Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

California Sec. of State Wants Open Source E-Voting Systems

Soulskill posted more than 5 years ago | from the nowhere-to-go-but-up dept.

Government 112

Lucas123 writes "California's Secretary of State, Debra Bowen, was among a group of e-voting experts at MIT yesterday who said the nation's electronic voting systems are still not secure and many run on faulty software. Among the suggestions offered to fix the problem: use open source software, stop delivering e-voting machines to polling places weeks in advance of an election, and keep a paper trail for auditing purposes. Bowen also believes that a ubiquitous Internet voting system could not work without the use of a national ID card system."

cancel ×

112 comments

Sorry! There are no comments related to the filter you selected.

Simple Solution. (5, Funny)

bigtallmofo (695287) | more than 5 years ago | (#25176819)

No need to open source anything or make any other changes... Just slap a sticker with one of those disclaimers on each of the current voting machines that reads "This is not a scientific poll and is completely inaccurate."

Problem solved.

Re:Simple Solution. (2, Informative)

Manulani (1373445) | more than 5 years ago | (#25177625)

Why would you use a high level operating system in a voting machine.... the code should be written in assembler.... with a printed record which is readable by humans and machines.

Re:Simple Solution. (1)

Tubal-Cain (1289912) | more than 5 years ago | (#25177729)

Who's suggesting an high-level OS? Assembly code can be Open Source, too.

Re:Simple Solution. (1)

Tubal-Cain (1289912) | more than 5 years ago | (#25177735)

Who's suggesting an high-level OS?

I mean besides MS.

Estonia is the pioneer in e-voting (0)

Anonymous Coward | more than 5 years ago | (#25176825)

Let us follow them http://news.bbc.co.uk/2/hi/europe/4343374.stm [bbc.co.uk]

Re:Estonia is the pioneer in e-voting (1)

neuromanc3r (1119631) | more than 5 years ago | (#25176901)

No, don't follow them. Electronic Voting is an inherently flawed idea, let's just stick to pen&paper voting.

GoogleSat Raise-Your-Hand Voting . . . (2, Interesting)

PolygamousRanchKid (1290638) | more than 5 years ago | (#25176995)

No, don't follow them. Electronic Voting is an inherently flawed idea, let's just stick to pen&paper voting.

... everyone just go outside when the GoogleSat satellite goes over your region on election day.

Raise your hand: right hand, McCain; left hand, Obama

Google 's brilliant programmers have a flawless (albeit, beta) system that can correctly tally the votes.

Probably.

Re:GoogleSat Raise-Your-Hand Voting . . . (2, Funny)

Amazing Quantum Man (458715) | more than 5 years ago | (#25177693)

I vote third party, you insensitive clod!!!!

Re:GoogleSat Raise-Your-Hand Voting . . . (3, Funny)

jcwayne (995747) | more than 5 years ago | (#25177727)

That's you choice, but you may be charged with indecent exposure.

Re:GoogleSat Raise-Your-Hand Voting . . . (0)

Anonymous Coward | more than 5 years ago | (#25177737)

So lift your leg.

Re:GoogleSat Raise-Your-Hand Voting . . . (3, Funny)

GaryOlson (737642) | more than 5 years ago | (#25177849)

The camera resolution is not high enough to discern items that small. Your vote has been disqualified.

Electronically *ASSISTED* voting is good (2, Insightful)

Joce640k (829181) | more than 5 years ago | (#25177135)

Voting machines could print barcoded papers which can be counted electronically. This would allow fast vote counting without all the problems of the punch cards. Random samples of the paper could be counted manually as a security check.

Whatever happens there must be a paper trail. These are important decisions and any system without bits of paper should be a no-starter.

Re:Electronically *ASSISTED* voting is good (1)

The_Noid (28819) | more than 5 years ago | (#25177161)

As long as human beings can not read barcodes, barcodes on ballots are a big no.

Just print the names on the ballot and ocr that. Should be easy enough.

Re:Electronically *ASSISTED* voting is good (1)

GaryOlson (737642) | more than 5 years ago | (#25177893)

Sure, the OCR part is easy. Teaching people to right and spel correctly -- still haven't implemented that effectively after hundreds of years of trying.

Are you saying illiterates will all have their votes disqualified? But they have their high school diploma which states they gradiated from a government approved learning facility. The idiots can't be disqualified; that would be unfair.

Re:Electronically *ASSISTED* voting is good (2, Interesting)

Joce640k (829181) | more than 5 years ago | (#25178253)

How hard can it be to vote electronically?

A machine can show voters a screen with photos/names/square boxes on it. At the side of the screen are physical buttons which correspond to the choices. When you press a button it goes beep and starts to flash. A flashing red 'X' also appears in the square box on screen. Your aim was off? Press a different button and the 'X' will go there.

Next to the screen there's a printer which really really looks like a printer instead of something designed by Apple. On the front of it there's a large button labeled "print".

Next to the printer there's a slot with a big arrow on it saying "vote here".

In the mat in front of the machine there's a sensor which detects voters and which speaks clearly-worded instructions to them when they stand on it. If you don't touch the screen in twenty seconds the message will repeat.

When you press the print button the voice tells you not to fold the card, to just check it and place it in the slot when you're happy. If you're not happy, place the card in the shredder instead and start over (both voting slot and shredder will read the barcode to verify you put the right piece of paper in them).

