Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

NY Legislature Rejects "Microsoft Amendment"

kdawson posted more than 7 years ago | from the joy-in-mudville dept.

Slashback 223

An anonymous reader writes "Finally, some good news on electronic voting. The New York state legislature rejected an amendment proposed by Microsoft's lobbyists which would have gutted New York's requirements for voting machine vendors to turn over their source code to the state Board of Elections. Assemblywoman Barbara Lifton commented: 'The voting machine vendors have known for two years what our laws said. Now they're saying that those parts of their systems using Microsoft software have to be proprietary? It's just wrong.'"

Sorry! There are no comments related to the filter you selected.

Nothing to see here. Move along. (1)

WilliamSChips (793741) | more than 7 years ago | (#19655843)

Right next to a MS ad, even.

Re:Nothing to see here. Move along. (5, Insightful)

Vulva R. Thompson, P (1060828) | more than 7 years ago | (#19656015)

I click on them all the time.

It's a deliciously satisfying way of transferring cold hard cash from Microsoft's wallet to Slashdot and Google.

Re:Nothing to see here. Move along. (4, Funny)

jamie (78724) | more than 7 years ago | (#19656687)

You rock!!

Re:Nothing to see here. Move along. (5, Interesting)

lena_10326 (1100441) | more than 7 years ago | (#19656823)

I click on them all the time. It's a deliciously satisfying way of transferring cold hard cash from Microsoft's wallet to Slashdot and Google.
And you're also diluting the CPA, which is the real measure of ad performance. http://en.wikipedia.org/wiki/Cost_Per_Action [wikipedia.org]

Of course, you by yourself won't have much impact but there would be if 1% of Slashdot's reader base did.

Re:Nothing to see here. Move along. (0)

Anonymous Coward | more than 7 years ago | (#19656943)

its not like you are going to buy a site license for IIS through an MS advertisement link. There isn't a shopping cart .NET widget for that type of purchase.

Sorry, I missed that... (1)

msauve (701917) | more than 7 years ago | (#19656597)

damn Proxomitron [proxomitron.info] .

Was I the only one? (2, Funny)

pooh666 (624584) | more than 7 years ago | (#19655861)

Who reacted with a HA! HA! Nelson is my copilot...

no its not (4, Insightful)

Zeinfeld (263942) | more than 7 years ago | (#19655881)

I agree that the voting code should be published.

But platform code that is obtained from a third party vendor should be acceptable provided that it is widely used as a general purpose platform and there is a reliable demonstration that the code has not been modified.

I would rather see voting platforms built on microsoft trustworthy computing platforms without code review of the platform part of the system than built on a platform where I cannot be sure what code is running.

The code reviews are useless unless I am sure that the machines actually run the code that was reviewed.

Of course paper and pencil requires no code review.

Re:no its not (0, Troll)

MightyMartian (840721) | more than 7 years ago | (#19655911)

But platform code that is obtained from a third party vendor should be acceptable provided that it is widely used as a general purpose platform and there is a reliable demonstration that the code has not been modified.
That's some rigorous requirement you've got there. So how much does Redmond pay you to be the local /. shill?

Re:no its not (2, Insightful)

Zeinfeld (263942) | more than 7 years ago | (#19656357)

That's some rigorous requirement you've got there. So how much does Redmond pay you to be the local /. shill?

So the only reason someone would disagree with your point of view is that they are paid to do so? That is some opinion of your abilities you have there. Would not have taken very much effort to follow the link to my blog and find out who I am.

Security is risk control, not risk elimination. In this particular case the risk of a trapdoor in the platform code is a lower concern than the risk of the running code being substituted on the final machine.

Security does not fit into rigid dogmas or political agendas. Nobody can provide an operating system that is 100% reviewed. Palladium is the nearest thing we have. At least I can audit the nexus (which is published source) and have the nexus validate the rest of the running code.

Re:no its not (4, Insightful)

WindBourne (631190) | more than 7 years ago | (#19656591)

palladium says that the OS that was installed on the OS was not modified from what the controller wants. It does NOTHING to guarantee that the OS was not compromised before being put on there. I will take a locally compiled version of BSD and/or Linux. In fact, better yet, I will take something that is DO-178B compliant in which the feds have already looked over it, and still looked over. BTW, when MS was asked if they would submit one of their OSs for Do-178B, they asked for the certs. A month later when asked, they laughed the CEO out. They said that NONE of their OSs could come close to close inspection.

Re:no its not (3, Informative)

morgan_greywolf (835522) | more than 7 years ago | (#19656915)

Mod parent up! MSFT operating systems are simply not secure enough for mission critical applications. That's why you see most mission critical apps running on either big iron, Unix, or a realtime embedded system from companies like WindRiver.

Re:no its not (5, Interesting)

Original Replica (908688) | more than 7 years ago | (#19656839)

In this particular case the risk of a trapdoor in the platform code is a lower concern than the risk of the running code being substituted on the final machine.

IANAProgrammer, But for this application neither is acceptable.
Given what the code is required to do (allow for the selection of a vote in each catagory, record said votes, provide totals for each catagory) shouldn't the code be blindingly simple? Give me ANSI graphics and no mouse driver. Give me three imputs: cursor up, cursor down, enter/select. Hell, it can print out on a dot matrix. It should be a requirement that the code be small enough to be reviewed completely, without excessive effort.

Re:no its not (3, Insightful)

WindBourne (631190) | more than 7 years ago | (#19655943)

The voting system in old USSR, Current China, Cuba, taliban controlled afghanastan, etc were on systems that were widely used. Personally, I would not trust them. Why settle for a system like MS, when you can insist on having no chance of an illegal election. NY has it right. Insist on all the code up front. Have it compile and then that is installed on the systems. Otherwise, the ppl from other countries have it right; There is NOTHING wrong with a paper vote other than taking so long.

Paper ballots (2, Insightful)

Nick Driver (238034) | more than 7 years ago | (#19656561)

There is NOTHING wrong with a paper vote other than taking so long.
Oh yeah? What about the honesty of the people who are counting those paper votes.

Ballot-stuffing and outright deliberate miscounts can and still do happen with paper votes. Even right here in the USA, and even right here in my home state of Texas [wikipedia.org] not that very long ago.

