read all of what I wrote?
Anyhow, I don't want to play the game of "can you think of a system I can't crack?". It'll take too many rounds to come to something that leaves one or the other of us stymied, and there's still no guarantee that the result is secure. Much better is to build a system that is as simple as possible and no simpler -- and one of the best ways to do that is trimming unnecessary requirements... such as a take-home vote receipt.
You mean the ability to grab information people thought was gone off of places it exists on the hard drive?
They already can; they have been able to from before the Google local search engine existed; and they'll continue to be able to after it's gone until folks actually take good care of OS-level security and permissions.
Local Corrupt Election Official gets access to the database, and the corrupt business owner he's in cahoots with starts asking to see his employees' receipts -- and $DEITY help them if they didn't vote for the right person. (Yes, it's possible in theory to vote for someone else and and swap receipts, but that's not to say that this kind of corruption won't be effective; there are also mechanisms for the corrupt individuals to prevent that from happening).A corellary (and perhaps the most important single sentence in my post): Just because you're too stupid to think of an exploit doesn't mean it's secure.
Why would it enable vote-selling? If you only allow vote checking in the same manner as the original vote (private booth, no recipt), then you can't sell your vote any more easily than today's system.
If you're checking it while you're still in the booth, that's not "after-the-fact".
If you're keeping a record such that someone can come back to another private booth and it can be determined who they, specifically, voted for, that means that records are kept in some central repository sufficient to determine each individual's vote. This means that a corrupt individual with access to the local election machinery can determine who voted for who, and thus vote-selling or, worse, retaliation can happen that way. (Corrupt local election officials are absolutely not unheard of in the last century of US history).
There's a legal principal that if you harm someone else, or behave negligently such that someone comes to harm on your behalf and you could reasonably foresee them coming to harm, you're liable.
There doesn't need to be a law regarding the specific way you harmed them, or the specific form of negligence involved.
It's been a few years since I actually studied tort law, and I am not and have never been a lawyer, so this is very much not legal advice and probably not perfectly accurate either -- but the generalities are close.
Why let the voter keep their copy at all?
The point is that there exists a paper copy, and that the voter has had the opportunity to review it before declaring it correct.
Print a single paper copy, display it behind glass with a (visible) mechanism that either drops it into a lockbox or runs it through a shredder based on whether the voter approves or not.
I don't like requiring people to bring their receipts back for a recount -- it means some portions of the population (ie. retirees) will be overrepresented, while others (ie. individuals w/o trivially available transportation) will be underrepresented.
And this is the exact reason that this method is unnecessary. Voting is already a pain in the ass for people apparently as so little people do it. So let's make everyone's lives more difficult by adding MORE steps, more pieces of paper to think about, and more places to screw up.
I'd argue that the actual process that goes on at the polling place has little or nothing to do with turnout. The hassle of getting to the voting place -- sure, I'll accept that that impacts turnout, especially for people without vehicles. What happens once you're there? Naah. If people cared enough to go to the polling place, and once there were so annoyed by the process as to not vote in the future, they'd complain, and we'd hear it in a very big way. Instead, they just don't go.
In any event, there are ways of having paper-backed touchscreen systems that are simpler than that. For instance, the machine could display the printed copy behind glass, and have a button which (in full view of the user) either feeds the paper into a lockbox or into a shredder, depending on whether they confirm it.
(What "current system", btw -- paper-only, or unverifiable machines?)
losing one's customer
Oops -- in point 4, I meant to say "losing a customer's deposit". Much better analogy to losing a citizen's vote.
Generally Not Done, and here's why:
Sure, we need to move on some time -- after the problems that caused our distrust in the first case are resolved!
The IEEE generally takes the same positions as their contingency -- computer scientists, coders, hackers; and generally the more competant section of the crowd at that.
The ITAA, on the other hand, appears to represent not the folks who actually do IT, but rather the "industry" -- that is, the folks who own IT companies, rather than the folks who actually do all the work and understand what's going on.
I don't want journalists thinking these schmucks represent me.
...well, not the serious problem, anyhow.
The odd interface-related snafu here and there gets media attention, surely, but the serious issue is the potential for election rigging with no ability to detect or correct for it after-the-fact. Claiming that the only issues these machines have are interface-related is a slick slight-of-hand, taking attention from where the serious problems lie.
(After all -- interface-related mistakes, like hanging chads, are made by everyone, and on average shouldn't swing the election very much. If there's election-rigging going on, though, that'll swing things in the favor of a specific candidate -- the one favored by the rigger(s)).
Nuh-uh. You still don't own the copyright to the parts you didn't write. The GPL requires that each copy your republish contain an "appropriate copyright notice". If it claims that it's copyright yourself, and it's genuinely owned by someone else, you're arguably in violation of this license license clause, in addition to any other charges (fraud?) which may stem from this action.
It would be worth it just for the story, especially if you rent.
Quite. IIRC, my homeowner's insurance specifically disclaims responsibility for such events, in the same section where they say they aren't responsible for warlike actions or damage caused by nuclear blasts.
If the grandparent poster is a microkernel affecionado, then [s]he could have an entirely valid perspective from which to call the Linux kernel bloated -- it contains entirely too much stuff that ought to be in userland! "What bloat"? Drivers and filesystems and all that other gunk...
Or the grandparent poster could be just be repeating conventional [un]wisdom. Take 'yer pick...
In corporate world you don't need to convince much - just fire them.
Not always possible. Might be that the DBA is the CEO's old friend from college, or that there isn't cash to hire someone more competant, or that the Big Boss just plain isn't good at firing people.
Oops, did I just describe my own situation?
Of course not.
Its really nice to be able to add new code, change existing code, and arbitrarily set the execution pointer.
Re arbitrarily setting the execution pointer, see gdb's "jump" and "return" commands -- and yes, it also allows arbitrary memory changes. That said, binary patching with gdb is a royal PITA compared to the way VS automates it (yes, it can be done with gdb in some cases, but it's difficult and underdocumented).
Morality is actually important to most Chinese, though I suspect that as an American you are not able to recognise it as such; the way you jeer at the notion suggests that you don't really have much idea about what morality is.
I didn't read the parent post as jeering. Early puritan America, earlier Europe, and the middle East are all examples of societies with a genuine respect for moral behaviour, and likening China to them struck me as not meant as a slight. Likewise, he said nothing about religion -- why do you bring it up?
That said, I agree that he's full of bullshit re the main gist -- oppression as a means of societal release isn't a concept I'm willing to buy.
Why?
The topic is $COMPANY_A making a contribution to the Linux Kernel. I'm reminiscing a bit about having worked for $COMPANY_A actually doing all that great stuff. (Well, not quite -- I was mostly userland, though there was a bit of kernelspace work as well).
I think it's reasonably topical.