whoever57 writes "Ed Felten is showing a scan of the summary from a Sequoia voting machine used in New Jersey. According to the paper record, the vote tallies don't add up — the total number of Republican ballots does not match the number of votes cast in the Republican primary and the total number of Democratic ballots does not match the number of votes cast in the Democratic primary. Felten has a number of discussions about the problems facing evoting, up to and including a semi-threatening email from Sequoia itself."Update: 03/20 23:30 GMT by J: Later today, Felten added an update in which he analyzes Sequoia's explanation. He has questions, comments, and a demand.
Is NJ an open primary state (like MI)? Why couldn't a Dem have voted for one of the Republicans? That "option" (counting the number of Ds and Rs) might be a tally of the party of the voter rather than a total of the votes for candidates in that party.
in the primary you have to pick a side if you want to vote. Democrat or Republican. Once you choose, you must vote within that party. At least in a closed primary that is how it works. So, if you're a registered Green, you don't get to vote in the primary. In the general election of course, everybody gets to vote.
I live in NY (still using the old level machines, which I love:) ), and consistently the people running the poles forget to switch the switch on the side of the machine to "enable" republican or democrat (depending on whose in the both last, and whose in it next). Heck, the people running the polls are usually retired, elderly, and volunteer.
What county do you live in? Here in Broome County they give us colored cards (green for the Democrats, pink for the Republicans) that we had out to the voters after signing them in. The voter then gives that card to the person operating the machine who sets the primary lever accordingly before hitting the entrance button that allows them to vote.
I've been running a polling place since 2004 and I've never had that mistake happen in a Primary Election. If you've seen it happen more then once or twice you should probably inform your local Board of Elections so they can address the problem. It just isn't supposed to happen that way......
I'm not sure if its just laziness on the part of the poll runners
That's possible. I've come close to pulling out my hair during past elections trying to get the other three people in my polling place to follow proper procedure.
As a random example, we aren't supposed to sign in more then two or three voters at a time. If you sign in more of them then that you'll invariably wind up with someone standing in line at the machine who realizes that he needs to be somewhere and decides to duck out of line without voting. Since we've already signed him in this screws up ou
I suspect it's actually a data error. Dems have one too many, GOP have one too few. This is exactly the number of votes cast for Guiliani. They could have simply set him to the wrong party.
As Felten made clear in the article, it's not the size of the discrepancy that's the issue, but the fact that it's there at all. You'd expect this sort of minor error from humans, but the machine turning out this discrepancy is a dead giveaway that something is fundamentally wrong with its inner workings. If we could examine said inner workings, we could determine the cause of this bizzare behavior, but actually knowing what is going on inside their machines is something Sequoia is bound and determined to prevent. One can't help but wonder why, given what we've just seen...
Even if the tally was exactly right, in general you cannot prove a program correct by using only black box testing. There are simply too many possible inputs to have time to test for all but the most trivial inputs. For all we know, there's a backdoor or unintentional security vulnerability that can be used to alter election outcomes. We need to be able to examine the machine's inner workings to have any hope of verifying those are not problems with the voting machine.
Mathematically speaking, proving a program correct from the source code is in generaly impossible (if you could do that you could, in particular, solve the halting problem). From the software engineering perspective it's true that examining the source code gives you greater confidence in the software than just black-box testing.
I agree. Humans can be sound, but still off by one. calaculators are either correct or broken.
However, the size of the discrepancy is 1/60 or so. That's 1.6%, which is enough to change the outcome of some recent US elections [wikipedia.org]. So is it of a significant size? Yes, it is.
Perhaps the error was on Mr. Felton's side... what method did he use to count the votes?
He used the "look at the vote totals the machine printed" method.
Seriously, it has a picture of them. Did you RTFA and somehow didn't notice it, or do you like making uninformed comments? (Okay, that is a bit inflammatory. The first time I went to TFA, the pictures didn't load. But it still says in the text.)
RTFA. The discrepancy isn't between Felten and the voting machine...it's between the voting machine and itself. The machine generated results that were self-contradictory.
As you have likely read in the news media, certain New Jersey election officials have stated that they plan to send to you one or more Sequoia Advantage voting machines for analysis. I want to make you aware that if the County does so, it violates their established Sequoia licensing Agreement for use of the voting system. Sequoia has also retained counsel to stop any infringement of our intellectual properties, including any non-compliant analysis. We will also take appropriate steps to protect against any publication of Sequoia software, its behavior, reports regarding same or any other infringement of our intellectual property.