Re:Paper ballots (3, Informative)

timmarhy (659436) | more than 7 years ago | (#19656889)

thats why you don't trust them, and make them count in pairs with strict oversight, rotating the pairs and doing random checks. clearly you know nothing of how they count ballots.

Re:no its not (1)

dotwaffle (610149) | more than 7 years ago | (#19657049)

You have the code? Do you have the code to the compiler?

Ok, it's GNU C Compiler. Do you have the blueprints for the chip so that you can tell it's not doing it's own routines whenever an interrupt is generated?

Oh, it's SPARC. Ok, here's one that'll get you - have you got at least two independant sources checking through the stack from top to bottom, making sure everything is ok? That's a shit-ton of code, I bet no-one does.

Trust no code you didn't write yourself. And even then, did you write *everything* - hardware included?

Re:no its not (1)

EagleEye101 (834633) | more than 7 years ago | (#19655991)

They were told they needed to show the source code of the voting machine software to the code review, not only some of the code. They should have thought of this before, its their fault.

Re:no its not (5, Insightful)

Anonymous Coward | more than 7 years ago | (#19656011)

The solution is to create a system where you don't have to trust the source code to begin with

Touchscreen, vote, hit done, the machine prints a paper ballot. You review said ballot and deposit the paper ballot in the ballot box.

What could be simpler and less prone to manipulation or error?

In that scenario, you don't have to know jack shit about the voting machine or its source code. It doesn't matter. The voter reviews the output, not the internals. If people start noticing that a certain machine or certain brand of machines prints incorrect ballots frequently, well then steps can be taken to figure out why.

But the end to end system can't be gamed.

There is no level of code review or "trusted computing platform" specification that will provide anywhere NEAR that level of trust and confidence in the system. Add to that the fact that you have an incontrovertible source of paper ballots for recounts, what more does anyone want? why do we put up with anything less?

Re:no its not (2)

FuzzyDaddy (584528) | more than 7 years ago | (#19656571)

I agree that having the source code offers no assurances as to the legitimacy of the vote. It's too easy to hide stuff.

However, if there are general "quality" problems (lost votes, machines crashing, etc.) it will be that much easier to place the blame after the fact. Imagine your voting machine crashes, and an independent commission can look at the source code and find the problem without your cooperation. If they find serious bugs or code quality problems, the vendor is going to be in a nightmare position, PR wise. This puts a much higher amount of pressure on the voting machine vendors to do things properly, or be exposed.

So I see the code escrow not as a quality assurance, but as a deterrent to the voting machine vendors producing a sloppy product. They'll do it anyway, I'm sure, but this way they'll be very unhappy if something is screwed up.

Re:no its not (1, Interesting)

Anonymous Coward | more than 7 years ago | (#19656775)

That is a warranty issue between the buyer (local or state government) and the seller. It is immaterial to the issue at hand.

The proposed code reviews are not for warranty issues, they are to ensure that the vote is not being manipulated. And that is a very, very tall order for a code review to provide (especially system wide, with removable cards and databases and hardware issues, etc.)

For example, I don't give a rat's ass what warranty agreement McDonalds has with its point-of-sale terminal provider. I also don't need to do a code review on the POS terminal. I review it's output. If I get the proper order in my hands for the expected amount of money, I am satisfied with the machine. Otherwise I would complain, and eventually McDonalds would have to figure out WTF is wrong with its POS.

Same thing should apply to me as a voter. If I get the expected paper ballot out of the machine, I'm done and turn the ballot in to be counted. Any other details (up time, failures, paper jams, etc.) are not my concern as a voter (they might be my concern as a taxpayer of course). And those problems are likely not going to be solved by some code jockey doing an audit of the underlying C code.

Re:no its not (-1, Flamebait)

Anonymous Coward | more than 7 years ago | (#19656735)

I hate to be a dick, but what are you, an idiot? The point of electronic voting is to gain the benefits of having it tracked ... electronically, not the magical joy of touching a computer screen rather than manipulating a physical ballot.

Re:no its not (3, Insightful)

timmarhy (659436) | more than 7 years ago | (#19656755)

why not just use paper then? hell of a lot simpler and cheaper.

how does that paper assure you the recorded vote is saved in the system is the same as what the paper says? it doesn't.

the only form of electronic voting i can see working is a system of electronic paper, which lets you press directly on the box you want and fills it. you deposit it in the secure box as normal and it's then counted by a machine, advantage being that it's digital so your counter won't run into false positive problems like with pencil, and it's still human verifible like paper.

Re:no its not (0)

Anonymous Coward | more than 7 years ago | (#19656929)

why not just use paper then?

you answered your own question: so your counter won't run into false positive problems like with pencil, and it's still human verifible like paper.

how does that paper assure you the recorded vote is saved in the system is the same as what the paper says? it doesn't.

because you turn in the PAPER to be counted, not some electronic bits and bytes on a compact flash card. The voting machine allows you to produce an error free, highly scannable ballot, free of hanging chads, improperly filled in ovals (undervotes), too many ovals filled in for same race (overvotes), etc. It produces a BETTER ballot than paper and pencil because it is more scannable and prevents illegal ballots from being generated (overvotes).

the only form of electronic voting i can see working is a system of electronic paper, which lets you press directly on the box you want and fills it. you deposit it in the secure box as normal and it's then counted by a machine, advantage being that it's digital so your counter won't run into false positive problems like with pencil, and it's still human verifible like paper.

which has the exact same effect, but instead of some high tech electronic paper being used for the ballot, a printer, ink, and common paper are used.

Re:no its not (1)

timmarhy (659436) | more than 7 years ago | (#19657069)

obviously you've never written any computer system for the general public. no one will check their ballot, and if it misprints a single ballot, all the ballots before it must be discarded because who knows how long it was misbehaving? that system is ripe for the picking.

atleast with electronic paper, you know for sure that each ballot was marked by the person casting the vote. oh, and you never once mentioned that you'd use the paper ticket for counting, so you've only got yourself to blame for people not interpreting it correctly.

