Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Software Australia Government Politics

Australian Electoral Commission Refuses To Release Vote Counting Source Code 112

Posted by Soulskill
from the you-can-trust-us dept.
angry tapir writes: The Australian Electoral Commission has been fighting a freedom of information request to reveal the source code of the software it uses to calculate votes in elections for Australia's upper house of parliament. Not only has the AEC refused an FOI request (PDF) for the source code, but it has also refused an order from the Senate directing that the source code be produced. Apparently releasing the code could "leave the voting system open to hacking or manipulation."
This discussion has been archived. No new comments can be posted.

Australian Electoral Commission Refuses To Release Vote Counting Source Code

Comments Filter:
  • Security (Score:5, Funny)

    by Anonymous Coward on Tuesday July 15, 2014 @11:01PM (#47463811)

    ... through obscurity. What could possibly go wrong?

    • some pays the coders $$ so that they will win

    • Re:Security (Score:4, Insightful)

      by Anubis IV (1279820) on Wednesday July 16, 2014 @12:50AM (#47464205)

      It's not just a matter of what could go wrong. It's a matter of what has already gone wrong. They've traded the possibility that a vulnerability will be used to compromise the system for the certainty that the system will be compromised from the get-go. The whole point of securing a system such as this one is to ensure the credibility of the results, but security (regardless of the variety) can't add credibility to something that never had it to begin with.

    • by X10 (186866)

      This gets scored "Funny". I think it's sad, very sad, that there's still people who think that keeping their source code a secret makes their software more secure.

    • by INT_QRK (1043164)
      The confusing part of the conversation, I think, is the straw man idea of "releasing" the source code in order for it to be determined secure. What does "release" in that context even mean? If security is in question (which I assume to mean the constituent attributes of Confidentiality, Integrity and Availability), which security should always be for such a system, then one could use a trusted broker to examine and report on inspection and test of the architecture and code without "releasing" the code so th
  • Hmmm, (Score:5, Insightful)

    by Lost Penguin (636359) on Tuesday July 15, 2014 @11:04PM (#47463829) Homepage
    Apparently releasing the code could "leave the voting system open to hacking or manipulation."

    Makes me wonder who has access now and does not want competition?
    • I firmly believe that all electronic voting machines should have full source code released and receipts that should be printed and signed by the voter and placed in a box next to the machine in case of recounts or verification questions.
      • Re: (Score:2, Informative)

        by Anonymous Coward

        Australian senate elections don't use electronic voting machines to record elector's votes.

        The AEC use this software to allocate preferences derived from the 'group voting ticket' ballots on pieces of paper (http://en.wikipedia.org/wiki/Group_voting_ticket)

      • by TWX (665546)
        I believe that all 'electronic' voting needs to use a human-readable, human-filled-out paper form that is optically scanned.

        Where I live, ballots are large pieces of cardstock with the various questions printed on them, and the voter marks a line between two pre-printed lines (one with an arrowhead pointing at the answer it corresponds with) to indicate preference. The ballots go through the scanning machine and are then deposited into a box like a traditional hand-counted system. If elections are espe
      • by gl4ss (559668)

        the receipts would need to be anonymous and hence not signed.

        unless of course you really want to change how the anonymous, non-sellable non-bullyable voting works in most free countries.

        but is this a voting machine or a program used to tally up all the votes from the districts? which could be done with an excel sheet or manual quite easily.

      • by Anonymous Coward

        These aren't electronic voting machines. This is a single computer in the AEC office which is given a table of preferences, a human operator then hand-enters the first-preference totals for each candidate in each seat involved in the election, and the program then uses the second-, third-, etc.-preferences to determine the overall winner. The process is then repeated with a second human operator and any differences are reconciled manually.

        That said, the AEC's "trade secret" excuse is bullshit. It's a standa

      • I firmly believe that all electronic voting machines should have full source code released and receipts that should be printed and signed by the voter and placed in a box next to the machine in case of recounts or verification questions.

