Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
United States Hardware

Wisconsin Requires Open Source, Verifiable Voting 375

AdamBLang writes "Previously covered on Slashdot, Wisconsin Governor Jim Doyle today signed legislation that "will require the software of touch-screen voting machines used in elections to be open-source. Municipalities that use electronic voting machines are responsible for providing to the public, on request, the code used." Madison's Capital Times reports "the bill requires that if a municipality uses an electronic voting system that consists of a voting machine, the machine must generate a complete paper ballot showing all votes cast by each elector that is visually verifiable by the elector before he or she leaves the machine.""
This discussion has been archived. No new comments can be posted.

Wisconsin Requires Open Source, Verifiable Voting

Comments Filter:
  • KISS (Score:5, Insightful)

    by grub ( 11606 ) <slashdot@grub.net> on Wednesday January 04, 2006 @05:02PM (#14395850) Homepage Journal

    [T]he machine must generate a complete paper ballot showing all votes cast by each elector that is visually verifiable by the elector before he or she leaves the machine.

    And how do we know that the prinout matches whatever counter is incremented within the computer? Being open source makes it tamper-resistent, not tamper-proof. Would it not be easier to just use a paper ballot in the first place? Then any recount could be performed against the actual ballots cast, not as a spot check against computer (glitches|fraud).
    • Re:KISS (Score:3, Insightful)

      by McGiraf ( 196030 )
      if there is a doubt you ask for a recount and count .... the paper ballots!

      duh ..
      • Re:KISS (Score:3, Insightful)

        by grub ( 11606 )

        "if". Being that leadership of government is being determined, I'd prefer the actual cast ballots be counted. Canada does it in a few hours with 1/10th the US population (and the public can view the count I believe)
      • Re:KISS (Score:3, Insightful)

        That might be a thing to do anyway just as a sanity check...
    • Re:KISS (Score:4, Interesting)

      by hazem ( 472289 ) on Wednesday January 04, 2006 @05:07PM (#14395894) Journal
      What I've always thought would be a good idea would be a computer to help generate the ballot, and then a separate computer to count those ballots.

      This offers the advantages of multi-language ballots with brail, audio prompts, etc. And the resulting ballot is standardized so it can be read by both machine and human - and no "hanging chads".

      The ballots can then be easily counted by another machine - and human validated as necessary.

      The ballot-generating computer never needs to "count" - but it could do so as a spot check against the counting computer.
      • Re:KISS (Score:3, Interesting)

        by cortana ( 588495 )
        Like EVM2K3 [sourceforge.net]? :)
      • Re:KISS (Score:4, Insightful)

        by mooneyd ( 233024 ) on Wednesday January 04, 2006 @05:33PM (#14396163) Homepage
        That's exactly how it should be done. Use a touch screen to make your choices, it prints out a op-scannable ballot you can hold in your hand and verify. You then stick it in one of two slots: the scanner slot or the shredder slot. That action will either confirm or reject your vote inherantly. If you reject the ballot, you can go through it again on the touchscreen, otherwise you are done.

        And the machines should be developed by national research labratory in a completely open and transparent way. The source code, design plans and manufacturing process would be completely auditable by the public. No corporate control of voting machines. No security through obscurity.
      • Re:KISS (Score:5, Insightful)

        by hackstraw ( 262471 ) * on Wednesday January 04, 2006 @06:39PM (#14396697)

        I wish I was on a website with computer geeks.

        "hanging chads"

        Bullshit. Punchcards were first made in the early 1800's and then used more commonly by big computer companies like IBM in the late 1800's. They were not used after the late 70's because they sucked. I work with people that used punch cards to program computers. They never talk about "chads" they talk about things like getting cards out of order, dropping them on the ground and not being able to edit them once made. They don't talk about "chads", those are invented words for the 2000 election well after nobody used punchcards for over 20 years.

        I've taken a number of standardized tests for over 20 years that have never, ever used punchcards or had hanging chads. They were all done with standard #2 pencils and a piece of paper that could scan them at remarkable speeds and accuracy. I'm sure somebody could counter with a time that one kid had his SAT score off by a point or two out of 1600 or the 2400 or whatever it is now, but AFAK they are beyond human accuracy, and never, ever have "chad" issues.

        So, why all the talk and fuss about this stuff? Are elections routinely rigged? Is this the new terrorist plot? Are the scantron type ballots that I have used rigged or wrong? Are the mechanical vote counters rigged or wrong? Was the President of the United States chosen by popular ballot in 2000? Does it even matter?

        The more this disinformation keeps us busy, it makes those who really matter in these matters more free to have more room to do whatever they want to do.

        I don't believe its any more difficult to count nominal data accurately than it ever was. Its the people that do the counting that are always variable, and will always be.

        • Re:KISS (Score:3, Insightful)

          by dfenstrate ( 202098 )
          From what I understand, the hanging chads were most likely the result of voter fraud by the election officials in charge.

          They would take a stack of ballots, and run an icepick through their preferred candidate's hole.

          If their candidate was the same as the voters, the card was unchanged. If it wasn't, a new hole would be made and the vote invalided for multiple voting. Since Icepicks weren't the proper instrument for voting, they left chads hanging.

