NYT Calls For Open-Source Election Machines 302
anti-drew writes "The New York Times Magazine has an interesting editorial (free reg. req.) calling for open-source voting machines. From the article: 'Electronic voting has much to offer, but will we ever be able to trust these buggy machines? Yes, we will -- but only if we adopt the techniques of the 'open source' geeks.' That's quite an endorsement coming from the Times. Of course, one of the justifications was that open-source enthusiasts are 'libertarian freaks, nuttily suspicious of centralized power', who would 'scream to the high heavens if they found anything wrong'."
Yeah, right (Score:2, Insightful)
The same NY Times that got Adrian Lamo busted while he found a f**king open-proxy on their network.
nutty? (Score:5, Insightful)
Re:Bad idea? (Score:1, Insightful)
Re:Yeah, right (Score:5, Insightful)
the NYT Voting initiative (Score:4, Insightful)
But the machines themselves are only part of the process. There must be audit and process supervision and that still requires people.
Go NYT (Score:5, Insightful)
For once they hit the nail on the head. Although I don't see why anyone might consider the statements to be any sort of insult. The so called "libertarian freaks" are just doing what every citizen should be doing: always questioning "centralized power". Technically, we give them the power, so why not ask why?
Re:Bad idea? (Score:5, Insightful)
Wouldn't open source code for an operating system make it that much easier for someone to the hack a computer if they so desired?
The thing with open source voting machines is that anyone should be able to look at the code and notice a bug that would allow this. With closed source voting machines like Diebold's, the only ones who know if there's some backdoor or buggy code are the people who programmed it.
What's the problem (Score:2, Insightful)
Besides, I think the quote is fairly accurate -- just look at how much we jump up and down about 'trivial' licence details. In the closed source world they'd just pirate the software and forget about it.
Finally, people are seeing reason... (Score:5, Insightful)
Fortunately, I think that people are finally starting to understand exactly what the open source software movement stands for and the benefits we stand to accrue from it. 'Communism' - either in its real form or the corrupted understanding that some people seem to have of it - simply doesn't enter into the equation anymore. Open source, to many mostly computer illiterate people that I know, looks much more like an exercise in free speech than an expression of the Marxist dialectic.
Open source voting software is the best way to deal with the problems in electronic voting machines. Will it be an absolute panacea? Probably not. But in any case, it will doubtless produce more trustworthy software than anything produced by a proprietary company using proprietary software development methods on a proprietary operating system with proprietary political causes and motivations.
Re:Bad idea? (Score:3, Insightful)
It would be HARDER to hack an open source voting machine for several reasons.
First: Security holes WOULD get fixed. Diebold leaves their machines open to known exploits.
Second: If the machines were open source, you can bet your complacent American ass that every CompSci doctorate student or professor would try and hack it for prestege, then submit a patch to fix it. All that BEFORE an election.
Third: At least we would know how the machinese worked. Currently our knowledge consists of: The Machines fuck Up.
Fourth: we might get a paper trail. Florida election fuckups would no longer exist.
Re:Bad idea? (Score:5, Insightful)
Yes. We all know that security by obscurity is one of the best methods of ensuring that systems are secure. That is why nobody has ever been able to hack into a system running closed-source software such as Microsoft Windows.
Sarcasm aside, if the software is not open-source, there will still be many, many people that will have access to the code. The difference is that the general public won't be able to check what the code does. Are you sure that you trust every employee of Diebold (for instance) to be honest?
Re:Bad idea? (Score:3, Insightful)
I wrote something about this in my blog [borud.no] a while ago. I think putting your trust in the public is exactly what needs to be done. don't you?
So how do you prove... (Score:5, Insightful)
I could write a closed-source proprietary OS and have it go:
printf("Kernel version: Linux 2.4.26\n");
Re:Yeah, right (Score:5, Insightful)
What did he, err, the open-proxy, search for using Lexus-Nexus? That's right, "Adrian Lamo". That's some ego.
