Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Software Bug Adds 5K Votes To Election

CmdrTaco posted more than 5 years ago | from the margin-of-error dept.

Government 239

eldavojohn writes "You may be able to argue that a five-thousand-vote error is a small price to pay for a national election, but these errors are certainly inadmissible on a much smaller scale. According to the Rapid City Journal, a software glitch added 4,875 phantom ballots in a South Dakota election for a seat on the city council. It's not a hardware security problem this time; it's a software glitch. Although not unheard of in electronic voting, this bug was about to cause a runoff vote since the incumbent did not hold a high enough percentage of the vote. That is no longer the case after the numbers were corrected. Wired notes it's probably a complex bug as it is not just multiplying the vote count by two. Here's to hoping that AutoMark follows suit and releases the source code for others to scrutinize."

cancel ×

239 comments

Sorry! There are no comments related to the filter you selected.

Uh oh... (3, Funny)

Anonymous Coward | more than 5 years ago | (#28250863)

The software has achieved sentience and is trying to elect its robot overlords! Before anyone else... I for one welcome our democratically elected robot overlords.

Re:Uh oh... (2, Funny)

Jonas Buyl (1425319) | more than 5 years ago | (#28250883)

What? I thought Hillary didn't make it to president after all?

Re:Uh oh... (1)

OeLeWaPpErKe (412765) | more than 5 years ago | (#28250977)

1 bug, 1 vote !

fight for you rights !

Re:Uh oh... (2, Insightful)

Hasai (131313) | more than 5 years ago | (#28251499)

I take it you've never really taken a good hard look at the crop of politicians currently in office. The 'droids have been running the show for quite some time now....

Re:Uh oh... (1)

Q-Hack! (37846) | more than 5 years ago | (#28251587)

I take it you've never really taken a good hard look at the crop of politicians currently in office. The 'droids have been running the show for quite some time now....

The sad thing is, this works for either political party!

Re:Uh oh... (0)

Anonymous Coward | more than 5 years ago | (#28251651)

Come on, people. How hard can it be for a machine to count stuff? Am I missing something?

foreach category {
candidates[] clist = getSelectedCandidates();
if not onecandidateselected() then continue;
foreach candidate {
numvotes(candidate) += 1
}
}

Re:Uh oh... (1)

morgauxo (974071) | more than 5 years ago | (#28251851)

Ahhh! That explains The Governator! South Dakota must be following the example of California.

How hard is it for a computer to do addition? (5, Interesting)

pieterh (196118) | more than 5 years ago | (#28250865)

Why is a voting system doing any kind of math at all? I voted yesterday in Belgium on a computer that puts my vote onto a card, which is then tallied separately. This same system has been working since at least 1995 with zero reports of fraud or failure (except normal "computer is broken" style failures).

How can a computer "add phantom ballots"? Software does not just "glitch", it breaks in ways that depend entirely on how it was built.

Re:How hard is it for a computer to do addition? (5, Insightful)

rvw (755107) | more than 5 years ago | (#28250959)

Why is a voting system doing any kind of math at all? I voted yesterday in Belgium on a computer that puts my vote onto a card, which is then tallied separately. This same system has been working since at least 1995 with zero reports of fraud or failure (except normal "computer is broken" style failures).

How can a computer "add phantom ballots"? Software does not just "glitch", it breaks in ways that depend entirely on how it was built.

How do you know this system is fraud free? Reading your comment doesn't convince me one bit. I voted too, in the Netherlands, and for the first time in years I had to use a pencil again. No guarantee that there are no counting errors, but they won't be systematic on a large scale.

Re:How hard is it for a computer to do addition? (4, Interesting)

pieterh (196118) | more than 5 years ago | (#28251257)

Belgian politics are not always polite. There is endless infighting. There is no monopoly of power, every government is a coalition and always fragile.

This makes election fraud very hard to organise and probably impossible to keep a secret. One would need to buy too many people, for too long.

So not because I trust the Belgian political establishment, but because I trust their incompetence and greed, I'm pretty satisfied that every vote is counted, and accurately.

Re:How hard is it for a computer to do addition? (1)

FalcDot (1224920) | more than 5 years ago | (#28251501)

Or perhaps we can trust that they all cheat in roughly the same amount, cancelling each other out :-)

Re:How hard is it for a computer to do addition? (0)

Anonymous Coward | more than 5 years ago | (#28251591)

How do you know this system is fraud free?

No system is fraud free. But since we still work with a ballot box, it is just as hard to commit fraud as it is with paper ballots.
Software fraud is very hard, because the software is only installed just before the voting bureau opens.
Also, see parent.

No guarantee that there are no counting errors, but they won't be systematic on a large scale.

Because of the way the voting is organised, we know if and in which bureau the miscount happened.

