Forum Navigation
Topics
Log In
Log Out
:
Forum Search
New Today
New This Week
Advanced Search
Tree View
Forum Account
Edit Profile
Register
Forgot Password
Forum Tools
Help/Instructions
Policies
CLICK STATE TO SEE:
"WATCH LIST"
Marked with: 
"OPEN & HONEST"
Marked with: 
...
|
| (US) 11/06 - The Open Source Solution... |
|
| Author |
Message |
    
Ray Imber
Voting Rights Forum Participant
Username: Rayman22201
Post Number: 1
Registered: 11-2006
Best of Black Box? 
Votes: 2 (A keeper?) | | Posted on Saturday, November 4, 2006 - 8:19 pm: | 
|
I just watched the hacking democracy special on HBO and did a very small amount of research and found this to be such a compelling problem. I more or less just want to state my opinion and get your feedback on the solution that I am advocating:
Now, I don't know how many of you have heard of Open source software but it is a type of software which follows the GNU international license agreement that states that all source code for a program under the agreement must be made publicly available. There was an small post about it on your forums a while ago here: http://www.bbvforums.org/forums/messages/72/17699.html?1138713611
but that was a small post and it seemed few people payed much attention to it.
Now I know there are two parts to this problem, the computers are just one part, the legislation and the people are the other piece. I do note that I am pro-computer, and I admit my biased being a computer engineering student, but even if you hate all things electronic you have to admit that computers are not going away. Then that means best solution, in my opinion, is to better the machine the best we can and leave it open to be continually bettered.
Open source seems to be a very good solution from the point of view of fixing the machines themselves. Now I just found this web site (I am not just trying to bolster some other website either; I swear to you I do not spam, this website seems relevant and worth posting):
http://www.openvotingconsortium.org/
The Open Voting consortium. This seems like a very relevant and feasible solution from a hardware standpoint. No, this does not guarantee a perfect electronic voting machine. What this does do is guarantee a completely transparent and public voting machine. With this system everything is publicly verified and available for complete scrutiny and improvement. Diebold and many current local governments can't say that.
Money is one of the biggest driving forces in all things politics. Money is what keeps companies like Diebold fighting for dominance, and it's what keeps our government using a flawed system. Money can even cause such flaws, as all it takes is to pay someone with access to the voting cards to let you see them for a few minutes to hack the cards, as seen in the HBO special.
The way to get local governments to use new improved systems, has then most importantly, got to be money. The fact is Open Source is almost guaranteed to be cheaper than it's private counterpart. In fact many times the same old hardware can be used with the new software installed, that is if the new hardware isn't cheaper and more reliable anyway. That will be one of the biggest keystones to getting such a system pursued by any legislation.
Please note that this is just my opinion on a solution to this problem. This site has done a wonderful job at exposing such a devastating and wide reaching problem, but I think viable and progressive solutions must now be pushed for. It's not that I don't think other parts of the process are not faulty, such as cryptic policies and corrupt officials, and it's not that I don't agree with hand counting, but I also believe in the ideal of the machine. I believe that electronics were created to make life easier and to better society, as should be the true goal of any great invention.
In the most ideal of circumstances, electronic voting would be far faster, accurate, and easier, than any other method.
Of course it is not an ideal world, and that is why checks and balances must be put in place. I think with the proper checks and balances, these machines can do what they were intended to do, and improve our democracy in a way in which the founding fathers would have been proud.
Thank you
P.S. I look forward to your feedback, and your thoughts on this solution. |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 4
Registered: 11-2006
Best of Black Box? 
Votes: 6 (A keeper?) | | Posted on Sunday, November 5, 2006 - 1:49 am: |
|
Thoughts on open source:
My personal view of open source software is that it is not applicable to the elections industry.
Open source software is contributed to by many, many developers around the globe. Take Linux as an example. This alternative operating system has been contributed to (the source code) by thousands of individual developers around the globe.
Unfortunatley, not all developers are law abiding, and infact the term "Hacker" describes a person with the technical ability to Hack into a system as they know how and what to do, which is something that not everyone else can do.
If you introduced open source software to the elections indusrty, all this will serve to do is make the voting software more easy to attack, and manipulation.
If you open up your software for everyone to inspect, all this serves to do is to allow those technically minded people who are not law abiding, to scrutinise the source code at their leisure, and find ways in to the system, and see how it can be manipulated.
Also, open source software developed by the open source community is not developed to any kind of protocols or standards, and is also not supported by anyone.
There is just no control of the development process.
Election software currently has to be developed in line with FEC 2002 protocols. This means that every single line of code must be commented, it also has strict guide lines on size and length of modules etc etc.
I do not believe that the answer is open source. I believe the answer lies in a better and more strict certification process.
For example, certification labs are understaffed and under resourced, and have a limited scope where different development languages are concerned. They have a good understanding of Visual Basic as an example, but ask them to QA something like Java and Linux, which they have limited knowledge of, and its a very different story.
The whole problem still comes down to control of the software.
Even after the software is certified, (whether open source or not), hundreds of small changes are required to be made on a weekly and continual basis, as updates and small change requests from the counties using the software.
These changes should of course be submitted for certification as updates. Unfortunatley this does not always happen.
For an election vendor having a certified application means nothing !
Its all to do with the control and policing of the application after it has been certified.
Currently, it is far too lapse an industry. An election vendor can have a certified version of election software, then make as many changes to it as they want, deploy it to the counties machines and run an election on what is now un-tested and un-certified software.
How would the county even know ?
That is where the problem is !
Its all down to the election vendor who has complete control of the process at every stage, and the county just has to take their word for it.
Just because the rules say that the election vendor must submit any changes for re-certification (and pay lots of $s each time), it doesnt mean that they will, or do.
Their problem is the system also. If they were to submit for re-certification after making changes, then their software would be constantly in the process of being certified.
The process needs to be fixed, and the election vendors need to be controlled, rather than in control of the process.
With regards to open source being cheaper:
I do not believe for one second that the local government will spend one cent on open source in elections, for the above mentioned reasons, and also it has a lot to do with comfort, safety, and what they know, and are familiar with.
I have had many, many years experience of dealing with local government, and they always go with the comfort factor, believe me. No matter how you try and educate them.
They will always choose Microsoft over Linux, they will always choose Explorer over Mozilla etc etc, as they go for supported brand names that they can reference when it comes down to showing that they did their best due diligence when looking to make the purchase with the tax payers dollars.
Cheaper, doesnt always represent best value for money.
If I was on a Navy Sub paid for by the government, I want to know that it cost lots to build because they used all the best parts they could find....not simply the cheapest !
Please dont misunderstand, I am not a fan of Microsoft, and open source has its uses, but not where elections are concerned.
Brad |
Ray Imber
Voting Rights Forum Participant
Username: Rayman22201
Post Number: 2
Registered: 11-2006
Best of Black Box?
Votes: 3 (A keeper?) | | Posted on Sunday, November 5, 2006 - 2:12 pm: |
|
That was very enlightening. You are right, any legislature in their right mind are far more likely to go with reputed name brand software.
I do not completely agree with statement about "hackers" being able to freely look for exploits in the software. Since we are taking linux as an example, keep in mind that there are zero known viruses for linux, and thousands known for Microsoft software. Hackers often have more respect for the open source policy and frankly don't find any challenge to exploiting software that is open, so they don't. In fact these people often do all they can to help improve such software's security and stability.
But, that is beyond the point. The fact is, you are right, it would be very difficult if not impossible to get any local government to accept such a system. Proper regulation and certification may be the solution, at the very least the legislatures would be more willing put such a thing in action. Non the less I still hold out hope for open source |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 9
Registered: 11-2006
Best of Black Box?
Votes: 5 (A keeper?) | | Posted on Sunday, November 5, 2006 - 4:17 pm: |
|
Hi Ray
Please dont get me wrong, I am a fan of open source as it benefits the wider community in a general sense where everyday applications are concerned.
However, the dangers of open source for use in critical areas such as military, government and of course elections are evident to anyone who understands the process.
My point was not to play off Microsoft against Linux, but simply to point out that to open source election software is asking for trouble.
What do you suppose would happen if election software were publically available ?
The groups of interested parties would review the code and be happy. But then we have to consider who else would be scrutinising the source code.
If its open source, then everyone including China, the middle east, and enemies of the state will have access to it !
If its open source, then just by the definition, everyone has access to it......please dont be nieve enough to believe that the entire open source community is rightious. And in any case, remember, if its open source then its available to everyone on the planet, not just the open source community.
I disagree with your comments about hackers. What would be more of a challenge to a hacker? changing some SAT scores or effecting the outcome of an election ?
Also, Linux just like any other software does have bugs....On a personal note I think Linux is far more stable than Microsoft, however, with no support infrastructure for Linux it is not accurate to qoute that Linux has Zero known viruses as there is nobody to qualify, confirm or accuratley deny that statement.
I think what it comes down to is the huge difference between "open source" and "opening up your source"
"Open source" is giving access to everyone which is dangerous becuase there are good people and there are bad people, and once its out there everyone has access.
"opening up your source" is completely different as it can be controlled by giving access to people like at John Hopkins, Avi Rubin etc that are here to help the process rather than attack for the purpose of malicious intent.
open sourcing election software would be the end for democracy......election vendors opening up their source for scrutiny by trusted parties would be a good start.
Brad |
Ray Imber
Voting Rights Forum Participant
Username: Rayman22201
Post Number: 3
Registered: 11-2006
Best of Black Box? 
Votes: 2 (A keeper?) | | Posted on Sunday, November 5, 2006 - 4:52 pm: |
|
Point well taken. I agree and stand down. The reason we have national security in the first place is the protection of sensitive things like this. That is something I have to take into account above my ideals on open software. |
Travis Rogers
Voting Rights Forum Participant
Username: Soundg
Post Number: 3
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, November 5, 2006 - 7:54 pm: |
|
I think there is a misapplication of the term "open source" here. I would argue that an open source methodology is completely applicable to election systems. What I mean by this is it doesn't matter who develops the software as long as the code is open to anyone who wishes to see it. So any commercial vendor is free to develop the source code.
I personally think that source code visibility is only a small part of the issue. It should be a requirement that any vendor hand over the code being used in their system. Does anyone know if Diebold or any other vendors escrow their code with their contracts? I would be surprised if this were the case.
I don't want to get on a soap box here, so I'll end by saying that source code is only part of the implementation for an open (transparent) voting system. It's not a complete solution. |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 10
Registered: 11-2006
Best of Black Box?
Votes: 3 (A keeper?) | | Posted on Monday, November 6, 2006 - 1:41 am: |
|
Travis
Election vendors are required in most cases to lodge their code in escrow.
I say "in most cases" as the responsability is on the customer to make the request as part of the purchase conditions, which follows best practice due dilligence by local government.
Organisations like Ciber Labs who test code, also are able to act as the escrow code holder.
Although, here is presented a further issue....If election vendors are not keeping up with re-certifying their code after they make changes to it, then there is little hope of them sending the same change updates for the escrow agreement.
Travis, I think you are blurring the line between, open source and opening up the source here.
I agree that election vendors should open up their source for scrutiny by trusted parties, however if anyone can have the code then as already mentioned this means EVERYONE.
I truly believe that methodologies should be left to idealists, and matters like code release to realists.
Lets be totally honest here.
If the source code that controls your on line banking facility, or the source code that controls everything on an airplane, or a submarine was made open source, then by your methodology its available to everyone.
If its available to everyone that includes, criminals, terrorists, enemies of the nation !
Lets get real here....if you give access to source code to maliciuos people, then they will use it for malicious purposes.
The problem of code certification and scrutiny is actually massive and quite complex, and is at present useless.
Lets suppose that a vendor has a transparent open source voting application.
The code is certified, and anyone can inspect it.
Then what happens ? This is where control of the process brakes down !
Every time someone wants to inspect it, they get a copy of the code as certified.....Never mind that the vendor has had to make a dozen more changes to the software since certification, and that different code is out in the field on 20,000 voting machines running an election.....and who is gonna go check the software on 20,000 plus units out in the field ?
Whether its open source or not actually makes no difference to code inspection.
You can only ever inspect an instance of the code. And that instance will be the last certified version, as its near impossible to inspect everything out in the field.
Instabilities are introduced into the code AFTER initial certification, and its this area that needs to be policed.
Brad |
Travis Rogers
Voting Rights Forum Participant
Username: Soundg
Post Number: 4
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, November 6, 2006 - 7:29 am: |
|
Brad,
I agree with most of what you are saying. You can always limit access to the source code of a system, but in the end the source should be available for review upon say an "official" request from anyone. Obviously records of these requests could be kept and maybe even rules around how you see the code and where. The important thing is that you should be able to review it if requested. You have no option of doing this today. This is something that will hopefully be corrected in the future.
As far as code security, I think you paint a much more dire picture than necessary. After all we are talking about the code for voting and not code that handles your bank accounts or flies a plane. There are only so many ways you can record a vote right?
To me, there has to be the ability to verify the integrity of the system at any point or even on demand. This would entail the verification of any software that is executed on a voting device. This is essential to preventing the kind of hack in the HBO documentary. It's important to mention that the software and methods used to verify system integrity would need to remain protected, otherwise they could be rendered useless. I'm not saying secret here, just protected. This could be another way to bypass system integrity right? This would be for the experts to implement.
Another very important issue is physical access on a voting device. How can a person affect the device? Open or available ports or access to memory cards or even the ability to power the device off and on again. If these types of access/actions can't be prevented, then they definitely need to be logged in an audit trail that is "golden". In other words, an audit trail that is kept on the machine without easy physical access.
Unfortunately, the farther we dive into details, the more complex an automated system gets. Pencil and paper may be the simplest solution, but even then the votes have to be counted by someone.
As for software updates, there is a serious problem with having software certification as a requirement, but then not adhering to that. There should never be a case where a voting machine is running uncertified software. This is just irresponsible and opens the door to all kinds of issues. As for inspection being impossible in the field, this is a side effect of the current system and to me this is an issue that has to be corrected. Otherwise we might as well vote online right? So there has to be some system in place for certification in the field.
I've strayed a little from the topic, but I think these are valid discussion points that have been brought up. I'll end with one more opinion. I think it is important to have voting systems that are secure, reliable, transparent, and standard. The requirements for electronic voting systems are laid out in state and federal laws right? So it's up to vendors to provide the secure, reliable, and transparent portions. |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 18
Registered: 11-2006
Best of Black Box?
Votes: 3 (A keeper?) | | Posted on Monday, November 6, 2006 - 8:08 am: |
|
Travis
I believe limited access by authorised request is a good point, which is what I term "opening up your source"
The problem is that people tend to generalise without thinking of the consequences and definition of a suggestion.
If Ive heard it once, Ive heard it a thousand times "Make it open source"
If people stop to think about it, then I believe it would change to "open up your source"
I disagree with you about security....if it wasnt an issue, then whats all the hullaballoo about ?
The election software on the servers in election central during an election record the tabulation to the entire election within a jurisdiction.
The results come in over the phone lines in a lot of cases from the modems within the voting machine.
What do you suppose would happen if the election software was open source, and it got attacked over the phone lines from a hacker who had a copy of the open source source code ? remember, the hacker could be in any country in the world.
They can significantly change the course of democracy.
So i do disagree with you about the security of our vote. If it was worth fighting for, then its worth deffending at all costs in my view.
With regards to code review, remember, the code is already reviewed by an approved Lab for certification purposes.
After that is where the control is lost on what happens to the code.
Voting units can obviously be attacked manually as well as wirelessly by individuals.
I agree with you, the need for secure standards is where the fight is !
Yes, the standards are laid out. The current standard FEC 2002 says it all in my book....2002 !
Its now the end of 2006 !
Its up to legislation to get its ass into gear, and start locking down on these issues, and also to keep up with the times.
Technology moves so very fast, and is out of date the minute it is released !
The standards and legislation need to keep up.
Brad |
Dan Oetting
Frequent Voting Rights Forum Participant
Username: Dan_oetting
Post Number: 217
Registered: 07-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Monday, November 6, 2006 - 9:45 am: |
|
I'd like to first point out that these proprietary voting machines were hacked without access to the source code.
Over the years, before the invasion of technology, voting had been refined to solve the major problems. At the root of the old systems you can find a similar process: Private voting on paper dropped into a secure ballot box which is always in open view. Counting the votes at the precinct with a bipartisan board in view of the public. Posting the results of the precinct count at the precinct. Accumulating all the precinct results for the county and/or state and posting these for anyone to view. Totaling the votes for each race and posting the results of the election.
Where technology takes away from the above procedure it takes away from an open election.
When votes are entered on a black box and counted inside that black box with no immutable token that represents the votes of the people there is no way to know wether the result that is spit out represents the votes of the people or the will of the programmer. When the black boxes are collected and whisked off the be tallied by a secret program inside another black box there is no way to know wether the precinct votes were counted or a fiction was substituted instead.
If the process is open, we don't have to trust the machines. We don't have to fear criminals having inside knowledge of the hardware or software. We can trust the results of the election because every step can be independently verified. |
vk
Voting Rights Forum Participant
Username: Xvkx
Post Number: 1
Registered: 11-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Monday, November 6, 2006 - 10:11 am: |
|
Hi, I'm new here. I watched the documentary and mostly came to this site to see what all was going on. I was quite surprised to find this topic of open source systems being used brought up.
"If you introduced open source software to the elections indusrty, all this will serve to do is make the voting software more easy to attack, and manipulation."
Why hasn't this happened to Linux?
The factor that is missing here is that since it is open source, it has not only the bad guys trying their best to crack it, but the good guys as well trying their best to secure it. Whenever a vulnerability is found, it is not uncommon for a patch to be released within 24 hours.
"If you open up your software for everyone to inspect, all this serves to do is to allow those technically minded people who are not law abiding, to scrutinise the source code at their leisure, and find ways in to the system, and see how it can be manipulated."
Once again, you have just as many, if not more, people reviewing the code and ensuring that it cannot be compromised by an outsider.
"Also, open source software developed by the open source community is not developed to any kind of protocols or standards, and is also not supported by anyone."
It wouldn't be hard to set those protocols and standards, though. Just because they don't exist in open source software today doesn't mean that you can't set them at all in a new piece of software.
"For example, certification labs are understaffed and under resourced, and have a limited scope where different development languages are concerned. They have a good understanding of Visual Basic as an example, but ask them to QA something like Java and Linux, which they have limited knowledge of, and its a very different story."
Either way they're going to have to be re-educated, since Visual Basic is about to be officially dead according to the company that made it and replaced by a language that uses a lot of... Java. BTW, Linux is not a programming language.
This of course doesn't take care of election officials tampering with certified code, but it does at least take care of the certified code being more secure and out of the hands of a company with its own private interests.
"I do not believe for one second that the local government will spend one cent on open source in elections, for the above mentioned reasons, and also it has a lot to do with comfort, safety, and what they know, and are familiar with.
I have had many, many years experience of dealing with local government, and they always go with the comfort factor, believe me. No matter how you try and educate them.
They will always choose Microsoft over Linux, they will always choose Explorer over Mozilla etc etc, as they go for supported brand names that they can reference when it comes down to showing that they did their best due diligence when looking to make the purchase with the tax payers dollars.
Cheaper, doesnt always represent best value for money.
If I was on a Navy Sub paid for by the government, I want to know that it cost lots to build because they used all the best parts they could find....not simply the cheapest !"
The money factor is simply a bonus, and I agree, it should NOT be the determining factor in any case. However, were I in charge of that Navy Sub, I would also want to ensure that we didn't spend tons of money on a pile of crap. I will trust you when you say that government officials will always go for the comfort factor, but it doesn't help me trust our government any more.
As for reputed brand names - I guess RedHat, Novell, Oracle, IBM, etc. are not considered reputable. ;)
"Since we are taking linux as an example, keep in mind that there are zero known viruses for linux, and thousands known for Microsoft software. Hackers often have more respect for the open source policy and frankly don't find any challenge to exploiting software that is open, so they don't."
Woah, back up... yes, there is. There are actually a couple dozen Linux viruses, but none of them actually work. And crackers (hackers is not really the proper term to use here) have a *very* strong interest in Linux, as do some malicious companies that have poured tons of money into trying to crack it. Linux is a golden jewel - a good chunk of the world's servers are ran on it, and it's considered one of the most secure operating systems in the world. Both hobbyists AND paid individuals are doing their best to bring it down.
"If the source code that controls your on line banking facility, or the source code that controls everything on an airplane, or a submarine was made open source, then by your methodology its available to everyone."
