Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Government Security United States News Politics

Sequoia Disclosing Voting System Source To DC 100

buzzinglikeafridge writes "After Sequoia voting machines registered more votes than there were voters in DC's primaries last September, and the city threatened a lawsuit as a result, the company agreed to disclose technical details of the system (including source code) to the city. Although this isn't the first time the company has disclosed the source code of its machines, it is the first time the machines' blueprints will be handed over as well."
This discussion has been archived. No new comments can be posted.

Sequoia Disclosing Voting System Source To DC

Comments Filter:
  • by Jamamala ( 983884 ) on Sunday June 07, 2009 @08:56AM (#28240757)
    I don't understand how voting machines can be so complicated that such gross errors occur. Surely it can't be much more than a glorified counting program that also keeps some sort of log about what it's done. I'm making the presumption that these programs are for some reason very complicated, and that's why errors like this are more frequent than they should be. Can anyone either explain why they're so complicated or give another reason why they seem to spew out so many errors?

    (Aside from the witty "they're all programmed to vote for candidate X!" responses.)
  • Re:Yay! (Score:2, Interesting)

    by S77IM ( 1371931 ) on Sunday June 07, 2009 @09:20AM (#28240855)

    There is a solution to ALL election fraud - the Robinson Method.

    That's an interesting idea, but it seems like kind of a pain in the butt compared to paper-ballot systems. Plus, in reading it I instantly came up with like 3 or 4 simple ways to commit election fraud against such a system. So I think you are full of crap.

      -- 77IM

  • by Felix Da Rat ( 93827 ) on Sunday June 07, 2009 @09:27AM (#28240871)

    My gut feeling for the complication is to add more features to help jack up the price per unit.

    Figure that each polling station will have at least 3 units, so you're talking about a lot of sales. A simple system, such as you described wouldn't be very expensive, and would be a tough sell.

    But if you add in 'Automated security sub-routines', 'Time stamp live validation', 'Heuristic Real-time Networked Vote Tallies', all of which I just made up, but sound semi-decent for a sales pitch, you can charge more.

    Of course, with such 'Features' you add complexity to what should be a straight forward system.

  • by Anonymous Coward on Sunday June 07, 2009 @10:01AM (#28241025)

    Sequoia voting machines are secure, unless someone clicks here: []

    I used to work for a state division of elections certifying voting equipment. I wound up getting canned. I think one of the rationale was that I raised an eyebrow at problems like this.

    I'd love to know what American attitudes are towards open-source. I've known plenty of people who consider open-source inherently insecure, since the public can see how it works. American idio--er, voters, probably think a super-duper secret voting system is more secure than one that's open for public inspection. :-/

  • by Opportunist ( 166417 ) on Sunday June 07, 2009 @10:22AM (#28241153)

    Because I will compile it. Using my compiler.

    Doesn't work? NEXT!

  • by Devout_IPUite ( 1284636 ) on Sunday June 07, 2009 @12:47PM (#28242093)

    Yes, I am sure that secret ballots are essential. Not only can an open ballot leave you open to retaliation (an extremist group says "Anyone who votes for Candidate X is going to be on our hit list") but it also lets them buy votes a la "$50 for anyone who votes for Candidate Y" (by the way, at $50 for each voter takes about $3.5 billion if you want the same popular vote that Obama got last year. Obama spent around $0.6 billion, think any corporations would be willing to fund a candidate?)

  • by Anonymous Coward on Sunday June 07, 2009 @05:35PM (#28244283)

    Some south-american countries do this already.

    The source makes rounds through representatives of all interested parties, and after examining it, they sign it with their private keys. Then the code (after verifying against their keys that it's not a changed one) is compiled (with a generic compiler for which md5 and sha1 are available) and then the resulting binary is signed digitally with keys from them all again. Then the signed binary gets copied to all the machines. And then anyone can check if the code in given machine has all the signatures it needs.

  • by myspace-cn ( 1094627 ) on Monday June 08, 2009 @05:52AM (#28248751)

    Actually the USAF is concerned about kill switches and other hidden logic built in at the doping level, and while the do play red team blue team with such devices, sadly the only way to truly find out is to destructively reverse engineer the chip. The only other way is to have 100% trust in the doping source, while maintaining 100% chain of custody.

    Meanwhile, out on the flightline, a tech sign's off that red x when the system is tested and working, "op's check good." It still doesn't mean it's working properly.

    Working correctly is meaningless with no transparency, chain of custody or public oversight.

    Also jets fly every day, electronic voting machines sat in storage, then had sleepovers. Where the machines were physically sitting in a poll worker's living room.

    The problem with electronic vote tabulation devices differs from "state secrets" when we start getting into things like "public oversight." Public oversight is impossible when humans walk into the Secretary of State's office, go through some training, then head out to their polling place with with no spectrum analyzer, meter, freq counter, or logic analyzer.

    I remind you, this is what we have now. And I am not making an argument for poll workers to have such tools, as that would be insanely stupid.

    Even if poll watchers knew basic, or assembly, or electronics, or physics, they can't be allowed to access the code or allowed into the machine while an election is live because our elections must have transparency. If you can read the code during a live election, while you might consider this partial public oversight (from a purely technical standpoint), you no longer have transparency. Transparency is essential to our elections. While you might argue you have a right to give your transparency up (ala the Astronauts), you don't have a right to force anyone else to give their transparency up. And if your reading the code, it's trivial to change the code or modify the data.

    This isn't just about code, it's also about firmware, and hardware!

    Interestingly (diebold/premier/sequoia/es&s Whatever they call themselves) tech's have reported as being allowed access to service machines during live elections.

    Electronic vote tabulation devices fail us at every step, Trust of the Doping Source, Chain of Custody, Public Oversight, and Transparency. Whoever pushes them to be allowed into our elections, clearly wants to subvert our government. While those who were accepting of such subversion early on were not fully informed, and others were clearly corrupt. There can be no excuse anymore.

    Yet know this information and still here we are with these devices subverting our elections still to this day. So called "corporate journalists" do not touch this topic. And now they want internet voting?! These people can't even publish documents on their websites correctly.

    And for the argument, "the handicapped need access to ballots so we need ballot marking devices."

    Utter nonsense, and frankly the subversive lie which has been used to stuff this cruft down our throats from the sources which are either uninformed or corrupt.

    We didn't use electronic devices in our elections in the 1700's and we don't need them today. The dilemma of you being disabled does not give you the right to subvert the entire election process by enabling invisible electronic exploits to be targeted against everyone else.

The optimum committee has no members. -- Norman Augustine