Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Open Source Electronic Voting Progress Limited

Posted by Soulskill on Sun Feb 03, 2008 03:15 PM
from the open-the-polls dept.
Software Government News
An anonymous reader points us to a story about how the problems with electronic voting mostly stem from one source: the lack of mandated standardization. The LinuxInsider article goes on to suggest that once the issue of a universal voting platform is solved, the way is paved for open-source software to address concerns over accuracy and transparency. Though the article states that "no open source program for voting machines yet exists," it should be noted that such software was successfully tested earlier this month. Quoting: "People debate the merits of e-voting for a variety of reasons, including suspicion of new technologies and a general distrust of politics, according to Jamie McKown, Wiggins professor of government and polity at the College of the Atlantic. 'Reports on e-voting security often de-contextualize the history of voter fraud in this country, as if boxes were somehow assumed to be better. You constantly hear calls for paper trails, and open and free inspection of voting machine source code. But it's a very thorny issue and one that has a lot of facets,' McKown told LinuxInsider."
+ -
story

Related Stories

[+] Politics: Open Source Voting Software Success 73 comments
elhaf writes "The Open Voting Consortium has announced that they successfully demonstrated the Open Voting Process in San Luis Obispo this weekend. OVC received a request from San Luis Obispo County on the previous Monday to provide software to run their January 12 straw poll. By Friday, they had the software prepared and Saturday's event goes down as a great success for Open Voting Consortium and the cause of transparent election administration. They used Ubuntu and their code is publicly available. Surprisingly, counting ballots is not rocket science."
Submission: Opensource e-voting not yet ready by Anonymous Coward
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Open Source Electronic Voting Progress Limited 50 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.
  • The standard is already being set by the people. Physical and electronic records verifiable by open process and contained in a completely sealed box with tamper detection.
    • The United States got by for over 200 years without electronic voting. We should not switch to electronic voting simply because there is no functional problem with older methods of counting and there are no compelling benefits to justify switching. If it ain't broke, don't fix it.
      • The United States got by for over 200 years without electronic voting.

        The US may be having diffiulty with Open Source voting, but other http://www.wired.com/techbiz/media/news/2003/11/61045 [slashdot.org]">parts of the world have been doing it successfully for the past 5 years.

        The benefits include the opportunity for privacy for disabled voters and illiterate people as well as reducing counting errors and costs.

      • Re: (Score:3, Interesting)

        by Teancum (67324)

        The United States got by for over 200 years without electronic voting. We should not switch to electronic voting simply because there is no functional problem with older methods of counting and there are no compelling benefits to justify switching. If it ain't broke, don't fix it.

        I don't know how you can legitimately say such a thing. There clearly are some very compelling problems that come from the current voting process that the electronic voting methods are trying to address. Or more to the point, con

        • Remember, Bush stole the 2000 election largely because of paper ballots.

          Punch cards != paper ballots.

          Op scan ballots are okay, but at a minimum there needs to be random, hand-counted audits conducted in public view, and some clear rules that state that any discrepancy should trigger a full re-count by hand. For example: if the totals for all candidates don't match the number of people who voted at a polling place, there should be a recount.

          Requiring some third party to pay for audits that ought to be

  • Uh how hard could it be?

    while(1) {
    if(lever==REPUBLICAN) republican++;
    if(lever==DEMOCRATIC) democratic++;
    cout << republican << " " << demodratic << endl;
    }

    • demodratic
      Wow, that's ironic. OK never mind on that point.

    • Re: (Score:2, Funny)

      by maxume (22995)
      Apparently too hard for you...

      Or is demodratic in there to help fix the election?

    • Re:No open source voting? (Score:5, Funny)

      by weak* (1137369) on Sunday February 03 2008, @03:42PM (#22284686)

      while(1) {
      if(lever==REPUBLICAN) republican = republican+2;
      if(lever==DEMOCRATIC) democratic++;
      assert(republican > democratic);
      cout << "Republicans: " << republican << " " << "Godless, pussy liberals: " << democratic << end;
      }

      There, fixed that for you... oops... I may be in violation of my Diebold employee nondisclosure agreement
      • I always thought it was something like:


        while(1) {
        if(lever==REPUBLICAN) republican++;
        if(lever==DEMOCRATIC) democratic++;
        total=republican+democratic;
        cout << "Republicans: " << (total*0.51) << " " << "Godless, pussy liberals: " << (total*0.49) << end;
        }

  • Wrong thinking (Score:5, Insightful)

    by vertinox (846076) on Sunday February 03 2008, @03:27PM (#22284586)
    FTA:

    People debate the merits of e-voting for a variety of reasons, including suspicion of new technologies and a general distrust of politics


    I don't think its as much as a suspicion of new technologies as much as the objections of those familiar with it. Even those who works with computers at a basic level understand that its far easier to drag and drop a thousand doc files into a trash can on the desktop than it is to shred a thousand physical copies.

