Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Source Code Access Denied in Disputed Race

Zonk posted more than 7 years ago | from the why-not-clear-things-up dept.

United States 310

MrMetlHed writes "A judge ruled Friday that congressional aspirant Christine Jennings has no right to examine the source code that runs the electronic voting machines at the center of a disputed Southwest Florida congressional race. From the article: 'The ruling Friday from Judge Gary prevents for now the Jennings camp from being able to use the programming code to try to show voting machines used in Sarasota County malfunctioned. Jennings claims that an unusually large number of undervotes (ballots that didn't show a vote) recorded in the race implies the machines lost the votes.'"

cancel ×

310 comments

first post (-1, Offtopic)

popo (107611) | more than 7 years ago | (#17407898)

yay

Re:first post (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#17407906)

Well done that man!

Re:first post (1, Interesting)

Anonymous Coward | more than 7 years ago | (#17408036)

Is it possible to browse /. without such completely uninteresting american bs? Kind of a /. minus american flag articles?
I'm not bashing because /. is filled with US junk which most readers don't care about, I am seriously interested in a non-us-crap-articles version of /.

Thanks.

Re:first post (-1, Troll)

Anonymous Coward | more than 7 years ago | (#17408050)

I'll Second that!

Re:first post (-1, Troll)

chawly (750383) | more than 7 years ago | (#17408138)

And, if I may, I'll third it !!

Outrageous (5, Interesting)

Xeth (614132) | more than 7 years ago | (#17407920)

This is precisely why government shouldn't be using closed-box commercial software. We have no idea whether the machines are functioning as advertised. Do people not realize that we're essentially just handing a bunch of ballots to these companies and then just accepting the verdict they hand down? It boggles the mind that any democracy-loving representative can stand for this. Maybe there just aren't any left?

Re:Outrageous (5, Insightful)

wakejagr (781977) | more than 7 years ago | (#17408028)

There are at least two reasons why there is little uproar about these machines using closed-source software.

  • most people (including judges, elected officials, and others who are in a position to directly change the situation) don't realize that having no access to the source code means votes cast using the machines are unverifiable
  • too many people (especially those who are only in a position to indirectly change the situation: voters) feel that the situation with these machines is no more broken than the rest of the system. Remember hanging chads?

Re:Outrageous (1)

aussie_a (778472) | more than 7 years ago | (#17408186)

When I use my paper and pencil I don't get any hanging chads. Why aren't people using paper and pencils in a manner that is easy to understand which box corresponds to which person?

Re:Outrageous (-1, Troll)

dAzED1 (33635) | more than 7 years ago | (#17408532)

because this isn't the farking 1700's.

Re:Outrageous (4, Insightful)

schnikies79 (788746) | more than 7 years ago | (#17408604)

So it's useless just because it's old? Sometimes low-tech solutions are the best, but this is slashdot and I'm a bit of a luddite so no one will listen.

Re:Outrageous (5, Insightful)

Holmwood (899130) | more than 7 years ago | (#17408670)

Actually, paper and pencil are a pretty good approach. Simply because a solution is old doesn't mean it's a bad one nor does it mean that the shiniest new piece of technology is the best answer.

Assuming a situation where there's reasonable oversight of most votes most of the time, and opportunities to be alone with ballots for more than a minute don't generally exist:

- Electronic voting machines? An attacker can change thousands of votes in a second.
- Punched cards? An attacker can shove a ten cent piece of steel through the hole for the preferred candidate and invalidate a hundred ballots for the opponent in a few seconds.
- Paper? Well, an attacker can start spoiling every ballot for the opponent, but that's going to take time. Quite a bit of time. And the attacker will be leaving some forensic evidence.

Canada -- a country geographically even larger than the US with probably even more serious geographic distribution problems -- has generally used paper ballots for a great many years. Elections are typically counted and results are in by somewhere between 10pm for local/provincial elections and maybe 2am (eastern) for Federal elections.

Most of all, a paper ballot system is comprehensible and reasonably transparent to the ordinary voter. Not so with even open-source software (which may be transparent and comprehensible to some, but is neither to the average voter).

If you really want something that's counted fast, use paper ballots scanned into optical scanners (and deposited in locked ballot boxes for later inspection/recounts) in front of the voter.

Paper and pencils: A technology who's time has come.

Holmwood.

Re:Outrageous (0)

Anonymous Coward | more than 7 years ago | (#17408726)

Argumentum ad Novitatem [infidels.org] , is that you?

Re:Outrageous (1)

mordors9 (665662) | more than 7 years ago | (#17408326)

I think there is a third reason. The authorities have the public so fearful of the shadowy hacker, that they may fear that if the code is released the hackers will find some way to exploit it.

Re:Outrageous (1)

Datamonstar (845886) | more than 7 years ago | (#17408370)

If the shadowy hacker is so clever and dangerous, then they should be MORE worried about them getting hold of the closed software and exploiting it while no one can do anything about it because of the fact that it's closed to us good people who could have caught the problem before it became a (major) problem.

Re:Outrageous (1, Funny)

Dunbal (464142) | more than 7 years ago | (#17408406)

The authorities have the public so fearful of the shadowy hacker, that they may fear that if the code is released the hackers will find some way to exploit it.

linux code - freely available. Number of linux exploits - minimal.
windows code - closed source. Number of windows exploits - incredible.

      There's a pattern here, if only I could put my finger on it...

Re:Outrageous (2, Informative)

TheRaven64 (641858) | more than 7 years ago | (#17408444)

Last time I checked, over pretty much any timescale there were more exploits found in Linux than in the Windows NT kernel. If you are going to compare all of Windows, then you need to include a set of comparable applications (e.g. X.org, FireFox, much of GNOME or KDE). Take a look at this page [openbsd.org] for all of the security holes found in third party applications available for OpenBSD since 4.0 was shipped a couple of months ago.

Most 'Windows' exploits are exploits in bundled userland software. If you compare this to the number of exploits in software bundled with, say, Fedora Core, then the numbers don't look nearly so rosy.

Re:Outrageous (4, Interesting)

leenks (906881) | more than 7 years ago | (#17408470)

That's true, but it only shows half the picture (like most statistics). If you look at the time it took to fix the exploits and ship the fix to customers then most Open Source projects win hands down. Microsoft does occasionally do this in quite a timely manner, but most of the time it is weeks, months or even years.