Oddly enough, this is already true. A lot of banks and airplanes (I don't know about submarines) already use open source software. I'm waiting for that world disaster. ;)
In fact, some of the government *already* uses open source software.
http://www.microsoft-watch.com/content/operating_systems/homeland_security_switc hes_out_windows_for_linux.html?kc=MWRSS02129TX1K0000535
Now, I could care less if the systems were made open source or not, although I don't want to see open source shot down for reasons that are invalid any more than I want to see closed source code shot down for reasons that are invalid. I do however feel that the current software could learn quite a bit from Unix-like operating systems. Should the system have been a thin client user permissions based system, you would not have seen the memory card trick happening - at least not with so much ease. IMHO the systems should *not* have memory card slots to start with. That alone is a major security vulnerability. And had the master system itself had good user permissions set, you would not have seen them changing the vote count so easily, either. |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 23
Registered: 11-2006
Best of Black Box?
Votes: 4 (A keeper?) | | Posted on Monday, November 6, 2006 - 11:56 am: |
|
Dan
Software is but one of the issues of which there are too many to debate in one go.
I suppose the question realy is: Does the current technology have a place in elections all things considered ?
Technology has advanced so many other areas, but you have to be able to trust it.
At the moment that cannot be said for its use in elections as it stands today ? Who knows what the right answer is !?
Voting and democracy sure was a simpler deal before it, thats for sure.
One thing I do believe is that technology can be trusted in the proper hands....perhaps thats the answer ?
VK
"Once again, you have just as many, if not more, people reviewing the code and ensuring that it cannot be compromised by an outsider"
Q: On what statistics do you base this comment ?
"As for reputed brand names - I guess RedHat, Novell, Oracle, IBM, etc. are not considered reputable. ;)"
Q: who said anything about "reputed brands" ? I said "supported brand names that they can reference when it comes down to showing that they did their best due diligence when looking to make the purchase with the tax payers dollars"
"Oddly enough, this is already true. A lot of banks and airplanes (I don't know about submarines) already use open source software. I'm waiting for that world disaster. ;)"
VK: we were not discussing if a bank or airline "used" open source software, as its pretty common knowledge that lots of companies use open source "components". But rather that it is highly, highly unlikely for you to ever be able to download a banking system or aircraft control system software application because it had been made open source !!
Lets be realistic, as idealistic as open source is, and as fantastic as it is in lots of uses, you are never going to get a bank, an airline, the military, to make their critical software systems open source for every programmer on the planet to play around with.
Therin begs the question.....WHY ?
And I think its pretty obvious ! and its nothing to do with conspiracy or open source bashing !
Its just practical common sense.
With regards to elections, I believe that a good start is to make election vendors "open up their source" to trusted appointed expert departments for the purpose of scrutiny and transparency, and not to let any Tom, Dick or Harry have access to it.
VK, one last point: Why even let the bad guys get a look at the source code ?
Its much safer to be methodical and practical about it, and use common sense and discretion, rather than simply throwing caution to the wind and letting everyone have access to it.
After all, once its out there you cant get it back, and nobody is in control of the situation.
I am a huge fan of open source, and I think Linux is fantastic, stable and 500% more reliable than anything Microsoft will ever produce.....but you have to put aside personal preferences and let common sense take over.
Brad |
Travis Rogers
Voting Rights Forum Participant
Username: Soundg
Post Number: 5
Registered: 11-2006
Best of Black Box? 
Votes: 1 (A keeper?) | | Posted on Monday, November 6, 2006 - 2:12 pm: |
|
Dan,
Is it safe to assume that you would like to go back to a paper based system? I for one would be in favor of any system that supports the K.I.S.S. principle and is completely open.
When you say:
"I'd like to first point out that these proprietary voting machines were hacked without access to the source code."
Is this totally true? Didn't Bev stumble across the GEMS source along with other source code belonging to Diebold? Interestingly, there isn't any really meaningful source code in the forums from the Diebold ftp server, but this is beside the point. The fact that you could hack the system without the system being aware of it is amazing to me. I'm assuming in the hack on the documentary, the executable program on the memory card was actually replaced by a modified executable and the voting machine actually loads this executable and uses it to tally votes. Is this true? If so, it's unbelievable to me that the voting machine doesn't do some form of verification on the executable code before using it. Wow.
(Message edited by soundg on November 06, 2006) |
Dan Oetting
Frequent Voting Rights Forum Participant
Username: Dan_oetting
Post Number: 218
Registered: 07-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, November 6, 2006 - 3:53 pm: |
|
I'm in favor of using technology but we should never be forced to blindly trust the technology. For instance, I think that optical scanners in the precinct are a great aid. If done right they eliminate over-votes, help prevent under-votes, insure that there are no gray votes, can be equipped to prevent ballot stuffing and they provide immediate precinct tallies at the end of the night.
But the scanners are not perfect and may be hacked or miscalibrated so we should not be forced to accept the scanners output without verification. Paper ballots can be scanned with commercial off the shelf high speed optical scanners. There is already open source software that can process the image files to count the votes. Each party could run their own program to do their own counting. If they don't agree, there would be a hand count and the looser would pay for the costs.
Have you checked out the uconn study of the Diebold AccuVote OS? <http://voter.engr.uconn.edu/voter/reports_files/uconn-report-os.pdf>
The Uconn researchers say they didn't have any source code. And what they did didn't require source code or any other proprietary data. It's almost like the machine wanted to be hacked. |
Travis Rogers
Voting Rights Forum Participant
Username: Soundg
Post Number: 7
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Monday, November 6, 2006 - 4:02 pm: |
|
Thanks for sharing Dan. I had heard about this, but not seen the document.
Simply amazing. And how much are we tax payers paying for these systems? |
Ben Harrison Parks
Voting Rights Forum Participant
Username: Badbenski
Post Number: 2
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 8:24 am: |
|
Geeks! Pipe Down!
Two words; FORGET IT!
Using computers in the voting process ANYWHERE is a bad idea. You guys oughta know better!
Back in the hey day of Curtis Lemay's Strategic Air Command, responsible officers opened safes (later unlocked cabinets with loud claxons) to retrieve nuclear keys - codes -etc, while a couple of guys with .45 drawn stood over their shoulders. Nothing personal, just simple, out-there-where-everyone-could-see SECURITY.
These same guys might have beers together off duty but on the job it was all business. Guess what, we managed NOT to blow up the planet.
Likewise, after the citizenry makes their "X" on a piece of paper, we need to have a bunch of local geriatrics dump them out on big tables and count them. They'll be no shortage of volunteers to hold this process at gunpoint. Anything short of this of total foolishness and wide open to fraud.
Repeat after me; "When voting LOW TECH IS GOOD!" |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 43
Registered: 11-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 10:48 am: |
|
Who you callin a Geek, Red Neck ?
(Insult added for the purpose of making a point by the way !)
Ben, I dont actually believe this is the place for name calling.
Firstly Ben, are you aware of what century we live in ?
On that subject, Ben do you know what year it is ?
Technology in every area of life is simply inevitable.....Is it right for voting ?
I dont know the accurate answer to that...however, its here at the moment, and you have to work with whatever you have at the time.
At the moment its in.....so debate about how to improve, change or exclude it is healthy in my opinion.
Question: Is the whole US going to abandom electronic voting because Ben stood up, called some guys Geeks, and said FORGET IT !
I think NOT !
Debate, scrutiny, discussion on alternatives, working towards an acceptable solution, awareness....Thats how change is effected Ben
Not by throwing insults, offering nothing constructive, and then suggesting we hold counts at gunpoint....how very appropriate to my opening line of this post ! |
Daniel Frank McMullan
Voting Rights Forum Participant
Username: Seevotedan
Post Number: 86
Registered: 03-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 11:05 am: |
|
BEN AND BRADLEY ARE BOTH SILLY!!!!!
As long as the ballots are kept secret, mistrust of machine counting or paper hand-counting will always exist. You can't ever prove ballots are counted properly, cause you don't know the voter's intention. Chad or no chad; paper trail or not.
There is no logic in protecting someone else's ballot .. you can't prove to anyone you protected it .. except its voter!!!
The only one able to audit my vote ..is me.
If you expose the votes for public view.. then the machines become a tool of fair elections and not the tool of corruption.
So why are you complaining about something as silly as to machine or not to machine??
A new way of looking at democracy .. by publishing all votes for all to see. Real democracy.
Let the people see for themselves that corruption exists .. or not.
Why continue this FAITH-based election system???
The arguement should be in secret or exposed?
..not paper or machine
does anyone get what I am saying? |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 46
Registered: 11-2006
Best of Black Box? 
Votes: 3 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 11:40 am: |
|
Daniel
Im not sure I understand where you are coming from ?
If I understand you correctly you are advocating dismissing a persons constitutional right to vote in secret. (The secrecy of the ballot)
From my understanding its still against the law to tie the voter back to the vote.
Thats not Democracy Daniel....thats taking away an individuals rights and liberties.
I very much doubt anyone would want to loose the right to keep their vote secret ?
Agreed, something has to be done to change the present problem, but somehow I cant see public viewing of how everyone voted catching on.
I hope I misunderstood you ?
And by the way Daniel, since when did someones own personal opinions become SILLY ?....freedom of speech etc !
I happen to disagree with your statements above if I have understood them correctly, but I wont judge you on them because thay are your points of view, and I would very much like to understand them.
Brad |
Daniel Frank McMullan
Voting Rights Forum Participant
Username: Seevotedan
Post Number: 87
Registered: 03-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 11:54 am: |
|
Bradley,
of course anonymous voting is needed to ensure against coercion. where have you been?
There is no logic in protecting someone else's ballot (machine or paper).. you can't prove to anyone you protected it .. except its voter!!!
This is why you are both silly.
I am not judging your ability to use of the 1st admendment. I am judging your use of the 1st admendment. Why waste your free speech on folly.
The only one able to audit my vote ..is me.
I am not suggesting you give up your anonymous ballot. Are you making up words for me?
Can't we publish all votes and remain anonymous?
..don't jump to conclusions..
are you here to learn or to teach?
I hope both. |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 11
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 12:04 pm: |
|
Paper and Pen votes are easily audited by the voter. A reasonable system of ballot distribution (all parties watching), ballot box watching (all parties watching) and ballot counting (all parties watching) would prevent 90% of the fraud. Felon Voting lists being the other large chunk. Paper voting is simpler and quicker to vote with and personally verify. It is the perfect voting system.
People are very good at detecting fraud when it is happening nearby. Computers will never have a clue about this, no matter how well you create your system. This is a fundamental law of computer science.
I love Open Source Software. I've got projects on sourceforge.net. But computer vote counting can never work. Humans must get do the counting. No way exists around this. Sorry, but that's the facts. |
Travis Rogers
Voting Rights Forum Participant
Username: Soundg
Post Number: 11
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 12:22 pm: |
|
Ah, JT
A fellow Perl monk. You mean I can't write a "perfectly secure" system in Perl?
Blasphemy!! =)
Ok, maybe a "perfectly obfuscated" system... |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 48
Registered: 11-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 12:28 pm: |
|
Daniel
No need to be condescending.
Im here to learn and offer, share my experiences of 10 years at the sharp end of the industry.
Im open to debate any ideas that imrove where we are today with elections. And with an open objective mind.
I agree with you about the voter being the only trustworthy source of verifying their vote as things stand today.
That said, the reason I agree with you today, is because of the corrupt nature of the people controlling the voting methods.
I obviously misunderstood what you were suggesting Daniel.
However, its not quite so simple as you suggest.
Lets say that all ballots are made available for the public to view, and as you say, the only ballot you can verify is your own.
How would you know that the result had been counted in an accurate, non corrupt manner ?
Just because every individual can go view their own ballot, how does that solve anything ?
Quote "If you expose the votes for public view.. then the machines become a tool of fair elections and not the tool of corruption."
If the voter as an individual verifes their own ballot, and the machine counts, or anyone else counts for that matter, how exactly will that bring about a verified tally ?
Im genuinly eager to hear your theory about this Daniel, its interesting.
Brad |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 13
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 12:32 pm: |
|
Hey Travis!
As much as I wish Perl was "magic Turing pixie dust" that you could sprinkle over voting security, we have no such luck! *laugh*
I shake my head at all the foolish attempts at "open voting systems" because these people don't have an excuse for their ignorance. *laugh* What is even scarier to me is that these things run on Windows so that the TRUE security of the system is
Diebold Software Flaws TIMES Windows Flaws
We all know how weak that Windows link of the chain is!
Unfortunately Linux isn't even a step in the right direction, as Ken Thompson pointed out so long ago. The only step we can take is away from the machines. We can let them double check, they'll be a big help there. (either for proving the software is rigged or helping the humans fell confident in the count)
I hope I'm explaining this concept well enough. Any pointers would be appreciated. *smile* |
Daniel Frank McMullan
Voting Rights Forum Participant
Username: Seevotedan
Post Number: 89
Registered: 03-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 12:36 pm: |
|
paper and pen are not easily audited.
After the voter leaves, you can never audit that ballot.
90% of fraud is not 100% of fraud
only I can audit my ballot.
How can a poll-worker verify my ballot?
really now? |
Daniel Frank McMullan
Voting Rights Forum Participant
Username: Seevotedan
Post Number: 90
Registered: 03-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 12:41 pm: |
|
Hey Bradley,
sorry to be frustrated..
glad you are taking the time to debate!! |
Daniel Frank McMullan
Voting Rights Forum Participant
Username: Seevotedan
Post Number: 91
Registered: 03-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 12:45 pm: |
|
open souce means you have to TRUST someone different . I want a system where I only have to trust myself.. and trust everyone else is doing the same.
the best explaination I have seen:
Here is what Dylan Hirsch-Shell wrote abote seeVote:
First, let us identify what it is that we want in an election.
As far as I can tell, the three crucial aspects that have been identified by the members of BBV as necessary for a successful democratic election are: 1) Accuracy of the results, 2) Trust in the results and 3) Anonymity. Obviously, if you have neither Accuracy nor Trust, then the election is worthless and all involved will recognize it as such. Dangerously, if you have Trust without Accuracy, then you still have a worthless election but no one will recognize that fact. Meanwhile, not having Anonymity leaves open the possibility of serious coercion. Amazingly, the seeVote system has been devised in such a way that achieving each of these goals actually serves to reinforce the other two. Let me explain:
The seeVote system has been specifically designed to address the three fundamental concerns -- Accuracy, Trust and Anonymity -- in a very logical fashion that remains abstract enough that it renders all details of the actual election procedures irrelevant.
At the heart of the system is the idea of having two separate ballot boxes. The first is what we might call a "Traditional" ballot box, which is virtually identical to what we have in American elections today. The ballots in this ballot box are inserted during the election by the voters and remained locked in there until they are to be counted. The ballots are anonymous because there are no distinguishing marks on them other than to identify a preference for a particular candidate. Elections officials can count up the number of votes for each candidate, as well as verify that the overall number of votes cast matches the number of voters whose names were marked in the poll books.
The second ballot box is what we might call the "SeeVote" ballot box. Like the Traditional ballot box, voters insert their ballots into the SeeVote ballot box during the election, and it remains locked until the votes are to be counted. Voters complete both ballots at the same time and verify that they indicate identical preferences before dropping them in their respective ballot boxes. Unlike with the Traditional ballot box, however, the ballots that go into the SeeVote box have a randomly assigned ID number. Furthermore, at the time of voting a receipt is also generated. This receipt indicates the voter's preferences and has the same ID as the SeeVote ballot that the voter dropped into the SeeVote ballot box.
As stated before, the votes that are cast in the Traditional ballot box are tallied by Elections officials. Meanwhile, the votes cast in the SeeVote ballot box are also tallied – most likely by machine because the results are going to be entered into a database of ALL of the votes AND ALL of the corresponding ID numbers. This database is displayed publicly for anybody to see on the Internet and in print at public libraries, county clerk's offices, etc.
With this deceptively simple arrangement, we have nearly completely covered the three concerns of Accuracy, Trust and Anonymity. The counts from the Traditional and the SeeVote ballot boxes are compared. If they do not match, then there was either an error in the counting or there was fraud. If they do match, then either they are both correct (Accuracy), or they are both incorrect by exactly the same vote counts. In order to distinguish between these two possibilities, we turn to the voters themselves.
Each voter, being concerned with the Accuracy of the election and possibly not having Trust in the results as they are reported, may have the opportunity to check his individual vote as well as the overall count by checking the public list of all votes cast. Since every vote is listed publicly, all at once, anyone can count up the votes for himself and verify that the reported results match up. And there is no possibility of someone finding out how an individual voter actually voted because the voter does not need to reveal which ID is on his receipt before looking at the list. If a voter checks his ballot and it was counted correctly, then he can at least Trust that his own vote was safely accounted for, and if he assumes that enough other voters have also verified their vote in the same manner, then he can Trust in the Accuracy of the overall vote -- all while remaining Anonymous.
If, instead, a voter finds that his vote was incorrectly tallied, he can anonymously request for the ballots (one in the Traditional ballot box and one in the SeeVote ballot box) with his ID number to be re-verified. Remember that the two ballots will most likely be identical if the tallies from both ballot boxes were identical. However, it is still possible that exactly the same numbers of votes were switched, inadvertantly or otherwise, in opposite ways, such that the overall tallies are the same in each ballot box but there are still differences between individual pairs of ballots. In any event, any discrepancy between the ballots will be revealed at this time. If both ballots match each other and match the receipt, but the entry in the database was incorrect, then a correction can be made. If both ballots match each other but do not match the receipt, then no correction is made. If the voter who made the initial report still maintains that their vote was incorrect then they can lodge a formal request for a re-vote on grounds of fraud. With enough re-vote requests, the election will be called into question and it must be held again.
We’re almost done, but there’s still the problem of possible coercion through forcing a voter to show his voting receipt. That’s where the idea of Decoy [Receipts] comes in! If a voter is worried about coercion, then he has the option of [printing] out Decoy [Receipts] at the time of the election. The decoy receipts will look identical to their real [receipt].
There is no way for anybody to know exactly which [receipts] are decoys and which are real, except for the person who actually cast the ballots. Nobody needs to know but him anyway, because the public at large only cares about the final tallies for each candidate. Thus, we simultaneously have a way for internal consistency checks for the overall vote counts, while maintaining anonymity and providing a means for each voter to satisfactorily verify his vote!! |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 49
Registered: 11-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 12:51 pm: |
|
No Problem Daniel
So how about completing the theory for me ?
The voter verifies their own ballot......Then what ?
How is it counted ?
How is the tally of votes proven to be correct ?
Dont leave me hangin now, Im interested here !
Brad |
Daniel Frank McMullan
Voting Rights Forum Participant
Username: Seevotedan
Post Number: 92
Registered: 03-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 12:53 pm: |
|
guarding machines or people counting paper still comes down to trusting someone (or a group of strangers).
my anonymous ballot can only be verified by me ..as it is being counted.
why not use a system that guarentees your vote is counted and counted properly? |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 15
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 12:58 pm: |
|
I responded in the why computers cannot count the vote thread. But I'll summarize here in case people don’t read it. It is a completely horrible idea because it falls prey to the following hack. RNC guy says he wants to buy your Bush Vote. You tell him, "sure for $50". He says "How will I know." And you'll reply "I'll vote for this specific and very improbable combination of candidates. When you see it, you can pay me." Ballots are very large and thus there is a very low chance that someone else will choose the strange, improbable combinations that you set forth. Or someone could FORCE you to vote like that.
That idea thoroughly enough destroyed for you? |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 50
Registered: 11-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 1:08 pm: |
|
Daniel
Dylans ideas are pretty good, have lots of merit and are ideas to build from.
Sadly the whole process is practically and fundamentally flawed !
In the event of discrepency between the two counts or the two tallies from each ballot box, Dylans answer is to turn to the voters to re verify.
Quote "Each voter, being concerned with the Accuracy of the election and possibly not having Trust in the results as they are reported, may have the opportunity to check his individual vote as well as the overall count by checking the public list of all votes cast"
Since this would require 100% of the voters to re verify their votes, the solution is flawed.
We dont get 100% turnout to elections, so its not practical to assume that we could get 100% of voters to re verify their ballots.
Even if as many as 75% of voters turned up to re verify their votes, we dont run our democracy on a 75% accuracy of an election.....nothing short of 100% is acceptable....
Good ideas, but sadly flawed.
Brad |
Daniel Frank McMullan
Voting Rights Forum Participant
Username: Seevotedan
Post Number: 95
Registered: 03-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 1:13 pm: |
|
jt, slow down .. lets talk ..
you are guessing as to how this wont work .. how about asking question to see how it does work!!
your thug thread is answered over there.. but as you insist:
JT,
your "thug" example illustrates why mail-in ballots of Oregon and Colorado (both use ID systems) are dangerous!
seeVote is different in that you can print a decoy reciept of existing ballots.
As far as unique voting patterns .. the amount of races per election has to be limited.. which is worth a monitored corruption-free election.
what is your point?