    That is my biggest argument for paper ballots is not fear of new technology, but rather a safe guard of making it harder to destroy evidence of tampering. If you wanted to cheat and election, it is far easier to type an SQL command in a console than it is to dispose of or forge thousands of physical ballots without anyone noticing.

    In a perfect world, electronic voting would be the obvious choice, but given human nature and politics there should be as many safeguards as possible against possible corruption.

    • Re:Wrong thinking (Score:4, Insightful)

      by Anonymous Coward on Sunday February 03 2008, @03:44PM (#22284718)
      This biggest problem w/electronic voting isn't the potential for fraud (though that's terrifyingly high), it's the perception of fraud. Given the polarized political climate today, with millions of people suspicious that the 2000 and 2004 elections were stolen, imagine the reaction to a close election "decided" by a completely-unaditable electronic process. Even if the process is nominally "auditable", with most current machines the audit trail can be forged as easily as the original votes.

      Regardless of whether or not fraud occurred, huge numbers of people would believe that it possibly/probably did. The whole "he's not my president" meme would grow exponentially. I could easily forsee mass demonstrations (tens of millions of people), massive civil unrest, etc. And keep in mind that the potential for this outcome is completely independent of whether or not fraud actually occurred!

      Not only is there no way to prove fraud, there's no way to prove a lack of fraud. That's what scares me.
      • that's why 'electronic' voting has paper trails. if you make a print out, even if it's in a bar code format, you can still perform 'manual' recounts with a hand-held bar-code scanner. using perhaps a desktop computer with a database of the 'recently dead' and as the bar-code recognized the names of 'dead' people it rejects their votes. putting that kind of functionality in the 'election time' 'electronic voting machine' might be too hard, especially if it all has to be 'open' source or if the software has t
    • Just make sure that every count is done using an FPROM [le.ac.uk] (Fusible Link Programmable Read Only Memory) which means that you can never reverse the programming once it's done. UVPROM:s may also be used, but FLASH memories and EEPROM:s shouldn't.

      Of course - you may want to have some kind of traceability but it shall not infringe on the vote secrecy. There may be valid cases where you actually want a specific traceability, like when each machine is set up you will want to verify that it actually works, which mea

      • Uh, stop right there. There's no way to have traceability and anonymisation. The two goals are in conflict. Instead, what you have to be able to do is to make sure that errors are detectable. If you know there was one duff ballot in a batch of 2000 (but you don't know which of the 2000 it was or how it should have been filled), you can hold those 2000 out of the final count temporarily. If that error was enough to spoil the whole result, then you repeat the polling from scratch in just that one ward.
        • There's no way to have traceability and anonymisation

          That's not true. It just has to trace to a non-identifiable source. For instance, let's say you vote for Obama, when you vote you're issued a vote id, that ID is then hashed with some data you enter, sort of like a password and stored as the "real" voteid. That original (pre-hashed) code is then printed out on a voteid card to the voter. At any time after the election, they can go on the internet (even at a coffee shop or something if they want anonym
          • That won't quite do. Because that allows you to prove to someone else how you voted, and so get coerced, and are able to sell your vote, neither of which are acceptable properties of a voting system.

  • Nope (Score:4, Interesting)

    by zogger (617870) on Sunday February 03 2008, @03:44PM (#22284716) Homepage Journal
    Sorry, no computers need be involved at all, open source or closed source or some hybrid. You shouldn't need to be a programmer to verify the count as a volunteer at the end of the day. Any scheme that uses even "open source" software that is "justified" by saying "you can look at the code yourself" is still flawed as most people are not able to read code and understand it, and you still have no idea what happens during and after the election, you would have to stop and analyze the code every single step of the ballot trail. Skip a step = opportunity for compromise with a follow up coverup to hide the tracks. That's two big fat flaws in the idea, and either one is enough to rule out using computerized voting. And if you say "well, this scheme a,b,c uses a paper trail so it is mo bettah!!", so what's the point again then? Just *use the paper trail* as the primary way to vote for the election in the first place, skip the thousand buck computers and rube goldberg nonsense in the first place, including those stupid punch cards with "chads", they aren't needed either. If it takes "too long to count", here's an idea, a full 24 hour voting period, and it can even be a mandated federal holiday for that matter, so no one needs to miss work to go vote, no matter what shift they work or any other excuse.

