Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Software Your Rights Online

Seeking The Source For Ireland's E-Voting System 291

Posted by timothy
from the secret-sauce dept.
WeeBull writes "Michael Cunningham from p45.net tried to request 'the source code of the electronic voting system first used in Ireland's May 2002 general election, plus any supporting technical documentation supplied to the Department of Environment and Local Government including the functional specifications' under Ireland's Freedom of Information legislation. The result wasn't what he expected ..."
This discussion has been archived. No new comments can be posted.

Seeking The Source For Ireland's E-Voting System

Comments Filter:
  • by isorox (205688) on Sunday May 25, 2003 @05:02AM (#6034346) Homepage Journal
    The result wasn't what he expected

    You mean he got everything he asked for, overnight, with no questions asked?
    • Re:Expectations (Score:5, Informative)

      by moonbender (547943) <moonbender@NOsPaM.gmail.com> on Sunday May 25, 2003 @06:03AM (#6034429)
      I know you were kidding, but for the sake of the people who haven't read the article (yet) - I know I was annoyed the Slashdot article ends without actually saying what this is about.
      What he expected was that a) the government would hand over the source code or b) the government would find some excuse (e.g. security through obscurity) to not reveal the source. Well, it turns out the government doesn't have the source code: "The source code is held by the Nedap/Powervote [sic] and is not available in the Department of the Environment and Local Government."
      • Re:Expectations (Score:5, Insightful)

        by blibbleblobble (526872) on Sunday May 25, 2003 @07:10AM (#6034537)
        Why not, for the sake of simplicity, just take all the ballot-papers, ship them off to a company in the Netherlands, and they can phone us and tell us who won the election? Does anyone else see a problem with this method of vote-counting?

        Given that there is a problem with such a system, how about shipping all of the votes off to a secret black box designed and built by a company in the Netherlands, which phones up a central computer and tells us who won the election?

        There's a reason that votes are counted in public, and it's not just the entertainment value.
        • Re:Expectations (Score:4, Insightful)

          by isorox (205688) on Sunday May 25, 2003 @08:28AM (#6034633) Homepage Journal

          There's a reason that votes are counted in public, and it's not just the entertainment value.


          Sssh, you'll give them an idea for the next "reality TV" program.
        • Re:Expectations (Score:4, Informative)

          by JeebusJones (608099) on Sunday May 25, 2003 @10:40AM (#6035086)
          With regards the voting in public...There are specific provisions in Irish law that means that any interested party is allowed and to be fully facilitated in the inspection of the entire voting process, to which there interest pertains. For the proposes of this law this means A candidate or his election agents, and he may only inspect the process in the constituency that he is interested in.

          Just before the last general election, I mentioned this to a party worker of the then Attorney General (he is now minister for justice), and was brushed aside. I also mentioned this to a friend of mine who is a labour party activist and normally acts as an election agent for some prominent TD's. He was more interested but when he queried HQ he was brushed aside.

          So the solution is this, run as a TD or councillor (or president), and then demand the source code before counting proceeds. If you don't get it bring them to the high court. I know of a few barristers who are very unhappy with e-voting, for constitutional reasons, who could help you out.

          By the way, currently many smaller parties run candidates in areas the know they will lose in simply to inspect the voting process. This is so they can gain data as to what areas are voting for what party, What the spoiled votes are saying etc.

          JJ
          • You'd think the voters are also interested parties in the election procerss, not just the political parties.

            I worked as a vote counter in Sweden a few timees, and I believe anyone has the right to go look at the process and control count the votes there. And, perhaps as a result, nobody ever does...
      • Well, it turns out the government doesn't have the source code

        When I read that, I was stunned at the sheer stupidity of that. They're laying themselves open to all sorts of charges for breach of process.

        One good thing (since I'm an Australian citizen) I didn't know before, however is that the electoral commission in ACT has provided the source to their voting system. Quite unusually enlightened for Australia. Here in Western Australia, e-voting hasn't been implemented, so I never thought to look...

      • by SHEENmaster (581283) <travis@@@utk...edu> on Sunday May 25, 2003 @08:18AM (#6034616) Homepage Journal
        the United States of America just switched to an electronic voting system.

        In an unrelated matter, Bill Gates is now President despite not even being present on the ballot or this being an election year. George Bush was called a "sore loser" by the media; why can't he just accept that the recount clearly shows Gates ahead by 8 million votes?
    • Nono..

      "And what? that's it? It wasn't expected and here's a million dollars...or It wasn't expected and here's your own space ship? I mean what the f"

      /strongbad [homestarrunner.com]

  • Now that's creepy. (Score:5, Insightful)

    by JanusFury (452699) <kevin.gadd@gmail ... inus threevowels> on Sunday May 25, 2003 @05:04AM (#6034350) Homepage Journal
    They don't even have the source code to software they used to run their elections?

    Doesn't that mean that IF there was any fraud during the elections, that it is now impossible to prove whether or not it had to do with the software? Since the government doesn't have the actual code, any code they get from the authors in the future cannot be proven to be the code used in the election...

