Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

CA Proposes Rigorous Voting Machine Testing

kdawson posted more than 7 years ago | from the red-five-standing-by dept.

United States 172

christian.einfeldt writes "During her successful campaign for California Secretary of State, newly-minted California Elections Czar Debra Bowen spoke repeatedly of the need to use free open source software in voting machines to ensure the integrity of California's elections. Now that Secretary Bowen is acting on that campaign pledge, closed-source voting machine vendor Diebold worries aloud that rejecting its black-box voting machines could snarl California's elections. Diebold's concerns come at the same time that it is suing Massachusetts for declining to purchase those same voting machines." Quoting: "California's elections chief is proposing the toughest standards for voting systems in the country, so tough that they could [have the result of banishing] ATM-like touch-screen voting machines from the state. For the first time, California is demanding the right to try hacking every voting machine with 'red teams' of computer experts and to study the software inside the machines, line-by-line, for security holes."

Sorry! There are no comments related to the filter you selected.

novel idea (4, Insightful)

gEvil (beta) (945888) | more than 7 years ago | (#18529655)

Thoroughly test the voting machines before deploying them? Wow! Why didn't I think of that?

an even more novel idea (0, Flamebait)

teh_chrizzle (963897) | more than 7 years ago | (#18529699)

suing a state for not using your stuff. jeez i hope SCO doesn't adopt that tactic.

Re:novel idea (4, Insightful)

TheMeuge (645043) | more than 7 years ago | (#18529755)

I smell a "Diebold sues California" /. headline coming.

Re:novel idea (4, Interesting)

Chris Burke (6130) | more than 7 years ago | (#18530631)

I can't for the life of me understand why California even considers doing business with Diebold any more.

Shouldn't the list of requirements for Calfornia's voting machine aquisitions have a clause about "Company should not have repeatedly lied to California legislators, covered up known flaws, nor violated deployment policies by modifying units in the field without validation of those modifications"?

Diebold has been in trouble with California before. The fact that they can continue to even try to offer voting machines in that state kinda surprises me.

Re:novel idea (2, Funny)

noidentity (188756) | more than 7 years ago | (#18530709)

"I smell a "Diebold sues California" /. headline coming."

I smell another "Diebold sues Massachusetts" /. headline first.

Re:novel idea (2, Interesting)

avronius (689343) | more than 7 years ago | (#18530153)

Here's a complete solution:

1. Create software for electronic voting. Use pictures of candidates (and their names, of coz').
2. Add a printing plugin that spits out a little chit with the picture of the candidate that the voter selected, as well as a bar code that includes the name of the candidate.
3. Place chit in voting box for validation if required - used in case recounts are requested.
4. Profit!!!

Or was that... (1)

avronius (689343) | more than 7 years ago | (#18530193)

In retrospect, perhaps Step 4 should have said "Govern!" and Step 5 should have been "Profit!!!"

Re:novel idea (2, Funny)

gEvil (beta) (945888) | more than 7 years ago | (#18530231)

Use pictures of candidates (and their names, of coz').

A picture of the candidate and the names of their cousins?

Re:novel idea (1)

avronius (689343) | more than 7 years ago | (#18530357)

Sorry - was trying to be casual. What was I thinking?
I have some friends in South Eastern Asia that I chat with from time to time. They quite often type "of coz'" rather than "of course". I was using the expression to refer to an attribute being included as a matter of course.

However, if you'd rather the ballot include a listing of the candidates cousins, far be it from me to stand in the way of progress :)

Re:novel idea (1)

mOdQuArK! (87332) | more than 7 years ago | (#18530983)

as well as a bar code that includes the name of the candidate.

You don't want to use a machine-code identifier which can be potentially different than the accompanying picture/text, since an attacker or a bug could cause the machine code to be something different than the displayed text.

It's better to have the counting machine directly read the text (OCR) so that what the person sees & what a counting machine reads is exactly the same thing. There are a number of fonts available that can be used which have been specifically designed to have a high OCR accuracy. This also reduces some of the issues with doing hand recounts (when you are double-checking the counting machines).

"atm-like"? (-1, Flamebait)

Anonymous Coward | more than 7 years ago | (#18529669)

More like GAY-TM like, amirite?

Oh, California (4, Funny)

$RANDOMLUSER (804576) | more than 7 years ago | (#18529681)

I thought I read "Computer Associates Proposes Rigorous Voting Machine Testing", and my head started to hurt.

Re:Oh, California (1)

last_emperor (997538) | more than 7 years ago | (#18530181)

thats funny, I saw it and thought the exact same thing.

Re:Oh, California (0)

Anonymous Coward | more than 7 years ago | (#18530553)

Yeah, me too. Slashdot is a worldwide site, not USA-only. Don't use acronyms for your states that match with some tech company. What a bunch of morons you north americans.

Good idea (4, Funny)

UbuntuDupe (970646) | more than 7 years ago | (#18529693)

I agree with this proposal. They need to double -- perhaps, triple -- check to make sure the code works as intended.

But I also think CA has been otherwise prudent. For example, using Diebold instead of volunteer open source code. I mean, how can they afford all the volunteer labor?

Re:Good idea (2, Insightful)

RingDev (879105) | more than 7 years ago | (#18530661)

check to make sure the code works as intended.

The next step would be to check and make sure that the intention the code works with is the intention the people desire.