I love the double-standard here. The government wants to invade the privacy of it's citizens (discussed several times over on these very forums) and one of the typical responses is "Well, if you don't have anything to hide...". But when an independant third party wants to verify that an important piece of hardware used in our political process can actually do the very simple math that it's required to do, the corporation who produces is has laws that it can throw in one's face to prevent verification of data. Shouldn't someone be pressing Sequoia with the "if you don't have anything to hide..." mantra?
Does anyone else here see the obvious double-standard that we've created for ourselves?
If a company is really trying to not allow a state to verify that their voting machines work correctly, why would any state use such voting machines? This is ridiculous. Such a company should quickly go bankrupt. Must have some fantastic lobbying to get state legislatures to use machines which aren't going to count their votes correctly.
But when an independant third party wants to verify that an important piece of hardware used in our political process can actually do the very simple math that it's required to do, the corporation who produces is has laws that it can throw in one's face to prevent verification of data. Shouldn't someone be pressing Sequoia with the "if you don't have anything to hide..." mantra?
Yes and no. It appears that this is a contractual issue. The State of New Jersey signed licensing terms that does not allow an independent party to review the code. The state should not violate that contract.
Thing is, there is a limited market for voting machines in the US. There are only 50 states, it seems to me the states are in a pretty good position to negotiate the licensing terms. Why is it that New Jersey didn't specify in the terms that the code and hardware had to be reviewed by indepe
The State of New Jersey signed licensing terms that does not allow an independent party to review the code. The state should not violate that contract.
And thus, the State of New Jersey violated its own laws (and so did Sequoia), and possibly Federal Statutes as well, regarding independent poll observers and independent verification of vote tallies. By definition of it being closed source proprietary code, it's illegal. Goodbye Sequoia contract, at a minimum. Rinse and repeat for every State and County. This is going to be a huge victory for open source, and a huge blow against "imaginary property". Just an appetizer before the RIAA goes down.
duck and cover, they are reaching for their lawyer.
sounds like this story is a might fine basis for some good ole' fashioned DMCA action. Pffffft, that was the sound of sequoia credibility dying a death...
Pffffft, that was the sound of sequoia credibility dying a death
What credibility are you talking about?
After all those neato stints that just about every voting machine company tried to pull their credibility is somewhere between a San Francisco Tenderloin crack hooker and a timeshare salesman for quite some time now.
Thinking about it the hookers credibility is probably a lot better then the ones of those voting machine vendors.
The readout on a screen seems like a simple data display problem. Perhaps the programmer did something stupid like:
print array.lastIndex.indexNum
instead of
print array.count
The real concern here is not that it has a bug. All software has bugs. The concern is over what kind of QA was performed to guarantee our votes. If such a simple and obvious test case was not performed, how on earth are we to feel good about this machine?
The readout on a screen seems like a simple data display problem. Perhaps the programmer did something stupid like:
What stupid thing the programmer may have done is irrelevant here.
This is supposed to be a secure machine for tallying votes. Either it is capable of counting, and providing a verifiable audit which matches the results it reports. Or, it's fundamentally broken and can't actually be used to count elections. I don't see how there is any middle ground.
First of all, when did it become acceptable for "all software" to have bugs? The software that runs a missile control center better be bug free, especially the part that controls the firing sequence. There are certain situations where software errors are just not tolerable -- and I would say that voting machines are one of those cases. Our entire society is based on the idea that people have the right to vote on who leads them; if our ability to trust voting machines is undermined, then the foundation of
At first, I was thinking,"Oh, maybe some people chose not to vote after calling up either Rep or Dem." But then I realized the math involved. The computer says 60 votes were cast for the Reps, but 61 votes are actually placed.
Sheesh, why does this have to be so difficult. We can conduct trillions of dollars of business electronically, but we still don't have an effective digital voting system? I think the conspiracy here is by someone who hates technology likes to kill trees for paper balloting, not that digital voting is being rigged.
One counter started at Zero, the other at One?...These kind of bugs are written all the time....Of course, this is why the software should be OSS. The more eyeballs, the more people running in debug mode just to play around and have fun, the more people slicing and dicing the source code, the better.
It's hard to believe this is even an issue. The problem is that the people making voting machines (like Diebold) come from Banking sectors, where privacy and private, proprietary systems are the modus operandi.