    What a mess.
    • by afidel (530433) on Sunday May 25, 2003 @05:14AM (#6034363)
      While it can't be proven all one would need to do is ask for the compile options, compile it with the same compiler and then compare the compiled version to the one they have from the election (assuming that they do have a copy, which they possibly do not considering that it appears they merely use the machines from this election software firm.) I believe that like encryption election code is one area where full public disclosure is absolutly necessary to assure that they system is operating as expected. The fact that the election commision in Ireland handed the auditing over to a private company is sure lunacy.
      • by Teancum (67324) <.robert_horning. .at. .netzero.net.> on Sunday May 25, 2003 @05:44AM (#6034408) Homepage Journal
        I can tell you that if I were told that I had to provide source code for a product to compare against a compiled version for legal reasons (such as this case, where election results can be compared) in an after-the-fact case where binaries were produced by a compiler compared to the original...

        I'd have to quit my job immediately (probabally not tell my employer that I'm quitting either, just not show up to work), grab my family, max my credit cards/home equity loans, donate my household furnishings to charity (like Salvation Army), and move to a non-extraditable country in a real hurry.

        Really. I can't even imagine the legal BS you'd have to go under if something like this came up after an election was contested by powerful interests. If something like this had happened in Florida during the last U.S. Presidential election, people would have gone to jail, even if they had been completely honest and just "doing their job".

        The best possible outcome in something like this is that the developer would be made the sacrificial lamb in the following witch hunt, given a felony criminal record, and serving a year or two in jail.

        Well, the best outcome would be that the government would admit that it screwed up, and the company that made the elecion equipment would back the software developer throughout the whole legal mess that would still mean a couple of years of being a legal assistant rather than a software developer.

        Maybe I'm just being paranoid, but I think with some of the past employers that I've had I would have been dumped immediately and the blame fixed straight on me. I've had to deal with lawyers as it is because of contract disputs, and I can't even imagine what it would be like in a public firestorm where this would really be an issue.
        • If something like this had happened in Florida during the last U.S. Presidential election, people would have gone to jail, even if they had been completely honest and just "doing their job".

          See Greg Palast's site http://gregpalast.com/ It's in his book and you can download the relevant chapter CHAPTER 1. JIM CROW IN CYBERSPACE: The Unreported Story of How They Fixed the Vote in Florida at http://www.gregpalast.com/bestdemocracymoneycanbu y chapter1.pdf

          His conclusions? The polititions are lining up to do

        • I can tell you that if I were told that I had to provide source code for a product to compare against a compiled version for legal reasons in an after-the-fact case where binaries were produced by a compiler compared to the original... I'd have to quit my job immediately, grab my family, max my credit cards/home equity loans, donate my household furnishings to charity, and move to a non-extraditable country in a real hurry.

          I don't get the problem. This can be pretty easily accomplished with any number of
      • What good is the source code going to do?

        It could be different to the code used in the actual election.

    • With any luck this will spur the government into trying to obtain the source code. Of course, we all know the truth: The government that bought the software will never again lose an election!
      • by Timesprout (579035) on Sunday May 25, 2003 @05:28AM (#6034390)
        Apparently there were several audits performed and I believe the source was available under NDA to the govt. Next time they will be entitled to distribute the source if they so desire.

        this was the govt's response to a series of questions in the Dail

        Security and integrity have been paramount in the design, testing and implementation of the electronic voting and counting system. Original tender submissions were assessed and the successful solution selected on the basis of, inter alia, functionality and product quality including hardware and software security and application of the count rules as in the case of a paper ballot. Detailed functional specifications, likewise, made extensive reference to security aspects of the system. The testing programme has been thorough and involved independent examination of the voting machine and voting machine software by a number of recognised international test institutes and private companies. The voting machine hardware and software has been tested by PTB, the National Institute for Science and Technology in Germany. Separate reports have been prepared by two test institutes in the Netherlands: TNO subjected the voting machine to a range of environmental tests and KEMA Quality BV tested the machine for compliance with international safety standards. An Irish company, PMI Software Ltd. carried out an architectural and code review of the system software. My Department also engaged the Electoral Reform Society in the UK, which has extensive experience of STV election counts, to test the software against its database of over 300 elections. The count software was, in addition, tested for functionality and accuracy both by my Department and a number of Dáil returning officers. Finally, in relation to vote counting, the system can produce, after the votes are mixed, vote tables to enable progress of the count to be monitored and also to trace a vote at any stage of the count. If necessary, following a High Court order in an election petition case, the system can also produce a ballot paper, with preferences, to allow a manual count to be carried out. At the general election and referendum pilots in 2002, the software was used under license from the supplier and at present, the source code is not available to the public. The software is currently being modified for use at the European and local elections in June 2004 and when this work has been completed and tested, I will give careful consideration to the making of the source code available. The Zerflow report, which was the subject of recent media reporting, was commissioned by my Department as an addition to the principal reports to which I have referred. The company was requested to carry out a security assessment of the procedures to be applied in the use of voting machines in polling stations to ensure that procedures proposed by the Department were adequate. The issues raised by the Zerflow report, which dealt mainly with possible threats to the external physical features of the voting machine, were assessed by my Department and by Nedap/Powervote - the machine manufacturers. The assessment by both was that the main scenario identified was implausible and that the likelihood of its occurrence without detection was extremely remote. I should emphasise that the version of the voting machine used in this country has more security features than the versions used in the Netherlands and Germany where the issues raised by Zerflow have not been identified in any risk assessments. In addition, the integrity of the Irish voting process is protected on polling day by a set of protocols operated by polling staff and the Gardai under the supervision of the returning officer. My Department will continue to keep these arrangements under review and will update advice provided to returning officers, as necessary, including advice in relation to the presence of audio, video or
    • by dglaude (673571) on Sunday May 25, 2003 @06:37AM (#6034477) Homepage
      In Belgium some citizen had to fight in court to get the source code of the election program beeing published.

