NYT Calls For Open-Source Election Machines 302
anti-drew writes "The New York Times Magazine has an interesting editorial (free reg. req.) calling for open-source voting machines. From the article: 'Electronic voting has much to offer, but will we ever be able to trust these buggy machines? Yes, we will -- but only if we adopt the techniques of the 'open source' geeks.' That's quite an endorsement coming from the Times. Of course, one of the justifications was that open-source enthusiasts are 'libertarian freaks, nuttily suspicious of centralized power', who would 'scream to the high heavens if they found anything wrong'."
Yeah, right (Score:2, Insightful)
The same NY Times that got Adrian Lamo busted while he found a f**king open-proxy on their network.
Re:Yeah, right (Score:5, Insightful)
Re:Yeah, right (Score:2, Troll)
Re:Yeah, right (Score:5, Insightful)
Yes, of course, information should be free, yada yada yada. Fact is, there's some rules. Lamo knew the rules but didn't bother to follow them.
Re:Yeah, right (Score:5, Funny)
Only if your TV ate through $300,000 worth of power while he was in there.
Re:Yeah, right (Score:2)
I guess... your point being...?
Re:Yeah, right (Score:5, Insightful)
What did he, err, the open-proxy, search for using Lexus-Nexus? That's right, "Adrian Lamo". That's some ego.
That reminds me, what on earth does open source enthusiasts have in common with criminals like Lamo?
Re:Yeah, right (Score:3, Interesting)
But who will get (Score:3, Funny)
"Endorsement?" (Score:4, Informative)
In Related News... (Score:5, Funny)
Re:In Related News... (Score:2)
That would be perfect! (Score:2)
Re:That would be perfect! (Score:4, Funny)
I suspect that it would be however wrote the best worm that would control the election.
One armed bandits... (Score:2, Interesting)
user / pass for those who want it free (Score:2, Informative)
nutty? (Score:5, Insightful)
Re:nutty? (Score:3, Funny)
Proving the point.
Re:nutty? (Score:5, Funny)
Re:nutty? (Score:2)
People do the same with RMS sometimes, calling us all "communists" instead, even though Stallman is not truly a communist.
What the Free Software world needs is a nonpolitical leader, like Linus only more public. Maybe Bruce Perens
the NYT Voting initiative (Score:4, Insightful)
But the machines themselves are only part of the process. There must be audit and process supervision and that still requires people.
Go NYT (Score:5, Insightful)
For once they hit the nail on the head. Although I don't see why anyone might consider the statements to be any sort of insult. The so called "libertarian freaks" are just doing what every citizen should be doing: always questioning "centralized power". Technically, we give them the power, so why not ask why?
Re:Go NYT (Score:5, Insightful)
Sounds like a description of the American founding fathers to me.
I take it as a complement.
Re:Go NYT (Score:5, Insightful)
That statement should read "suspicious of unecessary centralisation". Distrust of centralisation is very much a part of the geek world: internet rather than one-to-many media like broadcast TV, bittorrent rather than ftp, the bazaar development model, the division of a working OSS system into hundreds of chunks (the kernel, kde, X, etc.) that can be arranged to suit, enthusiasm for P2P technology that goes beyond free pr0n/warez, etc. etc. etc.
This "screaming to the high heavens" isn't unique to politically-sensitive bugs. This is how the OSS development model works: let a bunch of eyeballs go over something and raise red flags if something is wrong. People would scream to the high heavens if, say, a version of KDE was released with a major memory leak; it's just part of the process.
(Side thought: when does American democracy get a bugzilla page?
Bug #41298: Voters in non-swing states effectively disenfranchised by electoral college system
Assigned to: FEC
Status: IS_FEATURE_NOT_BUG
Aargh!)
Working Link Via Google (Score:4, Informative)
Another argument (Score:5, Interesting)
But will it be enough? (Score:3, Insightful)
Re:But will it be enough? (Score:5, Insightful)
Re:But will it be enough? (Score:2, Insightful)
i don't think it'd be that hard to convince people that this is a good idea.
the problem is attempting to drag those who have a vested interest in keeping the vote closed along.