        The system in the article is about counting the pieces of paper we manually write our votes on, because we use a preference voting system (instant run off), if your #1 candidate gets eliminated, your vote gets reassigned to your #2 candidate. In the Senate, there's also a seat-quota system, where preferences simultaneously flow "down" as well as "up", so it's difficult to give the quick result that everyone wants on election night.

        The AEC trialled actual electronic voting in one Australian territory, ACT, b

    • They don't understand how it works, therefore they're afraid of it.
      Don't assume malice when you're simply facing incompetence.

      • They don't understand how it works, therefore they're afraid of it.

        That also applies to 90% of the comments in this post. (Or indeed, 90% of comments on Slashdot, full stop.)

        That's also probably a better justification for opening source code and design documentation than the usual "obscurity != security" nerd rage. There's less to fear when the lights are on.

  • of-course (Score:5, Insightful)

    by roman_mir (125474) on Tuesday July 15, 2014 @11:08PM (#47463849) Homepage Journal

    it's not those who cast the votes, it's those who tally them up that count.

    • Re: (Score:3, Funny)

      by Anonymous Coward

      In other words, it's those who count that count.

  • by sd4f (1891894) on Tuesday July 15, 2014 @11:21PM (#47463879)

    It's software to tally it up. There's always a paper backup. As an Australian, this worries me.

    While our senate voting system is a little odd, adding up the votes isn't simple and can't be done on election night, so it's no surprise to see software being used to calculate it, but with that said, all it has to do is do a number of rounds as candidates reach their quota, and when no one has a quota in that it eliminates the last candidate and moves the preferences accordingly. Our last election, there was even an instance of ~2000 ballot papers going missing, and then supposedly resurfacing much later. The High Court decided on another election for the state involved, which in my opinion is the only fair outcome possible.

    If they're worried about hacking it, it's a complete farce; there's no reason why the computer doing the sums even has to be connected to the internet, seeing as I think all the ballots are counted by people (they're farcically large ballots often described as table cloths), they just plod in a few numbers as the data comes in. Someone must be worried that competent, impartial people will have a look and find something which has been giving out porky pies.

    • by sd4f (1891894) on Tuesday July 15, 2014 @11:31PM (#47463917)

      Should have finished reading the article, this bit at the end is probably the truth;

      "In addition, I am advised that the AEC classifies the relevant software as commercial-in-confidence as it also underpins the industrial and fee-for-service election counting systems,"

      What's probably happening is that some "IT" company whose only client is the government/AEC probably makes a fairly decent earn out of licensing out the software and supporting it during elections. There's a fair bit of corruption like this in Australia, and I am starting to think that someones taxpayer subsidised livelihood is at stake here. Reality is this should always have been open source software and probably available on the AEC website for anyone to download and try out with the full set of figures that are counted.

      • http://www.aph.gov.au/About_Parliament/Senate/Powers_practice_n_procedures/odgers/chap18 [aph.gov.au]

        Orders for production of documents are among the most significant procedures available to the Senate to deal with matters of public interest giving rise to questions of ministerial accountability. It is open to the Senate to treat a refusal to table documents as a contempt of the Senate. In cases of government refusal without due cause, however, the Senate has preferred political remedies. In extreme cases the Senate, to punish the government for not producing a document, could resort to more drastic measures than censure of the government, such as refusing to consider government legislation. (See also Chapter 19, Relations with the Executive Government, under Remedies against executive refusal of information.)

        Lets hope that they continue to pressure the government for this information. The rest of the voting process is open, why not the counting software? Or at least easy access to the raw data, so members of the public can analyse it themselves.

      • by Mjec (666932) <`ten.cejm' `ta' `todhsals'> on Wednesday July 16, 2014 @01:00AM (#47464249) Homepage Journal

        What's probably happening is that some "IT" company whose only client is the government/AEC probably makes a fairly decent earn out of licensing out the software and supporting it during elections.

        We know actually that the software is developed in-house. The AEC does earn some money from licensing the software to other electoral commissions and from using it in union ballots etc.

