Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
The Courts Government News Politics

Group Sues To Stop German E-Voting 92

Posted by kdawson
from the we-don't-like-them-either dept.
kRemit writes "The German hacker group Chaos Computer Club today sued the German State of Hessen to prevent the use of electronic voting machines (Google translation) in the upcoming elections on January 27. This comes as a follow-up to the Dutch initiative 'We don't trust voting machines,' which succeeded in banning the same type of voting machines in the Netherlands."
This discussion has been archived. No new comments can be posted.

Group Sues To Stop German E-Voting

Comments Filter:
  • Whoever said hackers couldn't be useful?
    • Hackers are frequently useful. Crackers are seldom if ever useful.

      • by darenw (74015)
        I would mod this "Quaint" if i could. 99% of the general public doesn't get the distinction and probably never will. "Hacker" has gone the way of other fine old words. If someone from the 19th Century suddenly materialized here and said they were having a "gay old time" they would hear a few snickers. All we need a new word to mean what hacker used to mean.
        • by multisync (218450)

          99% of the general public doesn't get the distinction and probably never will. "Hacker" has gone the way of other fine old words

          So I guess we should all just start calling our monitors the "computer" and the box that actually contains the computer the "hard drive," since 99% of the general public thinks that's correct? Oh, and I'm trying to download a program in Excel, when what I really mean is create a spreadsheet?

          No thanks. I think I'll just continue to educate people who don't know any better as to what

  • but it is cumbersome, slow, small in scale, and hard to hide

    on the other hand with electronic voting (and to a lesser extent mechanical voting), you have an order of magnitude more attack vectors. you can also do a lot more damage with the slightest of effort, quickly, with a lot of volatility and potential for permanent obfuscation, destruction, or scrambling and outright manipulation. you can cover your tracks well too, and you can quickly survey the landscape and tweak votes in ways that are hard to sniff out later

    paper voting is totally transparent to everyone involved. electronic voting is opaque. there is no verification, nothing of substance. nothing to see or touch

    electronic voting is probably one of the greatest threats to faith in democracy in the 21st century. not a joke in the least

    we need to lose this really bad idea asap
    • by corsec67 (627446)
      One thing I expected around the 2004 election was a virus/worm that randomly changed the values in Access databases. Don't change the schema, don't delete rows, just change the values that was in there. Not changing the schema and not deleting stuff would make it relatively unnoticeable for as long as possible.

      If it used a 0-day exploit, and had a way to get through NATs (piggy back on a website request or something), then you couldn't trust any tallies or votes done on anything that touched the internet.
    • What about the machines that validate the paper votes? (I claim to know nothing about this) But are those computer systems or mechanical systems? If they're computer systems what's to prevent people from hacking them, lack of access?
      • by thogard (43403)
        The party that lost will hand count the votes and if their numbers don't match the machine, all votes are recounted.
      • Re: (Score:3, Insightful)

        by countach (534280)
        Machines that count paper votes can be tested by manually counting a sample. If the sample differs significantly from the mechanical count, you have a problem. You could cheat this way, but not by much.
        • by huge (52607)

          If the sample differs significantly from the mechanical count, you have a problem.
          If sample differs at all you have a problem. Vote counting shouldn't be a "pretty close approximation", it should be exact. Number of votes need to be exact.

          You shouldn't be able to cheat at all in elections. You cannot ignore something because you could only cheat "a little". If it comes to a close call every single vote counts.
          • by fugue (4373)

            I disagree. Vote counting is always a "pretty close approximation." Not just from the fact that machines and humans both fail in different ways, but also because some voters will be unexpectedly sick on election day, or be killed in traffic accidents, etc. Some will not be voting based on correct, complete information (in fact, that describes us all). Worse, some will change their minds at the last minute for trivial or irrelevant reasons. These people are, literally, noise that makes the whole process

        • Re: (Score:3, Interesting)

          by Dare nMc (468959)

          Machines that count paper votes can be tested by manually counting a sample.

          same is true of e-voting. Do you know the path of the results from the paper votes to TV results? History shows their are so many ways found to hack paper ballots, be it creative printing, creative handling, or messing with phone lines used to transmit, or losing a box, or even substituting a box for another (you give the real voters the counterfeit ballots, and boxes. You fill in the real ballots and boxes.)