In case of trouble there's a "practice" machine outside with helpful assistant. The candidates on the practice machine will be stupid cartoon dogs called "Spot" and "Rover" just to make it obvious that it's not the real thing.

If you can screw that up you'll probably screw up a pencil/paper system anyway.

Re:Electronically *ASSISTED* voting is good (1)

The_Noid (28819) | more than 5 years ago | (#25183207)

Sounds good, except again for the bar-code. If the names are printed there will be no spelling or writing errors anyway so you can just ocr the human readable text.

A ballot should not contain any non-human readable data. If the ballot is printed there does not need to be.

Now for the BIG decision (4, Funny)

Vinegar Joe (998110) | more than 5 years ago | (#25176827)

KDE or Gnome? But since it's California, it'll probably be Enlightenment.

Re:Now for the BIG decision (1)

Darkness404 (1287218) | more than 5 years ago | (#25176931)

If you are making a voting machine, I hope it neither runs GNOME nor KDE, nor Enlightenment! It should run as minimal as possible, not only to save hardware costs, but to cut down on local vulnerabilities (the thing shouldn't be networked, so remote ones shouldn't matter).

Re:Now for the BIG decision (3, Insightful)

Shot_Noise (1354159) | more than 5 years ago | (#25177115)

It should run as minimal as possible

Personally, I would take one step further. Electronic voting machines should be based on either a microcontroller or FPGA. The source code for whichever one would be available for public review. It would be carefully written and validated to ensure that the ports to which the user (voter, election worker, etc) has access cannot be used to reprogram it. It would be enclosed in a truly tamper-resistant, tamper-evident box. Of course, it still needs to have a voter-verified hard copy.

I think too often we are tempted to take the easy path and use an all software solution when a solution that involves hardware makes more sense.

Re:Now for the BIG decision (1)

cheater512 (783349) | more than 5 years ago | (#25177255)

Qtopia comes to mind actually.
It would do the job extremely well.

Re:Now for the BIG decision (1)

pjturpeau (1373437) | more than 5 years ago | (#25177565)

None of them. I suspect that a single full-screen application that runs as the window manager by itself would be more secure and less error prone.

Re:Now for the BIG decision (5, Funny)

oodaloop (1229816) | more than 5 years ago | (#25177025)

Finally, the year of the Linux voting machine has arrived!

Another trick: reduce the time pressure issue (5, Interesting)

compumike (454538) | more than 5 years ago | (#25176849)

Lots of the problems described occur because a voter must actually punch a bunch of buttons in just a few minutes -- matching a (hopefully predetermined) set of things they wanted to vote for. It seems like there's lots of room for error because of the time crunch that everyone feels in this situation.

What if you could actually do the ballot on your computer at home, carefully making sure that the buttons you push are what you intended, and then bring a printout with something like a barcode or other digital encoding of your selections? (This wouldn't have to be tied to your name -- that can still happen in the booth.) Then you bring that barcode to the booth, and it scans it after you walk in, and that "preloads" your selections. Then, you're just down to a verify step, under less pressure.

Seems to even open a new market for various parties to distribute the barcodes of their respective positions... :-/ don't want to make things *that* easy.

Just a thought...

--
Learn electronics! Microcontroller kits for the digital generation. [nerdkits.com]

Re:Another trick: reduce the time pressure issue (1)

cervo (626632) | more than 5 years ago | (#25176895)

Then how do you buy an election from diebold? All these papers with the bar code and print outs would be countable. When the machine vote and the ballots don't match, uh oh the jig is up.

Although seriously you could probably stuff the ballot just like in the old days.....

Re:Another trick: reduce the time pressure issue (1)

Darkness404 (1287218) | more than 5 years ago | (#25176961)

The problem with that is a lot of people don't have/don't use printers. Take that times the high price of ink, and the fact that the barcode could be smeared or otherwise damaged, it wouldn't really work.

Re:Another trick: reduce the time pressure issue (1)

cheater512 (783349) | more than 5 years ago | (#25177289)

Uhhh works great for planes here in Australia.

Used the system for the first time a few weeks ago.
Go online, choose what seat you want, hit print.
You get a page with all your info along with a couple of 2d barcodes.
Works fine even with crinkles in the page.

It replaces the boarding pass. You just walk right on to the plane.

Re:Another trick: reduce the time pressure issue (1)

GaryOlson (737642) | more than 5 years ago | (#25177973)

The problem with that is a lot of people don't have/don't use printers.

Spoken like a true geek who uses hard copy printouts as little as possible; and does not support people who can only think with a piece of paper in their hands. Paper printouts are the predominant technology; and more people understand paper technology. Non-technology people will spend more time and effort ensuring the paper printout is perfect than maintaining the system which creates the paper printout. And they will expend lots of effort and money to protect that piece of paper; and disregard the systems which made creating the printout.

And if you still think a lot of people don't use printers, stand outside an office supply store for a couple of hours and count the number of printers going out the door. Those places don't make profit on selling just pens and paper.

Re:Another trick: reduce the time pressure issue (2, Insightful)

MiKM (752717) | more than 5 years ago | (#25178613)

What about public libraries? Libraries generally charge around ten cents to print a page, which isn't very much. Even so, I'm sure that libraries would be willing to make printing out ballots free-of-charge.

