Forgot your password?
typodupeerror
Government Security Software News Politics

California Sec. of State Wants Open Source E-Voting Systems 112

Posted by Soulskill
from the nowhere-to-go-but-up dept.
Lucas123 writes "California's Secretary of State, Debra Bowen, was among a group of e-voting experts at MIT yesterday who said the nation's electronic voting systems are still not secure and many run on faulty software. Among the suggestions offered to fix the problem: use open source software, stop delivering e-voting machines to polling places weeks in advance of an election, and keep a paper trail for auditing purposes. Bowen also believes that a ubiquitous Internet voting system could not work without the use of a national ID card system."
This discussion has been archived. No new comments can be posted.

California Sec. of State Wants Open Source E-Voting Systems

Comments Filter:
  • Nice step forward (Score:5, Insightful)

    by daemonburrito (1026186) on Saturday September 27, 2008 @09:30AM (#25176919) Journal

    Next step would be firing the so-called "technology experts" in the popular media, who apparently lack the the tech saavy to google for what "open-source" means.

    Coverage of the G1 launch was a beautiful example of their ignorance. Many times I heard the fakers pontificate about the "security concerns" in using open-source software, while not even knowing meaning of the term.

  • by liquidpele (663430) on Saturday September 27, 2008 @10:01AM (#25177085) Journal
    Yes, pvote [pvote.org] is small (current version is 460 lines), but that does not take into account the software under the simple python script.. What about the OS, the Interpreter itself, drivers, how it stores the votes, etc. All that has to be secure... the actual interface to the voters is probably the LEAST of your worries.
  • by schnikies79 (788746) on Saturday September 27, 2008 @10:04AM (#25177103)

    Just stick to paper. It works.

  • by arth1 (260657) on Saturday September 27, 2008 @10:05AM (#25177107) Homepage Journal

    What if you could actually do the ballot on your computer at home, carefully making sure that the buttons you push are what you intended, and then bring a printout with something like a barcode or other digital encoding of your selections? (This wouldn't have to be tied to your name -- that can still happen in the booth.) Then you bring that barcode to the booth, and it scans it after you walk in, and that "preloads" your selections. Then, you're just down to a verify step, under less pressure.

    Bad idea, for many reasons:

    1. Not everyone has access to computers.
    2. It opens for coercion fraud and buying of votes. The coercer (whether it's a husband or someone who bought your vote) makes sure that you have only one printout, and that you don't spend long enough in the voting booth to fill out another.
    3. Dimpled chads will be replaced with blotting ink cartridges. Expect the printer manufacturers to get sued if a vote allegedly registers incorrectly.

    The possibility for buying votes and coercing the voter is also why Internet voting must not be allowed to take place unless and until we can open a connection between our mind and the Internet. The voting booth is there to ensure privacy. Please do not take that privacy away in the name of security. I think Ben Franklin had something to say about that trade-off.

  • by Shot_Noise (1354159) on Saturday September 27, 2008 @10:06AM (#25177115)

    It should run as minimal as possible

    Personally, I would take one step further. Electronic voting machines should be based on either a microcontroller or FPGA. The source code for whichever one would be available for public review. It would be carefully written and validated to ensure that the ports to which the user (voter, election worker, etc) has access cannot be used to reprogram it. It would be enclosed in a truly tamper-resistant, tamper-evident box. Of course, it still needs to have a voter-verified hard copy.

    I think too often we are tempted to take the easy path and use an all software solution when a solution that involves hardware makes more sense.

  • by Joce640k (829181) on Saturday September 27, 2008 @10:10AM (#25177135) Homepage

    Voting machines could print barcoded papers which can be counted electronically. This would allow fast vote counting without all the problems of the punch cards. Random samples of the paper could be counted manually as a security check.

    Whatever happens there must be a paper trail. These are important decisions and any system without bits of paper should be a no-starter.

  • by Burz (138833) on Saturday September 27, 2008 @11:55AM (#25177721) Journal

    Ramms+ein is right: Open source will not solve the problem of computerized voting, which transforms the ballot from a physical object that can be read by any poll worker, into an electromagnetic blip that cannot be verified except through extremely indirect and convoluted means using teams of hard-to-find experts.

    As you may know, the 'normal' transactions we perform on computers every week are coming under increasingly successful attack. And that is WITH the benefit of the transactions carrying the identities of the people involved.

    Anonymous transactions like the vote are far more vulnerable to error and tampering and are unsuitable for computerization except for peripheral functions like printing.

    No amount of OSS review will help in an environment of high stakes subterfuge, especially when the remaining non-OSS layers of the systems are endlessly complex by comparison with paper ballots. Just ONE inappropriate logic gate or bit out of billions in those little machines can throw an election.

  • by Nursie (632944) on Saturday September 27, 2008 @12:12PM (#25177823)

    No.

    The moment you give the voter the ability to check their vote afterwards you give their abusive husband a way to check they voted correctly. Or the employer that wants you to vote for his buddy. Or the local mob...

    Bad plan.

  • by MiKM (752717) on Saturday September 27, 2008 @02:31PM (#25178613)

    What about public libraries? Libraries generally charge around ten cents to print a page, which isn't very much. Even so, I'm sure that libraries would be willing to make printing out ballots free-of-charge.

  • by pm_rat_poison (1295589) on Saturday September 27, 2008 @08:27PM (#25180965)
    Consider this: Someone votes in a booth using an electronic machine, which prints out their vote, which the voter themselves put in a sealed envelope and throw into a locked poll. The voter can verify that what he voted for is what the machine printed.
    After the election day ends, the machine announces a sort of temporary result. Then, a representative of the justice system, and representatives of all parties, and a member of the public (with a role similar to jury duty) all verify that the number of votes correspond to the number of people registered to have voted in that place. If there is a difference between the electronic and the paper-trail result, the latter overrides the former. The representatives can also count as invalid all envelopes that contain an irregular number of printouts, or one that has any identify marks (such as writing, scratching, tears or whatever)
  • by Anonymous Coward on Saturday September 27, 2008 @08:31PM (#25180995)

    Paper trails are bad. What we need are PAPER BALLOTS. The machine can help by helping voters fill out the damn form correctly and printing the ballot in COMPLETELY human readable form. Then an OCR can read it AFTER the voter has had a chance to make sure they are casting the votes they intended. The ballot helper MUST be completely independant of the OCR and the voter is the only link between the two.

    No receipt, no tracking, no paper trail. Just a paper ballot. And of course we keep the ballots just as we normally would.

    I'm surprised I have to explain this.

Thus spake the master programmer: "After three days without programming, life becomes meaningless." -- Geoffrey James, "The Tao of Programming"

Working...