-Rick

Re:Good idea (3, Insightful)

Coryoth (254751) | more than 7 years ago | (#18530941)

The next step would be to check and make sure that the intention the code works with is the intention the people desire.
And this is why formal specification should be used. It provides a middle tier between implementation code, and English language specification. Verifying that the code properly implements the formal specification can be done programatically and independently quite easily. In turn, validating the formal specification, by comparing it to the peoples desires in terms of a English language set of requirements is easier than trying to compare coed to the requirements, since it is only intentions that are formally defined, with no issues of implementation to complicate the matter. Stating your intentions in an unambiguous way, via formal specification, ought to be an obvious first step for anything where the need for assurance is as high as it with electronic voting.

One principal of a democracy (5, Insightful)

saibot834 (1061528) | more than 7 years ago | (#18529695)

One principal of a democracy is that everyone can verify the counting of votes.

Now unless you teach everyone how to program I don't see how you can preserve this principal.

Re:One principal of a democracy (-1, Flamebait)

Anonymous Coward | more than 7 years ago | (#18529823)

Another *principle* of a democracy is an informed citizenry that possesses, among other things, the basic ability to spell, especially when expounding on principles of democracy.

How many principles of democracy are there? (1)

Chmcginn (201645) | more than 7 years ago | (#18529847)

One principal of a democracy is that everyone can verify the counting of votes.

Umm... this is a new one to me. I mean, it sounds like a good idea, and all... but then again, if we're using the old punch-card type of voting machines, being able to verify them requires being able to read them, which many people can't do anyway. Besides the fact that in a typical presidential election, there's, what, nearly a hundred million votes cast? It's physically impossible for a single person to check that many ballots in a reasonable amount of time.

Now unless you teach everyone how to program I don't see how you can preserve this principal.

Why is that a bad idea? Since more & more of our lives depend on computers, giving everyone at least a basic knowledge of how they actually function seems like an excellent idea.

Re:How many principles of democracy are there? (1)

mdsolar (1045926) | more than 7 years ago | (#18530187)

I was just writing to my Senator Mac Middleton (Maryland Senate) that losing the ritual of hand counting ballots means that we also lose a means of strengthening community ties. You don't actually have one person count all the ballots, it is done in a group with observes from all campaigns watching for errors. In the end everyone goes to bed late and is civil about the result. There is a greater level of participation and more human interaction this way.

Maryland's house passed a bill to adopt optical scanners unanimously but now the senate leadership is balking at the cost which they claim (unusually for infrastructure) is all front ended. However, the last payment for the Diebold systems in use now is due in 2014 so the leadship's objections seem a little strange since financing is how this kind of thing has been done in the past. Hopefully my Senator can clear this issue up for them since he chairs the Finance Committee and ought to see the problem with the leadership's view.
--
Removing finacial risk from Solar: http://mdsolar.blogspot.com/2007/01/slashdot-users -selling-solar.html [blogspot.com]

Funny thing (5, Insightful)

WindBourne (631190) | more than 7 years ago | (#18529875)

is that we seem to keep learning and re-learning that lesson. Back in the 1960 election, there was a lot of evidence that indicated that kennedy won chicago by having the dems cheat. Many systems were put in place to prevent that cheating. Now, with the new current system, the evidence is even more overwhelming and yet, we are back to trying to prevent cheating. In particular, it appears that Ohio, Florida, and even texas had massive amounts of voter fraud during the last couple of elections. I guess that our society will be doomed to re-living the same problems over and over as long as we have politicians like rove ( and the dem == before).

Your Fired! (1)

mdsolar (1045926) | more than 7 years ago | (#18530575)

You didn't bring any prosecutions of voter fraud in Ohio, Florida or Texas;-)

Re:One principal of a democracy (0)

Anonymous Coward | more than 7 years ago | (#18530487)

One principal of a democracy is that everyone can verify the counting of votes. Now unless you teach everyone how to program I don't see how you can preserve this principal.

They should not have preserved your grade school's principal, as you never learned to spell; I'm guessing they let you kids use spell checkers. They should NEVER allow spell checkers in school! It's "principle", as any school principal should be able to tell you (although these days I'm not too sure).

</pedant>

Political Education (1)

abb3w (696381) | more than 7 years ago | (#18531665)

One principal of a democracy is that everyone can verify the counting of votes. Now unless you teach everyone how to program I don't see how you can preserve this principal.

It also requires you teach everyone to count, which is up for question given the quality of our schools these days. ("Principle", by the way.)

Re:One principal of a democracy (2, Insightful)

AK Marc (707885) | more than 7 years ago | (#18531699)

One principal of a democracy is that everyone can verify the counting of votes.

We do not now, nor have we ever had, any system to verify votes. We can count them again, certify them, but never verify them. Until I, as a voter, can see how the state counted my vote, no vote is ever verified. They may count my ballot twice, but I can never know who they count it as having voted for. True anonymous verification is a system where I can identify my vote, but no one can determine how I voted.

Unaccaptable failure rate? (4, Insightful)

Firethorn (177587) | more than 7 years ago | (#18529717)

31 machines out of 340 districts? How many were in each district?

Heck, from what I've read, they've had problems with more than 10% of the diebold machines.

At least with an automark type system you still have the paper ballots to fall back on, even if a voter might require assistance to fill it out.

When a diebold type device malfunctions you have the potential for lost and/or erronous vote information, not to mention that NO votes can be taken.

Re:Unaccaptable failure rate? (1)

IAmTheDave (746256) | more than 7 years ago | (#18530629)

31 machines out of 340 districts? How many were in each district?

I've really got to ask - how hard is it to write a machine that tallies clicks? Seriously?

I've been writing code in several languages for going on 9 years, and I've got to tell you, counting votes sounds like something we did in CS 102.

Of COURSE it should be open source. Of COURSE any shmoe should be able to audit the code. Because - and I've gotta tell ya, I'm not the greatest dev that ever lived - there are about a million people in CA that could actually properly vet the code.

