Online Voting In 2004 To Require Windows 811
letxa2000 writes "According to this article at CBS, a trial Internet voting system will be made available to 100,000 voters in 2004--particularly military and overseas U.S. citizens. As an American living overseas I think this is a step in the right direction. But the article also says 'Voters using SERVE can register to vote and cast their ballots from any computer using Microsoft Windows with Internet access.' Why the Windows requirement? Is that really going to make online voting secure?"
Excellent! (Score:5, Funny)
Re:Excellent! (Score:3, Informative)
> WHERE name="Your Opposing Candidate";
ERROR: Attribute "0" not found
Better check your SQL before going into voter fraud.
Re:Excellent! (Score:5, Informative)
> WHERE name="Your Opposing Candidate";
ERROR: Attribute "0" not found
Better check your SQL before going into voter fraud.
Perfectly valid Microsoft Access SQL.
Surely the new system will be run on Access?
Re:Excellent! (Score:3, Insightful)
[OT] Re:Excellent! (Score:3, Insightful)
I'm normally no MS-apologist (actually Sybase apologist in this case; SQL Server is a fork of Sybase 4.2) but this makes sense to me:
Re:valid mysql? (Score:3, Informative)
Re:Excellent! (Score:5, Interesting)
Also look at This story [scoop.co.nz] and the related pages at The Scoop. The most widely deployed system in the US is based on MS Access (!?!), with NO controls for cryptographic storage, trasport, data integrity and/or non-repudiation.
Baaaa, Baaaa! Computers Better! Paper Worse! It's mere superstition by the Sheep-people.
That's not true (Score:5, Insightful)
Re: That and... (Score:5, Funny)
Re:That's not true (Score:5, Insightful)
Please try and learn something about the American political system. Modern liberals believe that the government can and should have more of a hand in regulating the free market and can be an active force for social benefit, while believing that it lacks the competence to dictate personal morality to citizens. Conservatives are the opposite. They believe that the government should stay out of the free market and should not interfere in societal problems, but that it should police the personal morality of its citizens. This is why most anti-abortion, anti-gay, anti-drug people are conservatives, while the proponents for affirmative action, marijuana legalization and social welfare programs are liberals.
The only more or less consistent party is the Libertarian party. Libertarians believe in a small government for the free market, society and citizens' personal lives. Libertarians are generally pro-choice, pro-gays and don't care what you choose to shoot into your body, whether it be heroin, cocaine or Drano. They also tend to take conservatives' views on the free market regulation and social welfare programs.
In short, if conservatives had their way, we'd lose all our personal liberties (it's no big mystery why conservatives tend to be Christians). If liberals had their way, we'd lose any sense of personal responsibility because of unending societal support. Choose which liberties you want to sacrifice to which side, but don't pretend that one side is trying to rob you of all your rights and freedoms while the other is benevolent. You're only deluding yourself.
Online voting is being incouraged (Score:4, Funny)
Maybe so, but it is being encouraged because of cost, as aut0pron states above.
Re:Excellent! (Score:5, Funny)
O Candidate 1 Party Name
O Candidate 2 Party Name
O Candidate 3 Party Name
O Candidate 4 Party Name
O Candidate 5 Party Name
To make your vote count, you must perform the extrememly complicated task of marking the circle next to their name. Large signs demonstrate the preferred "X" in the circle method, but apparently a checkmark is also fine. Pencils are provided. The ballots are put in a box by the voter and are counted by hand when the polls close. I hope this system stays the same.
Re:Excellent! (Score:5, Informative)
Assuming turnout rates similar to 1996/1997.. I don't have US figures for 2000, but Canada's dropped 6% from 1997 to 2000.
Canadian voters: 32,207,113 * 0.67 = 21,578,766
US voters: 270,000,000 * 0.488 = 131,760,000
Only 6 times as many voters! =)
I like our voting system, it's simple and pretty much foolproof. It might take a little more organizing, but I don't see why it wouldn't scale further. The votes are hand counted at each local polling station, I believe. Results are sent by computer to Elections Canada.