          Of course, who you think the fraudulent election officials w
          • Re:KISS (Score:5, Informative)

            by mrhartwig ( 61215 ) on Wednesday January 04, 2006 @10:06PM (#14397849)
            From what I understand, the hanging chads were most likely the result of voter fraud by the election officials in charge.

            Bullshit. While I happen to suspect that there was some fraud in the 2000 election (in Florida along with a bunch of other places) this sounds like nothing more than a Conspiracy Theory, knee-jerk, reaction.

            We use the same ballot system here in my little corner of Missouri, and I assure you that it's very possible to leave a chad hanging, even with the "approved" punch device that's part of the voting station. No icepick required.

            If you did use an icepick in the manner described in the parent, you couldn't do very many cards at once; there would be quite obvious damage around the hole, as the icepick would be significantly bigger than the chad hole. And the wrong shape (round vs. rectangular).

            I don't remember if I'm making this up, but I believe our instructions include a step having you check to make sure all the chads have been totally punched out. If we do have such an instruction, I don't know if it was there before 2000. But I've always checked, instruction or not; it's not that complicated. :-)

            Also to add an on-topic comment; Wisconsin's law is a great step, but I agree with other posters that a much better system would be to make the vote generation device separately from the vote counting device.

    • Re:KISS (Score:5, Insightful)

      by Dutchmaan ( 442553 ) on Wednesday January 04, 2006 @05:07PM (#14395895) Homepage
      We can only move in the right direction.. This is a positive step to be sure, and as flaws in this system reveal themselves we will take further steps toward refining the process of preserving intergrity in the voting system.

      The perfect democracy is a goal and can never really be perfectly attained... but it serves as a compass to keep us going in the right direction.
    • Re:KISS (Score:3, Insightful)

      I'm all about e-voting, but the way it's shaped up, I'm going to have to agree with you. Everybody fills it out with a #2 pencil, fill in the WHOLE bubble Grandma, then put your thumbprint in the corner, and stuff it in the nice locked box.

      Even that probably isn't truly secure in our system. The joker who picks up the boxes will lob a couple in the lake on the way to get them counted.
      • Re:KISS (Score:5, Insightful)

        by kfg ( 145172 ) on Wednesday January 04, 2006 @05:14PM (#14395971)
        . . .put your thumbprint in the corner . . .

        No.

        KFG
        • Re:KISS (Score:4, Funny)

          by Rude Turnip ( 49495 ) <valuation@noSpAm.gmail.com> on Wednesday January 04, 2006 @05:19PM (#14396022)
          To elaborate on kfg's comment..."No. I'd rather not give my employer or corrupt union leader a way of tracing my ballot back to me. I appreciate my status of being employed and only wish to have my bones broken due to a skiing accident."
        • Re:KISS (Score:5, Insightful)

          by HUADPE ( 903765 ) on Wednesday January 04, 2006 @05:19PM (#14396029) Homepage
          Agreed. One of the major tenets of democratic voting is the secret ballot. This is in and of itself a problem with electronic voting because the order of votes can be counted as well as the votes themselves. A determined individual can then match the order and time of votes to individuals as they signed in to the polling place. Non-secret ballots can allow for voter intimidation (will the new mayor fire people who voted against him?)
        • Re:KISS (Score:3, Insightful)

          by AKAImBatman ( 238306 )
          Mod parent up:

          100% Correct
          100% American
          100% Insightful

          Remember that one of the key points in an election is anonymous ballots. The entire point is that someone can't hold a gun to your head (or hold your family hostage, blackmail you, or do millions of other nasty things) to force you to vote the way they want you to. The moment a ballot can be traced back to its owner is the day our entire system will collapse.
      • ...fill in the WHOLE bubble Grandma, then put your thumbprint in the corner

        Ahhh, let's hear it for our anonymous voting system...
    • Re:KISS (Score:4, Insightful)

      by cait56 ( 677299 ) on Wednesday January 04, 2006 @05:12PM (#14395950) Homepage
      That's why you also need a write-only audit trail produced
      before the voter leaves the booth. A second paper copy is
      certainly one form of a write-only audit trail.

      Keep in mind that paper-ballots were far from perfect.
      Counters could and did vote for people who neglected
      to fill in for some contests, and/or create extraneous
      marks on the ballot to make it retroactively ambiguous.

      A print-out with full candidate names is a lot harder
      to alter than a pre-printed form with Xs inside of boxes.
    • I think so. When you talk paper ballots people think it's just paper and pencil/pen, but it would be possible to use a computer to fill the ballot while allowing visual verification by the voter (helpful to prevent filling out the ballot incorrectly or to provide accessibility features).

      The advantage to computers is that if they aren't tampered with and are implemented properly, they should provide a more accurate count than manually processing the ballots. Nice in theory, anyway.

    • Re:KISS (Score:3, Insightful)

      by blazer1024 ( 72405 )
      Voting systems are only as good as the people administering them. Even with the most super-secure systems, if you pay/kill off enough of the right people, it doesn't matter what the vote really was. Especially if you screw with random polling on television so it *looks* like the vote is going to head in the direction you want it to, as well... nobody's going to question the local news station's informal polls anyway.

