×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Linux On Brazilian Voting Machines, the Video

kdawson posted more than 5 years ago | from the eat-your-heart-out-diebold dept.

Linux 252

Augusto writes "Just 10 days ago, 130M Brazilian voters were turned into users of one of the largest Linux deployments worldwide: the 400,000 electoral sections in all of the 5,563 Brazilian municipalities were running electronic voting machines, and the Linux kernel was running in all of them. These voting machines have been used in Brazil since 1996, and are rugged, self-contained, low-spec PCs. We've discussed the technical details of this Linux deployment and implementation elsewhere, but I thought it would be interesting to show some pictures (and a movie) of Linux booting on these voting machines. So I asked for official permission and thus was helped by a technician while I took some quick pictures and made a small movie showing the boot process, where you can actually read the kernel messages."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

252 comments

Linux is great, but... (5, Insightful)

religious freak (1005821) | more than 5 years ago | (#25373141)

IT is great... Linux is great, but e-voting doesn't belong anywhere in major, general elections, IMHO.

If you can code it, you can hack it. If you have coders or admins, you have potential security threats.

Re:religious freaks are great, but... (0)

Anonymous Coward | more than 5 years ago | (#25373165)

They're morons and the planet would be better off without them.

Re:religious freaks are great, but... (0)

Anonymous Coward | more than 5 years ago | (#25373223)

asshat

Re:Linux is great, but... (0)

Anonymous Coward | more than 5 years ago | (#25373175)

I agree. I prefer paper ballots that can be lost or miscounted to sway the results of the election.

Re:Linux is great, but... (2, Insightful)

m3j00 (606453) | more than 5 years ago | (#25373177)

If you can hold it in your hand, you can destroy it. Vote tampering isn't exclusive to electronic voting, but it seems the widespread paranoia is.

Re:Linux is great, but... (3, Insightful)

Constantine XVI (880691) | more than 5 years ago | (#25373395)

It's much easier to destroy or modify 10,000 votes on a flash disk without a trace then destroy or modify 10,000 paper ballots without a trace.

Re:Linux is great, but... (0)

m3j00 (606453) | more than 5 years ago | (#25373555)

I disagree wholeheartedly. It's much easier to discover digital deletion via forensics than it is to discover discarded bits of paper.
You're partially right, though. The deletion is easier, but covering it up is harder.

Re:Linux is great, but... (2, Funny)

Anonymous Coward | more than 5 years ago | (#25373821)

I can't decide if you need to start watching more CSI, or less of it.

Re:Linux is great, but... (2, Insightful)

jeffmeden (135043) | more than 5 years ago | (#25373913)

Are you kidding? This may be a phyrric argument (either way of doing it is fraud, and a real problem.) But, if you think it's hard to exploit a security hole (hint, they are in every piece of election software ever written) and dramatically change the voting results with little effort and even less evidence, you need to do some research on election systems. Paper voting means a physical paper trail, it absolutely IS harder to hide/destroy something that was once real (paper ballots) than to find something that you don't know is there (security holes in election software.)

Re:Linux is great, but... (2, Informative)

MikeDirnt69 (1105185) | more than 5 years ago | (#25374101)

These machines logs everything into a paper roll. Even if you clean up the data, you still have it on paper.

Re:Linux is great, but... (1)

blackest_k (761565) | more than 5 years ago | (#25374455)

There are easier ways to fix a ballot, set the boundaries so that seats you lose you lose badly taking opposition votes away from neighboring districts you can win.

make your opponents voters ineligible to vote and or ensure that long delays occur in opposition strongholds.

you don't need to rig or tamper votes cast provided you ensure your oppositions supporters never get to the ballet box where it matters.

Imagine the frustration of being able to vote in a district where your preferred candidate has a majority of over 50,000 while in other area's 30,000 votes allows the other party to take the seat with a slim majority.

yes perhaps its possible to rig electronic voting machines but then for that to matter you need a fair voting system in the first place.

Re:Linux is great, but... (1)

Theoboley (1226542) | more than 5 years ago | (#25374339)

deletion - format said flash disk 20-30 times to be sure everything is gone. Here's your cover-up - OOPS.

Re:Linux is great, but... (1)

megamerican (1073936) | more than 5 years ago | (#25373705)

Rigging an election will always be possible, regardless if it is paper or electronic.

It is much harder to rig a paper ballot if you have a lot of individuals monitoring polling stations by videotaping the process and also following where they take the votes! Please go to blackboxvoting.org to find out how to best monitor your election.

The problem with most electronic voting machines is that even when you participate the votes could easily be manipulated at a central tabulating location.

You should never expect to have a clean election if you simply cast your ballot and leave. The price for liberty is eternal vigilance.

Re:Linux is great, but... (5, Interesting)

moderatorrater (1095745) | more than 5 years ago | (#25373267)

If it's coded properly, open sourced and widely scrutinized, electronic voting would be more resilient than pen and paper voting.

Re:Linux is great, but... (1)

amorsen (7485) | more than 5 years ago | (#25373483)

How will I scrutinize it? How can I prove that the software running the machines is the same that I got to inspect, and that the hardware hasn't been compromised?

The only way to do secure e-voting is to use it for quick results and always do a manual recount afterwards. This obviously requires printing the votes.

