E-Voting Company Agrees To Let California See Its Source Code... But Includes Angry Threats

from the how-nice-of-them dept

In the ongoing effort to make sure that electronic voting machines used in public elections actually have some sort of real scrutiny, we've never had anyone convincingly explain why the source code for these voting machines shouldn't be made public. You may recall that a while back, in a post about some of the limitations being put on security experts trying to examine some of the machines, a representative from the firm Election Systems & Software Inc. (ES&S) showed up in our comments and responded to our questions not with any good reasons, but with insults to everyone here saying we couldn't possibly understand. When asked, point blank, about why he wouldn't let experts like Ed Felten and Avi Rubin test the machines, he responded by claiming that such experts are misleading in their reports and are publishing things solely for a profit motive (which is pretty laughable, if you've ever read either's writings and analysis -- which come across as exceptionally even-handed on these issues). The same guy also claimed that the e-voting companies have always willingly handed over source code to gov't agencies. Specifically he stated: "The companies have always complied with legitimate requests to test and inspect the software. They handed over their source code for review on multiple occasions and have never denied the request of any U.S. government authority to review the code or test the equipment." Of course, he didn't say they did so happily. When California came asking for the source code, ES&S certainly wasn't happy about it.

You may recall that back in March, California's Secretary of State decided that anyone providing e-voting machines in California had to withstand independent testing from a group of security experts. This seems perfectly reasonable, and it's hard to come up with any reason not to do this... unless you're a company like ES&S whose machines have been caught counting votes in triplicate, among other things. Despite the claim that they "never denied the request of any U.S. government authority," ES&S certainly resisted the requests and only handed in the code three months late, along with an angry, petulant, threatening letter to the Secretary of State warning her that the company will hold the Secretary of State personally responsible "for any prohibited disclosure or use of ES&S' trade secrets and related confidential and proprietary information." Frankly, this should be reason enough to ban the company from having its e-voting machines used in elections. If the company is so worried about having its machines tested by security experts, then it shouldn't be in the business. Furthermore, for a free and fair election, there's simply no reason that the company shouldn't be required to make the core of its system freely available so that the voters of this country can actually trust that their votes are being accurately counted. It's not a crazy request. It's about protecting our fundamental right to vote. Apparently, ES&S doesn't respect that enough to prove to anyone that it can actually build a safe and secure machine that counts votes accurately.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Pitchfork Lady, 29 Jun 2007 @ 7:13am

    Yeah! What He Said!

    Actually, no.

    I'm a representative of ES&S, and I think you're wrong on this. I could give you a whole list of reasons why, but it's a little complicated and I don't think you could understand.

    PS This comment is strictly confidential and if any of it leaks out onto the Internets, I plan to hold you personally responible.

    link to this | view in chronology ]

    • identicon
      citizenj, 29 Jun 2007 @ 7:32am

      Re: Yeah! What He Said!

      ummm....it's too early for my sarcasm detector to be fully operational, but i sincerely hope pitchfork lady's just yankin the collective chain.

      if not, i guarantee there are a giant list of reasons why source code from voting machines should be open and transparent.

      anyone have a good link to where those are documented? i don't feel like typing that much here.

      thanks,
      and if i'm off, slap me in the back of the head.

      link to this | view in chronology ]

    • identicon
      GoblinJuice, 29 Jun 2007 @ 12:15pm

      Re: Yeah! What He Said!

      Hey, you get my check?? I really need to win. =)

      link to this | view in chronology ]

  • identicon
    smUd, 29 Jun 2007 @ 7:45am

    The only thing..........

    the only thing that i dont understand is why we are using those machines.

    well that and proper grammar and punctuation .

    link to this | view in chronology ]

  • identicon
    nameWithheld, 29 Jun 2007 @ 7:48am

    ES&S

    I do not represent ES&S, but i have done election day machine support for them. (It's a three day gig around election day and some training before hand. It's kinda fun actually)

    My question about some of this is what machines? Some of their models are nothing more than a touch screen attached to an inkjet printer to fill in the circles on the paper ballot. Others do keep a running tally. Others are counters of the paper ballots. And still others count the votes of various forms of storage media. All of counters either physically or electronically (most places simply carry the media by hand) link to a central system in the jurisdiction where the vote is tallied.