      If all that fails, just get plenty of dead people to vote. That what they do here in Albuque
    • The idea is that the printouts are saved just the way paper ballots would otherwise be saved, and if a recount is needed, you go back to that paper and thus any recound is performed against the actual ballots cast.
    • Re:KISS (Score:4, Informative)

      by hackstraw ( 262471 ) * on Wednesday January 04, 2006 @05:21PM (#14396042)
      Being open source makes it tamper-resistent, not tamper-proof.

      Somebody, probably not me or you will compile the final code to be run on some computer that we don't know the details of anyway. That somebody may know how to alter the code, maybe not.

      I know of no way that a computer recount could happen without a paper trail.

      Would it not be easier to just use a paper ballot in the first place?

      I don't see how this is so difficult. Each voting place I've been to scratches off your name when you show up to vote off of a roster of registered voters, and there should be a total count of those registered which should equal the number of pieces of paper in the ballot box.

      There can be simple large scantron type cards that are immediately sorted into something like X party, Y party and Z party, and maybe "other". These can be quickly gone though and if there was an X in the Y party box, something might be fishy. If the Z party box weighs more than the X party box which has more than Y, then Z won. It could counted if mass is that big of a controversy.

      In this country, people have the right to anonymously vote for a particular candidate, but not to vote anonymously. It is known when you vote, and for good reason so that dead people don't go around voting over and over again or even live people.

      What is so difficult with counting nominal data these days?

      • Re:KISS (Score:3, Informative)

        by skiflyer ( 716312 )
        What is so difficult with counting nominal data these days?

        It's not difficult to count nominal data these days, it's difficult to verify (to yourself and outsiders) that no one along the way has been able to modify the count. In the paper ballot days, a simple recount is what was offered, this addresses mistakes, and malicious counters who lie about what they tallied. But it doesn't help with ballot stuffing or tossing the box into the river... so then you could have the ballots inspected, and a committ
    • The entropy of the human soul is unavoidable, but Open Source can help minimize the damage.
      Re your sig:
      How can you quote Lemmy without any Motorhead attribution? (He said, realizing that he wasn't crediting Devo in his own).
    • Re:KISS (Score:4, Insightful)

      by oni ( 41625 ) on Wednesday January 04, 2006 @05:24PM (#14396089) Homepage
      Just off the top of my head, I would say:
      Give the voter a receipt that consists of, 1) a long randomly generated ReceiptID, 2) a plaintext record of the vote (as in, "you voted for Kodos"), and 3) a cryptographic signature.

      So in other words, I have a peice of paper that I get to take home with me and on that peice of paper is written:
      ------ Begin PHP Signed Text -----
      ReceiptID 243524534523423454345234234
      Voted For: Kodos
      ------ Begin PHP Signatre Block -----
      (signature here)
      ------ End PHP Signatre Block -----
      ------ End PHP Signed Text -----

      After the election, you can publish the ReceiptIDs and vote records on a website. Anyone who wants to verify the authenticity of the election can tally all the votes themselves. If I want to make sure that MY vote counted, I can look it up. If I see that they changed my vote, I can come forward with my reciept. I can't change my receipt because it's crytographically signed. Nobody can find out who I am because my reciept number has nothing at all to do with me, it's just a random unique number.

      (why is it that this stuff always seems easy to us slashdotians? Why do corporations always make it so complicated and broken??)
      • Re:KISS (Score:5, Insightful)

        by hazem ( 472289 ) on Wednesday January 04, 2006 @05:35PM (#14396183) Journal
        The problem with a receipt is that it can then be used to make sure you voted a certain way.

        corrupt boss: Joe, have fun voting, and be sure to bring back your receipt so I can know how you voted and decide if I'm going to fire you. Oh yeah, and if you don't have a receipt, I'll fire you.

        • Although that would work on incredibly stupid voters, simple intimidation usually works on them anyway.

          Voters with half a brain cell copy, forge or borrow a receipt to show to the boss.

          There's no voter name on the receipt, thus no way for the boss to know how YOU voted.

        • Re:KISS (Score:3, Insightful)

          by VE3MTM ( 635378 )
          US Code, Title 42, Chapter 20, Subchapter 1, Section 1971:

          (b) Intimidation, threats, or coercion
          No person, whether acting under color of law or otherwise, shall intimidate, threaten, coerce, or attempt to intimidate, threaten, or coerce any other person for the purpose of interfering with the right of such other person to vote or to vote as he may choose, or of causing such other person to vote for, or not to vote for, any candidate for the office of President, Vice President, presidential elector, Member

      • This is a horrible idea, because it makes your vote public. This means you could buy votes -- ask people to show them the receipt with the unique ID and verify which way they voted. We have a secret ballot system for a very good reason.
      • Re:KISS (Score:5, Insightful)

        by sam1am ( 753369 ) on Wednesday January 04, 2006 @05:37PM (#14396188)
        As has been mentioned elsewhere; this is a bad idea, because you could be "persuaded" to share your receipt number with someone else, who could use it to verify you voted a certain way.

        Guy sets up booth taking receipts that prove a vote for candidate A, you get $10.

        Or more insidious, your boss tells you you need to vote for candidate A. In order to obtain your next paycheck, you must show your receipt that you voted for candidate A.

        Once you leave the polling place, you should not be able to verify your vote to yourself or anyone else.

