Forgot your password?
typodupeerror
Software Your Rights Online

Australian Voting Software Goes Closed Source 567

Posted by timothy
from the but-wait-there's-more dept.
Scott Ritchie ended up delivered an angry rebuttal to Friday's OSCON presentation on the credibility of election software: What's strange is that his rebuttal came in response to a talk he himself had just delivered. Ritchie doesn't have a split personality, and wasn't simply playing devil's advocate. He found himself, though, in the strange situation of having agreed (as a last minute stand-in) to deliver a presentation he hadn't yet had a chance to read, provided by Dr. Clive Boughton of Australian software developer Software Improvement. (Boughton is also a Computer Science lecturer at Australian National University.) Between agreeing to fill in and arriving at the conference, Ritchie found that Software Improvement was switching its eVACS voting software from a Free, open source software license (specifically, the GPL) to terms "even worse than that on MS's shared source," and decided to do something about it. (Read more below.)

From Diebold's last-minute installation of uncertified software updates on its touch-screen election machines in California (leading to decertification of the company's machines in several California counties) to ethically troublesome relationships between politicians and the companies whose machines count the votes that determine their employment, the possible benefits of electronic voting seem swamped at the moment by objections (from simply prudent to caustically cynical) to its security and integrity.

Within the world of electronic voting, though, eVACS (for "Electronic Voting and Counting System") has been a rare success story both for open source development methodology and for the benefits that electronic voting can offer. The first generation of eVACS (running on Debian Linux machines) was developed starting in March 2001 in response to a request for bids by the Australian Capitol Territory Electoral Commission (ACTEC), and it was done on a budget of only AUS$200,000.

(The Australian Capitol Territory includes Australia's capitol city, Canberra, as well as surrounding suburbs and Namadgi National Park.)

Besides a respectable list of features driven by ACTEC's initial requirements (like support for 12 voting languages, and audio support for blind voters), eVACS has an advantage not enjoyed by many electronic voting systems: it's been successfully, uneventfully used to gather votes in a national election. The election in which it played a part went smoothly, and the eVACS system itself functioned as hoped.

This year, though, ACTEC asked Software Improvement to update the code for future elections, and Software Improvement decided to go them one better -- or, in the eyes of open source enthusiasts, one worse. The notes Ritchie was provided to deliver announced a change to the process under which the code is released; specifically, a switch from an open source license to something the company calls "controlled open source."

According to Software Improvement, simply releasing election-machine code under a liberal license such as the GPL is undesirable for two reasons: it means a loss of the company's intellectual property, and unfettered access could lead to a compromise of the voting system, if a determined cracker could find and exploit flaws in the code. (Software Improvement has not supplied any examples to show that this has happened, however.)

The company's use of "open source" would find little support from organizations like the Free Software Foundation or the Open Source Initiative. Software Improvement's idea of software openness is rather limited. Claiming that open source development is insufficient, even inimical to creating trust in election systems, the company now says that portions of eVACS's codebase will be released only to approved analysts, and in encrypted form, to enable viewing only for auditing purposes, rather than code contribution. Repeated viewings would be reported to the company, and only a limited number of views would be permitted before the code would self-destruct.

After delivering the prepared presentation, Ritchie took a few minutes to react to the changes it announced.

"Six hours ago, while I was reading through this on the plane," said Ritchie, "I was infuriated to read what it actually says."

Ritchie, though, is a computer-literate political science student at the University of California - Davis, and behind the Open Vote Foundation. He said he's decided to resume the project represented on that site, started with the intent to fork and bring to the U.S. the first generation, GPL'd version of eVACS.

"A long time ago, I read the first news report about Diebold, wondered why we didn't have open source election software for our voting machines. Eventually, I found out that Australia had apparently beaten us to it. It seemed like a good thing; the eVACS system was developed and released as GPL code, it was checked and rechecked by computer science people and all kinds of election officials. I said, 'Why don't we bring this to the U.S.? It's GPL, let's do it.'"

So he started the nonprofit Open Vote Foundation to bring the software to the U.S., specifically to California. Ritchie went to the meeting at the California Attorney General's office which resulted in decertification of Diebold machines in that state's 2004 election process, and his involvement in the fight against Diebold's secret-source voting machines is what led him to the open source eVACS; now he finds that the restrictions on the formerly GPL software are "even worse that that on MS's shared source. To call that open source is a bit dishonest."

"As of 6 hours ago," he said, "I've decided to start that again. It's not that hard; I mean how hard is it to say 'add one to this vote'? ... I remembered my old plan, and thought 'Let's take the old Australian code, fork it, and work from that -- and that is still an option. This is the great thing about open source software. If the old lead developer goes insane, you can always fork it, right?"