Re:Another trick: reduce the time pressure issue (2, Interesting)

mfh (56) | more than 5 years ago | (#25176963)

If swift-boat politics were actually fueled by problem solving -- you would be on to something here! Sadly, it's about disaster capitalism... and therefore it's better when the voting machines have wide open security holes. But nice try!

Re:Another trick: reduce the time pressure issue (3, Insightful)

arth1 (260657) | more than 5 years ago | (#25177107)

What if you could actually do the ballot on your computer at home, carefully making sure that the buttons you push are what you intended, and then bring a printout with something like a barcode or other digital encoding of your selections? (This wouldn't have to be tied to your name -- that can still happen in the booth.) Then you bring that barcode to the booth, and it scans it after you walk in, and that "preloads" your selections. Then, you're just down to a verify step, under less pressure.

Bad idea, for many reasons:

  1. Not everyone has access to computers.
  2. It opens for coercion fraud and buying of votes. The coercer (whether it's a husband or someone who bought your vote) makes sure that you have only one printout, and that you don't spend long enough in the voting booth to fill out another.
  3. Dimpled chads will be replaced with blotting ink cartridges. Expect the printer manufacturers to get sued if a vote allegedly registers incorrectly.

The possibility for buying votes and coercing the voter is also why Internet voting must not be allowed to take place unless and until we can open a connection between our mind and the Internet. The voting booth is there to ensure privacy. Please do not take that privacy away in the name of security. I think Ben Franklin had something to say about that trade-off.

Internet voting and mind-reading (1)

tucuxi (1146347) | more than 5 years ago | (#25178007)

Actually, Internet voting must not be allowed unless you can make a connection that can't be eavesdropped between your mind and the voting machine. If third parties can listen in (even if they need your consent to do so) - vote buying will again be possible.

Imagine you manage to get this part right. Now you would only have to trust the voting machine to accurately store your vote, without the benefit of a voter-verifiable paper trail or anything you can possibly show to third parties to demonstrate that you voted one way or another... can't be done.

Re:Internet voting and mind-reading (0)

Anonymous Coward | more than 5 years ago | (#25181751)

Man-in-the-middle attacks are the very least of the concerns about internet voting. How many people have spyware or worms on their machine? Any one of those could be altering the results that their computer submits, regardless of the security of the link between their machine and the voting server.

Re:Another trick: reduce the time pressure issue (1)

magus_melchior (262681) | more than 5 years ago | (#25179387)

I'm for the entire process being online, but one would have to guard the system against things like man-in-the-middle and phishing attacks.

Nice step forward (4, Insightful)

daemonburrito (1026186) | more than 5 years ago | (#25176919)

Next step would be firing the so-called "technology experts" in the popular media, who apparently lack the the tech saavy to google for what "open-source" means.

Coverage of the G1 launch was a beautiful example of their ignorance. Many times I heard the fakers pontificate about the "security concerns" in using open-source software, while not even knowing meaning of the term.

Re:Nice step forward (1)

Darkness404 (1287218) | more than 5 years ago | (#25176973)

Next step would be to fire the people who think that E-voting systems should have anti-virus on them.

Re:Nice step forward (1)

daemonburrito (1026186) | more than 5 years ago | (#25177005)

Yeah. They're doing it wrong.

Re:Nice step forward (1)

oodaloop (1229816) | more than 5 years ago | (#25177061)

Strictly speaking, it's better than the alternative.

Re:Nice step forward (2, Funny)

eltaco (1311561) | more than 5 years ago | (#25177291)

Re:Nice step forward (0)

Anonymous Coward | more than 5 years ago | (#25181693)

oblig XKCD [xkcd.com]

But, a HUGE step backwards. (0)

Anonymous Coward | more than 5 years ago | (#25177595)

From TFA:

"Because we don't have any kind of national ID card, we have no method for doing that," Bowen said.

Why the fuck is it that every politician who might come up with one good idea cannot resist tying it to an evil add-on.

Re:But, a HUGE step backwards. (1)

kesuki (321456) | more than 5 years ago | (#25177741)

it's called politics for a reason. only evil people are drawn to the field, so evil add-ons are part and parcel. i imagine with all the hullabaloo about providing wall street with a 700 billion dollar golden parachute to stabilize the markets, that to make it more evil they'll tie in some form of legislation mandating that the people overseeing the reforms at the companies that choose to be bailed out all have to be hand picked from dubba's hand picked circle of friends, kinda like the way no bid contracts were part and parcel of rebuilding iraq.

i mean people used to $250,000+ salaries for reading the intarweb need golden parachutes making sure wall-street bailouts aren't say just shafting all american tax payers at the same time.

Re:But, a HUGE step backwards. (1)

GaryOlson (737642) | more than 5 years ago | (#25178035)

Because they have all forgotten what government service really means: the government is here to server the people. Politicians only see the people are here to serve the government.

Electronic trail as well as paper trail (1)

LuxMaker (996734) | more than 5 years ago | (#25177029)

This was not mentioned in the article. Voters should be issued a voter number and should be able to go online and verify the accuracy of their vote. The election judges should be able to do a printout and be able to go online and verify the paper matches the online data, with the help of a ballot watcher maybe. In cases of more than a 100 percent voter turnout, elections must done again.