    I love computers, like most folks here have owned them for years and owned quite a few of them, but for elections, I like a plain ballot box and normal paper ballots.

    "Open source" with elections is, I am sure, being pushed by well meaning folks, but if falls exactly under the "if your main tool use is a hammer, everything looks like a nail to you" syndrome. It just ain't needed, tons of other projects out there could use the dev help instead.
    • It might be that security concerns contraindicate computers, but that doesn't mean that they aren't the ideal. The whole point of computers is to automate repetitive tasks, and counting a hundred million multiple-guess choices is exactly the sort of repetitive task they were invented to relieve us of.

    • but for elections, I like a plain ballot box and normal paper ballots.

      You're obviously not the poor schmuck that has to count them. Seriously, have you considered how many pieces of paper are generated in an election? How many people have to touch the data to process that? And how the chance for abuse and corruption increases with each person that touches a physical ballot? Here in Washington State, the governor's race required a number of re-counts. They recounted twice, with the last time finding a number of previously misplaced ballots, swinging the count in favor of

      • Re: (Score:3, Insightful)

        by Teancum (67324)
        While I'm not this poor schmuck, my wife sometimes gets stuck with the onerous task of hand-counting votes for elections that aren't quite so complicated as a Presidential general election. Most of these tend to be a contest for a small-town mayor or some other similar contest where there is only one or two races on the ballot, or something like a school bond election.

        Keep in mind that most of the people who are voting judges tend to be senior citizens, who frankly suffer slightly from dementia and other a

    • Re: (Score:3, Informative)

      by vonPoonBurGer (680105)
      I completely, absolutely agree with you, mainly because paper ballots are what we use here in Canada. And just so you know, they don't have to take long to count. Here in Canada, if you want to run a candidate in a riding, you have to provide someone called a scrutineer to every polling station in that riding. The scrutineers are usually low-paid party staff, or completely unpaid volunteers. Each party/candidate has one scrutineer at each polling station, and once the polls close, they all count every b

  • How to do this right (Score:5, Interesting)

    by Animats (122034) on Sunday February 03 2008, @03:48PM (#22284756) Homepage

    It's really not that hard to do this right.

    • Voting machines should have to meet the Nevada Gaming Commission Standards for Gaming Devices [nv.gov]. Nevada has tough tamper-resistance standards (Immune to static shocks, 27KV sparks, 600V on the power input, and rapid turn on/off; must resist forced illegal entry, locked covers over circuit boards and program media), logging standards (counters that cannot be reset, non-erasable logs of program changes), and auditing standards ("Provide, as a minimum, a two-stage mechanism for validating all program components on demand via a communication port and protocol approved by the chairman.") There's no question those standards can be met; hundreds of thousands of slot machines are running right now in compliance with them. Those standards have been developed during decades of struggles against organized crime, employee theft, tax fraud, and attacks on slot machines, so they have serious real-world credibility.
    • Use a minimal, published operating system, like Minix. Linux is too big to audit and changes too much.
    • Use a paper trail within the machine, one that generates a printed copy of the voter's selections behind a window, along with a bar code representing the voter's choices. For recounts, run the paper log through a bar code scanner for a quick check, and if necessary, manually check votes against bar codes.
    • Install two printers, and switch between them randomly, so that the paper trail doesn't provide enough information to tell who voted for whom. Use a printer that doesn't need ink or ribbon and makes a permanent record, like the old "silver printers" used in adding machines. Don't use a thermal printer; the print isn't permanent.

    This really isn't that hard.

    • But the amusement machine industry is self-regulating anyway, because there is an adversarial relationship between punters and casino operators. If you are operating several amusement machines, you won't buy ones that pay out too much because you'll lose money on them; but you won't buy ones that pay out too little because the punters won't play them and you'll still lose money on them. All the regulations are pretty much for show.

      There isn't any such adversarial relationship between presiding officers

      • (But there is an exploitable adversarial relationship between the various candidates in an election: no candidate, nor any of their aides, trusts any of the other candidates or their aides. If the candidates themselves were hand-counting the ballot papers, they'd have no choice but to declare the true count.)

        That's exactly why hand-counting is superior to machine counting: By making the parties sit down together and cross-check their results, one can make fraud very difficult.

    • How about this:
      The voting machine interacts with the voter to determine their will, repeating back choices as needed.