The other thing to consider is the number of holes that might be discovered if everyone had access to the Windows source code :)

Re:Outrageous (4, Interesting)

Anonymous Coward | more than 7 years ago | (#17408890)

What is interesting is not how much security holes found, but:

A) They`re usefulness in gaining inappropriate access.
B) How many holes are left.

Now with A), Windows with its single user administration accounts and open privileges to system by all users, makes any userland bug into an root-level access nightmare. Yes, you can have a separate admin-account. No, XP doesn`t support this fully on the file-level (I`ve done it many times, and it`s a PITA because of bugs in XP regarding running programs or installing software as administrator)
A) will hopefully be fully solved in VISTA. How many years after UNIX solved this?

With B), you cannot really know. Open access to the source code and the whole world watching, makes it pretty obvious you`re going to have more fixes for Linux and BSD. With closed source, you never really know how many holes are left except when someone stumbles on one in the dark, you never really know what the software does or if it contains any backdoors.

It is not so far-fetched to state that the more fixes you have to a system, the more secure it is. But it`s really hard to say. Are NT programmers more proficient than Linux-programmers concerning security? Experience shows that security has never been Microsoft`s priority, marketshare has.

So IMHO Linux and BSD are very much more secure than Windows / NT / XP, maybe even BECAUSE of more fixes for the systems.. But also for the multi-user models used in UNIX which adds a layer of security with the root user, unless the user runs as root all day long of course.

So ANY system will be insecure if the user do stupid things.

Re:Outrageous (1)

Watson Ladd (955755) | more than 7 years ago | (#17408952)

Considering the Win32 API permits code injection as a function it's not secure. Besides, comparing to Mac OS X we get a lot fewer exploits. Also, your example includes asterix, which has no comparable windows program, as well as 2 browsers, while windows has one. trac also doesn't come on windows. Besides, they don't come in the default install. Besides, "Only one remote hole in default install in ten years" vs. "20 minutes to r00t." seems pretty open and shut to me. And voting machines are embedded devices, not full desktops, so talking about the security of a full install is pretty pointless.

Re:Outrageous (0, Redundant)

aussie_a (778472) | more than 7 years ago | (#17408502)

linux - number of users - minimal. Number of linux exploits - minimal.
windows - number of users - incredible. Number of windows exploits - incredible.

Re:Outrageous (5, Insightful)

secolactico (519805) | more than 7 years ago | (#17408360)

most people (including judges, elected officials, and others who are in a position to directly change the situation) don't realize that having no access to the source code means votes cast using the machines are unverifiable

Judges are not expected to be expert at every subject. They should, however, be able to find expert advice for the subject at hand. Both parts should have presented properly accredited expert witnesses and the court might have retained independent experts as well (IANAL).

If the fact that the judge is not knowledgeable enough to rule accordingly in an issue indicates that the judicial system (in addition to the election system) might be broken.

Or maybe the complainant dropped the ball somewhere in the process.

Re:Outrageous (OT, long lines) (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#17408368)

The problem with long lines (like one like this that i'm typing here right
now with nothing really important to say actually, or something important
to say but that doesn't always need to be the case, it just an example to
go with the line i already typed) is that it makes your text harder to read.

Especially when english is not your native language.

Maybe there just aren't any left? (0, Troll)

nurb432 (527695) | more than 7 years ago | (#17408414)

Oh, there are plenty of us left, but we dont have any sayso in the matter. Only the 'elite' have the power now and the 'common man' is just a nuisance these days.

And if we DO speak out, we might just get put on a list and get investigated and perhaps 'detained' for a while, as a deterrent to speaking out of line in the future. Which could easily ruin your career/family/etc for life.

Re:Maybe there just aren't any left? (0, Troll)

Anonymous Coward | more than 7 years ago | (#17408804)

There are already a lot of anecdotals to backup your supposition, for instance, people who constantly get tagged at the airport for extra security looks, who also apparently are only political activists of the third party or anti current regime nature who are more public than most. And the state increasingly is making it illegal to film or photograph their agents, even when it looks like they could be committing crimes, and weakening whistleblower protections for insiders who are still honest. And *hoods*, for real, local pig forces have been caught hooding "detainees" when they are arrested.

Really, you could see all this coming when they started the massive militarization of the police forces, when combat ready ex military became their number one recruits (as opposed to civilian only police science majors) and all local forces got swat teams and heavy weapons and armored vehicles. And now they aren't even making any pretense of even using civilian police, we have a north american command for the military, the government clearly thinks posse comitatus is not relevant, and a lot of talk of combining canada and mexico into our system including using their police and military in "emergency" situations.

The evidence for constantly skewed elections is overwhelming, and the forced use of the machines has been orchestrated from the highest levels on down, very few localities were insisting on switching to computerized voting they have been coerced into it by fed mandate. "Help America Vote" act for instance.

Re:Outrageous (4, Insightful)

Millenniumman (924859) | more than 7 years ago | (#17408896)

The source code wouldn't help matters. Assuming the machines were rigged, it would be simple to release the the code from a properly functioning codeline. If it was rigged, most of the people at the company wouldn't have access to that code, or someone would report it.

Open source is only open source up to a point. There is no way to verify that what is running on a machine is the same as the code released. Anyone working on the machines can tamper with it: "./configure --all-votes-are-$(myparty) && make && make install". Maybe you could use digital signing on the official builds and restrict the machines to them, but keep in mind that violates the GPLv3, and there are no assurances it won't be hacked. On the other hand, it is very unlikely someone is going to reverse engineer closed source software while they are supposed to be setting up the machines and no one will notice.

Re:Outrageous (1)

Socguy (933973) | more than 7 years ago | (#17408970)

I thought the way to counter this was to compute a hash for the program. S.

Some thoughts (1, Informative)

stikves (127823) | more than 7 years ago | (#17407922)

I think the machines will always be subject to much discussion until their source codes are approved by all the parties and the installation of the hardware is done in front of inspectors in all sites.

But as it will not probably be done, we'll not see an end of unfairness claims.

unfuckingbelivable (5, Insightful)

Anonymous Coward | more than 7 years ago | (#17407930)

The source code for such nasty machines should by definition be publicly available. Who the fuck trusts those devices when its source code is unavailable??

