Seeking The Source For Ireland's E-Voting System 291
WeeBull writes "Michael Cunningham from p45.net tried to request 'the source code of the electronic voting system first used in Ireland's May 2002 general election, plus any supporting technical documentation supplied to the Department of Environment and Local Government including the functional specifications' under Ireland's Freedom of Information legislation. The result wasn't what he expected ..."
Voting Machines in America (Score:4, Interesting)
http://www.americanfreepress.net/11_10_02/Secre
http://www.talion.com/election-machines.html
http://pub103.ezboard.com/fsoldiervoicefrm4.sho
Paper and Pencil (Score:5, Interesting)
imagineable. Paper and pencil. Votes are counted by hand, with peer
review, faxed in and published in detail in the newspapers.
So far we didn't have any real problems with fraud, ambiguous votes or
anything like that. And the results are usually in by the evening or the next
day.We have like 70 million inhabitants and I don't see a reason why this
shouldn't scale up.
So is there any real reason to replace that with a system that is not
transparent and where you have to blindly trust some tech companies?
Why is this such a surprise? (Score:5, Interesting)
And I wonder what software they use in the Dail to record the proceedings?
This is why we need free software. It's not just for fun after all.
Re:Wow.. this is unusual (Score:3, Interesting)
Whether or not the result was 'correct' is still open to debate in many parts. But that aside I recall the recount as being a lot more involved than just a simple recounting of ballots. Have we all forgotten how we laughed at the description of pregnant and hanging chads (cracked me up anyway) and the counters trying to guess voter intention from dimples in the ballot papers. Very scientific and auditable system indeed.
Minutes of Selection Committee choosing e-voting (Score:5, Interesting)
Interesting quote: "The integrity of the electoral process will be assured for both the electorate and candidates"
Not all of the electorate it would seem.
Further on in the document
[emphasis mine]
"(2) No equipment may be approved for the purposes of subsection (1) unless a full technical description of the said equipment (including all source code and information regarding independent testing and verification relating thereto) has been laid before both Houses of the Oireachtas and a resolution approving a draft of the order approving the said equipment has been passed by each such House.".
Intesting hey?
Thats just one of the committee's opinion - and it looks like they got slapped down - but if I was Irish, I'd be finding out who this Mr Gilmore was & voting for him.
Re:Minutes of Selection Committee choosing e-votin (Score:4, Interesting)
Hopefully (I am too cynical to say "presumably") the source will be made available on the pruchase of the full system. While this is less than ideal, it's a start. Incidentally, the relevant quote about making the source public is given in one of the posts above.
My gripe with this system is the choice of underlying system that is being used. I shit you not, it is a custom Windows embedded, and the database is a modified Access one. That thought does not fill me with confidence
software used in belgians elections (Score:5, Interesting)
http://www.verkiezingen.fgov.be/Nouveau/NieuwNl/D
(clik on one of the three software systems and then on 'Hier')
Re:Paper and Pencil (Score:2, Interesting)
A 5-years old child must fully understand a vote system.
Not a surprise (Score:1, Interesting)
Ireland had rejected the Treaty initially, and its government was astonished that the people didn't buy the party line. They assured the EU that they would have ANOTHER referendum (which may have been technically against the law) and keep at it until the populace did as they were told, and ratified the Treaty. (Also see Maastricht and the Danes in 1992)
Electronic Voting (while at the same time, eliminating "exit polls" which might have shown a different picture) allowed the Irish Government to obtain large "YES" votes in heavily populated areas that typically vote the party line, though not usually in numbers large enough to outnumber the rural population.
(See Divorce Referendum [adnet.ie] results for one of the few occasions that happened, and other places)
Since this is coming from an AC, you're either going "CONSPIRACY NUT!" or looking at the evidence with an open mind. Let's see how it's modded...
No need for commercial confidentiality (Score:4, Interesting)
Bit in this special cas, that doesn't apply. If every suppier of voting software has to provide the source of their system, any supplier who thinks he has lost a contract to a ripoff of his own system can obtain the source code and check it. Piracy would be trivially easy to expose, and a powerful ally (the Government) under pressure to clean up the electoral system.
So the usual excuse of Commercial Confidentiallity does not apply, and and any seller hiding behind it should be excluded from the tender.
Re:last week's voting in .BE: source was available (Score:2, Interesting)
But 9 peaples can not verify a lot... and when they make advice to modify the existing system, they are not followed. Here is an analyse of the rapport of year 2000 [wiki.ael.be]
My mother is not an expert... who should she trust to control the election?
Normal citizen lost control of the election process... it this a democracy?
Wisconsin Election Board decertified Touchscreens (Score:4, Interesting)
In January, 2002 the State Elections Board approved two closed source touch screen voting systems, the ES&S Votronic DRE and the GBS Accu-Touch EBS 100 DRE.
This spring I raised the system integrity issues with the Board, and persuaded them to revoke the certifications. [state.wi.us]
Where's the proof? (Score:3, Interesting)
Re:No need for commercial confidentiality (Score:3, Interesting)
It's no good proving the program is good and secure and accurate if some device driver or communication module might be able to alter the vote.
Far-fetched and paranoid? Yes. Could it happen? Absolutely.
will someone educate me? (Score:3, Interesting)
Are we talking about the interface software included in this count? Because last time I thought about it, it doesn't take 200,000 lines of code to place a ticket in one of several bins...