Seems to me a good way to fix this would be to get some high-profile Non-Profs and top-brand CS schools (I'm thinking MIT, Apache Foundation, Cal Tech, Carnegie Mellon, Case Western, etc) all working together to gather some grant money, build the hardware and software solutions, open everything up for scrutiny, and produce a working product.
We can wave our arms over what somebody SHOULD build, but if we had a compelling alternative ready to go, it'd be a lot easier to pressure governments to do the right thing.
In the comments, Felton mentions that he has looked at two tapes so far. One is shown in the article. The other one has a column that is off by 2 votes. That pretty much eliminates the "Array Counter" theory.
I agree. It shouldn't be this hard to design a system that would count votes quickly *and* accurately. I could make a website that would tally the results accurately. Why can't they do the same (with a better interface) via more robust languages? I'm not a big fan of the argument that Open Source = Always Better and Closed Source = Always Worse, but in this case I think it applies. The voting machines' inner workings are hidden from view from everyone, including the government running the election. If y
We can conduct trillions of dollars of business electronically
If those trillions of dollars had to be transacted via "secret ballot", I'm pretty sure that hundreds of billions of them would have disappeared. Somehow it's a lot harder to write error-free code when you know that nobody's going to be able to do something as simple as checking their bank statements to catch your errors.
Nix all the evoting crap and go back to paper ballots. We know that paper ballots work, and are a LOT harder to fudge to the level of throwing an election.
On the whole of it, I have a big problem with the "Winner takes all" system anyway, with the majority giving the power to a handful to beat up on us all. Not even getting into how the Republicans and the Democrats systemically shuts out all other parties.
But if we are going to have voting, at least make it fair. Give equal time to ALL parties, not just the D-R club, and use paper ballots under tight security. At least make "Democracy" less of a joke than it already is.
We know that paper ballots work, and are a LOT harder to fudge to the level of throwing an election.
While I agree with you, I just have to point out that it's not all that hard...after all, the recent presidential election in Mexico was stolen the old-fashioned way.
While I agree with you, I just have to point out that it's not all that hard...after all, the recent presidential election in Mexico was stolen the old-fashioned way.
And we know this. In US, no one can know for sure.
Evoting can work if the source and hardware design of the machines are completely open to the public.
That isn't enough because you have absolutely no guarantee that the hardware and software you vote on is equal to the hardware and software design that was published. And also you would still have a voting process that is basically a magical blackbox for 99.9% of the population, some experts might be able to verify it, but not the voter and this is a big deal, since a voter should be able to understand and verify the voting process. Good old pen&paper based voting does that, eVoting doesn't even get cl
How is intentionally preventing auditing of the basic method of democracy anything less than treason? The Board of Directors should be jailed forever for condoning this activity by the Company's lawers.
Everyone keeps saying that a solution to the problem of potential voter fraud would be to open-source the code. My question is -- how? Let's say they do and someone reads it and understands it; what guarantee does anyone have that the code they've published is the same as the code on the machines the day of the election? It would be absolutely trivial to cut out the naughty bits before publishing.
If Sequoia really were ready to commit mass voter fraud, I doubt they would have too many moral issues with violating the principles of open source while they're at it.
And that's exactly the way it's worked in every locality I've ever voted in, provide full name and address, workers cross name off list, get ballot. I'm not buying the GP's story.
Had she registered to vote at the DMV, the first time she actually tried to vote they would ask for proof. This is how it works in IL. The DMV (here in IL the Secretary of State) is not allowed to examine most of these forms, regardlessly you will be marked in the role as needing to show proof when you go to the poll. Alternatively you can register to vote at the county clerks office and show proof of eligibility to vote and then the first time you vote you only need to sign. My wife did the first method, I
Minor correction: (Score:2)
It's "Felten".
</pedant>
Re:Minor correction: (Score:5, Informative)
Parent
Count from Zero (Score:5, Funny)
On the bright side at least the error will vanish as the number of votes approaches infinity
Re:Count from Zero (Score:5, Insightful)
Actually, the Republican tally was heavy one vote, while the Democratic tally was light one vote. Thus, your proposed explanation doesn't wash.
On the bright side at least the error will vanish as the number of votes approaches infinity
That's assuming that the error is due to the cause you postulated, which cannot be the case.