Condeming an idea before you understand it is a waste of everyone's time. Does that make sense?
the "thug" can not know if the receipt you show them is your receipt or someone else's.
Since the thug knows this is how it works.. the thug is not going to gain anything by your ability to produce a receipt.
Does this help you learn what seeVote is about?
I know it is alot to think about... we need a solution.. and you could help bring this to the attention of more people
any more questions? I have answers!
Be nice, dont shoot this down .. lets talk about it!!
As for JT I respond to your "paper and pen counting in secrecy solution" in the other thread too. |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 17
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 1:15 pm: |
|
I'm sorry Bradley, but I don't see any reason to say we have anything to build off of the idea of an individually published ballot.
This is a real problem and we must apply great critical thought to it to come up with the correct answer. The entire "open source voting" movement is indicative of this. Even smart people can get things totally wrong and I don't know much about this Dylans. The real key to smarts is to start fresh after you have been proven wrong.
Critical thought should serve as the foundation of our voting system. I hope we will see more of this in the future. |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 51
Registered: 11-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 1:15 pm: |
|
Daniel
Yeah, I get the bit about you verifying your own ballot......but we still havent completed the process or got any further ?
What next after you verify your ballot ?
"why not use a system that guarentees your vote is counted and counted properly?"
Thats a bit general Daniel !
What system ?
How are the ballots counted ?
What counts the ballots ?
Who counts the ballots ?
How do we end up with a verified result ?
Brad |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 52
Registered: 11-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 1:18 pm: |
|
JT
I was trying to be polite
I think my critic of the flawed thinking trashes the solution from its core, but I didnt see the need to stomp on the guy.
Brad |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 18
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 1:21 pm: |
|
seeVote is different in that you can print a decoy reciept of existing ballots.
No. I show why this is not the case in the other thread. The Decoy ballots are useless.
As far as unique voting patterns .. the amount of races per election has to be limited.. which is worth a monitored corruption-free election.
You would be surprised at how small the number of candidates has to be for people to pass information. You don't understand the science.
Condemning an idea before you understand it is a waste of everyone's time. Does that make sense?
It doesn't take anything to understand this is a bad idea. It has several, obvious, unfixable, glaring flaws. These flaws come from the PREMISE of the system, namely a public voting list tied to ballot ids. I have shown how ballot receipts can never help.
I don't know what else you want me to say. It as the scientific phrase goes "is not even wrong." |
Daniel Frank McMullan
Voting Rights Forum Participant
Username: Seevotedan
Post Number: 97
Registered: 03-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 1:44 pm: |
|
hey, you wont hurt my feelings.. you obviously dont understand seeVote.. Im willing to answer questions.
let me address Bradley's questions:
ballots are counted by two differnet groups of people .. but the 2nd group really gets verified by a percentage of the voters!!
A percentage, btw, is all that is needed, since corruption need not know who will verify and who will not.. but seeVote asks that voting is not voting until your verify.. as a duty rto vote.. is the duty to verify...
seeVote counts on human nature dictating that one's need to vote is as strong as to verify.. why vote is you won't verify.
either way a percentage of verifiers will determine corruption.
Who counts the ballots?
the same people who counts them now.
In addition.. so it cant hurt.. a second pile is counted by another group of people (did you read Dylan's text above?).. which is verified by voters.. the voters see ALL the votes at the same time .. so no one can tell which ballot the are verifying... and the voter either sees their ballot or not. The voter can count all the votes in their precinct. If everyone is happy we have a fair election.
If some people are bent out of shape ..screaming bloody foul.. then, and if there is enough of them, to over turn the results .. then time for a revolt... or a revolution..
did I answer your question?
I have a question for you:
With paper and pen only (the stray line is the sort of PARTY COMMUNICATION I think JT is lost on), how can I be sure my ballot is counted properly? ..and I mean proof.. not cause someone said.
now you start to look beyond old concept of democracy .. democracy IS counting your own ballot!! and trusting the masses to do the same...
what are you saying .. you don't belive democracy is good for democracy?
sheessh.. |
Daniel Frank McMullan
Voting Rights Forum Participant
Username: Seevotedan
Post Number: 99
Registered: 03-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 1:52 pm: |
|
Jt,
stop telling me I dont understand the science.
you dont know the seeVote idea to know what science you need to talk about, you half-wit.
yes, jt
ONE race per ballot
can you tell us how smart you are about the science of one race per ballot?
JT, speaking over us does not help anyone. |
Daniel Frank McMullan
Voting Rights Forum Participant
Username: Seevotedan
Post Number: 100
Registered: 03-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 1:55 pm: |
|
"I have shown how ballot receipts can never help"
we need more stuffed shirts like you. |
Daniel Frank McMullan
Frequent Voting Rights Forum Participant
Username: Seevotedan
Post Number: 101
Registered: 03-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 1:59 pm: |
|
Jt,
Now that you have been schooled on seeVote.
Care to explain how your "thug" theroy still holds up?
lol
maybe you will be a bit nicer. Asking is always nicer than letting ego get in the way of learning. |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 21
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 2:12 pm: |
|
yes, jt
ONE race per ballot
Care to explain how your "thug" theroy still holds up?
Um. So they have to take 30 pieces of paper home if they have 30 things to vote on? If they want duplicates they need 60? Besides the impracticality of that system, which goes without saying, you still have been left with a receipt problem.
The receipt problem is not changed by reducing the system to one ballot per race. Indeed, it makes the idea of Coercion more prevalent. This is because they will want to verify that you didn't turn in other people's "receipts", to do this they need to get more receipts via Coercion and internetworking. If you have been found to not vote properly due to duplicate receipts, they can punish you. (or not pay you depending on the situation)
And ultimately, you are left with as much paperwork and hassle for something much like individual paper ballots for each race. Except you throw out anonymity. You have added nothing. Does this help explain things a bit more? |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 53
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 2:23 pm: |
|
Daniel
Im sorry, but its just not gonna fly !
Its flawed from its core. There can be NO single point of failure with a voting system.
Seevote has many single points of failure.
Im sorry but it just doesnt stand up to scrutiny, in any way shape or form.
Plus, any system that relies on 100% of people who voted to come back to re verify is so obsurd its untrue, not to mention unrealistic, and just not practical or viable !
Quote "why vote is you won't verify".
That is in my opinion a weak statement !
Why register to vote and then not turn up to vote ?
Come on Daniel, be realistic !
As mentioned, we dont get 100% turnout to vote....whats the average ? 56% ?
No way are we gonna get 100% of people to re verify....you have to remember Daniel, just because we are pasionate about this, dont mean that everyone is !
Lots of people who vote, couldnt give a toss !
Example: when VVPT was first being trialed, there was a study done on the voters that used the DRE with VVPT...the results were alarming that some 28% of voters polled, never even bothered to read the VVPT.
I think its very nieve to think that seevote will ever get off the drawing board.
You obviously have some affiliation and agenda where seevote is concerned, and are not being objective or open minded about the idea.
No voting system will ever, ever, ever see the light of day with failure points in the process..Its that simple Daniel....any system that requires the voter to do anything apart from VOTE ! will not work.
Any system that requires or in this case relies upon 100% of voters to come back and re verify will be laughed at by academics and just frowned upon by people who truly understand what is required of a voting system.
In actual fact, the more I think about it, the more of a joke it realy is....Im sorry to be brutal, but I have designed and implemented half a dozen electronic voing systems, and many, many democracy related products, and I can only speak from experience and knowledge of the requirements
I dont want to get too deep on this, but just to give you a bit of an understanding of what it takes to design a voting system, you have to be able to offer the same process and experience / equal and fair opportunity to all voters
What this means is: How would the blind operate the seevote system?
How would it cater for ADA complience ? etc etc etc !
Any system that brakes down and cant be verified unless 100% of voters turn out again to re verify their votes is a complete and utter waste of time even contemplating
Brad |
Matt R. Jezorek
Voting Rights Forum Participant
Username: Mattjez
Post Number: 2
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 2:33 pm: |
|
There is ways to make open source or "public source" work. By the way most open source projects do not give just anyone write access to the source code, they give the option to provide a patch which can then be reviewed and put into the source if it meets all requirements.
The way I see it is this
The software is put on a cd (read only) its executed from the read only area. It has a md5 hash which it checks when it starts up as being true and valid from a undisclosed (to the public) server. if its correct it immediatly resets its counters to 0 0 does not just report it does a reset that way the counters can be set to 5 and -5 respectfully. When it does the reset they will both be set to 0 0.
Every 200/300/insert number here votes it reverifies its chksum if it passes it sends the vote database to a central server the central server ONLY accessible by the board of elections no public access to that machine till after the count. (the tabulator also runs a chksum of itself and validates itself) . The machine then resets again. Now if there is a decrepency the voting maching stops accepting votes and invalidates the few votes it has in memory now we lose 1 - 300 votes possibly but we dont just assume the whole machine is good like we do now.
After tabulation the machines once again check cksums and will report retrieve votes from the central server for that machine print the good chksum from the vendor server the current chksum and the vote counts for validation.
I can go on and on but its software design. This is just off the top of my head I am sure somethings can be done better. I am laying it all out as a developer to see what can/cant be done. |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 54
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 2:38 pm: |
|
JT
I think the seevote experience has now been done to death !
This string is about open source as a solution.
Whats your view of open source in a voting application ?
Are you in the elections industry by the way ?
Sorry to cut the conversation on seevote, but its a badly thought out bullshit idea, full of points of failure that relies on blind faith of 100% of voters to come back and verify their votes...Its a lemon !
Can we get back to open source in election software please ?
Your thoughts JT ?
Brad |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 24
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 2:40 pm: |
|
I can go on and on but its software design. This is just off the top of my head I am sure somethings can be done better. I am laying it all out as a developer to see what can/cant be done.
Then why do such a poor job at it? Why suggest a solution that we know cannot work, in any way, forever? Of course, hand voting software with some open source computer back up count makes the most sense. But we NEED to understand that we cannot trust the computer result. Paper has to come first. You should understand that even the best open source software with MD5 hashes and all have fallen victim to attacks, including code injection attacks.
You SHOULD understand this.
Your "checksum" program can be hijacked either at the polling station sending data to the server or more likely the main server itself.
WHY do you propose an idea that cannot work? You should know better. You expertise in computers ends up misleading people with less expertise even though your conclusions are provably wrong. Free Software isn't some sort of "magic pixie dust." I expect better of computer professionals. |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 55
Registered: 11-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 2:54 pm: |
|
Matt
This is a bit of a poor attempt !
Not to mention the process will not fit with election protocol, and you cant disenfranchise voters by stop start reset.
Also a great many polling locations cant "connect to a central server" if they could, non geographic voting wouldnt be an issue.
Golden rule Matt....you can Never, Never, Never stop accepting votes !
Designing a voting system is not just technology and security as most analist programmers believe...you have to have an in depth knowledge of what happens start to finish in an election also !
This is why there are so many bullshit voting system ideas around, and all of them are looking to get funded....they are "still" looking to get funded because they are bullshit !
Brad |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 26
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 3:12 pm: |
|
I think the seevote experience has now been done to death !
Agreed.
Whats your view of open source in a voting application ?
It is a good idea for the double checking of human vote tallying.
It really doesn't require much trust in the system because we should believe mostly the human count and only in extraordinary circumstances should the computer count matter. And if it shows irregularity, then a full hand recount must be performed anyway, under at least 5 times the scrutiny as the initial count. (ie if you require 12 people initially to count you should require at least 60 people in the recount, including law enforcement.)
Are you in the elections industry by the way? Nope. I'm just someone with a good knowledge of computer theory and security.
Can we get back to open source in election software please ?
Agreed.
I think any voting system with computers doing the primary counting, even open source, is as foolish as SeeVote. *laugh* You can never prove that someone didn't load a "rogue program" into your software. Given that you cannot prove this, ever, then we must logically conclude that we cannot trust any voting software.
Do you see a flaw in that argument? Because I do not. |
Matt R. Jezorek
Voting Rights Forum Participant
Username: Mattjez
Post Number: 3
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 3:15 pm: |
|
So your saying that fraud is found it should keep accepting votes? That would be the only time that would stop if fraud is found nothing more nothing less.
But I digress like I said this was about a 5 minute thought but has not played out in my head completly.
My thoughts was only to find "modified" programs that do the count.
A stop start reset is mater of milliseconds on any hardware your not even talking about a visible process to the user. The user would never know it happened.
Message Queuing, not a new tech, the application never speaks to the actuall tabulation it speaks to the message que which passes messages, when it does its reset the message que does not get Next() message it just pauses. That does not mean the actual voter see's any of that. |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 28
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 3:44 pm: |
|
So your saying that fraud is found it should keep accepting votes? That would be the only time that would stop if fraud is found nothing more nothing less.
You cannot find all fraud. You cannot find ANY cleverly coded fraud.
Message Queuing, not a new tech, the application never speaks to the actuall tabulation it speaks to the message que which passes messages,
You have to trust the OS to not corrupt the Messages. You cannot trust the OS. Therefore, Message Queuing does nothing to help with vote fraud. |
Kathleen Wynne
Voting Rights Forum Participant
Username: Wynnek
Post Number: 16
Registered: 10-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 4:00 pm: |
|
Jt,
I really appreciate the arguments you are making re the wisdom of hand counts vs. machine counts from a technical person's point of view.
The problem with any technical discussion on this subject, is that it gives those with a technical background an unfair advantage over us non-technical people. This unfair advantage makes a fair and balanced argument next to impossible and that's not the purpose of these forums.
Thanks for giving them the balance they deserve.
Kathleen |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 58
Registered: 11-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 4:06 pm: |
|
JT
I am a bit of a realist when it comes down to it....I too believe that you cant beat a good old manual hand count.
Problem is, I have been at the sharp end of the International elctions industry for the last 10 years, and like it or not on a personal basis, e-voting of one form or another is implemented in a big way.
Therefore, as mentioned being a realsist, we have to find ways to firstly cope and deal with the present problems and all related matters that sorts out the implemented mess, at the same time as trying to come up with a solution to put things right.
The problem with e-voting from my perspective, is that once technology was introduced to the process of voting it created a massive problem.
Previously all election vendors had been concentrating their business and education on manual, and mechanical methods of voting.
SUDDENLY....theres this new requirement for technology which they knew nothing about or had any understaning of.
This created a marketplace full of ill thought out unstable applictions and devices that were put together in a rushed effort to beat each other to market.
The industry is pretty closed with a high price to entry, and is controlled by a bunch of old has beens in the elections industry.
Most of the vendors decision makers are dinosours of the elections industry.
I know some of them.....and it would surprise most people to know some of the things that go on, and also the lack of knowledge within these companies about technology.
I know a CEO of a well known voting company, that makes all decisions about technology. The guy cant even operate sending or recieving email ! His secretary has to take dictation from him to send an email from him !
The whole technology thing in elections is far too young to be safe. But the problem is in realistic terms....what do we do to change the situation ?
Its not realsistic for us to believe that the government will just just wipe its mouth and wave goodbye to billions of dollars of tax payers money its spent on electronic voting devices over night.
There must logically be a fix or "patch" that we can come up with as a temp measure to whats already bought, paid for, and in use today, whilst striving for a better solution.
I dont perport to have all the answers, but on the subject of open source in elections applications, I dont actually believe that true open source is the answer. I suggest that opening up the source code for scrutiny by trusted and newly appointed bodies is a good start.
As a scientist, Im sure you can see that if you take true open source methodology and make the source code available to everyone, this might not be the best approach as it gives advantage to people looking to scrutinise and extort vulnerabilities where ordinarily they would not have access.
Half the problem in the US is that people dont understand what open source actually means....so many people on this web site are saying open source RA RA RA ! without actually understanding what that means in a practical sense...what they should be saying in my view as a starting block is "open up your source for scrutiny"
By the way, if your not in the elections industry, where did you get your elections process and protocol education ??
Brad |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 29
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 4:12 pm: |
|
Thanks for giving them the balance they deserve.
No problem. I assume we are just trying to work out the best solution to this problem. I'm just here to say that Computer Science itself says "Do it on paper."
I really would like it if even you "non-technical" people would try to fully understand the argument. I believe it to be in the grasp of any normal human.
If we have our election officials create ANY system that works like a "Fraud_Finder", or "Voter_Verify" we can make a Brand New Hacking Program that says
If Fraud_Finder finds me, do not change votes. If Fraud_Finder does NOT find me, change the votes.
So our software has 2 modes.
Hide Mode : Hide when Fraud Finder finds us.
Vote Change Mode: If Fraud Finder misses us, change the vote.
Is that easier to see? You can ALWAYS create that piece of software if you have Fraud Finder. Hence a "perfect Fraud Finder" must be a contradiction in terms.
It isn't even that technical of an argument. *grin* It just requires basic logic. |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 59
Registered: 11-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 4:22 pm: |
|
Matt
Listen, you cant prototype a design for an elections system on the back of a cigarette packet !
Snippets of ideas and 5 minutes of thought process will not result in much debate at all about if it has merit, or is trash.
Im not being unkind, but please do yourself a huge favor, cos your not gonna solve it in 5 minutes, go away and realy think through your ideas and the process....put together a paper and publish it in a forum on this site.
I can 100% guarantee that you will get good engagement and assistance, if you put the work in.
Stating that this is off the top of your head...and its only 5 minutes worth of thought...combined with clearly not understanding elections or what is even required of a voting system will not result in anything positive.
You might like to research the FEC 2002 standards which defines the perameters of current standards for coding etc for voting application software, prior to going into overdrive on the idea front in relation to development methodology, security and protocol.
It realy is a good place to start Matt. As a developer, you would be completely wasting your time even giving this subject brain time without knowing these items inside out.
Brad |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 30
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 4:28 pm: |
|
Problem is, I have been at the sharp end of the International elctions industry for the last 10 years, and like it or not on a personal basis, e-voting of one form or another is implemented in a big way.
Then voting is finished.
Its not realsistic for us to believe that the government will just just wipe its mouth and wave goodbye to billions of dollars of tax payers money its spent on electronic voting devices over night.
I believe it to be exactly this mentality that got us here in the first place. If the government was spending billions of dollars on a Mystic Psychic Doctor instead of Medicare, and we could prove that the Mystic Psychic Doctor couldn't heal anyone, does that mean that we should keep investing in the Mystic Psychic Doctor because of our previous Billion dollar investments with the Mystic Psychic Doctor? When do we start back up Medicare? Is Mystic Psychic Doctor WITH dental insurance better?
You do see this argument correct? I don't have to point it out? Let me know if you want me to go further.
I know a great thing to do with these voting machines. Send one to every high school in the country and give the first kid in each school to crack it $100 dollars. Then we will have a generation of citizens that KNOWS the truth and can never be fooled. Heck, I'd say the whole Diebold investment would be worth it in that case! *laugh*
There must logically be a fix or "patch" that we can come up with as a temp measure to whats already bought, paid for, and in use today, whilst striving for a better solution.
Actually logic says the exact opposite thing. That's my point. That's why this is such an easy one to win. It HAS ALMOST NOTHING to do with computers. You make a simple argument about how computers are inherently unsafe. You prove it with logic. The dumbfounded election person HAS to agree because you have forced them to understand it. Once they do that, they can never get up in court and say "I had no idea that this software could be hacked." Because you have already proven it to them.
By the way, if your not in the elections industry, where did you get your elections process and protocol education ??
Game theory... and books... lots of books...
But the problem is in realistic terms....what do we do to change the situation ?
Prove the point so well that we can send someone to jail for pretending to not understand the argument. That typically gets their attention.... and tends to make them sing. |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 60
Registered: 11-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 4:36 pm: |
|
JT
I hear ya !
But its a little unrealistic to assume that government will wipe out billions of "ALREADY SPENT" dollars "OVERNIGHT" !
I am not saying have them spend further billions
Im just being realsitic, that whatever the end solution is....its gonna take time either way, and what do we do in the short term, right now, today ?
elections are going on all the time ! Today !
Brad |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 31
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 4:48 pm: |
|
Im just being realsitic, that whatever the end solution is....its gonna take time either way, and what do we do in the short term, right now, today ?
I disagree. You are participating in a system that you logically know can never be even remotely secure. If you directly deal in the elections industry I would worry very much that average people may be smart enough to understand this. And when they DO understand this, they will turn on the "technical experts" who will be forced to say "Yes, we knew that we could never create perfectly secure voting software, but we did it anyway."
So if you want to be realistic, wake up to that reality. This isn't a game. There is NO way to make the computer voting work. Someone should file a lawsuit claiming that there is no possible way to prove anything about the election results now due to computer voting. You could get the worlds greatest computer scientists up on the stand showing, in simple language, how this is true. The 12 people who's hear that argument won't feel very kindly to anyone who certified anything.