Re:unfuckingbelivable (5, Insightful)

A beautiful mind (821714) | more than 7 years ago | (#17407968)

I would mod up parent if I could, as it perfectly catches the gist of the problem. The profanity is there to hilight the seriousness of what people who believe in democracy face. Anyone who belittles the problem by political correct weaselwords does a disservice and does not contribute to the/a solution.

Not knowing the source code for a voting machine is the equivalent to saying "a miracle happens here" at a critical part in a mathematical proof. Completely utterly unnaceptable.

Re:unfuckingbelivable (5, Insightful)

Architect_sasyr (938685) | more than 7 years ago | (#17408162)

Indeed, despite their choice of language, they have it in one.

Just because, in this case, the judge won't understand it, or the company thinks they stand to lose money from letting it be seen, doesn't mean we shouldn't be able to see it... my latest GPS device (a TomTom) has an Open Source system on it, runs on Linux. Thankfully, I don't understand it, and I don't want to, its not my field. BUT WHEN IT COMES DOWN TO IT, if for a second I didn't trust the machine, I could take a look and know exactly what it was doing.

With a voting machine this should be an integral part of the trust process... we know how the box where we slip our voting slips works... why should we not know how the machine we punch our answers into work the same way?

Re:unfuckingbelivable (4, Interesting)

TheRaven64 (641858) | more than 7 years ago | (#17408476)

Not knowing the source code for a voting machine is the equivalent to saying "a miracle happens here" at a critical part in a mathematical proof. Completely utterly unnaceptable.
Having any kind of electronic voting machine is unacceptable in a democracy. Do you have the skill to audit the source code and say with 100% certainty that there are no exploitable bugs? I could with maybe 40-60% certainty. Is that enough for democracy? I would say that less than 1% of the population is more qualified than me to perform the audit (assuming access to the source code). Is it good enough that 1% of the population can say 'I am fairly confident that this doesn't have any holes.

Why should Joe Public have to rely on someone like me saying 'trust me, it's secure?' Would you be willing to have a ballot paper written in Kanji and an expert tell you which set of symbols corresponded to your candidate? I certainly wouldn't, so why should the rest of the population have to place the same faith in experts?

Re:unfuckingbelivable (1)

Watson Ladd (955755) | more than 7 years ago | (#17408794)

High-integrity software can be made. You just provide a proof of correctness that can be machine or hand checked. Anyone can check the proof just by checking that the proper axioms and lemmas are used at each step. If it can be done for avionics, it can be done for voting machines. It's just rocket science!

Re:unfuckingbelivable (1)

ericlondaits (32714) | more than 7 years ago | (#17408946)

A proof of correctness for such a large system would be unthinkable... a proof can be hard enough to do for a small algorithm, like say, an encryption method. But here you'd start having to get proof for the GUI, so you'd need to give proof for the graphic APIs, OS Shell in general and then the full OS (yes... even writing an unproved spec for libc would be a daunting task).

Even if you could just check the app while blindingly trusting the OS and APIs, you'd have to give proof for the GUI, the db backend, the vote distribution mechanism, the server soft where the votes are counted, etc.

Formal proof It's not feasible at that scale. And even then, as with all mathematical proofs, facts are not checked down to the last axiom... they're peer reviewed for some time until everybody is quite confident that no steps were worng. That is no necessarily fair to voters.

Re:unfuckingbelivable (1, Interesting)

Cuppa 'Joe' Black (1000483) | more than 7 years ago | (#17408286)

It is a glaring *glaring* affront to democracy itself to continue running elections in this manner.

At least it's just "for now"... (5, Insightful)

NewToNix (668737) | more than 7 years ago | (#17407934)

This will surely be appealed, it's a bad decision on the Judge's part. And here's the obligatory IANAL bit.

But I am able to call bull shit when I see it. And refusing them, or at least a mutually agreed on qualified party, to review the code in question is asinine.

And proof positive that these things, if allowed at all, MUST be open source.

Re: Source Code Access Denied in Disput (-1, Flamebait)

Anonymous Coward | more than 7 years ago | (#17407942)

If this is your law system then why don't you let the Terrorists win?

Re: Source Code... terrorists (0)

Anonymous Coward | more than 7 years ago | (#17408192)

We did.

You might notice that we haven't captured Osama bin Laden.

We have more nonsense at airports than ever before and we have things like secret warrents and secret lists of suspects.

Secret source code and voting manipulation aren't even the biggest threats to our democracy and that is a terrible shame.

I'm a staunch right-wing conservative and so ashamed of my own government that I'm posting AC. How sad is that?

Nothing tests code like the real world (2, Insightful)

RodgerDodger (575834) | more than 7 years ago | (#17407958)

There's definitely something screwy going on. From the article, about 18000 votes were accepted that didn't actually vote for anything. Now, if I was designing an e-voting package, there's no way I'd mark a vote as accepted if it didn't vote for something, especially in a country like the US where voting is not mandatory. After all, if they've bothered to turn up at the voting booth, you can assume they actually intended to vote.

(The situation is a little different in my home country of Australia - mandatory voting means that we might get something out of having a "none-of-the-above" option)

I also wouldn't put much faith in the "two parallel tests" done by the state. Absolutely nothing tests code like the real world, and the fact that both tests revealed "100 percent accuracy" when errors were detected on all models of e-voting machines during the US Congressional elections just means that the tests weren't very good. I doubt very much that the tests involved as many as 18000 voters in the first place, not to mention underpaid and overworked electoral officials trying to help a horde of undereducated and over-opinionated voters, with only a couple of hours training conducted a couple of months before.

The court ruled that the "conjecture" of lost votes didn't warrant over-riding the trade secret status of the e-voting machine code. This is a mistake - an expert review could easily conducted under a NDA, thus protecting the trade secret status. Not to mention that the tools of democracy shouldn't have trade secret status in the first place... without examining the code, how does anyone know that there isn't a little switch saying "On Super Tuesday, switch into rig-the-election mode"? (Not that I think there is - it's just that there's no way to disprove it). Nor do you need to go the full open-source route for this - just like the expert review, a panel of experts could easily be responsible for certifying e-voting machines without any risk of the code being exposed.\

Re:Nothing tests code like the real world (5, Informative)

DRJlaw (946416) | more than 7 years ago | (#17408154)

There's definitely something screwy going on. From the article, about 18000 votes were accepted that didn't actually vote for anything. Now, if I was designing an e-voting package, there's no way I'd mark a vote as accepted if it didn't vote for something, especially in a country like the US where voting is not mandatory. After all, if they've bothered to turn up at the voting booth, you can assume they actually intended to vote.