All the people who bitch about closed voting schemes should email this article to their Senators and Representatives.
Re:But will it be enough? (Score:2)
Re:Another argument (Score:5, Insightful)
It is a system designed to deliver a provable result, even if the different actors during the vote and the counting don't trust each other.
Going voting machine move the trust relationship, to some technical system managed by (paid or volunter) experts.
And now, some gramatical questions from someone who is not a native english/american speaker
When you ear about thinking machines, do you think of
- machine that help to think or
- machine that think ?
(without speaking of an old company of the 90)
When you ear about voting machines, do you think of
- machine that help to vote or
- machine that vote ?
Re:Another argument (Score:2)
Re:Another argument (Score:2)
Remember, "The Emperor Has No Clothes" was broken, not by the smart elite, but by a dumb street urchin.
well.. not completely true (Score:2, Interesting)
there was *some guy* who placed some code into a compiler once, so that even if there was no malicious code in the actual souce, once compiled, the executable had a block of code enabling the original author to do things (i.e. a backdoor). if i remember correctly, even if you were to recompile the compiler, the code would once again be placed into the compiler
Re:well.. not completely true (Score:5, Informative)
Re:well.. not completely true (Score:2)
I think that Reflections on Trusting Trust [acm.org] by Ken Thompson might be what you are referring to.
Re:well.. not completely true (Score:4, Funny)
What's the problem (Score:2, Insightful)
Besides, I think the quote is fairly accurate -- just look at how much we jump up and down about 'trivial' licence details. In the closed source world they'd just pirate the software and forget about it.
Re:What's the problem (Score:2)
Not an "editorial" (Score:5, Informative)
It's an interesting piece, but it's not an editorial. An editorial states the opinion of the newspaper as a whole (actually of the Editorial Board, if you're feeling pedantic) and as such carries a fair amount of weight, as in saying, for example, "The New York Times has endorsed Kerry for President." This is just an opinion piece by one of the paper's writers, and is a lot lower on the food chain than an editorial.
Re:Not an "editorial" (Score:2, Insightful)
Finally, people are seeing reason... (Score:5, Insightful)
Fortunately, I think that people are finally starting to understand exactly what the open source software movement stands for and the benefits we stand to accrue from it. 'Communism' - either in its real form or the corrupted understanding that some people seem to have of it - simply doesn't enter into the equation anymore. Open source, to many mostly computer illiterate people that I know, looks much more like an exercise in free speech than an expression of the Marxist dialectic.
Open source voting software is the best way to deal with the problems in electronic voting machines. Will it be an absolute panacea? Probably not. But in any case, it will doubtless produce more trustworthy software than anything produced by a proprietary company using proprietary software development methods on a proprietary operating system with proprietary political causes and motivations.
Re:Finally, people are seeing reason... (Score:5, Informative)
In this particular case, the open-source movement advocates the individual's right to public information, especially information behind public processes that have a huge impact on government functions and operations. We have a right to understand exactly how such critical processes work in order that the integrity of such processes is preserved.
Re:Finally, people are seeing reason... (Score:5, Insightful)
That is far from true. That's one of the biggest problems with our purely monetary system -- there is no measure for the labor hours, or the quality of those hours, that go into the production of much of anything. The cost of things that can't be measured monetarily is all too often assumed to be "ZERO", but that simply isn't true. Even freeware costs somebody something to make.
Also, let's keep in mind that the "free" in "free software" does not refer to money -- it doesn't mean that the software should cost $0.00. Rather, it means free as in freedom, as in we should have the freedom to use, redistribute, copy, and modify the software at will as long as any copy or modification always keeps the freedom associated with the original.
Re:Finally, people are seeing reason... (Score:3, Insightful)
Re:Finally, people are seeing reason... (Score:5, Insightful)
Honestly, I don't think that Darl McBride got into this mess because he "hates" Linux and Open Source, not in the way Americans used to "hate" Russians. Hell, SCO sells the stuff, or used to. He's hardly the anti-Stallman: I doubt he has that much emotional investment in the Open Source movement. On the other hand, RMS is passionate about his cause, consistent in his expression of it, and more to the point, time has proven him right on a lot of counts.