You could file it for every election county that used any computer software at all, which is to say almost all of them. You probably could win all of your cases, as the situation is so completely cut and dry. No one wants to take that step. And no one wants to throw away the machines. This is utter madness.
Just because we used the machines last election doesn't mean we need to use them in this one. How about our government trying humility out for a change and saying "We were wrong, provably wrong, about electronic voting." ? Otherwise, you have done nothing. No amount of "fixing" can cure this. You KNOW it is a law of the computation. You cannot get around it. |
Kathleen Wynne
Voting Rights Forum Participant
Username: Wynnek
Post Number: 17
Registered: 10-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 4:53 pm: |
|
Jt,
I fully understand the arguments you are making, I just don't have command of the techno-speak necessary to be considered knowledgeable, much less relevant, on the subject by those advocating technical solutions. And it is because of this, such non-technical arguments are simply dismissed out of hand.
I've used basic logic and came to the conclusion years ago that trust has no place in elections. It's because of the technical phobia geeks inherently possess, that they continue to complicate and obscure this kind of logic in favor of their more complicated technical approach to voting. As you say, this is a result of their can do attitude, despite the impossibility of success.
Also, please keep in mind that for the last 15-20 years, citizens have willingly handed over the oversight of our election process to computer scientists. As a result, they have been summarily left out of the decisionmaking process altogether as to whether to use these machines or not. That attitude has evolved into a mindset throughout the scientific community that translates into they can no longer afford to leave something as important as elections up to the American people. That's what happens when the people no longer oversee and manage their own elections. Only recently, thanks to the work of BBV, other groups and citizens throughout the country, the American people are finally waking up to this reality and are rightfully demanding to be in charge of their own elections again.
As this ongoing discussion shows, it's not going to be easy for the computer scientists and geeks to accept this change of heart.
Kathleen
(Message edited by wynnek on November 07, 2006) |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 32
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 5:24 pm: |
|
I fully understand the arguments you are making, I just don't have command of the techno-speak necessary to be considered knowledgeable, much less relevant, on the subject by those advocating technical solutions. And it is because of this, our arguments are simply dismissed out of hand.
But you don’t need techno speak. Find your own way of making the point. The great thing about this type of argument that you just need a brain to apply it. You don't need any jargon other than "a program" and "if". A junior-high student can follow the argument.
Nestle up close to the loving arms of Logic and Truth. Say things that you can prove and that you can show to others easily.
If someone asks "What do you think about electronic voting?" You can say "I know that computers can never be perfectly secure voting systems because Computer Scientists have proven this." If they say "really?" You can say, "Yes, they have a very clever argument that I have learned from them. Would you like to hear it?" You see where I’m going with this. |
Kathleen Wynne
Voting Rights Forum Participant
Username: Wynnek
Post Number: 18
Registered: 10-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 5:27 pm: |
|
Jt,
But you don’t need techno speak. Find your own way of making the point. The great thing about this type of argument that you just need a brain to apply it. You don't need any jargon other than "a program" and "if". A junior-high student can follow the argument.
I've done just that in numerous other posts, over a long period of time, prior to your arriving at the BBV site.
The problem isn't me, the problem is the tecno guys who won't listen to reason.
If I'm not mistaken, aren't you having the same problem yourself with the techies in this discussion?
Kathleen
(Message edited by wynnek on November 07, 2006) |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 33
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 5:35 pm: |
|
If I'm not mistaken, aren't you having the same problem yourself in this discussion?
No they stopped fighting because they knew they cannot win against this argument. *grin*
The vast majority have agreed with me so far. Some do not for "practical" reasons but not logical reasons (minus a few people with something to sell). But if you keep making people step through the argument themselves, eventually you can bash the light of reason into their heads.
Present your argument like a lawyer. Pin down people to specifics. I don't expect the internet to be the best place to do this type of reasoning. You will find that people seem to think much more clearly under oath. *laugh*
Things you can PROVE work really, really, really well in court cases and government commissions. Once people realize they cannot get out of this argument, that "tamperproof voting software" cannot exist, all the Election Technocrats will clamor to claim they knew it all along and they were first to bring up these problems. |
Matt R. Jezorek
Voting Rights Forum Participant
Username: Mattjez
Post Number: 4
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 5:41 pm: |
|
JT
I will say that I never think there ever will be a tamper proof voting "software" however I also think there will never be a tamper proof "vote" because voter fraud has been going on long before technology steped in.
Gerrymandering, Bribery or corruption of election officials, Voting in multiple precincts, False voters, "Citizen Groups" casting votes for the "Elderly" ,Ballot stuffing, the list goes on.
As a Technocrat I also understand that there is no such thing as a completly "secure" system, but one with passwords does help. |
Kathleen Wynne
Voting Rights Forum Participant
Username: Wynnek
Post Number: 19
Registered: 10-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 5:42 pm: |
|
Once people realize they cannot get out of this argument, that "tamperproof voting software" cannot exist, all the Election Technocrats will clamor to claim they knew it all along and they were first to bring up these problems.
No argument here! |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 34
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 5:46 pm: |
|
As a Technocrat I also understand that there is no such thing as a completly "secure" system, but one with passwords does help.
This is a facile analogy. Do you understand why?
Eliminating computer tallies serves as one of the key leverage points for current voter fraud. I'm not saying that paper is perfect. I'm saying that computer summation is provably worse. |
Matt R. Jezorek
Voting Rights Forum Participant
Username: Mattjez
Post Number: 5
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 5:47 pm: |
|
Brad,
Also the term "Hacker" is not always negative like the public views it. The original "Hacker" as a word was a good thing. The term in most circles for someone who does something negative with computers is a "cracker"
Pronunciation: 'ha-k&r
Function: noun
1 : one that hacks
2 : a person who is inexperienced or unskilled at a particular activity <a >
3 : an expert at programming and solving problems with a computer
4 : a person who illegally gains access to and sometimes tampers with information in a computer system
Ref: Websters
http://www.m-w.com/cgi-bin/dictionary?book=Dictionary&va=hacker |
Ben Harrison Parks
Voting Rights Forum Participant
Username: Badbenski
Post Number: 4
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 5:49 pm: |
|
Bradley Spencer, my apologies for Geeking and running, I had to dash to an appointment, but there's no bigger computer geek than I am. Heck, I'm an Accountant to boot! I'll match my geek credentials with anyone's. The name calling was in gentle fun... sometimes I forget how things can come across online when folks don't really know you.
However, I am still firmly NO TECH when it comes to voting. I'm with Jt Gleason, you just can't tweak it enough to fix it and there's no system that'll be remotely fraud-proof.
And what's wrong with gunpoint? You'd be surprised how honest people can be at gunpoint! <g>
My wife and I just voted on an ESS optical scan system. I live in a small town in the midst of a big City, I plan to encourage a hand tally, just for the heck of it and just because the numbers are so small we could do it without much trouble. I'll be interesting to see which Pols squawk.
Some guy's on Fox News, a projected winner I think, talking about "taking our Country back..." yeah right, we'll see, won't we? Oh, it's Sen. Shumer... they predict a Dem Gain in Ohio... aw well, it's gonna be a long night, I'll see you geeks later! |
Matt R. Jezorek
Voting Rights Forum Participant
Username: Mattjez
Post Number: 6
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 5:56 pm: |
|
JT,
Anything assembled by man can be disassembled, thats a known fact, something taught as well in computer science.
Its also like this. I dont lock the doors on my house or my car reason being is....
"Locks only keep the honest out"
I would rather by a new radio,computer, etc then pay for a new door or window.
I dont think that computers should be the deciding factor in any election however I also understand that as long as the money is available someone with better sales skills then me or your arguments will step in to pocket that money, so technology unfortunatly is probably hear to stay.
I would love to see 100% paper ballots, however I would also like to see the vote tallys available publicly without having to file a FOIA request.
Sorry If i come across wrong.
Brad,
I like good conversation so I dont think you are being "unkind" or anything just sometimes I speak/type before I think.
I apologize to anyone that I may have upset or put off |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 35
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 6:15 pm: |
|
Are you suggesting that anything anything close to machine level analysis of voting software has happened? And buffer overflows can be nearly impossible for even the best computer scientists to detect. The size of machine code to go over for Diebold alone would take decades of hard work. (Remember you have to certify both the OS and the program itself.)
Microsoft, with all its billions, cannot manage to do this with their software currently. Why should we believe that it is possible for our voting verification systems? Moreover, you can never prove that a machine has not been tampered with after it was loaded from the "clean state".
The "key" and "password" simile you use is facile because you have the entire idea backwards. Using computers to vote is like putting an infinitely complex door on our house. We can "think" that no one has a "trick key" for our door, but because our door is infinite that means there is infinite number of ways to break in.
If "technology is here to stay" that means "voting is gone forever." These things follow from each other.
Anyway, I'm not suggesting getting rid of technology. I think we should use it to double check the human counting. However a full count of paper ballots is the fundamental thing we need to do every election and the most important thing to get through people's heads.
If you really wish to advance the voting systems of the US, then you need to recognize this argument. All other attempts will end in failure. If you want to help with technology and fix the post-human vote counting software and replace it with free and open alternatives, please do! But hit the "Paper Only" home run first, because everything flows from that change. |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 61
Registered: 11-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 6:27 pm: |
|
JT
I have to sign off right now cos Im travellin, but I will pick up on Wed and leave you with this:
I think you need to wake up !
Sure, we can all be idealsitic and raise propaganda to change the system today.
We would all welcome this JT
But there is a thing called due process....it aint gonna happen over night ! wish it would, but it wont
your just not being realistic !
Change ? Hell yes !
but you obviously have no understanding of how government works !....things are slow to happen
That doesnt mean give up the fight, but it does mean that you have to be realistic and take in all the factors to be logical in your approach
nothing changes over night....more fool you if you think it does.
Fact is there is thousands of voting units deployed that we would like to see the end of,right ?
Not gonna go overnight, no matter how smart we might think we are !
Every problem has a solution, and every solution has a time scale....your just not realistic to expect radical change overnight
Infact you are starting to sound like a 23 year old idealist who has no experience of real life events
Loose the attitude, keep the passion JT !
No matter how much compelling evidence or outcry, or even if the government said they were wrong, it aint gonna change over night
everything has a transition period
JT do yourself a favor and stop sounding like an immature idealist...deal with the present problems in a damage limitation scenario whilst at the same time trying to fix things !
Rome wasnt built in a day.....e-voting isnt gonna end Wednesday....think of an action plan that migrates where things are today to where things should be as soon as possible
Dont just bash on and on about kill the machine tonight, and do this from wednesday, cos people just dont take you seriously JT
You need to formulate a constructive plan that fits the situation !
You cant just bang on about "we need to do this !" and give no consideration as to how
And then when someone asks you HOW ? all you can say is "well because we need to !" because you havent thought through how to migrate and make transition from where we are now to where we need to be
Credibility and ego have no place here JT
Suggest a solution....fine...but there needs to be an implementation plan....you cant just say implement today because you have no argument against it
Hundreds of academics come up with solutions to problems, but because they cant articulate themselves to the point where they can help provide transition, their ideas end up badged as IDEALIST
Dont get me wrong, I am all for positive change, but just sit back for two minutes and think about transition....how do we implement change ?
And dont think "Change.....er....well this is the solution that will work......so....its up to the government to worry about how!....cos that is just Bollocks JT
Catch you Wednesday !
Brad |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 62
Registered: 11-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 6:35 pm: |
|
Matt
"Hacker" ?????
What are you, like a week behind or something ?
Get with the program buddy !
Dont just jump in a conversation with a point of view thats like 5 years out of date and not relevant to the thread !
Hacker ? my ass...what are you talking about, apart from trying to educate me on the dictionary ?
Brad |
Matt R. Jezorek
Voting Rights Forum Participant
Username: Mattjez
Post Number: 7
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 6:42 pm: |
|
Relevancy was your post saying hackers in a negative view while it is not always so, However I digress, however if you can not argue a point without profanity then you have no point |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 63
Registered: 11-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 6:44 pm: |
|
Hey Ben
Appreciate your response.
I secretley love fire arms too...just dont tell my wife !
Brad |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 64
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 6:49 pm: |
|
Matt
There is no such thing as a wrong answer in debate
But fortune favors the prepared mind
Didnt mean to be harsh, but the penny just wasnt fitting the slot....stick around though, it rubs off !!
Brad |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 65
Registered: 11-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 6:53 pm: |
|
Matt
Hackers ??
If your gonna point to something in another thread or from like ages ago, please have the good grace to add a quote so I have the slightest clue as to what you are referring to
Thanks
Brad |
Matt R. Jezorek
Voting Rights Forum Participant
Username: Mattjez
Post Number: 8
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 6:55 pm: |
|
Scroll up to the second post, same thread |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 37
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 6:57 pm: |
|
Hey Brad,
I think I'm taking the most realistic approach that I can. I'm saying that there is no difference between voting on a computer and not voting at all. I can prove there is no difference. Heck ANYONE can prove it, it isn't a hard argument.
The how is quite simple. You implement whatever the polling area's paper polling rules are. Go from there to do gradual improvements, but if you don't have a fundamental reason to think voting happened, what can you possibly incrementally fix? The polling areas already have these plans. You may have to update quantities for updated demographics, but the polling precincts know this already.
As for "How does it happen quickly?" It happens in the exact same way that Prohibition happened quickly. A quick amendment to the Constitution would do the trick. Or a string of prosecutions based on the use if the words "verified" and "tamperproof" in Government documents and statements under Oath. Either one will work, the second seems more likely currently.
They are saying "verified" and "tamperproof" when they know that no such things exist. And we have known about it for at least 20 years. Honestly, we have known this for 60 years. But I have no ability to bring this case forth and I have seen no lawyer use this argument.
And speaking of "Due Diligence", while the Chief Officers of these companies may be technical morons, they are legally obligated to obtain good advice on their software systems from experts. You may find a Computer Scientist who would have no excuse for such statements. There are levers all over this story. I think we have only begun to scratch the surface.
Either way you cannot propose a "move to open source voting" if you know that computers should not be counting the vote in the first place. I'm not demanding Utopia. I'm showing easily proven reasons for not trusting computers at all for voting. These sorts of reasons work well on 12 random people, because they come from scientists and any judge would instruct a jury to listen critically to the expert. The expert can fully educate the jury and their own logic will lead them to the inevitable conclusion of the impossibility of "tamperproof" software. Or an Election Rep could realize that they need to follow this argument, lest they find themselves in front of said jury.
I don't know the answers. But I believe the answers will emerge by us telling the truth to each other, not by distractions that cover the real problem. |
Fort Imus
Voting Rights Forum Participant
Username: Fortimus
Post Number: 2
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 7:14 pm: |
|
Maybe computers shouldn't be involved in the vote process but saying that open source software would be a point of failure is ridiculous. All the good encrpytion software is open source. Now if you wanna tell me that computers inherently break the process, I would consider listening. But how about this: No election should be considered certified w/out a hand count and an open source computer system's count of paper ballots being in agreement? |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 38
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 7:20 pm: |
|
Isn't that what I just said? |
vk
Voting Rights Forum Participant
Username: Xvkx
Post Number: 2
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 10:34 pm: |
|
"On what statistics do you base this comment ?"
On what statistics was the implication that only bad people will be seeing the code based? ;)
Regardless, it isn't hard to figure out that several thousand programmers vs. several hundred (and sometimes less) working on securing a block of code is a *good* thing. Don't ever think for one moment that a piece of software is protected through obscurity - it's not. It just takes one person to leak it for it to get in the hands of hundreds if not thousands, and thanks to the internet, it can happen in minutes.
"who said anything about "reputed brands" ? I said "supported brand names that they can reference when it comes down to showing that they did their best due diligence when looking to make the purchase with the tax payers dollars""
Ok, supported brand names, then. ;) I guess I'm failing to see your point. 
"Lets be realistic, as idealistic as open source is, and as fantastic as it is in lots of uses, you are never going to get a bank, an airline, the military, to make their critical software systems open source for every programmer on the planet to play around with."
That may be true in the U.S. but not so in places like Europe.
"VK, one last point: Why even let the bad guys get a look at the source code ?"
The bad buys probably already have the code, and will probably continue to get the code. They'll use every means they have to get a hold of it. The good guys don't have that luxury, though. They can only touch it if you give it to them. How many good guys do you want having access to the code, though? 12? 120? 1200?
I'm not trying to argue for using open source systems. I'm just trying to point out that the idea of open source should not simply be thrown out because the bad guys might get a peek... because honestly, the bad guys probably already have more than just a peek, and will continue to do so. Just take a look at companies like Microsoft and Adobe - obscurity certainly hasn't worked for any of their software. If people other than you have access to your code/software, you might as well consider it out in the open already. In fact, you might as well keep every line in your head because it's not secure - on a computer OR on paper. If I remember correctly there's actually a saying about how only one person can keep a secret. Bottom line - code is just as vulnerable imho when it's closed as when it's open.
Something as important as voting software though should have an ARMY of programmers working on it to make it as secure as possible, though. And such programmers should be putting their brain and heart into the code - not just looking at it as a way to pay the bills.
"The only one able to audit my vote ..is me.
If you expose the votes for public view.. then the machines become a tool of fair elections and not the tool of corruption."
This brings up something interesting. Were this route taken, the only thing I can think up of at the moment is a system in which once a person made their vote, they were given a receipt with an assigned number and their vote (therefore their vote would remain anonymous). Later on they could enter that number into the system to make sure their vote got counted correctly. But it cannot be dismissed that there are exploits that could be used in this system, the same as any system... even the paper system.
"The whole technology thing in elections is far too young to be safe."
As I am young - young enough to not even remember a time when computers were not a part of life. That may have something to do with our difference in opinions regarding it. And I apologize for not even considering at first that the people heading the voting system might not be technologically competent.
Look, guys, I'm not a "technocrat". I'm not a "paper voter" or whatever you call the people that are all for hand counting paper votes are, either. I don't even have a definitive opinion on which system is more secure. I can see the ups and downs in both.
Paper is insecure, code is insecure, anything remotely involving humans is insecure. There is no perfect system. The best we can do is try to come up with the least biased system. In order to do so - we ourselves need to show as little bias as possible. Otherwise we're no better and we're not more fair than the people that constantly seek a way around the system. |
Kathleen Wynne
Voting Rights Forum Participant
Username: Wynnek
Post Number: 20
Registered: 10-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Tuesday, November 7, 2006 - 11:09 pm: |
|
Jt,
Looks like the techies are back countering your arguments. I didn't think they would give up as easily as you predicted.
Kathleen |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 69
Registered: 11-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 1:45 am: |
|
VK
Now you are just babbling !
And dont Mis quote me please....if your gonna use debate, be accurate !
Quote "On what statistics was the implication that only bad people will be seeing the code based? ;)"
I have never even inferred this VK.....i have however said that by open source not only the good guys will have access, but the bad guys too !
A voting systems integrity must have NO SINGLE POINT OF FAILURE....by giving a clear advantage to anyone considering trying to attack software or find ways round the system by giving them too much access, as with open source, is a clear advantage that they dont have today
That is a SINGLE POINT OF FAILURE OF THE INTEGRITY OF THE VOTING SYSTEM
Not rocket science is it ?
We are trying to eradicate points of integrity failure, not add them....why cant people see this ?
This is NOT a game VK !....Its stupid to create a situation that you then have to defend...Open source it, then have a good against evil battle ?
How utterley stupid, and immature in my opinion.
Quote "we ourselves need to show as little bias as possible. Otherwise we're no better and we're not more fair than the people that constantly seek a way around the system."
Conratulations VK, that is the single most inteligent comment you have written !....Now start acting on it !
Brad |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 70
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 1:58 am: |
|
JT
Prohibition did not happen quickly !...might have been implemented quickly, but changes to legislation take time to think through....thats just a fact of life so get used to it.
You cant buck the system JT, but by learning about it you can use the system against itself !
Im NOT arguing for open source, Im arguing AGAINST open source.
Source code being opened up for scrutiny and testing by trusted parties....Absolutley !
Untill, the government do something totally out of charactor like banning e-voting over night, we are a bit stuck !
That is why Im saying that we have to be realsistic....we need to find fix's for many issues that exist, and we need to keep exposing what the individual problems are !
Brad |
Daniel Frank McMullan
Frequent Voting Rights Forum Participant
Username: Seevotedan
Post Number: 105
Registered: 03-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 7:06 am: |
|
The reality is that open source shifts the FAITH of ballot accuracy to the experts sifting through the code.
still you have to have FAITH that they are correct.
Remember:
Only you can verify your vote.
--so open source is not a source of TRUST.. it merely extends the cirlce of FAITH.
I agree with Bradly. Using open or closed software results in the same issues of non-TRUST. this problem occurs when a select few hand-count in secret, too.
Counting in a vacuum will never ever bring TRUST.
Verifing an anonymous ballot is impossible.