You're misreading the article.

"Some 18,000 Sarasota County electronic ballots did not register a vote in the race, a much higher undervote rate _ nearly 15 percent _ than in others such as those for governor or U.S. Senate. Jennings contends the machines lost the votes. Buchanan backers and the company say that if there was an unusually large undervote it was likely because of bad ballot design."

There were 18,000 people who did not vote for either Jennings or Buchanan (or another option, if any). People routinely vote for "none of the above" when they dislike each of the candidates, when they have little information about the candidates, etc. You cannot refuse to accept the voter's selections once the voter has showed up at the polls and voted in even one race, because that may very well be the voter's intent. Arguably, you cannot refuse to accept a submission that contains no selections, because that too may be the voter's intent.

You are at best arguing about the sufficiency of the selection review prior to a submission. There is not enough information in the article to discuss this information, and it does not support the candidate's allegations of fraud, so that it is essentially irrelevant to the legal case taking place after the election. You're free to argue against the ballot presentation selected/entered by the various Boards of Election, but you can hardly argue based solely on the undervote that this was a programming "feature" or design defect.

Re:Nothing tests code like the real world (1)

RodgerDodger (575834) | more than 7 years ago | (#17408216)

Actually, I just forgot that you guys hold a lot of different elections on the one day... my bad.

I would argue that a "none-of-the-above" option is what you want, instead of allowing no selection. The article still makes it sound like there was no vote recorded at all.

Still, what I'm really arguing is that the fact that there was some testing done by the state is not sufficient grounds to conclude that the software didn't have bugs.

Judge Gary and the butterfly ballot .. (2, Interesting)

rs232 (849320) | more than 7 years ago | (#17408468)

"Testifying on behalf of Democrat Christine Jennings, MIT political scientist Charles Stewart said Jennings would have won the race by as many as 3,100 votes if there had not been an "excessive" undervote in the Nov. 7 election"

"Without the source code [heraldtribune.com] , it would be very difficult or impossible for me to determine how the software behaved," Dan Wallach, Rice University

was Re:Nothing tests code like the real world

Re:Nothing tests code like the real world (4, Informative)

theonetruekeebler (60888) | more than 7 years ago | (#17408208)

From the article, about 18000 votes were accepted that didn't actually vote for anything
What the article actually said was:

18,000 Sarasota County electronic ballots did not register a vote in the race (emphasis added)
It further says this means about fifteen percent of the ballots cast did not have a selection in this race.

The loser says this happened because the software went all wonky. The winner says it probably happened because of poor layout -- voters didn't even find the race, or they found and misunderstood the race, or they fat-fingered the ballot.

The loser, of course, can't challenge on the misunderstood-ballot theory, because it implies that her support base is statistically more likely do do something stupid than her opponent's.

That said, I find this ruling intolerable. When the government is formed by the counting of ballots, the method of the counting must be open and available. I think it was Boss Tweed who said it best: "As long as I get to count the votes, what are you going to do about it?"

Re:Nothing tests code like the real world (1)

zuiraM (1027890) | more than 7 years ago | (#17408288)

In fact, the failure of the tests to show accuracy errors when the real world revealed plenty can be taken as something very close to proof that the testing procedures are inadequate, and the software therefore suspect.

Re:Nothing tests code like the real world (0)

Anonymous Coward | more than 7 years ago | (#17408544)

Actually, when there are no candidates that I wish to vote for I always still show up at the voting booth and spoil my vote. Not voting sends a message that I'm not interested while a spoiled votes says that I am concerned enough to be an active voter but don't think much of the current candidates so I don't want any of them to gain power.

Vote spoiling is a very necessary thing. Telling people to not bother turning up if they don't like any candidate is stupid and just helps politicians think that people can't be bothered rather than people not liking their policies.

Re:Nothing tests code like the real world (1)

Mikelikus (212556) | more than 7 years ago | (#17408672)

Blank Voting is a form of doing your duty and saying that there's no candidate with which you agree. I know several people who vote or have voted blank in some occasion.

Re:Nothing tests code like the real world (1)

carpeweb (949895) | more than 7 years ago | (#17408922)

IIRC, a small but non-negligible percentage of comrades in the old Soviet Union would leave ballots blank, as that was the only feasible protest in one-candidate elections. It would make the news every now and then because someone would win by only 90% or something like that, which was considered a "defeat" in some sense.

Incomplete article (4, Insightful)

Somnus (46089) | more than 7 years ago | (#17407982)

What the article doesn't discuss is the quarantining of machines from the actual election and reproducing their inputs in the "independent test." Anything less is uncertified evidence.

OTOH, should voting results have a presumption of validity? The problem is that voting bureaucracies are not designed for validation by authenticating ballots or statistical checks, but only on prompt decisiveness and the appearance of not having irregularities in the balloting or counting.

Wouldn't all this be solved by encrypted online voting, where you could check your own votes by a profile tied to an anonymous registration key issued by the DMV? Then make the data public for verification by the media?

Re:Incomplete article (3, Informative)

amaiman (103647) | more than 7 years ago | (#17408266)

No. Ability to check your own vote means that if you give the key to someone else, they can verify your vote as well, this will lead to people selling their votes.

Re:Incomplete article (1)

zuiraM (1027890) | more than 7 years ago | (#17408296)

No. Because then I could demand proof that you voted what I wanted you to, and since you would have the means to provide it for me, I could reasonably threaten you if you didn't provide it.

Re:Incomplete article (0)

Anonymous Coward | more than 7 years ago | (#17408300)

Wouldn't all this be solved by encrypted online voting, where you could check your own votes by a profile tied to an anonymous registration key issued by the DMV? Then make the data public for verification by the media?
Oy no, you guys are overthinking this whole "secure voting" thing. While that solution is technologically elegant, anything that allows anyone to take anything out of the voting location that can indicate the manner in which someone voted is an absolute non-starter any time soon.