Re:Electronic trail as well as paper trail (4, Insightful)

Nursie (632944) | more than 5 years ago | (#25177823)

No.

The moment you give the voter the ability to check their vote afterwards you give their abusive husband a way to check they voted correctly. Or the employer that wants you to vote for his buddy. Or the local mob...

Bad plan.

Re:Electronic trail as well as paper trail (1)

swillden (191260) | more than 5 years ago | (#25180095)

I agree, but that problem already exists. Absentee ballots.

Re:Electronic trail as well as paper trail (1)

KTheorem (999253) | more than 5 years ago | (#25179871)

The California constitution says that voting must be secret. It would be illegal to implement a system where you could see who voted for what.

Secure E-Voting in 293 lines of code (1)

Ranger (1783) | more than 5 years ago | (#25177039)

At Pycon 2007 in Dallas [pycon.org] I saw a lightning talk demonstrating how electronic voting could be secure in just 293 lines of code [zesty.ca] .

However the bottom line is that you shouldn't trust any voting system. What you should have is an auditing system where you can do recounts. The less moving parts or the fewer lines of code you have the easier it will be to audit a system.

Re:Secure E-Voting in 293 lines of code (2, Insightful)

liquidpele (663430) | more than 5 years ago | (#25177085)

Yes, pvote [pvote.org] is small (current version is 460 lines), but that does not take into account the software under the simple python script.. What about the OS, the Interpreter itself, drivers, how it stores the votes, etc. All that has to be secure... the actual interface to the voters is probably the LEAST of your worries.

I still can't believe this is a problem. (1)

VeasMKII (1373385) | more than 5 years ago | (#25177053)

Honestly, how hard is it to write voting software?

Re:I still can't believe this is a problem. (2, Interesting)

RAMMS+EIN (578166) | more than 5 years ago | (#25177641)

``Honestly, how hard is it to write voting software?''

Not incredibly hard, but that's not the issue. The issue is how easy it is to convince the right people that your voting system does what they want it to do.

I think the problem is either that's it's too easy to convince the right people that a voting system works, or that the right people aren't the people we want it to be.

Re:I still can't believe this is a problem. (1)

Onymous Coward (97719) | more than 5 years ago | (#25177745)

It's been done.

http://www.openvoting.org/ [openvoting.org]

Now please go and support them.

A solution looking for a problem (4, Insightful)

schnikies79 (788746) | more than 5 years ago | (#25177103)

Just stick to paper. It works.

Re:A solution looking for a problem (1)

tucuxi (1146347) | more than 5 years ago | (#25178083)

<car analogy>Yes. But the fact that walking 'works' has not stopped us from inventing cars. And mind you, the first ones were not exactly 'secure', and could claim much more than your vote.</car analogy>

On the serious side, yes, don't substitute paper until you have an alternative that's superior on all counts. But keep in mind that there's a lot of drudgery and automatable effort behind voting, and that many simply can't vote because of physical problems.

why so many elections on the same day? (1, Interesting)

Anonymous Coward | more than 5 years ago | (#25178565)

Just stick to paper. It works.

Just curious, but why do you Americans vote for so many things all at once? It's like you have federal, state, county, and municipal elections all at the same time. Plus you vote on things like sheriffs, prosecutors, and a gazillion different propositions.

And what's with all of these "propositions"? In Canada, if we have a question put to the general population (we call it a "referendum") then it's pretty big change. They generally only happen once a decade or so.

No wonder things are so complicated: people have to figure out what a dozen different things mean.

Why is that?

Re:why so many elections on the same day? (0)

Anonymous Coward | more than 5 years ago | (#25182101)

Just curious, but why do you Americans vote for so many things all at once? It's like you have federal, state, county, and municipal elections all at the same time. Plus you vote on things like sheriffs, prosecutors, and a gazillion different propositions.

Because we're a bunch of lazy dumbasses?

They don't get it. (1)

erlehmann (1045500) | more than 5 years ago | (#25177133)

The main problem with e-voting is that the average citizen can not reasonably check the ballot counting. With paper, even a seven-year-old can check if it is counted correctly. No one can look into the computer, so even if you have paper ballots, they still need to be counted. Nothing won there.

Voter verifyability. (1)

SoapBox17 (1020345) | more than 5 years ago | (#25177177)

Every optical-scan voting system should use scantegrity [scantegrity.org] .

E-Voting Machine made Easy & Secure (4, Interesting)

FlyingGuy (989135) | more than 5 years ago | (#25177281)

This is not that hard, and it sure isn't rocket science.

Strip down a distro to the kernel then ad the following:

  • Driver for a touch screen display
  • Driver for audio output to drive headphones for the visually impaired
  • Driver for a brail input device as well
  • Driver for an thumb drive to boot from
  • Driver for a tape style printer (not thermal)

Please a driver for something I missed....

The device has only enough ROM to POST and is hard coded to boot from the thumb drive which contains the OS & drivers and voting software with a modified USB connector that is a different shape then standard. This is a mild security feature.

An additional thumb drive will hold the data, again with a different shape so that the two cannot be confused, and both are encrypted using a two key scheme of some sort, suggestions?