    This is where human intervention comes in. It is at this point that a person can the wrong thing in the software and triplicate, quadruple, or even erase votes. My concern before you start blasting ES&S or anyone else for their machines, is to make sure that it is the machine, and not the human controlling it.

    None of your articles have ever mentioned the machines involved, never once have said where in the process the problem happened.

    What's the matter tech dirt, do you think that it's too complicated for us to understand.

    link to this | view in chronology ]

    • identicon
      Alan, 29 Jun 2007 @ 8:18am

      Re: ES&S

      I believe the real problem lies in the fact that the machines ALLOW someone to duplicate, triplicate or even erase votes....

      link to this | view in chronology ]

    • identicon
      Sanguine Dream, 29 Jun 2007 @ 8:51am

      Re: ES&S


      My concern before you start blasting ES&S or anyone else for their machines, is to make sure that it is the machine, and not the human controlling it.


      Thats the thing. In an old fashioned paper election if something seemed foul first thing to do is recount. If things still seem off and foul play is believed to be the reason the first suspects are the people handling the machines. The difference between paper and electronic is that there is no need for examining how a wood box with an opening on top was made. Yes a human may have made it but in order to rigged an old wooden ballet box you pretty much have to switch out the boxes altogether.

      With the coming of electronic ballet boxes the chain of accountability has to be reviewed. Because you now have people writing programs to do the things you just mentioned. In order to tally votes the machine must be able to tell candidate A from candidate B. What's to stop a programmer from adding a little extra piece of code that tells it give a +2 instead of +1 on a certain candidate?

      So basically I'm saying that accountabilty must be checked from ALL angles (from the programmer to courier that drops off and picks up the machines). Acting as if the code of a machine that is supposed the voice of the voting public is above reproach is just plain arrogant.

      link to this | view in chronology ]

    • identicon
      Beefcake, 29 Jun 2007 @ 9:27am

      Re: ES&S

      The machines involved is irrelevant to the argument and bringing it up is possibly just a diversionary tactic. But it's easily addressed. Voters should be confident that ANY the models operate properly, and the simplest way to accomplish that is to allow transparent, independent, third-party testing and certification. Of all makes and models.

      Regarding human intervention, if the manufacturer of the electronic system has satisfied the voters that it's equipment is solid, then we can examine the human factor confident that the fault doesn't lie in the machine. The machine which, by the way, was also designed, programmed, and built by the same fallible humans you are so quick to blame.

      link to this | view in chronology ]

    • icon
      Mike (profile), 29 Jun 2007 @ 9:44am

      Re: ES&S

      This is where human intervention comes in. It is at this point that a person can the wrong thing in the software and triplicate, quadruple, or even erase votes. My concern before you start blasting ES&S or anyone else for their machines, is to make sure that it is the machine, and not the human controlling it.

      If you're building a voting machines whose sole purpose is to accurately and securely count votes without letting anyone vote twice, you should make damn sure that "human error" isn't possible for something like multiple counting of votes.

      link to this | view in chronology ]

  • identicon
    Overcast, 29 Jun 2007 @ 7:51am

    Electronic voting should be flushed down the virtual toilet.

    Doesn't matter if it's secure or not - there's no public confidence in it, in any event. These companies putting it together have been far too shady.

    Hell, the source code should be made available to the public - period.

    After all, it's the physical unit that needs secured. It's like a bank - it's one thing to know the design of the vault, it's quite another to actually crack it.


    Counting votes in triplicate... what kind of idiot programmers do they have anyway? Is it really that hard to tally votes to a database??? Come on!!

    link to this | view in chronology ]

  • identicon
    Jeff Barker, 29 Jun 2007 @ 7:53am

    How hard could it be?

    With the complexity, elegance, and stability of modern software how hard could it be to have a reliable, accurate program that does one simple thing.......add. Proprietary source code of an adding machine? Give me a frickin break. It's taken too long, with too many "problems" to get voting machines up and running. It could not possibly be that difficult. O, I forgot. The gullible tax payers are paying for it and incompetent beurocrats are managing the process. Not too hard to tally up American Idol votes now is it? The truth is the politicians don't really want this. Why? Because of where it's leading. They fear the obvious. According to our Constitution the people rule. Our elected "officials" are representatives of the will of the people. What happens when through the Internet, the people start "voting" on every issue? And the "representatives" have no choice but to also vote according to the clear will and intent of the voting, tax paying Americans they are supposed to represent, must represent? Why the whole corrupt system of bribes, graft and "special interests" comes crumbling down. That folks, is why we've been having so many problems with electronic voting machines. They represent the future where the American people rule and not corporations and wealthy people that up-til now clearly control both political parties and almost every law that comes into existence. We no longer live in the dark ages. Technology is passing up the corrupt bureaucrats faster than they can make laws to control it. They are afraid, very afraid.

