7,000 Irish e-Voting Machines To Be Scrapped

lampsie writes "You may recall from back in January 2012 that the Irish government had deemed their stock of 7,000 e-voting machines 'worthless.' Turns out they are not — after spending upwards of €54 million purchasing them almost a decade ago, all 7,000 will now be scrapped for €70,000 (just over nine Euros each). The machines were scrapped because 'they could not be guaranteed to be safe from tampering [...] and they could not produce a printout so that votes/results could be double-checked.'"

chéad phost

[Anonymous Coward]

chéad phost

Voting Machines Features are Different in Ireland

[billstewart]

It's not so much that they need to have English and Gaelic instead of English and Spanish - it's that the US machines' "Change to vote to Republican when nobody's looking" option means something a lot different there.

Re:chéad phost

[Hognoxious]

chéad mÃle iomarcaÃochtaÃ

Fuck off, Legolas.

Re:

[AliasMarlowe]

An bhfuil cead agam dul go dtí an leithreas, más é do thoil é?

Níl. Agus ghlanadh suas do praiseach ina dhiaidh sin.

Re:

[c0mpliant]

Maith an fear!

awwwww

[slashmydots]

Daaaaamn, what a waste, considering people have proven you can run Tetris on them. They could have had a whole arcade.

Re:

[Imrik]

The first post is in response to the summary, if it merely says something that's in the summary it would be correct to mod it redundant. Note that this is a hypothetical point, and in this case the moderation seems odd.

Re:

[Splab]

Slashdot provides more than one ordering - for instance GP is not first post in my view; a moderator might have read a similar comment when ordered newest first (remember, moderation is handed out based on some obscure algorithm, not on a "must be this intelligent" basis)

Re:

[rbrausse]

not on a "must be this intelligent" basis

thanks for explaining! I always wondered why I'm part of the 15 mod points crowd ;)

Re: Chad?

[rnturn]

Texas and Florida are probably submitting bids at this very moment.

How Difficult Is It Really?

[AnotherAnonymousUser]

As a question for the geeks and engineers of the community - how truly difficult is it to make one of these voting machines safe for use? Is there something I'm missing that would make it difficult to have a kiosk with an imaged system that's been certified, locked down, and can print out results, without it being easy to tamper with or easy to fudge the numbers of? It seems like this is something that engineers could have designed to be foolproof by now, and at a fraction of the budget. How truly complex is the problem they're trying to solve?

use the same system for slot machines

[Joe_Dragon]

use the same system for slot machines
they go under lots of testing to make them hard to cheat them even to the point of shocking them.

Re:use the same system for slot machines

[rtfa-troll]

Nobody actually knows how hard this is since nobody has ever actually succeeded in doing it, despite the fact that many people have tried. Here is another example:

use the same system for slot machines they go under lots of testing to make them hard to cheat them even to the point of shocking them.

This is one of the standard examples, the other given is bank machines. The average engineer/computer scientest will tell you this every time up to the stage of actually starting voting machine companies and spending millions on delivering machines which fail to be sufficiently secure. Just think about how much more hostile the voting machine environment

• if you cheat a slot machine you can get a few hundred dollars - if you beat a voting machine you can controll F22 contracts worth US$66.7 billion
• slot machines are run in an environemnt where you can watch the users - watching voters is illegal
• you can see who wins on your slot machine and almost nobody cares - voters are supposed to be anonymous
• slot machines are essentially static; the money is put in and taken out in the bar - voting machines have to be distributed to many locations
• your slot machine will still earn money even if it is completely emptied several times a year - a voting machine only needs to lose once

It's true that the slot Las Vegas slot machine program is much better than any current voting machine goes through. That is outrageous. However, don't think that if you did follow the Las Vegas system that would be enough.