Insert the drive one, power up the machine, it will then POST itself and ask for the data key and will go no farther until it validates the Data Drive. Voting commences and when voting is complete, the machine is shut down, drives are pulled and returned to the registrar for counting.

Re:E-Voting Machine made Easy & Secure (3, Interesting)

RAMMS+EIN (578166) | more than 5 years ago | (#25177619)

You have some good ideas, but I feel obliged to point out that your solution does not obviously ensure that

1. Your vote gets counted correctly
2. Your vote is not traceable back to you
3. You cannot vote more than once

I still have more faith in casting votes on paper and counting them by hand than I have in your solution. Actually recording your vote on the paper ballot can be done by machine, of course, as long as you get to inspect the ballot to check that the machine did what you wanted it to.

Re:E-Voting Machine made Easy & Secure (1)

kesuki (321456) | more than 5 years ago | (#25177907)

the easy part is only 1 vote. there are 2 options. 1. a second screen with a 'press to allow vote now' system kinda like the cashier pressing the 'credit' key at walmart. maybe even screen less, just an led... or something.

not traceable back to you is harder, but not impossible ultimately this suggests that the poll workers don't get access to the voting machines ever, they're handled by someone else entirely etc.

as for correct counting, that's not impossible either, you just have the machine have 2 copies of the voting record and perform all the math twice, on a dual core this isn't hard to do, and they're almost all dual core nowadays anyways. even on a single core it doesn't make it that horribly slow... and if the values don't match you re run the counting. until they match. worst case scenario you have a manual recount of the printed results, having the results printed twice is again easy... it may cost a bit more to have redundancy, but it's not hard.

Re:E-Voting Machine made Easy & Secure (1)

kesuki (321456) | more than 5 years ago | (#25177929)

whoops forgot number 2 on the only 1 vote... the second option was to say have unique bar codes scanned in that only work once, and the voting machine won't let you vote without scanning in a new bar code.

Re:E-Voting Machine made Easy & Secure (2, Insightful)

Burz (138833) | more than 5 years ago | (#25177721)

Ramms+ein is right: Open source will not solve the problem of computerized voting, which transforms the ballot from a physical object that can be read by any poll worker, into an electromagnetic blip that cannot be verified except through extremely indirect and convoluted means using teams of hard-to-find experts.

As you may know, the 'normal' transactions we perform on computers every week are coming under increasingly successful attack. And that is WITH the benefit of the transactions carrying the identities of the people involved.

Anonymous transactions like the vote are far more vulnerable to error and tampering and are unsuitable for computerization except for peripheral functions like printing.

No amount of OSS review will help in an environment of high stakes subterfuge, especially when the remaining non-OSS layers of the systems are endlessly complex by comparison with paper ballots. Just ONE inappropriate logic gate or bit out of billions in those little machines can throw an election.

Re:E-Voting Machine made Easy & Secure (1)

tucuxi (1146347) | more than 5 years ago | (#25178219)

Yes, FOSS cannot, by itself, make things completely secure. But showing the audience that there's nothing up your sleeve is surely a good sign anyway. I say use voter-verifiable paper trails -- and, for good measure, release the software so that it is harder to monkey with the system.

A similar point can be made regarding transparent vs. opaque ballot boxes. A transparent box doesn't mean you can't stuff things if you are quick enough - but it does make things harder. Hacking logic gates is harder than writing evil high-level code...

Re:E-Voting Machine made Easy & Secure (2, Interesting)

tucuxi (1146347) | more than 5 years ago | (#25178185)

I've got a better one. Don't trust the machine, trust the paper ballot - and let people bring in their own ballot-checking machines.

So, yes - build your linux-powered machine (no need for special USB connectors; just make sure there's good physical security). Don't use any electronic recording mechanism - just print a piece of paper with the vote on it. Optically and humanly readable.

And let there be as many machines as possible, from several providers (or even bring-your-own) that can read, display and issue paper ballots. So if the dems don't trust the republican's machine, just have them bring their own and recount the votes. All machines must conform to stringent standards regarding printed ballots and interface.

To vote: go to the voting place, print as many ballots as you want, with any machine you want, check them with other machines if you're paranoid enough (or you want to know the print-out is really readable), and then show your ID and have the election officials deposit your ballot into the transparent box. At the end of the day, all those ballots get scanned and tallied (using more than one machine to make sure everything adds up). Voila! No need to trust just one piece of code+hardware!

This system would require good, public standards for the paper ballot and for the race format (so that machines could read it and display it) - but precious little else.

Re:E-Voting Machine made Easy & Secure (0)

Anonymous Coward | more than 5 years ago | (#25178711)

Even easier:

1) Get ballot from worker
2) Insert ballot into ballot printer connected to computer
3) Use computer, print ballot and barcode (hash of votes). Possibility of a thermal ballot.
4) Scan optically, validate barcode. If mismatch, something's wrong.

At that point, it can work for the blind as well, fonts can be made bigger, pictures can be included, it can be multi-lingual, and hacking the computer is easy to check.

Want to know who you voted for? Check your ballot. Want to make sure the computer isn't altering your votes? Check your ballot.