Security is the only place where it becomes an issue - but seriously, it shouldn't be that hard. Google built an empire on white-box commodity-hardware. We can't build a machine that properly counts clicks?

10% Failure Rate. (2, Funny)

Irvu (248207) | more than 7 years ago | (#18531237)

Ahh but thanks to the intervention of well-paid lobbyists Federal standards make 10% an "acceptable rate of failure" for an election.

Good (0)

Anonymous Coward | more than 7 years ago | (#18529723)

I contributed to the Bowen compaign, the first time I have ever given money to someone running
for such a position. I'm pleased to see her living up to her campaign promises.

As far as Diebold's FUD response goes, is anyone even slightly surprised by it?

Re:Good (4, Funny)

Random BedHead Ed (602081) | more than 7 years ago | (#18530013)

I'm shocked. Deibold generally tries very hard to avoid the appearance of bias or impropriety, and they offer quality e-voting products that they strive to improve in response to much-appreciated constructive criticism from the community. Whenever they fix an issue with their products, like the closed-source software or the easily-copied security key, they are quick to get the updates out and always thank the community for helping them to improve their products. Their recent suit against Massachusetts has given them a serious PR boost with other states. So yes, their response to this move really surprises me.

(Sorry if your sarcasm gland is asploding.)

They should import their testers... (1)

Starteck81 (917280) | more than 7 years ago | (#18529725)

... from Florida!

Yet another CA standard... (1, Funny)

coolmoose25 (1057210) | more than 7 years ago | (#18529749)

My car has "California" emissions and I live in Connecticut. This is just one example of how California mandates things for the rest of the country. They will set some standard for voting machines, and since the state is too big for voting machine companies to write off, it will end up becoming the defacto standard. I don't live in California for a reason (not the least of which their four seasons are Wildfire, Mudslide, Earthquake, and Smog). In California, they make you label everything, including restaurants, informing you that your food might cause cancer. Then they all go outside and breathe air they can see.

Re:Yet another CA standard... (2, Insightful)

One Louder (595430) | more than 7 years ago | (#18529899)

It's a shame you never saw any part of California besides Los Angeles.

Re:Yet another CA standard... (1)

coolmoose25 (1057210) | more than 7 years ago | (#18530085)

Actually, I've seen a lot of California... and it's beautiful. Yosemite is my favorite national park. The sequoia's are amazing... the wine country stunning... and SF is one of my favorite cities... but the place is run by kooks... not just SF, but LA too and the State government as well.

Re:Yet another CA standard... (2, Insightful)

fredrated (639554) | more than 7 years ago | (#18530257)

Born and raised in Cal, yeah, there are 'kooks' for politicians sometimes, but these kooks are like 'let's see if we can make people happier by making their food less poisonous' as opposed to the kooks that think things like 'let's not tell people the air at ground zero is poisonous because then bin Laden will be even more satisfied with the results'.

We'll keep our kooks, you keep yours and we will both be happy. I hope.

Waaaaay off topic, I know (2, Funny)

Anonymous Coward | more than 7 years ago | (#18529925)

four seasons are Wildfire, Mudslide, Earthquake, and Smog

Boy, I'd like to see a shoji screen of these four seasons!

As much as I dislike CA.... (2, Interesting)

Chmcginn (201645) | more than 7 years ago | (#18529987)

I don't see this being a problem with California, per se. I'd say it was more a problem of large corporations. Economy of scale is a great thing. But when a company reaches the 'counting drops of solder to close the barrel' stage, a lot of individual choice type options might vanish.

And, wait... are you complaining that your car has stricter emissions standards? I'm certainly not, living in the second-most smog infested state in the US. If it weren't for CA emissions being standard on so many vehicles sold outside that state, it might be even worse here...

Re:As much as I dislike CA.... (1)

coolmoose25 (1057210) | more than 7 years ago | (#18530053)

I'm not complaining about the emmission control hardware... I'm complaining that California decides what the level of control is, and not the US in general. For instance, suppose CT wanted STRICTER emmission control devices? Too bad. Car companies are far more likely to decide simply to not sell cars in CT than CA. So CA gets to decide what level is correct, and all the other states have to go along for the ride.

Re:As much as I dislike CA.... (3, Interesting)

Chmcginn (201645) | more than 7 years ago | (#18530165)

Car companies are far more likely to decide simply to not sell cars in CT than CA.

Many car companies might, this is true. But I'd be willing to bet that some car companies would make it an option, albiet an expensive one.

So CA gets to decide what level is correct, and all the other states have to go along for the ride.

As other posters have pointed out, there are cars sold that don't meet the CA standard. There's packages of solder that don't contain the "This product blah blah state of California blah blah" label. The point is, CA is deciding what's best for it, not for anyone else. It's not their fault if many large companies go along for the ride.

Re:As much as I dislike CA.... (1)

syphax (189065) | more than 7 years ago | (#18530309)


In the absence of federal leadership, get your state to talk to other, adjacent populous states, kinda like this [rggi.org] .

Re:As much as I dislike CA.... (1)

MsGeek (162936) | more than 7 years ago | (#18530939)

Nice! I'm sure that's in the offing for the Pacific Coast states soon.

Re:As much as I dislike CA.... (2, Insightful)

neomunk (913773) | more than 7 years ago | (#18530457)

That's not CA setting the emissions standard for your state, it's the auto companies deciding that the economy of scale on the changes that need to be made are a greater benefit to the bottom line if applied to the whole production line than either a) not selling cars in CA or b) setting up a separate production line for CA specific autos. CA has every right to set emission standards for their own state, and the auto companies have every right to deal with those standards in any way legal.