      In 1991 nobody except private company had the code.
      In 1999 official expert asked for the state to own the code and suggest publishing it.
      In 2000 they published partial code and documentation with most important security part removed.
      In May 2003 they published full code (but no doc) of new system (AES added).

      Feel free to download analyse and report problem to us [wiki.ael.be]

      We have no way to check if that code was really in use. Because they use the same floppy disk to boot the system and to save the result, we have no way to make sure what was on the floppy at the begining of the election day. This is explained here [wiki.ael.be] but only in french.

      But having the code is not enough... actually Richard Stallman had something to say [wiki.ael.be] about Free Software not being enough.

      Now if you are Belgian and unhappy about the status of our election system, you can join or contact PourEVA [poureva.be].

      I personally believe that if we want to reduce the repetitive task of counting the ballot, we could use optical scanning (and make test manual recount). But we should never put a computer between our vote and the expression of our vote. Paper and Pen rules.

  • by westyvw (653833) on Sunday May 25, 2003 @05:08AM (#6034358)
    Americans have too been scammed by voting machines owned by corporations. Go figure.

    http://www.americanfreepress.net/11_10_02/Secret _G roup_Manipulates/secret_group_manipulates.html

    http://www.talion.com/election-machines.html

    http://pub103.ezboard.com/fsoldiervoicefrm4.show Me ssage?topicID=7.topic
  • by SeanTobin (138474) * <<byrdhuntr> <at> <hotmail.com>> on Sunday May 25, 2003 @05:14AM (#6034364)
    You mean a company or government actually bought a piece of software without the source code!

    What kind of world are we living in?
    • by TheToon (210229) on Sunday May 25, 2003 @05:32AM (#6034395) Journal
      The voting system is the backbone of a democratic system. This is the number one indicator that a nation has taken the step forward and joined the democratic fold.

      It needs to be auditable. It needs to be verifyable. To the full extent.

      Look at the mess in Florida in the last US presidential elections. The system there worked as everything was on paper, so they just needed to go through all the ballot notes and re-count and re-evaluate them. After the extensive re-counts and press and public auditing of the result, it was found to be correct.

      How can you do that audit if you don't know the system? And the only way to know a computer based system is to have all the information about it available, including source code.

      • Look at the mess in Florida in the last US presidential elections. The system there worked as everything was on paper, so they just needed to go through all the ballot notes and re-count and re-evaluate them. After the extensive re-counts and press and public auditing of the result, it was found to be correct.

        Whether or not the result was 'correct' is still open to debate in many parts. But that aside I recall the recount as being a lot more involved than just a simple recounting of ballots. Have we al
        • by cduffy (652)
          That's not to say all paper trails are broken, just that we need a better one.

          If the voting machine prints out a piece of paper that says unambiguously in black and white (in text, and maybe a cryptographically signed barcode) exactly whose vote it represents, then you can't have that kind of situation unless the voting machine is tampered with or broken (and since the voter can look at the piece of paper it prints before they put it in the ballot box, they can verify that it's (at last in plain text) givi
      • Are you sure about Florida?

        My impression (partially garnered from Michael Moore's 'stupid white men', a biased source) is that the recounting was stopped. either by court-order or by Al Gore's request - can't remember which.
      • After the extensive re-counts and press and public auditing of the result, it was found to be correct. You are wrong. The result was not found to be correct. If all ballots would have been recounted in the whole state of Florida (which even Gore did not demand), Gore might have won. This was found by a complete manual recount of all Florida ballots by a consortium of major newspapers http://vander.hashish.com/articles/election2000/n o rcnw.html (Newsweek article) . Project site is here: http://www.norc.or
      • Look at the mess in Florida in the last US presidential elections. The system there worked as everything was on paper, so they just needed to go through all the ballot notes and re-count and re-evaluate them. After the extensive re-counts and press and public auditing of the result, it was found to be correct.