While it's not perfect, and doesn't allow a person to "verify that their vote has been counted," I believe the best solution to bridge the gap between 19th century paper votes and the Information Age is simply to have the voting machine print human- and machine-readable ballots when the voter has finished. The voter can then visually verify that their votes have been appropriately recorded on the paper and feed it into a second machine that does the tabulations. Hell, at that point you could even have a display on the machine re-confirm the votes as a backup verification mechanism for the voter.

Re:Incomplete article (2, Insightful)

carpeweb (949895) | more than 7 years ago | (#17409002)

simply to have the voting machine print human- and machine-readable ballots

This is essentially what reasonable (non-Florida) balloting looked like before "e-voting". Except that the voter was part of the "voting machine" and filled in little circles. Those are machine-readable, and there's no need to compare the machine readable ballot to the human-readable ballot, because they are the same ballot.

As I've said before, e-voting is a bad solution to a problem that didn't really exist.

Re:Incomplete article (4, Insightful)

JackHoffman (1033824) | more than 7 years ago | (#17408342)

Wouldn't all this be solved by encrypted online voting, where you could check your own votes by a profile tied to an anonymous registration key issued by the DMV?

The problem with most "verified" voting mechanisms is that they allow voters to prove a vote for a certain party, which in turn makes buying votes feasible. You have to create a pretty elaborate system to prevent this kind of abuse and most of the proposed systems which look like they could solve this still don't prevent ballot stuffing.

Classic paper ballot voting solves these problems by using an observable and public process. The only secret act is the casting of the vote and there is practically nothing a voter can do in that secret phase to change the outcome beyond his normal participation in the poll. All other steps in an election are, at least theoretically, public: You can watch the sealing of the empty ballot boxes, you can watch the admission of the voters and you can observe the counting. Nobody has to trust someone else. If people take an interest in the process, they can see for themselves that it is done right.

Electronic voting always has the problem that you can't observe the code execution. Sure, you can verify that the code in the PROM is correct, but you can't verify that the code is what actually gets executed on election day. You can't verify the contents of the memory modules beyond what another unverifiable machine tells you. IMHO, the problems with electronic voting are unsolvable without giving up at least one of the democratic principles of a secret ballot. The central problem is that there is secret information involved which cannot be verifiable to the point that you can verify the whole process.

On behalf of the rest of the world (0)

Simon Garlick (104721) | more than 7 years ago | (#17408068)

I point and say, in a Nelson Muntz voice, "HA HA".

Re:On behalf of the rest of the world (1)

Afecks (899057) | more than 7 years ago | (#17408590)

Too bad the rest of the world is going down the drain with us!

Re:On behalf of the rest of the world (1)

harryman100 (631145) | more than 7 years ago | (#17408750)

While your comment was clearly in jest, I think you actually raise an interesting point. For a long time the "rest of the world" as you described it, has simply said "I'm glad I don't live there" whenever a scandal of any sort occurs in america. Whenever a suspect person comes into power in America it not only has an effect on the people of America, but it can also dramatic affect on the rest of the world.

Democracy was originally designed to be a fairer system compared to the traditional dictatorial methods of governing, however in these times of easy global reach, democracy has become unfair again. America continues to use it's unrepresentatively large amount of power to fuck around with the rest of the world. America has become the monopoly of this world, using the power it has to prevent other countries from doing what they want (unless it agrees with the american way).

Perhaps it wouldn't be a bad idea for America to be split up. The amount of power the white house wields is too large and attracts too much corruption.

Note if you replace the word power in the above with the word money, it scans just as well, and still seems to represent what's happening! Which is a sign that democracy has failed.

Beautiful system we have here. (2, Interesting)

ponderance (1032902) | more than 7 years ago | (#17408082)

This is exactly why I didn't vote. I didn't want to use the electronic machines. All we had around here, all I had available was either electronic machines. They gave me the runaround for weeks concerning absentee ballots. I tried several times and just threw my hands up.

How I understand it, the only way the machines can put votes where malicious programs want (IF they're infected) is if someone votes. If I don't vote, my vote can't be misused. And I surely don't trust this technology, especially how fast and secretive it was implemented.

I could be wrong. I hope this isn't the *future of voting.



*less and less trust. less accountability and verifiability. easier to rig an election.

Re:Beautiful system we have here. (1)

Orlando (12257) | more than 7 years ago | (#17408362)

This stance only makes sense if you then make a visible public statement about why you didn't vote, or aproach the relevant authorities about the problem. I hope you did.

Re:Beautiful system we have here. (1)

ponderance (1032902) | more than 7 years ago | (#17408390)

As much as I had time to. Heavy traffic locations online had posts about it, spread the word as much as I could. Wrote to the papers and called the news stations around here but nobody was interested. Not patriotic, after all.

The future of voting (1)

nurb432 (527695) | more than 7 years ago | (#17408456)

Hate to break it to you, its the present of voting now. Many areas went down the path of no return already.

Re:Beautiful system we have here. (0)

Anonymous Coward | more than 7 years ago | (#17408488)

As far as I'm concerned, if you are a patriotic USA citizen, it is your duty to your country to carry a hammer with you the next time you vote and destroy one of these machines.

Re: Malicious inserted code (2, Funny)

TaoPhoenix (980487) | more than 7 years ago | (#17408662)

70 If Vote=Jennings then Vote=Null

Whaddya mean "there is no conflict"? (5, Insightful)

Dachannien (617929) | more than 7 years ago | (#17408106)

I don't get it. In this case, the plaintiff isn't allowed to view presumably proprietary/copyrighted source code for a voting machine to go on a fishing expedition to see whether it caused her to lose.

On the other hand, the RIAA gets not only to view the contents of a woman's hard drive to go on a fishing expedition to see whether she was sharing music files, but they get to make their own copy of it, including all that stuff they don't hold the copyright on (Windows, the woman's e-mails, etc.).

It seems to me that what's good for the turkeys oughta be good for us chickens. Or something.