        (Now, if you took that receipt and dropped it in the ballot box on the way out of the polling place, that's another story)
        • by oni ( 41625 )
          Once you leave the polling place, you should not be able to verify your vote to yourself or anyone else.

          Fine, in that case, a voter must be shown the master log and allowed to compare his receipt with it. That way, he can be sure that his vote was recorded. Then the voter is required to dispose of the receipt. No voter is allowed to carry a receipt out of the voting place.
      • That would never fly... the receipt id may have nothing to do with you, but it can be retreived through a simple search warrant, and whether or not that's paranoia isn't my point, my point is it's enough to keep it from ever being implemented in this country.
      • Re:KISS (Score:5, Funny)

        by kernelpanicked ( 882802 ) on Wednesday January 04, 2006 @05:43PM (#14396230)
        ------ Begin PHP Signed Text -----
        ReceiptID 243524534523423454345234234
        Voted For: Kodos
        ------ Begin PHP Signatre Block -----
        (signature here)
        ------ End PHP Signatre Block -----
        ------ End PHP Signed Text -----

        I think what you're looking for is 'PGP" signed, but hen again some folks will use php for damn near anything.
      • by Valiss ( 463641 )
        (why is it that this stuff always seems easy to us slashdotians? Why do corporations always make it so complicated and broken??)

        Cause if you make a product that works right, the first time (and every time) you get no new business.

        To put in another way: job security.
      • So in other words, I have a peice of paper that I get to take home with me and on that peice of paper is written:
        ------ Begin PHP Signed Text -----
        ReceiptID 243524534523423454345234234
        Voted For: Kodos
        ------ Begin PHP Signatre Block -----
        (signature here)
        ------ End PHP Signatre Block -----
        ------ End PHP Signed Text -----

        No.

        The Corrupt Party could buy votes. After you leave the polling location the local party enforcer could give you $10 and take the receipt -- after all your vote is printed ri

      • Re:KISS (Score:3, Funny)

        by iluvcapra ( 782887 )

        Well, if you're using PHP, I know exactly how I'd vote:

        Enter your vote below:

        Kodos; INSERT INTO votes ('candidate') VALUES ('Kodos'); INSERT INTO votes ('candidate') VALUES ('Kodos'); INSERT INTO votes ('candidate') VALUES ('Kodos'); INSERT INTO votes ('candidate') VALUES ('Kodos'); INSERT INTO votes ('candidate') VALUES ('Kodos'); INSERT INTO votes ('candidate') VALUES ('Kodos');INSERT INTO votes ('candidate') VALUES ('Kodos'); INSERT INTO votes ('candidate') VALUES ('Kodos');

        Etc...

    • Correct. The paper ballot is still modifiable or "lost" if need be (it's just more difficult). Since it travels with the same person that collects the electronic votes there's not a whole lot of safety here.

      However, it's better than nothing.
    • Re:KISS (Score:5, Informative)

      by j. andrew rogers ( 774820 ) on Wednesday January 04, 2006 @05:43PM (#14396232)
      Something similar is done in Nevada, which is generally regarded as being clueful about preventing fraud in electronic machines thanks to many years of dealing with elaborate attempts at electronic gambling machine fraud. Much of the value of electronic voting machines are that they are inexpensive, fast, and theoretically less error-prone to manage compared to pre-printed paper ballots and other older methods.

      While no voting system is fool-proof, the Nevada method is something like this: Electronic voting with a voter-verified paper receipt to ensure that what is on the paper is what was selected electronically by voter. The paper receipts are collected and a few percent of the total paper records are randomly and independently audited to verify the electronic records. The important thing that happens here is that the verification and authentication of the vote is distributed among multiple authorities, providing strong statistical evidence that an election was indeed counted as it was voted while providing no single point of failure or manipulation that is likely to go unnoticed. It also does not have the overhead of manually counting every single paper ballot.

      This is actually a more robust voting protocol in many ways than the paper ballots it replaces. I do not know if Wisconsin is doing things precisely this way, but I imagine that they would use some variation of the Nevada protocol.

    • BIG PROBLEM (Score:4, Informative)

      by goombah99 ( 560566 ) on Wednesday January 04, 2006 @05:56PM (#14396338)
      The problem here is that there are no open source voting machines on the market at this time. So what is going to happen?
      In most cases they can't be since the OS is closed source. Moreover, federal certification is no longer just for stand alone voting machines but requires the whole "system" of vote counting and vote merging software to be certified. So even when the vote counters could be open source the vote databases may not be. Diebolds run on windows CE, ES&S ivotronics probably run on windows CE, ES&S opscans run on Qnix, sequoia touchscreen kiosks run on some undisclosed proprietary software and the ballot database software runs on windows. No word what Sequoia Optek/insights run on but again the ballot data bases run on windows.

      thus these companies can't open their source since it's not theirs to open.

      Accupol is built on linux and java so it could in principle be open source at their discretion. But because the accupols are cobbled together from mainly commodity components the company investors is averse to open sourcing their only real IP.

      Not sure about avante and harte and unilect but it appears they contain windows software.

      OVC is the only system truly designed with open source in mind. But it's not ready for sale yet.

    • Re:KISS (Score:4, Interesting)

      by deblau ( 68023 ) <slashdot.25.flickboy@spamgourmet.com> on Wednesday January 04, 2006 @06:35PM (#14396674) Journal
      And how do we know that the prinout matches whatever counter is incremented within the computer?