The McBrides and Ken Browns of the world don't have blinders on: they know precisely what they are doing and why. The reason has little to do with hatred of us "communists" or any other political motivation: it has to do with opportunism and greed. I could respect McBride and those of his ilk (while vehemently disagreeing with them, of course) if they had anything resembling an ethical stance, or at least a position that doesn't change with the phases of the moon.
Open Voting Consortium (Score:5, Informative)
Open Voting Consortium [openvotingconsortium.org]
Re:Open Voting Consortium (Score:2, Informative)
"A group of civic-minded programmers known as the Open Voting Consortium has written its own open-source code."
wait... what? (Score:2, Funny)
Make $5250 Guaranteed!!! All you need is a PayPal account and $25. We'll do the rest. Click here to find out how. [flamingboard.com]
So how do you prove... (Score:5, Insightful)
I could write a closed-source proprietary OS and have it go:
printf("Kernel version: Linux 2.4.26\n");
Re:So how do you prove... (Score:2)
err no really..
Re:So how do you prove... (Score:3, Interesting)
Rule 1 - The voting hardware and OS must be rather uniform, with only a few variations for regional preferences (it wouldn't be fair to force a small precinct to be forced to buy an overpowered version intended for high-volume voting places, therefore there would be a few different configurations available, but the number of allowed combinations of hardware and software must be discrete and small in number, not something where you can j
Re:So how do you prove... (Score:2)
No, seems to me that the ONLY way to do a truly "secure" e-Voting scheme would be for people to actually RUN THE VOTING SOFTWARE ON THEIR HOME COMPUTERS. Which I don't see happening any time soon, given government-types' fetishistic fascination with centralised control...
Re:So how do you prove... (Score:2)
I.e.:
State voting site.
You enter SSN and DL # for your identity, and vote away.
I assume each state knows the SSN of everyone legally allowed to vote in that state...or could get the list from some Federal authority.
Wow... (Score:5, Funny)
I guess they read
NYTimes, geeks, and suspicious inspectors (Score:5, Insightful)
If 10 voting equipment vendors publish their open source (remember, "open source" is not necessarily "free") software for inspection, then for each vendor, the other 9 vendors will have a strong incentive to inspect and criticize that 10th vendor's code. ("You really should want to buy *my* voting machines . . . their code sucks. Here, let me prove it. . .
I predict that competing commissioned salespeople can be even more nutty, suspicious, and enthusiastic than computer science professors.
Re:NYTimes, geeks, and suspicious inspectors (Score:3, Insightful)
A well-oiled WHAT? (Score:5, Funny)
Already, Australians have used the open-source strategy to build voting software for a state election, and it ran like a well-oiled Chevy.
The last Chevy I owned was a '74 Vega, and it burned a quart of oil every 100 miles. I guess that's what he's referring to here.
Some reasons why this is a good idea (Score:5, Interesting)
Cost Advantages:
NOW as distros like knoppix [knoppix.org] have proven, putting a full featured desktop on a CD is possible. That being said - putting your "voting machine" on a CD, and using standard PC hardware makes a lot of sense. You don't have to buy a bunch of larg proprietary machines that only get used ones in a while. The CD's can be verified. If one is careful it would even be easy to use hardware already in place - or obsoleted hardware. Such a system would also use a simple standard printer to print an encrypted voter verification (audit) record in case a recount is requested. This should eliminate the long standing problem with most other electronic voting systems (no real audit trail).
Development is spread out over a large not for profit group of programmers with the end result being free. The only real cost is the certification procedure each state decides to institute - and thus it is the state that becomes accountable. If a states procedures are not robust enough to catch dangerous bugs then it's their own fault. I would think that several states go in together and split the certification costs. Since the buy in price is almost nothing (essentially media) the states have more money to play with and spend on voter training AND certification.
Considering Diebold and others - this seems like a natural, easy and simple solution.
Ask not what your country can do for you, ask what you can do for your country - Come up with a simple, secure, reliable voting system on a CD that will boot from standard PC hardware.