Unlike a receipt, you can't prove who you voted for - the ballot _is_ your receipt. Take it with you, and it's not counted. It can be re-counted by hand, at the same time as a computer re-count. Count 100 votes, scan 100 votes, compare. If it doesn't match, do it again until it does, or the culprit is found.

Use a bank account. (2, Interesting)

v(*_*)vvvv (233078) | more than 5 years ago | (#25177357)

Create an account for each item on the ballot.
Have voters register their bank accounts when registering to vote.
Only votes from registered bank accounts are accepted.
Only deposits of 1 cent are accepted.
People can vote at ATMs, online banking, or at a teller.
Check the balance at the end of the day.
Everyone has a paper trail.

*Just an example of using a solution for a solved problem for an unsolved problem.
**The system can be implemented without the banks cooperation, but why not have them cooperate - they're nationalized now anyway.

Re:Use a bank account. (1)

tucuxi (1146347) | more than 5 years ago | (#25178247)

I say let people deposit as much as they want, and count whatever comes out. If vote-buying is the way forward, we may as well make it a straight-forward, user-friendly competitive bid. On the other hand, I'm a bit worried about the turnout rates.

[yes, just joking]

Re:Use a bank account. (0)

Anonymous Coward | more than 5 years ago | (#25178863)

only if you don't mind the bank (everyone) having a paper trail of who you vote for...

Re:Use a bank account. (1)

magus_melchior (262681) | more than 5 years ago | (#25179425)

That doesn't solve the problem of voter fraud by faked identities. Include the requirement of "1 vote per person per issue/office", and you plug the "multiple vote" fraud.

Of course, the work involved in pulling off voter fraud by forging a bunch of false identities, as well as the risk of being discovered, arrested, etc., probably outweighs the 'benefit' of getting your buddy in office.

On the other hand, this doesn't rely on a verifiable residence, so this method will be resistant to caging.

Republicans* will never go for it. ;)

* Along with the "tax and spend" accusation, I've discovered that Republicans love to accuse Democrats of cheating by using multiple addresses, while using very questionable caging tactics on the other hand.

Re:Use a bank account. (1)

magus_melchior (262681) | more than 5 years ago | (#25179437)

Thought of another potential flaw: Some banks are really terrible at discarding you when you leave them. So if you change banks and re-register under a different institution, you might be denied because your old bank insists you're still with them.

Some banks, for whatever reason, make it really painful to try to leave them.

Why do we need electronic voting? (1)

jopet (538074) | more than 5 years ago | (#25177415)

At least in my country, the traditional paper method works well, is easy to implement, and what is most important in a democracy: easy to understand and easy to check for everyone.
No matter if the electronic method is opensource or not, only a very small percentage of voters will actually understand how it works, how it is kept secure and safe from manipulation.
So what immense advantages would electronic voting have to make up for this fundamental problem, that will never change, no matter what the electronic solution will be?

Re:Why do we need electronic voting? (0)

Anonymous Coward | more than 5 years ago | (#25178039)

Why do they want electronic voting? Because its digital! Don't you know that everything has to be digital now?

Re:Why do we need electronic voting? (0)

Anonymous Coward | more than 5 years ago | (#25178099)

to rig votes, and leave no paper trail. less people to bribe, makes control easier & digital

Re:Why do we need electronic voting? (1)

karmatic (776420) | more than 5 years ago | (#25181221)

So what immense advantages would electronic voting have to make up for this fundamental problem, that will never change, no matter what the electronic solution will be?

Well, if you use a computer to print a paper ballot, you get easy to understand, easy to check, with a fallback.

What advantages does it provide?
1) Truly secret ballots for the blind
2) Multi-Lingual ballots
3) The ability to provide much greater detail about things like voter propositions. In Arizona, the "gives teachers raises" prop really was a "add 5 days of school and pay the teachers for it" prop.
4) Decreased cost, as one can use smaller ballots.
5) Increased (near 100%) accuracy - scan it optically, then check the barcode to ensure there's a match.
6) No hanging chads
7) The ability to have spoken words
8) The ability to have pictures of candidates (if desired)
9) The ability to zoom in on ballots (for the visually impaired).

Why is it so hard? (4, Interesting)

HairyCanary (688865) | more than 5 years ago | (#25177433)

1. Take vote electronically.
2. Assign a randomly generated UUID.
3. Print UUID+vote on internal paper tape for backup.
4. Print UUID+vote on paper receipt for voter to keep.
5. Post UUID+vote on a public web site anyone can view.

Now, anybody can see the tally, do the math themselves, etc. And everyone who cares can look at their own UUID and see if the public tally is accurate.

Re:Why is it so hard? (0)

Kemanorel (127835) | more than 5 years ago | (#25177509)

The only problem with this is then you open it up to coercion. Here's an example:

Your boss says, "Vote for {BlahBlah} and bring me your UID so I can see how you voted." A) You vote differently, boss checks, you're fired. B) You vote according to your boss, you keep your job, but it's not your vote. C) You "lose" your receipt, you're fired. D) Try to find another job, only to find 90+% of bosses are doing it.

This is where the anonymous voting requirement comes into play. Has happened. Will happen again.

Re:Why is it so hard? (0)

Anonymous Coward | more than 5 years ago | (#25181543)

E) You tell your boss's boss about the attempted coercion. Your boss gets fired, and you vote for whomever you want.