Re:no its not (0)

Anonymous Coward | more than 7 years ago | (#19657181)

oh, and you never once mentioned that you'd use the paper ticket for counting, so you've only got yourself to blame for people not interpreting it correctly.

You review said ballot and deposit the paper ballot in the ballot box.

Here's your sign.

Re:no its not (4, Interesting)

KlomDark (6370) | more than 7 years ago | (#19656947)

There's a better system than that - your vote is stored in a database, but your vote is also printed out for you to review. You then put the paper in a box that is kept under lock and key. For quick results, the database count is the one that is looked at. However, any third party can request to count the paper votes and compare them to the database count. If they do not match, then there is a physical audit trail to show that someone was monkeying with the software. This way, we get fast results, and verification.

Trust, then verify, is the solution in this case.

Re:no its not (1)

Misch (158807) | more than 7 years ago | (#19657159)

Kinda how New Jersey is going to be doing things. [nj.com]

It won't be in place until 2008, but it will be there.

Re:no its not (1)

MissP (728641) | more than 7 years ago | (#19656759)

And what happens to the paper ballot? It gets fed into a scanner running software. That's the place to steal the election, when the votes are counted not when they are cast.

Re:no its not (0)

Anonymous Coward | more than 7 years ago | (#19657021)

"And what happens to the paper ballot? It gets fed into a scanner running software. That's the place to steal the election, when the votes are counted not when they are cast."

It gets counted and audited by humans. The advantage of having the computer registration of votes is that the (unofficial) results are know immediately, as well as being more accessible.

Ultimately, they should correlate with the hand-counted votes but, in the case they don't, the paper votes are authorative. No, it doesn't save you money. What price would you be willing to pay to give up your democracy, though? I'm sure the cost of doing elections the right way is worth it.

Re:no its not (1)

dangitman (862676) | more than 7 years ago | (#19656795)

Touchscreen, vote, hit done, the machine prints a paper ballot. You review said ballot and deposit the paper ballot in the ballot box.

So, why even use the computer in the first place, if you're going to be counting paper anyway? Wouldn't it be a lot cheaper and more reliable to use pencil and paper?

What could be simpler and less prone to manipulation or error?

Marking a ballot manually with a pencil?

I'm not sure why you think this won't be prone to error. I'd bet that at least 50% of people won't even look at the printout. It could say "I vote to be enslaved by Satan" and they'll just blindly place it in the ballot box. At least with a manual method, the voter actually has to make the marks in the first place, rather than relying on a machine.

As for simple, many people find even the simplest of computers confusing. Just the presence of a machine is enough to intimidate some people and make them think funny. So, in that respect, it's a lot simpler to use manual voting than to train people to overcome their technophobia. There's also a lot more maintenance and infrastructure involved in a computer-based solution. Even the most foolproof machines are going to require a complex technical support network when you think about the scale and importance of elections.

Why settle for less? (1, Insightful)

Anonymous Coward | more than 7 years ago | (#19656013)

> But platform code that is obtained from a third party vendor should be acceptable provided that it is widely used as a general purpose platform and there is a reliable demonstration that the code has not been modified.

I disagree. I remember the backdoor !seineewerasreenigneepacsten password that sat in the IIS codebase for... how many years was it again?

> I would rather see voting platforms built on microsoft trustworthy computing platforms without code review of the platform part of the system than built on a platform where I cannot be sure what code is running.

I would rather have both and I can see no good reason not to demand both! Besides, it's not like they can't use BSD if they really want to. You can write GUIs for things other than Windows, you know.

Re:no its not (1)

drinkypoo (153816) | more than 7 years ago | (#19656037)

But platform code that is obtained from a third party vendor should be acceptable provided that it is widely used as a general purpose platform and there is a reliable demonstration that the code has not been modified.

Widely used as a general purpose platform doesn't mean it's any good.

And "the code has not been modified" from what? There's no reason you couldn't have collusion between Microsoft [or any other vendor] and someone trying to hack the vote. The specific code to tamper with eVoting could be buried deep and you'd never find it.

Given that Ashcroft took the DOJ off Microsoft's ass, and given that Ashcroft is a known criminal, I think assuming that there is a relationship there is probably more reasonable than believing that there is not. Maybe that's just because I'm paranoid, but more likely it's because I know a little something about history. Anyone read the CIA crown jewels yet? Or the parts that aren't marked out, heh heh...

Re:no its not (0)

Anonymous Coward | more than 7 years ago | (#19656185)

> given that Ashcroft is a known criminal

Eh?

Besides, next to Gonzales, he's Elliott Fucking Ness and Mister Smith rolled into one.

Re:no its not (1)

Zeinfeld (263942) | more than 7 years ago | (#19656433)

Given that Ashcroft took the DOJ off Microsoft's ass, and given that Ashcroft is a known criminal, I think assuming that there is a relationship there is probably more reasonable than believing that there is not. Maybe that's just because I'm paranoid, but more likely it's because I know a little something about history. Anyone read the CIA crown jewels yet? Or the parts that aren't marked out, heh heh...

Since the family jewels were written in 1973 under the Ford administration it is not at all likely that they have any mention of electronic voting.

The key here is whether there is the opportunity for someone to introduce a backdoor into the code.

If the code base is small enough for someone to actually perform a review, that is fine. The problem here is that the systems are huge and performing a comprehensive review is not practical on a hundred thousand plus lines of code.

Since I don't believe that its possible to review the entire code base the next best approach is to prevent collusion between the person writing the voting software and the platform provider.

Re:no its not (1)

drinkypoo (153816) | more than 7 years ago | (#19656537)

Since the family jewels were written in 1973 under the Ford administration it is not at all likely that they have any mention of electronic voting.

Well, that's not what I meant. What I'm saying is that it's clear that our government (what? no, surely, not ours!?) is continually engaged in skullduggery and dirty tricks, and such are also par for the course for presidential candidates. And just how many of our recent presidents have been members of Balls and Shaft? er, sorry, Skull and Bones. There's a reason everything looks like a conspiracy. Everything is. Frequently they are not so dark or secret as is imagined, and the word 'conspiracy' has picked up a nutjob connotation which must be much-loved by conspirators everywhere.

The key here is whether there is the opportunity for someone to introduce a backdoor into the code.

