Source Code Access Denied in Disputed Race

MrMetlHed writes "A judge ruled Friday that congressional aspirant Christine Jennings has no right to examine the source code that runs the electronic voting machines at the center of a disputed Southwest Florida congressional race. From the article: 'The ruling Friday from Judge Gary prevents for now the Jennings camp from being able to use the programming code to try to show voting machines used in Sarasota County malfunctioned. Jennings claims that an unusually large number of undervotes (ballots that didn't show a vote) recorded in the race implies the machines lost the votes.'"

unfuckingbelivable

[Anonymous Coward]

The source code for such nasty machines should by definition be publicly available. Who the fuck trusts those devices when its source code is unavailable??

At least it's just "for now"...

[NewToNix]

This will surely be appealed, it's a bad decision on the Judge's part. And here's the obligatory IANAL bit.

But I am able to call bull shit when I see it. And refusing them, or at least a mutually agreed on qualified party, to review the code in question is asinine.

And proof positive that these things, if allowed at all, MUST be open source.

Nothing tests code like the real world

[RodgerDodger]

There's definitely something screwy going on. From the article, about 18000 votes were accepted that didn't actually vote for anything. Now, if I was designing an e-voting package, there's no way I'd mark a vote as accepted if it didn't vote for something, especially in a country like the US where voting is not mandatory. After all, if they've bothered to turn up at the voting booth, you can assume they actually intended to vote.

(The situation is a little different in my home country of Australia - mandatory voting means that we might get something out of having a "none-of-the-above" option)

I also wouldn't put much faith in the "two parallel tests" done by the state. Absolutely nothing tests code like the real world, and the fact that both tests revealed "100 percent accuracy" when errors were detected on all models of e-voting machines during the US Congressional elections just means that the tests weren't very good. I doubt very much that the tests involved as many as 18000 voters in the first place, not to mention underpaid and overworked electoral officials trying to help a horde of undereducated and over-opinionated voters, with only a couple of hours training conducted a couple of months before.

The court ruled that the "conjecture" of lost votes didn't warrant over-riding the trade secret status of the e-voting machine code. This is a mistake - an expert review could easily conducted under a NDA, thus protecting the trade secret status. Not to mention that the tools of democracy shouldn't have trade secret status in the first place... without examining the code, how does anyone know that there isn't a little switch saying "On Super Tuesday, switch into rig-the-election mode"? (Not that I think there is - it's just that there's no way to disprove it). Nor do you need to go the full open-source route for this - just like the expert review, a panel of experts could easily be responsible for certifying e-voting machines without any risk of the code being exposed.\

Re:unfuckingbelivable

[A beautiful mind]

I would mod up parent if I could, as it perfectly catches the gist of the problem. The profanity is there to hilight the seriousness of what people who believe in democracy face. Anyone who belittles the problem by political correct weaselwords does a disservice and does not contribute to the/a solution.

Not knowing the source code for a voting machine is the equivalent to saying "a miracle happens here" at a critical part in a mathematical proof. Completely utterly unnaceptable.

Incomplete article

[Somnus]

What the article doesn't discuss is the quarantining of machines from the actual election and reproducing their inputs in the "independent test." Anything less is uncertified evidence.

OTOH, should voting results have a presumption of validity? The problem is that voting bureaucracies are not designed for validation by authenticating ballots or statistical checks, but only on prompt decisiveness and the appearance of not having irregularities in the balloting or counting.

Wouldn't all this be solved by encrypted online voting, where you could check your own votes by a profile tied to an anonymous registration key issued by the DMV? Then make the data public for verification by the media?

Re:Outrageous

[wakejagr]

There are at least two reasons why there is little uproar about these machines using closed-source software.

• most people (including judges, elected officials, and others who are in a position to directly change the situation) don't realize that having no access to the source code means votes cast using the machines are unverifiable
• too many people (especially those who are only in a position to indirectly change the situation: voters) feel that the situation with these machines is no more broken than the rest of the system. Remember hanging chads?

