Forgot your password?
typodupeerror
Government Security United States News Politics

Sequoia Disclosing Voting System Source To DC 100

Posted by timothy
from the watch-whether-my-pity-meter-twitches dept.
buzzinglikeafridge writes "After Sequoia voting machines registered more votes than there were voters in DC's primaries last September, and the city threatened a lawsuit as a result, the company agreed to disclose technical details of the system (including source code) to the city. Although this isn't the first time the company has disclosed the source code of its machines, it is the first time the machines' blueprints will be handed over as well."
This discussion has been archived. No new comments can be posted.

Sequoia Disclosing Voting System Source To DC

Comments Filter:
  • Yay! (Score:1, Insightful)

    by Jurily (900488)

    About fucking time.

    • Wow, a 3 word comment, essentially trolling got modded insightful +4

      How the hell do you program something to deliver more votes than voters? Someone seriously needs to work out what the hell is going on...

      • by MrMista_B (891430)

        How is it trolling to express relief that something so critical as /voting/ is finally being taken seriously?

        It's about damn fucking time, indeed.

        • If it was actually being taken seriously it would be done by hand counted paper ballots.

          There are already good paper voting systems in use that meet important criteria such as:
          1) Being easy for most people to understand how their vote is counted and the effort it takes to cheat the system.
          2) Allowing the different political parties and independent bodies have their observers present to observe the votes as they are being counted.

          Because, I suggest that: elections don't just have to be fair. They have to be
          • by AK Marc (707885)
            If it was actually being taken seriously it would be done by hand counted paper ballots.

            No, if it was being taken seriously, then vote verification would be used. We take our anonymity more seriously than accuracy, and so accuracy sucks. When I place a vote, I have no idea how or whether it will be counted. If it's lost, counted twice, marked invalid, etc. I'll never know. And as such, anyone could tamper with my vote and I'll never know. When the system is designed where I have to trust people with
            • by TheLink (130905)
              Well many in the USA seem to have huge hangups about nonanonymous voting. I don't know why.

              To me in the scenarios where it is a big problem, are the same scenarios where voting probably doesn't matter much anymore - everything else has become terribly corrupt - the cops, courts etc. e.g. The Dictator wins with 98% of the votes.

              Otherwise, in normal cases, you just get some evidence that your boss was trying to force you to vote some way, complain to the cops/lawyer and boss is in deep shit.

              That said, even wi
              • by AK Marc (707885)
                It's hard when there are observers from various parties/orgs watching each count as it happens. And keeping a guard over the ballot boxes to make sure they aren't moved or switched.

                But even with that, there have been multiple cases of lost boxes from areas that were expected to be for or against the wrong side, or finding 4 boxes when there were supposed to be 3 at a place, and it looks the same as the others so that you either count them all (and get more votes than voters) or throw them all out. Both w
    • Not so fast.

      Now that some of you are catching on about how electronic vote tabulation devices can not be trusted, (from the doping level, to the firmware, and and finally software) you've just been "routed around" once again, as the EVM's are now shifting gears and upping the ante by changing the game with "internet voting", the ultimate unvalidatable nightmare.

      A pollwatcher, still can't see the electronic signals in any of these devices.

      So while everyone tech savvy sit's there and argue's over open source,

      • Re: (Score:2, Insightful)

        by ae1294 (1547521)

        Can you tell I am pissed off?

        No.. because you didn't use all UPPERCASE.... but everything you said is true enough. Something as important as voting shouldn't be played with and subject to the whim's of lobbyist and 'for profit' tech companies who are outsourcing their coding to china.

        The whole idea (facile) of saving a buck by making the voting system electronic or that paper ballets are too hard to understand is just cover for someone trying to make a buck or worse someone trying to rig elections with less effort and/or chance of bein

  • if(candidate == "Bush") { castVote(candidate); castVote(candidate); } else { castVote(candidate); }
  • by Opportunist (166417) on Sunday June 07, 2009 @08:45AM (#28240717)

    You want me to use your machine for my elections? Hand it all over. All. Source, blueprints, all. I want to audit it. For as long as I want and by whomever I please. Yes, of course you will get my signatures that your code will not be given to anyone (except for audits, but not to keep) and it will be only used to audit your machines. No problem.

    You don't let me? Ok.

    NEXT OFFER!

    Frankly, it's a HUGE biz. Once you have the foot in the door, do you think they'll audit your competitor or will they order their next machines with you again because they've been audited already? YOU want to sell ME your machines. YOU are about to earn a ton of money, enough that you'll never have to create any other product anymore. You're selling to the government, not some beancounting company, they won't question if your software costs a million despite costing you 10k.