Re:

[RobertLTux]

one "feature" that voting machines don't have that Vegas slots had back in the day

They used to break people for cheating the slot machines

Requirements were Political, not Accountability

[billstewart]

The US voting machine contracts were given to politically connected companies after the Republicans got a lot of flack for the 2000 election vote counting failures. Accountability and Auditability were very much not requirements - they didn't want paper trails that could be audited and recounted. Speed of deployment was a requirement, and sloppiness wasn't viewed as a problem.

And while Las Vegas slot machines have a strong house advantage, the way the Republicans provided a house advantage in Ohio in 2004

Technical Issues vs. Market for Voting Machines

[billstewart]

A friend of mine had a voting machine startup company in the early 90s. It failed, partly because of the usual reasons startups fail, but largely because they couldn't find enough of a market for highly secure tamperproof voting machines. (The Republicans fixed that problem in the early 2000s, creating a market for insecure tamper-friendly non-auditable voting machines developed by politically well-connected big companies, but a decade earlier there just wasn't a market.)

I don't know how secure his compa

Re:

[TapeCutter]

Trust is not a technical problem and slot machines are not transparent to all parties. The speed of a manual count is also not a problem. Basically electronic voting is fixing a problem that doesn't exist, like an electronic mouse trap it's expensive, unreliable, and pointless.

Re:

[mdvolm]

Not a bad idea, except that the main source of security for a slot machine comes from the fact that it is under 24/7 surveillance. Give someone unsupervised physical access to the machine though, and all "security" is lost.

Re:use the same system for slot machines

[khendron]

I pay my bills online.
I do my banking online.
I order my shopping online...

And all those activities are the target of a significant amount of fraud. It is tolerated, though, because the savings outweigh the costs. You can't say the same for an election.

Re:

[c0mpliant]

And you think there isn't fraud in the voting system? The most easiest way you could do it is to register in a constituency to vote using the form thats sent out to houses in the lead up to elections without using the RFA3 form to transfer your vote from your original constituency. The reason a lot of people do this is because the form thats sent to each house just needs you to fill in the sections and then send it back in the post, postage free of charge. The RFA3 form requires you to fill it out, go to yo

Re:

[TapeCutter]

With manual fraud one man can effect one polling place, with computerised fraud the same man can effect the entire election, and with less risk of being caught.

Re:

[oldmac31310]

the word you want is 'affect'.

Re:

[Livius]

Both will work in this case.

Re:

[oldmac31310]

No. They won't both work.

Voting against Grammar Nazis

[billstewart]

Technically, both of them can. "affect one polling place" works a lot better, of course, and is almost certainly what the original poster meant.

But in a sufficiently badly designed electronic voting system, one fraudster could in fact "effect one polling place", instantiating it from scratch, creating fictitious voters and audit records, and get its votes included in the district-wide totals. Back in the old paper-ballot days, you'd have to show up at the Elections Clerk's office with a stuffed ballot b

Re:

[dbIII]

And you think there isn't fraud in the voting system?

There obviously is and the Indian machines were designed with that in mind - for example, even if you steal a single machine and hack it to give 100% of it's votes to whoever is paying you that has a limited impact on the total vote. Stealing a lot of machines is likely to be noticed. Others (like some of the Diebold stuff) seem to be designed to make fraud and gaming the entire system easy from a single entry point, but that is possibly more due to inc

Re:

[Cinder6]

Voting fraud is ridiculously easy (in California, at least): They don't even check your ID to make sure you're the person you say you are! Figuring out how to cheat the system on a wide scale is an exercise for the reader.

Re:

[godel_56]

Voting fraud is ridiculously easy (in California, at least): They don't even check your ID to make sure you're the person you say you are! Figuring out how to cheat the system on a wide scale is an exercise for the reader.

Vote early and often!

Voter ID Republican Talking Point

[billstewart]

Sorry, Mr. Republican Talking Point, but that's a bogus issue, which the Republicans have been using to exclude poor and old legitimate voters who tend to be Democrats. You've probably noticed that in most of the US, you have to sign your name in the book when you vote, and there are poll watchers from both major parties watching the voters sign in, and if more than one person shows up claiming to be a given registered voter, the second one notices it.