SIDE NOTE: If my county uses electronic voting machines that do not have a paper trail - then I will vote by absentee ballot. I would STRONGLY urge any US voter to do the same.
cluge
AngryPeopleRule [angrypeoplerule.com]
Re:Some reasons why this is a good idea (Score:2)
If e-voting is going to be used at all, transparency in the process is paramount. This type of system would guarantee that.
Re: (Score:2, Funny)
Companies can still make money with open-source (Score:4, Interesting)
Just because something is OS doesn't mean that everyone is going to steal your trade secrets. If I were on a local voting comittee, I would almost certainly give the contract to the developer, because their people have the most experience with the machines.
Food for thought for Diebold, but who am I kidding. It will take a long time before people come to see open source as something more than just a bunch of punk kids who don't know how to make money.
Open source is only the start (Score:4, Interesting)
But then what is needed is a strict, multiparty custody chain, to ensure that the specific, compiled, verified code, as well as the machines it is run on, are what was actually verified.
it does no good to verify codebase X, if what finds its way to the machines is codebase Y
Hmm, thanks NYT! (Score:5, Funny)
libertarian freaks, nuttily suspicious of centralized power', who would 'scream to the high heavens if they found anything wrong'
Hmmm...
libertarian...
suspicious of centralized power...
scream to high heaven if there is a loophole in the democratic system...
Wow, three compliments in a row, Thanks NYT!!!
Re:Hmm, thanks NYT! (Score:2)
Come to grips, pal (Score:2)
It's this kind of right-wing republican rhetoric that really pisses me off. Do not voice an opinion if you have no idea what you're talking about and are only looking to fill /. with your ignorant fear-mongering. I DID NOT cover my house in *aluminum siding* to withstand gunfire. You're a quack.
I did it to keep the aliens from reading my thoughts...
Misses the point (Score:5, Insightful)
There is a growing consensus that, in order to be trustable, election machines have to produce a paper ballot that can be hand-counted in case a recount is required. See, for example this article [notablesoftware.com] for a authoritative discussion of the issues by a recognized expert in the field.
A little late (Score:5, Insightful)
The doubts I have about this scenarios is that I'm of the opinion the election was really stolen when the media, the DNC and DLC moved Kerry from also ran to front runner and all the Democratic primary voters followed along like so many lemmings.
With Kerry as the Democratic nominee we are faced with a situation where Bush may win no matter how awful a job he does, or how dangerous he is, because no one can stand Kerry, especially after the Republican's shred him with $200 million in attack ads. He is unfortunately a two faced hypocrite and totally unlikable. I'm pretty sure Karl Rove danced a jig in the White House when Kerry moved to front runner status. I find myself hoping that the Democrats will come to their senses at the convention in Boston and realize what a loser he is and throw the nomination to Edwards. He may be inexperienced but at least he is likable in a Clintonesque sort of way.
If Kerry does win I doubt the establishment will mind, he is after a spoiled rich kid and member of Skull and Bones so he will look out for the establishment interests first, and the people's interest not at all(except to get reelected). He really doesn't seem to differ all that much from Bush. He's pretty much a fan of the war in Iraq, the only time he wasn't was when that was necessary to get the Democratic nomination. He seems to be a fan of the Patriot act and intrusive big brother government, again the only time he wasn't was when that was necessary to get the Democratic nomination. As soon as he had the nomination sowed up he rushed to the center and his first proposal was for a tax cut for corporations. He is a man in the pocket of the establishment if there ever was one.
I hate to say it but democracy is in a state of complete collapse in the U.S. There is a very small group of powerful people who decide who will be on the ballot, the media en masse anoints them and by the time it gets to the voters they are little more than a rubber stamp.
Rigged, closed source evoting is just another level of control to make sure the American people don't make a mistake and elect somebody that might upset the apple cart.