      We don't, other than by inspecting the source. Once we cast our vote using a paper ballot, how do we know it was actually counted? We don't, other than by having observers present. Source inspection is the digital analogue of human election observers.

      IMHO, having computers count is more accurate than having people count. Remember, as Stalin may or may not have said [about.com], "those who cast the votes decide nothing; those who count the votes decide everything." Florida 2000 and Ohio 2004 showed us that. Computers have no motivation to lie, and I can inspect a computer's source code. I can't inspect the mind of the person counting my paper ballot. To me, computers have more accountability.

    • Re:KISS (Score:3, Informative)

      by Izaak ( 31329 )
      And how do we know that the prinout matches whatever counter is
      incremented within the computer?


      Actually, the count of voters will also be tracked
      independent of the machine. Voter registration is
      checked before you vote. They check in a hardcopy
      voter registration book that your name shows up
      at the address you claim to be living at. You
      need to show ID or something else with your address.
      They then check you off as having voted by writing a
      sequence number next your name. The number is not reliable
      for determ
  • by LodCrappo ( 705968 ) on Wednesday January 04, 2006 @05:04PM (#14395861)
    unfortunately you will still have to vote for either a republican, a democrat, or someone who will lose.
    • Yes, but once Wisco goes open source it will be better than what it is currently: vote for a republican or someone who will lose.
    • Ah, but every vote on one of these babies is a vote for open source ;)
  • by Mattness ( 636060 ) on Wednesday January 04, 2006 @05:05PM (#14395866) Homepage
    Paper receipts should be a no brainer, as should be open source software for voting machines. Too bad this isn't occurring in every state, yet. Or is it? I am an ignorant person about this topic. Someone enlighten me.
    • will require the software of touch-screen voting machines used in elections to be open-source.
      Likely, the moment the lobbyists get their move on this, open source will be redefined to be source code printed on punch cards submitted to the state archives under an NDA to be kept in a vault next to Hoffa's shoes and The Ring of Power.

      The printed receipt is fine. Governments have known how to manipulate those for centuries.

    • Nor should a voting system require a multi-function operating system like windows nt. Really, do we need something with more power than nasa had 10 years ago just for the ++ op of voting? See the solution that India [sepiamutiny.com] came up with. Cheap, simple, verifiable and easy to copy. Honestly, how many Mhz do you need to count a vote and how many MB do you need to store a tally?

    • There are two meanings for "paper receipts":
      1. paper ballot which is the actual ballot, kept by the county clerk / election officials;
      2. paper receipt, kept by the voter, proving they've voted and indicating who they voted for.

      The latter concept is VERY BAD. It would encourage the ability of someone to buy an election by paying money or favors to someone in exchange for their receipt proving they voted for someone in particular.

      This is the reason we have secret ballots - to make vote-buying quite difficu
    • Sorry, "paper receipt" is just a bad idea, despite how popular it is among some. Here's the next step: the paper receipt goes to a party boss so you can collect the payment for your vote, or to your boss or union rep to prove you voted the "right" way so you can keep your job.

      Flame me if you want, but I've been a candidate, so I have a vested interest in the issue. As long as the machine doesn't say "Diebold", I'd rather take a chance on some totally improbable conspiracy to rig electronic ballots. That's
      • They're not saying that the voter gets given a copy, they're saying that a copy gets stuck in a box so that in an emergency the total can be double-checked. Basically the only reason they're not calling these bits of paper the ballots is that you can only have one ballot and that's the signal inside the computer. Best of both worlds - fast effortless counting that you can double-check in an emergency.
  • Thank you very much (Score:2, Interesting)

    by stevenm86 ( 780116 )
    This is exactly what people have been saying all along. It is not a good idea to trust the numbers that the machine keeps track of electronically somewhere. Some sort of paper trail is definitely a good idea. Even a simple line printer that sits in the back of the room somewhere, printing a short summary of every cast ballot would work because it provides a paper trail that can be verified by a human.
    Question is, why aren't other states doing this?
    • Eh. What if the machine changes every 50th vote, so it's wrong even in the paper trail?

      Either the process needs to be wholly transparent and heavily audited, or we need to move back to paper. I just flat out do not trust these companys who make the machines. Every damn one of them is crooked.
  • by Sheetrock ( 152993 ) on Wednesday January 04, 2006 @05:06PM (#14395886) Homepage Journal
    There's also a provision that the voting machines be made out of cheddar.
  • by mister_llah ( 891540 ) on Wednesday January 04, 2006 @05:07PM (#14395891) Homepage Journal
    So instead of people who can't figure out how to punch the proper hole, now we'll have people pushing the wrong button, accidentely pushing the "Are you sure?" prompt's "OK" ....

    Oh wait, whew, Wisconsin, not Florida...
  • This is amazing (Score:5, Informative)

    by TubeSteak ( 669689 ) on Wednesday January 04, 2006 @05:07PM (#14395896) Journal
    Municipalities that use electronic voting machines are responsible for providing to the public, on request, the code used.
    This isn't like North Carolina requiring that the source be placed in escrow, they're actually requiring it be available to the public.