That reminds me, what on earth does open source enthusiasts have in common with criminals like Lamo?
NYTimes, geeks, and suspicious inspectors (Score:5, Insightful)
If 10 voting equipment vendors publish their open source (remember, "open source" is not necessarily "free") software for inspection, then for each vendor, the other 9 vendors will have a strong incentive to inspect and criticize that 10th vendor's code. ("You really should want to buy *my* voting machines . . . their code sucks. Here, let me prove it. . .
I predict that competing commissioned salespeople can be even more nutty, suspicious, and enthusiastic than computer science professors.
But will it be enough? (Score:3, Insightful)
Re:Go NYT (Score:5, Insightful)
Sounds like a description of the American founding fathers to me.
I take it as a complement.
Re:Go NYT (Score:5, Insightful)
That statement should read "suspicious of unecessary centralisation". Distrust of centralisation is very much a part of the geek world: internet rather than one-to-many media like broadcast TV, bittorrent rather than ftp, the bazaar development model, the division of a working OSS system into hundreds of chunks (the kernel, kde, X, etc.) that can be arranged to suit, enthusiasm for P2P technology that goes beyond free pr0n/warez, etc. etc. etc.
This "screaming to the high heavens" isn't unique to politically-sensitive bugs. This is how the OSS development model works: let a bunch of eyeballs go over something and raise red flags if something is wrong. People would scream to the high heavens if, say, a version of KDE was released with a major memory leak; it's just part of the process.
(Side thought: when does American democracy get a bugzilla page?
Bug #41298: Voters in non-swing states effectively disenfranchised by electoral college system
Assigned to: FEC
Status: IS_FEATURE_NOT_BUG
Aargh!)
Re:Not an "editorial" (Score:2, Insightful)
Misses the point (Score:5, Insightful)
There is a growing consensus that, in order to be trustable, election machines have to produce a paper ballot that can be hand-counted in case a recount is required. See, for example this article [notablesoftware.com] for a authoritative discussion of the issues by a recognized expert in the field.
A little late (Score:5, Insightful)
The doubts I have about this scenarios is that I'm of the opinion the election was really stolen when the media, the DNC and DLC moved Kerry from also ran to front runner and all the Democratic primary voters followed along like so many lemmings.
With Kerry as the Democratic nominee we are faced with a situation where Bush may win no matter how awful a job he does, or how dangerous he is, because no one can stand Kerry, especially after the Republican's shred him with $200 million in attack ads. He is unfortunately a two faced hypocrite and totally unlikable. I'm pretty sure Karl Rove danced a jig in the White House when Kerry moved to front runner status. I find myself hoping that the Democrats will come to their senses at the convention in Boston and realize what a loser he is and throw the nomination to Edwards. He may be inexperienced but at least he is likable in a Clintonesque sort of way.
If Kerry does win I doubt the establishment will mind, he is after a spoiled rich kid and member of Skull and Bones so he will look out for the establishment interests first, and the people's interest not at all(except to get reelected). He really doesn't seem to differ all that much from Bush. He's pretty much a fan of the war in Iraq, the only time he wasn't was when that was necessary to get the Democratic nomination. He seems to be a fan of the Patriot act and intrusive big brother government, again the only time he wasn't was when that was necessary to get the Democratic nomination. As soon as he had the nomination sowed up he rushed to the center and his first proposal was for a tax cut for corporations. He is a man in the pocket of the establishment if there ever was one.
I hate to say it but democracy is in a state of complete collapse in the U.S. There is a very small group of powerful people who decide who will be on the ballot, the media en masse anoints them and by the time it gets to the voters they are little more than a rubber stamp.
Rigged, closed source evoting is just another level of control to make sure the American people don't make a mistake and elect somebody that might upset the apple cart.