Your post (to me at least) smacks of bashing those damn hippies without saying so directly. If you're really pissed about the situation, place the blame on the car companies, where it belongs.

And this is again making an assumption, but you seem to be pissed that programmers are gonna be pouring over this code. WTF? Do you really think that this is some big negative inconvenience, or is it just west coast bashing? I just don't see the problem.
 

Re:As much as I dislike CA.... (1)

Animats (122034) | more than 7 years ago | (#18530529)

We fixed it for you. Quit complaining.

I can remember when you couldn't see the Hollywood sign from downtown LA most days. And in Cleveland, you couldn't see downtown from five miles away.

Re:Yet another CA standard... (2, Insightful)

gurps_npc (621217) | more than 7 years ago | (#18530009)

Detroit and Japan continue to make cars that do not meet California emissions tests.

The fact that you bought such a care tells me that you looked at the cars that did not meet the California emissions tests and said "No thank you".

What probably happened is that the majority of the people in the country with needs similar to yours thought that cars should meet California's tests. The few people that did not want the cleaner cars had different needs then you did.

You don't have a beef with California, you have a beef with the majority of AMERICAN citizens. And you personally were still offered a choice to pick another car, but decided not to.

Why don't you stop blaming California, and start taking responsibility for your own actions

Re:Yet another CA standard... (1)

coolmoose25 (1057210) | more than 7 years ago | (#18530151)

Actually no... CT has adopted the CA LEVII standard and as a resident, I can ONLY buy a new car with this... I have no choice in the matter. http://www.ctclimatechange.com/documents/pressrele ase010605FINAL.pdf [ctclimatechange.com]

Re:Yet another CA standard... (1)

gurps_npc (621217) | more than 7 years ago | (#18530215)

Then admit that the people of CONNECTICUT are the ones to blame, not California. Connecticut voters said "we want to use CA's rules". No California's forced CT to do it, you guys did it to yourself. Or better yet, get off your butt and campaign for someone to cancel that law.

Like I said before, stop blaiming California, and accept responsibility for your own actions (or lack thereof) in this case.

Re:Yet another CA standard... (1)

amRadioHed (463061) | more than 7 years ago | (#18530883)

Or better yet, stop bitching since it's a good idea using CA emission guidelines.

Re:Yet another CA standard... (2, Insightful)

drinkypoo (153816) | more than 7 years ago | (#18530075)

My car has "California" emissions and I live in Connecticut. This is just one example of how California mandates things for the rest of the country.

Interestingly, I can purchase a car in Connecticut, drive it to California, register it, and pass a smog check.

Vehicles with California emissions and vehicles without are smogged to different specifications, even here in California.

The restriction only requires new cars sold in California to conform to different standards.

In California, they make you label everything, including restaurants, informing you that your food might cause cancer. Then they all go outside and breathe air they can see.

I live in a county which has spectacularly good air quality, and it happens to be within California.

The worst air quality that I'm aware of in the US is in Houston.

Re:Yet another CA standard... (1)

tthomas48 (180798) | more than 7 years ago | (#18530523)

yeah, you notice that no one is complaining that TX's buying power has the same effect as california, but in reverse. By keeping anti-environmental statutes off the books. I mean, you can blow up an oil refinery a few miles from one of the biggest cities on earth with no repercussions.

Re:Yet another CA standard... (0)

Anonymous Coward | more than 7 years ago | (#18530121)

So California is leading the fight to get back our democracy and the fight to keep our planet habitable. Why aren't you saying thank you? "People who vote decide nothing. People who count the votes decide everything" -Joseph Stalin

Re:Yet another CA standard... (1)

Mongoose (8480) | more than 7 years ago | (#18530167)

I guess you never been to the OC or bay area. Irvine is cleaner than disney world and twice as planned out. It's just a ton of cute asian girls mostly Japanese/Persians/Indians all over the place. Lots of good food and way too many shops. Also the nearby beaches and the nature preserves are nice. It does suck that the weather is so dry, but most people perfer it that way.

Re:Yet another CA standard... (0)

Anonymous Coward | more than 7 years ago | (#18530385)


I guess you never been to the OC...


AAAAAAAAAArrrrrrgh! Damn tourist.

God. As someone who grew up behind the Orange curtain, let me tell you, calling it "The OC" is a sure sign that you haven't spent much time there.

Sort of like folks calling San Francisco Frisco. Makes locals cringe when they hear it.

Re:Yet another CA standard... (1)

Anonymous Psychopath (18031) | more than 7 years ago | (#18530879)

I grew up in Irvine, and I married one of those cute asian girls. But I live on the other side of the Orange curtain by choice. OC is just too... sterile.

Having grown up in OC, imagine my shock when I discovered that not everywhere in LA looks like south central. I'd take Palos Verdes over Newport Beach any day of the week, and I've lived in both.

Re:Yet another CA standard... (1)

Stanistani (808333) | more than 7 years ago | (#18530213)

Shall I take a few potshots at your state? Nah. Too easy.
The air is minty fresh where I live... with a hint of lemon salt.

Allow me to help you out... you refer to California as "the land of fruits and nuts" or "the left coast" and you decry our no-smoking restaurants on a regular basis.

You, on the other hand, live in Utopia, where milk and honey and nutmeg butter flow in an unbroken stream past the toes of the colossus that is M. Jodi Rell. Christopher Dodd and Joseph Lieberman hold the banner of progress which states: "We're not just cuter, we're Connecticuter!"

See? No negative comments needed.