    Do you think I'll find some company willing to comply with my requirements if you don't bend over?

    • You want me to use your machine for my elections? Hand it all over. All. Source, blueprints, all. I want to audit it.

      How do you know that the source you see was used to build the machine in front of you? And that the compiler didn't insert any easter eggs? The correct response is "If you machine is a #2 pencil and paper, fine, otherwise, hell no."

      • Re: (Score:3, Interesting)

        by Opportunist (166417)

        Because I will compile it. Using my compiler.

        Doesn't work? NEXT!

        • So you're going to buy machines from a company but then have to get the latest source from them, compile it, upload it to the machines, then do testing?
          • Someone will, yes.

          • Re: (Score:2, Interesting)

            by Anonymous Coward

            Some south-american countries do this already.

            The source makes rounds through representatives of all interested parties, and after examining it, they sign it with their private keys. Then the code (after verifying against their keys that it's not a changed one) is compiled (with a generic compiler for which md5 and sha1 are available) and then the resulting binary is signed digitally with keys from them all again. Then the signed binary gets copied to all the machines. And then anyone can check if the code

            • Are you pulling my leg? That sounds like a fantasy of how it could be done (even though it's still not as trustable as pen and paper).
          • Democracy should be worth that, yes.

            If it's not, you know, pen and paper still works fine...

            • by AK Marc (707885)
              pen and paper still works fine...

              Most of the elections stolen by fraud were done with elections that ran on pen (or pencil) and paper. Ballot stuffing, lost ballot boxes, and the multitude of cases of polling place restrictions (from poll taxes that were law, to having too few voting booths and turning away voters that arrived before the polls closed). Even with all the faults, it is still asserted that electronic is more reliable than paper. Sure, that's debatable, but to just assert that paper is bet
  • Surely with something as important as a voting system, any private supplier should have to submit the blueprints & code to some kind of independent panel for approval / verification as a matter of course?

    Who the fuck trusts a corporation to implement a something that is fair, correct and well engineered, without any oversight?
  • by Jamamala (983884) on Sunday June 07, 2009 @08:56AM (#28240757)
    I don't understand how voting machines can be so complicated that such gross errors occur. Surely it can't be much more than a glorified counting program that also keeps some sort of log about what it's done. I'm making the presumption that these programs are for some reason very complicated, and that's why errors like this are more frequent than they should be. Can anyone either explain why they're so complicated or give another reason why they seem to spew out so many errors?

    (Aside from the witty "they're all programmed to vote for candidate X!" responses.)
    • by S77IM (1371931) on Sunday June 07, 2009 @09:06AM (#28240789)

      It's close enough for government work.

    • Re: (Score:2, Interesting)

      by Felix Da Rat (93827)

      My gut feeling for the complication is to add more features to help jack up the price per unit.

      Figure that each polling station will have at least 3 units, so you're talking about a lot of sales. A simple system, such as you described wouldn't be very expensive, and would be a tough sell.

      But if you add in 'Automated security sub-routines', 'Time stamp live validation', 'Heuristic Real-time Networked Vote Tallies', all of which I just made up, but sound semi-decent for a sales pitch, you can charge more.

      Of

    • by MLS100 (1073958)

      After a code review it was revealed the button1.onclick was vote++ instead of vote==1 and some people are doubletapping the screen.

      I knew we shouldn't have outsourced that function to Mrs. Stewart's 4th grade computer class, but hey times are tough.

      • Re: (Score:3, Funny)

        Pretty sure vote==1 doesn't do much. In Java it actually gives you an error. In C it just does nothing mysteriously.

    • by 2phar (137027)

      I could see how some complexity could arise from data integrity concerns. Satellite systems, for example, include mechanisms to constantly check and error-correct memory because of corruption due to comsic rays. If you regard voter data as precious enough, you could construct pretty complex redundant systems to cross-check themselves too.

      Of course, I doubt that would be happening if MS Access is involved.

    • Re: (Score:3, Informative)

      Deibold makes ATMs. Those things are accurate, reliable, solid, perfect, etc. Why then should their voting machines be so flaky? I think the only answer can possibly be is "They wanted them that way."

      • you assume ATMs are perfect. perfection is impossible. the question is, is the margin of error on ATMs (which have been around for decades) lower than you would expect compared to voting machines (which are relatively new).
        • by AK Marc (707885)
          the question is, is the margin of error on ATMs (which have been around for decades) lower than you would expect compared to voting machines (which are relatively new).

