Sequoia Disclosing Voting System Source To DC 100
buzzinglikeafridge writes "After Sequoia voting machines registered more votes than there were voters in DC's primaries last September, and the city threatened a lawsuit as a result, the company agreed to disclose technical details of the system (including source code) to the city. Although this isn't the first time the company has disclosed the source code of its machines, it is the first time the machines' blueprints will be handed over as well."
Yay! (Score:1, Insightful)
About fucking time.
Re: (Score:1)
Your URL got truncated.
Re: (Score:2, Interesting)
There is a solution to ALL election fraud - the Robinson Method.
That's an interesting idea, but it seems like kind of a pain in the butt compared to paper-ballot systems. Plus, in reading it I instantly came up with like 3 or 4 simple ways to commit election fraud against such a system. So I think you are full of crap.
-- 77IM
Re: (Score:1)
How the hell do you program something to deliver more votes than voters? Someone seriously needs to work out what the hell is going on...
Re: (Score:2)
How is it trolling to express relief that something so critical as /voting/ is finally being taken seriously?
It's about damn fucking time, indeed.
Not being taken seriously (Score:3, Insightful)
There are already good paper voting systems in use that meet important criteria such as:
1) Being easy for most people to understand how their vote is counted and the effort it takes to cheat the system.
2) Allowing the different political parties and independent bodies have their observers present to observe the votes as they are being counted.
Because, I suggest that: elections don't just have to be fair. They have to be
Re: (Score:2)
No, if it was being taken seriously, then vote verification would be used. We take our anonymity more seriously than accuracy, and so accuracy sucks. When I place a vote, I have no idea how or whether it will be counted. If it's lost, counted twice, marked invalid, etc. I'll never know. And as such, anyone could tamper with my vote and I'll never know. When the system is designed where I have to trust people with
Re: (Score:2)
To me in the scenarios where it is a big problem, are the same scenarios where voting probably doesn't matter much anymore - everything else has become terribly corrupt - the cops, courts etc. e.g. The Dictator wins with 98% of the votes.
Otherwise, in normal cases, you just get some evidence that your boss was trying to force you to vote some way, complain to the cops/lawyer and boss is in deep shit.
That said, even wi
Re: (Score:2)
But even with that, there have been multiple cases of lost boxes from areas that were expected to be for or against the wrong side, or finding 4 boxes when there were supposed to be 3 at a place, and it looks the same as the others so that you either count them all (and get more votes than voters) or throw them all out. Both w
Re: (Score:1)
Not so fast.
Now that some of you are catching on about how electronic vote tabulation devices can not be trusted, (from the doping level, to the firmware, and and finally software) you've just been "routed around" once again, as the EVM's are now shifting gears and upping the ante by changing the game with "internet voting", the ultimate unvalidatable nightmare.
A pollwatcher, still can't see the electronic signals in any of these devices.
So while everyone tech savvy sit's there and argue's over open source,
Re: (Score:2, Insightful)
Can you tell I am pissed off?
No.. because you didn't use all UPPERCASE.... but everything you said is true enough. Something as important as voting shouldn't be played with and subject to the whim's of lobbyist and 'for profit' tech companies who are outsourcing their coding to china.
The whole idea (facile) of saving a buck by making the voting system electronic or that paper ballets are too hard to understand is just cover for someone trying to make a buck or worse someone trying to rig elections with less effort and/or chance of bein
Well there's your problem (Score:2, Funny)
Re: (Score:2)
The other version would let you plead incompetence too...
if (!strcmp(candidate, "Bush")) castVote(candidate); // Don't forget to comment out on production.
castVote(candidate);
Re: (Score:1, Funny)
I prefer this myself:
if (candidate == "Bush)
castVote(candidate);
else;
castVote(candidate);
Re: (Score:2)
Why not the first time? (Score:4, Insightful)
You want me to use your machine for my elections? Hand it all over. All. Source, blueprints, all. I want to audit it. For as long as I want and by whomever I please. Yes, of course you will get my signatures that your code will not be given to anyone (except for audits, but not to keep) and it will be only used to audit your machines. No problem.
You don't let me? Ok.
NEXT OFFER!
Frankly, it's a HUGE biz. Once you have the foot in the door, do you think they'll audit your competitor or will they order their next machines with you again because they've been audited already? YOU want to sell ME your machines. YOU are about to earn a ton of money, enough that you'll never have to create any other product anymore. You're selling to the government, not some beancounting company, they won't question if your software costs a million despite costing you 10k.
Do you think I'll find some company willing to comply with my requirements if you don't bend over?
Re: (Score:2)
How do you know that the source you see was used to build the machine in front of you? And that the compiler didn't insert any easter eggs? The correct response is "If you machine is a #2 pencil and paper, fine, otherwise, hell no."