Re:Whaddya mean "there is no conflict"? (1)

dramenbejs (817956) | more than 7 years ago | (#17408254)

Yeah, but RIAA has more power than a senator... :(

Re:Whaddya mean "there is no conflict"? (1, Insightful)

Anonymous Coward | more than 7 years ago | (#17408692)

You forget that in a corporatist-fascist state like ours, the chickens are mere cogs and cannon fodder to enrich the ubermensch, not the other way around. Rights? What rights? Are you one of the elite? Then you have no rights. Go back to your slaving so that I can steal your wage labor!

logic and reason (5, Insightful)

bnf (16861) | more than 7 years ago | (#17408108)

The inability to assess the logic of casting votes defies reason.

How long must we sing this song? A democracy without transparent practices for the transfer of power is not a democracy. All the way down to the ones and zeroes. Every question with regard to voting should be able to be answered.

It seems so primitive that it baffles me how someone could arrive at any other conclusion than "the process of voting is sacred and should, in fact *must*, bear great scrutiny".

Re:logic and reason (1)

zuiraM (1027890) | more than 7 years ago | (#17408366)

It seems to me that the only real option to satisfy your requirements would be a formally verified design akin to the ones used in space shuttles. Lockheed-Martin would probably be one of the companies write and verify the source. You'll probably want three independent companies delivering the hardware with voting logic between them to assure that the logic has not been compromised. A formally verified design gets very complex if it's big, so you'll probably want a very simple interface (e.g. 2x40 display with usual up/down/left/right/select buttons), which can be good in and of itself, as it would reduce the incidence of misunderstandings.

Hmm... perhaps I should go make a prototype ;)

Re:logic and reason (4, Insightful)

cluckshot (658931) | more than 7 years ago | (#17408400)

Having actually reviewed the software (Yes the source code) for 7 major voting machine systems....,. I might have something to say on the topic. First!!!!! a verified voting machine software package means exactly nothing! The verification is if there are enough comments in the code and if all case statements have a default exit and things like that. It has nothing what so ever to do with if the system correctly handles an election. I got paid for this people so I know the facts here!

Out of the 7 major packages I reviewed I found only one I felt was secure enough to consider it worthy of use. I did look at the software. Major flaws included the ES&S systems have flash drives! They could have their data and their "brains" completely changed at will during an election and they never would tell! Other flaws included Internet hookups to the machines where data files could be addressed remotely... .... ....

I am not telling the name of the supplier I felt was good but let it assure you that their system had paper read and their system had several other safeguards of the voting tally.

Why do public officials want such systems. Simple. They can steal elections and they can prevent absolutely any record of the event. Why should voters get mad and demand open source software on such systems. The reasons are many They include prevention of defalcation on the election. They include being hardware independent so that users are not locked into a system for buying their supplies. They include KNOWING what is going on. They include voter oversight. Take your pick folks.

OB (1)

Bastard of Subhumani (827601) | more than 7 years ago | (#17408124)

Not a problem. Just type OVERRULE [slashdot.org] in big letters.

Judge's credentials? (2, Interesting)

Monoman (8745) | more than 7 years ago | (#17408156)

I would really like to know the judge's credentials for this kind of case. He may have a law background but what does he know about computers and technology (and related laws)?

IIRC there were cases in the early 80s where judges made bad rulings because they simply had little or no understanding of computers/technology.

Re:Judge's credentials? (1)

glrotate (300695) | more than 7 years ago | (#17408972)

Do judges in auto accidents have degrees in mechanics and medicine? Do judges in fraud cases have to be former salesmen? Do judges in X cases have credentials in X? What about the juries?

No. That isn't the way our system works. It is the responsibility of the parties to present the information necessary to make a decision.

Furthermore, special credentials aren't required to understand the concept of a black box. If the judge ruled against the candidate than he probably had a legal reason for doing so.

I'm curious, did you read the opinion?

Crybaby Dems (0)

Anonymous Coward | more than 7 years ago | (#17408168)

You took over Congress, you're letting Al Qaeda feast at our table, what more do you want? What would one more lefty treehugger give you? bah.

how hard is it?!? (1)

3.14159265 (644043) | more than 7 years ago | (#17408170)

I mean, how much different from voteCount[candidate]++ can it be!??!

Re:how hard is it?!? (0)

Anonymous Coward | more than 7 years ago | (#17408774)

Oh, you've got it all wrong! It's voteCount[preferred_by_donor]++ .

Secret Source Code (1, Funny)

tehSpork (1000190) | more than 7 years ago | (#17408174)

They're afraid that they will find the secret FBI code used to ensure a 'balanced' congress:

if (Congressman.party == Republican) {
// They voted for the right team, log the vote!
count_vote(Congressman);
}

else {
// Filthy liberal scum
count_vote(Undecided);
}

Re:Secret Source Code (1)

Black-Man (198831) | more than 7 years ago | (#17408196)

Sadly... you are right. They actually think this. Meanwhile, don't bother bringing up the democrats past where it was actually much easier to steal votes in Chicago and WV in the '60s... or the infamous 1850's in Kansas where they came into polling stations and shot the poll workers and stole the ballot boxes so they could get their candidates elected... which in that case was their pro-slavery candidates. What a sordid past those democrats have. Don't tell anyone.

Don't dodge the issue (2, Insightful)

drig (5119) | more than 7 years ago | (#17408796)

No one cares what the democrats did forty or a hundred and fifty years ago. Heck, the Republicans will claim that Bush's State of the Union address in 2003, where he claimed that Iraq was trying to buy Uranium, is old news and no longer relevant. That was 4 years ago! So, 40 years or 150 years is definitely old news!

Besides, that's dodging the issue. Bringing up old history doesn't help anyone. What we want to know is when our votes will start counting again. Bush has now won the Presidency twice, both times under extremely questionable circumstances. Republican Secretary of States, missing ballots, voters illegally purged from the voting lists, voting machines made by Republican operatives. This isn't some interesting sidenote in a history book that includes references to the book of Genesis. It's real life, it's happening now, and this kind of mealy-mouthed dismissal of American freedoms is either ignorant to the point of criminality, or is a bald-face destruction of the American process.

A little Stalin seems fitting... (5, Insightful)

SpectreHiro (961765) | more than 7 years ago | (#17408176)

"The people who cast the votes decide nothing. The people who count the votes decide everything."