          Yes. ATMs have much lower error rates than we see for voting machines. Newness has nothing to do with it. Revolvers are more reliable than muskets, and revolvers are "newer" technology. Even when they were very new, they were more reliable. The voting machines should be an order of magnitude more simple than an ATM. They don't handle
          • so what is the error rate for ATMs, and what is the error rate for voting machines?
            • Re: (Score:1, Troll)

              by AK Marc (707885)
              You tell me. You are the one that asserted that they would be a better comparison. So since you brought them up, you let us know. The banks hide the failure rate for the ATMs to give the public confidence in them, and the government hides the failure rate on voting machines to give the public confidence in them. So good luck. The closest I can find is that the error rate for voting is between 2% and 5%, and that ATMs are below 1%. Now that you have your numbers, what are you going to do with them? Or
        • Code can be mathematically proven. Mathematically proven code has no errors. Hardware executing it will not behave incorrectly due to a software bug. Hardware designs can be mathematically proven. A mathematically proven hardware design will not produce a bug due to design flaws. I'd call anything running on well made hardware with mathematically proven hardware and software "perfect". I'm not sure ATMs get mathematically proven software since every once in a while someone hacks one and gets it's money for

          • Really? What do you know about the ATM debugging process? How do you know they are close to it? Because it really sounds like you're making stuff up and don't actually know much about ATM's.

            As for 'proving', here is a Donald Knuth quote for you, "Beware of bugs in the above code; I have only proved it correct, not tried it." Proving it is unfortunately never fail-safe.
      • by cusco (717999)
        Considering that the guy they hired to lead their programming staff has spent time in the Washington State prison system for multiple counts of computer fraud I think your guess is probably pretty close.
  • The machines that protect democracy include jet fighters, naval warcraft, guns, rockets, bombs ---- and voting machines.

    The US Government wouldn't buy a any of those other things without a massive effort to make sure they were secure, why not voting machines as well? If you can compromise those, the rest are easy.

    • The machines that protect democracy include jet fighters, naval warcraft, guns, rockets, bombs ---- and voting machines. The US Government wouldn't buy a any of those other things without a massive effort to make sure they were secure, why not voting machines as well? If you can compromise those, the rest are easy.

      Excellent point, but the only voting machines that can be provably trustable are a pencil and paper. With war machines, it's easy enough to determine that they aren't working: they don't fly, we

      • by WCguru42 (1268530)

        With war machines, it's easy enough to determine that they aren't working: they don't fly, weapons don't detonate, etc.

        And the chance that there's a remote kill switch in it that would disable all of your war machines. The government does/should check for those in their weapons and there's no excuse why they don't take the effort to do the same with electronic voting. And this lack of effort, combined with the simplicity and effectiveness of paper ballots (not punch ballots like in Florida and other states, just simple fill in the bubble ballots), means that there should be no electronic voting until people step up and ma

        • And the chance that there's a remote kill switch in it that would disable all of your war machines. The government does/should check for those in their weapons and there's no excuse why they don't take the effort to do the same with electronic voting.

          Again, the difference is that said weapons have been put to actual use, and they've worked well enough. Voting machines have been put to actual use as well, but who knows whether they worked? Nobody can know!

        • Re: (Score:2, Interesting)

          by myspace-cn (1094627)

          Actually the USAF is concerned about kill switches and other hidden logic built in at the doping level, and while the do play red team blue team with such devices, sadly the only way to truly find out is to destructively reverse engineer the chip. The only other way is to have 100% trust in the doping source, while maintaining 100% chain of custody.

          Meanwhile, out on the flightline, a tech sign's off that red x when the system is tested and working, "op's check good." It still doesn't mean it's working prop

      • The voting machine does more than the infallible pencil and paper that you describe, which only covers the marking of a vote. The voting system that you yearn for involves correct marking of the ballot paper, manual transport of vote boxes, manual handling of the paper, manual tallying of the votes, manual reporting of results upstream, manual cross checking of error rates, recounts on-demand etc... Each and every one of those steps in the system in open to human error (losing count, misreading), lack of

    • Re: (Score:3, Insightful)

      by dunezone (899268)

      The machines that protect democracy include jet fighters, naval warcraft, guns, rockets, bombs ---- and voting machines.

      The US Government wouldn't buy a any of those other things without a massive effort to make sure they were secure, why not voting machines as well? If you can compromise those, the rest are easy.

      Because the people that are elected in office are the same people voted in by those machines.

      • by Ihmhi (1206036)

        Because the people that are elected in office are the same people voted in by those machines.

        Perhaps those people should be voted out of office with jet fighters, naval warcraft, guns, rockets, and bombs.

    • by symbolic (11752)

      Interesting comment - if we are to extend the analogy completely, we'd have to acknowledge that even these complex systems sometimes require a few attempts before either being scrapped (as unworkable or too expensive) or before they are successful.