Sheeple, wake up! |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 41
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 7:07 am: |
|
The "computer vote counting" system itself does not matter as long as you first have a hand count. It makes no difference because the answers the computer gives do not really matter, they just double check the work of the humans. Given that, it makes no difference who sees the source code or who controls the source code. The answers it gives are not authoritative anyway.
You make it seem like I want to toss away the entire elections system. I do not. I want to only require that all voters vote on a ballot they can see and easily understand when they are done voting, be that a touch screen generated paper or hand filled in pencil ballot. (hand is the somewhat more anonymous but more prone to ballot spoilage)
Canada does this with no real problem. I don't see why we have such an issue here in the US.
The argument is simple. We tell the election officials that because we cannot trust the results of any computer voting system, we must perform a full hand count of the ballots and let that determine the winner. They keep whatever systems they have in place (unless they do not produce a ballot, those HAVE to go). They round up groups of party loyalists from both parties and they all have fun counting after every election. You explain to them that it will take work, but it is necessary work.
Open Source is a red herring in this debate, Pro or Con. It makes no difference because the computer looses it's authority in my system. Free software vs closed software should be a polling station decision.
Paper ballots and hand counting have to be mandatory. |
Daniel Frank McMullan
Frequent Voting Rights Forum Participant
Username: Seevotedan
Post Number: 106
Registered: 03-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 7:15 am: |
|
JT, !!!
yes .. use both hand counting and machines !!
[sounds like seeVote to me]
yes!! pit the hand-counting against the macines .. they both should match .. if not .. something is wrong!
if they do match .. both are correct !! ..
BUT.. they could also both be wrong!!
how do you resolve this?
get the voters to verify and count themselves!!! |
Kathleen Wynne
Voting Rights Forum Participant
Username: Wynnek
Post Number: 21
Registered: 10-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 7:58 am: |
|
My concern with using a machine count to back up hand counts is because, as Daniel states, they could also both be wrong.
Combining machines with hand counts might, in my mind, is just a marriage of convenience, which ultimately could undermine the whole point of hand counting our votes.
For example, wouldn't the marriage between the two also require new laws to be passed in all states bringing them together, while simultaneiously legally securing that the final hand count takes precedence over the machine count. How long would that take and would the language be different in every state? If the language is not air tight, it leaves room for interpretation and we all know how lawyers love to interpret the law for us laymen. What complications would that invite?
For starters, a candidate who won with the machine count but later lost with the hand count, could file a lawsuit contesting the accuracy of the hand count. This could complicate the whole counting process and open up debate again between the hand count advocates against the machine count advocates.
I think we should think very carefully before we consider compromising a return to hand counts AND keeping a machine in the mix.
You know what happens when we mix oil with water.
Kathleen |
Ami Silberman
Frequent Voting Rights Forum Participant
Username: Jol
Post Number: 139
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 8:23 am: |
|
Kathleen,
In the example you gave above, it is possible that the machine count could be more accurate, especially if there are chain-of-custody problems with the ballots. |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 73
Registered: 11-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 8:33 am: |
|
Sorry to sound like a bit of a stuck record.
A system that employs voting on an election machine and then filling in a paper ballot is flawed as it has points of failure.
Not everyone who votes does it with good intent.
There are minority groups of voters that intentionaly void their ballot, spoil their ballots and generally try and disrupt elections full stop, and they dont discriminate about what they are voting on or with.
A voting system can have no single point of failure.
If the minority groups voted for one candidate on the voting device, and a different candidate on the paper ballot, the results tallied would never ever match between the handcount and the machine count, no matter how many re counts took place.
Not even looking at the polling register for number of voters, or receipts, dummy receipts being issued etc would ever give a result that was conclusive or verified, since each vote is secret.
In fact it would also apply to voters simply changing their minds about who to vote for.
They vote one way on the machine, then have a change of heart and vote a different way on the paper.
More seevote lemons I guess ?
The machine printing a copy of the voted ballot to be inspected by the voter and dropping into a ballot box for a hand count, with machine count as back up makes very, very good sense.
Brad |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 43
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 8:36 am: |
|
I can see the slippery slope problem with both human and computer counts, but it doesn't follow logically so I cannot really dismiss using both out of hand.
As long as the language is clear about the ballots being primary and that no computer tally is ever admitted as a vote count, we should have not problems.
As Ami says, the computer may actually have the proper number and we just cannot prove it. In this case, we must re-vote. But this should only happen in cases where you "loose a ballot box." Enough people watch these things that makes it somewhat unlikely. (though we all know things happen). If a precinct has has fraud in their vote, besides punishing the fruadster they have to go and get the ACTUAL will of the people, because the fraudster ruined it. In fact, they should make it so that anyone who commits fraud must also pay for the costs of the new election. That should keep parties out of the fraud business. |
Daniel Frank McMullan
Frequent Voting Rights Forum Participant
Username: Seevotedan
Post Number: 108
Registered: 03-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 9:06 am: |
|
Brad says: The machine printing a copy of the voted ballot to be inspected by the voter and dropping into a ballot box for a hand count, with machine count as back up makes very, very good sense.
lol, you are all supporting pieces of seeVote:
http://www.bbvforums.org/cgi-bin/forums/show.cgi?tpc=72&post=30029#POST30029
go read..
you are calling seeVote something it is not
.. and suggesting that people vote once on paper and then again on a machine is silly.
jt and spencer are ignoring my thread here for a reason..
http://www.bbvforums.org/cgi-bin/forums/show.cgi?tpc=72&post=30332#POST30332
they have no logic for their attacks on seeVote (and it seems they haven't even read anything about seeVote to debate it properly)
go read
(Message edited by seeVoteDan on November 08, 2006) |
Kathleen Wynne
Voting Rights Forum Participant
Username: Wynnek
Post Number: 22
Registered: 10-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 9:15 am: |
|
Jt,
the computer may actually have the proper number and we just cannot prove it. In this case, we must re-vote.
You're leaving out some significant details involved in a re-vote.
When would this re-vote occur?
What would be the costs?
Would the same number of voters be available for the re-vote the second time around as were in the first? If it's not the same number of voters in both, would that not disenfranchise the voters in the first voting process and therefore, not be a true reflection of the will of the voters? Been there, done that already with these machines.
Remember, it's easy to jump to conclusions about how a certain system can work when we are trying to compromise, but the devil is always in the details and we cannot afford to ignore or avoid dealing with them from a realistic vantage point. That's what got us in this mess with the voting machines.
The best approach, IMO, is to keep it simple and leave little room for interpretation and manipulation. Transparent, hand counted paper ballots at the precinct level, posting the results at the precinct for all to see and record, with citizens overseeing and managing the entire process.
Most importantly, we must learn from our mistakes and avoid complicating the process all over again.
After 4 years of researching and investigating this issue extensively in and out of the field, I have come to the conclusion that this is one time where less is more.
Kathleen |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 45
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 9:16 am: |
|
Start your own thread on SeeVote. It has nothing to do with open source.
Actually, since it is Tal Moran and Moni Naor's idea, let's take a quote from their paper to see what they have to say.
"Our scheme suffers a large drawback compared to many of the published universally-verifiable schemes: we do not know how to distribute the vote between multiple authorities. In our protocol, the DRE acts as the only tallying authority. Thus, a corrupt DRE can reveal the voters’ ballots"
That's what scientists have to say about "SeeVote" when they try to create these systems themselves. That's my point on Open Source voting and why it doesn't work. Closed Source fails for the same reasons.
There is ALWAYS a computer you can hack to either know everything or change votes. And you can ALWAYS hack a computer. Thus, we must not trust computers in our vote tallying. Hand only, please. |
Daniel Frank McMullan
Frequent Voting Rights Forum Participant
Username: Seevotedan
Post Number: 109
Registered: 03-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 9:25 am: |
|
you are missing the point
and you are jumping around
seeVote starts with understanding published ballots and anonymous receipts.
non of the past scientists know how to provied take-home receipts either .. what is your point. |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 46
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 9:28 am: |
|
You're leaving out some significant details involved in a re-vote.
Counties already have rules in place for re-voting, but I'll add my thoughts.
Occur? Immediately after fraud detection, like within a week. Counties have rules on this already.
Costs? 1 Democracy. *grin* That is to say that elections are so important that their costs to ensure fairness should never concern us.
As for the voters intent, they understand that going in to the polling place is a cost of freedom and that fair elections are worth any price. Or they should. *laugh*
If they really wanted a fair election, and everyone went into the polling place, and someone committed fraud or negligently destroyed ballots, they have a right to be mad that their intent was lost. However, the fact remains, their intent was lost.
You see, this notion that a "re-vote" looses the "will of the voter" is nonsense. The FRAUD caused the loss of the "will of the voter." The re-vote restores it!
I'm not against a total hand system like Canada's. However, I don't think it is logically necessary. I'm trying to make a scientific case for the primacy of hand counting. As long as everyone understands that the voting software can be hacked and will get things wrong, then everything is ok. Your situation of someone "suing" because the "computer vote" was off will be laughed out of court because I believe we should have clear wording that "Only the Hand Count of Ballots shall count as the Intent of the Voter."
Nice, simple, and cleans up the whole mess in one small legal change. *smile*} |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 74
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 10:27 am: |
|
Daniel
I have read your links and I have read the article yesterday.
Will you please, please stop trying to inflict this LEMON of a product idea on us.
Please start a new thread entitled SEEVOTE for anyone who doesnt have a clue about elections to read.
Sorry to be blunt, but the flawed nature of the product has been stomped on by multiple people now, and Im bored of repeating myself.
For Gods sake man, stop flogging a dead horse, open your mind (and your ears) ITS A LEMON !
Brad |
Craig Bergren
Voting Rights Forum Participant
Username: Babyhuey
Post Number: 1
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 11:51 am: |
|
Bradley,
Your mischaraterisation of open source development shows that you don't know what you are talking about. Open source projects are controlled entirely by whoever decides to control them. The only way the bad guys get access to the code base is if we allow it(open or closed source). Try to make a contribution to Linux or BSD and see how far you get.
I've contributed minor bug fixes a few times. First you have to find out who the egomaniac in charge is. Then you have to convince him/her of the legitimacy of the bug you are fixing and then your fix usually isn't what gets implemented, but something else that does the same thing the way the maintainer likes it. If you're lucky the bug gets fixed in the next release, if not, you get to reapply your bug fix on each new release until it dawns on the maintainer that the bug is real.
Diebold's code isn't bad becasue their source code got out. It's bad because they hired bad guys to control their code. Independent reports from Princeton Univ., U. Conn., and others show that it's bad. How bad we can only know if they open their source code to public scrutiny. |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 78
Registered: 11-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 12:00 pm: |
|
Craig
Who said anything about bad guys contributing to the code.
I know a hell of a lot about open source, combined with 10 years of building these voting systems.
The point about open source is that you dont want to give bad guys even a look at code as this gives them an advantage that they dont have today
I havent mischaractorised open source....you just failed to read enough to get the point being made !
Brad |
Craig Bergren
Voting Rights Forum Participant
Username: Babyhuey
Post Number: 2
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 12:40 pm: |
|
Daniel and JT,
You both have the right idea. I'm the only one who can verify my vote. The verification has to be as close to the ballot box as possible; at the point you split the data into two streams.
It seems to me that this problem is easily solved by printing out human and optical readable ballots at the electronic voting booth tagged with a serial number that can be used to match it up with the electronic tally in the case of a re-count but is not used to link them with an individual voter.
Then give sell the raw votes to all the media outlets so that they can independently verify the vote counts.
I would also like a receipt with the number on it. That way I can check later to see that my vote got counted correctly. Yes someone can pay me to vote, but they do that today without a receipt. It would make my vote more valuable if I could prove I voted for whom they're paying me to vote, but I suppose I could no longer sell my vote to both sides. From an integrety of the elections standpoint I see that the receipt makes no sense because it would open the election up to, say the French might vote for Bush then claim they voted for Gore just to throw the results into question.
I've never had a cash machine give me an incorrect count of $20 bills. It seems that a company that makes these machines could do an equally accurate job of counting my vote, if my election officials wanted them to do so. |
Craig Bergren
Voting Rights Forum Participant
Username: Babyhuey
Post Number: 3
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 12:46 pm: |
|
Brad,
If that was your point, you made it badly.
I'd much rather know that my voting system use 128 bit PGP to encrypt the SSL connection it makes with the central computer than to not know that it uses clear ASCII with no password protection.
Craig |
Daniel Frank McMullan
Frequent Voting Rights Forum Participant
Username: Seevotedan
Post Number: 110
Registered: 03-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 1:46 pm: |
|
Thank you Craig!
..but anonymous voting is key to fair elections..
yes they may pay for votes now(cute TV ads, thugs outside your office, etc.. ) but without anonymity the buyers of votes will never know .. and the voter is really safe to vote as they please..
THIS MUST ALWAYS BE PROTECTED
seeVote has anonymous take-home receipts!
Craig, please critique seeVote, I value your thoughts. thank you.
Brad, I agree with Craig.. your arguement is a bad one .. maybe your example is bad .. and I know what you are trying to say. Can you put it into non-tech terms? |
Kathleen Wynne
Voting Rights Forum Participant
Username: Wynnek
Post Number: 23
Registered: 10-2006
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 1:48 pm: |
|
Jt,
Your situation of someone "suing" because the "computer vote" was off will be laughed out of court because I believe we should have clear wording that "Only the Hand Count of Ballots shall count as the Intent of the Voter."
What you believe will be the case in such a legal situation doesn't matter. You are assuming that the laws passed by the legislature in all 50 states will construct a law that will be crystal clear and air tight in its intent when it finally does hit the law books. On what basis can you make such an assumption? You are also assuming that the judicial system is less corrupt than the election system.
I make no such assumptions. I have a reason for taking such a strong position against depending on the the judicial system to serve the people's best interest, when it comes to enforcing election laws. The reason is, I videotaped the recount in Cuyahoga County, Ohio and was able to capture on film an election official being asked by one of the observers what was the condition of the ballots being used in the recount. The election official answered exactly as they came out of the machine.
Later, at the certification of the recount meeting of the Cuyahoga BOE, I filmed that same election official admitting to the Board and to the citizens of Cuyahoga in attendance there to protest the certification, that they had counted them in private prior to the recount in order to faciliate it for the observers. Clearly a violation of Ohio election code. Despite the citizens' protests after hearing this admission, they voted unanimously to certify the election.
As a result of that admission, as well as the submission of my tape to the County Prosecutor, (who considered the tape best evidence in the case), 3 election officials were indicted.
Despite this irrefutable evidence, the trial has been continually delayed for one reason or another. When a trial date was finally set, there was an issue with the judge, which caused the trial to be postponed yet again. I've heard that defense counsel is taking the position that these election officials weren't committing a crime because they were simply following procedures that had been in place for years. As far as I'm aware, a new trial date has yet to be set. The citizens of Cuyahoga County are still waiting for the wheels of justice to start moving again and render a judgment on this case.
Such incidences have indeed influenced my position of not depending on laws or the court system to act swiftly and deliberately in protecting the integrity of the election process. At least, not until they've clean up their act first. And that's a whole nother ball of wax.
Kathleen |
Craig Bergren
Voting Rights Forum Participant
Username: Babyhuey
Post Number: 4
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 3:25 pm: |
|
Kathleen,
You are absolutely right. There is no voting system that is not possible to rig. The only defence we have is to force open the process so that every step of it is out in the public for all to see, and video tape.
Last night, when I heard about the electronic voting machines in Cook County not being able to connect to the central computer to be counted, I had thoughts of the 1960 election where Du Page County and Cook County were fighting to be the last to report. Each new report from DuPage Nixon was up, then Cook and Kennedy was up. It's no wonder Nixon didn't call for a recount. As long as the ballot boxes were "inroute" to be counted, they were fair game to be rigged. It makes me think twice about Kerry's motivation to cave so quickly in 2004.
Same game, new technology.
I was explaining to someone today about the statistical significance of the pre-counting of the samples in Ohio today. Good work getting them to admit it.
Craig |
Daniel Frank McMullan
Frequent Voting Rights Forum Participant
Username: Seevotedan
Post Number: 111
Registered: 03-2005
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 3:53 pm: |
|
yes!! I agree!
as seeVote's website says:
SINCE...
ALL MACHINES CAN BE HACKED.
IF NOT TODAY, TOMORROW!
THEREFORE...
When the voters can verify their own ballots throughout and after the election,
the never-ending un-winnable battle to produce un-hackable machines
(at tax payers' expense) is OVER!!!
...
Craig and Jt are saying the same thing:
all machines can be rigged.. so put them to the test!
Machine AND hand-counting can in fact FORCE each group of counting methods to be accurate*.. if their results do not match.. then corruption (errors or fraud) has been detected!!
does anyone disagree with this?
*be within the minimum votes needed to overturn the election result OR re-vote. |
Kathleen Wynne
Voting Rights Forum Participant
Username: Wynnek
Post Number: 24
Registered: 10-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 4:49 pm: |
|
Daniel,
Craig and Jt are saying the same thing:
all machines can be rigged.. so put them to the test!
Machine AND hand-counting can in fact FORCE each group of counting methods to be accurate*.. if their results do not match.. then corruption (errors or fraud) has been detected!!
Obviously, you are not seriously considering my arguments against this method of counting votes because you have not responded to any of my concerns mentioned above.
Let me reiterate. Once a machine count is mixed with a hand count you open a pandora's box of legal issues that will be hard to anticipate when writing legislation comprehensive enough to prevent the onslaught of legal arguments made by candidate's attorneys when questioning the accuracy and validity of any final tally involving the machine vs. the hand count.
Does anyone believe that candidates won't cry foul should they be declared the winner one minute and the loser the next? Based on past history, I feel confident that they will use the legal system to muddy the waters and drag out the process in hopes of forcing a re-vote. I can't help but envision teams of lawyers similar to those we witnessed during the Florida 2000 debacle, piling on legal documents and manipulating a legal system that's already proven itself to be problematic in its ability to render fair and rationale judgments regarding complicated election issues. Double voting methods could very well end up destroying any chance of returning to all hand counts and I'm not willing to take that chance.
I honestly don't understand this inexplicable need to keep machines in the counting process, no matter what and the total denial that using only hand counts is just too complicated to achieve.
We can figure out how to go to Mars, but we can't figure out how to hand count our votes. God Bless America!
Kathleen |
Craig Bergren
Voting Rights Forum Participant
Username: Babyhuey
Post Number: 5
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 6:13 pm: |
|
Daniel,
I'm not saying entirely the same thing as JT. I think that electronic voting and tabulating systems have the potential to be more accurate and less corrupt than paper and manual counting, but not in the current environment where everthing is kept secret. The electronic parts have to be just as transparent as the manual parts and auditing proceedures need to be routinely provided. There is no excuse for systems without quality controls built into the process. That is why I am an advocate for open source.
I find the arguments against open source to be a tired rehash of five year old arguments that didn't even apply five years ago. There are many vendors fighting to supply packaging services and support services for open source software.
I predict that all the reputable companies that make closed source election systems would adapt to the open source market and continue to provide hardware and system integration and support services in an open source marketplace.
Craig |
Craig Bergren
Voting Rights Forum Participant
Username: Babyhuey
Post Number: 6
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 6:24 pm: |
|
Kathleen,
The earth is round. There is no way we are going to go back to all manual vote counting. At best it will be used as an auditing tool to verify electronic vote counts. Get over it.
If you haven't noticed, the system is broke and needs to be fixed. Armies of lawyers and litigation are what's needed to get the system fixed. Nobody's going to do it without being dragged kicking and screaming.
Craig |
Kathleen Wynne
Voting Rights Forum Participant
Username: Wynnek
Post Number: 26
Registered: 10-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 7:06 pm: |
|
Craig,
I disagree with you and I don't appreciate your patronizing tone about the earth and telling me to get over advocating all manual vote counting.
You've just recently started posting here, otherwise you'd know that BBV has taken the position that we should return to hand counting paper ballots at the precinct.
We've based this position on our investigations in the field. When I was Associate Director of BBV, I traveled along with Bev for 2 years investigating these machines. The results of those investigations ended up being shown in the documentary Hacking Democracy.
BBV is totally committed to transparency in our voting system that is only possible when citizens oversee and manage their own elections and hand count our votes. The documentary clearly shows that we can no longer abdicate that right over to the machines.
That's my position and I'm sticking with it.
Kathleen |
Craig Bergren
Voting Rights Forum Participant
Username: Babyhuey
Post Number: 7
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Wednesday, November 8, 2006 - 8:33 pm: |
|
Kathleen,
I respect all the work you've invested and I agree with you and BBV up to the the part "and hand count our votes". I didn't realize that BBV had taken such a technophobic position. If that's the only gun in your arsenal, you will not succeed. But that's a subject for another thread. This one's about open source.