Sources:
http://www.nwmissouri.edu/nwcourses/m
http://www.elections.ca/c
http://www.elections.ca/content.asp?secti
Re:Excellent! (Score:3, Informative)
Re:Excellent! (Score:4, Interesting)
Slightly OT but...
That video wall used in Doha, Qatar where the big briefings by Franks and others was run by an SGI Irix box and there is a large amount of Sun hardware/software in the comms, image processing (recon), and weather forecasting departments. I have no clue as to the availability of *nix laptops/PC's for grunts though.
The OICS/Project 21/New century soldier palmtops have been running everything from Newton OS through PalmOS and WinCE. I've never seen a hardened, linux running, Zarus, but there is no reason Sharp shouldn't try to get in on that contract.
Re:Excellent! (Score:3, Insightful)
The lame voting machine article again. (Score:3, Informative)
I'm not saying the electronic vo
Re:The lame voting machine article again. (Score:5, Interesting)
The whole key infrastructure for this should be FIPS-140 compliant for hardware-based key modules, and require the coordinated actions of two or more actors in managing/engaging keys. There should be strict operational guidelines for the separation of roles in the management, deployment and retreival of these devices, and a separate role with an auditory function. The Auditory role needs a key that can reveal and validate any information on the system, yet create or modify nothing.
These controls are the only justifyable reason to implement 'electronic voting'. Cost? Give me a break! If free and fair voting is not worth paying premium prices for, what is? Do we have to pinch pennies for the land mines we drop on Afghan soil?
Without attempting to reach this benchmark, electronic voting is a fraud. It is a humbug of technophillic superstition used by sellers of snake-oil to dazzle the onlooker, while trusty assistant rob the crowd.
Re:Excellent! (Score:3, Insightful)
Electronic and machine voting are incitement to commit fraud in my opinion.
There is always a Way (Score:5, Interesting)
Authentication: Assuring that one votes oneself, that one's vote is not falsified, and that one has voted, at all. (some EU countries have mandatory voting)
Anonimity: Assuring that it is impossible for a third party to determine who I've voted for.
Correctability: assuring that I can modify my vote for a certain period after it has been cast (because there is no oversight in voting at home, I could have been coerced to vote a certain way, e.g. by someone coming into my home and holding a gun against my head, and should be able to correct this).
Vince described how he and his fellows at Cryptomathic [cryptomathic.com] found ways to project some basic mathematical techniques onto PKI, to ensure all of the above, and therefore allow for mathematically provable e-voting. Essentially making the voting process much more certain and transparant than was ever possible using conventional techniques.
I was solemnly impressed. It sounded too good to be true. I sincerely hope some of you mathematically unchallenged
Re:There is always a Way (Score:3, Insightful)
Someone could come into your home, hold a gun to your head, and make you correct your previous vote too.
one reson why (Score:5, Insightful)
""I think Internet voting is a good idea for this population if you can assure security, but I'm not confident that they can do that," said John Dunbar, a project manager at the Center for Public Integrity" -- this statement is what will not alone them to open up the source code, people will be just to afraid that people will mess with the results of the system.
They are already afraid that this could open up security problems for the results "Other computer security experts call the project an open invitation to election tampering."
I don't know if this will make voting secure, in fact I think it will open it up to attackers, but how are we going to convince the government of this, write to you legislator, and senator, I am sure there are some proactive Slashdot readers that know more about this issue that could try to enlighten the ruling parties. I don't know what the answer is, but at lest they are looking at moving the process forward.
Re:one reson why (Score:5, Funny)
For instance:
l00k mr. 53n470r,
u b3773r 5upp0rt *n1x 0r 1ll h4x0r ur b0x3n and r3pl4c3 ur w3bs173 w17h g0ats3!!!!!!! h4w!
51nc3r31y,
c0nc3rn3d c1t1z3n H4X0R
Re:one reson why (Score:4, Funny)
I need more vodka...
which boxes are really going to get hacked? (Score:3, Informative)
Of course, the sites I expect to get hacked are any that Armed Forces personnel actually use for voting.
