Software Bug Adds 5K Votes To Election 239
eldavojohn writes "You may be able to argue that a five-thousand-vote error is a small price to pay for a national election, but these errors are certainly inadmissible on a much smaller scale. According to the Rapid City Journal, a software glitch added 4,875 phantom ballots in a South Dakota election for a seat on the city council. It's not a hardware security problem this time; it's a software glitch. Although not unheard of in electronic voting, this bug was about to cause a runoff vote since the incumbent did not hold a high enough percentage of the vote. That is no longer the case after the numbers were corrected. Wired notes it's probably a complex bug as it is not just multiplying the vote count by two. Here's to hoping that AutoMark follows suit and releases the source code for others to scrutinize."
How hard is it for a computer to do addition? (Score:5, Interesting)
Why is a voting system doing any kind of math at all? I voted yesterday in Belgium on a computer that puts my vote onto a card, which is then tallied separately. This same system has been working since at least 1995 with zero reports of fraud or failure (except normal "computer is broken" style failures).
How can a computer "add phantom ballots"? Software does not just "glitch", it breaks in ways that depend entirely on how it was built.
I must be missing something... (Score:3, Interesting)
This is why we have validation. (Score:4, Interesting)
tampering? (Score:5, Interesting)
Re:How..... (Score:2, Interesting)
How does a local election provider define the ballot? How do you ensure that the ballot programming is accessible to politicos and not computer programmers? How do you QA the ballot program? How do you verify that nobody has tampered with the ballot program after it has been QAed?
For QA, how do you do it without using official ballots that don't end up in the valid votes pile? Do you use a different form? Then the official ballot might be different from the test ballot and result in badly counted votes. What happens if the scanner (for optical scanners) gets miscalibrated, or the ballot printer was miscalibrated when it printed them, so that alignments aren't off? What if the initial votes and ballots are correct but later ones are not because of changes in calibration or alignment? Think about multiple ballot runs off a printer in a high-volume election.
What about different election types? "Most-of", "at-large", "one-of", "instant-runoff", etc.? What about the interactions between these election types and other election types on a single ballot? What about multiple ballots in small regional areas? Who programs them and verifies the programs?
Re:How..... (Score:5, Interesting)
It still amazes me how "hard" it is to write a simple program. First have something to scan the ID, check that its unique then move to the voting. Have a few radio buttons that you click, then hit submit, each radio button corresponds to a candidate or a choice, they are added up and give you the results. How the crap do you screw that up?
Well, in the case of New York State, our fearless leaders in Albany changed the requirements no less than 15 times after signing a contract with the vendor for new voting machines. Then after they finally agreed on a set of requirements they decided that they needed voting machines for 62 counties right now so they'd have them in time for the election. Then after the machines arrived they changed the requirements again and needed the new software for them right now.
Doing business with the Government is not an easy undertaking. The only good thing that came out of it is our fearless leaders weren't stupid enough to go with a DRE (direct electronic recording) system. We still have paper ballots that can be counted by any human being if the computer system fails. All the computer does is tabulate them and provide an interface for those voters (the blind/handicapped) whom can't fill out paper ballots themselves.
Re:How hard is it for a computer to do addition? (Score:3, Interesting)
Well, there's the
candidate[x]++;
that should be going on inside..
Other then then, no math..
Seems somebody is not following the K.I.S.S. method..
Re:How hard is it for a computer to do addition? (Score:4, Interesting)
Is it a race condition, it pulls the number adds one and puts it back, and if the system is run parallel it will drop vote added at the same time?
Re:How hard is it for a computer to do addition? (Score:3, Interesting)
The obvious way to do addition in gcc c would be:
totalVotes[candidate]++;
but this will totally screw up the vote count.
Why will it screw up? A bug? gcc trying to force good coding practices? Ignorant minds want to know.
Re:How hard is it for a computer to do addition? (Score:5, Interesting)
Belgian politics are not always polite. There is endless infighting. There is no monopoly of power, every government is a coalition and always fragile.
This makes election fraud very hard to organise and probably impossible to keep a secret. One would need to buy too many people, for too long.
So not because I trust the Belgian political establishment, but because I trust their incompetence and greed, I'm pretty satisfied that every vote is counted, and accurately.
In related news... (Score:3, Interesting)
my observation (Score:3, Interesting)
I find it interesting that companies that make ATMs for systems that track things down to the penny are unable to track much smaller numbers with errors of plus or minus THOUSANDS.
Maybe we should just start voting at ATMs?
Oh wait, that's what the lobbyists do already.
Re:How hard is it for a computer to do addition? (Score:1, Interesting)
Additions just aren't so simple anymore in concurrent computing.
Why would e-voting be a concurrent operation? Each voting machine should tally votes locally. Every hour (or at the end of the day, or at some other random interval), each machine would connect to a central server, upload its current tally, and reset its local info. This upload-and-reset should be done in a synchronous fashion, such that the server accepts only one tally at a time and the client resets only after it confirms the upload with the server. Surely existing database protocols such a two-phase commit would solve this problem satisfactorily.
Re:How..... (Score:2, Interesting)
We still have paper ballots that can be counted by any human being if the computer system fails. All the computer does is tabulate them and provide an interface for those voters (the blind/handicapped) whom can't fill out paper ballots themselves.
This is how all electronic voting systems should work. No automated result should be legally admissible for anything unless a human can double-check that result. It's like those robot radar guns that snap a photo of your license plate and then mail you a ticket. There's no defense against it or way to double check it -- there's no human to put on the stand and testify against you. (I'm sure there are legal ways around this that let places use this technology but I disagree with them.) It's the same with voting machines, and killing machines [slashdot.org]. Fallible though humans may be, I don't want my rights or future decided by computers.
-- 77IM
Re:How hard is it for a computer to do addition? (Score:5, Interesting)
Yes, it's a threading issue. If you have multiple threads trying to update the value, some of them won't count. You'd either need to use a lock (and probably mark the variables as volatile) or use some kind of atomic update (like a read-modify-write operation).
Still, you'd have to be an idiot to even try to count votes as they're coming in. A much better approach would be to use a database. Database servers are already really good at handling concurrency and scaling. When a vote is cast, simply add a record to the database. Once the election's over, do something like "SELECT COUNT(*), candidate_id FROM votes GROUP BY candidate_id", and the results will be calculated based on the records in the database.
Really, you could only screw this up if you insisted on developing the entire system from scratch, rather than going with existing, well-tested code.
Re:How hard is it for a computer to do addition? (Score:3, Interesting)
too perfect (Score:3, Interesting)
The initial Tuesday night report said incumbent Ron Kroeger received 49.96 percent of the vote, short of the 50 percent plus 1 vote re-election requirement. The recount found he actually received 51.8 percent, more than enough to secure his seventh term over challengers John Roberts and Steve Rolinger.
Doesn't anyone think that 49.96%, short of 50% is too perfect for a random error? Most software errors will cause the numbers to explode, either to 0 or some gigantic number.