Whaddya mean "there is no conflict"?

[Dachannien]

I don't get it. In this case, the plaintiff isn't allowed to view presumably proprietary/copyrighted source code for a voting machine to go on a fishing expedition to see whether it caused her to lose.

On the other hand, the RIAA gets not only to view the contents of a woman's hard drive to go on a fishing expedition to see whether she was sharing music files, but they get to make their own copy of it, including all that stuff they don't hold the copyright on (Windows, the woman's e-mails, etc.).

It seems to me that what's good for the turkeys oughta be good for us chickens. Or something.

logic and reason

[bnf]

The inability to assess the logic of casting votes defies reason.

How long must we sing this song? A democracy without transparent practices for the transfer of power is not a democracy. All the way down to the ones and zeroes. Every question with regard to voting should be able to be answered.

It seems so primitive that it baffles me how someone could arrive at any other conclusion than "the process of voting is sacred and should, in fact *must*, bear great scrutiny".

Re:unfuckingbelivable

[Architect_sasyr]

Indeed, despite their choice of language, they have it in one.

Just because, in this case, the judge won't understand it, or the company thinks they stand to lose money from letting it be seen, doesn't mean we shouldn't be able to see it... my latest GPS device (a TomTom) has an Open Source system on it, runs on Linux. Thankfully, I don't understand it, and I don't want to, its not my field. BUT WHEN IT COMES DOWN TO IT, if for a second I didn't trust the machine, I could take a look and know exactly what it was doing.

With a voting machine this should be an integral part of the trust process... we know how the box where we slip our voting slips works... why should we not know how the machine we punch our answers into work the same way?

A little Stalin seems fitting...

[SpectreHiro]

"The people who cast the votes decide nothing. The people who count the votes decide everything."

Please don't be confused... I don't think Joseph Stalin was a great man. I consider him a despicable and cold blooded tyrant. At the same time, I also happen to think he was a pretty sharp thinker, and a successful tyrant because he understood how political systems function. A democratic system cannot work unless there is absolute transparency in the voting process.

I'm an open source supporter but not a zealot. I don't have any problem with the existence of closed-source commercial software and I believe it has a right to exist. That being said, there's simply no place for closed-source software in our voting process. Voting is the foundation of our political system, and we can't settle for any ambiguity in its implementation. It's not as if vote counting is a technically demanding job, and there's no argument for keeping secret the process by which it's done.

This strikes me as a clear judicial mistake (not that I've read the article... too drunk and tired, frankly). In general, our judges don't seem to understand information technology well enough to make informed decisions. They don't understand that changing the results of an election is elementary for any programmer. Isn't that concept terrifying?

Our society is enamored with the labor saving possibilities made possible by the past century's technological advances, but thus far, the understanding of these technologies in government has not matched their application. This trend must not continue if we value our republic. In the strictest sense, our system is no longer a democracy if it has no educated oversight.

Our government needs an elected body of IT experts -- some kind of technically proficient oversight body that can rule on information technology as it applies to our system of government. Without any such educated oversight, our freedom and sovereignty is bit by bit diminished, and can be turned against our people. The possibility alone demands action.

Our founding fathers certainly didn't foresee the coming of mechanical information processing, but I firmly believe they would have wanted it to be open to review by the common man. What we need now are are IT patriots willing and motivated to take up the cause.

Re:Incomplete article

[JackHoffman]

Wouldn't all this be solved by encrypted online voting, where you could check your own votes by a profile tied to an anonymous registration key issued by the DMV?

The problem with most "verified" voting mechanisms is that they allow voters to prove a vote for a certain party, which in turn makes buying votes feasible. You have to create a pretty elaborate system to prevent this kind of abuse and most of the proposed systems which look like they could solve this still don't prevent ballot stuffing.

