OSS Election Systems Desired, but Not Ready 182
An anonymous reader writes "Even though many American voters are ready for open source systems at the polls, Newsforge (a Slashdot sister site) has an interesting story about why open source may not be ready for the polls. From the article: 'The only open source e-voting effort that Rubin [an e-voting expert] noted was the Open Voting Consortium (OVC). "I don't agree with everything they are doing, but they are all about transparency and open source," Rubin said. OVC President and CEO Alan Dechert says it would take a large investment of time and money to provide an alternative to traditional e-voting systems vendors, but he says an effort known as Open Voting Solutions (OVS) is looking to do just that.'"
Paper Ballots? (Score:5, Insightful)
Easy formula (Score:4, Insightful)
1. Open source. We need to be able to trust these systems and how can we do that without being able to examine the code behind them?
2. Paper records kept for the government. Just in case there is a trust issue, this is a backup method for the recount.
3. Paper records for the voter. Worst case, every voter has a copy of their own vote. Hard to use for a recount, but could help identify irregularities.
So easy. I am all for having the convenience and speed of electronic voting, but I cannot for the life of me understand why we must give up the benefits of paper ballots at the same time, and even improve on them (as in the paper copy for the voter).
Huh? (Score:5, Insightful)
"Successful open voting systems that are cheaper, easier to manage, and more transparent than proprietary systems can be found in Australia, Canada, Estonia, and other places."
Perhaps the author meant to say:
"no American vendor offers open source software and systems that are ready for voting."
Why do people belive OSS == trustable? (Score:5, Insightful)
Paper trail (Score:3, Insightful)
We make photo kiosks. Every time someone places an order, we print a receipt. The receipt printer is one of the most reliable pieces of equipment on our systesm. We have about 60 employees. If we can do it, I see no reason why you could not have a voting machine print a paper receipt with your voting selection on it along with a unique, encrypted number. On the way out, the voter places the receipt (or paper ballot, if you will) in the drop box. Once the election is over, if everyone is satisfied with the results, the paper ballots are discarded. If there is a challenge, the paper receipts are counted and compared to the digital count. There should not be much of a difference. If the difference is enough to change the outcome, I'd say go with the paper count. However, if voting fraud is an issue, it will not be a small margin. It is doubtful that someone will try to fraud for only a couple of votes and there should never be more pieces of paper in the box than digital votes cast.
This will allow for a challenge, investigation, and is the only way to provide for a recount.
Privacy?? (Score:5, Insightful)
I like paper ballots because they don't get traced back to you, once you put it in the box you have no identity.
Re:OSS ready for the polls (Score:4, Insightful)
Re:Paper Ballots? (Score:5, Insightful)
> People want election results fast
I disagree.
We may be told that we want results fast, but really we want them accurate.
Go ahead, ask anyone: "Would you rather have poll results within an hour of the polls closing, with a 50% chance that they would be wrong, or have them within 3 days with a 0.00001% chance that they might be wrong?"
You can play with the times and percentages a bit, but I would bet cash money that most people want accuracy & precision, not speed.
Re:OSS ready for the polls (Score:4, Insightful)
The difference is that, with an OSS voting system, if there's a problem with the code, the public will (be able to) know about it.
Compare that to Diebold and ask yourself how likely it is that they'd be forthcoming with crucial details if and when something goes haywire with their electronic voting machines.
Re:Easy formula (Score:5, Insightful)
Indeed, I concur
2. Paper records kept for the government. Just in case there is a trust issue, this is a backup method for the recount.
So long as these records contain a human readable indication of an individual voter's intent, and were verified by the voter at vote-time.
3. Paper records for the voter. Worst case, every voter has a copy of their own vote. Hard to use for a recount, but could help identify irregularities.
Absolutely, uncategorically, under no circumstances. Proof of vote makes wholesale coercion, vote-buying and vote-selling methods practical.
Re:Oh right. (Score:1, Insightful)
Oh, right, troll. Proprietary vendors putting together shiny snake-oil security with closed source software and security by obscurity? Riiight? We already tried that one. You're also repeating very old "hackers/hobbyists" FUD and should try something new and intuitive.
Voting Machines are a Waste of Money (Score:4, Insightful)
I love a technofix as much as the next geek, but computerized voting machines are not the technology for now.
Re:Paper trail (Score:5, Insightful)
Then clearly, you underestimate the skills and resources of your adversary. It is precisely small margins that are concerning. Remember, a small margin of votes can be changed in a close race without producing statistically significant differences from polling (and exit-polling) to raise suspicion. Such small changes, well placed, can have a significant effect on the overall race.
If you think that people do not have the skill to predict where small vote count frauds will make a difference, you need to visit the "gerrymandering" page on wikipedia, particularly the "Gerrymandering computer technology" heading.
Re:Paper Ballots? (Score:3, Insightful)
Re:Oh right. (Score:1, Insightful)
The worst part about OSS election software... (Score:4, Insightful)
Then, you try to 'make uninstall' but the process fails halfway through and so you're left with a system in an unknown state, with rogue files hanging out everyyear.
But as Thomas Jefferson said, it's doubful that your current system will remain stable forever. Every once in a while you need to Reinstall the Operating System.
This is ridiculous, it really is. (Score:5, Insightful)
The only reason that implementing a transparent, auditable electronic voting system is such a problem is because there are certain people that have a vested interest in making it a problem.
Who's ready? (Score:5, Insightful)
Is closed source ready for the polls?
Re:Always vote for the opposition (Score:1, Insightful)
No!
Voting for the biggest opposition party is a vote *for* the two-party system. If you dislike that system, you should vote for a third party. It's a snowball effect, because the more people that vote for smaller parties, the more viable they look, and the more people will vote for them.