Re: (Score:3, Interesting)
Because I will compile it. Using my compiler.
Doesn't work? NEXT!
Re: (Score:1)
Re: (Score:2)
Someone will, yes.
Re: (Score:2, Interesting)
Some south-american countries do this already.
The source makes rounds through representatives of all interested parties, and after examining it, they sign it with their private keys. Then the code (after verifying against their keys that it's not a changed one) is compiled (with a generic compiler for which md5 and sha1 are available) and then the resulting binary is signed digitally with keys from them all again. Then the signed binary gets copied to all the machines. And then anyone can check if the code
Re: (Score:1)
Re: (Score:2)
Democracy should be worth that, yes.
If it's not, you know, pen and paper still works fine...
Re: (Score:2)
Most of the elections stolen by fraud were done with elections that ran on pen (or pencil) and paper. Ballot stuffing, lost ballot boxes, and the multitude of cases of polling place restrictions (from poll taxes that were law, to having too few voting booths and turning away voters that arrived before the polls closed). Even with all the faults, it is still asserted that electronic is more reliable than paper. Sure, that's debatable, but to just assert that paper is bet
WTF isn't this done already? (Score:2)
Who the fuck trusts a corporation to implement a something that is fair, correct and well engineered, without any oversight?
What's so complicated? (Score:4, Interesting)
(Aside from the witty "they're all programmed to vote for candidate X!" responses.)
Re:What's so complicated? (Score:4, Funny)
It's close enough for government work.
Re: (Score:2, Interesting)
My gut feeling for the complication is to add more features to help jack up the price per unit.
Figure that each polling station will have at least 3 units, so you're talking about a lot of sales. A simple system, such as you described wouldn't be very expensive, and would be a tough sell.
But if you add in 'Automated security sub-routines', 'Time stamp live validation', 'Heuristic Real-time Networked Vote Tallies', all of which I just made up, but sound semi-decent for a sales pitch, you can charge more.
Of
Re: (Score:1)
After a code review it was revealed the button1.onclick was vote++ instead of vote==1 and some people are doubletapping the screen.
I knew we shouldn't have outsourced that function to Mrs. Stewart's 4th grade computer class, but hey times are tough.
Re: (Score:3, Funny)
Pretty sure vote==1 doesn't do much. In Java it actually gives you an error. In C it just does nothing mysteriously.
Re: (Score:1)
I could see how some complexity could arise from data integrity concerns. Satellite systems, for example, include mechanisms to constantly check and error-correct memory because of corruption due to comsic rays. If you regard voter data as precious enough, you could construct pretty complex redundant systems to cross-check themselves too.
Of course, I doubt that would be happening if MS Access is involved.
Re: (Score:3, Informative)
Deibold makes ATMs. Those things are accurate, reliable, solid, perfect, etc. Why then should their voting machines be so flaky? I think the only answer can possibly be is "They wanted them that way."
Re: (Score:2)
Re: (Score:2)
Yes. ATMs have much lower error rates than we see for voting machines. Newness has nothing to do with it. Revolvers are more reliable than muskets, and revolvers are "newer" technology. Even when they were very new, they were more reliable. The voting machines should be an order of magnitude more simple than an ATM. They don't handle
Re: (Score:2)
Re: (Score:1, Troll)
Re: (Score:2)
Code can be mathematically proven. Mathematically proven code has no errors. Hardware executing it will not behave incorrectly due to a software bug. Hardware designs can be mathematically proven. A mathematically proven hardware design will not produce a bug due to design flaws. I'd call anything running on well made hardware with mathematically proven hardware and software "perfect". I'm not sure ATMs get mathematically proven software since every once in a while someone hacks one and gets it's money for
Re: (Score:2)
As for 'proving', here is a Donald Knuth quote for you, "Beware of bugs in the above code; I have only proved it correct, not tried it." Proving it is unfortunately never fail-safe.
Re: (Score:2)
Should get the same attention as fighter planes (Score:5, Insightful)
The machines that protect democracy include jet fighters, naval warcraft, guns, rockets, bombs ---- and voting machines.
The US Government wouldn't buy a any of those other things without a massive effort to make sure they were secure, why not voting machines as well? If you can compromise those, the rest are easy.
Re: (Score:2)
Excellent point, but the only voting machines that can be provably trustable are a pencil and paper. With war machines, it's easy enough to determine that they aren't working: they don't fly, we
Re: (Score:2)
With war machines, it's easy enough to determine that they aren't working: they don't fly, weapons don't detonate, etc.