    link to this | view in chronology ]

  • icon
    Ron (profile), 29 Jun 2007 @ 8:19am

    Scratch ESS

    ESS apparently missed the deadline to turn over their source code. To my way of thinking, they missed the deadline, they are out of the running. They were petulant about turning over the source code. One more reason they are out of the running. I don't see the quote in their letter really being threatening. They were just stating that they had trade secrets that must be kept confidential. MS, Apple, etc. all do that. I guess it's just that coupled with their attitude and failure to comply that the "threat" seems more of a threat. However, overall, if they really don't want to play nice with us, then we don't need 'em.

    link to this | view in chronology ]

  • identicon
    Java, 29 Jun 2007 @ 9:02am

    The title of this thread is blatantly misleading and Tech Dirt should be ashamed for posting such dribble.

    From the links provided and the info available, this was not a threatening letter. It was purely the author stating that it had concerns over the examiners chosen and the examiners and the state would be held responsible for leaking any proprietary trade secrets. This is typical in ANY Non Disclosure Agreement and common within any industry. Every company has the right to protect their trade secrets, including ESS.

    Now, I fully agree with the state being able to review the machines and the source code and independent experts should be part of the process. However, they also have an obligation to protect all proprietary code/technology provided for their review and should be held responsible if they leak trade secrets. This should not be viewed as an "Angry Threat".

    As to the delay in providing the code, if they did not meet the states deadlines, then frankly they should be disqualified from the running. The state has the right to provide a reasonable timeline to make things available and if ESS wants to compete for the business, then they have an obligation to meet those deadlines. If they don't, then the State should just remove them from the running.

    Unless there was other info not posted that constitutes this threat, then you really should stick to the facts instead of using emotionally charged words like "Angry Threat" to try and draw readers in.

    Very disapointing journalism in this case.

    link to this | view in chronology ]

  • identicon
    SeattleGuy, 29 Jun 2007 @ 9:03am

    There's NO Confidence Left

    It's hard to imagine that after the issues in Texas and other spots around the country the various manufacturers are not jostling to be FIRST in line to have their machines and software rigorously tested.

    I'm sensitive to the question of company confidential information and I'm as concerned as the next guy that having source code available 'might' allow someone to exploit some part of the system to their own gains, and then I remember Linux. All of the source code is available for anyone to download, compile and play with. Has that caused Linux to become the number one exploited operating system? Nope, that honor remains with our friends in Redmond.

    Here's the deal. I'm signed up for absentee ballots because I don't want to walk into my precinct, find a machine and have it be too late to cast my vote after refusing to use the machine. And I would refuse to use the machine.

    ES&S should understand that the public has lost faith in the system and won't use if there is another alternative. If putting their code or their machines out there for public testing can help them regain the faith and part of the market share then they are stupid not to do it. Right?

    Or is STUPID apropos?

    link to this | view in chronology ]

    • identicon
      Java, 29 Jun 2007 @ 9:21am

      Re: There's NO Confidence Left

      Lot's of reasonable and good comments.

      However, I disagree with your comment about Linux. Linux is a niche product with an extremely small market share. Just like terrorists, if you want to inflict the most damage, you go after the crowded marketplace, not the lone bystander on the corner. In this case, the larger market share happens to be owned by MS and therefore, the more apealing target. It is not that Linux or Apple are inherrently better or more secure systems, it that they are niche players and therefore, not as interesting to hackers.

      link to this | view in chronology ]

      • icon
        Mike (profile), 29 Jun 2007 @ 9:48am

        Re: Re: There's NO Confidence Left

        However, I disagree with your comment about Linux. Linux is a niche product with an extremely small market share. Just like terrorists, if you want to inflict the most damage, you go after the crowded marketplace, not the lone bystander on the corner. In this case, the larger market share happens to be owned by MS and therefore, the more apealing target. It is not that Linux or Apple are inherrently better or more secure systems, it that they are niche players and therefore, not as interesting to hackers.