    I can't wait to see what http://www.blackboxvoting.org/ [blackboxvoting.org] has to say about this one.

    It means they won't have to jump through fucking hoops just to test the machine (like in California)
  • by justanyone ( 308934 ) on Wednesday January 04, 2006 @05:08PM (#14395899) Homepage Journal
    There seems to be (happily) no preclusion of printing bar codes indicating the choices underneath the names of the candidates. This should allow for rapid and accurate scanning and counting. Ballots can be verified by hand or other (possibly 3rd party) means to prove that the bar codes equal the name on the ballot.

    This will speed up and make more accurate the counting vs. OCR of the candidates' names.
    • Um damn it for the first time in my life (on /. anyway) i'm putting in my tinfoil hat. If you rely on barcodes how are you going to know the barcode corrosponds to your candiate of choice. What if they use candidate 1's bar code for both canidates? What about write ins?
    • Given the common source (or limited sources) for the printing plus the very small number of possible choices (write-ins can be handled separately), OCR could easily be done just as fast as a barcodeon this sample.
  • Comment removed (Score:5, Interesting)

    by account_deleted ( 4530225 ) on Wednesday January 04, 2006 @05:11PM (#14395927)
    Comment removed based on user account deletion
    • Re:Nonsense (Score:3, Interesting)

      by Whafro ( 193881 )
      the board of elections in your local municipality (depending on state, etc) is responsible for choosing the machines and the software. These are either elected officials or are appointed by elected officials, and therefore responsible for representing your interests.

      The Board of Elections is responsible for ensuring that the correct software is loaded, and you, as a voter, will check the Board of Elections.

      Elections don't just happen, they are overseen by people you put there, directly or indirectly.

      The op
      • Re: (Score:3, Interesting)

        Comment removed based on user account deletion
        • Re:Nonsense (Score:4, Interesting)

          by AeroIllini ( 726211 ) <aeroillini@ g m a il.com> on Wednesday January 04, 2006 @06:18PM (#14396525)
          I don't get why you guys are coming off with this kind of response KNOWING how in Florida 2000 we all got to see how it did NOT work, and how people got confused or thrown off by their poor understanding of how it DID work. Through what may be deliberate fiddling, or more likely incompetence, the ballot paper in parts of Florida made it potentially unclear to some people who they were voting for, and unclear to those counting the votes who the voter had actually voted for. That is what I call a total farce, and it couldn't have happened if the election had been conducted using a simple sheet of paper with a handwritten X scrawled next to the chosen candidate.

          I agree with you whole-heartedly, but there are several factors keeping things from being that simple.

          The ballots here in the US usually contain a huge number of elections. In the last presidential election, we were asked not only to vote for the president, but also for congressmen, judges, city councilmen, county board members, and other various municipal elected officials, not to mention the three to five different local resolutions on each ballot. The butterfly ballot system (which became famous in Florida in 2000 for the Pat Buchanan situation) is simply a way to condense a large amount of information in an anonymous way onto a small ballot card. These things are literally books, usually with ten or more pages of elections to vote for. It's not a perfect system, certainly, but putting all the same information on a single sheet of paper with room for marking a candidate, clearly delimiting the various elections taking place, allowing for instructions in both English and Spanish, and making the text large enough to read makes for a rather large sheet of paper. And asking people to read candidates off one sheet and mark their choice on another sheet creates all the same confusion and problems people had with the butterfly ballots.

          I think our best bet in the US for paper ballots is to create printed booklets with instructions and a single election on each page. The actual listed candidates and boxes for marking a vote would be contained on a perforated sheet like a coupon, which the voter rips out and stuffs in the ballot box. The voter would keep the booklet after voting. The creation of these booklets could be automated without much fuss; each municipality could retrieve their booklets as a PDF file and have them printed and stapled before the election. It's not like ballots are secret until the day of the election.

          But truly, in any voting system, accuracy boils down to the skill of the people recording the votes. In paper voting, that means the people counting, the people recording the votes, the people calling in the numbers to state headquarters, and the people assisting voters with questions. In computerized voting, that means the people who designed and built the hardware, the people who wrote the firmware, the people who wrote the software, and the people in charge of the networks doing the reporting to a central agency. Mistakes will be made, and recounts will happen. If automation does not help fix the mistakes that are made, and in fact creates many more problems, then it is not worth the trouble.
      • Re:Nonsense (Score:2, Interesting)

        ...and what if the hardware is hacked? Detecting this would be much harder than checking on the code, which could be verified by checksum.
    • Re:Nonsense (Score:4, Funny)

      by killmenow ( 184444 ) on Wednesday January 04, 2006 @05:27PM (#14396102)
      Why are Americans obsessed with diluting their democracy by using machines to do it ?
      Shhh! It's easier to control the populace this way. Now shut up!
    • Automated vote counting of any kind - electronic or mechanical - makes fraud considerably easier, puts a mystery shroud around the counting process and as such is incompatible with democracy. In the UK we count all the votes in our elections within 12 hours including the odd recount. Why are Americans obsessed with diluting their democracy by using machines to do it ?