        After the extensive re-counts and press and public misunderstanding of the problem, a judge friend of Bush's ordered that they stop bothering and declare Bush the winner, ignoring overwhelming public
  • Paper and Pencil (Score:5, Interesting)

    by jeti (105266) on Sunday May 25, 2003 @05:18AM (#6034373) Homepage
    Over in Germany, we use some of the least advanced voting machinery
    imagineable. Paper and pencil. Votes are counted by hand, with peer
    review, faxed in and published in detail in the newspapers.

    So far we didn't have any real problems with fraud, ambiguous votes or
    anything like that. And the results are usually in by the evening or the next
    day.We have like 70 million inhabitants and I don't see a reason why this
    shouldn't scale up.

    So is there any real reason to replace that with a system that is not
    transparent and where you have to blindly trust some tech companies?
    • by Rhinobird (151521) on Sunday May 25, 2003 @05:34AM (#6034398) Homepage
      Pencil marks can be erased thus creating problems with fraud, ambiguous votes and the like. I suggest that you guys over there in Germany switch from pencil to pen, and solve that particular problem.

      See, the source code for Germany's voting system is open source, and I quickly saw a potential problem and proposed a solution.
      • There's a lot to be said for low-tech solutions to basic problems. Most "democratic" countries have aspects of their voting system which may arguably be described as baroque. But a simple paper trail of ballot-forms with marks in the appropriate boxes is still by far the best way to foster the people's trust in the system.
    • So is there any real reason to replace that with a system that is not transparent and where you have to blindly trust some tech companies?

      Of course: because we all know that "The computer doesn't lie.

      :)

    • Re:Paper and Pencil (Score:4, Informative)

      by sould (301844) on Sunday May 25, 2003 @05:48AM (#6034414) Homepage
      According to the minutes of the selection committe. [www.gov.ie] "The company will provide a large screen machine that has been used in the Netherlands and in Cologne and Düsseldorf in Germany."

      So looks like its already in use in Germany dude...sorry
    • Re:Paper and Pencil (Score:2, Interesting)

      by christophe (36267) *
      We Frenchies are not so sophisticated. All voting papers are pre-printed, I receive them at home. I don't even have to know to read, as the joined political advertisements all have a picture of the politician. I put the paper in a box, and I can stay at night to see that all is well hand-counted. I don't want it to change.
      A 5-years old child must fully understand a vote system.
      • You *do* realize that at-home voting compromises the secret ballot, right? It becomes possible for someone trying to force or bribe the voter to vote a certain way to demand proof that he voted the desired way, something not possible with voting at a properly supervised voting station. A five-year-old child *cannot* fully understand a voting system, because a five-year-old child cannot grasp all the security issues involved. A five-year-old child should fully understand how to *use* the voting system, bu
    • Re:Paper and Pencil (Score:3, Informative)

      by CuteAlien (415982)
      Hm, i did my last voting in dortmund (germany). It's not done with paper&pencil there anymore, but it's a digital voting system by now. And i found my voting experience slightly interesting:

      There were two people in the row before me and both were having problems using the new system. Maybe it's the panic of computer-illerate people which does arise as soon as they are put in front of a screen. The first person did just seem to be unsure with the instructions and needed several questions to the voting o
    • So is there any real reason to replace that with a system that is not
      transparent and where you have to blindly trust some tech companies?


      One reason might be to reduce the cost of voting so that you could afford more votes - closer to "people power". Another would be to allow more sophisticated voting systems. The Irish voting system, as I understand it, involves some complicated arithmetic on reallocating "surplus" votes after a candidate has reached the threshold for election. The sort of thing which is
    • Over in Germany, we use some of the least advanced voting machinery
      imagineable. Paper and pencil. Votes are counted by hand, with peer
      review, faxed in and published in detail in the newspapers.


      The only reason this is still done in most parts of the country is the inability of Germans to go with the time and finaly get a decent voting machine do the work. No, as long as one can get voluntary helpers who have nothing to do than to count thousands of ballots in the night to the next monday everything is jus
      • The vote is printed on paper as a backup which every voter can verify

        All that verifies is what you punched in. It does nothing to verify that there has been no skullduggery prior to announcement of the result. The counting of votes is supposed to be a public process.

    • But then your chancellor for many years (Kohl) was funded by the French government (Mitterand) while he (Mitterand) wasn't busy organising terrorist attacks on New Zealand (Rainbow Warrior) or keeping his mistress at taxpayers' expense.

      However I do think Kohl's endorsement of a German cookbook was a good idea (mmm, calories!)

    • Cost and voter work load are the main problems with the manual system.

      I worked in the similiar Swedish vote counting system a few times, and it works very well producing results that are almost certainly exactly correct, and verifiably so. But it is a lot of work. And we only do exactly three elections every four years.