        This is simply false. Linux doesn't have an "extremely small market share." It depends on what you consider your market, but if you're looking at web servers, it has a very large market share.

        But, more to the point, it's a HUGE target, in part because of the ability for anyone who successfully hacks it to gain lots of attention for hacking such a "secure" system. So to claim that hackers are ignoring it is wrong.

        link to this | view in chronology ]

        • identicon
          SPR, 29 Jun 2007 @ 9:59am

          Re: Re: Re: There's NO Confidence Left

          That is my point exactly. Burn the source code to firmware WITHOUT an incoming port or portal. Any tampering would have to be done before hand and would be easily detectible and traceable.

          link to this | view in chronology ]

        • identicon
          Java, 29 Jun 2007 @ 11:48am

          Re: Re: Re: There's NO Confidence Left

          I am not trying to turn this into a Linux vs. MS debate. I felt there are other reasons why Linux was not a clear example. I was trying to point out that just because Linux is an open architecture that does not mean it is secure and therefore, your argument does not necessarily apply to the topic at hand of releasing source code to the public.

          link to this | view in chronology ]

  • identicon
    SPR, 29 Jun 2007 @ 9:05am

    Voting Machines

    Why would any government agency buy any voting machines without having prior approval on the source code? Why would the source code be in the form of software and not burned into firmware thus removing the possibility of someone introducing a software patch to steal an election? Why would a company be so concerned about their source code unless they have something to hide? After all, the source code is worthless to a possible competitor without a voting machine to run it on, and any company able to construct a competing voting machine can certainly develop their own software. Sounds very suspicious on the part of the company (ES&S) to me.

    link to this | view in chronology ]

    • identicon
      Java, 29 Jun 2007 @ 9:12am

      Re: Voting Machines

      No, the source code is not worthless to a competitor. If you can see how your competition does things, you can replicate it in your own products and remove a possible advantage that a competitor has.

      link to this | view in chronology ]

      • identicon
        SPR, 29 Jun 2007 @ 9:26am

        Re: Re: Voting Machines

        How is having the source code going to change the fact that you are counting yes/no votes and going to help a competitor? What can possibly be so difficult with that? That is probably a big part of the problem. These companies have gotten away from the basic objective of "counting votes" and have complicated the issue way beyond what is reasonable. I still say, it's very simple. Count ones and zeros, or yes and no votes, total them and provide a means to get the totals for that machine to a central location for tallying. The source code should be burnt into firmware without the possibility of introducing a software patch.

        link to this | view in chronology ]

        • identicon
          Java, 29 Jun 2007 @ 12:05pm

          Re: Re: Re: Voting Machines

          You are significantly trivializing the issue. Counting the votes is a very simplistic way of looking at this issue.

          I don't have any experience with these machines to know what all is involved, but I have been involved in other s/w projects that were essentially DB applications and that provided reasonably simple functions such as counting. However, these applications were much more than a simple adding machine. Releasing the source code to the public would have put these vendors out of business. I am sure that is what ESS is concerned about. The amount of market data gathered by these machines would be exceptionally valuable. They could easily determine voting tendancies of specific districts. They could determine how long a person took to vote on a topic or candidate. They could use data to determine effectiveness of campaign efforts.

          Release source code would expose all their functions/features that competitors could copy. This would put them at a competitive disadvantage. Therefore, yes, they have the right to protect their IP. Mandating that a private company release their IP is completely wrong and goes against a free market society.

          Now, again, I believe that because they are providing a service to a population via Govt. Contracts, the Govt. has the right and obligation to the public to ensure that these machines operate correctly and with accuracy. Having independent experts review the code and ensure the correct operation is completely within the Govt. right to do so. However, I believe the Govt. also has the responsiblity to ensure that the IP is completely secure and not open to the public. If the code does get out and is traced back to the experts, then the govt. should be held accountable.

          Furthermore, opening the code to the public only adds risk that the system security.

          Burning the code to a prom and locking it down is good, but from a support perspective is inefficient. This limits the ability to update code as improvements are made. This would consume more resources and drive up costs. This would be a bad business model.

          link to this | view in chronology ]

          • identicon
            SPR, 29 Jun 2007 @ 1:16pm

            Re: Re: Re: Re: Voting Machines

            "The amount of market data gathered by these machines would be exceptionally valuable. They could easily determine voting tendancies of specific districts. They could determine how long a person took to vote on a topic or candidate. They could use data to determine effectiveness of campaign efforts."