Re:Linux is great, but... (1)

morgan_greywolf (835522) | more than 5 years ago | (#25373815)

Write the software in an interpreted language. Then the source code can be inspected and the 'executable' can be guarnteed to match.

Python, Perl, Ruby, Lua -- take your pick. All can run with the GTK toolkit.

The hardware can easily be physically inspected.

Re:Linux is great, but... (1)

jeffmeden (135043) | more than 5 years ago | (#25373989)

The bigger the compiler, the bigger the places to hide malicious code. How hard would it be to construct a PERL interpreter (for example) that awaited a very specific set of instructions and manipulated them subtly. If the same person had access to the interpreter and the code, they could accomplish this easily. No amount of skilled inspection of the code would turn up wrongdoing, you would have to inspect every line of the interpreter as well. It's not safe to just assume they will be running a standard downloaded version from CPAN.

Re:Linux is great, but... (1)

morgan_greywolf (835522) | more than 5 years ago | (#25374199)

It's not safe to just assume they will be running a standard downloaded version from CPAN.

Why not? Make that a requirement. Then you can compare the MD5 sums on the binaries and libraries with those on the CPAN site.

Re:Linux is great, but... (3, Informative)

Misch (158807) | more than 5 years ago | (#25373943)

Voter verified paper trail. IIRC, the machines in Brazil have one. In addition random hand recounts of precincts are needed as well.

Re:Linux is great, but... (1)

natoochtoniket (763630) | more than 5 years ago | (#25373543)

Nonsense.

One security hole, anywhere in that electronic system, allows the entire system to be rigged. The first security hole is that the vast majority of people cannot tell the difference between a technician repairing a broken voting computer, and a technician rigging a voting computer. Second is that the software that is loaded might not match the software that is scrutinized. There are lots of others.

The security that works to prevent pieces of paper from being manipulated is well understood. Ask any banker.

 

Re:Linux is great, but... (5, Insightful)

buchner.johannes (1139593) | more than 5 years ago | (#25373859)

An election process has to provide the following characteristics (in some countries these are taken serious):

      1. Access: Only people allowed for voting may place their vote
      2. Equality: Each person may only be counted once and with the same weight of vote.
      3. Privacy: Noone can find out for whom a person voted.
      4. Secure against forgery:
                  1. Valid votes can not be changed/forged.
                  2. Valid votes may not be destroyed.
                  3. Invalid votes may not be added
      5. Checkable: Each voter has the possibility, independent from any other person, to check the correctness of an election including all previous points.
( I didn't find this in the English Wikipedia, this is a quick translation from the German Wikipedia [wikipedia.org] )**.

You cannot ensure these with voting machines without the use of paper*. It is not a matter of code, just a fact of information and physics.

Use paper. Optionally with punchscan [punchscan.org] and the such. Even the cost factor is irrelevant. Democracy is worth it.

____
*Maybe with quantum computers. But can the average person check the setup? With paper, you can.
** I'd be grateful for a link

Re:Linux is great, but... (1)

bdenton42 (1313735) | more than 5 years ago | (#25374291)

You cannot ensure these with voting machines without the use of paper*. It is not a matter of code, just a fact of information and physics.

I would think that the crypto experts out there could come up with a system which securely stores everyone's votes in a database keyed such that a person could go login securely to a web site to cast their votes, and can look at their current and prior votes for verification, and then the election officials could get and tabulate the votes without being able to trace back who the vote originally came from. Then you would have a system where fraud would be much more difficult and would be both private, accountable, and reproduceable without needing any paper (other than perhaps a person printing it for his own files).

Only drawback I see would be the Palin/Yahoo scenario...

Re:Linux is great, but... (0)

Anonymous Coward | more than 5 years ago | (#25374293)

I just don't see how electronic voting can be more resilient. I am from a country (Chile) in which elections are heavily supported by the work of the citizens. Five people every 300 hundred are required to be officials for the election. The counting is public, and delegates from the parties are present to scrutinize the voting process. This is of course hard work for the people involved but it's the cost of democracy. I am all in favor of allowing computers in the communication and dissemination of the results. But fraud in a pen and paper election as in Chile is almost non-existent and would require several unrelated people to conspire in breaking the law. Also, it seems to me, although I might be wrong, that even with one successful attempt of electronic fraud, the result of an election can be compromised.

Re:Linux is great, but... (4, Interesting)

Brigadier (12956) | more than 5 years ago | (#25373291)

yea your right, what we need is a bunch of paper, marked in #2 pencil in a box. Yea that is much more secure. not everyone can hack an encrypted voting machine, everyone can steal a box and reprint voting forms.

Re:Linux is great, but... (5, Interesting)

amorsen (7485) | more than 5 years ago | (#25373531)

Physical security is something we're really good at. Thousands of years of experience. That doesn't mean that there are no failures, but in general you can at least detect that tampering took place and that it was deliberate.

With voting machines, you get a bunch of places where candidates happen to win by a 16384 vote margin -- is that deliberate tampering, machine error, or maybe just plain luck? You'll never know, and therefore you'll probably never catch the criminals.

Re:Linux is great, but... (1)

Hatta (162192) | more than 5 years ago | (#25373765)

How much damage can one man do by stealing one voting box? How much damage can one man do by subverting the code installed on every voting machine in the state?