If they are very, very, lucky, the only black hat work will be done by outside site defacers, not the insiders I expect to have pre-hacked the boxes.
I can't tell from the google results so far if the Federal Voting Assistance Program uses ESS/Diebold/Global or not.
Re:one reson why (Score:5, Insightful)
I think they should try to concentrate on creating a solid, platform independent system. There's absolutely no valid reason it couldn't be.
For the record, I think at this current point in time, electronic voting is a bad idea.
Re:one reson why (Score:5, Funny)
Over here, we call them "ballot boxes". HTH!
YLFIRe:one reson why (Score:5, Insightful)
Security through obsurity is worthless - you can always assume that the bad guys will always find the hole in the system, and on the down side you have just made it horribly difficult (and probably illegal) for the good guys to find the problems first and tell you how to fix them.
Re:one reson why (Score:3, Interesting)
You and I know that, but what about the lawmakers, do they know and/or understand that. How are you going to get them to understand that? We are not dealing with computer people here we are dealing with people who for the best part knows how to use Word, and the worse don't even know how to turn on a computer.
Re:one reson why (Score:5, Insightful)
Everyone says this, but not one understands what it means.
What it means is that obscurity is not sufficient for security. It does not mean that obscurity is not helpful as part of an overall security system.
You're wrong - obscurity is not helpful (Score:5, Insightful)
Re:You're wrong - obscurity is not helpful (Score:3, Insightful)
Re:You're wrong - obscurity is not helpful (Score:3, Informative)
That's what beta releases and pilot runs are for. Open the code to scrutiny before it is used for anything that matters, so that whatever the bad guys find won't cause harm, and whatever the good guys find can be fixed before the production release.
There is still an assumption though -- that the good guys will find all that the bad guys found (who finds it first doesn't matter, as long as it is found before the live rel
Obscurity could be helpful, but currently is not. (Score:3, Interesting)
Re:You're wrong - obscurity is not helpful (Score:3, Interesting)
If someone is trying to crack a linux box running Apache they think is a windows box running IIS, they won't get very far. At the least, they will waste time figuring out what you are really running, thats time you can detect the intrusion in and gather inform
NO NO NO!!! (Score:3, Interesting)
In this case, security from script kiddies is neither here nor there. The best way to keep your system secure is have as many white hats as possible try and find holes in it, and the best way to do that is to publish the details of the system. That way, you can be confident that the system is secure, even if the source code is leaked.As to your comment about OpenBSD, that is almost completely irrelevant. It doesn't matter how s
Re:one reson why (Score:3, Informative)
Precisely. If obscurity were not beneficial as part of security, then root passwords would be publicly available. If the login name for root were an unknown random alphanumeric string like the password, this would increase security. And if every command you ran as root required you to enter a different password, this would increase security again. If a sy
Re:one reson why (Score:4, Informative)
On Linux, the source code of login(1) and su(1) is known, the algorhitm used to encode the password in
Even word readable
You people miss the point entirely. (Score:5, Insightful)
What it means is that obscurity is not sufficient for security. It does not mean that obscurity is not helpful as part of an overall security system.
Precisely. If obscurity were not beneficial as part of security, then root passwords would be publicly available.
End quote.
What you are talking about is giving away keys. What you should be talking about is opening up algorithms and protocols, since that is what would actually be opened. The relevant facts are that the product will be reverse engineered anyway, so vulnerabilities will be exploited, but if the code is open then they will be found faster and corrected faster. If you cannot stop exploits when your code is open, then you couldn't stop them when it is closed either. This follows a well known trend in encryption technology where algorithms are subjected to testing by as many people as possible to determine their security.
Re:one reson why (Score:4, Insightful)
Security thought obsurity means 'hiding' a web server on port 3211 and using ports 4432 and 4332 for SNMP. Or making up an entirely new protocol to duplicate an existing protocol. The problem with this is that you may feel secure, because you have done something that will at least slow down an attacker. If you combined 'secuirty though obscurity' with an active means of detecting intruders, you are getting somewhere. If you know that you are being hacked, security through obsurity will gain you some time to react. But if you are one of the vast majority of admins that doesn't actively monitor log files, this advantage is lost.