And the chance that there's a remote kill switch in it that would disable all of your war machines. The government does/should check for those in their weapons and there's no excuse why they don't take the effort to do the same with electronic voting. And this lack of effort, combined with the simplicity and effectiveness of paper ballots (not punch ballots like in Florida and other states, just simple fill in the bubble ballots), means that there should be no electronic voting until people step up and ma
Re: (Score:2)
Again, the difference is that said weapons have been put to actual use, and they've worked well enough. Voting machines have been put to actual use as well, but who knows whether they worked? Nobody can know!
Re: (Score:2, Interesting)
Actually the USAF is concerned about kill switches and other hidden logic built in at the doping level, and while the do play red team blue team with such devices, sadly the only way to truly find out is to destructively reverse engineer the chip. The only other way is to have 100% trust in the doping source, while maintaining 100% chain of custody.
Meanwhile, out on the flightline, a tech sign's off that red x when the system is tested and working, "op's check good." It still doesn't mean it's working prop
Re: (Score:1)
The voting machine does more than the infallible pencil and paper that you describe, which only covers the marking of a vote. The voting system that you yearn for involves correct marking of the ballot paper, manual transport of vote boxes, manual handling of the paper, manual tallying of the votes, manual reporting of results upstream, manual cross checking of error rates, recounts on-demand etc... Each and every one of those steps in the system in open to human error (losing count, misreading), lack of
Re: (Score:3, Insightful)
The machines that protect democracy include jet fighters, naval warcraft, guns, rockets, bombs ---- and voting machines.
The US Government wouldn't buy a any of those other things without a massive effort to make sure they were secure, why not voting machines as well? If you can compromise those, the rest are easy.
Because the people that are elected in office are the same people voted in by those machines.
Re: (Score:2)
Because the people that are elected in office are the same people voted in by those machines.
Perhaps those people should be voted out of office with jet fighters, naval warcraft, guns, rockets, and bombs.
Re: (Score:2)
Interesting comment - if we are to extend the analogy completely, we'd have to acknowledge that even these complex systems sometimes require a few attempts before either being scrapped (as unworkable or too expensive) or before they are successful.
That having been said, I personally think the issues we've seen with e-voting are ridiculous - by comparison, it's not a very complicated process.
Re: (Score:2)
we'd have to acknowledge that even these complex systems sometimes require a few attempts before either being scrapped (as unworkable or too expensive) or before they are successful.
But are those attempts found out in the wild or in a testing phase (I'm honestly not sure, don't follow military history well enough)? If they are done in the wild then it's similar to electronic voting (though you're right, the voting machines' mistakes are pretty horrendous for the task) but if they're done in testing then so should electronic voting and they should keep testing them until they get it right.
Context can reduce security concerns drastically. (Score:2)
I won't object to communities getting source code to voting machines under free software licenses [counterpunch.org], but when voting machines are used only to prepare voter-verified paper ballots never to count ballots (as they should be), security concerns for these machines drop dramatically. I shouldn't have to use such a machine in the first place, but if I choose to use a machine to prepare my voter-verified paper ballot source code concerns drop to making sure that bugs in the program won't stop me from using the prog
Re: (Score:2)
The machines that protect democracy include jet fighters, naval warcraft, guns, rockets, bombs ---- and voters.
Fixed it for ya. Problem here is that the voters don't care enough to make sure the elections are working the way they should. They want to care about it once every 4 years, 2 years at best, and then go back to caring about their MySpace page. If people cared more about the politics running their nation in general they'd raise more of a fuss about things like voting machines' discrepancies.
Re: (Score:1)
Sequoia is secure, all right... (Score:1, Interesting)
Sequoia voting machines are secure, unless someone clicks here:
http://www.google.com/search?q=sequoia+yellow+button&ie=utf-8&oe=utf-8&aq=t&rls=com.ubuntu:en-US:unofficial&client=firefox-a [google.com]
I used to work for a state division of elections certifying voting equipment. I wound up getting canned. I think one of the rationale was that I raised an eyebrow at problems like this.
I'd love to know what American attitudes are towards open-source. I've known plenty of people who consider open-source i
Why a secret ballot? (Score:1, Troll)
Re: (Score:2)
Actually, that might make coding it easier.
Then you just have a hash:
vote{SSN} = candidate
Re: (Score:3, Insightful)
No one is getting executed or persecuted based on their vote.
You think maybe that's because the vote is secret?
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Because you can discriminate against homos and minorities. You just have to be subtle when you do (and avoid false appearances of descrimination), doesn't mean it doesn't happen.
Re: (Score:2)
You can't discriminate against homos or minorities because its a crime. Why would discriminating based on voting be allowed or any different?
And that stops it from happening? Just because something's illegal doesn't mean it won't happen.