            You are over-complicating this. We DO NOT want the voting machines to do a "market analysis", just count the votes.

            As far as "updates", how many updates could there possibly be when counting ones and zeros? New math, perhaps!!

            Burning the program to a ROM and having it verified for accuracy and validity before insertion into the machine, lock down the machine with a good locking mechanism, an alarm system and a battery backup that allows legitimate voting, even without power.

            link to this | view in chronology ]

          • identicon
            Brian, 29 Jun 2007 @ 2:03pm

            Re: Re: Re: Re: Voting Machines

            "market data gathered by these machines would be exceptionally valuable. They could easily determine voting tendancies of specific districts. They could determine how long a person took to vote on a topic or candidate. They could use data to determine effectiveness of campaign efforts."

            Already freely available! Voter registration, and how often you vote are available for 2.5 cents per name at voterlistsonline.com

            If you want to harvest WHOM I voted for, then I suggest you have a good lawyer. Voting Rights section of Civil Rights Bill (among many many others) if I remember correctly.

            "Furthermore, opening the code to the public only adds risk that the system security."

            Again, a fundamental misconception. Security through obscurity is dangerous. Ever hear of peer review? Science mags do it. Imagine a scientist claiming he achieved cold-fusion but couldn't say how because of the security risk to his idea. Wait, that happens and those guys get laughed at...

            "Releasing the source code to the public would have put these vendors out of business"

            How??? These ppl shouldn't be selling the SOFTWARE! The value they bring is in their HARDWARE: nice touchscreens with a tape-roll. Competition should depend on ease-of-use, reliability, ergonomics, life-span, etc. Again, how many different ways can you count 1+1+1+1? Maybe the interfacing with components might be proprietary but if this ia vased on GNU Linux in the first place they ARE BREAKING THE LAW by not sharing the derivative code.

            Of all the arguments for free software, the code THAT COUNTS OUR VOTES should be free and open to ANYONE to inspect. You want to sell the State a fancy box that runs the code, go for it!

            link to this | view in chronology ]

  • identicon
    NTDave, 29 Jun 2007 @ 9:48am

    Source Code

    Giving out your custom source code is the equivalent to having unprotected sex in an African brothel. There is a reason that software companies obfuscate their source code in that besides becoming hackable, it allows anyone to copy their work.
    Besides, IF the source code were available, it would make it that much easier for the Republicans to rig an election, or have we forgotten GW's illegal occupancy of the White House?

    link to this | view in chronology ]

    • identicon
      SPR, 29 Jun 2007 @ 9:56am

      Re: Source Code

      Good God, give it a rest!! This is about source code, not your political fasist views!!!

      link to this | view in chronology ]

      • identicon
        Charles Griswold, 30 Jun 2007 @ 5:15pm

        Re: Re: Source Code

        Good God, give it a rest!! This is about source code, not your political fasist views!!!
        Silly SPR, on the Internet everything is about politics, religion, or both.

        link to this | view in chronology ]

    • identicon
      Anonymous Coward, 29 Jun 2007 @ 11:06am

      Re: Source Code

      "Besides, IF the source code were available, it would make it that much easier for the Republicans to rig an election, or have we forgotten GW's illegal occupancy of the White House?"


      I'll forget it around the same time that I forget that John F Kennedy had the election rigged to have dead people vote for him. Both sides have corruption, give it a rest. This is about the source code on adding machines. It MUST be available.

      link to this | view in chronology ]

  • identicon
    Chris Brand, 29 Jun 2007 @ 10:11am

    What use is source code ?

    Even if the company were to give you every version of the source code it has, you still have no way of knowing that it corresponds to what's actually running in the machine.

    You could maybe come up with a system where you build it yourself (although you'd have to trust the tools you use to do so) and then re-program the machine with the result (but not through a bootloader, because you can't trust it - you'd have to use something like a JTAG probe).

    You might just about get all the machines done in four years, I guess :-)

    link to this | view in chronology ]

  • identicon
    name, 29 Jun 2007 @ 10:34am

    may take a minute or two, but

    why dont we just do what we've always done........count the damn things by hand. if its screwed up then you know who's to blame.

    there maybe 300 million people in the US, but only a few million actually vote.

    is it really that big of a deal?