          With e-voting their

          • Theoretically possible, however, doesn't have much to do with any implementation that I've heard of. More of them seem designed to specifically allow election results to be faked than to produce honest results.

            Fundamentally, the problem is that if the mechanism for counting votes is hidden, then the results can't be trusted. It could, potentially, pass every test but when a crucial date rolled around, or a switch was set, it could act in a very different way.

            And it's not just the program. Every step of t
      • by ajs318 (655362)
        There are no "machines that validate the paper votes". The paper votes are counted by people. Usually, the candidates themselves, each with one representative.

        How it works: The ballot papers are emptied into the middle of the table. Everyone pulls out all the papers with a figure "1" next to their name, counts their pile and writes down the number of votes. Everyone then passes their pile of papers to the left, counts the ones from the person on their right, and so on. When each person has counted e
    • ...the idea is being pushed all over the US. Either someone thinks this is a good idea and is pressing on regardless, or someone knows this is a bad idea and is pushing it through because they have ulterior motives.

      The way things are going at the moment I wouldn't be surprised if either or both are eventually proven true.
    • Didn't anyone see that Heroes episode? A determined team of black hats could accomplish all that easily enough, and with enough noise in the ballots to make fraud statistically fiendish to detect.

      E-vote tampering is not science fiction. It's an inevitable fact.
    • Quantity has a quality all its own.

      Many people seem to have the mistaken impression that electronic voting doesn't change anything fundamental about vote fraud, it just changes how it happens. But, if the change is big enough, it becomes qualitatively different as well.

    • Once again, every time this topic comes up, the answer is always *paper ballots*. I feel compelled to point out that the entire reason there are electronic voting machines throughout the USA is because *we had a big problem with paper ballots in Florida*. The problems with paper ballots are almost the sole reason electronic voting is being persued. It's clearly *not* transparent and *not* straightforward - there are STILL people going over the ballots trying to get a different result and people are STILL ar
      • by Anonymous Coward on Tuesday January 08, 2008 @12:32AM (#21950268)
        Whoah there. Not all paper ballot systems are equal. In ireland, people use voting slips that are written on, not ambiguously punched. And hand counted locally, with adversarial counters (i.e. people of all party affiliations checking eachothers' counts). And the voting system is proportional representation, more complicated to count, but they still manage (the american/corporate-affiliated irish government of the time tried to introduce electronic voting the election before last, and failed due to the machines' demonstrable insecurity and unreliability).

        Ireland has less people you say? True, but it still has millions, it's about the size of a US state. And these things scale well! They're amenable to hierarchical decomposition! Vote local, count local, subsubtotal, subtotal, total => result.

        Human voting is a human process, and computers should stay the fuck out of it. It's incredibly more difficult to bribe _everyone_ involved in a human-counted election than to change a few lines in a closed-source unverified voting machine.
        • Re: (Score:2, Interesting)

          by Lunzo (1065904)
          Mod parent up (Insightful/Informative).

          Australia uses a similar system for casting votes and counting. Ticking or numbering boxes with a pencil is way different to having a machine punch holes in a paper ballot, and avoids any hanging chads or any of that crap.

          As for scalability of counting, in Australia we get the election result on the night (except for seats which are incredibly close) a few hours after polling booths close.
        • As my high school deputy-head said at the time, "Here in England, we just get a big black crayon and mark a big black X," with a neanderthalic demonstration. Keep it simple, stupid!
        • by swillden (191260)

          And the voting system is proportional representation, more complicated to count, but they still manage

          I'm a fan of paper, but you're wrong to say that the proportional representation system is more complicated to count -- it's simpler. There are more parties, sure, but fewer separate decisions. My ballot (in the US) can have as many as 80 separate choices on it, because we vote for individual positions at the city, county, state and national level all on one ballot. In addition there are city, county and state ballot initiatives as well as retention votes for judges and some other appointed officials.