With closed-source software, you have no idea, which is my point.

Since I don't believe that its possible to review the entire code base the next best approach is to prevent collusion between the person writing the voting software and the platform provider.

I'd like to know how you plan to do that.

Do you intend to lock one or both of them up in solitary confinement and feed them through a very small tube so no one can pass them a message?

It doesn't matter what the source of the code is, you must be able to do an audit. Personally I think that the software should just be fucking written in assembler and run on FreeDOS or something. That keeps the system simple and auditable, and frankly, there is no reason for the OS on a voting machine to have much complexity anyway. NONE. Meanwhile, there are several reasons for it to be as simple as possible.

Re:no its not (1)

dangitman (862676) | more than 7 years ago | (#19656847)

If the code base is small enough for someone to actually perform a review, that is fine. The problem here is that the systems are huge and performing a comprehensive review is not practical on a hundred thousand plus lines of code.

There's a warning sign right there. Why should these systems be "huge"? They only have to perform a very simple task. If you're using a complex system to do that, then that demonstrates that there's stuff in there that doesn't need to be, and could cause problems.

Ever heard of the "KISS" principle?

Re:no its not (1)

Sunshinerat (1114191) | more than 7 years ago | (#19656105)

If I create perfect voting code but use proprietary code (and therefore closed) for trivial things like multi-user data storage. Under these rules that would suffice. However, the Microsoft code that I use may not be up to the task of having thousands of concurrent connections.

What do we do then?

Maybe certify based on specific conditions like: number of voting stations connected, number of votes per hour.


MvE

Don't stop at the code. Schematics too (1)

EmbeddedJanitor (597831) | more than 7 years ago | (#19656125)

Since it is more than just theoretically possible to hijack a voting machine via hardware methods, all aspecs of the design should be held for review.

Re:no its not (2, Informative)

bl8n8r (649187) | more than 7 years ago | (#19656289)

> I would rather see voting platforms built on microsoft trustworthy computing platforms

Here you are [fisher-price.com] . Point the arrow at your candidate and pull the handle.

Wait a minute; I LIKE it. (1)

WindBourne (631190) | more than 7 years ago | (#19656609)

We may finally get a decent and honest candidate that way.

Re:no its not (2, Insightful)

91degrees (207121) | more than 7 years ago | (#19656535)

If it was necessary to use proprietry software then I'd agree. But Linux is an option. So is BSD. So are various other operating systems. Given that there's no major harm in eliminating the closed source ones, why make an exception?

Re:no its not (0)

Anonymous Coward | more than 7 years ago | (#19656861)

I agree that the voting code should be published.
Votes should be published! =D

A small victory ... (1)

WrongSizeGlass (838941) | more than 7 years ago | (#19655909)

... in a long battle for transparent eVoting, but I'll take it.

Sucks to be MSFT... (2, Insightful)

Penguinisto (415985) | more than 7 years ago | (#19655931)

...or any other proprietary vendor.

Sorry Steve, Bill - but some of us want to see what these things actually do when we use 'em to cast a vote.

Meanwhile, I'm damned sure that somebody in Diebold went all Ballmer on the furniture... though I can't wait to see their source code ; I'm sure it's gonna be worth some huge laughs @ your nearest code-monkey pit, punctuated with lots of sounds along the lines of: "WTF were these asshats THINKING!?".

/P

Re:Sucks to be MSFT... (3, Informative)

Kalriath (849904) | more than 7 years ago | (#19656379)

You sure as hell wont be seeing it. It'll be shown to a couple of high profile professional auditors who will give it the green or red light, and that's that. At NO point will the public see it.

Re:Sucks to be MSFT... (1)

Penguinisto (415985) | more than 7 years ago | (#19656573)

You sure as hell wont be seeing it. It'll be shown to a couple of high profile professional auditors who will give it the green or red light, and that's that. At NO point will the public see it.

Not even with a FIOA - like request? I'm sure New York has to have some sort of public records transparency law.

/P

Re:Sucks to be MSFT... (1)

Kalriath (849904) | more than 7 years ago | (#19656769)

Not even then. The code will not be visible to us regular people, period. You might be able to read the results of the audit, but that's it.

Re:Sucks to be MSFT... (1)

Alien Being (18488) | more than 7 years ago | (#19656937)

Yeah, Dick Cheney can probably hook them up with some old Anderson/Enron crooks.

Re:Sucks to be MSFT... (0)

Anonymous Coward | more than 7 years ago | (#19657161)

No, just sucks to be a Voting Machine vendor whose system uses Windows. Sorry, boys, looks like you can't sell your machines to New York.

Glad to see NYS grew a pair... (4, Insightful)

Coopjust (872796) | more than 7 years ago | (#19655961)

After that amendment passed, I was worried about NYS letting this fly. I'm glad to see that the legislators are attentive.

The real question is: What does Microsoft have to hide from election officials?
-Are they worrying that the source will be leaked?
-Due to the above fear, is MS afraid of getting crap from the DRM loving media cartels?
-Is there something in the code that MS doesn't want seen?
-Are they afraid this mentality hurts the "security through obscurity" idea?

Of course this is all speculation. I'm just so curious why Microsoft is so opposed to sharing their code with a state government.

Re:Glad to see NYS grew a pair... (1)

Coopjust (872796) | more than 7 years ago | (#19656029)

...and, of course, by "passed", I mean "proposed". That's what happens when you spend more time rambling then proofreading. X(

Re:Glad to see NYS grew a pair... (1)

The Warlock (701535) | more than 7 years ago | (#19656069)

Microsoft doesn't want to put the Windows source code in escrow because if they do, it will hit everyone's favorite Swedish website the very same day. They aren't stupid. They know that some near-minimum-wage state employee would jump at the chance to leak something like that, damn the concequences.

That said, sucks to be them. We need to see all the code that's in any computerized voting machine. If they can't afford to put their source code in escrow, sucks to be them. They can either write something from scratch for voting machines or just leave the whole field.

Re:Glad to see NYS grew a pair... (5, Insightful)

WrongSizeGlass (838941) | more than 7 years ago | (#19656073)

I'm no fan of MS in any way, shape or form, but I can completely understand their reluctance to hand over their source code. In this day and age there is a good chance that it would be leaked faster than you can say BitTorrent.