This discussion has been archived. No new comments can be posted.

Australian Voting Software Goes Closed Source

Comments Filter:
  • by Anonymous Coward on Wednesday August 04, 2004 @03:56PM (#9882145)
    "A Dingo Ate My Vote."
    • by ackthpt (218170) * on Wednesday August 04, 2004 @04:29PM (#9882424) Homepage Journal
      "A Dingo Ate My Vote."

      "To vote against the incumbent, hit the monkey!"

  • by revscat (35618) * on Wednesday August 04, 2004 @03:58PM (#9882159) Journal
    I have been wondering lately if phsyically damaging these machines is not justified in a system that is supposed to cherish democracy to such a high degree. Civil disobedience is justified in some cases, and I believe that the use of unverifiable electronic voting machines with known vulnerabilities is just such a case.

    Remember, Americans: Bring your voter registration card, and a sledgehammer for Diebold. They are stealing our freedom to vote, the very democracy over which so much blood has been spilled, and the corrupted political process is encouraging it via awarded contracts and almost silent acquiescence.

    This crosses political affiliations and affects all Americans. I strongly believe that this must be stopped it by all means necessary or we will lose the ability to collectively affect the policies of our country, no matter how small your individual voice might be. This is zealous, without a doubt, but not all zealotry is bad. "Extremism in the defense of liberty is no vice." And some things are too important to wait upon the justice system to work, even when it does. Sometimes men must take justice into their own hands.

    Live free or die.
    • by jazmataz23 (20734) <jazmatician AT yahoo DOT com> on Wednesday August 04, 2004 @04:06PM (#9882227)
      Well, there's always just voting en masse via absentee ballot. I've already registered in NC, and they'll mail me my ballot in a couple weeks (fifty days from voting day, to be exact). Here's [statedemocracy.com] a clearinghouse of sorts with information for all fifty states. I've already posted as to my reasons for this here [slashdot.org].

      Make sure your vote counts: make them count it by hand!

      jaz

      • by AK Marc (707885) on Wednesday August 04, 2004 @05:45PM (#9883291)
        Make sure your vote counts: make them count it by hand!

        How do you know whether it was counted? How do you know how they counted it? There was a thing in the news the other day about a postcard that was about 20 years late. It fell behind a machine, and when the machine was moved 20 years later, it was found and forwarded by the post office. If your card falls behind a desk and doesn't get found until too late to be counted, how do you know?

        There is absolutely no verification whatsoever in today's non-electronic voting systems. So how is it a bad thing when electronic voting is no worse than the current system?

        And no, I'm not playing devil's advocate. I can conceive of multiple ways for there to be verification while retaining anonymity with electronic voting that will not work with paper voting. So if you want your vote to count (and you want to know if your vote counted) you should be against paper voting and for electronic voting. Just make sure they don't let Diebold do it.
    • I'll destroy some machines if you let me blame it on you.
    • I'm not to surre that this is appropriate, but if you're gonna damage the machines, use stun gun, maybe with long, narrow probes soldered onto the arc-points. Much handier than a 15 pound sledge.

      And how the heck is the above post flamebait? Extreme, yes, but it's a half-way reasoned post. Now I'm OT. Oh well.
    • by Anonymous Coward on Wednesday August 04, 2004 @04:11PM (#9882282)
      > When is civil disobedience justified?

      "Civil disobedience"? I do not think that means what you think it means.

      Time to take a few hours and (re)read your Thoreau and Ghandi; damaging voting machines has NOTHING to do with civil disobedience, despite how cool you think that phrase sounds.
    • by jazmataz23 (20734) <jazmatician AT yahoo DOT com> on Wednesday August 04, 2004 @04:18PM (#9882343)
      There's a fine line between Civil Disobedience and Hooliganism. The major tenet of CD is nonviolence, that in a free society, social change can be created without resorting to violence of any kind.

      It's really pretty practical actually; it's impossible to get somebody all riled up for social change, put a sledgehammer in their hands and tell them "Now, that's *ONLY* for the voting machines. No hitting!" Witness the French "Revolution": once you tell Jimmy Rebel "go forth and smash!" he rarely stops where you want him to.

      jaz

    • by Otter (3800) on Wednesday August 04, 2004 @04:21PM (#9882375) Journal
      They are stealing our freedom to vote, the very democracy over which so much blood has been spilled...