Traditional voting systems require a large conspiracy to have a large effect on the outcome. Electronic voting systems can be subverted by one person with access to the source code or even just the compiler.

Re:Linux is great, but... (2, Interesting)

krakround (1065064) | more than 5 years ago | (#25373773)

By forcing elections to be a laborious, manual process, it becomes much much harder to create and run a conspiracy to hijack an election.

Once elections are heavily automated, then a much smaller group can take over and decide the outcome. Open source doesn't necessarily help since the attacker needs to introduce a run time systematic bug.

Re:Linux is great, but... (1)

xant (99438) | more than 5 years ago | (#25374221)

This is not insightful. Everyone can steal a voting machine just as easily. Since the voting records are stored on memory cards, you can steal a LOT MORE OF THEM... hundreds in your pockets.

As an added multiplier, if you implement your hack in the right place, you can also corrupt A LOT MORE voting machines at once, and therefore a lot more votes at once.

No system will be 100% secure, but paper voting is the easiest TO secure. I didn't RTFA, but anyway, I thought the brazilian machines just printed out a paper ballot?

Re:Linux is great, but... (0)

Anonymous Coward | more than 5 years ago | (#25374469)

Fair enough. I just voted (Canada) with the pencil version. /Whatever/ the system it has to be publically visible yet not manipulable. It must be auditable and it must be audited.

everyone can steal a box and reprint voting forms.

But this would gain what? Paper voting is done like any other accounting system -- two sources must be matched. I brought in my card, was directed to the correct desk, presented photo ID, was checked against their voter list and crossed off, handed my folded form. Form was marked, returned to the desk folded, where the exposed stub was torn off then torn in half, and then the stub-less form handed back for me to place in the slot. Visible checks and balances throughout.

It takes more than stealing a box and reprinting forms -- it takes a two-sided corruption. /Badly written/ evoting hardware is scary because that can take only one-sided corruption. What's more, is that parallel to your statement "not everyone can hack an encrypted voting machine", not everyone can figure out that has been done. Rigging a paper vote is much easier to figure out. Checks and balances are not visible.

And you know what? I work with computers. I know how hard it is to make bytes as reliable as a paper trail -- both from manipulation and from media failure. Paper voting is thoroughly understood, proven, and scalable. (Line-up? What line-up? I've never spent more than twenty minutes waiting to vote. I'm 46.)

Re:Linux is great, but... (5, Insightful)

FlyingBishop (1293238) | more than 5 years ago | (#25373337)

My main question is who can modify the source of the software they're using, and how are they verifying that the binaries are unmodified. Generally, I agree that Linux doesn't belong there, but I don't think it's unreasonable to say that any software used in voting machines must be open source.

Here in the states, state law clearly defines how votes should be cast and counted. Without the source code to the program responsible for counting the votes, these laws will quite literally read something along the lines of:

1.Voters enter votes into machines.
2. ???
3. Voters receive election results.

The procedures for voting are a matter of public law. That must extend to procedures within the voting machines.

If you think that's putting too large a technical burden on the lawmakers, look at building codes, patent law, etc. It's a little too late to call for law that is perfectly accessible to non-technical citizens.

Re:Linux is great, but... (1)

value_added (719364) | more than 5 years ago | (#25373617)

If you think that's putting too large a technical burden on the lawmakers, look at building codes, patent law, etc.

Should also note that because voting is mostly a state (non-federal) affair, minimum standards should first be set the federal government. The current mess we're in stemmed from George W. offering up money for the states to revamp their voting systems (after the chad fiasco), and allowing local legislators to spend that money as they saw fit. That, regrettably, amounted to local officials calling a contractor like Diebold to sell them something.

Re:Linux is great, but... (5, Informative)

brazilian brain (12673) | more than 5 years ago | (#25373629)

From TFA:

All political parties have access to the source code, and digitally sign the executable code, and thus can confirm, at any individual machine, that the running software is the official one.

Re:Linux is great, but... (2, Informative)

vbraga (228124) | more than 5 years ago | (#25373639)

Actually it also, obviously, a matter of law in Brazil (but Federal law). Machine's software is owned by the "Electoral Justice" and is digitally signed by all parties, so, any party can check if a machine is running the "correct" software.

Part of machines prints all votes as other way to test the system.

Machines used to run Windows CE, I think. Probably Linux was chosen was a way of driving costs down.

Diebold is the main hardware supplier to the Brazilian government but not the unique or exclusive one.

It's not a perfect system, but a pretty good one. Most Brazilian likes it (well, I'm Brazilian too).

Re:Linux is great, but... (1)

whizzard (177251) | more than 5 years ago | (#25373667)

My main question is who can modify the source of the software they're using, and how are they verifying that the binaries are unmodified.

I realize this is slashdot, so I shouldn't have read the article, but...

All political parties have access to the source code, and digitally sign the executable code, and thus can confirm, at any individual machine, that the running software is the official one.

Re:Linux is great, but... (0)

Anonymous Coward | more than 5 years ago | (#25373365)

that's a pretty broad statement, there

so Apache SSL is not to be trusted? Just junk the HTTPS protocol since all the clients and servers are "coded" and therefore vulnerable?

same with SSH?

and IPSEC?

