Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

OSS Election Systems Desired, but Not Ready

Posted by ScuttleMonkey on Mon Mar 06, 2006 11:25 PM
from the more-than-ready dept.
Government Hardware Politics
An anonymous reader writes "Even though many American voters are ready for open source systems at the polls, Newsforge (a Slashdot sister site) has an interesting story about why open source may not be ready for the polls. From the article: 'The only open source e-voting effort that Rubin [an e-voting expert] noted was the Open Voting Consortium (OVC). "I don't agree with everything they are doing, but they are all about transparency and open source," Rubin said. OVC President and CEO Alan Dechert says it would take a large investment of time and money to provide an alternative to traditional e-voting systems vendors, but he says an effort known as Open Voting Solutions (OVS) is looking to do just that.'"
+ -
story
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

OSS Election Systems Desired, but Not Ready 25 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • Paper Ballots? (Score:5, Insightful)

    by Eightyford (893696) on Monday March 06 2006, @11:28PM (#14864087) Homepage
    What's wrong with paper ballots? They work great in Canada. We even have election results within a few hours, at most. As far as I can tell the only "downside" is that paper ballots are hard to rig elections with.
    • A blind citizen given a paper ballot has to get someone to help, raising problems of confidentiality and trust.

      A computer UI can, in principle, be made easier to follow than a crowded piece of paper. Googling for "butterfly ballot" will get you an example that turned out to be important. A computerized ballot can do validity checking and spare the counting system from having to divine "voter intent" from a double-voted or unreadable ballot.

      Those are the only real advantages I've ever seen mentioned.
      • The method used in Canada scales very well. What you have is this.

        Each voting district has an elections officer who assembles the hardware. Then groups composed of all parties do the actual work of taking the vote and counting the results. All the parties involved are at the count and it's pretty well impossible to spin the result.
        As this happens at an individual poll level it will scale effortlessly. We get our hand counted results about 3 -4 hours after the polls close.

        It'll never

          • Re:Paper Ballots? (Score:5, Insightful)

            by rewinn (647614) on Monday March 06 2006, @11:50PM (#14864195) Homepage

            > People want election results fast

            I disagree.

            We may be told that we want results fast, but really we want them accurate.

            Go ahead, ask anyone: "Would you rather have poll results within an hour of the polls closing, with a 50% chance that they would be wrong, or have them within 3 days with a 0.00001% chance that they might be wrong?"

            You can play with the times and percentages a bit, but I would bet cash money that most people want accuracy & precision, not speed.

  • Australia (Score:5, Informative)

    by Kangburra (911213) on Monday March 06 2006, @11:32PM (#14864105)
    Here in Australia we have a system that works, and has been used already.

    http://www.softimp.com.au/index.php?id=evoting [softimp.com.au]

  • Easy formula (Score:4, Insightful)

    by HairyCanary (688865) on Monday March 06 2006, @11:36PM (#14864121)
    For public safety, I say we require three things from electronic voting systems:

    1. Open source. We need to be able to trust these systems and how can we do that without being able to examine the code behind them?
    2. Paper records kept for the government. Just in case there is a trust issue, this is a backup method for the recount.
    3. Paper records for the voter. Worst case, every voter has a copy of their own vote. Hard to use for a recount, but could help identify irregularities.

    So easy. I am all for having the convenience and speed of electronic voting, but I cannot for the life of me understand why we must give up the benefits of paper ballots at the same time, and even improve on them (as in the paper copy for the voter).

    • Re:Easy formula (Score:5, Insightful)

      by ??? (35971) <patrick@kobly.CHICAGOcom minus city> on Tuesday March 07 2006, @12:01AM (#14864247)
      1. Open source. We need to be able to trust these systems and how can we do that without being able to examine the code behind them?

      Indeed, I concur

      2. Paper records kept for the government. Just in case there is a trust issue, this is a backup method for the recount.

      So long as these records contain a human readable indication of an individual voter's intent, and were verified by the voter at vote-time.

      3. Paper records for the voter. Worst case, every voter has a copy of their own vote. Hard to use for a recount, but could help identify irregularities.

      Absolutely, uncategorically, under no circumstances. Proof of vote makes wholesale coercion, vote-buying and vote-selling methods practical.

    • Re:Easy formula (Score:4, Informative)

      by Geoffreyerffoeg (729040) on Tuesday March 07 2006, @12:40AM (#14864419)
      3. Paper records for the voter. Worst case, every voter has a copy of their own vote. Hard to use for a recount, but could help identify irregularities.

      Those who do not learn from history are doomed to repeat it. This used to be the standard, until they caught on to Big Business asking their employees to show them their voting receipt to make sure they were voting for the right candidate. Especially around the turn of the century, this became an effective way to abuse immigrant workers, who had little choice in employment and didn't know much about the political system.