Please don't be confused... I don't think Joseph Stalin was a great man. I consider him a despicable and cold blooded tyrant. At the same time, I also happen to think he was a pretty sharp thinker, and a successful tyrant because he understood how political systems function. A democratic system cannot work unless there is absolute transparency in the voting process.

I'm an open source supporter but not a zealot. I don't have any problem with the existence of closed-source commercial software and I believe it has a right to exist. That being said, there's simply no place for closed-source software in our voting process. Voting is the foundation of our political system, and we can't settle for any ambiguity in its implementation. It's not as if vote counting is a technically demanding job, and there's no argument for keeping secret the process by which it's done.

This strikes me as a clear judicial mistake (not that I've read the article... too drunk and tired, frankly). In general, our judges don't seem to understand information technology well enough to make informed decisions. They don't understand that changing the results of an election is elementary for any programmer. Isn't that concept terrifying?

Our society is enamored with the labor saving possibilities made possible by the past century's technological advances, but thus far, the understanding of these technologies in government has not matched their application. This trend must not continue if we value our republic. In the strictest sense, our system is no longer a democracy if it has no educated oversight.

Our government needs an elected body of IT experts -- some kind of technically proficient oversight body that can rule on information technology as it applies to our system of government. Without any such educated oversight, our freedom and sovereignty is bit by bit diminished, and can be turned against our people. The possibility alone demands action.

Our founding fathers certainly didn't foresee the coming of mechanical information processing, but I firmly believe they would have wanted it to be open to review by the common man. What we need now are are IT patriots willing and motivated to take up the cause.

Re:A little Stalin seems fitting... (0, Troll)

MarcAntony (860142) | more than 7 years ago | (#17408388)

Well said. Another post pointed out the business connection. This is business and the Republicans exercising their fascism. While we're on the topic of democracy, I would like to point out that the former Soviet Union didn't treat people who burned the Soviet flag very well. I suspect the Chinese don't either....

Re:A little Stalin seems fitting... (0)

Anonymous Coward | more than 7 years ago | (#17408410)

Voting machine software does not need to be Open Source/Free Source. It just needs to be available. The purchaser of the machine should be given the source code and the ability to compile and load the source they are given onto the machine, but not necessarily the right to distribute the source or derivative works.

Re:A little Stalin seems fitting... (2, Insightful)

frdmfghtr (603968) | more than 7 years ago | (#17408430)

It's not as if vote counting is a technically demanding job, and there's no argument for keeping secret the process by which it's done.


This is true, and yet it seems impossible to develop vote-counting software to do it accurately. I'm not referring to the 18,000 undervotes here, I'm referring to election reports in times past where it was reported that machines were counting several thousand more votes than voters in the particular precincts; while not voting in a particular race COULD result in the aforementioned undervotes, it is IMPOSSIBLE (or at least should be) for more votes than voters to be registered. It is the occurrence of the "impossible" that should have the public up in arms.

The excuse of "it's not significant to affect the results" doesn't work; if this is one easily detectable anomaly, what about the undetected anomalies? The overcount (is that a word?) shows that there is a problem, and the machines cannot be presumed accurate. It's that simple.

Votes recorded on paper. Public access to the counting process. It really is THAT simple.

Re:A little Stalin seems fitting... (1)

TheRaven64 (641858) | more than 7 years ago | (#17408512)

A very good quote. A democracy can only work if those who cast the votes are the same people as those who count them.

Our founding fathers certainly didn't foresee the coming of mechanical information processing, but I firmly believe they would have wanted it to be open to review by the common man.
And this can never happen. Even if the source code is completely open, maybe 1% of the population has the skill to audit the code. The other 99% have to take it on trust, which is counter to the entire idea of open democracy.

Re:A little Stalin seems fitting... (1)

Orlando (12257) | more than 7 years ago | (#17408602)

Even if the source code is completely open, maybe 1% of the population has the skill to audit the code. The other 99% have to take it on trust, which is counter to the entire idea of open democracy.

I disagree. 1% is still almost 300,000 people by todays figures. Add to that the various academic institutions and liberty groups that would be keen on auditing the code, plus the opposition party(s) who also have more than a passing interest in keeping things fair, AND probably a large number of foreign people who would also have access, I think you have enough eyeballs to ensure the system is sufficiently audited.

Re:A little Stalin seems fitting... (1)

Orlando (12257) | more than 7 years ago | (#17408526)

Our government needs an elected body of IT experts

If, as you say (and I entirely agree) that "A democratic system cannot work unless there is absolute transparency in the voting process." then simply making the code availble for public perusal (open source) would be sufficient, as with the Australian system [wired.com] . Indeed, if you can't trust an elected government to manage it's evoting systems properly, then electing a second body to police the system doesn't ensure that the system will be any fairer.

Re:A little Stalin seems fitting... (1)

harryman100 (631145) | more than 7 years ago | (#17408822)

needs an elected body of IT experts

Who gets to vote on who these IT experts are? Everybody? How many average Joes would be able to tell the difference between an IT expert and someone who knows how to use a couple of office programs? It's simple for someone like us to spot a fraud when we see one, but how many other people do you know who could?

And a little Sagan... (1)

InsertCleverUsername (950130) | more than 7 years ago | (#17408920)

We live in a society that is exquisitely dependant on science and technology, in which almost no one knows anything about science and technology.
- Carl Sagan

The sooner we hit the Singularity and let the machines do the driving, the better.

15% undervote (3, Informative)

Anonymous Coward | more than 7 years ago | (#17408188)

15% of people who voted on the rest of the ticket, mysteriously didn't vote for their Congressman. Even funnier, it was very very strongly biased in favor of Democrat voters, 18% of people who voted Democrat on the remainder of the ticket didn't vote for a Congressman. Even stranger still, it was Florida the former seat of Katherine Harris, even stranger still other neighboring districts showed more typical errors of 3% or so with no political bias.

Fix the vote, make it verifiable, even now when you think the last vote was fair, you don't know it was, nobody can show it was, and there's so much money and power at stake, the vote must be totally trusted.

Florida has a Democrat voter majority, yet elects Republicans and it is more than gerrymandering.

No 2nd to Bullet the Blue SKY (-1, Troll)

Anonymous Coward | more than 7 years ago | (#17408210)

Fuck These fucking lieing fucking ass
fscking ass scum.