Parent
Re: (Score:2)
Is NJ an open primary state (like MI)? Why couldn't a Dem have voted for one of the Republicans? That "option" (counting the number of Ds and Rs) might be a tally of the party of the voter rather than a total of the votes for candidates in that party.
Re: (Score:2)
Re:Huh? (Score:4, Informative)
Parent
Re:Count from Zero (Score:4, Informative)
What county do you live in? Here in Broome County they give us colored cards (green for the Democrats, pink for the Republicans) that we had out to the voters after signing them in. The voter then gives that card to the person operating the machine who sets the primary lever accordingly before hitting the entrance button that allows them to vote.
I've been running a polling place since 2004 and I've never had that mistake happen in a Primary Election. If you've seen it happen more then once or twice you should probably inform your local Board of Elections so they can address the problem. It just isn't supposed to happen that way......
Parent
Re: (Score:3, Informative)
I'm not sure if its just laziness on the part of the poll runners
That's possible. I've come close to pulling out my hair during past elections trying to get the other three people in my polling place to follow proper procedure.
As a random example, we aren't supposed to sign in more then two or three voters at a time. If you sign in more of them then that you'll invariably wind up with someone standing in line at the machine who realizes that he needs to be somewhere and decides to duck out of line without voting. Since we've already signed him in this screws up ou
Re: (Score:3, Funny)
Minor discrepancy...MAJOR problem. (Score:5, Insightful)
it's like the Kempelen's chess machine (Score:3, Funny)
Re:it's like the Kempelen's chess machine (Score:4, Funny)
Maybe they should try running KDE instead?
Parent
Re:Minor discrepancy...MAJOR problem. (Score:5, Insightful)
Parent
You cannot prove correctness at all (Score:3, Interesting)
Re: (Score:3, Informative)
Arbitrary program code cannot be proven correct, true. However, program code can be designed to be provable.
Re: (Score:3, Insightful)
For all we know, the machines could be programmed to work perfectly, except on election day when subroutine X is used (on that day only).
But, we also know that thanks to compiler trickery, even studying the source code isn't enough.
Re:Minor discrepancy...MAJOR problem. (Score:5, Insightful)
However, the size of the discrepancy is 1/60 or so. That's 1.6%, which is enough to change the outcome of some recent US elections [wikipedia.org]. So is it of a significant size? Yes, it is.
Parent
Re:Minor discrepancy...MAJOR problem. (Score:5, Insightful)
He used the "look at the vote totals the machine printed" method.
Seriously, it has a picture of them. Did you RTFA and somehow didn't notice it, or do you like making uninformed comments? (Okay, that is a bit inflammatory. The first time I went to TFA, the pictures didn't load. But it still says in the text.)
Parent
Re:Minor discrepancy...MAJOR problem. (Score:5, Insightful)
Parent
Lawyers (Score:3, Insightful)
Hypocrisy (Score:5, Insightful)
I love the double-standard here. The government wants to invade the privacy of it's citizens (discussed several times over on these very forums) and one of the typical responses is "Well, if you don't have anything to hide...".
But when an independant third party wants to verify that an important piece of hardware used in our political process can actually do the very simple math that it's required to do, the corporation who produces is has laws that it can throw in one's face to prevent verification of data. Shouldn't someone be pressing Sequoia with the "if you don't have anything to hide..." mantra?
Does anyone else here see the obvious double-standard that we've created for ourselves?
Re: (Score:2, Insightful)
Re: (Score:3, Insightful)
But when an independant third party wants to verify that an important piece of hardware used in our political process can actually do the very simple math that it's required to do, the corporation who produces is has laws that it can throw in one's face to prevent verification of data. Shouldn't someone be pressing Sequoia with the "if you don't have anything to hide..." mantra?
Yes and no. It appears that this is a contractual issue. The State of New Jersey signed licensing terms that does not allow an independent party to review the code. The state should not violate that contract.
Thing is, there is a limited market for voting machines in the US. There are only 50 states, it seems to me the states are in a pretty good position to negotiate the licensing terms. Why is it that New Jersey didn't specify in the terms that the code and hardware had to be reviewed by indepe
Re:Hypocrisy (Score:4, Interesting)
Parent
oh dear. (Score:2)
duck and cover, they are reaching for their lawyer.
sounds like this story is a might fine basis for some good ole' fashioned DMCA action. Pffffft, that was the sound of sequoia credibility dying a death...