Yes, fraud is possible, and some dead people probably s

Re:

[Hentes]

Assuming that the goal is to make them secure, it's not easy. When someone has physical access to your machine you are already in a losing battle.

Re:

[smooth wombat]

If you seal the machine, instead of having USB slots on the outside, that would go a long way to prevent tampering.

Not sure why you need to have an external connector available for anyone to use anyway, other than laziness on the part of the programmers and designers.

If they can seal an ATM, they can seal a voting machine. This truly isn't rocket science.

Re:How Difficult Is It Really?

[TapeCutter]

If they can seal an ATM, they can seal a voting machine. This truly isn't rocket science.

No it's not rocket science, nor is it ATM science. Learn how and why the traditional paper systems work and one day you may understand why the quote above is 'not even wrong'.

This method is used in Sweden for example, and conducted as follows. The voter casts three ballots, one for each of the three elections (national, regional, and local), each in a sealed envelope. The party and candidate names are pre-printed on the ballot, or the voter can write them in on a blank ballot. When voting has finished, all envelopes are opened on the counting table, for one election at a time. They are sorted in piles according to party, inspecting them for validity. The piles are then counted manually, while witnesses around the table observe. The count is recorded, and the same pile is counted again. If the results do not agree, it is counted a third time. When all piles are counted and the results agree, the result is certified and transmitted for central tabulation. The count as received is made public, to allow anyone to double-check the tabulation and audit the raw data. There appears to be a high level of confidence in this system among the population, as evidenced by the lack of criticism of it." - Shamelessly C&P from WP.

The last sentance in the quote hits the nail on the head, elections are about trust, anyone who thinks electronic voting is a good idea should be asking themselves what "problem" are they "solving"?

Re:

[Grishnakh]

Wrong.

You don't give the voters access to the whole machine, you only give them access to the touchscreen monitor, and maybe some kind of keypad. If you were to be believed, then we wouldn't be able to use ATMs.

Now of course, as the other poster noted, this means you can't do stupid things like have USB or SD/MMC ports that are user-accessible.

When we talk about having "physical access" to a machine, that means the WHOLE machine, as in a desktop PC where you can put your hands on the tower case, plug in US

Re:

[sl4shd0rk]

You don't give the voters access to the whole machine, you only give them access to the touchscreen monitor,

It's not the vote which matters. It's who counts them.

Re:

[Grishnakh]

Yes, but that's a different issue altogether. If you're trying to protect a computer from people doing unauthorized things to it, like plugging in USB drives and infecting it with malware, or taking out the hard drive and copying or altering it, that's easy, you just lock it up the way an ATM does. If you're worried about authorized people (who have keys to the machine's cabinet) tampering with the vote, that's a whole separate problem, and a good reason that proprietary machines from private companies sh

Re:

[AmiMoJo]

You don't give the voters access to the whole machine, you only give them access to the touchscreen monitor, and maybe some kind of keypad.

What about the people running the polling station? They represent a far bigger risk since they have access to the machine for much longer and a voter who can reasonably spend a maximum of 10 minutes in the booth before people start to worry. Plus in the UK the booths are actually open on one side, your body effectively shielding your choice from view, and maybe Ireland is like that too. It would be hard to fiddle with a voting machine without being seen.

Re:

[Grishnakh]

If you don't trust the people running the polling station to not stuff the ballot box (in a case where you're using paper ballots), then this is really moot.

Of course, I guess with paper ballots, you can put some simple checks into the system to detect tampering, like only having a specific number of ballots printed and using magnetic ink so they're not easily duplicated. Detecting e-voting tampering would be much more difficult. Even so, by making sure that no one (or two) person is allowed access to the

Re:

[mehrotra.akash]

I guess its the anonymity requirement of the vote that makes it difficult
Otherwise, ATM's are secure, and the same technology could be applied to voting machines

Re:

[azalin]

I guess its the anonymity requirement of the vote that makes it difficult Otherwise, ATM's are secure, and the same technology could be applied to voting machines

Do you have any idea how much money is stolen every day by using duplicated bank cards? ATMs are not secure enough for this.