Before the voting starts, the magnetic cards are counted. There is 1 card for everyone who has to vote in that bureau.
Every voter is crossed off on a list, and after the voting the number of remaining cards should be equal to the number of people that didn't vote. The number of cards in the ballot box is counted by a computer, and again, checked against the paper list.

Then, if the numbers for that ballot box don't add up, the phantom votes are discovered instantly.

The only miscount that could happen, is when a vote changes from one party to another. But then the system probably has checks regarding whom you voted for on that list (a vote for the CD&V party and for a candidate from NVA is impossible).

Re:How hard is it for a computer to do addition? (3, Insightful)

Darkness404 (1287218) | more than 5 years ago | (#28250973)

While I'm as puzzled as you are on why its doing simple addition wrong, I can understand why you would want a computer to do the math though, as it should be more error-proof than humans.

Re:How hard is it for a computer to do addition? (2, Funny)

C_Kode (102755) | more than 5 years ago | (#28251309)

Real life appears to disagree with you! :D

Re:How hard is it for a computer to do addition? (0)

Anonymous Coward | more than 5 years ago | (#28251667)

Ob-SImpsons

"Math is hard! Let's go shopping."

Re:How hard is it for a computer to do addition? (1)

JustOK (667959) | more than 5 years ago | (#28251785)

...with the government's money!

Re:How hard is it for a computer to do addition? (3, Insightful)

nine-times (778537) | more than 5 years ago | (#28251845)

Right. Ask a computer to count 1 million records and stop exactly on the millionth, and then ask a person to count 1 million cards and stop on the millionth. If you had to bet your life on it, who would you think would be more precise? Obviously computers have value.

On the other hand, I'm a firm believer in the idea that the source code should be available for review to make sure there are no weird bugs that could multiply votes, and there should be a paper trail so that the computer can be checked for voter fraud. Computers are more efficient, but not only are they more efficient at doing the right thing, and they're more efficient at doing the wrong thing. If the code tells them to count votes incorrectly (whether it's fraud or an inadvertent bug) they will very efficiently count the votes incorrectly.

Re:How hard is it for a computer to do addition? (4, Funny)

tangent3 (449222) | more than 5 years ago | (#28251025)

Additions just aren't so simple anymore in concurrent computing. The obvious way to do addition in gcc c would be:

totalVotes[candidate]++;

but this will totally screw up the vote count, whereas

__sync_add_and_fetch(&totalVotes[candidate], 1);

gets it right.

Re:How hard is it for a computer to do addition? (3, Interesting)

jgtg32a (1173373) | more than 5 years ago | (#28251099)

I'm not a programmer but why would totalVotes[candidate]++; not work?

Is it a race condition, it pulls the number adds one and puts it back, and if the system is run parallel it will drop vote added at the same time?

Re:How hard is it for a computer to do addition? (2, Informative)

stickrnan (1290752) | more than 5 years ago | (#28251393)

i++; is essentially the same as the statement i=i+1;. If you have multiple threads running at the same time you can potentially lose data should more than one thread try to assign i the value of i+1 at the same time.

Re:How hard is it for a computer to do addition? (5, Interesting)

Anonymous Coward | more than 5 years ago | (#28251409)

Yes, it's a threading issue. If you have multiple threads trying to update the value, some of them won't count. You'd either need to use a lock (and probably mark the variables as volatile) or use some kind of atomic update (like a read-modify-write operation).

Still, you'd have to be an idiot to even try to count votes as they're coming in. A much better approach would be to use a database. Database servers are already really good at handling concurrency and scaling. When a vote is cast, simply add a record to the database. Once the election's over, do something like "SELECT COUNT(*), candidate_id FROM votes GROUP BY candidate_id", and the results will be calculated based on the records in the database.

Really, you could only screw this up if you insisted on developing the entire system from scratch, rather than going with existing, well-tested code.

Re:How hard is it for a computer to do addition? (2, Interesting)

Rakshasa Taisab (244699) | more than 5 years ago | (#28251421)

Exactly... why would it fail on a single-threaded program? The problem is much more that just simple race-conditions on instruction level. What do you do if the program crashes? You have no way of recovering if all you do is increment an array. It really should keep a cryptographically signed logs of each vote, on hardware designed to be read only using specialized key+hardware. The GUI app and the vote management app should be separate programs, with different user/privileges. This would avoid the more complicated UI code having memory corruption issues affecting the vote registration. Each vote would need to do a proper syn/ack message passing to confirm the vote was registered, and a separate sequence sent to the operators controlling the voting booth so they can see the voter successfully cast a vote and tell the vote server when it can accept another vote.

Re:How hard is it for a computer to do addition? (1)

Bluesman (104513) | more than 5 years ago | (#28251649)

I doubt this is how the machines work, but to answer your question, assume thread A and B are voting machines trying to update a single vote count.