Classic paper ballot voting solves these problems by using an observable and public process. The only secret act is the casting of the vote and there is practically nothing a voter can do in that secret phase to change the outcome beyond his normal participation in the poll. All other steps in an election are, at least theoretically, public: You can watch the sealing of the empty ballot boxes, you can watch the admission of the voters and you can observe the counting. Nobody has to trust someone else. If people take an interest in the process, they can see for themselves that it is done right.

Electronic voting always has the problem that you can't observe the code execution. Sure, you can verify that the code in the PROM is correct, but you can't verify that the code is what actually gets executed on election day. You can't verify the contents of the memory modules beyond what another unverifiable machine tells you. IMHO, the problems with electronic voting are unsolvable without giving up at least one of the democratic principles of a secret ballot. The central problem is that there is secret information involved which cannot be verifiable to the point that you can verify the whole process.

Score "Zip" Democracy "One" Business

[erroneus]

When a judge makes the determination that the interests of a single business over those of a democratic process such as an election, then this judge's leanings are clear and obvious. I don't think the issue could be more complicated than that.

Re:Outrageous

[secolactico]

most people (including judges, elected officials, and others who are in a position to directly change the situation) don't realize that having no access to the source code means votes cast using the machines are unverifiable

Judges are not expected to be expert at every subject. They should, however, be able to find expert advice for the subject at hand. Both parts should have presented properly accredited expert witnesses and the court might have retained independent experts as well (IANAL).

If the fact that the judge is not knowledgeable enough to rule accordingly in an issue indicates that the judicial system (in addition to the election system) might be broken.

Or maybe the complainant dropped the ball somewhere in the process.

Transparency

[AlHunt]

Elections are supposed to be transparent.

Sticking some software in the middle that nobody can see is akin to counting paper ballots in secret.

I don't mind voting machines, electronic or not. But transparency is a *must*, either way.

Re:logic and reason

[cluckshot]

Having actually reviewed the software (Yes the source code) for 7 major voting machine systems....,. I might have something to say on the topic. First!!!!! a verified voting machine software package means exactly nothing! The verification is if there are enough comments in the code and if all case statements have a default exit and things like that. It has nothing what so ever to do with if the system correctly handles an election. I got paid for this people so I know the facts here!

Out of the 7 major packages I reviewed I found only one I felt was secure enough to consider it worthy of use. I did look at the software. Major flaws included the ES&S systems have flash drives! They could have their data and their "brains" completely changed at will during an election and they never would tell! Other flaws included Internet hookups to the machines where data files could be addressed remotely... .... ....

I am not telling the name of the supplier I felt was good but let it assure you that their system had paper read and their system had several other safeguards of the voting tally.

Why do public officials want such systems. Simple. They can steal elections and they can prevent absolutely any record of the event. Why should voters get mad and demand open source software on such systems. The reasons are many They include prevention of defalcation on the election. They include being hardware independent so that users are not locked into a system for buying their supplies. They include KNOWING what is going on. They include voter oversight. Take your pick folks.

Re:A little Stalin seems fitting...

[frdmfghtr]

It's not as if vote counting is a technically demanding job, and there's no argument for keeping secret the process by which it's done.

This is true, and yet it seems impossible to develop vote-counting software to do it accurately. I'm not referring to the 18,000 undervotes here, I'm referring to election reports in times past where it was reported that machines were counting several thousand more votes than voters in the particular precincts; while not voting in a particular race COULD result in the aforementioned undervotes, it is IMPOSSIBLE (or at least should be) for more votes than voters to be registered. It is the occurrence of the "impossible" that should have the public up in arms.

The excuse of "it's not significant to affect the results" doesn't work; if this is one easily detectable anomaly, what about the undetected anomalies? The overcount (is that a word?) shows that there is a problem, and the machines cannot be presumed accurate. It's that simple.

Votes recorded on paper. Public access to the counting process. It really is THAT simple.

Re:Outrageous

[schnikies79]

So it's useless just because it's old? Sometimes low-tech solutions are the best, but this is slashdot and I'm a bit of a luddite so no one will listen.

Democracy!