Re:

[Grishnakh]

That's because ATMs are stuck using 70s or 80s technology, namely easily-copied mag-stripe cards with crappy 4-digit PINs, with no encryption used at all. It's not the fault of the ATMs, it's because the whole industry refuses to move to a more secure access device. It's amazing that more money isn't stolen every day.

There's no requirement that voting machines use the same crappy access mechanism. In fact, the access mechanism would be totally different, because of the anonymity requirement; I'm just gue

Re:

[aztracker1]

I was thinking something similar... taken a step farther... if the system registers that the voter voted against one system, and the actual vote group to another system, with no correlation data between the two available, it would be reasonable to have online voting... would just need to ensure that both the registration that the person voted, and the record of the vote are separate... give the voter a token, that can be checked against their own vote record, but doesn't tie that token to their id, or that

Re:

[Grishnakh]

I think some other posters here have a good point that this whole thing really can't work very well. Technically, it could, but the potential for abuse is too great; while you could use encryption to keep things anonymous as you say, the problem is that very few people really understand that, so basically the population is trusting a very small number of people that the voting system is fair and not rigged. We've now tried electronic voting with private companies, and it's been a disaster, because these c

Re:

[Grishnakh]

Um... USA and Canada, and I'd be surprised if Europe wasn't exactly the same way. What did you think that ATM/debit card was, a high-tech NFC system or something?

Re:How Difficult Is It Really?

[pegasustonans]

How truly complex is the problem they're trying to solve?

Nothing that an old-fashioned optical scan ballot couldn't handle.

In other words, using the machine was a solution looking for a problem (and causing numerous problems of its own).

Re:

[Shagg]

In other words, using the machine was a solution looking for a problem

E-voting machines definitely solve a problem. It's just that the public's definition of a problem, and a politician's definition of a problem aren't the same thing.

For example, if you want to steal an election, physical paper voting/counting makes it very difficult to effect a large number of votes without having a lot of different people involved (greatly increasing the risk of the public finding out). E-voting machines definitely solve that problem.

Re:

[aztracker1]

In us-AZ, the ballots are optical scan AND have the person(s) you are voting for printed on the ballot... scanning is digital, and there is a physical record... works very well.

Re:How Difficult Is It Really?

[alteridem]

I believe it is actually more difficult than it would appear, mainly because you need to give people access to the machine to enter the candidates and when you do that, you are potentially giving them access to do other things. That said, the problem is not insurmountable. I would suggest open-sourcing the software and the hardware design. There are enough people that are interested in this problem that I expect that it would be well supported and potential security flaws found and fixed quickly. It would also greatly reduce the development costs. We would still need companies and governments to work together to build and certify the machines, but everyone could be working off a common, open blueprint.

Re:

[aztracker1]

Wish I had mod-points for this... for that matter, you could go to a polling site, and show your ID, they can check that you are registered, and give you a token to access an https website and cast your vote there... without correlation between your registration, and the vote token, it can be recorded, and you can check your token against the recorded vote later.

Re:

[Lithdren]

Doesn't this allow you to sell your vote, and be able to prove you voted a specific way? This opens up a big issue as well.

Boss: "Vote Democan or you're fired!"
99%: "Umm...I did..!"
Boss: "Prove it, what is your token?"

And thus, the entire thing falls apart. You shouldn't be able to prove how you voted, while needing to be sure how you voted is how its being counted. This is why its so difficult.

Re:

[Patch86]

I believe it is actually more difficult than it would appear, mainly because you need to give people access to the machine to enter the candidates and when you do that, you are potentially giving them access to do other things.