Craig |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 49
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, November 9, 2006 - 3:28 am: |
|
I find the arguments against open source to be a tired rehash of five year old arguments that didn't even apply five years ago. There are many vendors fighting to supply packaging services and support services for open source software.
Which arguments are those?
It is not technophobia to reject any computer result as valid for an election. It comes from the fundamental principles of computer science. You'll have a hard time calling me a technophobe. Perhaps we should compare projects on Sourceforge.net to see who has more experience with Free Software? *giggle* I'm just kidding. We don't need to get into these sorts of pissing wars.
You cannot verify any computer by mechanical means. No one has even hand verified any compilers yet, much less entire operating systems. And in principle, we can never be 100% certain, due to the arguments in the other thread. And because of the nature of computing, if we are not 100% certain of the computer code then the computer can never realize the difference between 1 vote and 100,000,000 votes. It is mathematics that gets in our way, not closed sourced applications (not that anyone should ever use closed source code for voting!)
This isn't an argument you can win because your position is provably wrong. I'm not trying to be mean, I'm trying to show you something fascinating about technology.
You know The Busy Beaver Problem? The Turing Halting problem? I assume you do. These are the foundations of computer science. And they are saying the exact same thing that I am saying. I can help you see this if you would like. Try re-reading the argument in the other thread and come back here if you have any questions as to why this applies to open source code as well as closed source code. |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 50
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, November 9, 2006 - 3:46 am: |
|
Such incidences have indeed influenced my position of not depending on laws or the court system to act swiftly and deliberately in protecting the integrity of the election process. At least, not until they've clean up their act first. And that's a whole nother ball of wax.
Yeah it sickened me to watch those people destroy their own freedoms. If you had filmed that at a bank the cops would have put cuffs around all the employees and started a huge investigation. *sigh* And yeah, the judges are corrupt at all levels. And you do have more experience with this knowledge, so I do defer to your judgment here. As I said before, I can find no LOGICAL reason that you should not use computers to double check. However, as you point out, courts have been behaving very ILLOGICALLY as of late.
Still, even in this day and age, do you really think that someone could convince a Grand Jury that the computer vote proves anything if the law clearly says "Computers tallies cannot be submitted or used as voting records?" As I said, I'd prefer a constitutional amendment that clearly states "All constitutional voting must take place on paper ballots and be hand counted. No non-human tally is admissible as a record of voting."
Maybe that's not likely, but it could be if people started to use the laws against themselves. Remember that the laws say both "verified" and "computer." And if you get some clever computer scientists into the courtroom, you can prove that these system cannot meet the "verified" criteria. A crisis like that should cause enough of an uproar to get some real change.
Why don't you have whatever lawyer is working on the case contact a famous computer scientist on this issue? A good lawyer LOVES tearing apart weak wording in the law. Many major cases have hung on definitions of words like "verified". Step them cleanly through the argument, then have them double and triple check with computer scientists. You even have a nice paper from IBM to submit as evidence. That HAS to help.
I think you can get computer voting banned right now even in laws that allow computer voting because of their requirement for "verified computer systems" which do not exist. |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 1024
Registered: 01-2005
Best of Black Box?
Votes: 2 (A keeper?) | | Posted on Thursday, November 9, 2006 - 5:02 am: |
|
SeeVote has been thoroughly discredited as a method of a voter being able to verify their vote. This was done in another thread, months ago, search for SeeVote and check out the arguments. I made many of them and nobody came against them. Dan left the forum for quite a while there saying he was going to modify SeeVote. I haven't looked at it lately (I didn't think it had much promise). Perhaps he's changed it. If he hasn't then it's still fatally flawed in voter verification of his ballot, and this was it's only real new 'virtue'. |
Kathleen Wynne
Voting Rights Forum Participant
Username: Wynnek
Post Number: 28
Registered: 10-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, November 9, 2006 - 5:37 am: |
|
Craig,
quote:If that's the only gun in your arsenal, you will not succeed.
How can you be so sure? The vendors, election officials and politicians were just as certain when they told us we'd never prove that these machines were hackable too. They said it just wasn't possible.
Thank goodness we didn't listen to them.
Kathleen |
Ami Silberman
Frequent Voting Rights Forum Participant
Username: Jol
Post Number: 143
Registered: 12-2004
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, November 9, 2006 - 7:13 am: |
|
A few comments about recounts and re-votes:
JT writes "As Ami says, the computer may actually have the proper number and we just cannot prove it. In this case, we must re-vote. But this should only happen in cases where you "loose a ballot box." Enough people watch these things that makes it somewhat unlikely. (though we all know things happen)."
There is strong evidence that this may have happened in the 2004 election in Ohio. Precincts were chosen (and possibly ballots modified/removed/added) so that the recount would show no discrepencies. Only the Kerry-Bush race was recounted; a recount of one or more down-ticket races (not chosen in advance) would probably indicate whether or not this had occured.
I am strongly against re-votes. It seems to me that the basic premise of voting is to determine the people's will at a given point in time, and that revoting shifts that. For example, given the past election, would a revote in a Senate race lead to increased Republican "get-out-the-vote" attempts? The stakes are so much higher than they were even on election day, that there can easily be a skewing effect. (Republican base who stayed home are energiezed to prevent the Democrats from taking over the Senate.) Likewise, in a House race won by a Democrat but requiring a re-vote, might apathy (because the House has already been won by the Democrats) lower turnout altogether? I think that, given a posited couple of percentage of fraudulent votes, the swing in an election due to a re-vote could be even higher. |
Craig Bergren
Voting Rights Forum Participant
Username: Babyhuey
Post Number: 13
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, November 9, 2006 - 9:04 am: |
|
JT,
I understand the halting problem. Unfortunately I think you do not. It concerns a very narrow field of computer science where we try to write programs to verify other programs.
In computability theory the halting problem is a decision problem which can be informally stated as follows: Given a description of a program and a finite input, decide whether the program finishes running or will run forever, given that input.
The difficulty of the halting problem lies not in particular programs, but in the requirement that a solution must work for all programs.
I can't comprehend how you can conclude that it is impossible to verify any program by any means possible for the reason that it is impossible to write one program capabile of verifying all programs. Perhaps your theory is inconsistent?
Craig |
Craig Bergren
Voting Rights Forum Participant
Username: Babyhuey
Post Number: 14
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, November 9, 2006 - 9:42 am: |
|
Kathleen: What makes you so certain? The vendors, election officials and politicians were just as certain when they told us we'd never prove that these machines were hackable too. They said it just wasn't possible.
You have a point, I don't have any proof that elected officials and the election officials will not want to turn back time to the days when it took months to count the votes. I've been voting for 29 years and have never seen a ballot designed for hand counting until this past election, the primary in March, where we got to use an optically scanned ballot for the first time.
My experience using computers interacting with humans in manufactuirng environment gives me some insight on what tasks machines do better than humans and visa versa. I don't think that election officials are going to throw the baby out with the bath water: give up the accuracy and speed for transparency.
Craig |
Kathleen Wynne
Voting Rights Forum Participant
Username: Wynnek
Post Number: 31
Registered: 10-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, November 9, 2006 - 10:02 am: |
|
Craig,
Quote:
...give up the accuracy and speed for transparency
What proof do you have that the machines are more accurate? From the vendors and the election officials?
All evidence presented in Hacking Democracy proves otherwise regarding accuracy and even speed in many cases due to the thousands of reports from around the country of machine break downs and problems that threaten and call into question the integrity of the final vote count, which has become all too common with machine counts. What is better about that?
I don't know about you Craig, but when it comes to our elections, I'd rather have accuracy over speed any day of the week and twice on Sunday and I'd like to believe election officials feel a duty to ensure accuracy over speed too.
I urge you to visit the Democracy for New Hampshire website to learn more about what they are doing to dispel the myths that continue to mislead people regarding the manageability, accuracy and speed of hand counting ballots, which clearly rivals machine counts in more ways than one. Following is the link:
http://www.democracyfornewhampshire.com/node/view/2655
(Message edited by wynnek on November 09, 2006) |
Craig Bergren
Voting Rights Forum Participant
Username: Babyhuey
Post Number: 16
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, November 9, 2006 - 1:50 pm: |
|
Kathleen,
I've used the technology in my industry. The error rates are low when the system components are appropriately matched together. From the error rate studies I've been reading, the voting problem is akin to the grocery industry. The scans are almost perfect (99.993 % on UPC labels) but the process for assigning the prices to the barcodes and database that cross references them was flawed. There are some FTC/NIST reports from the 90s that show many stores are able to achieve 100% scan accuracy while others don't. The study goes into the root causes of the decrepencies and the magnatude of the problems. Some stores are perfect, but the limit seems to be around +/- 3% for the retail industry on average (PriceCheck I and PriceCheck II 1996 and 1998 respectively).
One thing I find suspicously missing from all the so called voting accuracy studies I've been reading (Nadar NH recount, is root cause analysis of the failures. There is no doubt that the electonic voting processes used by many jurisdictions is flawed. I can't understand that nobody wants to find out why and fix it.
Craig |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 51
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, November 9, 2006 - 2:08 pm: |
|
I understand the halting problem. Unfortunately I think you do not. It concerns a very narrow field of computer science where we try to write programs to verify other programs.
This is a hilarious mischaracterization of the generalness of the halting problem.
For the laymen, here is what the halting problem says. It asks, "Can we ever know about a verification algorithm to tell us if a program stops?" The answer, as Craig and I both say, is "No." Ie we can never even verify mechanically that a program will ever end, much less prove it counts votes properly.
However, hand analysis can prove some things about code. For example, the following "code"
while(TRUE) {
// loop forever
}
We can see that this program never halts, even if you know nothing about code. Does this mean we have solved the problem I'm talking about? NO! Of COURSE we can exhaustively prove any really small program correct by hand. However, when you add in real computer operating systems, card readers, and all the millions of other programs that make real machines work, we find that no one HAS nor CAN they verify all that code. Nor can you prove that the bad code isn't stored on a COMPUTER CHIP! (they have code inside of them too!)
For you laymen out there, think of it this way. Microsoft has many billions of dollars in the bank. How much of that would you think they would spend if they could PROVE their OS was secure? Why can they not make and prove a Secure Operating system? They have billions! They would make many billions more by proving their code! How much does Diebold have to spend on this? Far, far, far less. How much do Open Source projects have to spend? Far, far, far less.
They do not do this because they cannot. They do their best, which is pretty good for many, many, many situations. Voting is NOT one of those situations! |
Craig Bergren
Voting Rights Forum Participant
Username: Babyhuey
Post Number: 18
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, November 9, 2006 - 2:54 pm: |
|
JT,
There you go again. What part of all programs don't you understand?
All quotes from:
http://en.wikipedia.org/wiki/Halting_problem
The difficulty of the halting problem lies not in particular programs, but in the requirement that a solution must work for all programs.
To "solve" the halting problem means to be able to look at any program and tell whether it halts. It is not enough to be able to look at some programs and decide.
Alan Turing proved in 1936 that a general algorithm to solve the halting problem for all possible program-input pairs cannot exist.
Craig |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 53
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, November 9, 2006 - 3:03 pm: |
|
Craig.
Thank you for proving my point. We will never create the "perfect vote checking system." There exists no "verified computer vote." We can prove things in smaller, limited cases, as you mentioned. But a Vote Counter + Operating System + Card Reader + Communication with Central Tabulation is FAR beyond our ability to verify.
Do you agree with that?
If so, we must conclude that using computers to be a primary way of counting the votes is foolish. |
Craig Bergren
Voting Rights Forum Participant
Username: Babyhuey
Post Number: 19
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, November 9, 2006 - 3:21 pm: |
|
JT,
No. See the other thread where you mischaracterize gaming theory. I only have to be able to prove that the process is more capable than the alternative. Other industries are getting error rates in the .8% range. That's what we should be setting for a goal for voting systems.
Craig |
Craig Bergren
Voting Rights Forum Participant
Username: Babyhuey
Post Number: 20
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, November 9, 2006 - 3:29 pm: |
|
JT,
I didn't offer any proof at all. I'm only pointing out that the proof Turing provided does not prove what you claim it proves.
There is some other related computational theory proofs that show the difficulty of black box testing. That's one of the reasons why I'm not a fan of black box testing. Open source is the only way to verify that there aren't any Greeks hiding in our wooden horse.
Craig |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 54
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, November 9, 2006 - 3:42 pm: |
|
Craig.
You haven't shown anything in a Game Theoretic sense because your maximum error bar on a computer is arbitrarily large. Without a hand count you cannot constrain that error bar. Hence we should choose the system with the smallest error region. (The distance between MINIMUM error and MAXIMUM error) How is that mischaracterizing game theory?
Open Source doesn't solve this problem because you cannot prove much as you would have to verify your compiler by hand, then compile your compiler and use it to recompile the compiler to prove it a fixpoint on the compiler input. We have no hand verified compilers yet, open or closed source.
Now when you compile your open source program, because you haven't proved your compiler, you can prove nothing about the system you create. And it is impossible to prove that someone doesn't modify your code after the fact, or during runtime.
That's my point. Open source prove nothing. It is CERTAINLY BETTER than close source voting. We agree there. But for some reason you think that it is "good enough" even when I show that it has the same fundamental errors as closed source voting (but different PRACTICAL errors, of course).
Should we require all tally software to show their code? Of COURSE! Should we use ANY code (open or otherwise) to assert victory in an election? Never.
You may say the words, "I'm only pointing out that the proof Turing provided does not prove what you claim it proves. " But you are not showing it with logic. You are simply stating words with nothing to back them up. |
Craig Bergren
Voting Rights Forum Participant
Username: Babyhuey
Post Number: 22
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, November 9, 2006 - 4:06 pm: |
|
JT,
That's another thread. I thought that Ami answered your question so I didn't see any reason to respond.
Craig |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 81
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Thursday, November 9, 2006 - 4:27 pm: |
|
Craig
Quote "I'd much rather know that my voting system use 128 bit PGP to encrypt the SSL connection it makes with the central computer than to not know that it uses clear ASCII with no password protection."
You dont know a whole lot about voting systems do you ?
Little, to no pollings locations have internet access !
Which is why non geographic voting is still an issue, as they cant connect to the central server for real time access to mark people as voted and stop vote fraud involving multiple votes from the same voter !
Daniel
When are you gonna get it buddy ?
Seevote is a pile of trash of an idea !
You keep popping up once in a while when theres a fresh set of guys on this site....every time, the idea gets trashed because its a bullshit idea from someone who has no clue about elections.
The system relys on 100% of voters to come back and re verify their vote if election called into question....its not gonna happen !
A voting system has to have NO SINGLE POINT OF FAILURE to pass certification under the FEC 2002 regulations upon which a voting system is measured against
SEEVOTE DOES NOT CONFORM TO FEC 2002 on about 20 or so items !
Go away, read the reqirements, standards, legislation, re-design your bullshit system to conform to the Federal Requirements of a voting system, then come back and WASTE OUR TIME !
Brad |
Daniel Frank McMullan
Frequent Voting Rights Forum Participant
Username: Seevotedan
Post Number: 113
Registered: 03-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, November 9, 2006 - 7:33 pm: |
|
Brad, wrong wrong wrong
seeVote does not require the Internets, you are wrong.
seeVote does not require anyone to re-verify ballots, you are wrong.
seeVote does not use computers to secure ballot data, you are wrong.
stop making stuff up.
are you a republican?
Read the website before trashing a great idea, you know nothing about.
Its ok if you do not understand seeVote.. do not ruin it for others... your attacks on seeVote are left unanswered here:
http://www.bbvforums.org/cgi-bin/forums/show.cgi?tpc=72&post=30332#POST30332
why cant you stick to one pinot-of-attack, Brad?
.. cause you didn't bother to read Dylan's support of seeVote, or the website.. Im tired of explaining to you.. but dont spoil it for others..
paper only, as you blindly advocate, does not bring TRUST to the voters in times of tight elections .. like 2000 and 2004 .. this is when the MOST amount of losing voters exist.
seeVote brings trust to the voters cause they can see for themselves .. not trusting people like you telling us "everything is fine/not fine"
this is a democracy not a fascist messageboard
change the channel. lighten up francis.
ignore me, but dont smear seeVote
seeVote is gaining support
people ask me questions directly through the seeVote website and messageboard.. cause they dont want to be attacked.. by people like you.
This is America... like it or leave it
.....
BBV does not endorse seeVote. |
Daniel Frank McMullan
Frequent Voting Rights Forum Participant
Username: Seevotedan
Post Number: 114
Registered: 03-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Thursday, November 9, 2006 - 7:59 pm: |
|
Bratley, I am sorry you can not open your mind to understand that seeVote does not use machines for trust ever in the process.
Machines are used in a pass/fail fashion.
Either you, as a voter, see your ballot.. or you dont.
you dont need a "no point of failure system" to prove my vote is there. Brad does not know what he is talking about.
Care to debate Brad?
Just cause, Brad, you dont understand seeVote don't ruin it for others.
stop your crusade to stop self-counting systems..
do you work for diebold?
let us discuss seeVote, dont you believe in democracy ?
my response to JT and Brad's attack on seeVote's anonymous reciepts are here (see for yourself!)
http://www.bbvforums.org/cgi-bin/forums/show.cgi?tpc=72&post=30332#POST30332
you still have not responded .. instead you attack me over here.
people can see for themselves.. seeVote.com |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 82
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, November 10, 2006 - 3:18 am: |
|
Daniel
Read my last post AGAIN.
The first paragragh addressed to Craig is not about seevote !
Your so blinkered you cant even read a post objectively !
Second paragragh is addressed to you about seevote.
I suggest you also read your own documentation in order for you to understand exactly what seevote relys on. It would help for you to know about the system you are trying to advocate !
Quote "Each voter, being concerned with the Accuracy of the election and possibly not having Trust in the results as they are reported, may have the opportunity to check his individual vote as well as the overall count by checking the public list of all votes cast"
This means that 100% of the voteres who voted have to re check their ballot vote from a public available list.....I believe Homer Simpson said it best DOH !
With about 50% turn out to elections, what makes you even think for an instance that your gonna get 100% re check validation of previously cast votes by voters in an election ?
Also, you show a distinct lack of knowledge about elections....voters can be voting for multiple contests in the same election, so they likeley wont even remember all the votes they made.
The system is flawed from start to finish, and full of points of failure.
A voting method, and verification method relies on 100% accuracy, and 100% verification without any other action required from a voter, other than to turn up and vote !
I have read all the info on Seevote, and it will never even come close to meeting any legislative requirements for a voting method.
Perhaps this is why nobody is interested in it as a solution......perhaps this is why its still on your drawing board.....perhaps this is why you havent gotten anywhere with it....
Dont give up thinking about a solution, but where seevote is concerned its back to the drawing board !
I suggested in one of my earlier posts that you go ahead and read the requirements for a voting method....you might find it interesting to ask one of the certification labs for a copy of the "TDP", (Technical Documentation Pack" that requires to be completed for submission with the voting method for certification, in order for you to understand that seevote doesnt even begin to address requirements, even though the current requirements for certification are very, very, lapse !
People like you came up with DRE Daniel.....rushed, not thought out, and full of holes !
Brad |
Daniel Frank McMullan
Frequent Voting Rights Forum Participant
Username: Seevotedan
Post Number: 116
Registered: 03-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, November 10, 2006 - 4:14 am: |
|
Brad Spencer, as i said prove to me one point at a time. you started with anonymity.
stop jumping around without responding to my logic.
Why will a thug buy my vote.. if I have a printed receipt?
http://www.bbvforums.org/cgi-bin/forums/show.cgi?tpc=72&post=30332#POST30332
Answer that first Brad .. then I can show you how you are wrong about "point of failure", you time-waster, you.
Come on.. Finish the "thug" theory .. jumping around on the subject does not make you an authority.
Finish the thug debate .. I will help you build on your new found logic .. to understand what "point of failure" means.
then I will explain about the seeVote verification process. but you have to understand the importance of anonymous take-home ballots first.
I do not think you are totally clueless. I appreciate your attacks cause I am hopeful that you will get it, be blown away ..and then join our effort. I am willing to chat a bit more, but you have to start with a systematic approach to your debate.. jumping around does not help anyone.
(Message edited by seeVoteDan on November 10, 2006) |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 3406
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, November 10, 2006 - 6:48 am: |
|
Please leave personal attacks and insults out of your debate. |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 84
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, November 10, 2006 - 8:27 am: |
|
Daniel
With all due respect friend its you that is jumping about, and your getting yourself confused and in a muddle !
Quote "Why will a thug buy my vote.. if I have a printed receipt?
http://www.bbvforums.org/cgi-bin/forums/show.cgi?tpc=72&post=30332#POST30332"
That link is for the thread "Why not make your own voting system"
I checked, and I have not read the thread before, and I have not contributed a post to that thread.