      Once the vote is finalized it is counted within the machine. It is also printed in a human readable form
      that the voter should check. The voter then carries it to a ballot box/optical reader where it is counted again. Once inserted in that reader it is saved in a locked box and can be hand counted if need be.

      Of course both machines should conform to the highest standards for security. (like o

  • Maybe somethings aren't better... (Score:4, Insightful)

    by ducomputergeek (595742) on Sunday February 03 2008, @03:52PM (#22284780) Homepage
    Electronically...

    Maybe paper and pencil might be the best tools for the job?

    Anyone ever stop to consider that. I know it's blasphemous to say new technology isn't the solution to every problem at the High Citadel of Cowboy Neal, so burn me at the Karma steak...

  • Simplification (Score:3, Insightful)

    by QuickFox (311231) on Sunday February 03 2008, @03:52PM (#22284788)
    In the open-source solution that is linked in the summary, a touch-screen interface produces a printed paper with a barcode for scanning. I think the barcode is a mistake as it's an unnecessary abstraction.

    Instead let the voter choose between manual forms and machine forms which both look exactly the same. The only difference is that if you fill in the manual form you make marks with a marker pen, but if you use the touch-screen interface the form comes out of the printer with the spots already marked the way you selected on the touch screen.

    The scanner scans both types of forms in exactly the same way. In both cases it looks for the same human-readable ink-filled spots.
    • There are OCR fonts that do a very good job with displaying information in a human-readable format that are also very legible in terms of having them machine-readable at the same time. IMHO I would have to agree that a bar code is the very wrong sort of thing to be putting onto machine-prepared ballots.

      Of course I've been a strong advocate of machine-assisted ballot preparation and not for having the counting in the voting booth. The process of counting votes has a completely different domain challenge an

  • Electronic voting IS the problem (Score:4, Interesting)

    by ajs318 (655362) <{sd_resp2} {at} {earthshod.co.uk}> on Sunday February 03 2008, @03:52PM (#22284790)
    Electronic voting IS the problem.

    You can't trust what you don't understand, so any voting system needs to be Universally Comprehensible. An electronic system based on Open Source principles -- where the blueprints for the hardware and the listings of the software are available for all to examine -- is still really only comprehensible to a minority of the population. It doesn't satisfy the goal. (In the worst case, you could conceal a deliberate design defect by a combination of hardware and software techniques: anybody examining the hardware and not the software, or vice versa, will miss it.)

    Just forget the whole thing as a failed experiment, and go back to pencil and paper and manual counting. Everybody knows what all the possible failure modes are, and how to minimise their effects.
    • An electronic system ... is still really only comprehensible to a minority of the population

      Even if everyone *could* understand the software and hardware, who is to stop the system from swapping the "ok" binary for a compromised one at the instant of voting, only to be switched back, with absolutely no record? Or how about at the time of counting? If TrueCrypt can do all the things it can do, why can't voting machine software?

      A paper ballot count could show a discrepancy. But if the paper ballots are not vo
    • aka, Little Old Lady Theory. A democracy rests on the kind of people who care more about how the vote is counted than about who wins and loses.. in other works, little old ladies. Ask yourself, are the little old ladies asking for all this technology or it is someone else? Someone with less than honorable motives?

      • Re: (Score:3, Insightful)

        by arevos (659374)
        Actually, there is such thing as an secure electronic voting system. You can use cryptography to ensure that a voting process is at least as resistant to tampering as one done on paper, if not more so. There's some very interesting papers on it.
  • the decentralized nature of american elections, where, in some cases, countirs are free to chose the method of posting and counting votes are the greatest barrier for standardization.

    here in brasil, where elections has always been centralized by the federal judicial branch, creating a standard method of voting is much easier.

    here we used to have a starndard canvas sack and standard paper balots, now we have a single, federaly mandated model of electronic voting machines.

    both proccesses were|are hardened aga

    • Centralizing important things is a bad idea.

      Having the federal government do it wrong for everyone is much worse than having some local communities doing it wrong for themselves.

      • Telling everyone to do it right in the same way, however, is useful. That's what's called a standard.

        Why not just create human-readable ballots and count those by hand? The counting doesn't have to be centralized (local candidate-based counting with cross-check is efficient and tamper-resistant), but a standardized procedure and a standardized ballot layout (where applicable) would reduce opportunities to mess with the voting procedure in order to skew the result (cf. butterfly ballots). It's not hard to

        • A good standard is possible - and once a specific good standard is finalized I can see myself being for that standard. But we both know what happened the last time the federal government tried to standardize something about voting: Mandatory DREs. Given that, I'm going to have to stand by my position of being strongly against any non-specific standard.