      The flip side of this, of course, is that you'd be unilaterally deciding to deny a large group of people the opportunity to cast a ballot, and possibly voiding an entire election. It's always hard to make an objective determination of where to engage in civil disobedience, but I'd urge you make extremely damn well sure in your own mind about when voting machine vulnerabilities justify your deciding for all of us that we'd be better off with no voting at all.

      Certainly if you walk into my polling place and start smashing machines with a sledgehammer, you'll be leaving on a stretcher. I wouldn't count on everyone immediately recognizing you as the hero of freedom that you see yourself as.

    • by ElForesto (763160) <elforesto AT gmail DOT com> on Wednesday August 04, 2004 @04:25PM (#9882398) Homepage
      Maybe, instead of advocating the destruction of the machines, you can do what we did in Nevada and force the Sec. of State to add a paper trail. It's a lot more work and you don't get to smash things, but it does a lot more good.
    • by Oligonicella (659917) on Wednesday August 04, 2004 @04:36PM (#9882482)
      "...electronic voting ...is just such a case."
      "Extremism in the defense of liberty is no vice."
      An opinions only, not truths. And, one I don't share.

      "Sometimes men must take justice into their own hands."
      Feel free to come on down to our voting country and try to take something into your own hands. Just don't whine and complain when you have your ass handed to you be people who aren't taking kindly to your presumption that you should determine that they shouldn't vote.

    • by jhughes (85890) on Wednesday August 04, 2004 @04:53PM (#9882632) Homepage
      I have wondered this:
      If someone created stickers that said something simple such as "How do you know this machine recorded your vote correctly", or something of that sort, then distributed those to people who would go into the voting booths and affix these stickers to the machines or voting booth walls or what not.

      Would that get a stir out of people? How would John Doe going into the booth and seeing this colorful sticker asking the simple question react?

      Granted, this would be a 'too late' type of situation, and I urge people to speak out ahead of time (I've already wrote my election officials, have you?). But what sort of reaction would this have at the booths...suddenly people questioning the machines, at the time of voting?

      Just a question that I felt like tossing out:)
      • Well, the answer is easy. A video camera to prevent vandalism ;)
    • Dumbass. Vandalism is not civil disobedience. civil disobedience does not involve hurting others and does not involve destroying property.

      You talk big, but you don't know what the hell you're saying. Sounds like our current President.
  • by grunt107 (739510) on Wednesday August 04, 2004 @04:00PM (#9882181)
    As Diebold has proven, having a private firm develop voting machine code can be detrimental to a democratic society.

    More eyes checking on the code will find these problems faster than the machinations of a private corporation. Factor in corporate bias and the potential for 'back door' code is immense.

    As cited, the CA elections showed how unusable the current offerings of e-machines are.

    The only criteria is if it is easy to use, traceable, and accurate.
    • "The only criteria is if it is easy to use, traceable, and accurate."

      And one of the criteria of a successful election is that the votes be untraceable to the voter. It's still a mystery to me, and one of the sources of skepticism to many others.
      • And one of the criteria of a successful election is that the votes be untraceable to the voter. It's still a mystery to me, and one of the sources of skepticism to many others.

        It's a mystery to you why some people would want to avoid vigelantes and the death penalty over voting for the "wrong" candidate?
        • No - it's a mystery to me how we could implement an electronic voting system with a "one person, one vote" accountability but still have an anonymous vote.

          I've read some pretty good solutions, but none of them were that convincing to me. The best that I can remember involved simply tallying the number of people who votes (no anonymity) and comparing to the number of votes (with anonymity). There's no way to tie the vote to the person, but you can definitely compare the numbers. And validate or invalidate b
      • by ComputerSlicer23 (516509) on Wednesday August 04, 2004 @04:20PM (#9882357)
        It's simple. You can't sell your vote, if you can't prove the way you voted to someone else.

        In the olden days, people would sell their vote for money. It wasn't until I believe the 1850's or 1860's that we had an anonymous voting system. In an odd coincidence, we imported the Austrialian method back then too!

        Before the 1860's you wrote in the name of the candidate you wished to vote for. In small enough precinects, you could literally know everyones handwritting. Before that, you actually walked into the town capital building, and announced your vote in a loud clear voice the the people in charge of keeping track.

        Each candidate would have a witness there keeping track of who voted which way, and could then pay off the people who they bought a vote from.

        As the other response said, I'd imagine that the first whites to vote for a black in Georgia probably didn't make it too far out of the voting booth before getting harrassed. Unless there was an anonymous system.