Do you mean "an admin entering the names of the candidates so they can be displayed for selection", then that's an easily solvable problem. You just give the user an unchangeable selection of "Candidate A", "Candidate B", etc., and print the names of each candidate on posters stuck on and around the polling machine. Finish the evening's count with "Candidate B wins" and then look at the table to see who that is.

If you mean "give the voter access to the machine to make a selection", then I'm not sure I under

Re:How Difficult Is It Really?

[Confusedent]

Here's what Schneier said about it in 2004:

"Computer security experts are unanimous on what to do. (Some voting experts disagree, but I think we’re all much better off listening to the computer security experts. The problems here are with the computer, not with the fact that the computer is being used in a voting application.) And they have two recommendations:

DRE machines must have a voter-verifiable paper audit trails (sometimes called a voter-verified paper ballot). This is a paper ballot printed out by the voting machine, which the voter is allowed to look at and verify. He doesn’t take it home with him. Either he looks at it on the machine behind a glass screen, or he takes the paper and puts it into a ballot box. The point of this is twofold. One, it allows the voter to confirm that his vote was recorded in the manner he intended. And two, it provides the mechanism for a recount if there are problems with the machine.

Software used on DRE machines must be open to public scrutiny. This also has two functions. One, it allows any interested party to examine the software and find bugs, which can then be corrected. This public analysis improves security. And two, it increases public confidence in the voting process. If the software is public, no one can insinuate that the voting system has unfairness built into the code. (Companies that make these machines regularly argue that they need to keep their software secret for security reasons. Don’t believe them. In this instance, secrecy has nothing to do with security.)

Computerized systems with these characteristics won’t be perfect -- no piece of software is -- but they’ll be much better than what we have now. We need to start treating voting software like we treat any other high-reliability system. The auditing that is conducted on slot machine software in the U.S. is significantly more meticulous than what is done to voting software. The development process for mission-critical airplane software makes voting software look like a slapdash affair. If we care about the integrity of our elections, this has to change."

Source. [schneier.com]

Re:

[xs650]

That goes against the primary objective of computerized voting machines, which is to throw elections the direction the people controlling the function of the machines want is to come out.

Re:

[Confusedent]

As to the first one, build the machine to randomize the order of the paper ballots. As to the second one, the only reason (I think) to have a paper ballot is in case there is a recount. If the vote comes down 70/30%, the odds that the so many have been miscounted out of a population of hundreds of millions is pretty low. If it ends up like Florida in 2000, or if there are later suspicions/accusations/whatever about the voting machines, then you do a careful manual recount of the paper ballots. I'm by no mea

Re:

[blackest_k]

Ireland doesn't have a population of hundreds of millions...
2011 total voting age 3,516,795 of a population of 4,670,976
registered 3,202,442 voted 2,243,176 turn out about 70% who were registered or 63% of voting age spoilt ballots 1%

Most area's elect 3 or 4 tds and the votes are carried out in rounds so who ever comes last in first preference votes gets their votes split according to 2nd preference and so on until there are just enough candidates left to fill the seats as a rough figure less than 13,000 vo

Re:

[Imrik]

Putting it into the ballot box doesn't mean you have to count the paper ballots, they're just there if anyone wants to verify the machine's results.

Re:

[del_diablo]

Just have all the printed out "counts" to have 3 forms of hases to find out what firmware they are running. MD5 perhaps, and a few others?

Re:

[Sperbels]

Is there something I'm missing that would make it difficult to have a kiosk with an imaged system that's been certified, locked down, and can print out results, without it being easy to tamper with or easy to fudge the numbers of?

Yes. What you're missing is that the people making them/buying them didn't want secure machines. They wanted something they could tamper with.

Re:

[azalin]

Yes. What you're missing is that the people making them/buying them didn't want secure machines. They wanted something they could tamper with.

I still have enough faith in humanity left to blame it on stupidity, ignorance, carelessness and greed.