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 29 Jun 2007 @ 10:49am

      Re: may take a minute or two, but

      People (especially news outlets that promise the "latest coverage") are already impatient enough that takes until well after night fall to get the results.

      I agree that hand counting may be the most accurate but in today's society of wanting everything fast and convinent not many people would be willing to give speed for accuracy.

      link to this | view in chronology ]

      • identicon
        name, 29 Jun 2007 @ 12:41pm

        Re: Re: may take a minute or two, but

        i do agree with you, but considering the potential consequences of being inaccurate maybe someone should suggest to these people to take a damn chill pill.

        link to this | view in chronology ]

    • identicon
      reed, 29 Jun 2007 @ 10:52am

      Re: may take a minute or two, but

      "there maybe 300 million people in the US, but only a few million actually vote.

      is it really that big of a deal?"

      Only if you actually want people to participate in the democratic process.

      I personally believe that Bush has proven all the US needs is a dictator that has direct communication with God. Strange how similar he is to the terrorists he hates so much.

      Check out Hacking Democracy for some great clues on what is really going on with e-voting

      http://www.youtube.com/watch?v=GzPXer7946E

      I really can't believe that GEMS actually outputs election results into a read/writable excel file. Amazing the amount of stupidity, but then again this is what happens when we let the fascists privatize everything with no oversight (Deregulation, ohhhh yeah!).

      link to this | view in chronology ]

      • identicon
        name, 29 Jun 2007 @ 12:58pm

        Re: Re: may take a minute or two, but

        i doubt e-voting machines are going to revolutionize our democratic process.

        so what. it takes a few days to tally the votes. its more accurate. isnt accuracy the backbone to voting? if u cant count them right why even vote? perhaps the reputation of these machines are causing alot of people to think twice about even casting their vote. seems potentially pointless.

        then again anyone can find a way to do anything so i say screw voting and we have these people joust for office!

        - just my opinion

        link to this | view in chronology ]

  • identicon
    Mitch the Bitch, 29 Jun 2007 @ 10:47am

    Check the Mgt Plitical affiliations

    My guess is these are a bucnh of libs that think they can get away with 2006 again in 2008. Does ANYONE REALLY believe the Democrats won anything? I don't. It's either the machines or the illegal aliens voting that PUT the democrats in power. We now see how well that is working out eh....

    link to this | view in chronology ]

    • identicon
      SPR, 29 Jun 2007 @ 11:13am

      Re: Check the Mgt Plitical affiliations

      The Republicans do what they can to steal elections, but they are mere amateurs that are competing with pros that have been registering and voting cemeteries for years.

      link to this | view in chronology ]

  • identicon
    Rich Kulawiec, 29 Jun 2007 @ 11:15am

    Even source code's not good enough

    Suppose the source code's disclosed. Suppose (and this is
    highly optimistic assumption #1) that it's published for open
    peer review, and that, amazingly, it's found to be bug-free.

    Not good enough.

    Q1: How do we know that the compiled executable
    was built from that source code?

    Q2: How do we know that the compiled executable
    was built correctly, and without build system-installed
    back doors? (See "Reflections on Trusting Trust" by
    Ken Thompson.)

    Q3: How do we know that the executable is being
    executed properly? That is, that the hardware hasn't
    been modified or replaced in order to subvert the code?

    Q4: How do we know that the counting systems "upstream"
    from the voting machines are tallying correctly?

    And so on.

    The point being that not just the source code, but the
    entire system (the voting machines, the tallying machines,
    the communication networks connecting them, the processes
    used to operate them, etc.) needs to be secure/accurate.

    Moreover, it needs to withstand concerted, clueful, very
    well-funded attacks (See "How to Steal an Election" at
    Ars Technica as well as Bruce Schneier's analysis of the
    likely level of funding available to attackers.)

    I don't think that's possible at this time -- and it's certainly
    not possible while vendors of such systems are content to
    lie, lie, lie rather than candidly admit and promptly address
    the issues.

    Time for pencil and paper. Yes, it's onerous, and yes it
    too can be subverted by sufficiently-clever attackers --
    but it's much more robust. And I think preserving
    confidence in the integrity of the voting process --
    REAL confidence, not ersatz confidence based on the
    statements of the well-paid professional spokesliars
    working for voting machine vendors -- is worth the
    supposed inconvenience.