However, I just caught your post at the end of the thread having a go at me to answer something about a Thug ?
There you go getting yourself in a muddle again !
You and I have not debated about any Thugs !.....I believe from memory, that you were debating about Thugs with JT Gleason ?
Please try not to get so muddled up and jump accross threads with conversations, and keep track of who it is you are debating with on any given subject as I believe this might ease some of your evident frustrations.
With regards to seevote Daniel, untill I see a pilot study commissioned (which I dont expect to see), and an FEC or EAC pilot report, I doubt very much that my opinion will change.
In any case, you dont need to convince me of anything. You need to find a customer that is willing to work with you.
This site is great for debate, but dont get too hung up on trying to convert everyone to your way of thinking.
Credability for a product is only gained by putting it to the test, which in your case would be to get a pilot study commissioned with a jurisdiction willing to trial it.
Daniel, my opinions of seevote, are not attacks....dont be on the defensive all the time. I just happen to see many issues with the idea, as do others, and I most certainly dont share your opinions on the subject.
Brad |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 1031
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, November 10, 2006 - 9:53 am: |
|
"VK
Now you are just babbling !
And dont Mis quote me please....if your gonna use debate, be accurate !
Quote "On what statistics was the implication that only bad people will be seeing the code based? ;)"
I have never even inferred this VK.....i have however said that by open source not only the good guys will have access, but the bad guys too !
A voting systems integrity must have NO SINGLE POINT OF FAILURE....by giving a clear advantage to anyone considering trying to attack software or find ways round the system by giving them too much access, as with open source, is a clear advantage that they dont have today."
This is where you said what she's contesting Brad, and it does mean what she said:
"
If you introduced open source software to the elections indusrty, all this will serve to do is make the voting software more easy to attack, and manipulation.
If you open up your software for everyone to inspect, all this serves to do is to allow those technically minded people who are not law abiding, to scrutinise the source code at their leisure, and find ways in to the system, and see how it can be manipulated." Since open source gets submissions for corrections to bugs (that do correct them by the way), you are clearly in error, just as VK pointed out. And by the way, you don't infer something in your own writing, you imply it. At least have the courage to stand up for what you say, or apologize when you're wrong. |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 85
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, November 10, 2006 - 10:59 am: |
|
Brant
Sorry, but this is where you show a lack of understanding of software, its deployment and use within elections.
Its not about the people who contribute towards the open source software program. That can be checked after every addition by certification and audit.
Open source methodology means free and fair access to all.
Which means its available to everyone....if its available to everyone to review, then this gives a clear advantage to those parties who are minded to scrutinise it and for example try and subvert an election result.
Example. If you worked in the central count office, and had access to the system that tabulates all the incoming votes, and you now have an in depth knowledge of how the system is built, because the software is open source, and you have spent time reviewing it, and you have found how to bypass its security, then you have an advantage that you didnt have before.
Just because you work in the elections office, doesnt mean that you are law abiding.
Armed with knowledge gives an advantage.
All I am attempting to say is that opening up source code to scrutiny by trusted organisations like research universities etc is the way to go.
If you make the software open source, then you, me, anyone with internet connection has access, and if we feel like contributing some code, we can, (if its good code it might be used), or we could sit there and find ways to subvert it at its weekest point in the election process, as exampled above about the elections office !
You dont have to add to the code, change the code, or contribute to its open source building....you just need to learn what the code does and find its weakest point....this can be as simple as knowing which drive the tabulating software sits on.
Its not to do with changing anything, its just having the extra knowledge about the system that you dont have now.
Its like trying to find your way from A to B without a map. Difficult.
If someone gives you a map, its a lot easier to find your way.
Sorce code is just a "MAP" of the actual application. (The executable program)
If you read the map, you can find your way round with an advantage.
You have to understand this Brant, its not rocket science.
In HBO hacking the vote, they found code on the memory card, and were able to change the vote tallies without anyone knowing.
That was because they found code on the card that they were able to scrutinise, find out how it worked, change the code, and make it do something else, like give a different result.
Still with me so far ?
If they hadnt been able to scrutinise the code then they would not have found the weakness.
If you open source an application, then remember, everyone has access to the code !
Some might go through the code and contibute, others will go through the code trying to find a weakness to exploit.
I dont think you understand what open source is Brant, if you did, you would understand what I am saying in a heart beat !
Brad |
Matt R. Jezorek
Voting Rights Forum Participant
Username: Mattjez
Post Number: 15
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, November 10, 2006 - 11:32 am: |
|
I dont want to argue but with every 1 person looking for a way in there are normally 7 or 8 trying to keep you out.
Also a good many of the security protocols are open so explain why they are in use by the NSA, NASA, the Army etc. |
Daniel Frank McMullan
Frequent Voting Rights Forum Participant
Username: Seevotedan
Post Number: 117
Registered: 03-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, November 10, 2006 - 12:15 pm: |
|
so Brad .. by your "logic" seeVote is bad cause its bad .. and you have nothing to back your attacks?
then, will you allow others to debate seeVote without you interupting?
this is what I mean by you are jumping around:
Bradley says:
http://www.bbvforums.org/cgi-bin/forums/show.cgi?tpc=72&post=30006#POST30006
If I understand you correctly you are advocating dismissing a persons constitutional right to vote in secret. (The secrecy of the ballot)
From my understanding its still against the law to tie the voter back to the vote.
Thats not Democracy Daniel....thats taking away an individuals rights and liberties.
I very much doubt anyone would want to loose the right to keep their vote secret ?
seeVote is anonymous .. yet you state misleading information about it .. and then run away.
care to apologize for this (im not making this up):
Bradley says:
http://www.bbvforums.org/forums/icons/tree_m.gif
Sorry to be blunt, but the flawed nature of the product has been stomped on by multiple people now, and Im bored of repeating myself.
For Gods sake man, stop flogging a dead horse, open your mind (and your ears) ITS A LEMON !
just cause many people dont get it either does not make it a lemon .. it takes time to understand how all the seeVote pieces work together.
..and then you go on to blast seeVote at everyturn .. never responding to my answers. ..just more attacks...
Brad, your last posting is a lie.. (follow links to your words as proof)...stop jumping around.. or go away.
Either back up your "no POF" BS .. or agree with a double blind machine/hand counting system .. the security needs no "point of failure" test.
do you agree?
http://www.bbvforums.org/cgi-bin/forums/show.cgi?tpc=72&post=30038#POST30038
Bradley Spencer
Dylans ideas are pretty good, have lots of merit and are ideas to build from.
Sadly the whole process is practically and fundamentally flawed !
In the event of discrepency between the two counts or the two tallies from each ballot box, Dylans answer is to turn to the voters to re verify.
Quote "Each voter, being concerned with the Accuracy of the election and possibly not having Trust in the results as they are reported, may have the opportunity to check his individual vote as well as the overall count by checking the public list of all votes cast"
Since this would require 100% of the voters to re verify their votes, the solution is flawed.
We dont get 100% turnout to elections, so its not practical to assume that we could get 100% of voters to re verify their ballots.
Even if as many as 75% of voters turned up to re verify their votes, we dont run our democracy on a 75% accuracy of an election.....nothing short of 100% is acceptable....
Good ideas, but sadly flawed.
Brad
Flawed? but how?
Q:
If 50% of registered voters vote... how many are going to verfiy their vote?
A:
Any post-polling verification is better democracy than none at all. Those who verify, get counted prperly! If no one verifies .. no worse off than we are today. what is your point?
Reality: How many people are going to vote.. but never verify their ballot?
Are you suggesting we dont have elections cause 50% do not vote? what is your point?
Here is my point Brad, if you stop to understood seeVote basic concepts, you would not be making such stupid and out-of-context postings. you are disrupting real debate.
Do I have to spend more time pointing out your misleading postings.. or are you ready to address my logic?
please respond to the selling vote to thug scenario .. all of you .. at the same time.. lets get to the bottom of this ... in baby steps,
- seeVoteDan |
Daniel Frank McMullan
Frequent Voting Rights Forum Participant
Username: Seevotedan
Post Number: 118
Registered: 03-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, November 10, 2006 - 12:38 pm: |
|
Brant,
Brad is correct .. you clearly do not understand open source.
...open source programs can be vetted by millions of programmers .. usually in a pride battle for finding loopholes .. and correcting them .. for bragging rights. .. this new found form of compitition yields high-benefits for all ...as opposed to closed source yielding low-benefits for very few if any.
the problem with open source , like all software, is that it can be hacked. If not today, then tomorrow.
election software vetting is job security for lots and lots of folks... a doble-blind test using any two counting methods .. eliminates the need for software to be vetted at all. but no one here wants to discuss it.
as it stands.. bbv has to vet all software .. everywhere .. all the time.. to discover points of failure.. . and then who is to trust bbv .. i do .. but .. that does not restore TRUST to elections..
only the voter can verify their ballot, to settle the pass/fail status of the double-blind results.
stop thinking machines are the answer to securing anonymous ballots .. no commitee or machine can prove the counting my original ballot.
stop counting in a vacuum.
(Message edited by seeVoteDan on November 10, 2006) |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 1037
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, November 10, 2006 - 1:39 pm: |
|
"If you open up your software for everyone to inspect, all this serves to do is to allow those technically minded people who are not law abiding, to scrutinise the source code at their leisure, and find ways in to the system, and see how it can be manipulated." This is exactly what you said Brad. You owe VK an apology. |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 88
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, November 10, 2006 - 3:24 pm: |
|
Brant
Go away and research the definition of open source...you clearly have no clue whatsoever about open source.....untill you know what it is, what it means, and who has access, and the implications of access, please dont even waste my time, or anybody elses time.
Brad |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 89
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, November 10, 2006 - 3:36 pm: |
|
Daniel
Thankyou for backing me up and pointing out to Brant that he doesnt know what he is talking about when it comes to open source.....I must have repeated myself to him about 20 times on the subject...you know, the lights are on but nobodys home kinda thing !
Regards to seevote, Daniel, honestly you and I havent discussed a thug theory and I dont know what you mean ? Im sure you were discussing this with JT?
Anyway, I have said my piece on seevote, and you and I clearly have different ideas....lets do this. How about I just butt out for a few days on this thread and give you opportunity to see what other people have to say on the subject ?
I wont interrupt, I give you my word as a gentleman.
Regards
Brad |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 59
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Friday, November 10, 2006 - 5:36 pm: |
|
On Open Source vs Closed Source.
Security researchers have proven over and over again that to have a secure system you must design something that even if the attacker knows EXACTLY what algorithm you used, they STILL cannot break it.
So closed source does not offer more security than open source. It only makes money for the corporation that controls the source. And THEY are the ones that can manipulate the source and hence the vote.
Close source voting should be banned. (Regardless of the logic on computer voting in general.)
Anyone who feels differently can try the following experiment to prove this point. Take a retail copy of Microsoft Windows XP (closed source). Take a standard distribution of OpenBSD (open source). On identical computers, install the Operating Systems. Try to break into the Windows Box. See how long it takes. Try to break into the OpenBSD box. You will find that you will spend about 5 min on the stock Windows XP break in. You could spend years on OpenBSD looking for a way in and never find one. (indeed, many people have been trying for many years)
Many people have done this experiment with the same results. Open Source is MORE secure than closed source.
As for SeeVote, this guy shows that this forum needs more moderation. He refuses to start his own thread (because he knows that no one cares about his completely worthless system). Hence he hijacks all other threads. |
Matt R. Jezorek
Voting Rights Forum Participant
Username: Mattjez
Post Number: 20
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Friday, November 10, 2006 - 7:20 pm: |
|
JT,
Thank you even if computers are not for voting, security by obscurity is less secure then security by public scrutiny.
Voting is not the Olympics. There are no votes awarded for difficulty
|
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 1039
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, November 10, 2006 - 9:07 pm: |
|
Wikipedia: "Open-source software is computer software whose source code is available under a copyright license that permits users to study, change, and improve the software, and to redistribute it in modified or unmodified form. It is the most prominent example of open source development." This differs not at all from the definition that I read about it and remembered some years ago.
This also doesn't do anything for your arguments, Brad, as our discussion relates to the virtues of this, rather than it's definition. I do know that Unix is a hell of a lot more bug free than any Microsoft OpSys. In open source the ratio of people who are looking at how to attack it for purposes of plugging the holes versus those who are trying to hack it to walk through the holes is much higher, because there is access. As JT points out, attacks on open source tend to get documented, studied and fixed, rather than swept under the rug.
And you still owe VK an apology. |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 92
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, November 11, 2006 - 8:11 am: |
|
Brant
Im not explaining it too you again, it seems to be beyond your comprehension, and if you actually have to go look up "open source" to see what it is, then you know even less about it than I had given you credit for. When I suggested you go look it up I was being sarcastic !!
Brant, I use open source in many development projects. Im a massive fan....but not for elections.
Please go read my last post in "open source software for voting machines" thread.
Please read it Brant, and you might, MIGHT just get the full picture.
Brad |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 63
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, November 11, 2006 - 1:45 pm: |
|
If they hadnt been able to scrutinise the code then they would not have found the weakness.
Bradley, you are a smart guy. So you should see the problem with this argument. But I'm going to spell it out in case you missed it.
They "Gems Code" release had nothing to do with the memory card hack. They did find a CLOSED SOURCE executable on the card. They reverse engineered the executable on it to find the weak point. (It was trivially easy, if I recall).
The "Gems" hacks they did on the computer came from seeing the source. The "Card Hack" came from reverse engineering code they DID NOT HAVE ACCESS TOO. They were DIFFERENT hacks.
Any executable is the source itself, in a different form. It may be HARDER to read, but it is still just as readable. |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 1048
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, November 11, 2006 - 8:22 pm: |
|
But, Brad, according to you "sarcasm and name-calling are the lowest form of wit", aren't they? I thought that you wouldn't indulge in those?
And it's funny, Brad, but JT and several other people are reading your posts, and they're not buying it, either. Note his last post, just above this one. |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 94
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, November 12, 2006 - 8:01 am: |
|
JT
I think you just inadvertantly proved my point for me, thanks ! And by the way, I never mentioned the GEMS hack....only the code on the card as an example of what you can do if you have access to stuff that you ordinarily would not !
My whole point is, if they hadnt had access to the code on the card IN ANY FORM, then they would have been non the wiser and not performed the card hack.
Which is my point exactly about open source...Today every tom dick and harry dont have access to review the code right ?
Give everyone under the sun access to review the code, and they now know everything about the system they need to know to start looking for ways to attack it.
And Im not talking about changing the code...you dont have to if you know enough about the system to find other less obtrusive ways to attack the system.
Brant, just cos some dont get the picture, dont mean they are right....still waiting to hear what your bio and or credentials are by the way. Must be like the 4th or 5th time Ive asked you now.....whats wrong, not got a lot to say ? Im just interested to see what topics to discuss with you Brant?
And Brant, I was being sarcastic because I never dreamed that anyone would try and debate open source "publically" without actually knowing what open source actually is......
Brad |
Matt R. Jezorek
Voting Rights Forum Participant
Username: Mattjez
Post Number: 38
Registered: 11-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Sunday, November 12, 2006 - 8:23 am: |
|
So explain why
NNS
OpenSSL
OpenSSH
IDEA
PGP
GPG
etc
are not broken daily I see massive rewards if one of these are broken all of them being open or public source.
You cant say that if you have the code you can find a way in. If you have the code and the code is not written in a decent fashion maybe so but open source != secure just like closed source != secure
Voting is not the Olympics. There are no votes awarded for difficulty
|
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 95
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, November 12, 2006 - 9:42 am: |
|
Matt
I dont think you understand what I am saying.
Quote "If you make the software open source, then you, me, anyone with internet connection has access, and if we feel like contributing some code, we can, (if its good code it might be used), or we could sit there and find ways to subvert it at its weekest point in the election process, as exampled above about the elections office !
You dont have to add to the code, change the code, or contribute to its open source building....you just need to learn what the code does and find its weakest point....this can be as simple as knowing which drive the tabulating software sits on.
Its not to do with changing anything, its just having the extra knowledge about the system that you dont have now.
Its like trying to find your way from A to B without a map. Difficult.
If someone gives you a map, its a lot easier to find your way.
Sorce code is just a "MAP" of the actual application. (The executable program)
If you read the map, you can find your way round with an advantage."
And on your point of PGP etc, I wish to god that election vendors used decent levels of security....but they currently do not.
And believe me, you CAN find a way in if you have the code !
Remember, you dont have to "Hack" any software if you have the code to review, as you are learning about the system.
Look at the GEMS software...Bev didnt need much knowledge to change the vote totals...WHY ? because she had access to the software, and time to review it, and found a weekness.
Its realy not hard to understand, that if an application is open source anyone on the planet can look at the code....
If you can look at the code you can find ways to effect the election, and not necesarily by changing anything to do with code.
Dont get hung up on hacking, and changing stuff....its far, far simpler than that !
look, in the most simplistic non techy terms possible....if you have detailed info about a system, whether its user guides, training info, tech spec, open source view of the code, that you ordinarily would not have access to, then you now have a better chance of gaining entry as you now have an advantage you didnt have yesterday.
Too much information in the wrong hands in dangerous !
And the problem is, when you open source a program, you...me...anyone has access to review the code, which is an advantage to those looking to do harm
Dont be nieve to think that the open source methodology is a cure all !
Be objective, and think through what it would actually mean to release the source code on the internet for anyone to view ? think about all the different types of people who would have access ?
Why dont Banks, the airlines, the military make their software applications source code available to view....because its just plain common sense thats why....if you want to eleiminate risk of someone learning your system and finding a way in, then dont show it them in the first place.
If you cant understand this then you are not being objective and thinking about the consequences, no matter how big an advocate of open source you are !
The source code for voting equiptment should be "opened up" to accredited non profit departments for scrutiny and testing....but for gods sake man, dont advocate letting anyone in the world have access to it. Use your head ! Think about it, before rushing into the same old, same old opinion about open source !
Brad |
Dan Oetting
Frequent Voting Rights Forum Participant
Username: Dan_oetting
Post Number: 247
Registered: 07-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, November 12, 2006 - 1:53 pm: |
|
Closed source does not insure that the source is kept out of the hands of the criminals that would use it to cheat. We've seen the reports here; ES&S labs broken into in the middle of the night, manuals, hard drives and tools stolen. Diebold software left on open ftp servers. All the closed source status means is that we cannot openly discuss the vulnerabilities and insure that they get fixed. |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 72
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, November 12, 2006 - 2:19 pm: |
|
Bradley,
I think you just inadvertantly proved my point for me, thanks ! And by the way, I never mentioned the GEMS hack....only the code on the card as an example of what you can do if you have access to stuff that you ordinarily would not !
You can think that, but I see no logical reason to do so.
Having access to the code is about Trust. We trust that the banks mutually adversarial approach and laws will ensure the safety of our money system. Even still, clever hackers have managed their way in without any code whatsoever. Generally in secure systems, it is the KEY that matters, not the code.
Anyway, your point is completely moot. We can never trust a closed source or open source application with vote counting. We CAN use them as a double check on our hand counts. But then what value does "closed source" have over "open source"?
I'm not sure you can see that question because of your ideological viewpoint. But please, try to see that question. I'm going to ask it again to emphasize my point.
Since we can never let the computer decide a final vote due to the reasons I have stated before, WHY would "closed source" offer any advantages over "open source"? |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 96
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, November 12, 2006 - 3:00 pm: |
|
Dan
Sorry, but you realy need to read more of the thread than the last post or so.
What I am suggesting is not closed source. Im suggesting opening up the source for scrutiny by non profit organisations such as computing science labs and research universities, and the findings to be public domain....my Whole point over and over again, which certain people in this thread are not grasping, is that if you open source it, every one, good and bad has access to review it......some will do good things with the info, others will do bad things, like learn about the system to find weakness to exploit. Thats all im saying.
Brad |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 97
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, November 12, 2006 - 3:27 pm: |
|
JT
Quote "The "Card Hack" came from reverse engineering code they DID NOT HAVE ACCESS TOO."
Firstly JT, like it or not you proved my point perfectly.....They had access to information on the card that ordinarily is not in the public domain.
Through scrutinising the info and program on the card they were able to input data into the card, effectively "stuffing the ballot box" prior to election. This was done by finding a point of entry through exploiting a weakness.
My point exactly where open source is concerned, as everyone would have access to review, and find weakness !
So thanks....you did prove my point perfectly !
Secondly Quote ""The "Card Hack" came from reverse engineering code they DID NOT HAVE ACCESS TOO."
Im interested to hear your theory about how they reverse engineered code that they didnt have access to ?
Just for the record JT Im very familiar with Diebolds equiptment, and I can 100% guarantee that to "stuff the ballot box" on a diebold memory card does not take too much doing if you have access to it !