      • by chebucto (992517) on Tuesday January 08, 2008 @12:46AM (#21950318) Homepage
        A few points:

        - Florida did not simply use paper ballots; it used mechanical voting machines to punch those ballots.
        - Paper-punching machines are needlessly complicated, opening them up to unique kinds of disruption. Their performance in Florida may have been deliberately degraded: there are allegations that substandard paper was sent to that state by a voting-machine company for use in the machines (read more here [votetrustusa.org])
        - In voting, the simplest is the best: paper + pencil for the voter; trustworthy citizens for the counting. This is what we use in Canada; a country of 30m people, and we are able to announce election results the night of the election. There is universal trust in the voting process - though not, I am sad to say, in politics in general :)
        • by dave420 (699308)
          In the Sunderland South constituency in England, in 2001 they counted 30,000 votes in 43 minutes. Each year they try to count them as fast and as accurately as possible, and they apparently do a great job.
        • by HiThere (15173)
          Pencil is a bad choice. My preference is bingo markers, but any indelible ink is reasonable. Sharpies are good, but expensive. Bingo markers were specifically designed for the job, and make nice round dots.
      • by dangitman (862676)
        No. Florida had very poorly designed ballots that used a bizarre machine to mark them. Most paper ballot systems don't suffer from the problems of Florida, because they are not needlessly complex. What's wrong with a simple voter-writes-with-ink-on-paper system?
      • by ajs318 (655362)
        The problem was that in Florida, the ballots were marked by machine, and counted by machine. The crux of the matter was that the machines were not behaving properly.

        The way to eliminate the problem of machine unreliability is to mark the ballots by hand and count them by hand.
        • I live in Florida, and I've used the old and new system. The problems with the punch card system were caused by the humans not the machines. The much-derided punch card system had many features that were better than many newer voting systems.
          • Votes left an indelible paper trail (you can't reattach a punched chad).
          • The voting machines were extremely simple, requiring no electricity.
          • The votes could be easily read by machines at a central location. (Standard punch card readers -- not so common anymore.)

          Th

      • The only reason Florida had any vote problems was Jeb Bush wanting his brother elected.
    • by cdrguru (88047)
      Problem in the US is that if we do not have results before midnight Eastern time a winner will be announced anyway, as was done in 2000. Do you really think the country can handle announcing Hillary as the winner at midnight and then at 2:00 AM saying "just kidding, John McCain is really the winner?"

      Do you believe the government is in such good control of the news media so see to it that this doesn't happen?

      In some countries it takes two weeks to announce the results. How come we can't be patient in the U
      • by Entropius (188861)
        I can't handle John McCain being announced the winner no matter *how* it happens.

        Sure, he's principled and honest. His principles are just opposite mine.
      • by dangitman (862676)
        Uh, why wouldn't this be possible with paper ballots? Even with hand-counting, it's possible to get results within hours. There's also no reason electronic voting wouldn't delay the results, given the uncertainties and numerous problems with the machines. A reliable system like paper is much more likely to get quick and accurate results than an unreliable system.
  • NH (and most of the rest of New England) doesn't seem to mind [bbvforums.org] about its own digital voting being in unaccountable private hands, as it wields its totally disproportionate influence on the voting of the entire country.
  • by explosivejared (1186049) <`moc.liamg' `ta' `deraj.nagah'> on Monday January 07, 2008 @11:42PM (#21950082)
    Hessen, and the rest of the Germany too, listen up! Pardon my German, but... DAS ELEKTRONISCHE WAHLEN IST SCHLECT!! Did you get that? Electronic voting is bad! I don't know how many discussions, lawsuits, and protests that blast e-voting's many shortcomings it is going to take before they become what they should be, landfill fodder.

    Seriously, at best they are a waste of money. At worst, and probably most likely, they add all sorts of new vectors for corruption in a process that is inherently corrupt. Listen, most sane people realize that instant election results are not worth the dangers involved with excessive automation of the process. Keep to Occam's razor. The simpler the system the better. Pen and paper are ideal, but a punch card system is a fair choice as well.