Re:Yet another CA standard... (1)

maynard (3337) | more than 7 years ago | (#18530395)

Ah. I see you oppose "states rights" then. Correct?

Re:Yet another CA standard... (0, Offtopic)

Shotgun (30919) | more than 7 years ago | (#18530549)

How much does it cost a manufacturer to add information to a label?

IMHO, forcing information onto labels is one of the few really useful things that any government can do. They're not forcing me to buy one product over another, but I *MAY* choose to act on the information and move my dollars elsewhere. I usually ignore "Cali thinks this will give you cancer" notices, as if I'm playing with a chemical I usually investigate it first (those internets make it so easy to do). I do wish the government would get out of the business of having restaurants set aside 'no smoking' sections, and just force them to put a cigarette icon on their sign if they allow it (so I could keep driving). Informative labels are the most efficient way for a government to level the playing field in any market.

Re:Yet another CA standard... (0)

Anonymous Coward | more than 7 years ago | (#18530621)

I don't live in California for a reason (not the least of which their four seasons are Wildfire, Mudslide, Earthquake, and Smog).
Yes! It's absolutely horrible, for all of these reasons and more. Stay far, far away, and quit reminding us of how miserable we are here, you insensitive clod.

Re:Yet another CA standard... (0)

Anonymous Coward | more than 7 years ago | (#18530635)

not the least of which their four seasons are Wildfire, Mudslide, Earthquake, and Smog

No, no, no... the four seasons are Wildfire, Mudslide, Earthquake, and Drought.

Re:Yet another CA standard... (0, Offtopic)

amRadioHed (463061) | more than 7 years ago | (#18530725)

Let's see, so your primary complaints about CA are that they forced you to have a cleaner running car and next they may cause CT to use secure and well verified voting machines. Did I get that right?

Wow, what a bunch of kooks. How dare they!

Re:Yet another CA standard... (1)

Chris Burke (6130) | more than 7 years ago | (#18530799)

Then they all go outside and breathe air they can see.

Hey, at least now they can see through the air to see other objects. Talk to someone who lived in LA before they got strict with their emissions regulations in the 80s; I doubt they'll tell you that merely translucent air is anything but a vast improvement.

Seriously, CA's emissions standards have been highly effective. Yes there's still pollution -- seen when flying into LAX as a big stinky brown cloud floating over downtown obscuring the skyscrapers, utterly disgusting -- which is still much less than it used to be, showing both that the regulations have worked and that even more dilligence is still necessary.

their four seasons are Wildfire, Mudslide, Earthquake, and Smog

I liked that.

e-voting must be as strong as paper (5, Insightful)

davidwr (791652) | more than 7 years ago | (#18529801)

Properly monitored paper ballot voting system is about as good as you can get for the average person. It's main weakness is that it's not private for people who cannot see or read the language of the ballot and for people who cannot mark the ballot for whatever reason. The fact that you must go to a voting station rather than voting from home is also a disadvantage.

Any replacement system must preserve the strengths of a paper ballot.

This means
  • Open specifications
  • validation and verification of all equipment and procedures concerning the vote


In practice, this means the voting hardware and software must be open to public inspection. The same goes for the procedures used by voting officials.

It also means to the extent possible, the entire process must be observed by interested and neutral parties. Obviously the actual voting must be done in secret but anything that doesn't reveal an individual's vote should be observed. Those things that cannot be easily observed, such as actual electronic count, must be repeatable by another method, such as a hand-count, with the same results.

Re:e-voting must be as strong as paper (1, Funny)

stratjakt (596332) | more than 7 years ago | (#18530027)

Paper ain't all that strong. Hanging chads and whatnot. I'm sure electoral fraud goes all the way back to the first elections in greece.

We should elect a supreme ruler like Iran, the greatest nation on earth.

Good point (1)

davidwr (791652) | more than 7 years ago | (#18531545)

I was thinking of ballots where it's hard to goof.

Imagine a hand-counted paper ballot that looks like this, only in a decent-sized font:

State Senator. Vote for only 1 candidate.
{2 blank lines}
John Doe, Republicratic party .... [ ]
{2 blank lines}
Mary Smith, Democan party ........ [ ]

That's pretty hard to mess up unless you try hard or have problems using a pencil.

If such a ballot were used and were counted under strictly monitored conditions, there would be no Florida Fiasco. With enough counters, the results could be tallied in a reasonable period of time.

This is the way people used to do it before machines. The trick is you need plenty of monitors so the counters don't try to game the system.

Your comment on fraud is insightful. Monitoring helps prevent that.

Re:e-voting must be as strong as paper (1)

Jumper99 (51637) | more than 7 years ago | (#18530197)

It also means to the extent possible, the entire process must be observed by interested and neutral parties.


Aren't interested and neutral exclusionary in this case? By nature, anyone who has an interest in the outcome of an election cannot be neutral. I'd like to think that folks could at least hide their bias if they are working the polls, but that doesn't seem to be the way human nature works.

interested parties and neutral parties (1)

davidwr (791652) | more than 7 years ago | (#18531387)

I meant the process should be monitored by both interested parties and by neutral parties. Sorry about the grammatical confusion.

Re:e-voting must be as strong as paper (2, Insightful)

morgan_greywolf (835522) | more than 7 years ago | (#18530221)

Right. And that's why I keep saying that if you want to know what I think is the approach, it's touch screens with Open Source software/firmware with a paper receipt trail. This allows for the accuracy of electronic counting with a paper backup -- if the paper doesn't match the electronic count, then the software either has bugs or has been tampered with (or there are forged paper ballots, but that's easily countered). Either way, the software can be reviewed by independent computer experts to determine which of three has occurred.