        However, I argue [mjec.net] [pdf] that the code used for counting the Senate could be released, because no other election operates that way. What's more I don't think the AEC's competitive edge in the world of elections comes from their great software.

        • by MojoMagic (669271)
          You are correct. The AEC develops most(all?) of its software in-house. I have helped develop software for them in the past.
        • by sd4f (1891894)
          Fair enough, the cynic in me got the better of me.
    • by lordlod (458156)

      If they're worried about hacking it, it's a complete farce; there's no reason why the computer doing the sums even has to be connected to the internet, seeing as I think all the ballots are counted by people (they're farcically large ballots often described as table cloths), they just plod in a few numbers as the data comes in. Someone must be worried that competent, impartial people will have a look and find something which has been giving out porky pies.

      They said "hacking or manipulation", they mean that there are potentially bugs which could be triggered by malicious input. The computer doing the tally is not connected to the internet. This is a bit alarmist and they have only tried playing the card recently, the AEC seems to be getting desperate.

      The real reason is the other one that they offered, "underpins the industrial and fee-for-service election counting systems". The AEC makes a fair bit of money running elections private organisations and other

  • by GrpA (691294) on Tuesday July 15, 2014 @11:28PM (#47463907)

    This is ridiculous. The Australian government has already sent the software to Russia for peer review, and they determined that it worked perfectly during the Crimean referendum.

    I see no reason why the code should be further made public.It could only lead to compromise.

    GrpA

    • by Trepidity (597)

      Surely they wouldn't use the services of a country as untrustworthy as Russia! I have confidence that they'll send it to a legitimate democracy for review, like their close ally [smh.com.au] Sri Lanka.

  • by thieh (3654731)
    Sounds like someone is already manipulating the count because they don't want you to see how it is done. Seriously, come on, you can use these in an airgapped settings (USB sticks back and forth?) so hacking should never have been an issue if your system is otherwise clean.
  • by Anonymous Coward on Tuesday July 15, 2014 @11:39PM (#47463945)

    If your software isn't secure when your source is open, it isn't secure when it's closed. Either it's secure or it's not, but if part of maintaining that security is keeping the source under wraps, your not thinking about security properly. You wont find encryption software claiming that by keeping it souce closed it is increasing it's resilience. If your code can't stand up to scrutiny, then you probably shouldn't be using it,

    • by mpe (36238)
      If your software isn't secure when your source is open, it isn't secure when it's closed. Either it's secure or it's not, but if part of maintaining that security is keeping the source under wraps, your not thinking about security properly.

      There's plenty of people who don't understand this.

      You wont find encryption software claiming that by keeping it souce closed it is increasing it's resilience. If your code can't stand up to scrutiny, then you probably shouldn't be using it,

      Plenty of people prefectl
  • by edibobb (113989) on Tuesday July 15, 2014 @11:41PM (#47463957) Homepage
    It's in the interest of national security and the war on child pornography to keep the vote tabulation methodology secret.
    • They probably match your anonymous votes up with plenty of identifying data the machines collect without your knowledge (like photos, fingerprints, dna). That's why they don't want anyone to know.
  • Then vote to have it released

  • by penguinoid (724646) <spambait001@yahoo.com> on Wednesday July 16, 2014 @12:00AM (#47464005) Homepage Journal

    Apparently releasing the code could "leave the voting system open to hacking or manipulation."

    Maybe they just shouldn't have used code that they know or expect to have vulnerabilities. Open it up to the public; there are plenty of people who will look at it and help fix it.

  • "The AEC rejected the FOI application, citing section 45 of the FOI Act, which exempts "documents that disclose trade secrets"."

    You don't expect that trade secrets should be made public, do you? Look the code is not open source and is valuable intellectual property... so I hope I don't get my ass sued off for revealing it here:

    int voteCount = votes.Count();

  • by Anonymous Coward

    Aussie here, posting anon because I work for the Gov.