    All the arguments are hashed and tired. There's no sensible reason to move to electronic voting. It doesn't magically increase turn-out. It's expensive. I needn't go on. However, if anyone on the elections board or whatever decisional authority over elections is reading this, this is a good starting point [schneier.com] for comprehending the e-voting situation as it stands as a piece of the larger issue of elections in general.

    SAGEN SIE NICHT ZUM ELEKTRONISCHEN WÄHLEN!!
    • I live in Germany and kept track of the voting machine controversy here. The problem is not that people want voting machines, but that politicians want them (properly because they get money from manufacturer or want to be modern or are impressed by them). When hacker groups (like the CCC [www.ccc.de]) prove that voting machine are hackable, those politicians just insist they are not. They don't even try to argue, they just trust the manufacturer so much.
      In this case, they want to use voting machines that the CCC has a [heise.de]
  • by KevinIsOwn (618900) <herrkevin AT gmail DOT com> on Monday January 07, 2008 @11:51PM (#21950118) Homepage
    Why link to a crappy Google translator version when a reasonably good english version of TFA [www.ccc.de] is available? There are big flags at the top of the article, one for Germany, and one for English. I suppose the submitter didn't realize that funny blue and red flag was for Great Britain and meant English.
    • Re: (Score:2, Insightful)

      by nem75 (952737)

      There are big flags at the top of the article, one for Germany, and one for English. I suppose the submitter didn't realize that funny blue and red flag was for Great Britain and meant English.

      Which just goes to show once again that in web design representing different language versions by flags is a bloody stupid idea.

      And yes, this is off topic, but the above can't be pointed out too often, so I'm willing to take that karma hit.

    • Why link to a crappy Google translator version when a reasonably good english version of TFA is available?

      Because perhaps at the time he submitted this news to /. no english version was available? I know a lot of (german) sites which publish the german news story as soon as it's available and than later on translate (part of their) stories into english.

  • by pv2b (231846) on Tuesday January 08, 2008 @12:06AM (#21950164)
    There's generally not much wrong with paper voting, as long as the process is totally transparent, but there are a few ways you can cheat with paper voting, but generally it's a pretty good system.

    There are a lot of smart people asking -- how can we make electronic voting as good as traditional voting with slips of paper? What if that's the wrong question? What if instead, paper voting could be made *better* with the advent of electronic technology?

    There was an article a week or so back describing some place printing ballots on demand. What if paper ballots were printed on demand, but the people printing them are the voters? A machine could be hooked up to print a ballot when a voter presses the correct buttons, and would only print out one ballot per voter. The ballots themselves would also have a barcode on them with a code certifying which machine printed them. The printers would count how many ballots were printed, and if that number doesn't match the number counted, that'd signify a problem -- either the machines were tampered with, or the physical ballots.

    Now, that'd still make it possible to print excessive ballots from a printer, but then the number of votes wouldn't match the number of voters, and thus, number of votes cast.

    To fix that, you could use some kind of public key cryptography system. In order to vote, you are sent a voter registration card, which contains a single-use private key on a 2D-barcode, which in turn is signed by whatever authority compiles the eligible voters list. That private key in turn is used to sign a message that simply says "I voted" and nothing else. That would eliminate the possibility of faking lists of who voted, except if the private key itself was falsified to start with, or if multiple such keys were assigned per person.

    But that's okay. Now there are only three possible attack vectors (that I can think of) -- key falsification (only possible if you're part of the authority that issues voter identities), key theft (possible if you rifle through the mail of whoever's identity you want to steal), and vote changing (would require tampering both with voting machines *and* with paper ballots).

    The key theft threat can be mitigated by rigorous identity checks -- posession of the proper private key should not be sufficient to vote -- some kind of ID should also be neccessary, and the key falsification threat can be minimized by *very* rigorous inspection of whatever authority issues said keys, and the vote changing scenario is made more difficult than it used to be.