      That having been said, I personally think the issues we've seen with e-voting are ridiculous - by comparison, it's not a very complicated process.

      • by WCguru42 (1268530)

        we'd have to acknowledge that even these complex systems sometimes require a few attempts before either being scrapped (as unworkable or too expensive) or before they are successful.

        But are those attempts found out in the wild or in a testing phase (I'm honestly not sure, don't follow military history well enough)? If they are done in the wild then it's similar to electronic voting (though you're right, the voting machines' mistakes are pretty horrendous for the task) but if they're done in testing then so should electronic voting and they should keep testing them until they get it right.

    • I won't object to communities getting source code to voting machines under free software licenses [counterpunch.org], but when voting machines are used only to prepare voter-verified paper ballots never to count ballots (as they should be), security concerns for these machines drop dramatically. I shouldn't have to use such a machine in the first place, but if I choose to use a machine to prepare my voter-verified paper ballot source code concerns drop to making sure that bugs in the program won't stop me from using the prog

    • by Almahtar (991773)

      The machines that protect democracy include jet fighters, naval warcraft, guns, rockets, bombs ---- and voters.

      Fixed it for ya. Problem here is that the voters don't care enough to make sure the elections are working the way they should. They want to care about it once every 4 years, 2 years at best, and then go back to caring about their MySpace page. If people cared more about the politics running their nation in general they'd raise more of a fuss about things like voting machines' discrepancies.

    • by MrPhilby (1493541)
      A voting machine is the ONLY machine you have to comprimise. The rest follow without a whimper.
  • by Anonymous Coward

    Sequoia voting machines are secure, unless someone clicks here:

    http://www.google.com/search?q=sequoia+yellow+button&ie=utf-8&oe=utf-8&aq=t&rls=com.ubuntu:en-US:unofficial&client=firefox-a [google.com]

    I used to work for a state division of elections certifying voting equipment. I wound up getting canned. I think one of the rationale was that I raised an eyebrow at problems like this.

    I'd love to know what American attitudes are towards open-source. I've known plenty of people who consider open-source i

  • If everyones name was attached to their vote there would be a way to verify the election outcome. Are people really that ashamed of who they vote for? No one is getting executed or persecuted based on their vote.
    • by hey (83763)

      Actually, that might make coding it easier.
      Then you just have a hash:

            vote{SSN} = candidate

    • Re: (Score:3, Insightful)

      by WhatDoIKnow (962719)

      No one is getting executed or persecuted based on their vote.

      You think maybe that's because the vote is secret?

      • Well if anyone is getting persecuted for their vote isn't it time for a revolution? If your gov is so evil that they persecute you for voting for the other guy they don't deserve to / can't be trusted to run the country.
        • No we don't need a violent revolution. Saying such things, just get's you tagged by the corrupt DHS. (Unless of course your an agent provocateur.)

          It's called "Transparency." It goes back to the days, where voting the wrong way and your enemy finds out they kill you. Which is why it had to be a secret vote with public oversight.

          Now while I don't claim to know your motivations, the fact our vote has to have transparency, should be a clear message to the people there are internal threats to our constitution,

    • Re: (Score:3, Insightful)

      by Anonymous Coward

      The reason the ballot is a secret is to be certain that no one can leverage your vote against you. A secret ballot is critical for the safety of the voters. Just imagine that your boss knows who you're voting for.

      "No one is getting executed or persecuted based on their vote."

      Not in the US, where voting is fairly free and safe. In other places not so much (Kenya).

      • Are you sure that not just an excuse so the evil dictators can cheat at the election? If people are going to persecute based on others voting they should be harshly dealt with and that will be the end of that.
        • by Devout_IPUite (1284636) on Sunday June 07, 2009 @12:47PM (#28242093)

          Yes, I am sure that secret ballots are essential. Not only can an open ballot leave you open to retaliation (an extremist group says "Anyone who votes for Candidate X is going to be on our hit list") but it also lets them buy votes a la "$50 for anyone who votes for Candidate Y" (by the way, at $50 for each voter takes about $3.5 billion if you want the same popular vote that Obama got last year. Obama spent around $0.6 billion, think any corporations would be willing to fund a candidate?)

          • Are you saying that our currant gov is an extremist group?
            • I was actually thinking of Al Quaida making a threat like "if you vote for anyone other than Osama Bin Laden we will come to your house and rape your daughters and then shoot you". I'm sure that would convince some people to stay home.