Re:e-voting must be as strong as paper (0)

Anonymous Coward | more than 7 years ago | (#18530791)

There's a simple solution with the strength of both electronic and paper ballots:

As far as the law is concerned, the machines act as very fancy printers for ballots. Nothing more. The ballot is the printout from the machine, and the count of the printed ballots determines the election. People can examine their ballot before it's cast.

Blind, quadriplegic, and other handicapped people can use the electronic machines privately, and their ballots would be indistinguishable from any other voter. (If the printed ballot included braille, then even blind people could examine their ballot.)

The voting machines can make unofficial counts the minute after polls close, so long as the machines' counts are considered unofficial.

Simple, no?

Re:e-voting must be as strong as paper (2, Insightful)

Coryoth (254751) | more than 7 years ago | (#18530833)

* Open specifications
* validation and verification of all equipment and procedures concerning the vote

In practice, this means the voting hardware and software must be open to public inspection. The same goes for the procedures used by voting officials.
I would go even further and demand that both an English language and a formal specification that are open. That way you can validate the formal speciifcation against the English language version, and you can formally verify software code against the formal specification. There are plenty of independent systems that would allow such formal verification of code to be done, and machine checked. Sure, this requires more work to write a formal specification and to write code that can be verified against it... but if there was any case where you would want to be able to do full machine assisted verification of code against a specification rather than just eyeballing it and hoping you catch the errors, electronic voting would be it!

Re:e-voting must be as strong as paper (1)

johnlcallaway (165670) | more than 7 years ago | (#18531547)

I have lived in Arizona for over 4 years and have NEVER gone to a voting station, yet I vote in most of the elections. Every election I get a letter with a form that I can fill out to request a ballot be mailed to me. I fill out and return the form, and in a few days get a packet of information that includes a ballot. I believe the ballot is in both English and Spanish, although I don't have one so I can't validate that statement. Of course, they might shred the ballot when I mail it back it for all I know. But that holds true for electronic voting also.

I really have a tough time understanding why states want high-tech voting machines, and what problem they are trying to solve with them.

That's great but (-1, Troll)

Anonymous Coward | more than 7 years ago | (#18529841)

Quebec sovereignty is the only way.

Re:That's great but (0, Offtopic)

Anonymous Coward | more than 7 years ago | (#18530243)

Despite the fact the Bloc Quebecois just suffered a defeat, proving that no-one gives a crap about separation anymore.

Re:That's great but (1)

compro01 (777531) | more than 7 years ago | (#18530995)

Despite the fact the Bloc Quebecois just suffered a defeat

Bloc? the Parti Quebecois (a provincial political party. the Bloc is a federal party.) took a big hit in the provincial election, but nothing has happened with the Bloc, AFAIK.

Mass Diebold request blocked (4, Informative)

mdsolar (1045926) | more than 7 years ago | (#18529885)

The request by Diebold to block Massachusetts from buying from another vendor was blocked: http://computerworld.com/action/article.do?command =viewArticleBasic&taxonomyName=hardware&articleId= 9014518&taxonomyId=12&intsrc=kc_top [computerworld.com]
--
The proper use of a silicon ballot: http://mdsolar.blogspot.com/2007/01/slashdot-users -selling-solar.html [blogspot.com]

Pre-Hacking (2)

Nonsanity (531204) | more than 7 years ago | (#18530097)

"For the first time, California is demanding the right to try hacking every voting machine with 'red teams' of computer experts and to study the software inside the machines, line-by-line, for security holes."
And this is a bad thing for the public... HOW?

Re:Pre-Hacking (3, Insightful)

mOdQuArK! (87332) | more than 7 years ago | (#18531043)

Well, it'll cost the taxpayers a fair bit to do that kind of testing properly - looking at it that way, you'll get a dollar value of how much the taxpayers think a corruption-resistant democracy is worth!

Re:Pre-Hacking (1)

abb3w (696381) | more than 7 years ago | (#18531411)

"For the first time, California is demanding the right to try hacking every voting machine with 'red teams' of computer experts and to study the software inside the machines, line-by-line, for security holes."

And this is a bad thing for the public... HOW?

Because Democrats have an equal or superior history with vote fraud; the effort is obviously incomplete without 'blue teams' to try hacking them as well. =)

What we need is a slot machine... (4, Insightful)

Anonymous Coward | more than 7 years ago | (#18530111)

Any electronic voting machines should be regulated to at least the same level as a slot machine. But for some reason we apparently believe that handling the $20 dollars we want to gamble in a casino is more important than the results of an election.

A casino would never field a slot machine (even a 1c machine) that was as insecure as a Diebold voting machine.

The security model for a slot machine is rock solid. The hardware and software (source included) must be submitted and approved by each jurisdiction. The security model ensures that if even one bit in the software has been corrupted, the machine ceases to function. The cash-in and payout of each machine is redundantly logged. The machines are completely power tolerant, meaning you can cut the power at any time; when the power is restored the machine will come back up in exactly the same state that it was in before power loss. The machine can print tickets (for a paper trail), as well as talk securely over a network.

Basically, all the requirements we'd like to see in a voting machine are the same that a slot machine already conforms to. There's no reason to re-invent the wheel here, most of the work has already been done.

MOD COWARD UP (1)

Khammurabi (962376) | more than 7 years ago | (#18531585)

Cue the political slot machine jokes...

in the sea of all the depressing news in the US... (1)

TheGratefulNet (143330) | more than 7 years ago | (#18530305)

this gives me A BIT of hope (heh) that not everyone connected to the gov is a madman, moran or corrupt.

I now think there may be a non-zero amount of sane people still left. before, I really did think the number WAS zero.