The three steps in doing that are:

1) Read the current value
2) Increment the current value
3) Store the result back in the memory location

If thread A and B read the current value at the same time, they will both increment that same value and both try to restore the new incremented-by-one value. So if current votes is 55, thread A and B will both simultaneously read that value, increment 55 to 56 and store that result. The end result is that a vote is dropped.

This problem can be solved any number of ways, and only the most boneheaded programmer would get bitten by such an obvious bug. I seriously doubt the problem with the voting machines is as simple as this.

Re:How hard is it for a computer to do addition? (2, Interesting)

Tubal-Cain (1289912) | more than 5 years ago | (#28251157)

The obvious way to do addition in gcc c would be:

totalVotes[candidate]++;

but this will totally screw up the vote count.

Why will it screw up? A bug? gcc trying to force good coding practices? Ignorant minds want to know.

Re:How hard is it for a computer to do addition? (1, Interesting)

Anonymous Coward | more than 5 years ago | (#28251329)

Additions just aren't so simple anymore in concurrent computing.

Why would e-voting be a concurrent operation? Each voting machine should tally votes locally. Every hour (or at the end of the day, or at some other random interval), each machine would connect to a central server, upload its current tally, and reset its local info. This upload-and-reset should be done in a synchronous fashion, such that the server accepts only one tally at a time and the client resets only after it confirms the upload with the server. Surely existing database protocols such a two-phase commit would solve this problem satisfactorily.

Re:How hard is it for a computer to do addition? (2, Interesting)

RenHoek (101570) | more than 5 years ago | (#28251069)

Well, there's the

    candidate[x]++;

that should be going on inside..

Other then then, no math..

Seems somebody is not following the K.I.S.S. method..

Re:How hard is it for a computer to do addition? (5, Funny)

tangent3 (449222) | more than 5 years ago | (#28251107)



void vote(int candidate)
{
   switch (candidate)
   {
      case GEORGE_BUSH:
         totalVotes[GEORGE_BUSH] ++;

      case AL_GORE:
         totalVotes[AL_GORE] ++;
         break;
   }
}

Re:How hard is it for a computer to do addition? (0)

Anonymous Coward | more than 5 years ago | (#28251187)

Is that you, DemocratHacker?

Re:How hard is it for a computer to do addition? (0)

Anonymous Coward | more than 5 years ago | (#28251241)

That works fine in c# :-)

Re:How hard is it for a computer to do addition? (0)

Anonymous Coward | more than 5 years ago | (#28251425)

Why is this modded insightful and not funny?

Gore is getting all of his votes + all of Bushes votes!

Re:How hard is it for a computer to do addition? (5, Funny)

Cixelsiduous (1544363) | more than 5 years ago | (#28251467)

eh...your first case statement is missing a break. As it currently stands, a vote for GEORGE_BUSH also adds a vote for AL_GORE. I dunno maybe you left it out on purpose to make a point? I guess the bigger question is: why do I care? The answer of course is because I have no friends.

This is why it's hard... (1)

thijsh (910751) | more than 5 years ago | (#28251493)

you forgot the first two lines:

const int GEORGE_BUSH=1;
const int AL_GORE=GEORGE_BUSH;

Re:How hard is it for a computer to do addition? (-1, Troll)

Anonymous Coward | more than 5 years ago | (#28251547)

So... each vote for Bush also resulted in a vote for Gore?

Never forget your breaks

Re:How hard is it for a computer to do addition? (2, Informative)

The Moof (859402) | more than 5 years ago | (#28251691)

That was the whole point of the code. He was answering the GP's question "How can a computer 'add phantom ballots'?"

Or at least I hope that was his intention.

Re:How hard is it for a computer to do addition? (0)

Anonymous Coward | more than 5 years ago | (#28251699)

Umm... I fail to see how this is insightful rather then +5 funny. Switch the two cases and then I would understand.

Re:How hard is it for a computer to do addition? (1)

Maxo-Texas (864189) | more than 5 years ago | (#28251471)

Seriously...

How hard is

If "A"
A = A + 1
elseif "B"
B = B + 1
elseif "C"
C = C + 1
endif

???

How hard can it be? (4, Insightful)

Nursie (632944) | more than 5 years ago | (#28250871)

I mean really, I'm pretty sure I could write a program with a couple of buttons and a counter for each.

What's going on here?

Re:How hard can it be? (0)

Anonymous Coward | more than 5 years ago | (#28250949)

Somebody is so fast he was able to press the voting button five thousands times in the lapse of time it takes others to press the button once.

Re:How hard can it be? (4, Funny)

Nursie (632944) | more than 5 years ago | (#28251023)

Ah, "Shaky" Jim was off his meds again.

Re:How hard can it be? (3, Insightful)

noundi (1044080) | more than 5 years ago | (#28250997)

What's going on here?

That, my friend, we will never find out. We would if these highly complex applications were OSS, but then again the complexity of these are so immense that 9/10 experienced programmers had their heads spontaneously explode upon viewing the first line of code. That or someone is bullshitting you.