Re:

[unwastaken]

Yes. What you're missing is that the people making them/buying them didn't want secure machines. They wanted something they could tamper with.

I still have enough faith in humanity left to blame it on stupidity, ignorance, carelessness and greed.

Read this [slashdot.org] and then tell me whether you still feel like that.

Re:

[bzipitidoo]

the people making them/buying them didn't want secure machines

I agree. The technical problems are the lesser difficulty. They are all solvable problems.

It's corruption that's really hard. There are always some who think they can use a situation like this to pull something unethical, hiding all the evidence so no one can be sure what happened. They're the ones fighting hard to keep as much as possible hidden. There is no excuse for keeping the software of a voting machine closed. So why did Diebold refuse to release source code? At least try to reduce the appe

Re:

[Shagg]

Politicians are not members of humanity.

Re:

[dvice_null]

We could solve this voting issue very easily. Every vote costs a dollar and you can vote as many times as you want. It would be no different from the current system where only the rich have enough money to advertise themselves to get voted.

Re:How Difficult Is It Really?

[EnergyScholar]

It's really, really difficult to secure electronic voting machines and the associated system. Close to impossible. Worse, what's the point? Seriously, electronic voting does nothing new, and adds many new vectors for systemic fraud. It's a losing proposition, unless you wish to defraud the voting system, in which case it's a win.

Re:How Difficult Is It Really?

[Skapare]

Electronic voting speeds up the results. But it's only the new media that wants that.

The design I proposed was a triple path election system. There would be simple machines to vote at that produce three "results": paper, storage, and communication. But it is the paper result that counts. The stored results (on a CF card) are just for verification. The communicated results are just for the media. The paper result is actually handed to the voter. It will be printed in clear text with the names of who they voted for, and a bar code or QR code to checksum the vote. They take the paper over to the ballot box area. But first, the paper is scanned by a reader right there. Then the paper is inserted into the sealed ballot box. The scanner also stores results and transmits these results separately, which are cross checked. The official results will be the paper count. But the electronic results satisfy the media hunger for instant answers.

Re:

[Bookwyrm]

The effort and cost of designing such a thing is one aspect. *Verifying* that the actual manufactured item is tamper-proof, accurate, etc. is another. For instance, if you have to secure your entire supply chain to make sure none of the components involved might have been compromised or substituted due to cost cutting (keep in mind that this does not have to be someone trying to skew the vote on purpose, it could be someone being cheap or lazy and producing something prone to errors,) then that aspect can

Re:

[Nethead]

*Verifying* that the actual manufactured item is tamper-proof, accurate, etc. is another.

Just give it to Bev. [http] She'll gladly verify it for you.

That depends on your limitations

[Casandro]

Building a voting computer which satisfies the demands for a democratic election is near impossible.
Since fraud needs to be detectable even by single uneducated voters, there minimum security would be like this:

1. Get at least 80% of your voters a degree in Mathematics and Cryptology. They need to be able to verify all the algorithms used in the process.
2. Get at least 80% of your voters fluent in reading machine code off microscope images of ROM chips.
3. Get at least 80% of your voters good at re-engineering micro controller systems from silicon up in a reasonable timespan. (e.g. 30 minutes, this might require genetic engineering)
4. Develop a form of computing device which is transparent.

The big point is, it's not enough if we have some "perfect" voting computer which 10 specialists attest to be "perfect". For a democratic election everybody who is allowed to vote must be able to check the system for fraud. With a simple pen and paper system that is trivial. You just sit at the polling station, check that only single sheets are handed out to the voters. You also check that the voting urn is empty when the voting starts and that everybody just puts in his single sheet into it. Then you check the counting for miscounts and people trying to hide votes. The total number of votes can be compared in different ways.

So everybody involved in it can check it. There is no secret knownledge involved. You can come up with the points I just wrote by yourself. You can even find the points I was missing. That's the minimum standard for voting systems, and it can be settled by the cheapest way to conduct elections, pen and paper. Why on earth should we spend a lot of money for much worse systems?