  • Huh? (Score:5, Insightful)

    by femto (459605) on Monday March 06 2006, @11:36PM (#14864122) Homepage
    The article itself states (and other comments have pointed out):

    "Successful open voting systems that are cheaper, easier to manage, and more transparent than proprietary systems can be found in Australia, Canada, Estonia, and other places."

    Perhaps the author meant to say:

    "no American vendor offers open source software and systems that are ready for voting."

  • Australian (Score:3, Informative)

    by LetterRip (30937) on Monday March 06 2006, @11:37PM (#14864124)
    EVACS started open source under the GPL - but closed the source at a later point.

    http://www.elections.act.gov.au/EVACS.html [act.gov.au]

    It is made in Australia, and I was of the impression has been used in elections already.

    LetterRip

    • and from a previous slashdot article,

      [QUOTE]Within the world of electronic voting, though, eVACS (for "Electronic Voting and Counting System") has been a rare success story both for open source development methodology and for the benefits that electronic voting can offer. The first generation of eVACS (running on Debian Linux machines) was developed starting in March 2001 in response to a request for bids by the Australian Capitol Territory Electoral Commission (ACTEC), and it was done on a budget of only A

  • Why do people belive OSS == trustable? (Score:5, Insightful)

    by jaywee (542660) on Monday March 06 2006, @11:38PM (#14864132)
    Can anyone explain me how can I trust OSS running box more than the one running closed software? How can I verify that the software running in the box is the same I verified? How can I be sure the cpu isn't mangled by some foreign goverment? (Since most hw is now made on taiwan..) What's wrong with paper ballots?

  • Paper trail (Score:3, Insightful)

    by ArcherB (796902) on Monday March 06 2006, @11:41PM (#14864151) Journal
    I don't care how "open" or secure a system is, I want a paper trail.

    We make photo kiosks. Every time someone places an order, we print a receipt. The receipt printer is one of the most reliable pieces of equipment on our systesm. We have about 60 employees. If we can do it, I see no reason why you could not have a voting machine print a paper receipt with your voting selection on it along with a unique, encrypted number. On the way out, the voter places the receipt (or paper ballot, if you will) in the drop box. Once the election is over, if everyone is satisfied with the results, the paper ballots are discarded. If there is a challenge, the paper receipts are counted and compared to the digital count. There should not be much of a difference. If the difference is enough to change the outcome, I'd say go with the paper count. However, if voting fraud is an issue, it will not be a small margin. It is doubtful that someone will try to fraud for only a couple of votes and there should never be more pieces of paper in the box than digital votes cast.

    This will allow for a challenge, investigation, and is the only way to provide for a recount.

    • Re:Paper trail (Score:5, Insightful)

      by ??? (35971) <patrick@kobly.CHICAGOcom minus city> on Tuesday March 07 2006, @12:08AM (#14864279)
      However, if voting fraud is an issue, it will not be a small margin. It is doubtful that someone will try to fraud for only a couple of votes

      Then clearly, you underestimate the skills and resources of your adversary. It is precisely small margins that are concerning. Remember, a small margin of votes can be changed in a close race without producing statistically significant differences from polling (and exit-polling) to raise suspicion. Such small changes, well placed, can have a significant effect on the overall race.

      If you think that people do not have the skill to predict where small vote count frauds will make a difference, you need to visit the "gerrymandering" page on wikipedia, particularly the "Gerrymandering computer technology" heading.

  • Privacy?? (Score:5, Insightful)

    by Freaky Spook (811861) on Monday March 06 2006, @11:44PM (#14864157)
    I haven't really read how this e-voting works, but if it means you can log on to a website and vote from home, wouldn't that make your vote not anonymus? What would happen with the log of your IP, your vote could be traced back to you.

    I like paper ballots because they don't get traced back to you, once you put it in the box you have no identity.

  • Voting Machines are a Waste of Money (Score:4, Insightful)

    by Soong (7225) on Tuesday March 07 2006, @12:06AM (#14864269) Homepage Journal
    It's cheaper to count them by hand. [bolson.org] A full county wide voting machine system costs a lot of money, a lot of money that could buy a lot of ballot counting labor hours.

    I love a technofix as much as the next geek, but computerized voting machines are not the technology for now.
  • The worst part about OSS election software is that someone else runs 'make', you run 'make install', but the install process installs too much crap and trashes some of your local files.

    Then, you try to 'make uninstall' but the process fails halfway through and so you're left with a system in an unknown state, with rogue files hanging out everyyear.

    But as Thomas Jefferson said, it's doubful that your current system will remain stable forever. Every once in a while you need to Reinstall the Operating System.

  • This is ridiculous, it really is. (Score:5, Insightful)

    by ScrewMaster (602015) on Tuesday March 07 2006, @12:20AM (#14864341)
    Look. This is America. The nation that led the world in technological development for two hundred years, put men on the Moon a couple of times and invented the personal computer, and now we're saying that we can't even develop a machine that can count reliably???!!! Please. This is not, repeat not a technological issue. It is a political one, pure and simple.