[slmdmd]

There is no democracy in USA, it was lost decades ago. It is a two party dictatorship. (Not exactly - It is actually the Corporate rule)
Proof: Try finding answers to the following on internet. (Rest of the media is a PR tool of the dictators)
1. Why no independent wins any seats.
2. Why is it always a very close battle. (e.g. 250-251)
3. What is the percentage of members that get re-elected in a communist country(say former russia) and what is the percentage in USA.
Internet is the only remaining free media but not for long. No matter what we do, it is just a matter of time before the internet is also governed by the corporate. Ways to control are already in the works.
About half of the world knows who is responsible for the 11 towers, but only a handful in usa.
The answer is on the internet. Do your own research.

Re:Outrageous

[Holmwood]

Actually, paper and pencil are a pretty good approach. Simply because a solution is old doesn't mean it's a bad one nor does it mean that the shiniest new piece of technology is the best answer.

Assuming a situation where there's reasonable oversight of most votes most of the time, and opportunities to be alone with ballots for more than a minute don't generally exist:

- Electronic voting machines? An attacker can change thousands of votes in a second.
- Punched cards? An attacker can shove a ten cent piece of steel through the hole for the preferred candidate and invalidate a hundred ballots for the opponent in a few seconds.
- Paper? Well, an attacker can start spoiling every ballot for the opponent, but that's going to take time. Quite a bit of time. And the attacker will be leaving some forensic evidence.

Canada -- a country geographically even larger than the US with probably even more serious geographic distribution problems -- has generally used paper ballots for a great many years. Elections are typically counted and results are in by somewhere between 10pm for local/provincial elections and maybe 2am (eastern) for Federal elections.

Most of all, a paper ballot system is comprehensible and reasonably transparent to the ordinary voter. Not so with even open-source software (which may be transparent and comprehensible to some, but is neither to the average voter).

If you really want something that's counted fast, use paper ballots scanned into optical scanners (and deposited in locked ballot boxes for later inspection/recounts) in front of the voter.

Paper and pencils: A technology who's time has come.

Holmwood.

Re:Whaddya mean "there is no conflict"?

[Anonymous Coward]

You forget that in a corporatist-fascist state like ours, the chickens are mere cogs and cannon fodder to enrich the ubermensch, not the other way around. Rights? What rights? Are you one of the elite? Then you have no rights. Go back to your slaving so that I can steal your wage labor!

Re:Score "Zip" Democracy "One" Business

[bigbigbison]

Exactly. This isn't about open vs. closed source. THis is about the fact that the judge has mad a decision which in effect states that "trade secrets" and business trumps democracy. That is just wrong.

Don't dodge the issue

[drig]

No one cares what the democrats did forty or a hundred and fifty years ago. Heck, the Republicans will claim that Bush's State of the Union address in 2003, where he claimed that Iraq was trying to buy Uranium, is old news and no longer relevant. That was 4 years ago! So, 40 years or 150 years is definitely old news!

Besides, that's dodging the issue. Bringing up old history doesn't help anyone. What we want to know is when our votes will start counting again. Bush has now won the Presidency twice, both times under extremely questionable circumstances. Republican Secretary of States, missing ballots, voters illegally purged from the voting lists, voting machines made by Republican operatives. This isn't some interesting sidenote in a history book that includes references to the book of Genesis. It's real life, it's happening now, and this kind of mealy-mouthed dismissal of American freedoms is either ignorant to the point of criminality, or is a bald-face destruction of the American process.

Re:Outrageous

[Millenniumman]

The source code wouldn't help matters. Assuming the machines were rigged, it would be simple to release the the code from a properly functioning codeline. If it was rigged, most of the people at the company wouldn't have access to that code, or someone would report it.

Open source is only open source up to a point. There is no way to verify that what is running on a machine is the same as the code released. Anyone working on the machines can tamper with it: "./configure --all-votes-are-$(myparty) && make && make install". Maybe you could use digital signing on the official builds and restrict the machines to them, but keep in mind that violates the GPLv3, and there are no assurances it won't be hacked. On the other hand, it is very unlikely someone is going to reverse engineer closed source software while they are supposed to be setting up the machines and no one will notice.