              I can see radical pro-life or radical environmentalists doing the same kind of thing though. The pro-lifers are ironically more likely to shoot you while the environmentalists are ironically more likely to turn you house into green house gas...

              • Your pro-lifer comment is a troll. Abortion doctors end many more lives than pro-lifers. And Osama doesn't control the government though him and Bush were awful close buddies same with Saddam so you are right that we should be scared of our government.
                • I'm sorry you feel the pro-lifers are less violent and gun oriented than the environmentalists. Doesn't mean you're right. I'm sure some environmentalists would get their panties in a twist if they heard me claim that they were more likely to be vandals than pro-lifers. I'm picking on both sides of the aisle if you didn't notice (because both liberals and conservatives have crazy wackjobs).

      • by AK Marc (707885)
        Just imagine that your boss knows who you're voting for.

        He knows. And he knows I always vote the opposite of him. Where's the problem again?

        If you are too stupid to figure out how someone could guarantee they know how you voted with the current system, then I can't help you (not that my boss does one, but that we talk politics). There are hundreds of ways that would work, and that you speak as if there are none indicates your inability to think.

        Not in the US, where voting is fairly free and safe. In
    • by Chees0rz (1194661)
      You had a pet Unicorn as a child, didn't you?
    • Re: (Score:3, Funny)

      There is an old saying about how those who don't read history are doomed to repeat it.

      I have no idea why that thought sprang to mind just now. None whatsoever.

      • by AK Marc (707885)
        There is an old saying about how those who don't read history are doomed to repeat it.

        Secret ballots were a late-comer to the US, and weren't needed or even useful until then. And the reason they were needed was race. Prior to the race issues causing so much trouble in the south around the time of the Civil War, secret ballots were not widely used in the USA, and there was nothing lost. History shows us that, as long as there isn't a very strong case of vote indimidation being caused by a massively hug
        • "And there was nothing lost?"

          I believe it was the lack of secret balloting that allowed all manner of vote-buying schemes, including big patronage machines like Tammany Hall.

          Public ballots make it harder for people to vote their conscience, and easier for groups with power to intimidate or bribe the people they have power over. But you're right that private ballots give too much leeway to the people we charge with counting the ballots. I don't see a perfect solution. I think that voting machines with ope

          • Re: (Score:1, Troll)

            by AK Marc (707885)
            There are ways to verify ballots without them being public. The votes would be anonymous, but with verification tracking would be possible. You can't guarantee anonymity, but it's not like the way the voter voted will be printed next to their name in the phone book.
    • by grikdog (697841)
      Same reason as always. If they know how you voted, they come and break your kneecaps. Secret prevents real mayhem, shame has nothing to do with it.
      • Who are they and why will they break your kneecaps? Also why should we hide so the evil they who apparently control everything don't come after you? Shouldn't we be going after them. Who are the real terrorists in this country? Or are you one of thos conspiracy wackos?
    • by WCguru42 (1268530)

      If everyones name was attached to their vote there would be a way to verify the election outcome. Are people really that ashamed of who they vote for? No one is getting executed or persecuted based on their vote.

      Follow history much? How about your up for a promotion and your boss doesn't like the person you voted for so he gives the promotion to somebody else. How about the mob threatens to harass/beat up/kill your family if you don't vote for the right person. There's a reason voting is secret and that secrecy is essential to democracy. Without secrecy intimidation and coercion has, can and will occur in voting.

      • by AK Marc (707885)
        Follow history much? [...] Without secrecy intimidation and coercion has, can and will occur in voting.

        The vote wasn't secret in the USA for a long time. And what you claim would happen didn't. You are wrong, and history proves you are wrong. There was a short period (1860s to 1980 or so) where there was some race tension that resulted in many illegal acts being taken to harm people. One on the long list was voter indimidation. However, even with "secret ballots" being the law, the practice in many p
    • Can your boss look at your vehicle registration? Vehicle registration should be secrete so your boss doesn't know you have a second vehicle and are working at a second job for the competition to pay for that vehicle and fire you. Can any random asshole look up your SNN? You people are a bunch of stupid assholes that try and protect everything wrong with the system rather than fix it.
    • what hater of democracy modded me troll stand up or are you an anonymous coward to ashamed to take responsibility for your actions?
  • I don't understand what this accomplishes. What are they going to do? Look for bugs? They already know there are bugs. If it was sabotaged, they're not going to get the code that was used and will only find bugs.

    This is like calling the fire department after the barn has already burned to the ground, except that the fire will likely be allowed to continue.

  • I can just hear the DC election commissioners now, poring over the source code: "What is this? Why can't they write in plain English? What's this 'Studio H' stuff supposed to mean?"

With your bare hands?!?

Working...