- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
So what's the lesson here?
Never trust input coming from the user. Error check and validate the F@^$ out of it. Also, gracefully handle errors.
Not that it applies so much to how this system went down, but you get the idea.
Admin
Beat me to it. That must have sucked lugging the dumb terminal, the 400 ft of serial cable, extension cable....
Admin
I thought "they'd bloody BETTER be able to handle electrons!" untill I read it again...
Admin
Of course in the 1970s, hackers knew what hacking meant.
Admin
Admin
FATAL RUN23 ERROR 66 had a strong platform and especially appealed to voters in the South. If it wasn't for VAX-gate, he would have won in a landslide.
Admin
Then, we'd know which legal team is suing The Daily WTF.
Admin
Horrible idea- ballots need to be secret ballots. If people can have their vote verified outside the polling place, it opens up whole new avenues of corruption. Specifically vote buying (they can pay you after verification) and extortion (want to keep your job? Better vote with the boss).
Before you say this is an exaggeration- it's already happened. It was commonplace in late 1800s and early 1900s America.
A better idea is this- vote on an electronic machine, let it print out a scantron or traditional paper ballot with no identification. Drop that in a box on the way out. Let the machines count, but follow it up with a full paper recount. If the paper recount matches with the results of the machine count within a reasonable error, keep the machine count. Otherwise do another full recount of the paper ballots. Keep the two matching counts after the second recount.
Admin
Well, if computers can't even count, what are they good for?
Admin
Did anybody else see the ad on the left for some 'web development' school, saying "Build the Web", with a picture of some slouching kid wearing a '1337' t-shirt? Doesn't seem like the best promotion for the demographic around here...
(Obviously, it ought to be a hot Irish girl wearing a '1337' t-shirt...)
Admin
No.
Well, maybe to the politicians who get voted for that way, but not for people who actually care about democracy.
The main issues are to make voting fraud nearly impossible, to ensure the secrecy of the vote and to convince the general populace, including most sceptics with good reasons to have trust in the security - in that order.
Simply gaining the confidence of the voters is not enough. This can be achieved rather easily with a number of dishonest methods (read: propaganda), and without actually securing the process.
Sure, confidence of the voters is important, too, but if experience with computer security has taught us anything, then it's if you want to do it right, you need to worry about the actual security first, and then about the appearance of security/confidence of the users. Do it the other way around, and you're headed for disaster.
Admin
So, I've been Googling, and haven't found any references to back this story up. Can anyone come up with a source?
Admin
he said a random ID, if u don't want to be blackmailed u can throw the paper away and not check....what makes you think that even one paper ballot would match one electronic one, i could easily sabotage ur district by throwing/not throwing a phony vote into the box, results don't equal=invalid.
personally i wish my country does electronic voting in the near future.
Admin
For all the ridicule that punch-card systems took over hanging chads and the like, I thought it was a pretty good system. You can easily run the cards through the reader again to do a re-count. Because the cards are also human readable, you can run a small sample through the software and hand check. If someone wants to get serious about it, you can recount the whole thing by hand. If you suspect the reader is defective, you can run the cards through a different reader. If you suspect the software, you could run the same cards through independently-written software. Etc. The only way I see to scam the system is to physically damage or destroy the cards or sneak in extra cards.
But with the newer all-electronic systems, there is no way to double check. If the computer wrote a record incorrectly -- whether due to a bug or deliberate vote fraud -- I don't see how you could ever even know, much less prove it. I don't know the specs for the system. If it maintains a record of every vote, you could run other software against the same data. But if the data was corrupted -- again, accidentally or deliberately -- how would you know? And if all it keeps is counts, there's absolutely nothing to check against. As long as a secret ballot is also a goal, there is no independent source for verification.
The main catch to the punch cards is that chads can fall out with handling. I'd think that mark-sense forms, like are routinely used for tests in school, would be superior, though it would probably be better if they were done on a card instead of a sheet of paper for handling purposes.
When I lived in Ohio they printed out a little strip of paper with your votes as you went along. But trying to do a re-count against those pieces of paper would be extremely tedious -- you can't process them mechanically, so the only possible recount is people going through these strips by hand. And you can no longer be assured of a secret ballot: Someone could come to the voting booth after you left, pull out the strip, and see how you voted.
It seems to me that if the people who program the voting machines wanted to cheat, they could easily put in code that would deliberately miscount by 5 or 10% and how would anyone know? I mean, if you rigged the program so that your party got 100% of the vote, people would surely be suspicious even if they didn't know anything about programming. But most elections are fairly close. If your party really got 47% but you fudged the numbers to make it look like you got 52%, no one could really be sure that anything was wrong. Of course you'd want to change votes rather than creating new ones so you don't show 110% voter turnout. Surely a creative programmer could find a way to bury a miscount in some confusing code so that even an auditor would be likely to miss it, and do it in a way that even if you are caught you can plead that it was a mistake and not deliberate fraud. It might be a lot of work but with all the hundreds of millions spent on electrions, surely either party could afford to pay someone for a few months or a year to do such a job really skillfully. It makes me wonder what sort of auditing they do on this. Not only would you have to carefully study the code, but then you would have to somehow insure that the code that ran is really the code that you audited. The normal procedures that people use for that sort of thing, like checking CVS logs or file dates and sizes, would be woefully inadequate against deliberate fraud where the fraudster is going to falsify those things.