Re:How hard can it be? (1)

Tubal-Cain (1289912) | more than 5 years ago | (#28251073)

As someone that's never bothered to do much more than a while loop, I am pretty sure I could belt out an "count the number of times I press 'a' and the number of times I press 'b'" in less than 10 minutes.

I agree. (0)

Anonymous Coward | more than 5 years ago | (#28251129)

Incrementing a counter is not fucking rocket science.

Even doing it in a thread safe way is trivially easy these days (provided the developer has a basic level of competence at his job).

Re:I agree. (2, Insightful)

Rakshasa Taisab (244699) | more than 5 years ago | (#28251677)

The problem is probably that the developers of that voting software was probably exactly like the OP, thinking: I'm pretty sure I could write a program with a couple of buttons and a counter for each.

Really, the very first step you'd need to make, is separating the system into a GUI client, operator client and vote server. The vote server would be easier to verify due to very few libraries and unrelated code being used. The GUI client would not be able to mangle _all_ vote results in an instance due to memory corruption issues. And requiring the operator to clear the vote server for receiving the next vote would avoid 5000 votes being registered due to a bug of any kind.

The server and GUI client would be separate users with different privileges and cryptographically signed log to append-write only medium. Hell, the final confirmation to the user should be displayed on screen by program using a plain-text message sent by the server to a different client process, just to ensure the GUI is showing a different choice from what it registers with the vote server. And I'm sure there's plenty of other stuff that would need to be done to make a truly secure and reliable voting system.

Re:How hard can it be? (1)

0xABADC0DA (867955) | more than 5 years ago | (#28251741)

What's going on here?

What's going on here is that the vast majority of computer software is crap. And if the programmers think that nobody is ever going to see the source and that it will be impossible to verify the results then the software they write is even crappier. And even if it were traced back to the incompetent programmers there'd be no liability for them... worst cases they get fired and go to work at some other company that doesn't know better than to hire them.

Of course there's also the purposely rigged voting software... but that's not going to add 5k votes, it's just going to change them.

WTH (-1, Redundant)

Anonymous Coward | more than 5 years ago | (#28250875)

Voting is just addition. Why is it so hard for these people to get it right?

Would you like candidate/proposal A? Yes/No

*sigh*

How..... (3, Insightful)

Darkness404 (1287218) | more than 5 years ago | (#28250891)

It still amazes me how "hard" it is to write a simple program. First have something to scan the ID, check that its unique then move to the voting. Have a few radio buttons that you click, then hit submit, each radio button corresponds to a candidate or a choice, they are added up and give you the results. How the crap do you screw that up?

Re:How..... (-1, Redundant)

tangent3 (449222) | more than 5 years ago | (#28250999)

Probably the same way using:

totalVotes[candidate]++;

screws up.. whereas

__sync_add_and_fetch(&totalVotes[candidate], 1);

gets it right.

Re:How..... (0)

Anonymous Coward | more than 5 years ago | (#28251277)

so you keep saying. do you care to elaborate on the reasoning behind that or are you just going to keep pasting the same response throughout this article?

Stop that! (1)

denzacar (181829) | more than 5 years ago | (#28251489)

Copy/pasting the same answer over and over...
Makes me feel senile running into those. "I could have sworn I just read that comment a minute ago... Did I really?"

Re:How..... (2, Interesting)

Anonymous Coward | more than 5 years ago | (#28251039)

How does a local election provider define the ballot? How do you ensure that the ballot programming is accessible to politicos and not computer programmers? How do you QA the ballot program? How do you verify that nobody has tampered with the ballot program after it has been QAed?

For QA, how do you do it without using official ballots that don't end up in the valid votes pile? Do you use a different form? Then the official ballot might be different from the test ballot and result in badly counted votes. What happens if the scanner (for optical scanners) gets miscalibrated, or the ballot printer was miscalibrated when it printed them, so that alignments aren't off? What if the initial votes and ballots are correct but later ones are not because of changes in calibration or alignment? Think about multiple ballot runs off a printer in a high-volume election.

What about different election types? "Most-of", "at-large", "one-of", "instant-runoff", etc.? What about the interactions between these election types and other election types on a single ballot? What about multiple ballots in small regional areas? Who programs them and verifies the programs?

Re:How..... (3, Insightful)

Darkness404 (1287218) | more than 5 years ago | (#28251137)

How does a local election provider define the ballot?

Depends, have a list of candidates, choose the candidate, submit it. For a yes or no issue have two buttons, one yes the other no.

How do you ensure that the ballot programming is accessible to politicos and not computer programmers?

Either have a GUI or hire a programmer, I'm sure that the cost of one programmer and one or two other people is a lot less than hiring a team to hand-count votes.

How do you QA the ballot program? How do you verify that nobody has tampered with the ballot program after it has been QAed?