Re:Incomplete article

[carpeweb]

simply to have the voting machine print human- and machine-readable ballots

This is essentially what reasonable (non-Florida) balloting looked like before "e-voting". Except that the voter was part of the "voting machine" and filled in little circles. Those are machine-readable, and there's no need to compare the machine readable ballot to the human-readable ballot, because they are the same ballot.

As I've said before, e-voting is a bad solution to a problem that didn't really exist.

Re:Outrageous

[Watson Ladd]

Open source does not equal GPLv3. You could release the code under GPLv2 and use digitally signed and restricted builds. You could use a signature on GPLv3 code that makes a big red "WARNING:DO NOT USE" sign turn on in the booth but otherwise functions normally. Or you could blow PROMS with the code at the factory and the guys sticking it into the voting machines could read out the code from the ROM to verify. With closed source software you can verify that the machines are all running the election software, but you can't verify the software.

Re:Outrageous

[Tony Hoyle]

IANAL (duh), but do we know who owns the rights to the code? If the state has no legal claim on the code (I don't think paying for the code counts, it's a question of what was written in the contract), then the judge would not have the authority to open access to the code.

For something as sensitive as a voting machine the government should have the contract, and all the rights to the source code - the state should be able to request the source from the government.

If that isn't the case then someone should be fired. By a firing squad.

Re:unfuckingbelivable

[TheRaven64]

Anyone can check the proof just by checking that the proper axioms and lemmas are used at each step.

Anyone? I think you live in an interesting world where even 50% of the population even knows what an axiom or lemma is, let alone how to check a mathematical proof. In a democratic state, everyone gets to vote, therefore, everyone should be able to validate the electoral procedure, not just the mathematicians and computer scientists. Here's an example I provided in another post:

By having an electronic voting system, you are asking the majority of the population to trust that it is carried out correctly, with no way of checking it themselves. Would you[1] be willing to use a paper vote where all of the candidates names were in Kanji, and trust an expert to tell you in the polling booth which candidate name was the one you wanted to vote for?

[1] Assuming you can't read Kanji. If you can, substitute Egyptian Hieroglyphics in here.

Re:Outrageous

[aussie_a]

What? The 1700s actually had honest elections that everyone could vote in? Oh yes, so much better to be in the 21st century.

Trade Secrets override Democracy?

[openright]

It is quite a low point when Information Monopoly "rights" can override the right to open, free and fair elections.

There is really no alternative but to make this software public.

The voting software does not need to be free-software/open-source (though it would be best), but it does need to be public.
It is still possible for a company to hold and enforce copyrights on publicly available software.

Any complex compuations that are performed (that they claim to be trade secrets) cannot be trade secrets in a free democracy. These compuations, if wrong comprimise elections.

Re:Democracy!

[PPGMD]

Your a moron, and whoever modded you up is one too.

1. Most independents don't win for a number of reasons. First most are built around a single person, that person can only run in a single race, and thus is geographically limited, which limits the amount of votes that he can win. Second few independent parties are winners, people like to back winners. The last two parties that stood even a remote chance of winning a national election was the Green party under Nader, and the Reform party under Perot. Also currently there are 3 Independent Congressman in the incoming congress (there were 4 in the outgoing).

They also don't last long because if either party sees an independent that is cutting into their votes, they extend their platform in an attempt that bring those voters back into the fold, it generally works enough that it makes that independent crumble because it's base of support erodes.

2. It's not always a close battle, but it's best that way, it keeps the parties on their toes, they always have to appeal to a broader spectrum of votes to keep their party in power.

3. I don't know, why don't you tell me?

Only a handful in the US knows who brought down the twin towers eh? Why don't you enlighten me, because I was under the impression that it was 19 Islamic terrorists from Bin Laden's al-Qaeda. You are probably going to tell me it was the Jews, or the Bush administration I bet. Also don't believe the polls that say a majority think that 9/11 was caused by Iraq we have those that think it was the Germans that bombed Pearl Harbor.