If the price of admission into the eVoting game is handing over their source code then they made a wise business decision. It's far too small of a market for MS to chance exposing Windows source (and all the security breaches that would soon follow). In the big picture of things, MS made the right decision. That aside, they still suck for trying to sneak that amendment in.

Re:Glad to see NYS grew a pair... (1)

MightyMartian (840721) | more than 7 years ago | (#19656113)

This has been my feeling all along. To be honest, I doubt Microsoft really gives a damn, precisely because it's such a small market. But the fact is that some guys out there have written voting software on their platform. I don't really blame Microsoft for this one. I blame the lazy turds who wrote the voting software. Now they're going to have to seek out a platform that they will be able to put in escrow.

Re:Glad to see NYS grew a pair... (1)

DragonWriter (970822) | more than 7 years ago | (#19656459)

To be honest, I doubt Microsoft really gives a damn, precisely because it's such a small market.


I bet they do, because the more access to source code becomes a recognized priority in the public sphere (and while e-Voting is the hot area right now in the US, policies with a much broader scope, and requiring more than disclosure, have been implemented elsewhere, so MS certainly sees the threat that this could be a wedge in the US) the less advantage Microsoft is going to have over open source alternatives, which in many areas are now its biggest competitors.

Re:Glad to see NYS grew a pair... (1)

MightyMartian (840721) | more than 7 years ago | (#19656489)

The worst case here for Microsoft is that New York State refuses to allow any voting machines that run Windows. New York State isn't going to force Microsoft to anty up the code to Windows, unless Microsoft decides that they do want to be part of an incredibly small and specialized market. Microsoft is making a declaration of principle here, and one I don't blame them for. The people who are going to be on the hotseat are those companies who are running their voting software on top of Windows.

Re:Glad to see NYS grew a pair... (3, Insightful)

drinkypoo (153816) | more than 7 years ago | (#19656639)

The worst case here for Microsoft is that New York State refuses to allow any voting machines that run Windows.

You are thinking way too small here.

The worst case for Microsoft is that this is the first step towards all government computers being forced to run freely auditable code. That means no Windows.

This is frankly the only responsible thing to do from a security standpoint, and barring illegal collusion we would probably be there already.

Re:Glad to see NYS grew a pair... (0, Flamebait)

The Warlock (701535) | more than 7 years ago | (#19656719)

Please. "Illegal collusion"? Have you ever actually worked for the New York State Government, in an IT role or otherwise? I had an internship for a while (in a department that will remain nameless, since I don't know if I'm supposed to be talking about this). It isn't collusion, so stop the conspiracy theory bullshit. It's pure laziness. The desktop stuff has been running on Windows since before Linux was a viable platform. They pretty much rely on Lotus Notes because it would be too much work to shift anything over to a better system, and there's a whole bunch of little windows-specific custom programs that nobody wants to re-code.

"Illegal collusion". Right. Pull your head out of your ass and stop assuming malice when incompetence combined with apathy is the obvious answer.

Re:Glad to see NYS grew a pair... (-1, Troll)

drinkypoo (153816) | more than 7 years ago | (#19656785)

I had an internship for a while (in a department that will remain nameless, since I don't know if I'm supposed to be talking about this).

You were an intern in a department you won't even talk about, and I'm supposed to believe you're some kind of intern? Tell me, did your job come with complementary kneepads? Because if you think that's compelling, you can blow me.

It isn't collusion, so stop the conspiracy theory bullshit. It's pure laziness.

Since you're so fucking omniscient, maybe you could tell me what the next set of winning Lotto numbers are. I would love to be able to retire.

Re:Glad to see NYS grew a pair... (1)

poopdeville (841677) | more than 7 years ago | (#19657123)

Well, the real worst case is the complete and utter destruction of the universe immediately after you read this post. But, like your prediction, it is an unlikely case.

Re:Glad to see NYS grew a pair... (1)

garcia (6573) | more than 7 years ago | (#19657093)

In this day and age there is a good chance that it would be leaked faster than you can say BitTorrent.

Too bad we're even having this discussion in the first place. The devices are not necessary as pen and paper work just fucking fine. Since the morons at the state and federal levels believe these pointless machines are good then they should have been all open and presented to the public (even via BitTorrent) for comment.

That wouldn't make for good drama though.

Re:Glad to see NYS grew a pair... (0, Flamebait)

ratboy666 (104074) | more than 7 years ago | (#19657193)

Complete bullshit.

If that was the concern, Microsoft wouldn't trust its OWN employees. The "web of trust" MUST be extended to electoral overseers.

And, if Microsoft doesn't want the software 'vetted, the election machines simply cannot be based on Microsoft software.

In order to maintain secrecy -- all copies of the source can be tagged (an example is to add a pattern of whitespace to the code). If a copy leaks, it can be traced back to the source. At that time, damage can be assessed.

So, whatever.

Re:Glad to see NYS grew a pair... (0)

Anonymous Coward | more than 7 years ago | (#19656645)

I don't thing there's any "big secret" or "really dodgy code" lurking in there.

I think they're fighting this for 3 reasons:
- as a corporate entity, i.e. at the upper levels, Microsoft has this conception that IP in general, and source code in particular, is their crown jewels and their sister's virginity, to be protected at all cost. Remember billg whiney "open letter to hobbyists", remember that Microsoft was built on the source they kept out of IBM's paws. This is quite visceral - which is why they did everything the MPAA and RIAA was asking for in Vista - but that's another topic.
- they don't want to open the floodgates by accepting that under certain circumstances they would release code. Otherwise militaries and security agencies, then governments, then corporations would ask for it.
- at the same time, they don't want to stay out of that market, not because it matters financially, but because they still have the ambition that all computers will one day run windows.

What I want to know.. (4, Insightful)

jcr (53032) | more than 7 years ago | (#19655997)

Is why the HELL anyone is trying to build a voting machine around an unsecureable platform in the first place? If these vendors want to sell systems that have specific requirements for auditability and securability, they can either comply with the requirements or fuck off.