Re:

[Nadaka]

According to the CEO of Diebold, voting machine manufacturer, that verifiability is a defect. How can he promise to deliver victory to republican candidates if he does not have a way to tamper with the votes?

Re:

[Pinky's Brain]

Having a paper print out which can be checked by the voter works well enough.

Re:

[Casandro]

How does that work? Do you put the vote into an urn? How do you know the voting computer counted the vote the way it was printed?

If you put the vote into an urn, why don't you just replace the voting computer with a pen? Germany proves that to be very efficient with most voting locales finishing their duty 30 minutes after the end of the election.

Re:

[cr_nucleus]

Electronic voting will always be a democratic failure because there's simply no way to actually check the result without an output from the system itself (wich is therefore also tainted).

This is not an engineering problem, period.

Re:

[Grishnakh]

It's not that difficult, but it does require a team of competent engineers, so it does require some money and time. Apparently, the company the Irish government purchased these machines from lacks that.

Re:

[Shagg]

It seems like this is something that engineers could have designed to be foolproof by now

Are you sure they're supposed to be foolproof?

Re:

[fredklein]

As a question for the geeks and engineers of the community - how truly difficult is it to make one of these voting machines safe for use? Is there something I'm missing that would make it difficult to have a kiosk with an imaged system that's been certified, locked down, and can print out results, without it being easy to tamper with or easy to fudge the numbers of? It seems like this is something that engineers could have designed to be foolproof by now, and at a fraction of the budget. How truly complex i

Re:

[Livius]

The hard part is finding people who genuinely want voting machines that are safe. The supplier was probably shocked that the Irish government wanted to actually count real votes, because that's not the purpose of the devices they sell.

Re:

[hey!]

Well, a user readable paper receipt which the voter drops in a locked box would do the trick.

Short of that, nothing you do to try to "secure* the machines can ever prove that the machines recorded votes correctly. The simplest demonstration of this is to ask yourself two questions. Who does a system require that you trust? And can you verify whether that trust has been violated?

(1) Who do you have to trust. When you record a vote on a purely electronic voting machine, you have no proof that your vote is r

I look forward to the official statement

[poetmatt]

I can just see it now:

"Did we get screwed? I think so"

while the reality is "Maybe we should have researched this before investing"

Re:

[bugs2squash]

I think it meets the definition of criminal negligence. Someone has blown $60MM on worthless voting machines. I think that even someone who isn't a professional in the field of election automation could have spotted these flaws very quickly (if not immediately looking at the specs on paper never mind with an alpha trial).

When will there be a prosecution in this case ?

Interesting Maths

[AlastairMurray]

all 7,000 will now be scrapped for €70,000 (just over nine Euros each).

I suppose €10 is just over €9.

Re:

[rtfa-troll]

If you had READ the FINE ARTICLE; you would know that 7000 == 7500 and 9 == 9.30 and 70,000 == 70,267. Typical careless rounding of the type that can easily get the wrong person elected..

refurb/rebrand/resell

[Sooner Boomer]

Touch screen computers from Ireland? Sell them as the "New iTablets*", and "not from that fruit company either!". At 20E a piece, you could *double* your money!

*Irish Tablets, thank my Lucky Charms!

Re:

[JDG1980]

Touch screen computers from Ireland?

If there were flat-panel touch screens, or even regular flat-panel color LCD monitors, then the units would probably have been worth more than 9 euros each. I did a search and found some photos of these machines (there's one at the top of this article [thesun.co.uk]) and they don't have any of this. There is only what appears to be a two-line, character-based, monochrome LCD display, with a big row of labeled pushbuttons and corresponding LEDs below it. Cheap, generic, largely worthle

an outline for a secure voting machine

[RobertLTux]

1 have as little of the OS loaded as possible
2 the OS image should be on a readonly image (with the image FIXED no later than 14 days before an election)
3 the poll info should be on a separate image (also readonly)

the voting screen should have a hash of both images on a "rail" at the bottom so that both can be verified at random

when you vote your vote info should be etched on a metal plate (each one should be given a serial number and accounted for) that holds X votes. Also a printout should be presented to you so you can verify your votes.

if any issues show up then you
1 count the info from the plates
2 count the info from the voter "chits"

and then deal with any problems as needed (good luck tampering with all three counts)

of course then we will need to deal with the Vote Early Vote Often problems in some areas but...