F) You go to the police and the media. Your boss gets hauled off to prison and you vote for whomever you want.

Re:Why is it so hard? (0)

Anonymous Coward | more than 5 years ago | (#25177523)

I'm a bit scared because this solution is actually practical and simple - and it would most likely work.

Re:Why is it so hard? (1)

blinking_at (126502) | more than 5 years ago | (#25178429)

1. Take vote electronically.
2. Assign a randomly generated UUID.
3. Print UUID+vote on internal paper tape for backup.
4. Print UUID+vote on paper receipt for voter to keep.
5. Post UUID+vote on a public web site anyone can view.

Now, anybody can see the tally, do the math themselves, etc. And everyone who cares can look at their own UUID and see if the public tally is accurate.

I implemented this precise system several years ago at ICANN (www.icann.org), to support policy votes and elections to various positions in the organization. It's not perfect, but it works pretty well.

A later poster notes that it is susceptible to coercion.

That's true for any system that gives a verifiable record of the vote to the voter. It is very difficult to eliminate coercion entirely -- your evil boss could require you to take a picture of your signed ballot, bribe election workers to report on your ballot (or just say that he had), etc.

Re:Why is it so hard? (1)

aztracker1 (702135) | more than 5 years ago | (#25179355)

Add to this ... make selection available from the comfort of your home... vote isn't "activated" when you fill in your answers... you print off your guid/uuid to a barcode slip... take this to the polling place... they check your name... walk through the line, have your code scanned, and your vote is then activated... then you aren't filling your answers at the polls, and the process of checking your name, and validating the votes is still separate. This would allow for faster results, and still require an entry at a polling station.

Who voted is tracked, what voted is tracked, not together, and can fill out your votes in the comfort of your home, with the handy dandiness of the intertubes. Not only that, but the security paranoid can still use anonymous proxies. Which is fine until *someone* DDOSes the polling sites for states that tend to vote for that other party.

Re:Why is it so hard? (1)

KliX (164895) | more than 5 years ago | (#25180727)

Your system makes vote buying very very easy.

Re:Why is it so hard? (0)

Anonymous Coward | more than 5 years ago | (#25181179)

6. Show UUID+vote to person who paid you to vote that way.
7. Profit.

Re:Why is it so hard? (0)

Anonymous Coward | more than 5 years ago | (#25182633)

You can't walk out of a polling station with a receipt of your vote. The reason for this is so that you cannot provide proof of who you voted for to somebody who wanted to buy your vote.

Outsource it to India (0)

Anonymous Coward | more than 5 years ago | (#25177501)

Our electronic voting machines work pretty good.

http://techaos.blogspot.com/2004/05/indian-evm-compared-with-diebold.html
http://www.eci.gov.in/faq/evm.asp

National ID Card for States? I think not (3, Interesting)

markdavis (642305) | more than 5 years ago | (#25177799)

"Bowen also believes that a ubiquitous Internet voting system could not work without the use of a national ID card system."

For someone who seems to have a clue, she lost a lot of credibility with that statement. There is absolutely no need for a "national ID card system" to have secure and accurate voting. Voting is handled by the States, not the Federal Government.

Shouldn't need to be open-source (1)

Todd Knarr (15451) | more than 5 years ago | (#25178087)

The voting system shouldn't need to be open-source. In fact I'd go so far as to say that any electronic voting system that requires the voting machines to be open-source is fundamentally flawed and shouldn't be trusted. The system should be designed so that it doesn't matter whether the machines themselves are recording correctly or not, it's still possible to determine whether the counts are correct (ie. match the intent of the voter) or not and ideally to be able to reconstruct the correct count.

Yes, it can be done. Anyone who accounts for money has been doing it for centuries. Any lowly night auditor at a hotel can explain the principles complete with examples.

EVMs in India (1)

asvravi (1236558) | more than 5 years ago | (#25178295)

India had adopted Electronic Voting Machines in 2004 and has successfully used them for all elections since then. What is stopping the US doing the same? Some answers in the article here http://www.slate.com/id/2107388/ [slate.com] .

More info on the Indian EVMs here http://en.wikipedia.org/wiki/Indian_voting_machines [wikipedia.org]

Too many votes (1)

droopycom (470921) | more than 5 years ago | (#25178471)

The solution should start by simplifying the elections itself.

Its always going to be confusing when you have to vote for dozens of things at the same time. I mean come one, what do I care who is elected to the school district board when we are talking about presidential elections.

We should have to vote for 3 things max on national elections:

The president.
The senate.
The house.

Thats it... Then we can go back to old school, simple paper ballots with 1 name on it, And one ballot box for each. Then they are all counted separately.

Too much democracy kills democracy.

Computers are NOT going to solve this problem.

True Democracy (1)

brewcrewxl (922776) | more than 5 years ago | (#25178593)

Congress has no intention of approving electronic voting or putting any effort into finding reasonably secure options. Were they to do something like that their jobs suddenly become meaningless in the long run. We would have no need for elected population representatives if the population was able to vote on virtually every subject themselves. Of course then it would become a partisan issue because we would have to give a computer to every single low-income family (government funded through your tax dollars) or we would be discriminating. Republicans wouldn't want that because it would take away their advantage. How do you pass something that no elected official truly wants passed? There is alot more involved to e-voting than just the security concerns. I wonder what circumstances it would take to get it to truly happen.