Re:one reson why (Score:3, Insightful)
it means false sense of security... (Score:4, Insightful)
But reality is that the mat will really stop nobody who wants to enter your house from getting the key. The only people your key-hiding will stop is people who didn't want to enter in the first place anyway, the other people will for sure check under the mat, flowerpot, etc...
Security through obscurity gives a false sense of security, making the implementer lax. That is one of the many reasons why obscurity is actually counterproductive for security. In practice obscurity has already has lead to many, many security failures.
That is what is means. Translation: if you have 'security through obscurity', the best you can do is assume your worst enemies already know all the details and the worst you can do is assume that it will help you in anything at all.
Obscurity does not help towards security. Obscurity is just what it is, obscurity, but a searchlight will make it vanish completely.
Use real security.
Re:one reson why (Score:5, Insightful)
Well, why use exclusively Windows/Linux/*insert-your-OS* ? Why not use a more open solution (say, a system with a secure web interface) that does not depend on the OS? It hardly seems fair that people should need to depend on any product whatsoever to vote.
So should we prefer security by obscurity then? Wouldn't it be better to use an open, provably secure system that everyone can scrutinize so people can be sure stuff is being done the right way instead of just hoping nobody's discovered a hole? Of course I realize this would require some serious testing to make sure all the bugs were ironed out, but after a while I think it would make people much more confident to know how it was working behind the scenes. Look at it this way: would you rather go vote by pressing buttons on a black box the government has set up which they claim works the right way, or do you prefer knowing how the system actually works (how ballots are collected, carried, counted, etc) and feel safer?
Re:one reson why (Score:3, Insightful)
I know of friends who voted FOR friends before.
I don't trust some greasy dude to count my vote right (in cases where there is hand counting).
Regardless, there will always be errors in voting whether it be dangling chads or that my grandmum hits submit twice.
Re:one reson why (Score:3, Insightful)
I right now run Windows 2000 Professional with Service Pack 4 installed plus the current version of ZoneAlarm running; unless you're a cracker with extremely intimate knowledge of the OS kernel itself, it'll be very hard to hack into my system. Indeed, Tech TV actually showed on TV that once you apply all current security patches for Windows 98/98SE, Me, 2000 and XP, plus
Re:one reson why (Score:5, Insightful)
Re:one reson why (Score:3, Insightful)
now, they will hack a business site or a high traffic site. most problems, like the recent kiddieporn bot are trojans. which is where a ton of windows insecurities, even your precious win2k, come from. then of course there are the server problems, of which daily /. lore is m
Re:one reson why (Score:3, Insightful)
Guess where that is? Someones little web or battlenet server..
Re:one reson why (Score:4, Insightful)
1. it's a no reward hack"
You think the idea of scripting your candidate-of-choice into office is a 'no reward hack'??
You Americans *really* don't give a shit about politics, do you.
Re:one reson why (Score:5, Interesting)
Relying on i.e. specific java scripting or whatever they are doing that is i.e. specific is just asking for trouble--and not because it locks our small minority out of it.
The fact that they are using ANY sort of client side java-script, let alone i.e. specific java script for checking values or what not for a voting system is not a good idea. What if they are using i.e. and have java-script disabled, or whatever.
Bottom line, is it should be standard HTML, not just so everyone can use it, but so that it is more robust!!
Right on. (Score:5, Funny)
As for security, hmph. It's hard to think of a computer company with a worse record. I imagine someone will make a "I vote you" virus that votes early and often for everyone.
Re:Right on. (Score:3, Insightful)
Ah, but the same version (sort of) of Internet Explorer runs across all these versions of Windows. They can require IE 6 or above, and anyone with an older version of IE can upgrade. To get it to work on any other platform, though, would require supporting a c
Re:one reson why (Score:3, Informative)
I would hope this isn't a Beta test but more of a pilot program. 100,000 votes can make a big difference, see Flordia 2000. There should not be anything Beta in an actual election.