You can look at Iraq at the moment and see this same process in action. Iraq was supposed to get sovereignty and a U.N. representative was supposed to choose an interim government. Instead the U.S. appointed Iraqi governing council suddenly picked the government with massive back stage manipulation from the U.S. and surprise, surprise they are picking a man who has been on the CIA payroll for years as prime minister. He is a carbon copy of Chalibi who was the U.S. man until he fell in to disfavor. The U.S. is even interfering in the choice of the figurehead president to make sure he is pro U.S. versus the previous frontrunner who wasn't entirely a fan of U.S. occupation.
Our government is great with the empty rhetoric about freedom and democracy but if we ever found a way to actually get it they would freak and the current plutocracy would put a stop to it in a heartbeat. I find myself truly wishing Nader had a shot at the Presidency. He would be a train wreck but it would upset a very entrenched and corrupted kleptocracy. I'd just like to see it and we could start a pool on how long he would last before he was assassinated.
No Paper Trail, No Confidance. (Score:5, Interesting)
As bad as the old punch card system were, I liked the feeling of knocking out a chad, and then being able to see an actual physical representation of my vote.
With the amount that counties are already spending on these machines, it can't cost much more to add a printer.
Re:No Paper Trail, No Confidance. (Score:2)
The voter then must deposit the mechanically punched card in a box on the way out... maybe the card has a unique bar scan so that the vote isn't electronically registered until the card is returned at the e
Re:No Paper Trail, No Confidance. (Score:2)
Optimally, have the machines store the vote using a *proprietary* hashing algorithm. Open-source the entire thing except for that module, which w
Re:No Paper Trail, No Confidance. (Score:2)
Would be nice, but unlikely considering government (Score:5, Insightful)
* The government doesn't display the diagrams to locks it has in its buildings.
* Most of our miltary documents and weapondry are completely classified (can you tell me what exactly Area 51 does)?
* Some of our most cherished documents (like the Constitution) are protected by systems meant to place them underground in the event of a nuclear war (Google it). But how exactly does it work? Who has access to the documents afterwards? The secret shadow government that's up and running in case of an emergency (Google it).
Fact is, very little of government is open source anythin. And yet the US has gotten along for over 200 years. While that doesn't necessarily mean things have been done "correctly", it does mean they've been sufficient enough to keep the country going. The chances we're going to change course now is unlikely.
Voting has always been 'open' (Score:5, Insightful)
Only recently has it gone into a black box. The magical computer.
A move to continue the 'openness' would be advisable, no matter what the technology.
And there's a reason the exact capabilities of military weapons are classified. If someone were to want to attack you, would you want them to know the exact maximum range of your guns and where they are deployed?
The Quote is partly inaccurate and out of context (Score:2)
The actual complete quote is saying that open source paranoia and nuttiness is a GOOD thing
and notice the word "often" which is not in the slashdot posters quote. It changes the tone and the facts of the article.
200 year tradition of open source method (Score:3, Interesting)
In Australia voters get a piece of paper and a pen.
Uh.............. that's it.
The counting takes a lot less time than it took the New York Times to organize the Florida recount, and the method supports unlimited error checking.
Re:200 year tradition of open source method (Score:2, Informative)
I'm also from Australia and usualy we know the winner of the election, if not on the night by monday if it is close!
Dave
Votes wouldn't be lost under this program (Score:5, Interesting)
Actually, regular voting is open source if you think about it. The ballot is checked off and goes into a box Everyone can see the process and how it works. Using proprietary machines is like giving your vote to an employee of a private company who hauls them off in a van and then reports the tally. If these machines were based off open source software, then you could possibly have a huge number of developers working on the project in their spare time that diebold could never compete with. Think of how many people would be going through the code to find mistakes.
I don't think we should imediatley switch over, but slowly as to allow many people the chance to look over the code and find bugs or backdoors. The system doesn't need to be that overly complicated either. We're not talking about installing a huge linux environment on these but rather something from emebeded linux.
Going open source shouldn't be the issue here, it's why we went to a closed source like diebold that is what's the question.
It is the protocol that is insecure, NOT the code. (Score:5, Insightful)
You can collect the votes, in a variety of electronic methods, that will meet the needs of quick reporting, but ultimately the votes need to be auditable, which means being able to recount by some manual method.