Sign it. Have the program check the signature, good signature it lets it go, bad signature it rejects it and throws up an error message.

For QA, how do you do it without using official ballots that don't end up in the valid votes pile?

Reimage the machine after use.

What happens if the scanner (for optical scanners) gets miscalibrated, or the ballot printer was miscalibrated when it printed them, so that alignments aren't off? What if the initial votes and ballots are correct but later ones are not because of changes in calibration or alignment? Think about multiple ballot runs off a printer in a high-volume election.

Simple, don't use scanners. Simply have it be all digital with a paper printout that may be used if the electronic voting failed due to errors, etc. The paper printouts could be hand-counted if there was a major failure.

What about different election types? "Most-of", "at-large", "one-of", "instant-runoff", etc.? What about the interactions between these election types and other election types on a single ballot? What about multiple ballots in small regional areas? Who programs them and verifies the programs?

Programmers and the town. Have an open meeting where anyone can discuss them, fix them, etc. You only need to hire one competent programmer to program a ballot. Multiple ballots are simply more XML files, trivial to make.

Re:How..... (4, Interesting)

Shakrai (717556) | more than 5 years ago | (#28251061)

It still amazes me how "hard" it is to write a simple program. First have something to scan the ID, check that its unique then move to the voting. Have a few radio buttons that you click, then hit submit, each radio button corresponds to a candidate or a choice, they are added up and give you the results. How the crap do you screw that up?

Well, in the case of New York State, our fearless leaders in Albany changed the requirements no less than 15 times after signing a contract with the vendor for new voting machines. Then after they finally agreed on a set of requirements they decided that they needed voting machines for 62 counties right now so they'd have them in time for the election. Then after the machines arrived they changed the requirements again and needed the new software for them right now.

Doing business with the Government is not an easy undertaking. The only good thing that came out of it is our fearless leaders weren't stupid enough to go with a DRE (direct electronic recording) system. We still have paper ballots that can be counted by any human being if the computer system fails. All the computer does is tabulate them and provide an interface for those voters (the blind/handicapped) whom can't fill out paper ballots themselves.

Re:How..... (2, Interesting)

S77IM (1371931) | more than 5 years ago | (#28251407)

We still have paper ballots that can be counted by any human being if the computer system fails. All the computer does is tabulate them and provide an interface for those voters (the blind/handicapped) whom can't fill out paper ballots themselves.

This is how all electronic voting systems should work. No automated result should be legally admissible for anything unless a human can double-check that result. It's like those robot radar guns that snap a photo of your license plate and then mail you a ticket. There's no defense against it or way to double check it -- there's no human to put on the stand and testify against you. (I'm sure there are legal ways around this that let places use this technology but I disagree with them.) It's the same with voting machines, and killing machines [slashdot.org] . Fallible though humans may be, I don't want my rights or future decided by computers.

  -- 77IM

Re:How..... (2, Informative)

Shakrai (717556) | more than 5 years ago | (#28251571)

Hey, you are preaching to the choir here. I became a NYS Elections Inspector primarily so I could see how the machines and procedures work behind the scenes. I'm convinced that we have a good system.

The new machines we use have two main components. The ballot scanner and ballot marking device (BMD). The BMD is only used by handicapped voters. It consists of different interfaces (a control pad, a sip/puff device, foot pedals, LCD screen and headphones) designed for people with various disabilities. It takes their votes and prints out a ballot that is then scanned by the ballot scanner. Regular voters get a paper ballot where they fill in the squares and drop it into the ballot scanner. The ballot scanner will catch under/over-votes and give you a chance to get a new ballot if you want.

All paper ballots are retained and can be referred back to in the event of a close/disputed election. The scanner is also smart enough to catch write-in votes and divert those to a different ballot box for easier tabulation. When it scans a ballot it also retains an image of the actual ballot on a memory card. At the end of the day we remove that memory card and transport it to the Board of Elections with the unused ballots and rest of our supplies. This memory card is primarily intended as a backup in the event that something (i.e: building the machine is in burns down) happens to the paper ballots.

Our system is pretty good. It took NYS years to adopt it but at least that gave us the chance to learn from the mistakes that other states made. I've seen the DRE machines in action (worked as a poll watcher during the Presidential Primaries in Ohio last year) and they scare the hell out of me. A single hardware failure and you lose every vote cast on that machine during the day. What idiot decided that was a good idea?

Re:How..... (1)

DontBlameCanada (1325547) | more than 5 years ago | (#28251301)

How the crap do you screw that up?

This *is* a government operation, remember.

How... (0, Redundant)

BlitzTech (1386589) | more than 5 years ago | (#28250893)

... could it possibly be so hard to write voting software? It just... I... but...

It's gotta be deliberate. Right?