Unless they are going to require a specific Windows plugin or program, there is no reason that this wouldn't work on any platform. If this is going to be on the web, I have done Web work for the government and they are very picky about accessability (people with disabi
Re:one reson why (Score:3, Insightful)
So, the question is - why do they feel the need to focus on Windows/IE? Any modern OS and browser combination that supports strong encryption and client certificates (and I can't think of one that doesn't) should be capable of securely using SERVE.
While this system
Re:one reson why (Score:5, Insightful)
The entire point of the secret ballot is so people can't tell how you vote so someone attempting to buy your vote can't confirm whether you voted as they wanted. The point of needing identification at the polling place is so someone can't vote on your behalf. Both big sources of voter fraud are covered. This system removes both controls. Wonderful.
Re:one reson why (Score:5, Insightful)
Voting online? Uhhh (Score:5, Insightful)
The internet is inherently insecure, and leaving the hands of the country to the internet could lead to a number of problems... I can see it now..
Huge office buildings in foreign "enemy" full of hackers skewing the voting system, or a number of different problems...
Can you IMAGINE the 'recount' scandals, et cetera, after the world's first vote with the internet as a voting measure?
Also, if you have someone's full info (Social, driver's license #, name, address, et cetera) how hard would it be to place your vote as someone else?
The whole thing just seems like a "bad idea"(tm) unless something was reworked to make it infaulable, which isn't really possible, anyways.
Voting Online? YES! (Score:3, Insightful)
Hell No! People talk about security and online voting as if that because thesystem is corruptible it is not acceptable. Those with this view are not living
in the real world. The current meatspace voting system in just as corruptible by anything: from paid repeat voters(which we have here in Chicago), to old crappy machines and even making sure that every vote in counted(as long as it's in my parties county B.S.)
Re:Voting Online? YES! (Score:4, Interesting)
I am afraid that sentiments like yours mask a great deal of indiferrence and intellectual laziness by the pretense of a realistic and 'no-nonsense' attitude.
It is a far-cry from the blanket assertion:
to the validation for implementing systems which have a documentable history of being the worst possible of implementations. Those so far in evidence actually invite abuses!http://www.blackboxvoting.com/ [blackboxvoting.com]
Inside A U.S. Election Vote Counting Program [scoop.co.nz]
Bald-Faced Lies About Black Box Voting Machines [scoop.co.nz]
It is irresponsible, derelict and probably mendacious of anyone advocating the adoption of newer vote collection technologies not to insist on addressing these specific allegations and their evidence. Any proposal which is advanced without a specific redress of these concerns should be considered suspect in motive. Ignorance of the basic issue - and its gravity - is not a possibility.
Stardate: November 4, 2004 (Score:4, Funny)
Gates:"....exxxxxcellllent....."
Ok, so it's pandering that this will get modded as funny, but I'm a whore for good karma!
Military Voters (Score:5, Informative)
Becuase... (Score:4, Funny)
Because your vote has to be sent to Redmond to be "verified" and rejected in the case of an "incorrect" vote.
Re:Becuase... (Score:5, Funny)
Oh No... (Score:5, Funny)
Re:Oh No... (Score:3, Funny)
No, fortunately for the rest of you puny mortals, most of us
Wait (Score:4, Insightful)
Why Windows? And why not Palladium? (Score:5, Informative)
This is somewhat unrelated, but still an interesting comment on their page:
*Phew*...Re:Why Windows? And why not Palladium? (Score:5, Insightful)
*whimpers in fear*
Re:Why Windows? And why not Palladium? (Score:3, Interesting)
The posted requirements in this type of system are more often the words of the legal or marketing teams as any kind of true technical specification. Plenty of sites (I know because I've worked on them) specify requirements like these because:
Re:Why Windows? And why not Palladium? (Score:3)
> to cover themselves and limit the clients of the
> application in order to isolate problems as
> actually being server-side.