    The only reason that implementing a transparent, auditable electronic voting system is such a problem is because there are certain people that have a vested interest in making it a problem.

    • I agree. (Score:4, Interesting)

      by jd (1658) <imipakNO@SPAMyahoo.com> on Tuesday March 07 2006, @02:50AM (#14864832) Homepage Journal
      There are only a few criteria:


      • You must be able to prove that every valid vote was counted exactly once - no more, no less
      • You must also be able to prove that fake ballots cannot be injected into the system
      • You must finally be able to prove that valid votes cannot be deducted from the system for the required length of time


      These are a bit trickier than just building a machine that can add 1 to a column, but not THAT much harder.


      I would ascribe every digital ballot paper with a hash value that uniquely identifies that paper and would be hard to forge. eg: Have each ballot paper marked with a serial number, then digitally signed by the electoral authorities.


      Each voter's voting card would have a totally random public encryption key on it, plus a number. On going to the voting machine, the card would first tick the person off on the list of people who had voted. After casting the votes, the machine would encrypt the ballot paper with the encryption key, then it would append the number to the end. The electronic ballot paper would then, after a random delay, be sent back to the central repository via an SSL connection. The machine would keep no tallies and no records whatsoever. Nor would the local office. It would all be central. (The local office could count votes cast, though, as it would be useful to compare against votes decoded.)


      The central system would use the number to select a relatively small set of private keys. It would try each key in turn until it found the key that unlocked that ballot paper. That private key would then be deleted. The unlocked ballot paper would be placed into a secure database. The number of valid votes identified would be counted and publicly published in real-time.


      Just to be absolutely certain what is meant here, the database must be write-only from the central system and must be in a tamper-proof environment. Once all ballots are uploaded, it will then perform the count and download the results, ALL of the decrypted ballots and ALL of the encrypted ballots.


      That way, anyone can perform a recount and although it would be a monumental task to validate the votes, it could be done. This system is pseudo-anonymous, not truly anonymous, using a VERY large base to make anonymity effective. The upshot is that if a random sample of voter cards were gathered (anonymously!), it would be possible to show that each of those cards matches to exactly one encrypted vote and one decrypted vote.


      This shouldn't be necessary, as most of the avenues for fraud have already been eliminated. The effort to fraudulently enter a vote in this system would be extraordinary, as it would require breaking the ballot paper generation system, the encryption key system AND the decryption system, in order to be transparent. Failure to break all of these would result in the votes being rejected by the unbroken component.


      I don't think an actual voting system need be this complex, but that's not the point. The point here is that it is possible to imagine a system that is (a) Open Source and (b) so damn-near impervious that it would be cheaper to just buy the person who'd been elected than rig so much as a single vote.


      Has this been done? Probably not. Could it be done? Sure. Give me a couple of weeks, a few smart-cards, readers, kiosks and a tamper-proof computer case. There should be no difficulty in writing a system that would be close to iron-clad for the next 50-100 years, with so close to zero chance of tampering that it's just not going to happen.


      If an OSS election system group has the hardware and would like to play with this scheme, I'd be happy to write it for them.

  • Who's ready? (Score:5, Insightful)

    by SEWilco (27983) on Tuesday March 07 2006, @12:56AM (#14864466) Homepage Journal
    "... open source may not be ready for the polls."

    Is closed source ready for the polls?

    • Re:OSS ready for the polls (Score:4, Insightful)

      by Anonymous Coward on Monday March 06 2006, @11:49PM (#14864188)
      I would have thought that the fundamental problem with closed source, in this particular application (not in general), is the fact that it is closed source. For elections to work it is important that the entire process be open to scrutiny. If something goes wrong, you need to be able to look through and find what/where... even if the only remedy is to say "bug x in function y of the source code makes this result invalid, we need to vote again using a different system (eg. paper)". But if the source is not available for scrutiny, you can't do this... you can look at the results and say "that's a bit odd", but you can't trace back to probable cause. This is precisely what closed source software can never get right, whereas OSS does by definition

    • Re:OSS ready for the polls (Score:4, Insightful)

      by Dachannien (617929) on Monday March 06 2006, @11:51PM (#14864199)
      But if closed source polls can't get it right, what makes us think that OSS polls can?

      The difference is that, with an OSS voting system, if there's a problem with the code, the public will (be able to) know about it.

      Compare that to Diebold and ask yourself how likely it is that they'd be forthcoming with crucial details if and when something goes haywire with their electronic voting machines.

    • Re:OSS ready for the polls (Score:5, Funny)

      by jaseparlo (819802) on Tuesday March 07 2006, @12:14AM (#14864312) Homepage

      The (software|hardware) is only as smart as the person operating it.

      The same could be said for democracy...

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.