Of course if it turns out that it's people from MY party who are programming these machines, then disregard all the above, the system is foolproof and absolutely secure and anyone who questions it is a demagogue or a sore loser. And probably a racist, too.
Admin
Job security.
Admin
Job security.
Wasn't smart enough to hit the quote button.........
Admin
Admin
Testing and security? I ask you, how likely is that? It's not something we've really gotten right so far...
Admin
Admin
with modern computers, we can have the results ahead of time:
http://www.theonion.com/content/video/diebold_accidentally_leaks
Admin
Because life is stranger than fiction.
This really happened, as about 600,000 people can attest to.
Admin
Admin
Are you really that stupid, or did you miss your nap?
Let me guess, you're one of those programmers that don't "get" pointers?
Admin
Yea random ID was supposed to infer no personal information would be related to it, it would be generated at the time of the vote, and all you would see in the public viewable site is a list of random ID's that voted for person X. So you give your personal info on entering the voting location - to verify you are registered etc, then vote, and are given a paper that is now completely anonymous, only you know it is yours. I hadn't considered bullying, though and I suppose you could still bully/bribe a person with this fashion, simply force them to show you a card they have as record of voting, and check it online, however as a briber/bully you would never be 100% sure that was actually the person. Hmm, interesting point regardless.
I never said it was a simple problem but its one I think we can still find an elegant solution for. Keeping a copy both a hard copy (card dropped in a box on the way out) and randomly selected audits at least is a good idea, somebody else said something about invalidating results by adding in fake cards...I think we can reasonably assume that we can create some kind of system for preventing that, be it as simple as the ID's generated are the only valid ones, or creating a proprietary bar code system, you know...watching to make sure somebody doesn't drop in 10 pieces of paper...lol...whatever.
Admin
I'm in the mood to listen to some blorps. Anyone have any MP3s?
Admin
Admin
Admin
Sure that's one way to achieve transparency. I can't figure out why governments use voting systems without knowing for damn sure they work. That'd be like a nuclear power plant buying design software without testing in first....
Admin
Even with public scrutiny, software is way too complex to just visually inspect. You'd have to certify the OS, any runtime layers, and the client/server code of the voting application. Billion lines of code. And even if it's perfect code, who's to say that the machine's aren't tampered with? There's no secure chain of custody for voting machines. They just sit in a dusty county warehouse for 11 months and 3 weeks of the year.
Admin
Computer voting isn't that hard. I figure I could develop the system in a day, debug it over the course of a week, and then spend a month or so on a correctness proof.
Admin
No... But the last week or so I've been entertaining myself with an early 80's TV show, so I've become used to the idea of watching people walk into an appropriate building to do something. I must say I laughed when I first saw them use a pay phone. How quickly we forget...
If they ever bring in computer based voting in Australia, I'll be hoping for that. For those that don't know, we have compulsory voting here for government elections... Last state election I handed in a black ballot paper because the options were either the moron running the show already, or another loser that spent most of his time before the election showing off his red Speedos.
Admin
E-Voting : paraphrasing : the "main"..."so that"..."convince"..."believable" what language is that C#, Java, erlang ?
Admin
If we ever bring it in nationally, we should probably use something based on the already-successful electronic voting system used in the A.C.T. (fully open - source and specs available online), but I fear that our politicians will instead be suckered into using the "superior" systems as used by the Americans...
Admin
Yes, I passed the college on my way home from school. It was Temple University, in Philadelphia, PA. I rode the subway to and from school, so it was easy to just get off a few stops early and spend some time in the computer building, which was once a church (Church Hall?). It was easy to find account numbers and passwords in the trash, and I was able to access the system via card decks, Decwriter terminals, and 200 User Terminal remote job entry systems. One program in particular that I remember playing with was a chess program that was developed at Northwestern Univerity, Chess 3.5. For some reason, my friends and I were rarely challenged even though we looked out of place.
Admin
Well if YOU can't find any proof then it MUST be made up.
Admin
http://graphics.stanford.edu/~danielrh/vote/vote.html
Admin
Go vote for X, and bring the paper or I'll break your legs.
Admin
The Real WTF is
that the Irish Girl is gone! ;(
Admin
Solaris was written in 1961, although I've never heard of anyone trying to compile it. There were two film adaptations though.