There is no excuse for the client-side software not to be trivially simple. If it has bugs that make it browser-dependent now is the time to find them.
> The goverment has nothing to gain by allowing
> tons of different clients to use this system.
The government has an obligation not to require that citizens use any spe
Hoo boy (Score:5, Insightful)
I have no comment on the usage of Windows in this manner; the security of that operating system has been analysed to death and we all know what the outcome was.
I have a much bigger fundamental problem with this non-accountable electronic voting process that does not produce a verifiable paper ballot for each vote cast. Aside from any nefarious purposes in the design, having any system where the voting power is aggregated and sorted electronically - and nearly instantly (relatively speaking) - will prove too tempting for someone to sabotage.
I would think that at the very least, one should implement an electronic voting system on a transparent, open operating system, just for plain accountability.
And now its time to open the robot polls... and the robot results are in.
they aren't worried about security (Score:3, Interesting)
Many of us know what a bitch it is to develop a code and feature intensive site that works correctly for all browsers.
It also cuts down on support issues. I have met people who are unsure of what platform they are running. "What kind of computer am I using? It says 'power' here near a button. Is that right?"
Imagine... (Score:5, Insightful)
Not enough information (Score:4, Informative)
Re:Not enough information (Score:3, Insightful)
The first clue is that Microsoft has bought and paid for the US government by convincing it to send tens of thousands of its middle managers to MCSE brainwa...errr.... certification classes. Many of these people don't know anything about computers other than what Microsoft/Sylvan have taught them. The US Feds will be loyal Microsoft customers long after governments elsewhere have switched. They deserve each other.
Th
Why Windows (Score:4, Interesting)
Maybe because the VAST majority of individualsuse MS Windows. You ASSume that it is just a HTTP connection with SSL so any OS should suffice. Look at the F.A.Q. [serveusa.gov]. It says that "required software is downloaded automatically as needed when you access various parts of the SERVE website. Possibly, the voting software uses their own encryption and will be delivered as an ActiveX or some other format. Could they have written the software so it could work on other OS. Sure but it's a trial run! Their is no right to Vote from a Linux box.
NO! THIS IS A MISTAKE! (Score:5, Funny)
Write-In candidates (Score:4, Insightful)
Now with the Internet you could have hundreds of thousands voting for retarted candidates like "Rocket J. Squirrel","Jack Black", and "George W. Bush"
Could this negate the party system? People typically voted for a Dem or GOP'er simply because they were the two names on the ballot that were at the top, but now people could organize real grassroots campaigns, skipping the primaries, and just promote themselves on message boards and other mediums (slashdot front page story, anybody?)
In all seriousness, national online voting could take the old political system and stand it on its head...I'd go for it just to see what happens.
Did anybody notice the STATES they're testing in? (Score:5, Insightful)
Long live paper ballots!
How to rig an election (Score:5, Interesting)
Once the protocol is understood, this shouldn't be too difficult to do. Likely it'll be on a secure site, maybe password protected. Doesn't matter. The modified web browser waits until the user visits http://vote.us.gov or wherever, watches the variables being passed, and simply modifies them. Instead of:
name=John+Smith
secretcode=K38DJSH38
password=a
vote=Al+Gore
It changes it to:
name=John+Smith
secretcode=K38DJSH38
password=a
vote=George+W.+Bush
Securing the server is all well and good, but they'll need to think really hard about securing the client side as well. Hint: the choice of who to vote for should also be encoded and (preferably) signed against the user's information. So the vote shouldn't be for "Al Gore" but for a signed and encrypted string which represents Al Gore, making it impossible to derive the signed and encrypted string for "George W. Bush".
Ironic (Score:5, Insightful)
However I'm sure in whomever's ignorance that wrote the requirement it's more of a baseline of what you need. Unless it's some ActiveX voting booth which will be the next great virus..
voting.klez.E
2000 redux (Score:3, Funny)
3y3 0wn j00r \/0+3Z, ph00lZ!