        Kirby

  • by Skraut (545247) on Wednesday August 04, 2004 @04:01PM (#9882188) Journal
    "It is enough that the people know there was an election. The people who cast the votes decide nothing. The people who count the votes decide everything." Joseph Stalin
  • by cyclop (780354) on Wednesday August 04, 2004 @04:03PM (#9882204) Homepage Journal
    It's lovely someone wants to develop and fork something so exotic like an electronic voting system.
    I just hope some government will understand that it's NECESSARY for such software to be FULLY Open Source, to guarantee democracy. How can I trust a device I don't know what is REALLY doing with my votes?

    (And if someone is scared by the fact someone can maliciously change the program in the local voting machines just before the election...well,it's enough for THAT election to use a freezed code with a definite SHA1 or MD5 checksum...isn't it?)
    • Unless you watch every vote being counted with your own eyes, theres no guarantee the every vote is counted.

      A closed source voting system is the same as the vote counting that goes on behind closed doors.

      You just have to hope that those in charge of either method are competent and trustworthy.
    • if you go to computer voting, it is necessary, but not sufficient to be open source.
      As for your check, how can you verify, in the voting booth, that the program running is really the one in the rom, and not one in microcontroller memory :
      you know, we just changed the controller from XX12587 with the XX12588, all the rest is the same. We just forget to tell you the XX12588 start from internal rom, and you checked the external one
  • by sploxx (622853) on Wednesday August 04, 2004 @04:06PM (#9882226)
    ... traditional voting with pen and paper!
  • What amuses me. . . (Score:5, Interesting)

    by the gnat (153162) on Wednesday August 04, 2004 @04:08PM (#9882263)
    . . . is that the people leading the call for paper trails or even just paper ballots are either computing professionals or extremely technically literate. It's an interesting situation when technological "progress" is opposed by the elite rather than the traditional Luddites or the masses. Maybe we've all just read too much science fiction, but these machines sound like a solution even worse than the problem. I'd rather go through the Florida recount again than deal with the potentially catastrophic effects of the machines we use in CA.

    I'm a little shocked, however, that more professed conservatives haven't spoken out against the new systems. To hear some of them tell it, the Democratic Party practically invented vote fraud, so you'd expect that they'd be much more suspicious of unverifiable, untrackable voting systems. But none of them seem to have anything to say on the matter - or have I not been looking in the right place?
    • by crimethinker (721591) on Wednesday August 04, 2004 @04:17PM (#9882325)
      Let me join you as a techincal professional who absolutely does not trust electronic voting. I prefer to punch holes in paper or mark boxes with a pen. At least in those cases, someone has to make my physical ballot disappear.

      I'm a little shocked, however, that more professed conservatives haven't spoken out against the new systems. To hear some of them tell it, the Democratic Party practically invented vote fraud

      Haven't you ever heard the saying "when I die, bury me in Chicago so I can keep voting" ? The Democrats did invent modern-day vote fraud, getting all sorts to vote for them: dead people, illegal immigrants, and in one California case, over 120 people in alphabetical order with identical handwriting signing the voter roll. I found it particularly ironic that Al Gore's team in the Florida recount included Daley, who is from ... CHICAGO!

      BTW, the reason that the conservatives aren't screaming bloody murder about unauditable electronic voting is that the chairman of Diebold is a Republican who has pledged to help re-elect George Bush.

      -paul

      • Haven't you ever heard the saying "when I die, bury me in Chicago so I can keep voting" ? The Democrats did invent modern-day vote fraud, getting all sorts to vote for them: dead people, illegal immigrants, and in one California case, over 120 people in alphabetical order with identical handwriting signing the voter roll. I found it particularly ironic that Al Gore's team in the Florida recount included Daley, who is from ... CHICAGO!

        this is exactly the reason i think that most people opposed to electroni

    • You probably haven't been looking in the right place.

      I confess that our electronic voting machines, which have been in use at least the 14 years I have voted in La., are still working just fine, thank you. Amazingly enough, both liberals and conservatives, Democrats and Republicans (and even the odd independent or three - and they get VERY odd down here) have been elected with them.

      That said, I don't really see the advantage of electronic voting machines, myself. Paper and Pen ballots, and immutable pro

  • by Anonymous Coward on Wednesday August 04, 2004 @04:08PM (#9882265)
    I dismissed anti-Diebold conspiracy theorists as cranks, the political version of Project Bluebook UFO-hunters. After all, for their theory to work, the entire development staff of a major international corporation has to be in on the conspiracy, right?