Re:Linux is great, but... (0)

Anonymous Coward | more than 5 years ago | (#25373609)

same with SSH?

Cause nobody would EVER comment out the part that makes OpenSSL and OpenSSH secure, amirite?

Re:Linux is great, but... (0)

Anonymous Coward | more than 5 years ago | (#25373777)

that would get caught pretty damn quickly, even in your fantasy land of paranoia

Re:Linux is great, but... (0)

Anonymous Coward | more than 5 years ago | (#25374393)

this is /., but can we at least get unforgetful trolls?

in case you forgot, the commented code was present for several years.

Re:Linux is great, but... (0)

Anonymous Coward | more than 5 years ago | (#25373369)

Voting with your dollars is the only effective voting mechanism.

Off-topic in another direction: Reading this story gave me a feeling of satisfaction even though I only vote in local elections, and I have never made a meaningful contribution to a Linux distro. In fact, the longer my involvement in OSS the more prone I am to senseless feelings of accomplishment.

Having Linux on machines that I don't think should be there in the first place is no real victory, but I felt good reading about it, and I was happy someone took the time to document the effort.

OTOH, if they work better than proprietary alternatives we might see a flourishing of e-voting in places less equipped to ensure implementation standards, and thus more prone to corruption.

There seems to be a lot of room for conflicted personal feelings here.

Re:Linux is great, but... (3, Interesting)

MozeeToby (1163751) | more than 5 years ago | (#25373583)

If banks can transfer billions of dollars every day safely and securely (in many cases without even a paper trail), there is no reason why a decent electronic voting system can't be made. Compared to an ATM, a voting machine should be a piece of cake, you don't have to worry about verifying the user's identity. You don't need to check the balances and rights. All you need to do is accept and record the current user's vote, them reset for the next user.

Do give us open source so there are 50,000 coders doing Q&A on it. Do give us a paper trail so that if there is any suspision then the vote can be verified. Do involve election officials in at least the requirements process.

Don't give us a function that clears all votes made on the system so that polling officers can 'adjust' the vote. Don't give us hardware which uses the same exact key to unlock every case. Most important, Don't try to cover it up if you screw the pooch; let us know so the recount can be performed by hand.

Re:Linux is great, but... (0)

Anonymous Coward | more than 5 years ago | (#25373769)

Nonsense. If money would go missing during a bank transfer, you can bet your ass that one of the parties of the transaction would notice something's wrong. If a vote goes missing in an electronic voting system, neither end of the transaction (the voter or the party being voted on) would notice anything's off.

Re:Linux is great, but... (1)

harp2812 (891875) | more than 5 years ago | (#25373971)

Compared to an ATM, a voting machine should be a piece of cake, you don't have to worry about verifying the user's identity

... I would sincerely hope they verified the voter's identity.

Re:Linux is great, but... (1)

MozeeToby (1163751) | more than 5 years ago | (#25374009)

Does a paper ballot verify your identity before you fill in the little circles? It's not the machine's responsibility to verify the voter's right to vote. That is up to the poll workers just as it is now.

Re:Linux is great, but... (3, Insightful)

neuromanc3r (1119631) | more than 5 years ago | (#25374095)

If banks can transfer billions of dollars every day safely and securely (in many cases without even a paper trail), there is no reason why a decent electronic voting system can't be made.

Wow, that's a pretty terrible non-sequitur. The requirements for banking and voting are completely different. An ATM does not have to make sure that you cannot prove to anybody what you did when you used it. It does not have to prevent other people from tracing any action back to you. And if something goes wrong or someone tampers with the machine, you will know it sooner or later and can complain to your bank.

Re:Linux is great, but... (1)

databank (165049) | more than 5 years ago | (#25373607)

01110101 01110010 00100000 01100001 00100000 01100111 01100101 01100101 01101011

Hey, I'm not a geek!

(OK, maybe I am one..)

Re:Linux is great, but... (2, Interesting)

pm_rat_poison (1295589) | more than 5 years ago | (#25373877)

Why do people think that the operator between electronic and traditional voting is "XOR"?
Can't you have both?
You can always use electronic voting that prints out paper votes, which are cast in a real life ballot. The voter then knows that nothing has been tampered with, the press gets ultra-fast draft results and the final results come from manually counting the printouts.

Re:Linux is great, but... (1)

silence150 (1385643) | more than 5 years ago | (#25374363)

In general I'm sceptical to e-voting, but I do recall reading that fraud has been very common in Brazil, and that e-voting has actually improved the situation. Unfortunately I've lost the source... However, in a country with low corruption, I definitely think paper ballots is the way to go.

Shiny Voting Machines (0)

Anonymous Coward | more than 5 years ago | (#25373169)

Because of all the high quality Brazilian wax

I spy with my little eye... (1)

m3j00 (606453) | more than 5 years ago | (#25373205)

Diebold!
Does Diebold make these voting machines? In the video at the bottom right of the voting machine screen is the Diebold logo.

Re:I spy with my little eye... (1)

m3j00 (606453) | more than 5 years ago | (#25373277)

I guess I should RTFA:

The hardware is publically bought (in recent years, Diebold has been the main provider), but the software is developed in house by the Electoral Justice. All political parties have access to the source code, and digitally sign the executable code, and thus can confirm, at any individual machine, that the running software is the official one.