    Now, such a system would probably never be implemented due to cost concerns. But it'd probably be better than the paper voting we have today, and it wouldn't break the secret ballot, nor would it make the system less transparent. It'd basically be the old system with a parallell electronic system to ensure whoever counts the paper ballots are honest. There are probably other flaws too, I don't know. :-)
    • by cdrguru (88047)
      There are a couple of problems that need to be solved with paper ballots today. Some of the solutions that have been proposed solve some of them, but most people don't seem to understand that if we can't solve all of them there isn't much point - just let the TV news announce the winner without any voting at all.

      The first problem that e-voting is supposed to solve is to get the votes counted quicker. Remmber that in 2000 Gore was announced as the winner first. Do you really think that can be allowed to h
      • by Desipis (775282)
        A 1% variation will alternately select candidates and that is unacceptable.

        If you're (re)counting votes and can't explain differences in the counts, then you're doing it wrong.
        • by KDR_11k (778916)
          Even moreso if the difference is large enough to elect someone else. The number of votes hasn't changed between the counts, why should the result?
      • by ajs318 (655362)

        The fourth problem is probably ADA-compliant voting. This means that handicapped people of all sorts have to be accomodated on request without requiring assistance. If they can talk to a lawyer, they better be able to vote without needing help.
        Can someone explain to me why a disabled person can't just take a carer of their own choosing (and therefore whom they trust) in with them to help them vote?
    • There was an article a week or so back describing some place printing ballots on demand. What if paper ballots were printed on demand, but the people printing them are the voters? A machine could be hooked up to print a ballot when a voter presses the correct buttons, and would only print out one ballot per voter. The ballots themselves would also have a barcode on them with a code certifying which machine printed them. The printers would count how many ballots were printed, and if that number doesn't match the number counted, that'd signify a problem -- either the machines were tampered with, or the physical ballots.

      Wouldn't this violate voter privacy? If the only paper ballot you have matches the actual vote case, you could take a snapshot of it with your cellphone and show to the guys who paid for your vote. A major point with secret ballots is that you do not have a paper trail, so you can lie to anyone instructing you to vote for a certain party.

      You would need to have the machine print arbitrary ballots, which would of course cause problems if there is a paper recount after the machine count failed, and you mana

      • by pv2b (231846)

        Wouldn't this violate voter privacy? If the only paper ballot you have matches the actual vote case, you could take a snapshot of it with your cellphone and show to the guys who paid for your vote. A major point with secret ballots is that you do not have a paper trail, so you can lie to anyone instructing you to vote for a certain party.

        Excellent point! Hadn't thought about that.

        You could take a snapshot with a cell camera today, but there's no way to prove that was the actual vote you cast. If no other ba

    • Re: (Score:1, Interesting)

      by Anonymous Coward
      All that you say seems quite reasonable, however it still will not satisfy the criterion that in most western democracies voting is supposed to be via _secret_ ballot. If you introduce any mechanism or technology that could (even only in principal) be used to figure out how an individual voted then it is a retrograde step over pen/pencil and paper.

      Two of your suggestions are open to this kind of attack:

      1) On-demand printing of ballots with barcode: you could make steps to create a nice system whereby no aud
    • by ajs318 (655362)
      You don't need half that complication. A simple hand punch (with one of many difficult-to-duplicate patterns), issued at random by the Returning Officer to the polling station on the morning of the election and collected at the close of polling, would be enough. Ballot papers are printed identical, and simply punched on issue. Punched ballot papers are not allowed out of the polling station, except in the ballot box or the "spoiled ballots" envelope, and people who (are supposed to) have voted alread
    • you don't get it do you ?
  • by riscfuture (997873) on Tuesday January 08, 2008 @12:10AM (#21950180) Homepage
    Computer enthusiasts really like computers, so when they say, "No, I don't think it's a good idea to use computers for this," you should probably listen.
    • by alfrin (858861)
      I was curious to from where this quote is from? I'd really like to read the read it in context, unless it was just an off hand quote. Thank you.
      • by 68kmac (471061)
        Hmm, interesting. That quote was originally in this [daringfireball.net] short post about e-voting - but he seems to have changed it since. I still have the original version in my RSS reader. There, the last paragraph reads

        I think it's been very frustrating for computer experts who've been highly critical of electronic voting machines. The decisions to use them were being made by bureaucrats who were either incapable, unwilling -- or, worst of all, too dishonest -- to recognize the accountability problems with them. In general

  • I'm confused.
  • There is no reason a secure multiple party audit trail e voting system cannot be built. Although the current ones are of poor design, and there may very well have been tampering this artificial issue may be promoted by the very people that wish to control the many, or at least maintain a degree of power.