Re:oh dear. (Score:4, Interesting)
What credibility are you talking about?
After all those neato stints that just about every voting machine company tried to pull their credibility is somewhere between a San Francisco Tenderloin crack hooker and a timeshare salesman for quite some time now.
Thinking about it the hookers credibility is probably a lot better then the ones of those voting machine vendors.
Parent
Software bug (Score:4, Insightful)
print array.lastIndex.indexNum
instead of
print array.count
The real concern here is not that it has a bug. All software has bugs. The concern is over what kind of QA was performed to guarantee our votes. If such a simple and obvious test case was not performed, how on earth are we to feel good about this machine?
Re: (Score:3, Insightful)
What stupid thing the programmer may have done is irrelevant here.
This is supposed to be a secure machine for tallying votes. Either it is capable of counting, and providing a verifiable audit which matches the results it reports. Or, it's fundamentally broken and can't actually be used to count elections. I don't see how there is any middle ground.
There simply is no room for trying to acco
Re: (Score:3, Interesting)
Maybe the votes were not placed? (Score:5, Informative)
Sheesh, why does this have to be so difficult. We can conduct trillions of dollars of business electronically, but we still don't have an effective digital voting system? I think the conspiracy here is by someone who hates technology likes to kill trees for paper balloting, not that digital voting is being rigged.
Re: (Score:2)
1. Land government contract
2. Do little or nothing.
3. Profit.
Re:Maybe the votes were not placed? (Score:4, Insightful)
It's hard to believe this is even an issue. The problem is that the people making voting machines (like Diebold) come from Banking sectors, where privacy and private, proprietary systems are the modus operandi.
Seems to me a good way to fix this would be to get some high-profile Non-Profs and top-brand CS schools (I'm thinking MIT, Apache Foundation, Cal Tech, Carnegie Mellon, Case Western, etc) all working together to gather some grant money, build the hardware and software solutions, open everything up for scrutiny, and produce a working product.
We can wave our arms over what somebody SHOULD build, but if we had a compelling alternative ready to go, it'd be a lot easier to pressure governments to do the right thing.
Parent
Re: (Score:3, Informative)
Re: (Score:3, Interesting)
I'm not a big fan of the argument that Open Source = Always Better and Closed Source = Always Worse, but in this case I think it applies. The voting machines' inner workings are hidden from view from everyone, including the government running the election. If y
Re: (Score:3, Insightful)
If those trillions of dollars had to be transacted via "secret ballot", I'm pretty sure that hundreds of billions of them would have disappeared. Somehow it's a lot harder to write error-free code when you know that nobody's going to be able to do something as simple as checking their bank statements to catch your errors.
Enough Already! (Score:5, Insightful)
On the whole of it, I have a big problem with the "Winner takes all" system anyway, with the majority giving the power to a handful to beat up on us all. Not even getting into how the Republicans and the Democrats systemically shuts out all other parties.
But if we are going to have voting, at least make it fair. Give equal time to ALL parties, not just the D-R club, and use paper ballots under tight security. At least make "Democracy" less of a joke than it already is.
Re:Enough Already! (Score:4, Interesting)
While I agree with you, I just have to point out that it's not all that hard...after all, the recent presidential election in Mexico was stolen the old-fashioned way.
Parent
Re:Enough Already! (Score:4, Insightful)
Parent
Re: (Score:3, Interesting)
Evoting can work if the source and hardware design of the machines are completely open to the public.
That isn't enough because you have absolutely no guarantee that the hardware and software you vote on is equal to the hardware and software design that was published. And also you would still have a voting process that is basically a magical blackbox for 99.9% of the population, some experts might be able to verify it, but not the voter and this is a big deal, since a voter should be able to understand and verify the voting process. Good old pen&paper based voting does that, eVoting doesn't even get cl
A Common Problem. (Score:5, Funny)
Slashdot Polls (Score:3, Funny)
Re: (Score:3, Informative)
Re:Slashdot Polls (Score:5, Funny)
Parent
Corporate Death Penalty (Score:5, Insightful)
Open source how? (Score:3, Informative)
If Sequoia really were ready to commit mass voter fraud, I doubt they would have too many moral issues with violating the principles of open source while they're at it.
It's quite obvious what happened (Score:3, Funny)
Re: (Score:3, Informative)
Re: (Score:3, Insightful)
Re: (Score:3, Informative)