Re:I spy with my little eye... (4, Informative)

socsoc (1116769) | more than 5 years ago | (#25373317)

from TFA:

The hardware is publically bought (in recent years, Diebold has been the main provider), but the software is developed in house by the Electoral Justice.

Re:I spy with my little eye... (1, Insightful)

natoochtoniket (763630) | more than 5 years ago | (#25373603)

The party that controls the election software also controls the outcome of the election. And, the next election after that one, forever.

Re:I spy with my little eye... (1)

twistedsymphony (956982) | more than 5 years ago | (#25374285)

apparently you missed this part:

All political parties have access to the source code, and digitally sign the executable code, and thus can confirm, at any individual machine, that the running software is the official one.

Re:I spy with my little eye... (2, Informative)

scott_karana (841914) | more than 5 years ago | (#25373325)

Yeah, I find it hilarious that in one story Slashdotters can rant and rave about how terrible Diebold is, and then just gloss over that fact in another which just so happens to also be about Linux.

Re:I spy with my little eye... (2, Insightful)

amorsen (7485) | more than 5 years ago | (#25373613)

Luckily Diebold are probably too incompetent to manage a hardware hack. However, the threat model for Brazil really ought to include CIA involvement.

Re:I spy with my little eye... (1)

twistedsymphony (956982) | more than 5 years ago | (#25374381)

Yeah, I find it hilarious that in one story Slashdotters can rant and rave about how terrible Diebold is, and then just gloss over that fact in another which just so happens to also be about Linux.

Even more hilarious is the fact that this article is "from the eat-your-heart-out-diebold dept." So, um... what exactly is diebold eating their heart out over?

I mean we all know the editors can't be arsed to RTFA but you'd think they'd at least look at the pretty pictures...

Diebold (0)

Anonymous Coward | more than 5 years ago | (#25373219)

It appears theses machines are made by Diebold. Why don't we use them in the US elections instead of the terrible versions we seem to get statside.

I've always wondered about that (1)

Weaselmancer (533834) | more than 5 years ago | (#25373599)

Why can't we make a secure, or indeed even a vaguely useful electronic voting system when we can make a perfectly secure electronic system that prints lottery tickets?

Has anyone ever heard of a lottery machine being hacked to print a winning ticket?

There's on on every corner market here in the US. Hundreds of thousands of them. They all link to some computer somewhere that records what was sold and when. You get a ticket with your numbers on it, along with some barcoded looking info to verify it's a real ticket.

As much as someone would like to rig a vote, I'm sure there's a much higher incentive to rig the lottery. And I've *never* heard of anyone doing that successfully.

So what gives? Why is a voting machine so damned difficult to make compared to a lottery machine? You'd think the lottery machine would be more difficult. It's certainly the more attractive hacking target.

It's always puzzled me. I'm in embedded design, and it still puzzles me why electronic voting is so damned difficult.

Re:I've always wondered about that (0)

Anonymous Coward | more than 5 years ago | (#25373963)

how would you hack a lottery when you dont know the outcome ? the outcome is determined after all the lottery numbers are sent in and a system picks random numbers out of a hat and then goes backwards to find the numbers originally picked.
in an election the votes are counted and outcome determined on the results of the votes.
 

Re:I've always wondered about that (1)

bornwaysouth (1138751) | more than 5 years ago | (#25374299)

A fair enough observation. I do not think there are any real technical difficulties. But with lottery tickets, the operators of the system would be the ones to lose if there is corruption. (Corruption has occurred I think on one-armed bandits in Las Vegas. A special chip. The casino was very unhappy.) In the case of elections, it is likely to be overseen by the establishment, those who gain from corruption. In general, an ossified establishment is recipe for disaster.

On the other hand, world wide, most corrupt elections take place using the current voting system. You have to place your ballot under the eye of a thug, or else you can do it freely, but the whole ballot box goes missing, etc. So the current paper system to me has the worst record.

Electronic voting in conjunction with an proof-of-vote you can take away should be better. Just as long as those administering it will be the losers. For the moment, lets call them Lloyds of London. If I can prove my vote was tampered with, Lloyds owe me $100. They can afford a glitch. They can't afford a rigged election. They also have to use open source software, but the on-the-day encryption codes do not get released until afterwards.

At least with electronic voting, like ATM machines, on-line, you cannot readily tamper with it and not have it complain and switch off. (Of course, detractors will say it was unstable and crashed.) With a central system requesting (public key encrypted) updates, the ballot box is very difficult to hijack, especially if the central system is mirrored overseas. I'd trust an electronic system, but only if I can trust those who set it up. That is possible.

Sadly, control freaks accumulate in politics. I cannot see them allowing control of elections out of their hands, even when they are not corrupt.

Re:Diebold (1)

Zaatxe (939368) | more than 5 years ago | (#25373895)

It appears theses machines are made by Diebold. Why don't we use them in the US elections instead of the terrible versions we seem to get statside.

Are you new on politics or is my sarcasm detector offline?

Re:Diebold (2, Insightful)

twistedsymphony (956982) | more than 5 years ago | (#25374343)

It appears theses machines are made by Diebold. Why don't we use them in the US elections instead of the terrible versions we seem to get statside

it's because

Diebold is the main hardware supplier to the Brazilian government but not the unique or exclusive one.