    THE TRUTH may very well be that E - Voting is a threat to the current power structure (they know this) a system that disallows or stops the influence of special interests and or the delusions of individu

    • Re: (Score:3, Interesting)

      E - Voting properly implemented creates Collective Control eliminating the Corrupt Control.

      I'd like to hear your description of "properly implemented". Remember that you have to reconcile three things: voter verification, accurate counting, and secret ballot. (Pick two.)

      And by the way: Poorly implemented, it does just the opposite. Diebold's systems -- excuse me, Premiere Election Systems -- can have the vote compromised by anyone with access to the appropriate excel/Access database. (Might actually just

      • Actually it would still include paper. A paper receipt that cannot be altered, or maybe an email (this will work only if it can have a checksum or something to show it has not been altered.) this receipt is used by the voter to audit the system and check that their votes were properly registered in at least three of the public databases.

        We could also print out additional receipts for some other party to audit the system.

        I have designed a universal information architecture / system that engineers Big Br

        • Actually it would still include paper. A paper receipt that cannot be altered, or maybe an email... this receipt is used by the voter to audit the system and check that their votes were properly registered in at least three of the public databases.

          Alright, let me get this straight: Are these "public databases" exposed, in full? Are they simply every single vote, and who it was for?

          If so, that kills your anonymity/secrecy. It now becomes possible for people to literally and directly buy votes, because they

    • by ajs318 (655362)
      "Voter verification" is a non-issue. You can see your name, address and who you voted for on some screen. But that doesn't mean jack shit. You can't be sure that the totals are correct without looking at everybody's vote. But the majority of those people are strangers to you. You don't even know that they exist, let alone how they voted.

      Just displaying the person's vote you asked for and a row of "final totals" across the bottom of the screen would probably get past most people -- even if the "final
  • 24c3 lectures (Score:4, Informative)

    by erlehmann (1045500) on Tuesday January 08, 2008 @01:17AM (#21950502)
    on the 24th chaos communication congress there were two interesting lectures:

    one about electronic voting in the netherlands (english): http://outpost.h3q.com/fnord/24c3-torrents/24c3-2342-en-it_was_a_bad_idea_anyway.mkv.torrent [h3q.com]

    another about electronic voting vulnerabilities and the status in germany (german): http://outpost.h3q.com/fnord/24c3-torrents/24c3-2380-de-nedap_wahlcomputer_in_deutschland.mkv.torrent [h3q.com]
  • Interestingly the main argument in the case at hand is NOT that the machines are faulty or can be manipulated.

    Until now elections in germany are held in public. This means that anybody can come in and watch the votes beeing counted. However with the voting machines used the people are requested to believe the government that they operate correctly. This trust should be based on secret reviews of the machines hard and software conducted by the government.

    The CCC argues that his does not qualify as a public e
    • even with open source software on the voting machines, there is now way for anyone to tell what the machine exactly does. even computer scientists can only hope that the machine right in front of them has the right software on it. also, if manipulations happen, there can be no recount.

      also, the argument actually is about that those machines can be easily manipulated. a public counting process is only to ensure that there is no manipulation, therefore ensuring government legitimacy.

      you are wrong.
  • Old paper voting systems, one might say, were perfected for their use.
    Use them.
    But underneath them, have an electronic sensor system that detects the votes.

    This eliminates the problem of stuffing paper ballots as in Chicago's past and Kenya's yesterday;
    and eliminates the problem of electronic machines giving whatever numbers the last programmer wanted,
    not what the voters selected.

    That's a double check.
    No voting system should be allowed that is less trustworthy than the old paper system.
    If we allow voting to

To restore a sense of reality, I think Walt Disney should have a Hardluckland. -- Jack Paar

Working...