      Bear in mind that the typical American voter can have 50 or more elections to vote in every single year, and you start to see the problem. Plus that at that voting volume, you have to cons
  • by Anonymous Coward on Sunday May 25, 2003 @05:19AM (#6034374)
    #include <pretzals.h>
    #include <bomb_iraq.h>
    #include <freeoil.h>
    #include <stdio.h>

    int bushvotes;
    int othervotes;
    int vote*;

    main(){
    if(vote* == othervotes++){
    printf("Vote VOID");
    othervotes--;
    bushvotes++;
    }
    for (florida_votes; florida_votes<bushvotes(florida))
    othervotes--
    b ushvotes++
    }
    }
  • by AvantLegion (595806) on Sunday May 25, 2003 @05:38AM (#6034401) Journal
    You know, I once tried that "turning in a binary and saying that I lost the source code" to one of my CS professors.

    It didn't give me the expected result either....

    • Your CS professor is an it?!
      I've known some pretty manly CS women, some pretty womanly CS men, and a lot that fall somewhere in between... but none were at such an extreme to deserve the "it" pronoun.

      Or maybe you're just bitter. =)
  • by Anonymous Coward on Sunday May 25, 2003 @05:43AM (#6034407)
    After all the electronic records are probably stored using MS software (no source), served to the world on MS servers (no source) and emailed around government using MS Outlook (no source).

    And I wonder what software they use in the Dail to record the proceedings?

    This is why we need free software. It's not just for fun after all.
  • by sould (301844) on Sunday May 25, 2003 @05:57AM (#6034425) Homepage
    I've just found this document [www.gov.ie] - which appears to be the minutes of an Irish government selection commmittee debating the merits (amongst other things, search for neda) of this system.

    Interesting quote: "The integrity of the electoral process will be assured for both the electorate and candidates"

    Not all of the electorate it would seem.

    Further on in the document
    [emphasis mine]
    "(2) No equipment may be approved for the purposes of subsection (1) unless a full technical description of the said equipment (including all source code and information regarding independent testing and verification relating thereto) has been laid before both Houses of the Oireachtas and a resolution approving a draft of the order approving the said equipment has been passed by each such House.".

    Intesting hey?

    Thats just one of the committee's opinion - and it looks like they got slapped down - but if I was Irish, I'd be finding out who this Mr Gilmore was & voting for him.
    • by DarenN (411219) on Sunday May 25, 2003 @06:09AM (#6034441) Homepage
      No, they didn't get slapped down. The government ran a large number of tests on the system, but because they only had it for the trial run, could not make the source public.

      Hopefully (I am too cynical to say "presumably") the source will be made available on the pruchase of the full system. While this is less than ideal, it's a start. Incidentally, the relevant quote about making the source public is given in one of the posts above.

      My gripe with this system is the choice of underlying system that is being used. I shit you not, it is a custom Windows embedded, and the database is a modified Access one. That thought does not fill me with confidence

      • No, they didn't get slapped down.

        Quoting from the article I linked before:

        Mr. Gilmore: I move amendment No. 39:

        In page 33, between lines 15 and 16, to insert the following subsection:

        "(2) No equipment may be approved for the purposes of subsection (1) unless a full technical description of the said equipment (including all source code and information regarding independent testing and verification relating thereto) has been laid before both Houses of the Oireachtas and a resolution approving a d
    • For both the government and the source code requestors, what guarantee do they have that whatever source code they are shown is actually the software that is running in the system on election day?
  • by bowa (190003) <bowa&oxygenetic,com> on Sunday May 25, 2003 @06:23AM (#6034457)
    all sourcecode of the three systems used is available for download and public review on the site of the federal government.

    http://www.verkiezingen.fgov.be/Nouveau/NieuwNl/Do kunnl/broncodes/Cdoku7nnl.htm [verkiezingen.fgov.be]

    (clik on one of the three software systems and then on 'Hier')
  • ...and let's proclaim that the President is directly nominated by IBM, CGEY, or whatever IT corporation wrote the sofware.
    It would be as in the XVIIth century with the King choosen by God. Easy and cheap!
    Then we can proceed to the next logical step: the revolution.
    • by Anonymous Coward
      Behold our new king! Whose right to rule was handd down by root himself.
  • by Void (2442) <frank@openmin d s . be> on Sunday May 25, 2003 @06:37AM (#6034476) Homepage
    During last weeks general election here in .be, 44% of the people voted on a PC. All registered polical parties participating in the elections, could appoint a few experts who were granted access to the source code of the program that was used...
    • The expert appointed by registred political party had limited access to the system. Only the expert from the power in place had a way to verify something...

      But 9 peaples can not verify a lot... and when they make advice to modify the existing system, they are not followed. Here is an analyse of the rapport of year 2000 [wiki.ael.be]

      My mother is not an expert... who should she trust to control the election?

      Normal citizen lost control of the election process... it this a democracy?

  • by AlecC (512609) <aleccawley@gmail.com> on Sunday May 25, 2003 @06:59AM (#6034512)
    Commercial companies usually refuse to release sourcee code on the basus (reasonable) that others could rip it of, despite its being copyright, and it would be very difficult and expensive to trace and sue them.

    Bit in this special cas, that doesn't apply. If every suppier of voting software has to provide the source of their system, any supplier who thinks he has lost a contract to a ripoff of his own system can obtain the source code and check it. Piracy would be trivially easy to expose, and a powerful ally (the Government) under pressure to clean up the electoral system.