Meaning they actually have to make a product worthy enough to get purchased over their competitors... instead of just getting an exclusive contract.

Free vote (4, Interesting)

Jabbrwokk (1015725) | more than 5 years ago | (#25373221)

Free software for free votes, what a great match-up. Plus, it beats the Diebold machines running on Windows CE that kept crashing. [nytimes.com]

Incidentally, I just voted in our Canadian federal election and we're still using the pencil-and-paper and human-counted voting method. Slower, but still the most reliable and secure method IMO.

Re:Free vote (0)

Anonymous Coward | more than 5 years ago | (#25373425)

Too bad the flash card they showed was a Diebold card. Not sure if even Linux can make their crappy software more reliable or not.
Just my $0.02

Re:Free vote (4, Funny)

glwtta (532858) | more than 5 years ago | (#25373611)

I just voted in our Canadian federal election and we're still using the pencil-and-paper and human-counted voting method.

Yeah, well, there's only like 47 people living in Canada - that makes things easier to do by hand.

Re:Free vote (0)

Anonymous Coward | more than 5 years ago | (#25373803)

I really don't see the problem. We have 30 million people, of which we take some small fraction to count by hand all the votes. I don't see the magical point between 30 million (in Canada) and 300 million (in the US), for example, where this small fraction of people would become necessarily larger. You'd need ten times the people to count the votes and for security and so forth, of course, but presumably you would have ten times the population to recruit people from and ten times the tax base to fund it all. I don't really see why this system wouldn't scale equally well for any number of people at all. Anyone care to enlighten me?

Re:Free vote (2, Interesting)

Nathanbp (599369) | more than 5 years ago | (#25373909)

With pen and paper voting in the US, we'd need 10 times as many people to rig the election, thus greatly increasing the chance that someone would talk about it. Whereas with computerized voting machines, we don't have that problem.

Brazil smarter? (-1, Troll)

BountyX (1227176) | more than 5 years ago | (#25373333)

Hmmmm lets see first they went oil independant somewhere in the mid 70's by making the switch to sugar cane refined ethanol...then they switch to open source technologies for their electronic voting system. This is outragous. What kind of government does such bold public service? I'm betting this is some cheap government scam to get its people to all write missing linux drivers on election day...

Re:Brazil smarter? (1)

AndGodSed (968378) | more than 5 years ago | (#25373471)

Talking about drivers - in the one picture you can see the USB fingerprint reader's driver loading. I find that interesting as our local LUG had a discussion a while back about the lack of support for fingerprint readers on some of the newer laptops.

Am I correct in assuming that these drivers are open to share and could be used on a laptop to try and get it's fingerprint scanner to work?

Re:Brazil smarter? (1)

ivan256 (17499) | more than 5 years ago | (#25373511)

There have been linux-compatible fingerprint scanners with open-source drivers since 2001. That doesn't mean the scanner in your laptop will work... It's probably a different scanner.

A geek question (1)

AndGodSed (968378) | more than 5 years ago | (#25373377)

Anybody know what these are running - or at least what it is based on?

From the pics I cannot tell much.

Is this a custom build or a distro hack?

[edit]

Just checked the picture again and saw MINIX - could it be?

[/edit]

Is the voteing software open source? (1)

Joe The Dragon (967727) | more than 5 years ago | (#25373437)

That is the bigger thing to have even big then the os part.

Re:Is the voteing software open source? (1)

vbraga (228124) | more than 5 years ago | (#25373679)

No, in any sense. Political parties have access to source code, but it's not publicly available, unfortunately.

frightening and horrifying (0, Troll)

circletimessquare (444983) | more than 5 years ago | (#25373509)

if you make voting more complex, you increase the number of attack vectors. and where previously, you might need to have a conspiracy of multiple actors to dispose of/ falsify paper votes over a length of time and with grueling effort affecting only a fraction of precincts, now, one well-placed guy, and one fine tuned hack, can in 3 milliseconds massage the votes in such a way that they defy auditing, statistical analysis...

do brazilians really want brazilian democracy to be this vulnerable to a major challenge to its legitimacy?

i find the prospect of electronic voting to the single most greatest threat to democracy i can think of today. because it undermines the legitimacy of the process. you can't make it transparent AND secure at the same time: these two processes are diametrically opposed to each other. either its secure and opaque and therefore untrustworthy (oh, you're going to trsut some underpaid government technicians with the legitimacy of your democracy? "trust us, everythign is fine"), or its transparent and open to more avenues of mischief. and electronics, unlike paper and pencil, are fundamentally opaque. its a black box: you put votes in, a tally comes out. within that black box is too much potential for easy mischief ranging across the entire vote of millions of people in mere milliseconds. of course you can do mischief with paper ballots. its just that the time and effort required is humongous compared to what one little quick hack can do

it is absolutely absurd to me that anyone would entrust the perception of the legitimacy of their government to electronic voting. every democracy, from the poorest, to the richest, should use paper ballots and ocr. that anyone would seriously consider electronic voting, to me, belies a fatal inability to understand what the role of transparency and trust play in the legitimacy of your democratic government, a fatal inability to understand the whole point of what the voting process is: it must be absolutely clear to the people of a democracy that their vote counts, and that their vote is real. you don't get that with electronics

its mindboggling to me. what does it take to convince technofetishists that the voting process must NOT be "improved"? for the sake of the perception of legitimacy of your government?