Re:

[JDG1980]

1 have as little of the OS loaded as possible 2 the OS image should be on a readonly image (with the image FIXED no later than 14 days before an election) 3 the poll info should be on a separate image (also readonly)

For such a simple application, why use an OS at all? Wouldn't it make more sense to run on bare metal on a microcontroller?

Re:

[RobertLTux]

well if you could get all the bits crammed into a microcontroller then yes but even a simple (like win95 level) OS could work the point here is to have as little as possible running (so no Network Stack at all).

No verification?

[hendridm]

they could not be guaranteed to be safe from tampering [...] and they could not produce a printout so that votes/results could be double-checked.

Well, whose dumbass idea was it to leave that out of the spec? This is voting we're talking about. It's ALWAYS scrutinized.

Repurposing e-voting machines?

[oneiros27]

At the very least, all of the e-voting machines that I've seen have touch screens. I would think that someone could be able to get these for pennies on the dollar, and find a way to use the parts to build kiosks for other purposes.

The CPUs might not have the necessary power for much, but if it's just a lookup & display system, it shouldn't require much.

Re:

[Nethead]

I would think that someone could be able to get these for pennies on the dollar...

It sounds like someone did.

Re:

[bussdriver]

You must have no experience with government. Their easiest way out would be a gov auction like we sometimes have - problem is you have to be setup to do those to make them worth it and by the time we have enough junk to do an auction the gear has been sitting around for years - making computer gear kind of useless.

Then there is all the oversight and paperwork involved in doing anything. There is always some official wanting to flex their oversight muscle to show they are protecting the public and since th

Re:

[oneiros27]

You must have no experience with government

I've worked as a contractor for the federal government for the last 8 years, I've been a municipal elected official for the last 4 years, I was chief election judge for the same municipality for 4 years, I did two years of contracting for a state government, and I interned for three summers in high school with the DoD.

So, I actually *do* know how these things work ... and all it really takes it one person who knows what they hell they're doing to get these things

The question is...

[darkshadow]

could one construct a Beowulf cluster of these?

Oh boy

[fiannaFailMan]

There are times when I wish I could change my /. username.

double-checked, so they do

[Hognoxious]

The requirement for double checking wasn't part of the original spec. It's just that Irish people end every sentence with "to be sure, to be sure".

7 grand each?

[rastoboy29]

Do the math.  That's horrible.

I suppose they're out of warranty...

But the thing is...how could they ever be worth that much money?  I mean, even if they worked--why not just use paper and save 54 million euros?

Re:

[tbird81]

But then the suppliers, who happen to be quite good friends with the people in charge, would not have had the chance to make 53.95 million euros.

Voting machines are easy.

[tbird81]

I've just whipped up a quick mockup in PHP. :-D

Re:

[Chrisq]

They were really scrapped because they did not dispense a shot of Jameson's after vote completion.

That would be one way to guarantee a 100% turnout

Re:

[chilvence]

Try 'up periscope'!

Re:

[Immerman]

Yes.

More precisely they're worthless as voting machines because they're considerably easier to compromise than the pen-and-paper alternative, and it would be almost impossible to detect. Since it appears these specific machines are special-purpose devices without a lot of other applications that pretty much reduces them to scrap value.

Re:

[fiannaFailMan]

...that the state of South Carolina is the one buying them at a discount. Voter accuracy? Pshaw. What do we care?

You owe me EU 70,000. The machines are being shredded, as explained in TFA.