    So the usual excuse of Commercial Confidentiallity does not apply, and and any seller hiding behind it should be excluded from the tender.
    • Doesn't matter who has the source. What guarantee do you-the-voter have that the program running in the voting booth was compiled from the available source? For that matter, even if you could prove it was the same program, what about other software in the system? Another poster asserted that the voting machine is running WinCE with a modified Access database - what are the chances of THAT source being available? And provably the same as the software running the voting machine?

      It's no good proving the pr

  • More Details (Score:5, Informative)

    by Anonymous Coward on Sunday May 25, 2003 @07:54AM (#6034588)
    I suppose more details of the electoral system are in order...
    For General Elections (to the Dail - main parliment) Ireland has a multiseat-Proportional Representaion election system - meaning there are more than one seats available in each constituency.
    Firstly each voter can vote in order of preference for every candidate - For example say there are 10 candidates for three seats (my case last election) You can vote in order of 1 to 10.

    PR works by counting first how many ballots are cast, dividing by some ammount (IIRC Number of seats + 1). This is set as the "quota". Then counting takes place. Once a candiate reaches the quota they are deemed elected. Then the amount of votes over the quota is distributed to the other candates, going on the next choice of the voters concerned.

    If no one reaches the quota, the person(s) with the least votes accrued currently are eliminated, and their votes are distributed to the remaining candidates.

    This is a complicated system and electronic counting would be an advantage - sometimes it can take up to a week to recount a constituncy, last time there were three recounts in one case, with the final seat going to the candidate with three more votes than the other!

    Electronic voting was used last time in three places, with the results out the night of the election, rather than a day or two later. This lead to some problems when a sitting TD (equiv MP) lost her seat, and was told rather cruely, normally you get the results of each count so you are prepared for the result, long in advance of the declaration.

    In my opinion, ideally Electronic voting is the way to go. However I don't trust the machines or the companies who make them, regardless of the published nature of the code. It would be very difficult to catch fraud taking place, and personally I like the current method (pen and paper). It is very satisifing putting a 10 beside the candidate who you hate :-)

    tom.

    • Firstly each voter can vote in order of preference for every candidate - For example say there are 10 candidates for three seats (my case last election) You can vote in order of 1 to 10.

      PR works by counting first how many ballots are cast, dividing by some ammount (IIRC Number of seats + 1). This is set as the "quota". Then counting takes place. Once a candiate reaches the quota they are deemed elected. Then the amount of votes over the quota is distributed to the other candates, going on the next choice

      • "Both of these ways of fixing such an ellection would be impractical in a paper system, but quite easy in an electronic black box."

        The anomaly whereby the order of the ballots can (theoretically) affect the outcome of the count does not apply in the electronic system, as far as I'm aware. This is because the computer can perform operations which are considered too time-consuming for manual counters, e.g. allocating third and subsequent preferences in proportion to all a candidate's ballots, rather than

  • by bmasel (129946) <bmaselNO@SPAMtds.net> on Sunday May 25, 2003 @09:05AM (#6034730) Journal

    In January, 2002 the State Elections Board approved two closed source touch screen voting systems, the ES&S Votronic DRE and the GBS Accu-Touch EBS 100 DRE.



    This spring I raised the system integrity issues with the Board, and persuaded them to revoke the certifications. [state.wi.us]



  • Not enough. (Score:3, Insightful)

    by Pendersempai (625351) on Sunday May 25, 2003 @09:49AM (#6034867)

    Why would we want the source code in the first place? It's probably not motivated by a GPL-like desire to build on it; rather, it's an attempt to verify the validity, honesty, or security of the code involved.

    But at the point where one is concerned about a grand conspiracy to rig national elections and control the government, viewing the source is not nearly enough.

    Imagine that we vote electronically in ominous black boxes once per year, and the boxes tell us who our leaders are. You request the source code to these voting machines, and the government gives you some source code. As far as you can tell, it's valid. But what guarantee do you have that that code is actually running the black boxes?

    As I see it, there are three main possible points of failure. The manufacturers of the boxes could distribute the machines with false election code pre-installed, the government could substitute such malware to remain in office, or a technician specializing in the repair of the machines could covertly substitute the code. The three are not equiprobable, but in any of the three cases, requesting the source code does not address the problem. Even if you mandated that the boxes themselves display their own code, quinelike, on a screen before you vote, you still have no guarantee that the code displayed is the code in operation.

    How is this any worse than a system of punch-cards or a mechanical voting box? Because these other mechanisms are hard-wired and validated locally before the election commences. Re-wiring them on a massive scale is not feasible. The same is not true of a more versatile solution like electronic voting; such could be rigged to behave correctly in all pre-election tests and revert to its more insidious behavior on election day during polling hours.