Re:frightening and horrifying (0)

Anonymous Coward | more than 5 years ago | (#25373753)

As a Brazlian living in the US..

1 - I used the machines in Brazil in 1990, 1994 and 1998 to vote for the elections.

2 - The machine generates a print out of the votes made and every voter has to keep it (it is mandatory to vote in Brazil, and they ask for proof - your print out - when you apply for a Job

3 - it is not connected to the network. They are transported to a central place for tallying. with the print out of the votes as well as a floppy copy of the data.

4 - My understand is that all the parties have access to the software and can generate / verify hashes of the software installed to make sure that everything is right. Moreover, they can have representatives in every voting place in the country if they want.

5 - I agree with concerns that the vote can be manipulated at the server side. but the boxes are pretty hard to mess with. You may be able to get a whole system nullified by adulterating binaries and records, but not to change it to make it look like a legit machine with modified files (hash checks).

Brazil does have serial flaws and problems, but both their voting system and taxing system are very efficient. As far as I can remember (1990) all the election results were mimicked quite closely by the pools made when voters were leaving their voting site.

However, if we want to talk about the voting process, look at the mess that is the US voting system.

The registering process is a joke. My wife has been trying to register to vote for the last month, and she will not be able to vote in this election. Moreover, you have the joke of all the scandals (Acorn, GA not getting naturalized citizens registered).

Also, how can you have a margin of error for votes? A vote is a vote.. How can you accept that 1% of the votes will be miscounted. That is completely unreasonable.

Also, the college, this is typical of dictatorship. I understand why the founding fathers did this, but it makes no sense with the current technology. And that is not even taking maverick votes into consideration.

And then, you had the joke of the 2000 election. Where Bush lost Florida, the popular vote, and still was elected.

my 2 cents

strawman (0, Troll)

circletimessquare (444983) | more than 5 years ago | (#25374075)

it is not required of me to defend the american system in order to attack the brazilian system. please, by all means, attack the american system if you want, i am not defending it, i agree it sucks in many ways, most definitely with the disgusting electoral college. if you reflexively attack the american system when i attack the brazilian system, this is just kneejerk tribalism on your part, you completely miss the point: my words of criticism of the brazilian system are not being spoken as an american, or a japanese, or even a brazilian. this is not a soccer match. i am simply, as a human being who wishes democracy to remain as airtight as possible, imploring everyone to stick with paper voting, not just in brazil, but anywhere democracy flourishes

that the system gives a print out means nothing. if i ghost write statistically invisible records across a wide swath of a vote, covering perhaps 1-10% of a vote, i can sway the entire election on close calls. what will the paper printout protect you from then? you are going to call everyone back and compare each and every record to find the discrepancy? good luck

and you point to how the system is robust. robust against what? a script kiddie? say i am a powerful interest: petrol, agriculture, whatever. the vote looks like it is going against my financial interests, i can see $100 million in losses if a new administration comes in with a new policy. so i am willing to put $10 million up to bribe the right government official, or two (as opposed to hundreds of officials with a paper vote to affect the same volume of changes: impossible to remain an airtight conspiracy). then i hire the 1 right top level hacker programmer to plug in at the right moment at the right spot to ghost write and cover all our tracks and in such a pseudorandom way as to defy statistical analysis

i've just bought the brazilian presidency

only with electronic voting is this scenario possible to happen, and remain absolutely silent and unnoticed

this doesn't bother you? you don't see how this scenario is impossible with paper voting, simply because it requires too much effort by too many actors to remain unnoticed and affect that much change?

Re:frightening and horrifying (0)

Anonymous Coward | more than 5 years ago | (#25373999)

you can't make it transparent AND secure at the same time: these two processes are diametrically opposed to each other. either its secure and opaque and therefore untrustworthy, or its transparent and open to more avenues of mischief.

You should tell those folks at OpenBSD that they're wasting their time trying to make something transparent and secure at the same time. I mean, the full source is right there on the website for anyone to see! Clearly Windows is top-notch when it comes to security, as all their source code is hidden away.

Still needs a paper trail... (1)

Khopesh (112447) | more than 5 years ago | (#25373533)

Whoa, that's a Diebold system ... Diebold is that company whose name turns up on almost any news item related to voter fraud (and similar corruption) in the US, which you can see more clearly at sites like Black Box Voting.org [blackboxvoting.org] . I didn't know that there was an option for flashing those systems, already purchased by many municipalities, with a friendlier configuration (Free Software should be mandatory for processes like this which can only function with FULL transparency). This might be a viable out for many a local government.

However ... the same problem presented by Diebold's bad code is presented to reprogrammable systems like these. Therefore, as Richard Stallman (among many, many others) advocates, you still need a physical paper trail for FULL accountability. You need those in order to provide the transparency needed to investigate allegations of misconduct, and frankly, despite the increased cost, this is necessary for the assurance of freedom and democracy that it gives. We can't afford not to.

Re:Still needs a paper trail... (1)

Archangel Michael (180766) | more than 5 years ago | (#25373655)

"Diebold is that company whose name turns up on almost any news item related to voter fraud (and similar corruption) in the US"

You mean Diebold and ACORN are the same people????