-jcr

Re:What I want to know.. (3, Insightful)

WrongSizeGlass (838941) | more than 7 years ago | (#19656127)

Is why the HELL anyone is trying to build a voting machine around an unsecureable platform in the first place?
Because you can't rig an election if the voting machines are secure.

Re:What I want to know.. (1)

JoeCommodore (567479) | more than 7 years ago | (#19656135)

A) Its cheaper and faster (more profit)
B) Nobody has complained (much) before about it
C) They don't really posses the skillset to do it properly
D) Because someone ignorant of the above, probably paid them to.

Re:What I want to know.. (1)

jimicus (737525) | more than 7 years ago | (#19656179)

You have a point, but you're not thinking like a government.

AFAICT, government officials - at least the ones tasked with dreaming up projects like this - don't know the first thing about technology. All they see is a magic black box that can count votes a lot more quickly and easily than a bunch of people can, so "magic black box takes votes and counts them" is about the only thing on their list of requirements.

You or I or anyone in IT knows full well that the "magic black box" that people consider their computer to be could be doing literally anything inside. If the person who programmed it wanted a specific party to win - dead easy. But the government official probably never even considered the possibility that the "magic black box" they were commissioning might not return complete and correct numbers.

Re:What I want to know.. (1)

bhmit1 (2270) | more than 7 years ago | (#19656259)

Is why the HELL anyone is trying to build a voting machine around an unsecureable platform in the first place?
I suspect the answer is "that's business." Companies don't always get the best programmers, and programmers use what they know. The technical requirement to be secure was likely never considered, but rather user friendly enough for the retiree old manning the machine and profitable enough to make a business out of it.

What I want to know is why the states don't band together, form a group to write the application on a hardened OS (MS is good enough for some DoD requirements, but so are a lot of other OS's), and place it under and open/public license for their citizens to be able to review. We can significantly reduce the cost to our voting budget by only purchasing hardware instead of the hardware, software, a markup (businesses are in it for the profit), and training costs associated with multiple companies offering these products.

Re:What I want to know.. (0)

Anonymous Coward | more than 7 years ago | (#19656431)

What I want to know is why the states don't band together, form a group to write the application on a hardened OS (MS is good enough for some DoD requirements, but so are a lot of other OS's), and place it under and open/public license for their citizens to be able to review.
Because if they did that, the political opponents of whichever politicians made that decision would accuse them at the next election of having wasted taxpayers' money developing expensive software that they could just have bought from existing vendors. And guess who would be only too pleased to pay for those campaign ads?

OSS doesn't solve security issues (-1, Troll)

Anonymous Coward | more than 7 years ago | (#19656039)

In fact it will make it easier for someone to tamper with voting machines since they have the code in front of them to help look for exploits.

Re:OSS doesn't solve security issues (-1, Flamebait)

MightyMartian (840721) | more than 7 years ago | (#19656163)

I can see why you posted the above piece of stupidity as an Anomymous Coward. You wouldn't want your friends knowing what a worthless piece of cat dung you are, and how empty that pathetic head of yours truly is.

Listen, dumbass, if that were the case, then all open source code would be open to many times more exploits than proprietary closed-source code. The fact is, you stupid simpering piece of batshit, that hackers don't need to bother going through source to find exploits, and very rarely do. Even a closed source platform can be hacked, and what the hackers would really want is to gain access to one of the machines. At that point, they don't need source code.

But please, do demonstrate what happened when your ugly old momma dropped your head on a train track and let the Evening Special roll over it.

Re:OSS doesn't solve security issues (0)

Anonymous Coward | more than 7 years ago | (#19656363)

Yikes, dude! No more caffeine for you today ... and maybe cut back on the sugary snacks too.

Don't Trust Microsoft With Our Elections... (3, Insightful)

Eric Damron (553630) | more than 7 years ago | (#19656067)

It seems to me that what Microsoft is asking is that we "trust them" without having earned that trust. Without seeing the code how do I know that there isn't a backdoor?

Microsoft's security record has been dismal to put it politely. I certainly don't want to gamble my freedoms on a company that can't secure its own operating system and a company who has shown flagrant disregard for our laws.

As far I'm concerned Microsoft has shown that it will do almost anything to get what it wants. We don't need the fairness of our elections endangered by a company unwilling to provide transparency.

Re:Don't Trust Microsoft With Our Elections... (1)

MightyMartian (840721) | more than 7 years ago | (#19656201)

I think what Microsoft is saying is "We're not going to give your our source code." E-voting is such a small market that it's not worth their time. I'm no fan of Stinky Ballmer and Co., but on this one, I don't blame them. This wasn't a fight they picked. It was some dumbass software developers who, for whatever reason, didn't ponder the possibility that voting authorities might actually want to know what's going on beneath the hood, all the way down. It's those stupid bastards who you should be directing your venom at.

Re:Don't Trust Microsoft With Our Elections... (1)

Nasarius (593729) | more than 7 years ago | (#19656253)

Actually, I don't really see the problem. Microsoft already releases their source code, or at least large parts of it, to some educational institutions. Why would it be a problem to release it to a government agency, under similar terms?

Re:Don't Trust Microsoft With Our Elections... (1)

Kalriath (849904) | more than 7 years ago | (#19656409)

Actually, governments can get the ENTIRE source code. The NY state could probably ask the federal government to review such things as ntoskrnl.c and green light it for them, since they probably already have it.

Re:Don't Trust Microsoft With Our Elections... (1)

TENTH SHOW JAM (599239) | more than 7 years ago | (#19656507)

Question is, how long will it take to code the voting software using GTK librarys? If they did that, then multiple paths of already available and scrutinised software becomes available. The voting machine manufacturers don't deserve my sympathy on this one. MS can keep it's code secret. Whilst BSD, GNU/Linux, xorg and (my|postgres)SQL are available as stacks that will do the job, this problem comes down to bad design.

Re:Don't Trust Microsoft With Our Elections... (1)

MightyMartian (840721) | more than 7 years ago | (#19656557)

I agree completely. There are no lack of open source alternatives out there. I simply won't bash Microsoft for an issue which really isn't their fault. If I owned a propietary operating system and New York State demanded that I turn over the source code because some potential e-Machine suppliers are running their software on it, I'd probably do a quick mental calculation as to the risk of a few hundred or thousand Windows seats not being sold versus the risk of some civil servant leaking my code. Now maybe the latter isn't much of a possibility, but even at the assessment of a low risk, the potential profit loss is so miniscule that there's no reason at all for me to co-operate.