    • Having witnessed Brazilian elections first hand, this doesn't inspire too much confidence in me. I admire a great many things about Brazil (your banking system is decades ahead of America... seriously!) but corruption and election fraud, at least for São Paulo (where I witnessed some national elections first hand) has voting fraud that would make a Chicago politician turn white. It is much improved over problems Brazil has had in the past, but it isn't perfect by any means.

      One thing to keep in mind i
  • Consider giving a couple bucks to this group [openvotingconsortium.org]. Alan Dechert has been doing good work in CA and elsewhere.

    • Not only have they been making some progress, but Karl Auerbach — yes, that Karl Auerbach [slashdot.org] — is on the board.

      Suffice it to say, I don't think ICANN has donated money to their cause... ;-)

  • open source isn't the solution (Score:4, Insightful)

    by dannannan (470647) on Sunday February 03 2008, @04:16PM (#22284960)
    Even if the machines are based on open source software, how do you know what has actually been deployed on the machine you use to cast your vote? Someone has to set up those machines. Any public code review or testing, no matter how thorough, is completely nullified if that isn't the software that ends up on the machine on election day.

    Why do geeky people (myself included) like to wipe a new machine before they use it? Why do corporate IT departments have policies about wiping new hardware, or machines that have been infected with a virus? Simply because when you are using a general purpose computer, it is complex enough that no human can have any confidence in what it is doing unless they had control over the entire installation process.

    D
    • I agree.

      I even E-Mailed this consortium with my question.

      Just because you coded honest code, how does that mean YOUR honest code is what the binary has in production?

      The code is only as honest as the person who compiled it.
    • and decide to randomly audit the system you can perform a pretty thorough audit. You can also audit the code itself and make sure the voting system doesn't contain any unforeseen errors and check for back doors.

      You're absolutely right that OSS isn't a magic bullet, but it certainly carries plenty of clear advantages over anything else.

      Transparency in the election process isn't something we should have to beg for. It's a right.

      • "but [OSS] certainly carries plenty of clear advantages over anything else."

        You're right. Actually there's more to it than just allowing the general public to review the code. The important part of OSS is that it allows someone other than the manufacturer to own the software build and setup process. OSS would be worthless if it simply meant that people could see the source code, yet the manufacturer's machines still ship with everything pre-installed and ready to use. The real value comes into play when the

  • So how do I, as a voter, know that the machine I am voting on is running binaries based on the source code that it purports to be using?

    Whether the source code is open source or not doesn't change this.

    • Is this a trap?

      Let's just say it can be, without naming names, political parties, etc. As long as it can be rigged in some way, a better solution must be searched for.

    • Does anyone here believe the voting process is rigged one way or another?

      In the 2004 election, there were peculiar discrepancies between the exit polls and the reported results which correlated with the use of electronic voting machines: Who won? [slashdot.org].

      Statistical indications like this are all you're likely to get in this game, and now you won't even get that much -- they changed the way exit poll data is handled because the 2004 situation was too embarrassing.

    • Re:The powers that be don't want the E- Vote to wo (Score:4, Insightful)

      by Sique (173459) on Sunday February 03 2008, @04:34PM (#22285078) Homepage

      The truth is those that benefits from the current systems do not want electronic voting to work.
      You caught me here. I profiteer from paper ballot voting. And I am convinced that for an elementary reason electronic voting will never work.

      The whole idea behind electronic voting is to speed up the counting process to have the results early. And that's exactly the reason why I don't want any electronic voting. With paper ballots I (that's me personally. Not a rhetoric "I", but just me, the person registered as "Sique" on Slashdot) can make sure that at least in my voting district there is no tampering with the votes. I can watch the whole process, registering of the voters, printing the ballots, distributing the ballots, sealing of the voting boxes, checking the identity of the single voter, handing the ballots to the voters, putting of the ballots in the box, breaking the seal, counting and charting the results, then resealing the boxes and sending them to the central election office, and recounting them for the final results.

      I don't need any special abilities. I don't need to understand code, I don't need to understand hardware, I don't need to know about chip card formats or sending protocols. But I can verify that my vote gets counted exactly as I cast it. Every speed up of the process means I lose the ability to watch what happens to my personal vote, or I have to give up the anonymity of my vote.

      Where I come from this ability to be able to watch an election was the reason we caught the election board of a complete country rigging the election, and we had enough proof to put them in prison. I don't see how we would ever managed it without being able to watch the whole voting process.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2010 Geeknet, Inc.