You can look at Iraq at the moment and see this same process in action. Iraq was supposed to get sovereignty and a U.N. representative was supposed to choose an interim government. Instead the U.S. appointed Iraqi governing council suddenly picked the government with massive back stage manipulation from the U.S. and surprise, surprise they are picking a man who has been on the CIA payroll for years as prime minister. He is a carbon copy of Chalibi who was the U.S. man until he fell in to disfavor. The U.S. is even interfering in the choice of the figurehead president to make sure he is pro U.S. versus the previous frontrunner who wasn't entirely a fan of U.S. occupation.
Our government is great with the empty rhetoric about freedom and democracy but if we ever found a way to actually get it they would freak and the current plutocracy would put a stop to it in a heartbeat. I find myself truly wishing Nader had a shot at the Presidency. He would be a train wreck but it would upset a very entrenched and corrupted kleptocracy. I'd just like to see it and we could start a pool on how long he would last before he was assassinated.
Re:Yeah, right (Score:5, Insightful)
Yes, of course, information should be free, yada yada yada. Fact is, there's some rules. Lamo knew the rules but didn't bother to follow them.
Would be nice, but unlikely considering government (Score:5, Insightful)
* The government doesn't display the diagrams to locks it has in its buildings.
* Most of our miltary documents and weapondry are completely classified (can you tell me what exactly Area 51 does)?
* Some of our most cherished documents (like the Constitution) are protected by systems meant to place them underground in the event of a nuclear war (Google it). But how exactly does it work? Who has access to the documents afterwards? The secret shadow government that's up and running in case of an emergency (Google it).
Fact is, very little of government is open source anythin. And yet the US has gotten along for over 200 years. While that doesn't necessarily mean things have been done "correctly", it does mean they've been sufficient enough to keep the country going. The chances we're going to change course now is unlikely.
Exactly (Score:5, Insightful)
Re:Bad idea? (Score:3, Insightful)
A correct statement but in need of a slight clarification. The only people who are likely to know about intentional rigging are the ones who do the build that actually gets installed in the machines. I imagine most of the geeks who developed the software in Diebold's machine would have no clue about any wrongdoing. The rigging is more likely to be done by a group resembling Nixon's plumbers who are highly loyal, believe what they are doing is right in some twisted way and able to keep secrets.
Thats why its extremely disturbing to hear about massive last minute changes in the software loads on Diebold's machines in the eleventh hour before the 2002 election in Georgia, which resulted in a stunning Republican upsets for the Senate and Governor, or in the last election in California.
Re:Another argument (Score:5, Insightful)
It is a system designed to deliver a provable result, even if the different actors during the vote and the counting don't trust each other.
Going voting machine move the trust relationship, to some technical system managed by (paid or volunter) experts.
And now, some gramatical questions from someone who is not a native english/american speaker
When you ear about thinking machines, do you think of
- machine that help to think or
- machine that think ?
(without speaking of an old company of the 90)
When you ear about voting machines, do you think of
- machine that help to vote or
- machine that vote ?
Voting has always been 'open' (Score:5, Insightful)
Only recently has it gone into a black box. The magical computer.
A move to continue the 'openness' would be advisable, no matter what the technology.
And there's a reason the exact capabilities of military weapons are classified. If someone were to want to attack you, would you want them to know the exact maximum range of your guns and where they are deployed?
Re:Finally, people are seeing reason... (Score:3, Insightful)
It is the protocol that is insecure, NOT the code. (Score:5, Insightful)
You can collect the votes, in a variety of electronic methods, that will meet the needs of quick reporting, but ultimately the votes need to be auditable, which means being able to recount by some manual method.
The ballots need to be human readable so that they can be verified by the voter AND the auditor.
If the protocol is secure, then it doesn't matter if the code is open source, or closed source. Whatever. As a taxpayer, I would hope that they choose something that is as inexpensive as possible that provides a secure and auditable voting record.
Re:Finally, people are seeing reason... (Score:1, Insightful)
Free software is wonderfully capitalistic, once you get past the notion that a copyright monopoly is the same as personal property (it's not, obviously, or there would be one set of laws for both, similar violation statistics for both, and there'd be a Free Cars Foundation alongside the FSF...).