Da Supr3/\/\3Z
Why and Why Not. (Score:3, Informative)
As for "Why Windows", the SERVE web site [serveusa.gov] says, "All required software is downloaded automatically as needed when you access various parts of the SERVE website." That seems to indicate some kind of embedded web application. I'd guess this application is native code, since Windows no longer comes with Java, and there's no mention of a Java download.
Or it might be that whoever wrote the FAQ page doesn't know much about the app, and is tapdancing around the details. Certainly it would make sense to implement this app entirely on the server. If that's the case, then it's reasonable to ask why other platforms with compliant servers aren't acceptable.
The answer to that would be QA. On a project like this, they have to carefully test the app, and even with their current limitations they have 4 different browser-platform combinations (IE and Netscape, Pre-NT and NT Windows) to test.
This points up a big problem with web applications. Most of us would like to see web developers code to a standard, not to a browser. Until they do, browser implementers has no incentive to support standards, and all that cool stuff in HTML4 and cSS2 is just so much noise.
(And yes, Internet Explorer -- except for the Mac version -- is particularly bad. But all browsers have serious compliance issues, so we can't put all the blame on Mister Bill.)
But why should web developers bother? Even if they're aware of the importance of standards -- and most appear not to be -- it doesn't save them from the need to test their apps on every browser-platform combination they claim to support. So what does compliance buy them, except extra work?
curiousity..... (Score:5, Insightful)
So why is Windows a requirement- client side software? if so, why does it matter what browser you use? it's obviously not a vb app that calls IE, because they say it works with netscape 6+ as well.
If it's browser independent(straight html) then it should work on any system. I don't think netscape uses vbscript, so I don't think that would be a hinderance either.
Perhaps they just listed windows because they didn't want people with an old Tandy or 386 trying it. Perhaps they didn't mean to offend the linux and Mac users, they were just ignorant of their existence.
If someone is bored, they could try contacting the creators of this project and see if they could get mozilla and opera added to that list of broswers, as well as linux.
Actually, perhaps the mozilla team could petition to have themselves added to the list if they meet all of the requirements. It would be good publicity to say "yes, we're government certified to handle your votes, and we have a better track record than IE. try us."
Re:curiousity..... (Score:4, Interesting)
A agree with you tho- it'll be hard to prove who you are without tying your identity to a vote. I don't trust the current/any politicians to say "here is our closed source voting system. all you do is put all of your personal info in here, and we promise not to check and see who you voted for. Promise."
Funny story I have to go along with that, rather long but it's on topic and quite interesting.
My college tried doing something similar for student senate. They hired an art major who used frontpage to write a form. It included inputting your student ID(SSN), your name, your birthdate(for confirmation), and everyone you voted for on the ballot.
Of course, no one bothered to think that perhaps the data should be stored somewhere safe. Instead, it was stored in a flat file that was web accessable. A friend of mine who shall remain nameless was bored and decided to trace through the html.... 20 seconds later, he asked if anyone in the lab had voted online. a couple of people raised their hands. He then said, "hey Chris, is your SSN 123-23-1234?"
The demonstration was complete. There were about 700k of text in the file, over 900 names, SSN's and votes by 11am(half an hour after we found it.)
We had of course went and told everyone we could find that was in any position of power to kill the page and move the file offline.
Around noon, the file was removed, but the voting page was still up. Se looked into the code to find that they had changed the name of the frole from
I looked at the list as it grew larger, noticing more and more of my non-geek friends showing up on the list. We even went so far as to have Beavis vote, and then watched as he was added to the text file.
We reported it again, and by 2pm, they finally "stopped" the online elections.
Some of the people in the lab were less that impressed by that point. One individual who I've only seen once in that lab and never again, printed out the list. He then went and stapled 5 pages to each door in the Computer Science building. That prompted more of an investigation than anything else.
The funny part was that the people who counted the votes were the ones who were currently in office. Not only that, but one of the guys, the student senate president, had voted over 50 times for himself and his fellow encumbents.
Of course they blew over it in the school paper with a crap apology. I think one new person was elected that year.
Of course, no one would touch that story with a 10 foot pole- not slashdot, not the local news papers, not the local tv stations.