Admin
What is it with people not knowing the difference between "infer" and "imply" these past few years? Did you all go to the same school or something?
Admin
Personally I wish that script kiddies who think it's cool to type u and ur as words in their posts would go back to /. where they belong and let the grown-ups talk. (Hint: That would include u and ur friends.
Admin
I'm voting "all of the above". Stupid, sleepy script kiddie who knows nothing.
Admin
I learned Fortran 90, or as we called it "Fortran - The Avenger!"
Admin
Brings to mind an interesting Game Theory article I read years ago: You might naively thing that having more choices is always to your advantage, because if a choice is undesirable, you could always just not do it. Right? Not necessarily. The example given in that article was that the government had just passed a law limiting how much of a pay raise companies could give their employees (as an "inflation-fighting" measure). This was surely to the advantage of many employers: "Hey, I'd love to give you a big raise, but I can't, it's the law." Or in this case, not having any way to prove how you voted could be to your advantage if someone is threatening you or bribing you.
Oh, reminds me of an issue that was on the ballot near where I lived a few years back. A city wanted to annex some land, and under state law they had to get a majority approval of all the people who owned property there and met some other requirements. Turned out in this case only ONE person met all the requirements, and I rather gathered that the city had paid him off to vote yes. Even with a secret ballot, he would have had a rather hard time lying about how he voted.
Admin
These are the optical scan ballots and counting machines (or very similar ones) used in my location, and I think that these, or similar ones, are now required in all of Illinois.
http://americanhistory.si.edu/vote/resources_optical.html
The ballot is one or more sheets of paper, aproximately 12 by 18 inches (WxH), and at each voting position there are two arrow-like marks - to vote you just connect the two arrows with a marker pen (supplied at the polling place).
You hand feed your ballot pages into the counting machine, and if you've messed up the ballot (say by overvoting), it beeps at you and offers your ballot back to you. Otherwise the ballot is sucked into the ballot box attached to the base of the optical scanner.
These basically satisfy all the requirements you might have. The ballots are clearly and legibly marked in a human readable form, and can be recounted at whim, and not secrecy issues are raised. They're also very easy to use, and the connect-the-arrows approach seems harder to mess up than the x-in-the-box or fill-in-the-circle forms. The major downside is that you have a large-ish and floppy piece of paper (or two or three) to manhandle...
In short, Illinois got this one right.
One thing that Illinois does not requires is, IMO, an adequate level of auditing (IMO, a random sample of about 5-10% of the ballot boxes should be hand counted after all elections - but that's not a new problem).
Illinois also provides (or at least intends to provide) at least one touch screen electronic voting machine at each polling place. These are often easier for people with disabilities to use, which by itself is probably enough reason to keep them. Unfortunately these do not, yet, have an adequate, IMO, paper trail. OTOH, the substantial majority of votes, judging by the goings on at my polling place, are on the optical scan ballots, so it's a somewhat limited problem (and a target of limited temptation), but still one that should be fixed.
Frankly the biggest issues lie with absentee/early/mail-in ballots.
Admin
Hmmm, that sentence either means that you are calling pizzabutt god, or you are calling god dense...
Admin
Admin
In Fortran on the CDC 6000, reading an EOF was OK. There was an EOF() function you could call after the READ statement to check for eof. Performing a READ after the last READ returned EOF without doing a REWIND caused the error.
If you will notice the error message said: ***** READ PAST END OF FILE ON FORTRAN UNIT 5 ******
"READ PAST END OF FILE" not "READ END OF FILE". ------
-- Old Fart Former CDC Kronos 2.1 Systems Programmer (circa 1976)
Admin
It is not beyond the wit of man to devise an entirely paperless electronic voting system that, for example, transmits an encrypted version of the transaction to a central point as a back-up. Allowing this to happen from anywhere other than a manned and official polling centre would, of course, be an invitation to fraud. Within those parameters, however, you're talking about little more than the average monetary transaction at the corner store.
And before anybody says it: yes, I know, fraud is still possible. However, if I were to choose between risking a $10,000 single-transaction fraud or a 10,000 vote fraud, one at a time, I suspect that ... oh hell, I'd just re-float Enron and fling money at the bastards.
And no, current voting machine technology doesn't make sense, is insecure, and is provided by companies that have a vested interest in not knowing what they're doing.
But that's not the point.
Admin
How much time more do you need to tweak a bit the program for me to be elected whatever without any visible glitch in the code? I'll give you 1 million $ for that, seems fine?
A good programmer is the worse thing that can append to e-voting, except for a bad one.
E-voting is a really bad idea. If you understand a bit computers, search the web for more informations. There are plenty of material to convince any technicaly-minded people that such a system is a failure by design.
Maybe just start by Bruce Schneier text (already mentionned), you certainly already know him: http://www.opendemocracy.net/media-voting/article_2213.jsp
Yannick