Re:Don't Trust Microsoft With Our Elections... (1)

secPM_MS (1081961) | more than 7 years ago | (#19656377)

Microsoft's software can be configured for high security applications -- otherwise it would not be found suitable for use in classified environments. Consumer - focused feature-rich configurations have a far larger attack surface than minimal hardened configurations. Rich products such as OSX, Linux, and Open Office have been doing no better and in many ways worse than Microsoft's newer products. This does not mean that any of them are suitable for a high assurance application -- none of them are high assurance products.

I assume the Microsoft product in question here is Embedded XP, which would be a reasonable foundation for such an application. When building Embedded XP, the builder should include only the needed components. This is standard for embedded system programming. The real question here is what is the electronic voting machine vendor doing? What is their code doing and what modules are included? What interfaces are exposed? How is the system composed and what are the relevant data flow diagrams and associated threat models?

We have trained the world to know and love GUI's. If you are trying to build a high assurance target, you would have a much easier time doing so with a text-based approach. Once you start going down that road, you soon realize that your assurance objectives are starting to get in the way of useability. Having something that is high assurance, but unuseable by a significant fraction of the population is unacceptable as well.

Using paper ballots which are then scanned is a more robust solution in that it allows examination of the original ballots and provides support for recounting.

Windows for Classified (1)

DragonHawk (21256) | more than 7 years ago | (#19656513)

Microsoft's software can be configured for high security applications -- otherwise it would not be found suitable for use in classified environments.

Every AIS (Automated Information System, the NSA TLA for "computer") I've ever seen running a Microsoft OS that was also processing classified information ran in "system high" or "dedicated" mode -- where you treat the whole system as classified, only let cleared people touch it, and lock the whole thing up. The security of the OS is practically inconsequential. MS-DOS can be, was, and likely still is used in this way.

I'm not saying you can't secure MS Windows (well, not in this post, anyway); I'm just saying "It's used for classified processing" isn't a good argument.

Re:Windows for Classified (1)

secPM_MS (1081961) | more than 7 years ago | (#19656699)

All single level OS's run in system high. Systems intended for use with sensitive data have to be appropriately configured. In the past, you started for this by running the hisec template with the security configuration editor to reset system ACL's and permissions. Microsoft publishes very lengthy security guides that allow security administrators to appropriately configure systems. One of the most important issues is to have users run as normal users without administrative privledges. There is a definite tradeoff between security and functionality. In the Vista security guide there is a chapter titled "Specialized Security - Limited Functionality".

I am writing this from a notebook that is running a beta of LongHorn Server. As a standard server, I do not have the client UI -- it looks rather like Win 2K (no glass, sidebar, or media support). My account is not a member of the admin group and IE is in locked down mode. It is quite secure. It is also faster.

There is a virtually universal tradeoff between functionality and security. With attacks moving from the OS to the user-space apps, we are seeing wide ranging compromises of sensitive user data without associated system compromise. The issue in this thread concerns the quality of the voting machine code itself.

Third parties do have access to the Microsoft source code. The evaluation laboratories that do the Common Criteria evaluations have essentially unlimited access to internal documentation and source code (under appropriate non-disclosure).

Open Source Voting Machine? (2, Insightful)

Anonymous Coward | more than 7 years ago | (#19656087)

Why isn't there an open source voting machine?

It should be constructed of off-the-shelf parts and it should run open source code!

Re:Open Source Voting Machine? (1)

ChatHuant (801522) | more than 7 years ago | (#19656585)

Why isn't there an open source voting machine?

It should be constructed of off-the-shelf parts and it should run open source code!


I'd be careful about what "off the shelf" means, given the requirements of the NY law. You can't really use modern processors - the BIOS, the firmware on the CPU and the firmware on all other components wouldn't be in escrow, would they? Anyway, if you want to be thorough the schematics of all versions of the voting machines, all the chip fabrication masks, the schematics of the industrial tools and processes in all the factories making and assembling the chips and the voting machines should be in escrow as well; an intruder could intervene at any of those steps and create backdoors usable for falsifying the vote. I don't really see how you can control all those factors, so the NY legislature seems fairly clueless (not that that surprises me).

Of course, we need to draw a line somewhere; do we trust Lenovo, or whoever gets to assemble the voting machines themselves? Do we trust the BIOS writer? Do we trust Intel? Do we trust the OS writer? Do we trust the voting software manufacturer? The network provider?

Pen and paper don't seem to have all those issues - why not use those?

Re:Open Source Voting Machine? (3, Informative)

MightyMartian (840721) | more than 7 years ago | (#19656721)

Pen and paper don't seem to have all those issues - why not use those?
It's an awfully good question, and one that I think Americans should have been asking themselves since the 2000 election.

Up here in Canada, federal elections are administered by a single Federal body; Elections Canada. That means the ballot you get in Toronto is identical in structure to the ballot you'll get on Baffin Island. There's a single standard for marking and counting ballots. The provinces have control of their own elections, obviously, but tend to follow standards very close to that set out by Elections Canada. Only at the lower levels can things be a little different. In my city, they have vote-counting machines and those ballots where you color in the selections you want. Still, even with that automated system (which has been in use in many jurisdictions in North America for decades) there is still the key paper trail, so that if the election is contested, you can go back to a good ol' fashioned recount.

The only argument I've seen against pen and paper ballots for the US is that, unlike some countries, a lot of different elections get tossed on top of congressional, presidential or state elections. Various local positions, voter initiatives, referrenda and the like get tossed into the brew, so that paper ballots could get to be quite volumnious, and possibly confusing, and I guess there is some advantage there to an electronic voting system which can make display of such complicated ballots much easier.

heh... microsoft = hacked voting (1)

nawcom (941663) | more than 7 years ago | (#19656189)

I'm not saying that because it's microsoft it always will have a backdoor or exploit... it's just if you take a look in history - major microsoft release = 20 holes found. i don't exactly have info on how the voting system would work, especially network wise, but i am curious to find out.

i would trust any software or firmware developer over microsoft any day, especially since it would be counting my vote.