I must be missing something... (3, Interesting)

thekm (622569) | more than 5 years ago | (#28250895)

...but I can't understand how a glorified logger can be this far off. With hand-shaking and all the rest of it, it just staggers me that something this simple is so hard. If our systems or audit logging were off by more than 5k, our nuts would be in a sling, and our projects sure as heck aren't as big as these puppies.

Is Voting Software Really That Difficult? (-1, Redundant)

Anonymous Coward | more than 5 years ago | (#28250899)

Voting software seems simple enough. Is there any reason why it isn't or are the programmers just completely incompetent?

How difficult can it be (0, Redundant)

guruevi (827432) | more than 5 years ago | (#28250907)

We keep hearing about these mishaps. But really, how difficult can it be to build a functional counter? The current electronic voting systems are about as reliable as the average poll on a random website.

Blckboxvoting.org (5, Insightful)

Red Flayer (890720) | more than 5 years ago | (#28250911)

"You may be able to argue that a five thousand vote error is a small price to pay for a national election but these errors are certainly inadmissible on a much smaller scale.

A software error resulting in +/- 5000 votes cast is unacceptable on any level, even if it gets drowned out on the national level in the US.

There is absolutely no reason or excuse for software to miscount votes. It isn't rocket science.

I know I'm preaching to the choir here, but this shit just pisses me off. It's a matter of national and local integrity that our voting systems are transparent. Please support blackboxvoting.org [blackboxvoting.org] if you don't have the time to get involved in a deeper fashion (calling/writing your legislators, etc).

Note: I'm not affiliated with blackboxvoting.org. I just appreciate their work.

Re:Blckboxvoting.org (1)

jschen (1249578) | more than 5 years ago | (#28251205)

Agreed that 5000 votes is completely unacceptable even on the largest scale elections. That's an order of magnitude higher than the margin between candidates in Florida in the US 2000 presidential election!

Re:Blckboxvoting.org (4, Funny)

nedlohs (1335013) | more than 5 years ago | (#28251253)

Yes, but it's hilarious when there were only 5600 actual votes cast. +/-100% error bars, is good enough for government work apparently.

Bug? (2, Funny)

david@ecsd.com (45841) | more than 5 years ago | (#28250915)

It's not a bug, it's a feature.

Probably counting screen touches outside buttons (2, Funny)

h4x354x0r (1367733) | more than 5 years ago | (#28250927)

Wired thinks it's "probably a complex bug"? I think probably not, it's probably something blindingly simple, and stupid.

I had no idea (1)

oodaloop (1229816) | more than 5 years ago | (#28250937)

that adding involves multiplying by numbers greater than 1.

!bug (1, Insightful)

Yvanhoe (564877) | more than 5 years ago | (#28250945)

The probability of a software glitch not crashing the system, but causing a problem that changed the outcome of the election while still spouting out believable numbers is close to zero. You don't need software experts on this one, what you need is a criminal investigation.

Re:!bug (4, Insightful)

skelterjohn (1389343) | more than 5 years ago | (#28251051)

yeah, cause the difference in saying something like "x+y/2" or "(x+y)/2" is obvious fraud, as it is a bug that wouldn't crash the system.

Re:!bug (2, Insightful)

todorb (169225) | more than 5 years ago | (#28251193)

when this kind of "error" appears in elections software, be sure that it's not by accident.

Just applying Hanlon's razor (1, Insightful)

Anonymous Coward | more than 5 years ago | (#28251385)

yeah, cause the difference in saying something like "x+y/2" or "(x+y)/2" is obvious fraud
If that bug survived product testing, stupidity is no longer an adequate explanation. We are forced to suspect malice.

Re:!bug (5, Insightful)

link-error (143838) | more than 5 years ago | (#28251075)

It's probably more like they aren't rolling back some transaction on a network error or something. Network timeouts, etc, are probably doubling up the votes from that machine. It's probably an unusual error so it doesn't get caught in testing. Like busy networks on election night? It's not that hard to imagine.

This is why we have validation. (4, Interesting)

BlueKitties (1541613) | more than 5 years ago | (#28250957)

I'm pretty sure, somewhere in that code, was a server thread handle which states "if {vote=="thisGuy"){thisGuy++;}else{otherGuy++;}" - because validating your requests might require extra code.

Re:This is why we have validation. (1)

Quiet_Desperation (858215) | more than 5 years ago | (#28251273)

The disturbing thing about your code is its mandate of only two parties.

Re:This is why we have validation. (1)

mini me (132455) | more than 5 years ago | (#28251527)

Or he is assuming that the third party will receive 5000 votes.

Re:This is why we have validation. (1)

BlueKitties (1541613) | more than 5 years ago | (#28251773)

I guess this is why the alternative never seems to get any votes. Oh well, I'll add multiple candidates to my to-do-list, next to encryption, validation and thread safety.