    If you're worried about a conspiracy, requesting the source code is not nearly enough. You'd need a system designed specifically to thwart tampering, even by its creators. And even so, you can only solve for one or maybe two of the possible points of failure. Allowing electronic black box voting assumes a certain amount of trust in the system. I don't know how much trust is necessary, but if one is worried enough to request source code, one shouldn't accept the voting method to begin with.

  • Where's the proof? (Score:3, Interesting)

    by stubear (130454) on Sunday May 25, 2003 @09:53AM (#6034873)
    I'd agree that having the source code open to all improves security and assures an accurate vote but there is absolutely no evidence to prove this. Many OSS projects have bugs in them regardless of the number of people looking at the code. To add to the problem, not only are there bugs in the code regardless of the number of people looking at it, the release schedule of most projects, "it'll be read when it's ready", there should be no bugs in the code. When the OSS community can prove open source code is more secure due to it being open then perhaps there might be an argument for opening source code for more applications. Until then it's mere speculation and assumptions based not in reality, but in what the OSS community wants to have happen.
    • Just because the software is open source does not mean it is written by the "OSS community".

    • Any claim that OSS is bug-free due to its nature is horse manure.


      However, I'm more inclined to believe OSS is more secure, . It's not a question of 'no bugs in the code', but rather of how fast those bugs are found, and of how many of them are discovered.

  • "Trust us..." (Old expression meaning "Fuck You!")

    The problem is self made and perpetuated by history. It's the difference between a simple lever which punches a hole in a piece of paper and which anyone can see and understand, and the incredibly bull-shit filled explanations of the process that most comp-sci majors will come up with to explain the code.

    Every mistake that can be made in describing the specifications, the code, the inputs or the results will be made. From anthropomorphization to bald-faced
  • The government's own guide to the electronic voting system [environ.ie] has this to say on the source code:

    6.3 Source code
    The program source can be found at Nedap on the Specials_nts1 server in the /klanten/stemcomp/ierland directory. The bottom layer, the routines that operate directly on the hardware, are called the drivers and can be found in the drv/h and drv/src directories. The other layers called the application are found in the h and src directories. In the directory lang_h the language dependant header is

  • by supernova87a (532540) <kepler1@hCOBOLotmail.com minus language> on Sunday May 25, 2003 @11:45AM (#6035399)
    Maybe I'm a little unfamiliar with voting machines, so forgive me... What in the world are 200,000 lines needed for?

    Are we talking about the interface software included in this count? Because last time I thought about it, it doesn't take 200,000 lines of code to place a ticket in one of several bins...
  • by telly333 (659241) on Sunday May 25, 2003 @11:56AM (#6035473)
    Your Vote is Now the Property of a Private Corporation

    Now recounts and audits are being barred so as not to violate the "privacy and trade secrets" of the the company whose software is used to count the votes. Check out some of the excellent commentary on this issue by "Thom Hartmann" [thomhartmann.com] at:

    "If You Want To Win An Election, Just Control The Voting Machines" [commondreams.org]

    "Now Your Vote Is The Property Of A Private Corporation" [commondreams.org]

    An excerpt: (credit to Thomm Hartmann)

    "Chuck Hagel was re-elected to his second term in the United States Senate on November 5, 2002 with 83% of the vote. That represents the biggest political victory in the history of Nebraska. What Hagel's website fails to disclose is that about 80 percent of those votes were counted by computer-controlled voting machines put in place by the company affiliated with Hagel. Built by that company. Programmed by that company.

    "When Charlie Matulka (the opponent) requested a hand count of the vote in the election he lost to Hagel, his request was denied because Nebraska has a just-passed law that prohibits government-employee election workers from looking at the ballots, even in a recount. The only machines permitted to count votes in Nebraska, he said, are those made and programmed by the corporation formerly run by Hagel.

    Scary?

    -Scott
  • by 3.1415926535 (243140) on Sunday May 25, 2003 @12:50PM (#6035766)
    in an electronic voting system is a printout that gives the time and date of the vote, which candidate I voted for, and a cryptographic signature from the machine. Then the votes are revealed after the election and anyone with a computer can verify the signatures, and I can grep for my vote in the list. Then if everyone checks his own vote, he can raise a big stink if his vote isn't in the list, and he has a printout with a signed vote on it that gives proof of his claim.
  • Missing the Point (Score:3, Insightful)

    by KMonk (612700) on Sunday May 25, 2003 @12:53PM (#6035781)
    Every voting system is based on trusting the government. The government runs the election, the voting booths, does the counting in paper elections etc, so no matter what the system - we have to trust that the government is not going to cheat us in anyway. The bottom line is they could if they wanted to ( I realize we could make a super secure system at some point that would bypass this, but the technology is not there yet, or at least the funding for it isn't) I think there is an obvious disadvantage to releasing the source: it lets other people get at the intricate details of the voting process. So if someone outside of the government wanted to screw up the voting, if it's possible you are giving them the resources to do it. We have to trust the government not everyone who can read voting systme code. Also, the government there says they don't have the code... that doesn't mean they couldn't easily get it.
  • by jrst (467762) on Sunday May 25, 2003 @01:54PM (#6036081)
    The web site and source code for the Australian system referred to in the article is worth a look.