    Honestly there's nothing too surprising about this. Australia is very pro-proprietary it would seem in terms of software and formats. We love using Microsoft products everywhere and Linux is never seen on a desktop, and barely outside of a server room (not including phones of course - we're not too bad in Android use). For the most part, there's no real push for openness or freedom of code as there is particularly in many European countries. I wish it wer

  • Apparently releasing the code could "leave the voting system open to hacking or manipulation by the wrong people."

  • Corruption (Score:5, Insightful)

    by countach (534280) on Wednesday July 16, 2014 @12:53AM (#47464221)

    So what the AEC is saying is that the election is safeguarded by what is called "security by obscurity". Or in other words, rather than having the software open so that security researchers can point out its flaws, you leave the flaws in place and hope that nobody knows what they are.

    People who rely on this method, are known in security circles as "blathering idiots", "damned fools", "corrupt officials hiding something", and various things like that.

    It's the moral equivalent of giving all the paper ballots to one single pointy headed official, asking him to count them, and then believing whatever number he decides to cough up. That's what you expect in Cuba, and other dictatorships.

    • From 10 Sep 2013, you really want paper ballots in the open been counted by hand with lots of staff, election observers around.
      http://www.abc.net.au/news/201... [abc.net.au]
      The complex Single Transferable Vote math has been used around the world for many, many years now in different forms. This rush to keep computer code is interesting.
    • Cuba is freer than USA and other corporate dictatorships.
    • Given the choice between "security through obscurity" and "security through thorough code review", I'd much prefer the latter. See also: Heartbleed.

    • by thegarbz (1787294)

      You may not understand the system properly. Everything is still hand-counted and fed into the computer. Unfortunately the preferential voting system is complicated enough that for the senate vote you actually need a computer to figure out who won. The software is not software that is open up to mass public access like for instance a voting machine. It's in house software, developed in house and used in house by the AEC.

      If you can't trust a member of the AEC not to tamper with the software then you can't tru

  • Whenever the topic of whether or not the source code to voting machines should be inspected, I always point here: http://gaming.nv.gov/index.asp... [nv.gov] and ask: 1) What do you think would happen to your slot machine if you told those guys you weren't going to show them your source code? and 2) Why not let these guys look at the voting machines, too. Seems like a transferable skill.

  • releasing the code could "leave the voting system open to hacking or manipulation."

    In other words, any current or previous programmer in the development team could manipulate the vote results if one wanted to.

    Any reasonable man would conclude that should be enough reason to stop using it.

  • Security by obscurity - just one more way to hide what you are doing... Truth be told, how can the citizenry accept a committee refusing senate ordes and FOIA requests ? Is it not time to stand up and demand fully transparent government, is it not time perhaps to put an end to more than 4 years in office. Is it not time to implement perhaps something like a meritocratic process for the elected to ensure our western governments are not run by nincompoops only looking out for themselves and in politics for
  • We have it no better here. 60 minutes did an expose` showing how with just a little bit of physical access to a voting machine (which majority party representatives have since they are 'responsible for checking the machines before elections) you can make any result you want come out of our electronic voting machines regardless of what the input was in the voting booth. There have only been 2 times in recorded history that the actual outcomes in a voting district severely varied from the actual results on

  • If the source code cannot be revealed to keep it safe from vote hacking keeping it secret limits the vote hackers to the government.
  • Executive Summary [openrightsgroup.org]

    "There is insufficient evidence available to allow independent observers to state reliably whether the results declared in the May 2008 elections for the Mayor of London and the London Assembly are an accurate representation of voters’ intentions. Given these findings, the Open Rights Group (ORG) remains opposed to the introduction of e-counting in the United Kingdom, unless adopting ORG’s recommendations for increasing the transparency around e-counting can be proved cost e
  • Releasing the source code for software does not make it vulnerable to hackers. If that was the case, nobody would use GnuPG.
  • I'm surprised there is any software to release given the mainly manual nature of our voting system. I'd be more concerned that the transposition from Paper ballots to Paper Tallies to a Computer might be inaccurate. More likely than the software organising the results would be flawed in my opinion.

Dead? No excuse for laying off work.

Working...