    But then I had the opportunity to speak with some senior managers from the company, who told me that, in fact, virtually the entire company was united behind dropping the electronic voting machines. They didn't trust the codebase (which was developed by a company Diebold acquired), felt the issue needed to be more deeply researched than it had been, and believed the bad publicity was hurting Diebold's reputation for security and reliability in its cash-management business.

    But CEO Walden O'Dell disagrees. Virtually single-handedly, he has kept the e-voting project alive despite the vocal opposition of virtually everyone involved with it. When I asked the managers why they thought O'Dell was so strongly behind the project, their answers were blunt: "Politics."

    If that's how management inside Diebold thinks, perhaps there's something to the conspiracy types after all....

    - Watchful Babbler

  • Why not an AVM? (Score:3, Interesting)

    by Donoho (788900) on Wednesday August 04, 2004 @04:10PM (#9882280) Homepage
    it means a loss of the company's intellectual property

    That's not the voter's problem.

    and unfettered access could lead to a compromise of the voting system, if a determined cracker could find and exploit flaws in the code.
    Or it could lead to anyone in the community blowing the whistle on propriatary back doors or the poor coding practices of the developers or....
    These arguments are completely backwards.
    how hard is it to say 'add one to this vote'?

    Why not model these voting machines after ATM's? Every registered voter starts out with a single vote per election. Accounts are credited and debited and everyone is accountable... Automatic Voting Machine anyone?
    • Why not model these voting machines after ATM's? Every registered voter starts out with a single vote per election. Accounts are credited and debited and everyone is accountable... Automatic Voting Machine anyone?

      Sounds good to me- ATMs keep paper records in the background (even when you choose not to get a receipt, listen closely and you'll here the "bllaurp" of a dot matix printer going off for a line for every transaction). To preserve vote privacy, your "account" to be debited or credited would only
    • by provolt (54870) on Wednesday August 04, 2004 @04:19PM (#9882351)
      Why not model these voting machines after ATM's?

      You know you're right. I wonder where we could find an ATM company? They have the knowledge and skills. I wonder where we could find one of those [diebold.com]. They'd be really good at it.

  • by ajs (35943) <ajs@ a j s . com> on Wednesday August 04, 2004 @04:11PM (#9882283) Homepage Journal
    I find the idea facinating that open sourcing your product is a binding contract with the community. You cannot back out unless interest in your product is so low that no one ever bothers to fork it. But time and again we see with efforts like this one or XFree86 that the idea of backing out of an open source stance is actually more harmful than remaining that way. While some will view this as a problem, as a consumer, I view it as a boon.

    Even making motions toward open source without going all the way can result in "pseudo-forking" (I'm posting this from a Gnome desktop which was originally created in response to the original licensing terms of the Qt library upon which KDE was based).

    It will be very interesting to see what the next few decades bring to the table in terms of open source business practices. I envision a sort of corporate ethics evolving around the benefits and dangers of open source development, and this can only be a healthy process. Much as I think RMS took leave of his senses in the mid-90s (who didn't), I have to say that he nailed it when he decided that the GPL would have the power to change the software industry. I doubt that any other legal tool has been able to so profoundly shape the future of business since the anti-trust laws of early last century.
  • Specifications? (Score:5, Insightful)

    by justanyone (308934) on Wednesday August 04, 2004 @04:11PM (#9882284) Homepage Journal
    Where are the specifications for this code?
    What language is it written in?
    Where is the source kept?
    What platforms does it run under?

    MoveOn.org is sponsoring a petition drive to urge U.S. voters to demand voter-verified paper ballots that can be audited and recounted if necessary. This is the ONLY solution.

    A SECRET ballot means that the association between a specific person and a specific vote cast is vital to democracy. Doing otherwise can very easily lead to vote buying ("I'll pay you $x for proof you voted for my candidate!").

    We need a specifications document laying out the requirements for this software, which platforms it runs on, etc.

    We also need a copy of the existing code to (a) have a place to start from, (b) provide us something to look at and thus give us ideas for development methodologies, (c) give us a point of reference to use when lobbying congressmen, etc.

    This must be on a paper trail so I know who I voted for. Election monitors (the people, one from each party, who literally looked over the shoulders of the people counting ballots in Florida) need to be able to verify the count afterwards in some statistically valid way.
  • Insane... (Score:5, Interesting)

    by Lodragandraoidh (639696) on Wednesday August 04, 2004 @04:11PM (#9882289) Journal
    If the old lead developer goes insane, you can always fork it, right?