And in this country... (Score:3, Interesting)
Now recounts and audits are being barred so as not to violate the "privacy and trade secrets" of the the company whose software is used to count the votes. Check out some of the excellent commentary on this issue by "Thom Hartmann" [thomhartmann.com] at:
"If You Want To Win An Election, Just Control The Voting Machines" [commondreams.org]
"Now Your Vote Is The Property Of A Private Corporation" [commondreams.org]
An excerpt: (credit to Thomm Hartmann)
"Chuck Hagel was re-elected to his second term in the United States Senate on November 5, 2002 with 83% of the vote. That represents the biggest political victory in the history of Nebraska. What Hagel's website fails to disclose is that about 80 percent of those votes were counted by computer-controlled voting machines put in place by the company affiliated with Hagel. Built by that company. Programmed by that company.
"When Charlie Matulka (the opponent) requested a hand count of the vote in the election he lost to Hagel, his request was denied because Nebraska has a just-passed law that prohibits government-employee election workers from looking at the ballots, even in a recount. The only machines permitted to count votes in Nebraska, he said, are those made and programmed by the corporation formerly run by Hagel.
Scary?
-Scott
Australian system source code (Score:4, Interesting)
It's quite simple. Intentionally, as the ACT states in their design goals (http://www.elections.act.gov.au/EVACS.html). The source includes the client and server application components--160 files and 12739 lines of very straigtforward C. (Of course, that doesn't include the OS/libs.)
I've browsed through a fair bit of the code, and everything I've seen is GPL. Ensuring accessibility to software used for public elections is, I think, a Very Good Thing. (I wouldn't mind seeing a law that required all election software be GPL'd.)
Re:Missing the Point (Score:1, Interesting)
Of course, if the government wants to stay in power, it could use physical force to intimidate voters, or compromise the ballot boxes physically, or heck, just fail to have elections at all. That's not the point. If the government does those things, everyone knows the election is bogus. A voting system doesn't make it impossible for the government to mess with the system. It -does- make it possible for people to know whether the election is bogus or not. And that's what's so scary about the black box voting; no one can tell whether the election is bogus or not. How can you tell?
The more I think about it, the more amazed I am that there's any tamper-proof system at all, since tamper-proof electronic systems aren't possible. Pen plus paper plus locked ballot box plus public counting works. It's the only system that does.
(I guess, though, you can use a computer in place of the pen in the above system. But at that point the computer is just a glorified ballot printer. And I don't know that it's really all that much easier to use than "Make X here.")
Trustable Code (Score:3, Interesting)
I think that we in the Free/Liberated software world (and to a lesser extent the Open Source world) should come up with a way of running cryptographically signed code on our preferred operating systems. I know that most of you equate signed code with Digital Rights Management (DRM) but that is only one use and not necessarily a bad one. There are many other times when making sure the code that you are running is the code that you want to be running and not some Trojanized version.
From a DRM perspective, would it be such a bad thing to have code that is signed run on a Linux machine? For the people that want to pirate movies and music this is obviously NOT a good thing; but for the rest of us it could be. The reason that we cannot watch a DVD legally on our Linux boxes is because the DVD-CCA won't allow anyone to write a player and distribute the source code. If there was a way to verify that a program was running in an unaltered state then I see no reason that the DVD-CCA would not allow us to produce a Free Software player for Linux. They could be assured that the player would only play the movie and not make an un-encrypted copy of it because the program would refuse to run if it had been modified.
Another use for such a system would be online games. Cheats have almost destroyed some of the online gaming communities by giving programmers and script kiddies an overwhelmingly unfair advantage over those that play fair.
Getting back to the topic at hand, if it were possible to run cryptograpphically signed code on Linux then it would be possible to construct an electronic voting system where ALL of the code is available. This would eliminate the possibility of an obscure bug in either Micro$aft's operating system or database server either tainting the results, or worse, being exploited to influence the results of the election. I believe what we need is an electronic voting system where:
- The source code can be audited.
- The voter is given a piece of paper confirming his/her vote.
- The paper trail is cryptographically signed so we can tell if the paper was altered.
- The paper could be fed back into a machine that could recover the votes cast thereby ensuring the voter that his/her voate was recorded correctly.
This would also have the advantage of saving the taxpayers a lot of money. Not only could we run the program on commodity hardware but we could port the program to all of the languages of the world that are used in either a Democracy or a Republic. This would enable voting to take place in many third world countries that cannot afford to produce a program for electronic voting. Further the system could be used by the illiterate as they could be presented with pictures of the candidate and simply touch their favorite.I don't know if this is even possible from a technical perspective. If I can go into the kernel code (or the device driver code) then I could probably find some way around the protections. But I still think the goal of being able to run cryptographically signed code, that is released under the GPL w/ source, would be beneficial to all of the members of the Free/Liberated software community.
Keep paper but use technology (Score:4, Interesting)
The Irish Lotto (nation Lottery) is an example of such a paper/electronic hybrid system in operation.
The current system is analogous to having our votes shipped abroad, counted using an unknown system, by persons unknown with no outside review allowed. Having all the votes shredded and then a final answer announced with no possibility for recount.
Its amazing, when it comes to technology people in general are so clueless. Even very fundamental changes in the workings of our democracy can be changed with very little resistence.
Impossible to vote RON electronically? (Score:3, Interesting)
This isn't directly related to the post, but I'm wondering whether electronic voting stops people from deliberately spoiling their ballot.
In the UK, we still use a paper voting system in general elections, and I (and a number of friends) have deliberately spoilt our ballot papers in past elections, to indicate a RON vote (Re-Open Nominations -- basically, we believe that all of the candidates listed are total wankers, and want other people to stand instead.)
It would be a damn shame if the ability to vote RON is lost, since there will be no other way for people to register their disgust with the slime presenting itself for election.
Who was it who said that the best person for King/President/Emperor was the one who didn't want the job?