On the memory card is an "electronic ballot box" and what Bev and crew did is not complicated to do.....again, only if you have access to information to gain an advantage.
And they would not have had to reverse engineer anything to do so..
This is like banging my head against a brick wall !
Quote " We trust that the banks mutually adversarial approach and laws will ensure the safety of our money system."
What a crock JT and you know it....any half inteligent person automatically knows why banks and airlines and the military do not make the source code for their critical systems available as open source for anyone to have a look at !
Its called "Security Protocol 101 ! " Which roughly translated means "Do not drop your pants in public, or everyone will know the colour of your underwear" !
Quote "WHY would "closed source" offer any advantages over "open source"?
JT, at the risk of repeating myself for like the 50th time in a row, who said anything about closed source ????????????
I have been talking about opening up source code for scrutiny, and improving the certification process 10 fold, where have you been ????
Why is it so hard to understand ?
Brad |
Matt R. Jezorek
Voting Rights Forum Participant
Username: Mattjez
Post Number: 41
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, November 12, 2006 - 4:07 pm: |
|
http://www.wired.com/news/business/0,1367,42972,00.html NSA Kernel on critical systems.
http://www.gcn.com/print/22_15/22425-1.html DOD gives go ahead on open source
Linux is in use for various DOD projects, even weapons systems, but cautious agencies have waited for official clearance.
“You don’t have to do it in the shadows anymore,” Stanco said.
So, to me that means while they might not be releasing software themselves they feel good enough to use Open Source for weapons systems etc.
Why does the NSA, US Government, Security Group's use open source encryption libraries. Why Did the closed source Giant get the BSD TCP IP Stack for Windows 2000 in order to hope to provide a more secure TCP/IP stack.
Come on prove to me "closed" > "open" not just by saying if you have a road map you can do X.
Voting is not the Olympics. There are no votes awarded for difficulty
|
Dan Oetting
Frequent Voting Rights Forum Participant
Username: Dan_oetting
Post Number: 249
Registered: 07-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, November 12, 2006 - 4:13 pm: |
|
Yes Brad, I read the thread (except stuff in the middle that I read the last time he was here) and saw you keep saying over and over again that open source gives everybody access. I just pointed out that we already know that the bad guys have access to the source so that particular concern with open source is moot.
In a paper based election, should we only allow certain well known persons to inspect the ballot box before it is sealed and voting begins? |
Travis Rogers
Voting Rights Forum Participant
Username: Soundg
Post Number: 18
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, November 12, 2006 - 6:52 pm: |
|
Brad
To follow how you would crack something without source code...it's called reverse engineering the code. Read this for a brief introduction -- http://en.wikipedia.org/wiki/Reverse_engineering
So it doesn't matter if your code is open or closed. True Crackers don't need your source code, just the binary. Now I assume you will argue that this proves your point about open source, but it really doesn't. Actually it has nothing to do with it and has no application at all. Let's face it, the "bad guys" have the code today. They're called vendors... |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 1051
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, November 12, 2006 - 8:15 pm: |
|
Whether the vendors are bad guys or not, one guy getting into one machine can lay bare the executable code for your machine. Is it harder to hack then the source code? Sure. Is it impossible? Hell, no. With disassembler and de-compilers, you can get back to uncommented source code. Which you'll have to puzzle out, but all of the text messages that have been stored as strings will help with that. Then, minus an arguably large amount of inconvenience, then you're back to open source without the benefits. People you wouldn't want to have access (because of their intentions) have access, and many people you would want to have access (because of their intentions), do.
And Travis, it's just as well you didn't quote the definition or article, Brad hates that. |
Charles Christopher
Voting Rights Forum Participant
Username: Ilikeinfo
Post Number: 9
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Sunday, November 12, 2006 - 8:26 pm: |
|
While I feel using electronic voting is fundementally flaw, so much so that it MUST be abandoned, there is a key point of missinformation in this thread that needs to be addresed since it applies universally to *ALL* voting systems.
From:
http://www.pgp.com/newsroom/regulations/21cfr11.html
"Source Code Published for Peer Review
PGP Corporation is unique among commercial security software developers in that it has a strict corporate policy of publishing product source code for peer review. This unparalleled level of insight into PGP products allows customers as well as experts in the security community to review PGP implementations and provide valuable technical feedback to the company."
In other words security is *ALLWAYS* the benefit of open peer review. Even if we are lucky enough to return to individually punched cards or mechanical level systems, we should *STILL* be fighting for public review of how those system work (in detail) and the procedures of the ENTIRE system they are part of.
It's a total fallicy that security is acheived through secrecy. In fact a recent example of this is DVD movie technology. Consumer electronics manufacturers developed and encryption system used to encrypt DVD's as well and geographically control the ability to play them. This specification was *CLOSED*, in other words was secret. Then hackers found that one manufacturer screwed up in how they applied the technology and the entire secret of their encryption escaped. In fact many took pride in actually making t-shirts with the source code for decrypting DVD printed right on them - Note this also served as a was to export the hack since printed source code can be exported based on free speach protection. So what did secracy get them? Nothing. Would would peer review have gotten them? At the very least a procedural line item *NOT* to do what that manufacturer did .... That's how transparency creates strong encrytption, that's also how transparency is a tool for ensuring accurate elections that have not been manipulated. It's fundementally an organic ongoing process, it's not something that is static (= hide it so nobody can see) .... |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 98
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, November 13, 2006 - 6:37 am: |
|
Guys
Im realy bored with this now, and just sick of repeating the same thing over and over again. Either your not listening to what Im saying, or you just cant hear me ?
I say NO to "true open source" for voting software, and advocate the vendors having to "Open up their source" for scrutiny by public appointed departments with no vested interest, and all you hear is "CLOSED SOURCE" !
Matt
Regardless of what operating system is being used the DOD dont "Open source" their critical systems software for every little hack on the planet to play with for one simple reason. It would be a major breach of security.
Its not even a technical argument....its just common sense when it comes down to it.
Dan
No the bad guys dont have access to it at the moment....sure you class the election vendors as bad guys which is fair, but there are worse people on the planet.
If you open source voting software and effectively publish the code on the internet for all to see, why cant you understand that this is a major concern to security ?
There is no way on Gods green earth that a voting system, whose software is published on the internet will ever, ever pass certification, as you have just moved from a contained situation where only certain bad guys have access, to a situation where every bad guy on the planet has access.
Not meaning to sound insightful here, but theres probably about a billion Chinese guys would love to have access to all the election vendors code from the US that runs elections.
Travis
Im well aware of how to reverse engineer code !
And yes you do help to prove my point. Why do you think there are so many software applications coming out of places like China and Hong Kong that are a lot like stuff you buy down the road at Comp USA ?
Anyway, Im not talking about having to reverse engineer anything at all....
Again, your not hearing me.
If you have access to "open source" source code, you can learn enough about the process and the voting system that you dont have to change anything to gain an advantage that you didnt have before you reviewed the code.
Hence the analogy of reading a map being easier to navigate, than trying without a map.
Its simple to grasp if you understand software.
You can find the easiest point to attack the system. For example, if you reviewed most of the election vendors voting software applications at the source code level, you would find that one of the weeknesses is the central tally, or elections management system that takes data from out in the field from polling locations.
If you reviewed the code, you can see how the data is recieved.....one way in currently is through modems. Lots of results are sent in by modem.
Another example. If you review the code you can see the data constructs and the layout of the electronic ballot box on a memory device such as a memory card or USB thumb drive as is currently used by many vendors. Its then very easy to intercept and replace those momory devices with ones you prepared earlier.
Open source software is not some magical cure all you know ?
It is however Pandoras box where election software is concerned.
Brant
You make a point about the tools available Quote " With disassembler and de-compilers, you can get back to uncommented source code."
Why is it soooooooo hard to understand that if you open source an application your giving them a huge head start ?
I think one point we can all agree on is that voting software of election vendors needs to be reviewed and scrutinised for the positive purpose of ensuring that it is trusted for its intended use, by a process of scrutiny, testing and making certain security requirements standard, at the same time as the scrutineer interacting with the election vendor to point out failures and weakness ??
So why is it sooooo hard to understand that if you open source it to millions and millions of people you now have an unmanagable situation ?
Who's opinion out of millions is the right one ?
Who out of the millions is who they say they are ?
Who out of the millions do you trust ?
Who out of the millions is from a non trusted country ?
Dont you think its a whole lot safer, managable and logical to look at who in the United States we can trust to review and scrutinise this code, give an unbiased open to the public opinion and deal direct with the vendor to help them put their code in order ?
It needs to be NON PROFIT qualified group of institutes appointed by the people......not by the vendor, and certainly not carried out by someone like Ciber or Wyle who get paid direct from the election vendors.
You have to trust someone to do the reviewing and scrutinising at some point.
Two alternatives:
1. Turn loose the code on the internet to millions and millions of people. To every person on the planet who has a pc. The good, the bad and the ugly. (Open source)
2. Find qualified groups within the US that are trusted by the people and who can be qualified to be trusted, and open with the ins and outs of the process.
So, WHO YOU GONNA TRUST GUYS ?
Brad |
Bradley Spencer
Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 99
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, November 13, 2006 - 7:08 am: |
|
Guys
I think an important thing that you are also overlooking is the election vendor.
How are you going to get the vendor to move to open source ?
And dont think for a second it will be written into legislation mandating a company to preference one mothodology over another...
Also, even if the odd vendor did move to open source, they are still in control of what they choose to be allowed to go into the code or not.
They would still be in control.
Look at this debate as an example.....the vendors wont want to go open source, and you would just end up with having this debate nationwide !
And consequently would not end up with anyone agreeing on anything. That kind of debate could take years, and believe me the election vendors will put up a compelling fight against it.
Under the circumstances I think this debate is interesting theoretically, but not practically.
The only sensible conclusion is the one I outline above and in my other posts, as it can be done today without much obstruction.
Brad |
Matt R. Jezorek
Voting Rights Forum Participant
Username: Mattjez
Post Number: 49
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, November 13, 2006 - 7:23 am: |
|
NPO really no better
The major insurance provider in my area and many others. Blue Cross Blue Shield was a NPO till 1994 where it converted several of them to profit, I believe some are still NPO. They are making billions of dollars from special interest groups too the difference is they cant report a profit.
Friends of mine used to work there. They did profit distribution to make sure they did not report a profit. Some employees where getting 20k to 50k christmas bonuses to help cut the actual profit down.
To say let a NON PROFIT oversee it brings absolutly no more trust to the deal then letting closed source and organizations like Cyber/Wyle do it.
NPO's are buyable too, The American Public as whole is not. Hell the KKK is a non profit in some states, does this mean they are good hell no. NPO is not the EABA (end all be all) of this solution no more then open source is.
Personally Open Source or Closed Source is not the answer to this. Neither is NPO oversight, Nor certified code, The only answer to this to me is citizen oversight and this can only happen when we have an audit trail. If the government keeps the HAVA then computers will be in elections till the end of time. How do citizens have oversight on the computer systems. You are now saying "Trust us" with the words coming from a NPO.
Im tired of this conversation though its going no where no points will be seen from either side.
I see your points that something has to change.
I dont see your points that by open sourcing something it gives the bad guys a way in, because it gives the good guys a way to fix the way in quickly.
You dont see that closed source is no better then open source.
Open Source Provides Oversight, Closed Source provides no oversight, Closed Source is attackable, Open Source is attackable.
I think the only thing we actually agree too is that Computers are flawed and something needs to happen, the method of which is up for debate.
Closed Source is no better then Open Source and Open Source is no better then Closed Source code.
Code is no better then the person writing it closed or open. I can write great Closed Source or I can write great Open Source code, or the opposite.
I just cant see stressing NON PROFIT as a solution to certification, I have Blue Cross Blue Shield insurance I am a customer of a NPO if I dont pay my bill I dont have insurance, If I dont have insurance I cant go to the doctor. If the NPO raises rates which they do often (I pay $990.00 a month for insurance (dont like the insurance provided by my company)) I have to pay that rate or not have the service. They are qualified as a non-profit and registered as a non-profit yet they can hold me hostage to the price hikes etc.
I dont trust NPO's any more then I trust a politician
Voting is not the Olympics. There are no votes awarded for difficulty
|
Bradley Spencer
Frequent Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 102
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, November 13, 2006 - 8:50 am: |
|
Matt
NPO isnt a major big deal...its just one more layer to the cake.
Money often corrupts yes....well by looking to computer science institutes and university research centers that are appointed by public consensus, then you at least make a start at removing from the process what is wrong with the current process.
These departments would be interested from an academic point of view....not bought off for money.
Matt, I dont know that electronic voting is the answer ?
What I do know, is that its here at the moment and it needs fixing.
For me, the whole thing comes down to a question of trust....who do you trust to oversee the process ?
You gotta trust someone, and I dont think the election vendors are trustworthy, and I dont think the process they control from start to finish are worthy of our trust either.
I do believe that electronic voting can be trusted if the process is changed to make the election vendors accountable, and through a certification and verification process that is outside of their control and or influence.
I agree with you, that its not about open or closed source. Its the process that is flawed, and changing to open source will do nothing than confuse and make things worse from a security and management of the process point of view.
I rather think insurance companies are a bad example to quote by the way, as when they get big enough to make big bucks they convert part of the group to profit and keep some NPO elements in the group for corporate and tax benefits....its a well known formula where insurance companies are concerned.....not illegal or wrong, just well known.
Brad |
Kathleen Wynne
Voting Rights Forum Participant
Username: Wynnek
Post Number: 38
Registered: 10-2006
Best of Black Box?
Votes: 1 (A keeper?) | | Posted on Monday, November 13, 2006 - 8:50 am: |
|
Instead of talking about a technical solution that is clearly not possible before the 2008 election, we should all be working our butts off to get Dennis Kucinich's bill HR 6200 passed NOW.
This bill amends the Help America Vote Act to require states to conduct presidential elections using paper ballots and to count those ballots by hand.
This is an immediate solution that can be done and should be done for the presidential election. It is the most logical way, in the short time we have left, to take definitive steps to ensure the integrity of our votes, considering the prevailing doubts that still linger from this last election -- and all those that preceded it. Isn't that what's most important? Can't we all at least agree that it would be insanity to trust these machines again, especially if there's a chance for legislation to be passed to try our hand at counting our votes by hand?
It will also be our best chance to shed new light on just how important it is for people, not machines, to count our votes, because I believe it will finally prove that it can be done. Another plus is that we'll get to experience something we haven't in a long, long time. Confidence that our votes really do reflect the will of the people.
That's something worth fighting for. |
Bradley Spencer
Frequent Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 103
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, November 13, 2006 - 9:08 am: |
|
Kathleen
Ooooooh if it was only that simple.
I truly wish it was.
Hand counts dont always produce a reliable result, can still be manipulated, can still be influenced by fraud.
Did you see the HBO program ?
Look how easy it was for the county to produce at "random" (yeah right) a perfect 3% of ballots to hand count that hadnt been massaged in any way (yeah right)
Hand counts are easy to manipulate, and will produce a different result every time they are counted, for which there are plenty of studies been conducted to prove so.
I dont know....its like being between a rock and a hard place.....cant trust the current electronic voting under its present management, but at the same time knowing what the issues are for manual hand counts at the same time.
Its a headache all right !
Brad |
Kathleen Wynne
Voting Rights Forum Participant
Username: Wynnek
Post Number: 39
Registered: 10-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, November 13, 2006 - 9:43 am: |
|
Brad,
It is that simple.
Hand counts have less than 5 attack points, while machines have more than 100. Do the math. Machines are more vulnerable to attacks that can't be easily detected, if at all. And the continued inability or plain stubborness by some to see this is a real headache!
I was there and I documented what happened with the recount in Cuyahoga County. I can assure you that the fake random 3% recount had nothing to do with the hand count itself. It had everything to do with chain of custody and the lack of confidence the election officials had in the machine count being accurate.
The chain of custody was broken, when the ballots were not counted immediately after the polls closed at the precinct and posted prominantely for all to see and document. This flawed process enabled these election officials to count the ballots in private for the sole purpose of ensuring that the recount went smoothly. They weren't concerned with accuracy, they were concerned with saving face. This could never have happend if we had counted the ballots at the precinct on election night.
Yes, Brad, it truly is that simple, which makes this ad nauseum argument in favor of technology so frustating. |
Dan Oetting
Frequent Voting Rights Forum Participant
Username: Dan_oetting
Post Number: 253
Registered: 07-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, November 13, 2006 - 9:48 am: |
|
Bradley, When I see a disagreement I try to find and post some facts to help settle or clarify the issue. Earlier in this thread I pointed out a couple of instances where voting system software was leaked (one specifically carried out by "bad guys"). Yet you come back now with:
"No the bad guys dont have access to it at the moment....sure you class the election vendors as bad guys which is fair, but there are worse people on the planet.
Ooh, I didn't mention the venders in my post.
Are you trying to split hairs and say that only real time access to the source code is useful? |
Brant Lamb
Frequent Voting Rights Forum Participant
Username: Brantl
Post Number: 1055
Registered: 01-2005
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Monday, November 13, 2006 - 12:49 pm: |
|
The problem with using any set of people to validate this software as a private operation is that you then have a group of people who someone is either likely to attempt to bribe to do the job as they'd prefer it to be done, use the assigning of the job as the bribe to get the job done as they'd prefer it to be done, or assign the job to someone incapable of doing the job thoroughly enough to get the job done in the way that you're trying to avoid (select an incompetant that looks good enough).
The true advantage to open source in this situation is no one can profit, however indirectly from the vetting of the open source code. It takes the profit angle out of it, doesn't it? |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 76
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, November 18, 2006 - 4:42 pm: |
|
Brad,
You said:
I say NO to "true open source" for voting software, and advocate the vendors having to "Open up their source" for scrutiny by public appointed departments with no vested interest, and all you hear is "CLOSED SOURCE" !
Having a limited group of "approved people" who can see the source and a mass of "users" who cannot see the source is called what again? Hmm? "Closed source" perhaps?
The approved people may not have the necessary time to properly debug the code. They may be incompetent. They may have hidden motives. You understand the arguments well.
Anyway, if you make hand counts paramount then the whole "advantage" that attackers supposedly gain in an "open source" situation goes away. You are only left with a double counting system, with no real reason to infect the machine. And everyone can see if the machine is easy or hard to infect. It simply restores trust. You are PRETENDING that it takes trust away. And you have been well educated as to why your idea doesn't hold water.
So to sum up, the reason you keep repeating yourself is that you are consistently wrong and refuse to change your position given evidence. |
Bradley Spencer
Frequent Voting Rights Forum Participant
Username: Brad_spencer
Post Number: 115
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, November 24, 2006 - 12:02 pm: |
|
JT
BORED.....BORED....BORED.....BORED !
You know very little about how elections are administered. This much is evidently clear by your un-educated comments and nieve comments about hand counts.
JT, if you actually believe that hand counts are fraud free and are not subject to subversion then its time you woke up and smelled the coffee.
It still actually makes me smile knowingly to listen to people like you JT. You have good intentions, but you also have a lot to learn my friend.
Just for the record JT, a hand count is easier to manipulate than any electronic voting device.
To manipulate a voting machine requires certain skills......to manipulate a hand count simply requires the will.
Hand counts have been manipulated since the start of democracy, not to mention inaccurate.
Wake up to the real world JT
Brad |
Kathleen Wynne
Voting Rights Forum Participant
Username: Wynnek
Post Number: 48
Registered: 10-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, November 24, 2006 - 12:20 pm: |
|
Brad,
Have you had the opportunity to see the documentary Hacking Democracy? The hack tests conducted in it proved that it doesn't require computer skills greater than that of a high school student to manipulate a voting machine and to do so without detection. |
Catherine Ansbro
Frequent Voting Rights Forum Participant
Username: Catherine_a
Post Number: 3506
Registered: 12-2004
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Friday, November 24, 2006 - 12:47 pm: |
|
Brad,
Please make your points w/o putting someone else down personally. Even if you disagree with Jt, there's no need to insult him. Insults don't make your arguments any stronger.
Jt,
This is a real-name-only website. Can you please re-register with your full, correct name so that we are all on equal footing? |
Jt Gleason
Voting Rights Forum Participant
Username: Entropyfails
Post Number: 78
Registered: 11-2006
Best of Black Box? N/A
Votes: 0 (A keeper?) | | Posted on Saturday, November 25, 2006 - 12:25 am: |
|
Hand counted systems require both the will to commit fraud and the technical exploitation of either a lack of security of the ballot boxes or the bribery of "election officials." You apparently think this is easy. I, and most others, disagree.
It is much easier to alter a general purpose computer to fix the vote than to do the above. I don't see how you can think otherwise.
As for my name, it is my name. ;) |
|
|