    Yep. However, getting the politician's buy-in on certifying the fork will be problematic:

    On the one hand, we have academia and open source developers pushing their idea. (Politicians aren't real comfortable around smart people or people with multiple piercings)

    On the other hand, we have a group of respectible business men pushing their idea. (Politicians can relate to business men because they wear the same suits and ties, and many of them were business men themselves at one point or another)

    Who is going to win? Hmmmm....
  • That would allow the voting machine manufacturer to release the source, but not allow anyone to make a derivative work of it? In the general software world, it's kind of hard because you can't always tell where code came from, but in the realm of electronic voting, there are only a few players, and if you require them all to release their source, it would not be hard to spot someone who created a derivative work. Diebold can protect it's trade secrets and at the same time, the community could evaluate the
  • by schodackwm (662337) on Wednesday August 04, 2004 @04:24PM (#9882390) Homepage

    "According to Software Improvement, simply releasing election-machine code under a liberal license such as the GPL is undesirable (because) ... unfettered access could lead to a compromise of the voting system, if a determined cracker could find and exploit flaws in the code."

    Let's see: the audited access assures that no cracker can ever see the code, right?

    And besides -- if we can't see the three-card-monte-man's hands, he can't cheat us?

    The only argument that holds water is the IP/profit explanation I skipped in the quote above.

    yech!
  • Check out GVI [electionmethods.org], the Graphical Voter Interface. It's free software in every sense, and I think it's pretty nifty.
  • by Triumph The Insult C (586706) on Wednesday August 04, 2004 @04:34PM (#9882466) Homepage Journal
    "...only a budget of AUS$200,000 ..."

    i don't understand how it could be this expensive, exchange rates be damned, whatever

    i don't see why this voting software needs to be so complicated? wouldn't some linux/*bsd/windows/mac/beos/atari/xbox/gamecube/dr eamcast box with a touchscreen suffice? have it run a simple web browser, have it verify the voter (perhaps some card sent to them post-voter-registration), and ++ some variable? write it out to compact flash (hey, we'll get redundant and use 2!). then have some trained monkey go around, pull the cards, and tally the numbers

    the romans and greeks used rocks or sticks or whatever the fuck they could find on the ground, and voting worked. 1500 years later and it has to be so complex?

    where did these software engineers go to school? have they never heard of occam?
    • by Jerf (17166) on Wednesday August 04, 2004 @04:56PM (#9882651) Journal
      $200,000 AUD is roughly $140,000 US, which is roughly 2 developer years for a reasonable wage of $50,000 a year + bennies.

      If you think you can create a secure, national scale voting system that you'd trust your country's future to in two man-years, I invite you to try. The experience will be educational. You might also gain some insight into why programmers notoriously underestimate how long things will take.

      Regardless of whether you create a system in that time frame that you think you can trust, I can guarentee you I won't trust it.

      One hint: While you've heard of "Occam" (although you seriously misapply it here), politicians haven't. Take a good, long look at the next ballot sometime, and don't forget multiple languages and assorted other sundry details that will start sucking your time like you wouldn't believe.

      You sound like you're still in school. It gets harder in the real world, you know. ++votes isn't gonna cut it...
    • Recording votes in the ACT is not as simple as "++ some variable".

      Calculating the outcome is not as simple as "max(...)".

      Why not take 5 minutes to find out what exactly the software does before deciding that you are so much smarter/productive than the people who created it in the first place.

      Remember to include things like independent code audits...
  • That does no one any good. Now, if you were to carry a really strong magnet with you when you vote for a local election, then maybe something can happen. Just wave the magnet over the machine when you're voting for your mayor and then complain that the machine is screwed up. Do it on one, and have 3 friends do it on others.

    The machines are screwed up, and the election gets tossed. Plus, only a minor election gets screwed up so it would be easier to re-hold the election.
  • by Reality Master 101 (179095) <RealityMaster101 AT gmail DOT com> on Wednesday August 04, 2004 @04:41PM (#9882529) Homepage Journal
    The software development process is COMPLETELY irrelevent to ANYTHING. That's right, irrelevent.

    There is only one issue, and that's hardcopy records. No voting machine should be all electronic. It should spit out a receipt that tells you exactly how you voted. One copy to the voter, one copy goes into a sealed box.

    In short, if any cheating occurs, we know immediately. Who cares how the software is developed? The only question is whether it can be verified after the fact.

    • Your proposed system doesn't work. Here's why:
      1. There's no way to tell if both copies were the same
      2. Votes can be "bought" if there's any sort of verifiable paper trail linking a voter to their vote
  • by bokmann (323771) on Wednesday August 04, 2004 @04:59PM (#9882676) Homepage
    Ok, fine, the company wants to protect its 'intellectual property'... That language alone should be enough to scare away most sane people.