Wallah!!! (0)

Anonymous Coward | more than 5 years ago | (#25178745)

Why is taxpayer money continuously wasted on voting machines??? Hello! We have something called The Internet! A few PC's at each polling place (linux of course) securely connected to a central server. Each voter gets a printed receipt with a password that they can use to log in if they want to verify their votes. An encrypted printout of each voting session also remains at the polling location as backup and for auditing purposes.

From the remarkable URL department... (0)

Anonymous Coward | more than 5 years ago | (#25178841)

The URL is

http://blogs.computerworld.com/voting_should_be_a_hand_job

I wholeheartedly agree.

Open Source (1)

Bartold (1030602) | more than 5 years ago | (#25178887)

People that think an open-source solution will solve this problem are delusional. You can never have a 100% solution no matter how many keys or security mechanisms you dream up. In fact, the more you try to secure it, the more incentive there is to find a way to break it. Don't you people learn anything from all the stories that are posted about cracking DRM? The only thing that is reasonably secure is create a ballot the voter can verify, have a machine or person tabulate the ballots repeatedly and reliably, and create a place for observers to minimize tampering. That's it, that's all you can do.

A serious question (2, Informative)

bill_kress (99356) | more than 5 years ago | (#25178975)

It is supposed to be impossible for me to show someone how I voted. I can't be given a receipt or anything (it would be too easy to buy votes).

With that as a given, how does a paper trail help? If I as a voter can't be sure that my specific vote is the one on the paper, then it seems like there are still thousands of ways for someone to change it out.

The machine could print fake info first of all, so it would HAVE to be something I see and validate. Since it has to be a public record, it can't be tied to me by any kind of key though--so after it's printed it out for me to see, there is no saying that it doesn't print a second or third line for another candidate at some other time...

If the paper trail disagrees with the digital tally, do you just assume that the paper wasn't messed with or substituted?

I'm guessing people have thought about this more than I have, and I see the mention of "Paper Trail" a lot so I just thought I'd ask.

Re:A serious question (2, Insightful)

pm_rat_poison (1295589) | more than 5 years ago | (#25180965)

Consider this: Someone votes in a booth using an electronic machine, which prints out their vote, which the voter themselves put in a sealed envelope and throw into a locked poll. The voter can verify that what he voted for is what the machine printed.
After the election day ends, the machine announces a sort of temporary result. Then, a representative of the justice system, and representatives of all parties, and a member of the public (with a role similar to jury duty) all verify that the number of votes correspond to the number of people registered to have voted in that place. If there is a difference between the electronic and the paper-trail result, the latter overrides the former. The representatives can also count as invalid all envelopes that contain an irregular number of printouts, or one that has any identify marks (such as writing, scratching, tears or whatever)

Re:A serious question (0)

Anonymous Coward | more than 5 years ago | (#25182861)

It is supposed to be impossible for me to show someone how I voted. I can't be given a receipt or anything (it would be too easy to buy votes).

Except that this hasn't been the case for quite some time. With absentee ballots, it's extremely easy to show someone how you voted and sell your vote. This doesn't seem to happen much, however, because this act is illegal, and one would quite likely get caught attempting it in large numbers.

It'd be a whole lot easier to do e-voting online if we can agree to drop this requirement of the voter being unable to prove who they voted for.

I don't understand the secrecy (2, Funny)

ypctx (1324269) | more than 5 years ago | (#25179101)

To provide a more accurate picture to the voting masses, just replace the voting machines with modified slot machines. You have to insert $1 coin and strike 3 Obamas in a row to actually vote for him. All other votes go to McCain. Top part of the machine could display laughing members of Congress, and what are they worth (only the millionaires).

New NIST contest (0)

Anonymous Coward | more than 5 years ago | (#25180243)

Why not have NIST have another open contest, like for AES or the next hash?

The usual requirements apply, no patents, fully open, etc...

This seems so brain-dead simple to me I can't understand why I haven't seen everyone here saying it?

Open source == harder to hijack? (1)

spintriae (958955) | more than 5 years ago | (#25180533)

use open source software, stop delivering e-voting machines to polling places weeks in advance of an election

Voting machine hijackers won't need the machines weeks in advance when they have the source months in advance.

Paper trail BAD; paper ballot GOOD (2, Insightful)

Anonymous Coward | more than 5 years ago | (#25180995)

Paper trails are bad. What we need are PAPER BALLOTS. The machine can help by helping voters fill out the damn form correctly and printing the ballot in COMPLETELY human readable form. Then an OCR can read it AFTER the voter has had a chance to make sure they are casting the votes they intended. The ballot helper MUST be completely independant of the OCR and the voter is the only link between the two.

No receipt, no tracking, no paper trail. Just a paper ballot. And of course we keep the ballots just as we normally would.

I'm surprised I have to explain this.

Paper trail? Why e-vote at all! (1)

scott_karana (841914) | more than 5 years ago | (#25182693)

If there needs to be a truly reliable paper trail to audit, why even bother with e-voting? At that point the only difference I can see is whether you push a pencil through paper or push a button, and one is far less trustworthy. Quicker tabulation can't be worth that much to the lazy voting public, can it?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>