The ballots need to be human readable so that they can be verified by the voter AND the auditor.
If the protocol is secure, then it doesn't matter if the code is open source, or closed source. Whatever. As a taxpayer, I would hope that they choose something that is as inexpensive as possible that provides a secure and auditable voting record.
OSS is not necessarily the answer (Score:2, Insightful)
It doesn't matter if the code is open or closed. All the open code does is make it cheaper, simpler and probably more well-audited. But that doesn't solve the fundamental problems: nobody can ever know what goes on inside of a computer.
You don't know if the code you compiled from the voting machine website is the same as the code on the machine. Even if you got a computer expert
Auditing is the real problem (Score:3, Interesting)
What about india? (Score:3, Interesting)
THey have an electronic system that, although not impervious to fraud, is simple, elegant, and cheap, and gets the job done. The systems are so simple that it would be very difficult in practice to actually cheat.. and if you could doctor one machine, the damage you could do would be quite limited.
Security vs Obscurity (Score:2, Interesting)
Sure (Score:2)
Re:Bad idea? (Score:2)
Re:Bad idea? (Score:5, Insightful)
Wouldn't open source code for an operating system make it that much easier for someone to the hack a computer if they so desired?
The thing with open source voting machines is that anyone should be able to look at the code and notice a bug that would allow this. With closed source voting machines like Diebold's, the only ones who know if there's some backdoor or buggy code are the people who programmed it.
Re:Bad idea? (Score:3, Insightful)
A correct statement but in need of a slight clarification. The only people who are likely to know about intentional rigging are the ones who do the build that actually gets installed in the machines. I imagine most of the geeks who developed the software in Diebold's machine would have no clue about any wrongdoing. The rigging is more likely to be done by a group resembling Nixon's plumbers who are highly lo
Re:Bad idea? (Score:2)
Verification (Score:2)
Perhaps this is exactly what we need as a democracy... people invested enough to check on their votes.
Re:Bad idea? (Score:3, Insightful)
It would be HARDER to hack an open source voting machine for several reasons.
First: Security holes WOULD get fixed. Diebold leaves their machines open to known exploits.
Second: If the machines were open source, you can bet your complacent American ass that every CompSci doctorate student or professor would try and hack it for prestege, then submit a patch to fix it. All that BEFORE an election.
Third: At least we would know how the machinese worked. Currently our knowledge consists
Re:Bad idea? (Score:5, Insightful)
Yes. We all know that security by obscurity is one of the best methods of ensuring that systems are secure. That is why nobody has ever been able to hack into a system running closed-source software such as Microsoft Windows.
Sarcasm aside, if the software is not open-source, there will still be many, many people that will have access to the code. The difference is that the general public won't be able to check what the code does. Are you sure that you trust every employee of Diebold (for instance) to be honest?
Re:Bad idea? (Score:3, Insightful)
I wrote something about this in my blog [borud.no] a while ago. I think putting your trust in the public is exactly what needs to be done. don't you?
Exactly (Score:5, Insightful)
Re: (Score:2)
Re:Exactly (Score:2)
Re:Bad idea? (Score:2)
Re:Bad idea? (Score:4, Insightful)
You were correct until you got past that first comma.
You seem to be missing the point of open source software. Anyone with the interest to do so can look at the code. If there is an exploitable flaw, it will be spotted and corrected. If the system allows someone to rig it to favor a certain candidate, that also will be spotted.
Re:Bad idea? (Score:2)
If it was a serious question... the answer is no. If it's open source, you will have a higher ratio of "good honest skilled people" vs. "bad people" trying to find security problems with the software.
If it's closed source, almost all the people looking for security holes will be "bad people".
(PS: Was this a serious question or a shot at Funny?)
Re:Bad idea? (Score:3, Insightful)
To amend the other posters: like modern cryptography, this issue shouldn't be about whether you can hide what you're doing so no malicious user can exploit that knowledge, simply because eventually someone will find a way into the system.
The system should be designed so that even when it is clearly visible what is being done, it's impossible/unfeasible to
Re:Come on, the NYT isn't that stupid. (Score:2)