ES&S Sues Former Workers Over Taking Buggy, Vulnerability-Filled Code

from the why-would-they-bother? dept

Michael Scott alerts us to the news that e-voting firm ES&S has sued two former employees, claiming copyright infringement over code they took with them from ES&S, along with additional trade secrets. I have no idea whether or not this is true, but all I can ask is "why?" As has been documented time and time again, ES&S's e-voting code has a ton of problems. Remember, these are the machines that have been found to have serious security vulnerabilities, with some serious bugs, such as adding votes to the wrong election, calibration problems that lead to people voting for the wrong candidate, and bugs that resulted in phantom votes. And ES&S is the company that knew about some of these bugs, and let them be used in elections anyway. So if you were going to go off and start your own e-voting company (and it's not clear these individuals did that), wouldn't you be better off starting from scratch?
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: copyright, e-voting, software, trade secrets
Companies: es&s


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 9 Sep 2009 @ 5:45am

    Why would you want to start from scratch when the entire point is to sell elections to the highest bidder? Bugs are the perfect scapegoat to avoid going to jail!

    link to this | view in thread ]

  2. identicon
    NullOp, 9 Sep 2009 @ 6:19am

    Good Point!

    AC makes a good point. Elections can be sold, stolen and rigged. There is no better culprit than the computer. Since day one, workers, world over, have used "the computer did it" as an excuse for whatever.

    link to this | view in thread ]

  3. icon
    Money Mike (profile), 9 Sep 2009 @ 6:44am

    I think the main thing to realize is that whether it's buggy code or not, it's still complete code and it just can't be all bad. I'm sure there are pieces of it that work well and are quite valuable, so why not use it and build on top of it?

    However, even if they consider it "complete" and use it as is, then why shouldn't they? If ES&S can use it as is, why couldn't a competitor? More importantly, if these guys are taking code and trade secrets from their former employee, do you really think they would let integrity stand in the way of profit? Keep in mind that they did come from this shady company in the first place.

    link to this | view in thread ]

  4. icon
    Money Mike (profile), 9 Sep 2009 @ 6:46am

    Not Surprised

    I think the main thing to realize is that whether it's buggy code or not, it's still complete code and it just can't be all bad. I'm sure there are pieces of it that work well and are quite valuable, so why not use it and build on top of it?

    However, even if they consider it "complete" and use it as is, then why shouldn't they? If ES&S can use it as is, why couldn't a competitor? More importantly, if these guys are taking code and trade secrets from their former employee, do you really think they would let integrity stand in the way of profit? Keep in mind that they did come from this shady company in the first place.

    link to this | view in thread ]

  5. icon
    Dark Helmet (profile), 9 Sep 2009 @ 6:59am

    Question:

    What reasonable person can take a machine that "have serious security vulnerabilities, with some serious bugs, such as adding votes to the wrong election, calibration problems that lead to people voting for the wrong candidate, and bugs that resulted in phantom votes" and NOT realize that this is a purposefu endeavor?

    Are we so far gone as a "free" nation that we are no longer all that concerned when the machinations of VOTING are so flawed as to render the whole process meaningless?

    link to this | view in thread ]

  6. identicon
    hmm, 9 Sep 2009 @ 7:03am

    When i installed word, I didn't have to "calibrate" the software so it knew when i pressed A that I wanted the letter A on screen, I didn't have to worry that if I clicked File/Save that it would (without telling me) decide to change the font size.

    All this stuff about "calibrating" votes is 100% bullshit. Its a simple matter of "if button A is pressed then candidate A's votes=candidate A's votes+1.

    I've never been sure why these companies claim that their software is so difficult to fix and make sure votes are correct. the only "difficulty" involved is making sure the software has a reasonable level of security (a basic web-connected interface with 2 buttons that sends info on the button pressed (encrypted) would be sufficient...and virtually hack-proof as theres nothing to actually exploit in there.

    link to this | view in thread ]

  7. icon
    Spyder (profile), 9 Sep 2009 @ 7:06am

    Re:

    You are obviously not a programmer. Debugging bad code is much harder than writing good code the first time. A simple flow chart or UML diagram would be more helpful than the code, either of which can be easily memorized and are generic enough that a claim would be next to impossible.

    link to this | view in thread ]

  8. identicon
    Geoff, 9 Sep 2009 @ 7:08am

    Not the point

    Your attempt to excuse employee theft of code is quite flawed. Simply put, sloppy code or not, it belongs to the company, NOT the programmer. Something you fail to mention.

