Seeking The Source For Ireland's E-Voting System 291
WeeBull writes "Michael Cunningham from p45.net tried to request 'the source code of the electronic voting system first used in Ireland's May 2002 general election, plus any supporting technical documentation supplied to the Department of Environment and Local Government including the functional specifications' under Ireland's Freedom of Information legislation. The result wasn't what he expected ..."
Now that's creepy. (Score:5, Insightful)
Doesn't that mean that IF there was any fraud during the elections, that it is now impossible to prove whether or not it had to do with the software? Since the government doesn't have the actual code, any code they get from the authors in the future cannot be proven to be the code used in the election...
What a mess.
Re:Now that's creepy. (Score:5, Insightful)
Re:Wow.. this is unusual (Score:1, Insightful)
Re:Wow.. this is unusual (Score:4, Insightful)
It needs to be auditable. It needs to be verifyable. To the full extent.
Look at the mess in Florida in the last US presidential elections. The system there worked as everything was on paper, so they just needed to go through all the ballot notes and re-count and re-evaluate them. After the extensive re-counts and press and public auditing of the result, it was found to be correct.
How can you do that audit if you don't know the system? And the only way to know a computer based system is to have all the information about it available, including source code.
Even more problems... (Score:4, Insightful)
I'd have to quit my job immediately (probabally not tell my employer that I'm quitting either, just not show up to work), grab my family, max my credit cards/home equity loans, donate my household furnishings to charity (like Salvation Army), and move to a non-extraditable country in a real hurry.
Really. I can't even imagine the legal BS you'd have to go under if something like this came up after an election was contested by powerful interests. If something like this had happened in Florida during the last U.S. Presidential election, people would have gone to jail, even if they had been completely honest and just "doing their job".
The best possible outcome in something like this is that the developer would be made the sacrificial lamb in the following witch hunt, given a felony criminal record, and serving a year or two in jail.
Well, the best outcome would be that the government would admit that it screwed up, and the company that made the elecion equipment would back the software developer throughout the whole legal mess that would still mean a couple of years of being a legal assistant rather than a software developer.
Maybe I'm just being paranoid, but I think with some of the past employers that I've had I would have been dumped immediately and the blame fixed straight on me. I've had to deal with lawyers as it is because of contract disputs, and I can't even imagine what it would be like in a public firestorm where this would really be an issue.
Re:software used in belgians elections (Score:2, Insightful)
Check the code for yourself [wiki.ael.be]
Re:Expectations (Score:5, Insightful)
Given that there is a problem with such a system, how about shipping all of the votes off to a secret black box designed and built by a company in the Netherlands, which phones up a central computer and tells us who won the election?
There's a reason that votes are counted in public, and it's not just the entertainment value.
Re:Expectations (Score:4, Insightful)
There's a reason that votes are counted in public, and it's not just the entertainment value.
Sssh, you'll give them an idea for the next "reality TV" program.
Re:Wow.. this is unusual (Score:3, Insightful)
If the voting machine prints out a piece of paper that says unambiguously in black and white (in text, and maybe a cryptographically signed barcode) exactly whose vote it represents, then you can't have that kind of situation unless the voting machine is tampered with or broken (and since the voter can look at the piece of paper it prints before they put it in the ballot box, they can verify that it's (at last in plain text) giving the vote that they want.
Not enough. (Score:3, Insightful)
Why would we want the source code in the first place? It's probably not motivated by a GPL-like desire to build on it; rather, it's an attempt to verify the validity, honesty, or security of the code involved.
But at the point where one is concerned about a grand conspiracy to rig national elections and control the government, viewing the source is not nearly enough.
Imagine that we vote electronically in ominous black boxes once per year, and the boxes tell us who our leaders are. You request the source code to these voting machines, and the government gives you some source code. As far as you can tell, it's valid. But what guarantee do you have that that code is actually running the black boxes?
As I see it, there are three main possible points of failure. The manufacturers of the boxes could distribute the machines with false election code pre-installed, the government could substitute such malware to remain in office, or a technician specializing in the repair of the machines could covertly substitute the code. The three are not equiprobable, but in any of the three cases, requesting the source code does not address the problem. Even if you mandated that the boxes themselves display their own code, quinelike, on a screen before you vote, you still have no guarantee that the code displayed is the code in operation.
How is this any worse than a system of punch-cards or a mechanical voting box? Because these other mechanisms are hard-wired and validated locally before the election commences. Re-wiring them on a massive scale is not feasible. The same is not true of a more versatile solution like electronic voting; such could be rigged to behave correctly in all pre-election tests and revert to its more insidious behavior on election day during polling hours.
If you're worried about a conspiracy, requesting the source code is not nearly enough. You'd need a system designed specifically to thwart tampering, even by its creators. And even so, you can only solve for one or maybe two of the possible points of failure. Allowing electronic black box voting assumes a certain amount of trust in the system. I don't know how much trust is necessary, but if one is worried enough to request source code, one shouldn't accept the voting method to begin with.
Re:Expectations (Score:3, Insightful)
Because many people, ignoring the evidence on their desktops, make the argument "it's a computer therefore it can't fail"
Many people (technical readers excluded) would be shocked at the idea of trusting one company to count votes, yet would see no problem with allowing a computer programmed by that company to count votes. They've been brought-up to believe that software is something you buy in boxes, and have no understanding that it's possible to get trustworthy (i.e. auditable, open-source) software.
What I would like to see (Score:4, Insightful)
Missing the Point (Score:3, Insightful)
Re:uselections2004.c (Score:3, Insightful)