Re: (Score:1)
Re: (Score:1)
No we don't need a violent revolution. Saying such things, just get's you tagged by the corrupt DHS. (Unless of course your an agent provocateur.)
It's called "Transparency." It goes back to the days, where voting the wrong way and your enemy finds out they kill you. Which is why it had to be a secret vote with public oversight.
Now while I don't claim to know your motivations, the fact our vote has to have transparency, should be a clear message to the people there are internal threats to our constitution,
Re: (Score:3, Insightful)
The reason the ballot is a secret is to be certain that no one can leverage your vote against you. A secret ballot is critical for the safety of the voters. Just imagine that your boss knows who you're voting for.
"No one is getting executed or persecuted based on their vote."
Not in the US, where voting is fairly free and safe. In other places not so much (Kenya).
Re: (Score:2)
Re:Why a secret ballot? (Score:5, Interesting)
Yes, I am sure that secret ballots are essential. Not only can an open ballot leave you open to retaliation (an extremist group says "Anyone who votes for Candidate X is going to be on our hit list") but it also lets them buy votes a la "$50 for anyone who votes for Candidate Y" (by the way, at $50 for each voter takes about $3.5 billion if you want the same popular vote that Obama got last year. Obama spent around $0.6 billion, think any corporations would be willing to fund a candidate?)
Re: (Score:1)
Re: (Score:2)
I was actually thinking of Al Quaida making a threat like "if you vote for anyone other than Osama Bin Laden we will come to your house and rape your daughters and then shoot you". I'm sure that would convince some people to stay home.
I can see radical pro-life or radical environmentalists doing the same kind of thing though. The pro-lifers are ironically more likely to shoot you while the environmentalists are ironically more likely to turn you house into green house gas...
Re: (Score:1)
Re: (Score:2)
I'm sorry you feel the pro-lifers are less violent and gun oriented than the environmentalists. Doesn't mean you're right. I'm sure some environmentalists would get their panties in a twist if they heard me claim that they were more likely to be vandals than pro-lifers. I'm picking on both sides of the aisle if you didn't notice (because both liberals and conservatives have crazy wackjobs).
Re: (Score:2)
He knows. And he knows I always vote the opposite of him. Where's the problem again?
If you are too stupid to figure out how someone could guarantee they know how you voted with the current system, then I can't help you (not that my boss does one, but that we talk politics). There are hundreds of ways that would work, and that you speak as if there are none indicates your inability to think.
Not in the US, where voting is fairly free and safe. In
Re: (Score:1)
Re: (Score:3, Funny)
There is an old saying about how those who don't read history are doomed to repeat it.
I have no idea why that thought sprang to mind just now. None whatsoever.
Re: (Score:2)
Secret ballots were a late-comer to the US, and weren't needed or even useful until then. And the reason they were needed was race. Prior to the race issues causing so much trouble in the south around the time of the Civil War, secret ballots were not widely used in the USA, and there was nothing lost. History shows us that, as long as there isn't a very strong case of vote indimidation being caused by a massively hug
Re: (Score:2)
"And there was nothing lost?"
I believe it was the lack of secret balloting that allowed all manner of vote-buying schemes, including big patronage machines like Tammany Hall.
Public ballots make it harder for people to vote their conscience, and easier for groups with power to intimidate or bribe the people they have power over. But you're right that private ballots give too much leeway to the people we charge with counting the ballots. I don't see a perfect solution. I think that voting machines with ope
Re: (Score:1, Troll)
Re: (Score:1)
Re: (Score:1)
Re: (Score:2)
If everyones name was attached to their vote there would be a way to verify the election outcome. Are people really that ashamed of who they vote for? No one is getting executed or persecuted based on their vote.
Follow history much? How about your up for a promotion and your boss doesn't like the person you voted for so he gives the promotion to somebody else. How about the mob threatens to harass/beat up/kill your family if you don't vote for the right person. There's a reason voting is secret and that secrecy is essential to democracy. Without secrecy intimidation and coercion has, can and will occur in voting.
Re: (Score:2)
The vote wasn't secret in the USA for a long time. And what you claim would happen didn't. You are wrong, and history proves you are wrong. There was a short period (1860s to 1980 or so) where there was some race tension that resulted in many illegal acts being taken to harm people. One on the long list was voter indimidation. However, even with "secret ballots" being the law, the practice in many p
Boss looking at who you voted for is bullshit. (Score:1)
Re: (Score:1)
so what? (Score:1)
I don't understand what this accomplishes. What are they going to do? Look for bugs? They already know there are bugs. If it was sabotaged, they're not going to get the code that was used and will only find bugs.
This is like calling the fire department after the barn has already burned to the ground, except that the fire will likely be allowed to continue.
What's all this code stuff? (Score:1)