Re:This is why we have validation. (1)

0xABADC0DA (867955) | more than 5 years ago | (#28251827)

Probably more like:

int ok = validate_ballot();
if (ok);
    votes[candidate]++;
. . .
if (!ok)
    goto screen1; // gotta have a goto

tampering? (5, Interesting)

Ltap (1572175) | more than 5 years ago | (#28250987)

TFA only tells me the numbers and the guy's plans, nothing about the actual bug. What was it? It seems awfully hard to screw up adding two numbers together to get a third number, which is basically what that software was doing. Has it occurred to anyone that it might have been tampering? It seems to me that, with the fairly large (tens of thousands) number of votes, adding or removing just enough to make it a runoff would be the perfect vote tampering scheme - too little to draw much attention, but enough to actually make a difference.

a complex bug (0)

viralMeme (1461143) | more than 5 years ago | (#28251021)

How difficulty is it to get a computer to count up in increments of one?

++count;

looking at the source code (2, Funny)

moon3 (1530265) | more than 5 years ago | (#28251097)

vote = GetVote( );


if( vote = my_candidate )
{
my_candidate_votes = my_candidate_votes + 2;
} else {
other_candidate_votes = other_candidate_votes + 1;
}


In the source code as complex as this, you will probably need a PhD in computer science...

/s

Nope, there were errors in Belgium in the past (0)

Anonymous Coward | more than 5 years ago | (#28251113)

There have been reported errors in Belgian computerized votes. (2003, Schaerbeek, for instance)

Belgian Anonymous Coward, who should find some time to register on slashdot

It's simple (5, Funny)

Mad-Bassist (944409) | more than 5 years ago | (#28251165)

Someone forgot to clear the chad bit!

Re:It's simple (1, Funny)

Anonymous Coward | more than 5 years ago | (#28251449)

It's worse than that. Some of the bits were in an indeterminate "hanging bit" state which take much longer to process. Combine that with the fact that the bits were not actually located in their associated bytes, but were rather distributed in a "butterfly-byte" configuration and you see how difficult it is to arrive at an accurate total.

Open source voting (0, Troll)

fulldecent (598482) | more than 5 years ago | (#28251167)

I hear lots of people talking about how an open source voting solution would exceed the quality of commercially available solutions in use today. Also, I hear that such a solution would also be easy to implement.

Could someone please send me a link to the SVN where I can find this alleged OSS voting software?

Nobody trusts these machines (1)

Presto Vivace (882157) | more than 5 years ago | (#28251207)

yet we continue to use them, both here and abroad. Curious.

Re:Nobody trusts these machines (1)

pembo13 (770295) | more than 5 years ago | (#28251285)

I think the ones programming them are the ones not to be trusted.

Doubles (2, Funny)

Paddo_Aus (700470) | more than 5 years ago | (#28251245)

Was there a double B, double G, double L?

In related news... (3, Interesting)

Xiver (13712) | more than 5 years ago | (#28251291)

In related news its apparently very easy to convince the media that programming voting machines is hard. I seriously doubt this was an accident. Independent testing should have flushed this bug out very early.

my observation (2, Interesting)

Tumbleweed (3706) | more than 5 years ago | (#28251315)

I find it interesting that companies that make ATMs for systems that track things down to the penny are unable to track much smaller numbers with errors of plus or minus THOUSANDS.

Maybe we should just start voting at ATMs?

Oh wait, that's what the lobbyists do already.

Re:my observation (1)

tnk1 (899206) | more than 5 years ago | (#28251579)

I find it interesting that companies that make ATMs for systems that track things down to the penny are unable to track much smaller numbers with errors of plus or minus THOUSANDS.

Maybe we should just start voting at ATMs?

Oh wait, that's what the lobbyists do already.

No, that's merely where the lobbyists get their ballots... twenty of them on each sheet. It's sort of like absentee voting. They actually need to send them to various drop off points like the PR firm and the offices of a few dozen Congressmen to actually vote.

But you're right about one thing. One way or another, their votes are always counted correctly.

Re:my observation (1)

NeoSkandranon (515696) | more than 5 years ago | (#28251609)

The thing is, if there's a screwup like that at an ATM, I'm pretty sure the bank sends a few guys around to those responsible to have a "chat" with a sockfull of quarters and maybe a power drill.

Re:my observation [ATMs DO fail] (2, Insightful)

gizmonic (302697) | more than 5 years ago | (#28251837)

Nah, I've HAD the ATM screw up before, and record a deposit twice. The bank happily deducted it from my account later. I've also had an ATM record a withdrawal three times for the one transaction. Took me a couple weeks of back and forth for them to get it all straightened out. So, the ATMs *do* screw up, but the banks don't care because in the end they don't lose any money. The only one that suffers is the customer (by being out my $$ for two weeks).

Paper Trail (1)

WarwickRyan (780794) | more than 5 years ago | (#28251317)

This case quite clearly highlights all the advantages of an paper trail.

Dispite a the software part of the IT system, we're capable of finding the true result of the election because we've still got the paper votes.