      I don't disagree with you at all. I will, however, add that the difference in population size may have something to do with the US wanti

  • by revery ( 456516 ) <charles AT cac2 DOT net> on Wednesday January 04, 2006 @05:14PM (#14395970) Homepage
    the bill requires that if a municipality uses an electronic voting system that consists of a voting machine, the machine must generate a complete paper ballot showing all votes cast by each elector that is visually verifiable by the elector before he or she leaves the machine.

    Of course buried in the legalese was the rest of the bill:

    The vote-tallying software shall be closed source and shall be owned in whole by Diebold. As such, the printed ballot shown to elector may have no bearing on actual vote recorded. Names may be substituted based on (1) party of candidate (2) intelligence of choice (3) corruption in district (4) time of day (5) OR if you live in Palm Beach or Broward County, pure whimsy. Additionally, elector may be fined or audited based on vote case, or in extreme cases, placed on the National Do-Not-Fly list and scheduled for investigation by the Department of Homeland Security.

  • Will the BIOS and firmware also have to be open source? Maybe this move will give some hardware manufacturers an incentive to start providing this.
  • Hallelujah!

    (The above is not to be construed as an endorsement of any particular religion, or religion in general.)
  • What would really be nice for secure voting would be a system of encrypted voting. Everyone writes their vote to a small disk or USB dongle twice: once cleartext, once encrypted with a public key. On Election Day the dongle is plugged into the open-source voting machine, which increments the vote-count of the appropriate candidate based on the cleartext version and associates the encrypted vote in a database with the voter's identity.

    If at any point the vote needs to be verified or the voter contests the
  • by second class skygod ( 242575 ) on Wednesday January 04, 2006 @05:23PM (#14396073)
    They're acting as if they want to avoid rampant abuse and fraud. While it sounds great, I don't think America is ready for such a radical notion.

    -- scsg
  • Carma burning time ;)

    I find it somewhat amusing that the country that brags to the world that they are such a great democracy, are having such a hard time to perform something as basic and simple as a vote without the citizens suspecting foul play and cheating all the time...

    Isnt it some kind of generel error with a system when the major issue is not what to vote on, but if the voting process wasn't rigged?

    Of course its good that the citicens can keep control on the elections, but why not just handle it lik
  • by Kefaa ( 76147 ) on Wednesday January 04, 2006 @05:26PM (#14396100)
    Can someone explain why we can standardize street signs and the amount of sugar allowed in school lunches but we cannot get a standardized election system?

    After the 2000 election debacle, we had money thrown at the states to "fix the problem." So we ended up with 35 different solutions.

    A simple federal mandate - the voter must be verifiable, their vote must be able to be able to be authenticated after they leave the booth, in the event of a recount and the system can be fully audited. Instead, we have systems with no paper trails, questionable vendor operations, and seemingly contradictory election results.

    We can make millions of secure stock sales, bank transfers and on-line purchases daily, and we cannot get a vote counted and auditable? The people who produced these machines should be fired for stupidity and forced to return our money.

    • After the 2000 election debacle, we had money thrown at the states to "fix the problem." So we ended up with 35 different solutions.

      Only 35 solutions? I'm pretty sure we have more states than that... Are you using wikipedia for reference again?
  • Wisconsin was also the state that delegated district boundary duties to a third party, to try and prevent Gerrymandering. I live in Minnesota, and I can say with some certainty that there must be somethhing up here that makes us slightly saner than the rest of the country. And I'm glad.
  • by hweimer ( 709734 ) on Wednesday January 04, 2006 @05:32PM (#14396160) Homepage
    From TFB [state.wi.us]:

    5.91 (19) The coding for the software that is used to operate the system on election day and to tally the votes cast is publicly accessible and may be used to independently verify the accuracy and reliability of the operating and tallying procedures to be employed at any election.

    This is somewhat less than what is usually meant by the term "Open Source" [opensource.org]. But it seems that at least voting machines running a completely closed operating systems are ruled out.
  • by Ramses0 ( 63476 ) on Wednesday January 04, 2006 @05:33PM (#14396166)
    """How do you recount? Election results must be reproduceable by a human afterwards, especially if a virus or spyware got into the election results (either on purpose, or with malicious intent). Open Voting has this part figured out by producing a paper ballot that can be validated without the use of a computer, or you can use a computer to check it faster."""

    http://www.robertames.com/blog.cgi/entries/links/v ote-hacking-2004.html [robertames.com]

    Links have broken with time, but here's an updated link to Open Voting...

    http://www.openvotingconsortium.org/modules.php?na me=FAQ&myfaq=yes&id_cat=11&categories=Security%2C+ Resiliency%2C+Integrity%2C+Reliability [openvotingconsortium.org]

    Their systems are reallly neat and they've had a lot of smart people looking at the problem. I've not been involved in it, but have read some of their documentations, and promised myself that I'd speak up and give them google-juice anytime voting came up. Some highlights:

        - Commodity hardware / software

        - Open source code

        - Paper "receipts" that can be verified by:

            * Sight

            * Barcode

            * Audio / Visual

            * Separate "reader / recounter"

        - Accurate computer counts (ie: select count(*) from votes group by person)

        - Paper trail for recounts (re-count manually or computer assisted the receipts), with useful information hidden in the water-marked receipts (kindof like scantron stuff, where both computers and humans can read it). ...all in all it seems like a pretty good system and like I said they've done a lot of thinking about it.