Re:Still needs a paper trail... (0)

vbraga (228124) | more than 5 years ago | (#25373695)

It's not a Diebold system. It's software is owned by the Government and Diebold just happens to be the current biggest hardware supplier.

Re:Still needs a paper trail... (1)

Zaatxe (939368) | more than 5 years ago | (#25373949)

Whoa, that's a Diebold system ... Diebold is that company whose name turns up on almost any news item related to voter fraud (and similar corruption) in the US, which you can see more clearly at sites like Black Box Voting.org.

Think about this: is Diebold trying to manipulate elections or is it just a hardware/software supplier? They are just supplying what they are ordered for.

Mod up = it's on the pics (2, Informative)

Zantetsuken (935350) | more than 5 years ago | (#25374115)

Cool that it runs a Linux kernel, but every single pic from TFA clearly shows Diebold written all over (literally) - everything from the chassis/mold, GUI, and even the POST screen are customized to have Diebold on it...

If only I had the mod points I had 2 days ago...

In this case "Hate the Player and not the Game" (1)

lsmo (1106631) | more than 5 years ago | (#25373585)

I think the focus should be shifted from how easy it is to hack e-voting machines or print out fake ballots, and get down to the real problem. The real problem is Corrupt people in a system without the proper checks and balances. If we can remove the corruption the system will work, whether its pencil/paper or e-voting. There is no easy way to do this, but I do have a suggestion. At every point in any voting system that can be compromised by a corrupt person place a member from all interested parties there to oversee the operation as a group. It may mean a little more overhead but it will remove the root cause that led to the compromise in the first place.

There goes my $0.02

ah, I see now (1)

Eil (82413) | more than 5 years ago | (#25373721)

So I guess this is what Linus had in mind when he was talking about world domination all those years ago...

ignore this comment (0)

Anonymous Coward | more than 5 years ago | (#25373795)

it's junk

Brazil FTW (3, Interesting)

juliohm (665784) | more than 5 years ago | (#25373941)

As a Brazilian, born and raised here, I can say this is one of the few things I'm proud of in my country. Ever since they implemented the electronic voting process, things have never been more efficient. It may seem a bit "too open" by using open source code for this type of procedure, but I've seen articles explaining the entire process. Rest assured, the "open-sourceness" of this idea is the least of their concerns. The entire process is controlled and verified by multiple agents and doubled checked for fraud. All political parties are allowed to point representatives that personally follow the whole process of gathering disks, transmitting data and adding up all the votes in one central server. As far as the people are concerned, the whole thing is very transparent and does not rely entirely on computer encryption, but also on human verification and validation. Any data transmitted is done via a secure government Intranet, and never via public Internet (as one may wonder). The source code of the operating system is maintained and updated by the government under strict security policies. As far as I can tell, this beats the hell out of any bag of paper ballots. Any ellection here takes at most a few hours to get the results to the people. We usually know the results of it on the same day we vote, just in time for the evening news.

Re:Brazil FTW (1)

b0ttle (1332811) | more than 5 years ago | (#25374453)

The problem is americans must always be the pioneers in every field, if they are not, then they think it's bullshit. Of course that kind of thinking wouldn't last forever, and now they're pioneers on financial crisis.

Believe-me, it got better (1)

Ironballs (915117) | more than 5 years ago | (#25374165)

Our Brazilian e-voting system is much better than the old pen-and-paper one. In the first days of "democracy" it was common to see people on the very poor cities voting with a gun aimed at their heads to make sure people were voting in the "right" candidate. Our greater problem isn't the voting machines or the voting system, but people who vote in a illiterate candidate who is well-known to be associated with picketing and known alcoholic. Well, can't win 'em all

Hey, guys! (0)

Anonymous Coward | more than 5 years ago | (#25374207)

Thanks for your concern about our elections!

Really, I mean it. We sure can use the support of neighbours to improve our frail but well-intentioned democracy.

Now, just as a guy who has witnessed electronic elections for about 20 (that's twenty, yes, sir/ma'am) years, I can safely say without any fear of being wrong: it's way better with electronic voting.

This might even be more related to a educational higher level of our population, but we have a much more transparent voting now. Things happen so fast it might even not allow much time or opportunity for tampering.

Elections finish at 17 o'clock and results are already known on the same day.

For all the valid votes of the 130 million voters.

Even if something goes wrong, it's a matter of a few hours more.

As an aside, IMHO, we're going for instant public consultation in the [far|not so far] future. We already have TV programs with telephone voting (though nothing serious).

Discussing paper and pen with such an aim, well... it's counterproductive, ain't it?

This is the wrong way to do a voting machine (1)

harlows_monkeys (106428) | more than 5 years ago | (#25374353)

Linux in embedded applications is not necessarily any more secure than Windows. On both, if you take out things you don't need, so just run the kernel, minimal support applications, plus the custom application for your embedded device, you end up with about the same level of security.

And that level is NOT good enough for voting machines. The right way to do a voting machine is to design a system (hardware and software) specifically for this one task. This system should be subjected to state of the art formal methods, form the specification through the implementation (with all steps open for public review by experts). This would be hard, and might take a few years, but it would be worth it. Voting machine can have a very long service life, on the order of decades or even a century or more, so taking a few years to get it right up front is justified.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...