Result: the voting system works.

Compare and contract this to an system which didn't have paper ballots. It would be almost impossible to even see if there was a problem, let alone be able recover from it. You could possibly see that the numbers were wrong if they'd taken an register of who'd voted, or if they'd counted the number of voters manually. However there'd have been no fallback. No way to recover the votes.

So yeah, this case is an fantastic advert for electronic voting systems which have an paper trail.

Here's to hoping (1)

ourcraft (874165) | more than 5 years ago | (#28251351)

Why is hoping the right response? I want source code period. Imagine a person coming into town and saying tell me your vote and Ill make sure it gets passed on. If the code is hidden there is no difference. You have no idea what the stranger will do with your vote, forget it, throw it out, change it to Paultard. Or maybe the code is remembering who voted for who. Or maybe... We have no idea, because we cant see the code!!! How does a nation that sent boys into bullets to protect Democracy let it be taken away so easily. We have seen massive voter suppression tactics by the Republicans, they and their media ilk have opined in various locations that voters are stupid and always vote wrong, they have a vested interest in stopping voting. Hello. Yes yes I know Democrats do it too, hehee, thats why you should support efforts to weed out nefarious Democrat tricks,. (Why are the graves in New Orleans always above ground? Its not the water table its easier for the dead to vote) Yeah "hope we get democracy again real soon."

Re:Here's to hoping (0)

Anonymous Coward | more than 5 years ago | (#28251583)

more than just the code, every single detail of the process - schematics, hardware, shipping, security of the devices, process used for reporting and aggregating, all of it.

oh, fsck it... paper is easier

We do not need electronic voting machines (1)

drDugan (219551) | more than 5 years ago | (#28251405)

No one yet has provided me a compelling argument for why we need to use electronic voting.

It seems to be simply a combination of techno-fetish with an illogical push toward "the new thing" which someone has sold as "better".

Yes, it is hard to conduct an election. Making machines do the counting would reduce the human effort, but the cost way is too high. While I was open to the concept initially, the graft and fraud uncovered leaves me with no confidence any longer that the machines in an election booth will enable a fair election, and thus, a just political system.

Biometrics did not match (1)

bbhack (98541) | more than 5 years ago | (#28251423)

Let's hope the real reason this was found was that the voting machine's captured biometrics did not match anyone in the FBI's databases. The fingerprints, face and iris scans came up blank.

Pseudocode (2, Informative)

Jamamala (983884) | more than 5 years ago | (#28251427)

I posted a question yesterday about what was wrong with a simple program. No-one seemed to know so here's my attempt at writing that simple program. Feel free to tear my ideas to pieces. Hint: I am not a programmer.

MAIN:
print("Please enter your Voter ID")
scan, store as voterID
if (voterID == any value in array of legal voters)
then run the vote program
else {
print("Error")
go back to main }

VOTE:
print("Enter your choice of candidate")
scan, store as candidate
if (candidate == A) {
then record vote for candidate A
remove voterID from array of legal voters
exit }

elif (candidate == B) {
then record vote for candidate B++
remove voterID from array of legal voters
exit }

else {
print("Error")
go back to vote }

ballot browser (3, Informative)

mtrachtenberg (67780) | more than 5 years ago | (#28251539)

There is a very simple, comparatively low-tech fix for broken elections that involve paper ballots.

As we do in Humboldt County, CA, run all ballots through an off-the-shelf scanner and run an independent count with independent, open source software. Ballot Browser (open source, Python, GPL from me) is available for tweaking and the basics are explained in April's Python Magazine. Or, it's really not that difficult to write your own bubble-reading software.

How hard is it to Add? (1)

JohnnyGTO (102952) | more than 5 years ago | (#28251707)

Maybe they should replace the core of their system Open Office.

I'm missing something. (1)

dAzED1 (33635) | more than 5 years ago | (#28251735)

Ok, being serious here. I'm an eng for a software development company. Security is a very aspect of our software; we store patient records for DoD hospitals.

I'm honestly scratching my head here, completely confused as to how anyone...anyone...could take a concept as overwhelmingly farking simple as COUNTING and screw it up. Seriously. I'm pretty sure I could have a reliable, bug-free (oh yes, I made that claim), fully auditable system created in a few days. I really, really don't understand why the hell this whole concept is getting so incredibly overblown. At this point, I almost have to be sceptical that when "bugs" are reported in the machines of a funded commercial entity (diebold, etc) that they have to have been intentional for some reason.

Its not about avoiding bugs (1)

joekrahn (544037) | more than 5 years ago | (#28251763)

The important issue is not to create bug-free software. It is about designing redundancy and validation that avoids both software bugs and fraudulent data tampering. Before you leave the voting booth, your data should be transmitted to multiple locations, and you should be able to later
validate that your individual vote is correctly in the system with some form of hash or validation code.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>