    I don't mind waiting 3-4 days for presidential election
    results if that's what it takes to ensure that the correct
    candidate is declared the winner.

    link to this | view in chronology ]

  • identicon
    Amaethon, 29 Jun 2007 @ 11:31am

    Re: Re: Re: There's NO Confidence Left

    It takes roughly 10 seconds to detach a chip, reattach it to another board, flash the firmware, and reattach to initial board. The only REAL way to secure a machine is to remove it from the public place and lock it away in a vault with no key. Not exactly ideal, especially in this case.

    What I REALLY don't understand, is why the government doesn't just do this in-house? They have a team of security experts already monitoring their networks no? Have them test it, if its political worries, have each political party select a 3rd party vendor to test it and check the source. As for the machine itself, it should be connected to a VPN connecting it to a central machine, monitored by a selected member of each political party. The voting machine would have to be under complete lock and key except for a touch screen for data-entry to complete the vote. The vote itself would be sent to the central machine and NOT stored on the voting machine.

    link to this | view in chronology ]

  • identicon
    Brian, 29 Jun 2007 @ 11:37am

    trade secrets?

    "for any prohibited disclosure or use of ES&S' trade secrets and related confidential and proprietary information."

    This has ALWAYS killed me about the election machine fools. What, exactly, is the trade secret they are trying to protect? This isn't rocket science, esentially just a 1+1+1+1+1+1+1=? problem.

    I could understand if this was a highly sophisticated system, but it isn't. For instance, right now I am working on the design of a new 911 integration system that link to displays in patrol cars. This was a HIGHLY competitive contract, and those we beat would love to see how our stuff works. If California wants to look at our code, they'd have to sign all sorts of stuff.

    But this is fundamental code and fundamental to our continued liberty. They are hiding something.

    link to this | view in chronology ]

    • identicon
      SPR, 29 Jun 2007 @ 11:48am

      Re: trade secrets?

      I agree with you. It is counting ones and zeros. It is not rocket science. They are hiding something.

      link to this | view in chronology ]

    • identicon
      AnyMouse, 29 Jun 2007 @ 12:41pm

      Re: trade secrets?

      What, exactly, is the trade secret they are trying to protect? This isn't rocket science, esentially just a 1+1+1+1+1+1+1=? problem.

      The problem is that the 'trade secrets' are that it's not a simple 1+1+1 = xx, it's more:

      If candidate = foo then
      count = count + 2
      else select case (random 3)
      Case 1
      count = count + 1
      Case 2
      count = count
      Case 3
      count = count -1
      End if

      foo = the candidate that the voting company president guaranteed the results to (this would be GWB in the case of diebold). If it got out that they were manipulating the results, they they wouldn't be able to guarantee any locations, and their political kickbacks would dry up, so obviously they have a lot of 'trade secrets' to protect.

      link to this | view in chronology ]

  • identicon
    Brian, 29 Jun 2007 @ 1:52pm

    open = secure

    "to point out that just because Linux is an open architecture that does not mean it is secure"

    Linux is secure PRECISELY because it is open. Anyone can audit the code for flaws, and plenty do.

    link to this | view in chronology ]

  • identicon
    Jack Tramiel, 29 Jun 2007 @ 4:54pm

    The Source Code

    Hey guys, I have the voting machine source code right here. It was written in Atari BASIC:

    10 REM *VOTE COUNTER*
    15 PRINT "Please Select Candidate 1, 2 or 3:";
    20 INPUT A
    25 IF A=1 THEN TOTAL1=TOTAL1+1; GOTO 15
    30 IF A=2 THEN TOTAL2=TOTAL2+1; GOTO 15
    35 IF A=3 THEN TOTAL3=TOTAL3+1; GOTO 15
    40 IF A=0 THEN GOTO 50
    45 GOTO 15
    50 PRINT "CANDIDATE 1 RECEIVED ";TOTAL1;" VOTES"
    55 PRINT "CANDIDATE 2 RECEIVED ";TOTAL2;" VOTES"
    60 PRINT "CANDIDATE 3 RECEIVED ";TOTAL3;" VOTES"

    I think this program appeared in Antic Magazine some time in the 80s.

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.