    Since when is the process by which we elect our leaders the 'property' of anyone except the citizenry? If a company wants to 'own' a process like that, fine, I just think that is obviously opposite that of a democratic, transparent process.

    Surely, most people have an attention span long enough to grasp that simple concept.
  • by Mazzie (672533) on Wednesday August 04, 2004 @05:36PM (#9883182)
    I think electronic voting is insane. I didn't even like the old mechanical voting booths. If a clueless operator starts putting the tally cards in backwards your vote is lost, and you don't even know it.

    You manually put holes in a card, and drop it into a locked ballot box. Someone has to do a lot of dirty work to make that box disappear, or alter the cards. Plus there are no ink marks that can be erased or smeared or whatever. (Don't forget to remove any hanging chads, lest an evil soul tries to glue it back in place)

    Also, paper does not have source code.
  • by ngunton (460215) on Wednesday August 04, 2004 @05:44PM (#9883284) Homepage
    ... then we'd have fifteen different interfaces that all do pretty much the same thing, but they would each have their quirks and none of them would do it quite right. The software would take five years to develop from scratch, and at the end of it we would have a huge virtual machine-based system that executes XVL (Extensible Voting Language), which is horribly complex and slow, but allows for very fancy voting platforms, in theory. But as a result, the old voting hardware will be too slow and limited to run it, so we'd need all new machines based on the latest processors. We'd also have to wait a while for all the drivers to become available, and the Debian Voting Project wouldn't release the code until it ran properly on *every* platform, including PDP11 and ZX81. Meanwhile the FireVulture project will aim to develop a super-lightweight version of the codebase that will be fast and sleek, but it will run into problems due to schisms in the team, caused by differences of opinion about whether the code should be LGPL, GPL or BSD license.

    The eventual system will work very well and be extremely stable, but by the time it is in widespread use the developers will have started on Version 2.0, which is a total rewrite from the ground up (they now feel they understand the problem much better, and can see that the original API needs to be redesigned). So Version 2.0 is totally incompatible with Version 1.0, and much confusion ensues as States try to decide which "standard" to go with.

    Meanwhile, Microsoft comes out fast and dirty with Microsoft Vote and although it doesn't work too well at first (version 1.0 has a glitch where everyone who's first name begins with "L" is deleted), it works "well enough" and with the buckets of money that MS dumps on the States for new MS-compatible hardware, they quickly gain dominance in the market.

    The Open Source projects try to shift their focus to work with the MS hardware, chasing Microsoft's lead and running into a brick wall with the closed XML format that is encrypted and depends on hardware DRM to work.

    Apple brings out the iVote, which is a small device that lets you simply plug into an Apple voting machine anywhere and vote quickly and easily. Plus, it works. And quite a few people buy it and rave about how great it is, but because only Apple is allowed to make the actual voting machines, very few of them get manufactured and as a result the iVote falls into betamax territory.

    In the end, everybody uses MS Vote and complains about how closed it is, the Open Source crowd eventually gets their act together and comes out with a fantastic system that kicks butt but nobody cares any more, and that was that for the United States of America, thanks and goodnight.
  • by Anarchofascist (4820) on Wednesday August 04, 2004 @05:51PM (#9883365) Homepage Journal
    Who cares if you can get the source? Unless you can create a binary from a signed copy of the source on your own machine, then upload the compiled binary to the voting machine, how can you trust it? How do you know a secret final patch hasn't been added at the last minute?

    Paper trail is the only way, open or closed source doesn't matter. If I can walk away with a record of my vote, I'll be happy. If you added a little cash register printer and a roll of tape inside the machine and spot-audit one percent of the machine results, I'll be even happier.

    But if I can use an ink marker to make an indelible mark on a piece of paper, and have the paper counted physically by a dozen people, I'll be completely happy.

    Paper! Ink! It works!

    This whole sorry saga reminds me of a brutally frank piece of advice my Systems Analysis lecturer gave to the class.
    "Give your client a number of possible designs for the system. If we were completely honest, one of those designs might be for a purely manual process. But we're computer people, so of course we only provide computer-based solutions."
  • by HerbanLegend (758842) on Wednesday August 04, 2004 @06:09PM (#9883593) Homepage
    I can't understand where all the confusion is coming from on the E-Voting issue. The machines are supposed to address a problem:

    Problem:
    Present a list of voting choices in any number of languages, in audio for those who are blind, give them an opportunity to change their vote if they made a mistake, give them a second (and a third) chance to confirm their vote, and then make sure that their vote is counted.