I now have new hope for democracy to RETURN to the US.

Treason (3, Insightful)

loftling (574538) | more than 7 years ago | (#18530391)

I think that attorneys for the government should be able to demand to see source code for all the machines already deployed. If source cannot be produced (or it does not compile to the same machine code present on the voting machines) then those responsible should be rounded up and tried for treason. Seriously: at no point should *anything* related to how these machines tally votes have been regarded as a secret: that's simply not how voting works in the US.

I believe that California shouldn't have to demand transparency, I think that we citizens have implicitly expected transparency all along.

Donate to the Open Voting Consortium [openvotingconsortium.org] , they've been working with Debra Bowen and many others to fix the system.

Re:Treason (1)

abb3w (696381) | more than 7 years ago | (#18531569)

If source cannot be produced (or it does not compile to the same machine code present on the voting machines) then those responsible should be rounded up and tried for treason.

No, no, no; the constitution strictly defines and limits "treason" for compelling reasons. Maintain a sense of proper proportion. I'll settle for having the corporation and its officers convicted on fraud and conspiracy charges (both criminal felony and civil damages); and any elected or appointed officials who facilitated such should face the same, along with impeachment to prohibit them from serving any office of honor, profit, or trust ever again. And, of course, there's some poetry that the felony convictions should strip them of their right to vote.

This should be so simple... (4, Interesting)

dostojevski78 (1004267) | more than 7 years ago | (#18530545)

It amazes me that the US can't get their elections done right. They have the technology to power the worlds most important financial systems, to pilote a drone on the other side of the world and beat any given human in a game of chess. WHY THE ##CK haven't they managed to come up with a voting system that's rock solid, transparent, secure and dependable?!? Why is that even a hard thing to do?

Heck, I think even _I_ could design such a system:

- Buy a standard issue PC with a standard issue laserprinter
- Make a simple voting program
- Give every voter a Live CD with a unique hard coded serial.
- The CD is inserted under the supervision of election workers, and the PC is booted up.
- The voters goes behind the curtain where they find a screen, a mouse and a printer.
- The voter casts his/her wote. The vote and the unique ID is stored on the local HD, and two coppies is printed out on paper.
- The voter comes out, ejects the CD AND KEEPS IT, and puts one paper vote in a ballot box. Keeps the other copy.
- The computer is powered down before the next vote.

This way one can always check the DB against the paper ballots afterwords. AND: Every citizen who thinks the election has been tampered with can A: Review the software on their CD. B: Check the official "election website", punch in the unique ID from the CD/paper coppy and verify that it's registered correctly.

This is not complex, this is not expensive, this is not difficult, and as far as I can see; this is practicaly fool proof given a certain degree of random manual chek of wotes. (To eliminate the factor involving electorial workers doing nasty stuff to the PCs etc.)

Or am I over looking something here...?

Re:This should be so simple... (0)

Anonymous Coward | more than 7 years ago | (#18530699)

You're overlooking the corporate controlled nature of our government.

Re:This should be so simple... (1)

faloi (738831) | more than 7 years ago | (#18530733)

Or am I over looking something here...?

Perhaps I'm getting too tin-foil-hatlike here... But you're overlooking the fact that, in my opinion at least, the two party system has an inherent interest in a system that can be fudged one way or the other. Even relatively sane, simple mandates like checking for a valid ID at the poling station get shut down. The less sinister thing that you're overlooking is that a majority of the citizens in the US don't seem to care that much. We've got small percentages of voter turn-outs, and I'm willing to bet a significant number of those people blindly vote a straight ticket.

Re:This should be so simple... (1)

vux984 (928602) | more than 7 years ago | (#18530817)

Well, I'd hack MY live CD, and then when I'm behind the curtain I install a rootkit into the firmware of the PC, so that future voters live CDs print out the right paper, but what gets written to the hard drive is just republican, republican, republican!

Or perhaps, while I'm behind the curtain, I'll just run a utility to modify the contents of the hard drive, adjusting all the voters votes previous to mine.

Ok... ok... your system has a safegaurd in that people can verify their votes after the fact online. So my cheat will get busted if any of them actually do it. That's a gamble people would be willing to take. If it gets busted it would never get traced to me anyway, and if not ... Republican FTW!

Or, instead I'll just set up my root kit to record a gazillion republican votes, and then allow each voter who votes to override it. Thus anyone who didn't actually bother to show up to vote, voted republican.

If they audited they'd see all the paper ballots lined up with the electronic record. Would they notice there were a few thousand extra votes for which they didn't have paper? If they did would they assume they misplaced a box of ballots or that the system was flawed?

Or, maybe, my hacked live CD will just crash the voting station and wipe the hard drive. Do this in a few dem dominated neighborhoods and maybe the tactic will tip the balance....

Yeah, there's ways of mitigating these attacks too. My point, however, is that the security is not exactly necessarily simple.

Simple Paper ballots counted by people with representatives from each party watching the proceedings is pretty foolproof. If its not broke, don't fix it.

Re:This should be so simple... (1)

mstahl (701501) | more than 7 years ago | (#18531409)

Well, I'd hack MY live CD

And just how, exactly, do you plan to "hack" a CD? Unless you've got a spare liveCD hidden up your sleeve . . . but I'm sure someone somewhere would notice you taking an awfully long time to cast your vote in there. . . .

Re:This should be so simple... (1)

endianx (1006895) | more than 7 years ago | (#18530881)

Or am I over looking something here...?

puts one paper vote in a ballot box. Keeps the other copy.
Some people are concerned about there being a way to see who individuals voted for. With our current system, there is absolutely no way to tell who I voted for. Only I know. It really isn't a big deal in the United States, but if you lived in Iraq for example, having a way for people to figure out who you voted for could be quite dangerous.