So your telling me I have no right to put a bullet in the head of an OATH BREAKER?

FUCK YOU!
YOUR NEXT!

Really, it *IS* a threat.
I Had it with you OATH OF OFFICE BREAKERS, YOUR DEAD!! v YOU HEAR ME MOTHER FUCKER?

DUPE! Source code was revealed yesterday! (0)

Anonymous Coward | more than 7 years ago | (#17408302)

Since this inside information [slashdot.org] was revealed yesterday. I feel it is important to finally reveal that number stations are infact Diebold terminals using this very counting code:

#! /bin/sh
cat /dev/urandom > /dev/bcast;

Hence I'm posting anonymously.

Regards Anon
--------
Suzi,
I've managed to rid my computer of that nasty virus which was automatically adding text to web forms. So to answer your email yes I'd be more than happy for us to host the wife swapping party at our house. I'm looking forward to showing you and your sister my digits again... hehe.

Regards,

Jeff Dean,
Programmer PSI Group

Score "Zip" Democracy "One" Business (3, Insightful)

erroneus (253617) | more than 7 years ago | (#17408354)

When a judge makes the determination that the interests of a single business over those of a democratic process such as an election, then this judge's leanings are clear and obvious. I don't think the issue could be more complicated than that.

Re:Score "Zip" Democracy "One" Business (4, Insightful)

bigbigbison (104532) | more than 7 years ago | (#17408754)

Exactly. This isn't about open vs. closed source. THis is about the fact that the judge has mad a decision which in effect states that "trade secrets" and business trumps democracy. That is just wrong.

Transparency (2, Insightful)

AlHunt (982887) | more than 7 years ago | (#17408378)

Elections are supposed to be transparent.

Sticking some software in the middle that nobody can see is akin to counting paper ballots in secret.

I don't mind voting machines, electronic or not. But transparency is a *must*, either way.

Did Your Vote Count? (1)

rs232 (849320) | more than 7 years ago | (#17408394)

"maybe, this trend to paperless voting [democratic...ground.com] is the greatest scam ever perpetrated on the voting populace in the world's history...."

Full transparency (0)

Anonymous Coward | more than 7 years ago | (#17408450)

A system like this should have full transparency, end-to-end. Hareware & Software. The public should still have the choice for paper ballet.

finally, a black box democracy machine (3, Funny)

musakko (739094) | more than 7 years ago | (#17408458)

Instructions: 1. Vote 2. ? 3. Democracy! (oh, alright: and the winner PROFITS!)

Democracy! (3, Insightful)

slmdmd (769525) | more than 7 years ago | (#17408608)

There is no democracy in USA, it was lost decades ago. It is a two party dictatorship. (Not exactly - It is actually the Corporate rule)
Proof: Try finding answers to the following on internet. (Rest of the media is a PR tool of the dictators)
1. Why no independent wins any seats.
2. Why is it always a very close battle. (e.g. 250-251)
3. What is the percentage of members that get re-elected in a communist country(say former russia) and what is the percentage in USA.
Internet is the only remaining free media but not for long. No matter what we do, it is just a matter of time before the internet is also governed by the corporate. Ways to control are already in the works.
About half of the world knows who is responsible for the 11 towers, but only a handful in usa.
The answer is on the internet. Do your own research.

Bad Ballot Design (2, Informative)

richwmn (621114) | more than 7 years ago | (#17408612)

From the article
Buchanan backers and the company say that if there was an unusually large undervote it was likely because of bad ballot design.
It seems to me that admitting "bad ballot design" is worse than blaming the machines. Anyone who has taken statistics or marketing knows how easy it is to sway polls and sales by such methods as order in the phone book or on the ballot. IMHO bad design could just be effective design for the eventual winner.

Open Source software for critical infrastructure? (1)

gerrytucker (981939) | more than 7 years ago | (#17408724)

I know this is probably not a popular perspective for slashdot, but do we really think that having completely open source software for something as critical as our voting machines is a good idea? I agree that we need to find a balance so that concerned citizens can understand if their votes were correctly counted. This could include the idea of vote "receipts" being printed for every vote so that a true paper recount could occur if needed. However, I have to say that there are a lot of people around the world that do not much care for our country. Allowing anyone to have access to the source code on a whim opens up our voting system infrastructure to outside sources. How many genius hackers out there could figure out sophisticated ways to commit voter fraud if they had unlimited time to review the code? Just my 2 cents ...

Re:Open Source software for critical infrastructur (0)

Anonymous Coward | more than 7 years ago | (#17408836)

but do we really think that having completely open source software for something as critical as our voting machines is a good idea?

Uh, Yes, the concept of a Million Heads checking and thinking about the code,
can find hundreds of flaws and if the code were open source, get it fixed.

The "Wisdom of Crowds" can outperform the Unscrupulous Bastard/Evil Genius population.

Hang that ruling on the wall (1)

smchris (464899) | more than 7 years ago | (#17408734)

Couldn't be stated more clearly: "Business tops democracy"

So let's sit around and bitch.

Even if you could "verify" source code ... (2, Interesting)

carpeweb (949895) | more than 7 years ago | (#17408824)

... what would that prove?

I'm not saying it's a bad idea to know the source code. I'm just saying that wouldn't eliminate most of the problem.
  1. Who can look at source code and certify that it cannot be hacked?
  2. Even if (1) were possible, who can certify that the exact source code was (the only code) resident on every machine at the time of the voting?
Furthermore, because ballots are anonymous, what do we have to tie people to votes on a one-to-one basis? Granted, the tie-in is imperfect in the paper world, but the potential for abuse seems higher in the electronic world. As I think about how a "vote hacker" might operate, it seems pretty likely to me that such a person would be motivated to cover tracks. For instance s/he would replace the source code with the evil code before the voting but would also switch it back to the source code after the voting. That's a pretty simplistic scenario. I envision that "good" e-voting security would require polling stations to begin looking like secure server rooms. That would give civil libertarians (and maybe even the rest of us) the creeps, even if it were feasible to issue every voter a security badge, etc.

I'm no security expert, but is it not generally accepted that simple systems are easier to secure, all other things being equal? Pencil and paper are pretty simple, right?
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...