Re:Should be part of more sweeping election reform (Score:2, Insightful)
This is my idea of a reform:
---
electronic balloting system:
user arrives at poll place
receives magnetic card with one-way hash of ssn.
user swipes card in cardreader at ballot box
this initiates the voting. touch screens or pushbuttons, etc
no records are kept at all at the ballot box.
Votes are immediatly printed twice via a standard receipt printer in human readable format.
There is also an XML translation of the vote with a checksum at the bottom.
A barcode uniquly identifies the vote.
Another barcode uniquely identifies the voter. (but not personnally identifiable)
User retains one copy of the vote and submits the other copy.
Both copies are identical and either (but only one) can be submitted.
Submitted papar-vote's barcodes are scanned to make sure that this voter has only voted once.
Voter is capable of making several paper ballots. All ballots would have same voter barcode, but different vote barcodes.
Voter is only allowd to submit one ballot, even if several were made.
At no point, other than receiving the voter mag-card is the voter identified by name or social security number.
At poll close, ballot is optically scanned (the entire ballot, on a flatbed scanner).
The ballot is electronically recognized (OCRed) and the XML section is decoded.
If the checksum matches, the ballot is electronically counted.
If the checksum does not match, the ballot is rejected electronically and must be manually entered by unbiased election officials.
All paper ballots must uniquely identify the voter without revealing who the voter is
All paper ballots must be individually uniquly identified in the event of a manual recount
All ballots also contain a date and time of when the ballot is printed.
Manual recount:
Because one voter can create multiple ballots (in case they change their mind, to prevent voter intimidation, etc). The ballots are uniquely identified. The voters are also uniquely identified. All ballots have two id barcodes on them.
If the results are disputed, the first step is an electronic recount.
The next step is a manual recount.
When fraud is charged such that the ballots in possession of the election officials cannot be trusted, the copies that the voters retains can be photocopied and mailed to the election officials. Only the copy that was submitted at the polling place should be submitted because an electronic record of submitted ballots (identifying the voter id and the ballot id) exists and the ballots will be checked upon receipt. If the paper-vote that is mailed has a different vote id than the record of the vote id, the voter is notified and may (if needed) recast their ballot.
Voter responsibilities:
It is the voter's responsibility to check the printed ballot against the vote they made on the ballot box. If they differ, they should try again, posibly with a different machine.
It is also the voter's responsibility to make sure the ballot's barcodes are scanned when submitted and afterward inserted into the ballot bin that is eventually sent to election officials for certification.
Missing paper ballots:
When ballots are submitted, the barcodes printed on them are scanned. This creates a record on an offsite database that contains ONLY the following information: The voter id, the ballot id (unique to voter, not globally unique), the date/time submitted (set by the offsite database), the polling place, and the station number. Each station is operated only by one worker per shift, the station must be logged into and out of by the worker.
(Based on a particular station)
In the event of a missing ballot, the ballot is ignored.
In the event of several missing ballots, the ballots are ignored and the poll worker responsible is fined.
In the event of a large number of missing ballots, ALL voters at that particular polling place are asked to photocopy and mail in their cop
Re:Paper trail (Score:3, Insightful)
Let's face it you could out and out rig the machines and nobody would care. This is america only 35% of people eligable for voting even care enough to stop by the polling place on the way from work.
Re:Why do people belive OSS == trustable? (Score:2, Insightful)
Spot on! Another question: How can you trust the net card (there was post not long ago about IPMI, and the potential for hiding complete remote control backdoors in network interfaces).
Then again, how can you trust humans to count perfectly?
What's wrong with paper
Nothing! Absolutely nothing. As much as my mom suggests I should write my masters or Ph.D thesis on "on-line voting", I relly think this is one of the areas where correctness is just too important to ever trust networked computers (which, afaict, is a strict requirement). Also, there's a lot of long-haired issues: how do we make sure each voter can vote at most once? How do we make selling votes difficult (My best guess: through social ways, i.e. education)? How do we make sure each vote is anonymous, yet at the same time make sure each voter can vote at most once? These are just hard problems in my mind.
In effect, since it's the foundation of democracy (for those nations that are still at least somewhat democratic, i.e. excluding the USA), we need to treat this as safety-critical systems. That includes the provability (and proof!) of correctness, one-time pads for encryption and all that rigamarole.
No. Please. That's the one area where a two-mile bike ride plus waiting in line to put a cross on a piece of paper really pays off well. Stick with the primitive technology here, due to the advantages of being primitive.
Something stinks... (Score:3, Insightful)
As for the money: this is the same country that has spent BILLIONS in Iraq for dubious reasons (the official reasons kept changing, so they can't have been the real reasons).
I heard one of the US Gov's "reasons" was to have democracy/free elections in Iraq, but that can't be the real reason since the US Gov was very obviously not pleased when there was democracy/free elections in Palestine and Hamas got elected
I don't know what is really going on with the USA, but I doubt that the main issue is whether a voting system is OSS or non-OSS.
With all this "globalisation" being hyped as such a great thing, maybe the US should outsource their elections to India, and have UN observers for free to observe stuff.
After all India is arguably the world's largest democracy (1 billion citizens). I bet if they had results as ridiculous as "more votes than voters", "negative votes" heads would _literally_ roll. They somehow have managed to get a decent chap as Prime Minister ( Dr. Manmohan Singh seems to be well-respected by most).
If I were a US citizen I'd _demand_ that all the people involved in supplying or approving crappy election systems be charged for _TREASON_.
After all, the USA keeps saying democracy is so important etc.
Prove it with actions and not bullshit.
Re:The disabled, the confused, and the stupid (Score:5, Insightful)
There's such a thing as braille. Blind people can actually read you know. They can even post on Slashdot with the right software.