Re:Bad idea? (Score:4, Insightful)
You were correct until you got past that first comma.
You seem to be missing the point of open source software. Anyone with the interest to do so can look at the code. If there is an exploitable flaw, it will be spotted and corrected. If the system allows someone to rig it to favor a certain candidate, that also will be spotted.
OSS is not necessarily the answer (Score:2, Insightful)
It doesn't matter if the code is open or closed. All the open code does is make it cheaper, simpler and probably more well-audited. But that doesn't solve the fundamental problems: nobody can ever know what goes on inside of a computer.
You don't know if the code you compiled from the voting machine website is the same as the code on the machine. Even if you got a computer expert to recompile all the code for all the machines and check with MD5, you still have no idea that the machine's screen isn't *lying* to you.
Human beings can't see bits and bytes and electronics. But they can see holes in a punch card or marks on a scantron. If the election is contested you can still count by hand, 50 times if you need to.
Open source software, great, sure, but make sure there's a paper trail!
Re:But will it be enough? (Score:5, Insightful)
Re:NYTimes, geeks, and suspicious inspectors (Score:3, Insightful)
Re:But will it be enough? (Score:2, Insightful)
i don't think it'd be that hard to convince people that this is a good idea.
the problem is attempting to drag those who have a vested interest in keeping the vote closed along.
All the people who bitch about closed voting schemes should email this article to their Senators and Representatives.
Re:Finally, people are seeing reason... (Score:5, Insightful)
That is far from true. That's one of the biggest problems with our purely monetary system -- there is no measure for the labor hours, or the quality of those hours, that go into the production of much of anything. The cost of things that can't be measured monetarily is all too often assumed to be "ZERO", but that simply isn't true. Even freeware costs somebody something to make.
Also, let's keep in mind that the "free" in "free software" does not refer to money -- it doesn't mean that the software should cost $0.00. Rather, it means free as in freedom, as in we should have the freedom to use, redistribute, copy, and modify the software at will as long as any copy or modification always keeps the freedom associated with the original.
Re:Bad idea? (Score:3, Insightful)
To amend the other posters: like modern cryptography, this issue shouldn't be about whether you can hide what you're doing so no malicious user can exploit that knowledge, simply because eventually someone will find a way into the system.
The system should be designed so that even when it is clearly visible what is being done, it's impossible/unfeasible to break into the system. Again -all modern hashing and encryption algorithms (=instructions) are fully public and viewable by all. The reason they're secure is that even when knowing all the information (bar the passphrase), it would take millions of machine hours to forcibly break the encryption.
Re:Finally, people are seeing reason... (Score:5, Insightful)
Honestly, I don't think that Darl McBride got into this mess because he "hates" Linux and Open Source, not in the way Americans used to "hate" Russians. Hell, SCO sells the stuff, or used to. He's hardly the anti-Stallman: I doubt he has that much emotional investment in the Open Source movement. On the other hand, RMS is passionate about his cause, consistent in his expression of it, and more to the point, time has proven him right on a lot of counts.
The McBrides and Ken Browns of the world don't have blinders on: they know precisely what they are doing and why. The reason has little to do with hatred of us "communists" or any other political motivation: it has to do with opportunism and greed. I could respect McBride and those of his ilk (while vehemently disagreeing with them, of course) if they had anything resembling an ethical stance, or at least a position that doesn't change with the phases of the moon.
Re:Bad idea? (Score:2, Insightful)
2. There have been various schemes proposed to guarantee the integrity of the code - basically, a super-secure source control system to keep people from making unauthorized changes, and an independent auditing body that oversees development, tests for bugs, and supervises the installation of the software, then seals the boxes. The idea being to have multiple, redundant levels of oversight for EVERY step of the process, and to keep that oversight transparent to the public.
Doing it right will take a bit of work, but it's definitely possible. It'll never be 100% secure, but way more secure than just handing Diebold a check and trusting them to act professionally.
Open source code is key (Score:2, Insightful)