Re:unfuckingbelivable

[hey!]

  Having any kind of electronic voting machine is unacceptable in a democracy.

I disagree.

Having an electronic machine that prints a human readable, machine tabulatable paper ballot could be a good thing,if the user interface was designed reasonably. For one thing it would assist blind voters, and provide assistance for voters in the language they're most comfortable in.

Re:Outrageous

[MyIS]

A well secured system would be nearly impossible for an attacker to circumvent in a minute with the resources he would have available.

The fear is that there is systematic tampering from the officials' side, not a particular voter left alone with the machine.

Not if you let people see what their vote was read as after it read.

Again, the point is that someone could tamper with ballots hours after the voters have left the building.

with one tenth the population

One tenth? At those numbers the system scales well - actual counting is done per-geographical-unit anyway, it just means that there are more of them doing concurrent work. And overall, isn't it worth to sacrifice ten hours more delay to get a trusted voting system for a country that touts itself to be the bulwark of democracy for the world?

Re:The Premise is Wrong

[laird]

"Ms. Jennings assumes because there is an undervote that all those undervotes went for her"

This is incorrect. Ms. Jennings believes that there were abnormally high undervotes in some counties, but not others, which changed the outcome of the race. This position was supported by ES&S, the vendor of the machines, in court testimony. This didn't require all of the undervotes to be case for her, just for the undervotes to be cast consistently with the votes counted in the same counties.

To quote the local papers (http://www.heraldtribune.com/apps/pbcs.dll/articl e?AID=/20061109/NEWS/611090343):

"More than 18,000 voters who showed up at the polls voted in other races but not the Buchanan-Jennings race.

That means nearly 13 percent of voters did not vote for either candidate -- a massive undercount compared with other counties, including Manatee, which reported a 2 percent undervote.

If the missing votes had broken for Jennings by the same percentage as the counted votes in Sarasota County, the Democrat would have won the race by about 600 votes instead of losing by 368, according to a Herald-Tribune review. Even if the undervote had been 8 percent -- more than three times what it was in Manatee -- Jennings would have won by one vote."

Given that voters generally go to vote for the most important election, and then occasionally vote for the other races, undervoting is generally considered the error rate of the voting system. Thus, you consistently see very low undervotes reported by accurate voting mechanisms (e.g. precinct count optical scan typically reports 1% undervotes, probably a measure of voters actually intending to undervote) and very high undervotes by inaccurate voting mechanisms (e.g. punch card ballots typically report 7% undervotes, indicating that they probably fail to record 6% of votes cast). This pattern has been observed consistently across numerous elections for decades - bad voting systems create high undervote counts, and good voting systems don't, even when both systems are used in parallel by the same voters in the same place in the same election. Undervotes are considered such a problem in voting that the best argument for electronic voting systems is to reduce undervotes. Based on historical data, a 13% undervote rate is nearly unheard of, indicating that there was something seriously wrong with the way that the voting was conducted. Since DRE's (direct recording electronic votnig systems, meaning no paper ballots) are by definition impossible to audit, the only indication of a systemic failure would be based on the results looking implausible, such as two neighboring counties in the same election reporting wildly different undervote rates"

"SARASOTA
Total votes cast = 142,283
Undervote = 18,382
Difference = 12.92%

MANATEE
Total votes cast = 96,705
Undervote = 2,312
Difference = 2.39%

The odds of these two counties randomly having such a range of undervotes is 1:5,000,000.

Keeping in mind that DRE's by design can't be audited, you have to decide whether (1) it's impossible to challenge the results of an election run on DRE's, no matter what happens, or (2) you can challenge the results of an election run on DRE's if the results appear implausible.

I'm with NIST on this one. All DRE's should be decertified. Voting is too important to treat this way.

Re:first post

[alshithead]

Hold your fax up tight to the screen and press your foot pedal.