Re:heh... microsoft = hacked voting (0)

Anonymous Coward | more than 7 years ago | (#19656737)

Why are you so worried?
We all know Kang will win anyway.

That's great and all... (2, Insightful)

r_jensen11 (598210) | more than 7 years ago | (#19656329)

Now don't mod me troll, but remind me again, what is so horrific about paper ballots? I know Florida had a huge fiasco in 2000 with them, but that had to do with punches, not filling in a bubble or anything....

Re:That's great and all... (1)

WrongSizeGlass (838941) | more than 7 years ago | (#19656527)

Now don't mod me troll, but remind me again, what is so horrific about paper ballots?
I'm sure there are many opinions on this but I believe a primary problem with paper ballots is: speed. We want the results now, now,
  • now
! We don't want to wait until tomorrow or the day after. I could blame the media or the internet or a few other things - but it comes down to all of us (well, not Linux users, their pretty cool, but the rest of us).

We live in an impatient society that doesn't want to wait. Not reading the articles on /. is a prime example (of which I too am guilty from time to time). Now that I read this post, I think I have a case of Linux envy.

Re:That's great and all... (1)

jabuzz (182671) | more than 7 years ago | (#19656723)

Rubbish, paper votes can be counted rapidly. Very rapidly if there is a will, just take a look a UK parliamentary elections as an example. They can get the result for a constituency in less than an hour after the polls close.

Basically vote counting has trivial to extract parallelism, and scales very well. The problem in Florida is having a stupid punched card system which is then tried to be counted by machines. A simple piece of paper with a cross, and counted by hand works much better.

Re:That's great and all... (0)

Anonymous Coward | more than 7 years ago | (#19656999)

Maybe in a tiny borough with very low voter turnout. Less that half the population bothered to vote on Blair's last "victory", other polls, and you're lucky to get a 25% turnout. US polls also have other local items to vote on, it's not just selecting a personality like you muppets do in the UK.

So spare us the limey snaggle-tooth BS please, it smells more that your halitosis.

Re:That's great and all... (1)

dnormant (806535) | more than 7 years ago | (#19656603)

The amount of time it takes to count the votes. I still prefer a paper ballot as the final count but it would be nice to get the counts quicker.

I don't want to rain on everyone's parade but..... (4, Interesting)

putch (469506) | more than 7 years ago | (#19656367)

the legislature didn't actually "reject" it. they just didnt pass it. and yes, they concluded their regularly scheduled legislative session last week. BUT, they're expected back for a "special" session in July, and the governor has implied that he will call them back several times.

students of the NYS legislature will also tell you that the "special" sessions tend to be when the sneakiest things go on in NYS because, in general, they garner less attention and most of the legislators just want to make it as quick as possible and get back to their families.

that being said, NY does have a very strong voting rights coalition with a number of very smart and talented people working very hard to make sure that this DOESNT go through.

one good thing did happen at the end of session. is that NYVV's (New Yorker's for Verified Voting) Bo Lipari (who's been leading the charge AGAINST microsoft's lobbyists) has been granted a seat at the table. the citizen's advisory board now has statutory authority. which means that when the board of elections makes decisions about this stuff he's got a seat at the table to help shape the outcome.

Not too far removed (2, Funny)

HumanSockPuppet (1120535) | more than 7 years ago | (#19656387)

Wouldn't be surprised if MS tried to consolidate voting procedures the same way they have tried to do with the entertainment market.

"New to the Xbox Live Marketplace, vote for your favorite U.S. Presidential Puppet in the new 'Red Vs. Blue' civic action feature."

Don't knw what version of Windows (1)

Utopia (149375) | more than 7 years ago | (#19656451)

these voting machines use. But if they are based of Windows CE 6.0 then the machine vendors have nothing to complain.
Windows CE 6.0 source code is available under a shared source code license.

If they are indeed using CE 6.0 then vendors not releasing code are just using Microsoft as a ruse to protect access to their own code.

Voting machines should be open (1)

Cracked Pottery (947450) | more than 7 years ago | (#19656469)

Open architecture, open source, public. There are ways to secure the verification of the vote, and more importantly, the counting of the vote. People are always going to try to cheat elections. An individual can steal a limited number of votes, but a dishonest supervisor of elections, or Secretary of State, can cheat in the tens of thousands. A consortium of universities should design and program the voting system in the open, with off the shelf parts. All of the elements are part of a very mature technology for which there is no justification for any proprietary claim. There is always pen and paper and a mix of human eyes. That is too damn simple, I guess.

Australian e-voting (3, Interesting)

MrKaos (858439) | more than 7 years ago | (#19657003)

Well this is good news, but I doubt M$ will give up quietly.

Australia has some e-voting software that is open sourced, http://www.elections.act.gov.au/Elecvote.html [act.gov.au] also has a link to the source code.

Why is M$ software even on voting machines........ (1)

Joe The Dragon (967727) | more than 7 years ago | (#19657057)

Why is M$ software even on voting machine in the first place?
Why is it on ATM systems as well at least there it is more
slot and video Casino games must have there source code turned over the NGC and if windows was being used as the os then that code may have be turned over well. Windows may not even pass the testing need for Casino games as it may crash in the middle of a game. I once had a slot slow down and crash on me and it still slowly finished the bonus round and printed out the ticket then it disabled it self.

This is funny... (2, Insightful)

Tuoqui (1091447) | more than 7 years ago | (#19657089)

Is it just me or are we all over analyzing what is effectively a glorified bean counter.

Sure we want it to be secure and transparent which means Open Source has the best option for this to occur. Anything that is closed source should *NOT* be trusted. This includes the platform/OS the system runs on.

And is it *REALLY* that hard to ask that there be a god damn paper trail? I think just about every single person on /. has agreed that a paper trail is necessary. Anyone including Diebold who refuses to make a machine with a paper trail is definitely up to no good and likely WANTS their machine to be insecure in order to allow for vote stuffing/miscounting/false results/etc... I mean its not like it hasnt been done before [blackboxvoting.org] .
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?