    --Robert
  • Comment removed based on user account deletion
  • Not Open Source (Score:3, Informative)

    by John Hasler ( 414242 ) on Wednesday January 04, 2006 @05:48PM (#14396270) Homepage
    > Wisconsin Governor Jim Doyle today signed legislation that "will
    > require the software of touch-screen voting machines used in
    > elections to be open-source."

    The law does not require that the software be Open Source. It merely requires that voters be able to examine and test it.
  • by daemonenwind ( 178848 ) on Wednesday January 04, 2006 @06:00PM (#14396376)
    This from the same guy who feels that you should not have to prove your identity before voting. [64.233.167.104]

    I would expect this is only a ploy to make it seem like he cares about the voting irregularities which occurred in WI during the 2004 Presidental election, causing several leading Milwaukee Democrats to be investigated.

    Reading the requirements, not only does no one currently offer such a machine, but most machines in the state wouldn't live up to it today.

  • by mykdavies ( 1369 ) on Wednesday January 04, 2006 @06:26PM (#14396601)
    I don't see any sign that this bill requires the code to be open source. The bill requires it to be made public, but does it actually require the state to make it available under an open source licence?

    The WIS quote only says that "the coding for the software that is used to operate the system on election day and to tally the votes cast is publicly accessible and may be used to independently verify the accuracy and reliability of the operating and tallying procedures to be employed at any election". For them to call this open source is bad enough, but for Slashdot to repeat this misunderstanding of the term is ridiculous.
  • by fossa ( 212602 ) <pat7@g[ ]net ['mx.' in gap]> on Wednesday January 04, 2006 @06:43PM (#14396724) Journal

    Based on suggestions I've read in the comments, how about this:

    Voter enters polling place, name scratched off list as usual. Voter enters booth. For each office up for election, voter types* a name or names+ into the voting machine. A blank vote or "Nobody" would indicate no vote for that office. Referendums etc. could be indicated with some predefined response (preferably more than a simple "yes" or "no" in order to avoid Windows-dialog-box-style confusion). When finished, the voting machine prints out the completed ballot. The format is importantly both human readable and machine readable via OCR. Surely if the machine knows the font beforehand, OCR can be fairly quick and highly accurate...? A ballot would essentialy be a list like:

    President: John P. Doe
    Senator: Jane T. Smith
    Representative: Joe G. Johnson
    Increase taxes for schools?: Do not increase

    A ballot may contain special marks to help a machine reader align the text, but the actual vote info must be human readable (i.e. not a barcode). The voter reviews the ballot and either destroys it and creates a new one, or submits it to the ballot box. Ballots are then machine tallied after all ballots are collected (it is important to not tally instaneously for the sake of voter anonymity). Hand recounts may be conducted as necesarry.

    The good parts about this are 1) machine countable, 2) human countable, 3) transparent (voter puts physical paper ballot into box rather than bits into a database), 4) tamper resistant (difficult to invalidate votes by marking or tampering with the ballot after the fact) 5) anonymous.

    One problem is: how to type a candidate's name. Keyboard? What about those with disabilities? I'm not really familiar with alternate text entry systems, but surely some exist.

    * The biggest problem is, of course, determining who is meant by "John P. Doe", since there may be many John P. Does in America. I don't really like the idea of requiring people to "get on the ballot" because anyone who doesn't know who to vote for will almost certainly pick a candidate who is on the ballot. But I don't really have a solution for an all-write-in system. Please address this as a separate issue. In lieu of requiring a typed name, the system could easily offer a selection of candidates as is common now. (How do write-in votes work now? I assume they are silently ignored unless it's clear that a majority of votes are not for someone on the ballot which almost surely never happens).

    + Some offices may allow multiple candidates. Some voting systems may allow multiple votes, possibly ranked, for a single final winner. This voting method lends itself well to these alternative (surperior IMO) methods.

    Discuss.

  • by dimension6 ( 558538 ) on Wednesday January 04, 2006 @07:52PM (#14397154)
    ...whose senator [senate.gov] actually voted against the Patriot Act.
  • by Anonymous Coward on Wednesday January 04, 2006 @10:27PM (#14397960)
    Sorry folks. As someone who knows Wisconsin state IT (and posting anonymously). The voter registration server and apps (SVRS) are CITRIX based. And the papers are already publishing complaints about that application. It is failing to poor project management by state workers with a history of poor project management. The state CIO is a linux advocate (Matt M.), but even he had to bow to pressure for a high profile project and go with HP UX. And our efforts to get rid of MS Exchange had been fairly difficult, and may yet hit the papers. (Even the governor's office hasn't attempted the email conversion despite Larry Ellison's visit...Oracle is trying to help replace MS). The governor can sign anything he wants in to law, but how will it be implemented? And how will the municipalities feel about further requirements to get voters registered and voting, when SVRS works so poorly? It sounds like the average Wisconsin citizen is not going to be very happy with what the state government dictates. From my point of view, too many state IT management folk are jumping on the open source bandwagon because of the CIO, rather than practising good IT. Sounds like the governor signed into law a feel good law without thinking about the consequences. Do I have the answers? Nope, just know this will be a great idea, poorly implemented.

A LISP programmer knows the value of everything, but the cost of nothing. -- Alan Perlis

Working...