Not really something I am worried about, but you should know it is a concern for some people. I figure those people could elect to destroy their copy of the receipt before leaving the polls if they were concerned.

Re:This should be so simple... (1)

goofy183 (451746) | more than 7 years ago | (#18531225)

There is always the concern of buying votes. There can be no way to verify how any person voted once they leave the booth otherwise someone with $$ could very very easily buy an election.

"Simple" is not the same as "easy" (1)

abb3w (696381) | more than 7 years ago | (#18531339)

It amazes me that the US can't get their elections done right. They have the technology to power the worlds most important financial systems [...] Or am I over looking something here...?

Today's piece on the largest financial data breach in history [slashdot.org] , perhaps?

HTH. HAND.

Re:This should be so simple... (2, Interesting)

uncqual (836337) | more than 7 years ago | (#18531587)

Check the official "election website", punch in the unique ID from the CD/paper coppy and verify that it's registered correctly.

One minor nit... This is a bad idea because it makes buying and selling votes more reliable. With a scheme like this, the vote-buyer can verify that the vote-seller really followed instructions before payment is made. As it is now, vote-buying is unreliable (at the retail level) because the buyer can't tell if they got what they paid for.

But, overall there are plenty of good solutions to the problem of voting machines - any of the thousands would do, but closed source is a component of none of them!

That doesn't quite fit my definition of "simple" (2, Insightful)

achurch (201270) | more than 7 years ago | (#18531687)

Heck, I think even _I_ could design such a system:

[8(!) steps and commentary elided]

Or am I over looking something here...?

Perhaps you might not have heard the story of the king and the toaster [netinteraction.com] ?

This may not be quite that bad, but the point still stands: Don't use more technology than is needed to solve the problem. In this case, it's much simpler than you suggest:

  1. Election supervisor checks that voter is authorized to vote.
  2. Voter takes pen and paper ballot.
  3. Voter writes candidate's name on paper.
  4. Voter deposits ballot in box.

In fact, if you were clever you could even combine steps 1 and 4, saving a line at the supervisor's table.

Oh, and don't give the voter a copy to take home, unless you want supporters for the "wrong" party to start getting their pillows replaced by severed horse heads. "I've got a very good deal for you, and all it needs from you is one little piece of paper . . ."

Nice to see (4, Interesting)

frenchs (42465) | more than 7 years ago | (#18530719)

This issue is actually the very reason this woman got my vote in the last election. I'm glad to see she is holding to her promises. We definitely need more politicians to do this. She, unlike a large number of politicians, seems to have a reasonable grasp on the internets and tech as a whole.

http://www.ss.ca.gov/executive/bio.htm [ca.gov]

Re:Nice to see (2, Interesting)

MsGeek (162936) | more than 7 years ago | (#18530857)

Indeed. The fact Debra became our Secretary of State was balm that soothed the wounds of four more years of Arnold Freaking Schwarzenegger and his signature on my Masters Degree diploma if I go to the university of my choice.

Go Debra go! So nice to have a real, live she-geek in public office!

They'll "study the software inside the machines"? (2, Insightful)

roystgnr (4015) | more than 7 years ago | (#18530753)

I suspect they'll really study software outside the machines, code which the manufacturer swears is the same as the software inside the machines, cross his heart. That's still an improvement over the current situation, but it's not good enough for democracy. If a computer is turning your ballot into a microscopic electromagnetic pattern rather than a human-readable printout, you simply can't be certain that your vote was counted. Software audits may make election hacking more difficult, but they'll never make it impossible.

Re:They'll "study the software inside the machines (2, Insightful)

PPH (736903) | more than 7 years ago | (#18531449)

That's the same conundrum presented by Microsoft's 'open source' model. They'll let you look at something which they claim is thew same as what you are running on your system. But if you can't do a clean build, you can't be sure the two are really the same.

This situation is unacceptable in critical systems' embedded software. Not only is the source subject to audit, but the entire compilation and installation process is as well.

How hard can it be to program a voting machine? (3, Interesting)

Peter Trepan (572016) | more than 7 years ago | (#18531083)

They just take votes and record them. The only remotely novel programming problem should be the security, and they don't appear to have implemented any! How can these machines keep screwing up when ATMs keep on not screwing up?

I'm not a computer scientist, but I know many of you are. Is there some hidden level of difficulty here? Some reason why making voting machines should be such a challenge for Diebold?

Re:How hard can it be to program a voting machine? (2, Interesting)

PPH (736903) | more than 7 years ago | (#18531313)

It shouldn't be difficult. That's what makes these proprietary system claims suspicious.

Microsoft, who sells into a huge and varied market, has to worry about copyright and competitors swiping their intellectual property. Diebold deals with a much smaller customer base which is easily audited. Do you really think that county election officials are going to risk buying their voting machine s/w on the black market?

It is not uncommon for vendors to provide the source code for critical systems with embedded software for quality control purposes. Its just a matter of getting an NDA signed, which with responsible customers, isn't a big deal.

Shouldn't this be obvious ? (1)

Shohat (959481) | more than 7 years ago | (#18531299)

These are VOTING machnies , the machines' output decide the faiths of millions, these should be the most tested and highly secured systems on the planet. I never really understood how could anyone agree to lower standards on this.

Re:Shouldn't this be obvious ? (2, Insightful)

Dragonslicer (991472) | more than 7 years ago | (#18531695)

the machines' output decide the faiths of millions
I think that may be the eeriest typo I've seen in a long time.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?