    It's quite simple. Intentionally, as the ACT states in their design goals (http://www.elections.act.gov.au/EVACS.html). The source includes the client and server application components--160 files and 12739 lines of very straigtforward C. (Of course, that doesn't include the OS/libs.)

    I've browsed through a fair bit of the code, and everything I've seen is GPL. Ensuring accessibility to software used for public elections is, I think, a Very Good Thing. (I wouldn't mind seeing a law that required all election software be GPL'd.)
  • Trustable Code (Score:3, Interesting)

    by tres3 (594716) on Sunday May 25, 2003 @02:59PM (#6036382) Homepage
    This is on topic but it might take me a minute to get there.

    I think that we in the Free/Liberated software world (and to a lesser extent the Open Source world) should come up with a way of running cryptographically signed code on our preferred operating systems. I know that most of you equate signed code with Digital Rights Management (DRM) but that is only one use and not necessarily a bad one. There are many other times when making sure the code that you are running is the code that you want to be running and not some Trojanized version.

    From a DRM perspective, would it be such a bad thing to have code that is signed run on a Linux machine? For the people that want to pirate movies and music this is obviously NOT a good thing; but for the rest of us it could be. The reason that we cannot watch a DVD legally on our Linux boxes is because the DVD-CCA won't allow anyone to write a player and distribute the source code. If there was a way to verify that a program was running in an unaltered state then I see no reason that the DVD-CCA would not allow us to produce a Free Software player for Linux. They could be assured that the player would only play the movie and not make an un-encrypted copy of it because the program would refuse to run if it had been modified.

    Another use for such a system would be online games. Cheats have almost destroyed some of the online gaming communities by giving programmers and script kiddies an overwhelmingly unfair advantage over those that play fair.

    Getting back to the topic at hand, if it were possible to run cryptograpphically signed code on Linux then it would be possible to construct an electronic voting system where ALL of the code is available. This would eliminate the possibility of an obscure bug in either Micro$aft's operating system or database server either tainting the results, or worse, being exploited to influence the results of the election. I believe what we need is an electronic voting system where:

    • The source code can be audited.
    • The voter is given a piece of paper confirming his/her vote.
    • The paper trail is cryptographically signed so we can tell if the paper was altered.
    • The paper could be fed back into a machine that could recover the votes cast thereby ensuring the voter that his/her voate was recorded correctly.
    This would also have the advantage of saving the taxpayers a lot of money. Not only could we run the program on commodity hardware but we could port the program to all of the languages of the world that are used in either a Democracy or a Republic. This would enable voting to take place in many third world countries that cannot afford to produce a program for electronic voting. Further the system could be used by the illiterate as they could be presented with pictures of the candidate and simply touch their favorite.

    I don't know if this is even possible from a technical perspective. If I can go into the kernel code (or the device driver code) then I could probably find some way around the protections. But I still think the goal of being able to run cryptographically signed code, that is released under the GPL w/ source, would be beneficial to all of the members of the Free/Liberated software community.

  • by jdesbonnet (22) on Sunday May 25, 2003 @03:20PM (#6036477)
    The sensible thing to do is to use technology to make the existing system more efficient. Ie use scanners and optical recognition to count the ballot papers. Fall back to traditional counting if there is any doubt or if the technology fails.

    The Irish Lotto (nation Lottery) is an example of such a paper/electronic hybrid system in operation.

    The current system is analogous to having our votes shipped abroad, counted using an unknown system, by persons unknown with no outside review allowed. Having all the votes shredded and then a final answer announced with no possibility for recount.

    Its amazing, when it comes to technology people in general are so clueless. Even very fundamental changes in the workings of our democracy can be changed with very little resistence.
  • by Aardpig (622459) on Sunday May 25, 2003 @03:45PM (#6036587)

    This isn't directly related to the post, but I'm wondering whether electronic voting stops people from deliberately spoiling their ballot.

    In the UK, we still use a paper voting system in general elections, and I (and a number of friends) have deliberately spoilt our ballot papers in past elections, to indicate a RON vote (Re-Open Nominations -- basically, we believe that all of the candidates listed are total wankers, and want other people to stand instead.)

    It would be a damn shame if the ability to vote RON is lost, since there will be no other way for people to register their disgust with the slime presenting itself for election.

    Who was it who said that the best person for King/President/Emperor was the one who didn't want the job?

  • that's not all... (Score:3, Informative)

    by K. (10774) on Sunday May 25, 2003 @07:26PM (#6037682) Homepage Journal
    They use a similar system in the Da'il (our Parliament) and the counting PC got SQL Slammer, because they'd left it on the Internet-connected network.

    Of course, this should have rendered any vote counted while the machine was on the network null and void, but the media dropped the ball and the opposition parties weren't IT-savvy enough to realise what a big deal they could have made of it.

If it is a Miracle, any sort of evidence will answer, but if it is a Fact, proof is necessary. -- Samuel Clemens

Working...