Moral of the story: my voter apathy prevented me from getting my identity stolen. Remember to be apathetic towards the voting process.
Anyways, my point is this was one example of a horriffic abuse of online voting, and I whole-heartedly agree that it's not ready. Not yet.
I can see it now... (Score:3, Insightful)
The new poll tax.
No, no, no... you got it all wrong. (Score:5, Informative)
There is nothing in the article which suggests that Windows is a requirement. It just says that you can access it from any Windows box with internet access. That means that Windows is sufficient, but it doesn't say it's necessary .
What they're trying to address in the article is that since most people use Windows, then most people are going to want to know that they can access it from their home computers.
It's like telling people they can get somewhere in a Ford. That doesn't mean they can't get there in a Chevy or a Nissan.
Now the Rebuplicans... (Score:3, Interesting)
Just wait .... (Score:3, Interesting)
No Different From Segregation (Score:3, Insightful)
While not as definitively prohibitive, this is the same as voter segregation. Unless you are willing to spend the money to use Windows, you are not permitted to vote in this fashion. What if you use a Macintosh? What if you run an open source operating system? If you are not in a particular class of citizens, your ability to vote is limited. Certainly if traditional voting is available to you there is really no problem, but that's not an option, you are being prohibited.
So the serious issue here not that Windows is secure or any other nonsense. The problem is that people who are influenced by Microsoft have thus dictated that those who do not use Microsoft products are not permitted to vote in this fashion. That's a serious problem because whoever directed these development efforts (and of course, whoever directed her) therefore has strong influence on how candidates will be elected.
I would wager that this could be very popular (though I personally prefer pulling the lever with the satisfying kerchunk to cast my vote). As a result, certain parties will have unfair advantages for reasons which should be obvious to most people who read Slashdot. (Of course, I am willing to outline a scenario or two for the uninitiated.)
Maybe someone should write a HOW-TO in the future outlining how this software may be used with Wine on OSS machines. Of course, options on the Macintosh are limited even further.
Re:No Different From Segregation (Score:3, Insightful)
How much do I pay for this Windows machine for about two and a half minutes a year (on average)? Will MS donate it to me? I don't want to directly or indirectly (taxes) pay for this to happen.
It's simple, really. The OS market is so competitive, and not perfectly so (economically speaking), that it is virtually impossible to develop software that can work on all systems.
Like slashdot?
Why? You ask.. (Score:5, Funny)
They wanted to use a stable, reliable, and secure operating system to ensure that all American voters have equal and unhindered access to their right to vote.
Unfortunately, they couldn't think of anything, so they just chose Windows.
I'm surprised at you all (Score:3, Insightful)
It does not say only from any computer using Windows. Everyone here's reacting as if the article said the latter, but it didn't. The article does not say, if you read carefully, that the system will somehow be limited to Windows. I just says anyone with Windows and the internet will have access.
Speak up! (Score:4, Informative)
Blue Screen Of Democracy? (Score:3, Funny)
Re:Two words (Score:4, Insightful)
Actually, I would say just one word:
ActiveX
It's the only thing I know of that's specifically windows, windows, and only windows.
Re:Two words (Score:3, Informative)
Re:Devious plot? (Score:5, Funny)
One major problem with that would be that they wouldn't know enough about our candidates. Oh, wait, never mind.
Re:Devious plot? (Score:3, Insightful)
A friend of mine suggested tonight that since American power extends so far around the world, it would only be fair to let everyone vote in US elections, not just US citizens.
That's fine with me as soon as everyone in the world puts their money where their mouth is and starts paying US taxes.
Re:Multiplatform solution = more $$$ in short run (Score:3, Insightful)
>develop and test the applications that had less
>variables involved in a short run.
Where did the problems come from. Was it really the logic of the web application or was it the html/javascript/anyothermessyouliketoputinyourweb s ites part that caused the problems? If you used simple HTML and maybe css for the displaying code, there is not much higher complexity in the development. In short, stick to standards and it usually works.
> Want it or not,