    Now if they want to start from scratch and write their own evoting code, they are free to do so.

    link to this | view in thread ]

  9. icon
    Sean T Henry (profile), 9 Sep 2009 @ 7:22am

    The problem is not

    The problem is not that ES&S thinks that the two employees will start a competing company with the crappy software. The problem is that they do not want the crappy code released showing how bad it is.

    link to this | view in thread ]

  10. icon
    R. Miles (profile), 9 Sep 2009 @ 7:48am

    Start from scratch? This isn't the 70s, Mike.

    So if you were going to go off and start your own e-voting company (and it's not clear these individuals did that), wouldn't you be better off starting from scratch?
    Better yet, why not take what's broken and fix it, as this would be faster than starting from scratch and get the business up and running much faster.

    I would speculate these employees may know exactly what's wrong with the code in order to take it to begin with.

    That alone should make one wonder about it. But hell, what do I care.

    Corporate America owns every damn politician anyway, so it doesn't matter who gets "voted" in.

    link to this | view in thread ]

  11. icon
    Chronno S. Trigger (profile), 9 Sep 2009 @ 7:54am

    Re:

    "When i installed word, I didn't have to "calibrate" the software so it knew when i pressed A that I wanted the letter A on screen"

    No, but if you have a touch screen display (like most voting machines), you have to calibrate it to make sure that when you hit the A on the screen it types A instead of the S beside it. That's still something that should be insanely easy and should be a one time thing.

    link to this | view in thread ]

  12. identicon
    Anonymous Coward, 9 Sep 2009 @ 8:33am

    If those guys had access to the code they probably worked on it. They got paid to write the code so the company 'owns' it but can you really steal your own work?

    link to this | view in thread ]

  13. icon
    anymouse (profile), 9 Sep 2009 @ 8:45am

    I'm with Miles

    "I would speculate these employees may know exactly what's wrong with the code in order to take it to begin with."

    I would go a step farther and say that perhaps these two are the ones who were 'encouraged' to break the code in the specified manner in order to get it to do what ES&S wanted it to do (Dropped votes, misplaced votes, phantom votes.... these sound like designed 'features' to me). Nothing pisses off a programmer more than taking the excellent work they did and asking them to 'break' it in specific ways. Perhaps these two got tired of all the crap and decided to take their code so they could clean it up to do what it was intended to do, not what ES&S Twisted it into.

    What better way to shut them up then to drop them and file suit against them. If they did stand up and say ES&S made us write 'buggy' code on purpose, who would believe them now?

    Or perhaps my tinfoil hat is just a little tight today....

    link to this | view in thread ]

  14. identicon
    TheStupidOne, 9 Sep 2009 @ 8:49am

    Re: Re:

    but if it is a problem ... USE AN F*ING MOUSE AND KEYBOARD

    everybody i know has used a mouse before and even if you haven't it is pretty intuitive, and even if you still have problems poll workers can help you out.

    link to this | view in thread ]

  15. icon
    chris (profile), 9 Sep 2009 @ 8:56am

    Re: Re:

    You are obviously not a programmer. Debugging bad code is much harder than writing good code the first time.

    sure if you intend to use the code to build products from.

    if you just want to sell it to competitors or to people interested in rigging elections, then the bugs (0dayz) contained in the code are worth more than the completed code.

    link to this | view in thread ]

  16. identicon
    pferland, 9 Sep 2009 @ 8:57am

    Re: Good Point!

    As someone in IT, I refuse to accept that as an excuse.

    link to this | view in thread ]

  17. identicon
    hmm, 10 Sep 2009 @ 6:13am

    OK so these things need "calibrating"..change them..have a big RED button for candidate 1...big blue button for candidate 2....etc etc...no calibration..no touch screen, just an on-screen picture of the person you voted for with "you have voted for "...please press the button again to confirm

    link to this | view in thread ]

  18. identicon
    hmm, 10 Sep 2009 @ 6:19am

    final note...i assume there aren't 26 buttons on a voting screen..."please type the name of your candidate here..spelling errors invalidate your vote"...

    so why isnt the screen simply split into large chunks, where calibration wouldn't be needed.
    You press for your candidate..it comes up with "you have chosen....NAME.....are you sure?" with big yes/no buttons underneath.

    Then shows a final third screen "you voted for NAME...vote recorded"...no fancy interface just plain text...

    That way if the vote suddenly "accidentally" goes to the wrong candidate we'd have 100% proof that the election was rigged and whoever created the voting machine could be charged with treason.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.