    It sounds like a great application for computers. After all, multi-lingual GUIs are common and practical, and computers give you the chance to change your mind before you finalize the vote.

    Solution:
    Use the computer to format the ballot, so that you don't have to have different versions for every language, and so that the voter can confirm and reconfirm the votes before finally committing them to a paper ballot. The computer then "fills in " the ovals on the ballot, eliminating improperly filled or inadequately filled circles, at which point the voter can look at the paper and quadruple check that he voted for the right people, and put that ballot into a "dumb" optical scanner that JUST COUNTS. Nothing to tamper with, nothing to worry about - you could have 5 terminals to every counter, which would save money over the current system and would still guarantee (actually enhance) the accuracy of the vote.

    It's almost like somebody DOESN'T WANT the vote to be counted properly.
  • by dwheeler (321049) on Wednesday August 04, 2004 @06:28PM (#9883776) Homepage Journal
    You might want to also check outThe Open Voting Consortium [openvotingconsortium.org] (OVC) is a non-profit organization dedicated to the development, maintenance, and delivery of open voting systems for use in public elections. OVC is developing a reference version of free voting software to run on very inexpensive PC hardware, which produces voter-verifiable paper ballots.

    One real problem with eVACS is that, to my knowledge, it doesn't produce voter-verified receipts yet (please let me know if I'm wrong). Thankfully, the new OSS/FS site identifies this as one of the first things to be added. As noted by places such as the verified voting site [verifiedvoting.org], voter verified receipts are a critical need. In fact, I'd argue that only the counted paper ballots should actually count, and make sure that the vote-creating and vote-counting systems are separate (using some sort of standard representation on the paper, so that you can have different groups re-implement each side).

  • by gk2004 (737028) on Wednesday August 04, 2004 @06:36PM (#9883850)
    The problem with electronic voting is that the ability to distort the reported outcome of the poll is concentrated in very few hands. With a paper system, a large distortion requires the conspiracy of a correspondingly large number of tellers and local announcers of results.

    Open Source is desirable, but is not in itself a panacea. For example, impeccable code could be published, but something entirely different could be installed.

    That is not to say that a paper system prevents dubious outcomes. It's just that they are more likely to come to light, and be contested (as far as a supreme court, maybe...)

  • by dgibson (32118) on Wednesday August 04, 2004 @09:12PM (#9885161)
    I helped write the original eVACS system. Forking the code for a US voting system is a nice idea, but probably won't be as helpful as you might like. Most of the complexity in the eVACS code is dealing with the ACT's Hare-Clark electoral system. That affects both the voting interface and the back end counting system. It even affects the system's whole architecture, because the votes have to all be recorded, then counted as a batch, rather than tallied as they are entered which is the obvious way to count a first-past-the-post US style election.

    So looking at the system might yield some good ideas about how to organise the system (in particular how the sequence of voting and authentication is handled), but I don't think all that much code could be reused.
  • My thoughts... (Score:3, Insightful)

    by polyp2000 (444682) on Wednesday August 04, 2004 @09:15PM (#9885174) Homepage Journal
    Id always advocate an open source voting system. It seems that it ought to be imperitive that any electronic voting system can be audited publically to reveal any flaws or biases. However, it seems to me that either way even with an open source system how would one prove that the system used during the electing / voting process is the same as the one being available for public audit?

    And how to acertain that those running the system did or did not bias or effect the results in some way?

    Maybe electronic voting isnt such a good idea at all? Maybe the safer option is to stick with a paper based situation that cannot easily be fudged ? (that is not to say that a paper based system is also not open to fudging...)

    Whatever way, and whatever flaws, the public should have unfettered access to every part of the process at least to the extent that nothing is hidden. Open source and closed source are just as open to abuse as is a paper based system. As much of it remains examinable the better in my opinion.

    Nick...
  • by mjtg (173905) on Wednesday August 04, 2004 @09:43PM (#9885324)
    The fact that this switch from open to effectively closed voting software has occured in Australia might create an opportunity to get the issue out into the media.

    Unlike most countries, voting is actually compulsory in Australia. If you don't vote in a federal or state election, and you don't have a good reason, you get fined. If you refuse to pay your fine, then you have to answer to a court. If you keep on refusing to accept some form of penalty, then eventually you get sent to jail.

    If even a small number of people were to refuse to vote in an election, on the basis that they thought the election process was not transparent, and then subsequently wound up in jail, this would be bound to generate media interest. It would get the issue out in the open where the public could hear the issues involved and think about it. Who knows, maybe it could even attract international attention ?

The degree of technical confidence is inversely proportional to the level of management.

Working...