Comments by California Secretary of State (http://news.zdnet.com/2422-19178_22-331148.html?tag=nl.e539)

This would be an important step forward.

It has to be an improvement. I've seen code for some popular voting machines (not Diebold) and the security is a joke.

It can be open source, and that's fine. It gives people a warm fuzzy feeling........ Just the same as the votes do not count when you control who does the counting......the code doesn't matter unless you control who does the compiling. I wouldn't trust the code unless I compiled it myself, and then I would not expect (nor want) anyone else to trust that I did it honestly.

If YOU cannot physically SEE your specific vote being counted.......it is a flawed system. Yes, our system is already a flawed one.

It can be open source, and that's fine. It gives people a warm fuzzy feeling........ Just the same as the votes do not count when you control who does the counting......the code doesn't matter unless you control who does the compiling. I wouldn't trust the code unless I compiled it myself, and then I would not expect (nor want) anyone else to trust that I did it honestly.

If YOU cannot physically SEE your specific vote being counted.......it is a flawed system. Yes, our system is already a flawed one.

I understand what you are saying (I think).
I would prefer not to have the machines at all, but if we are going to have them, then open the code to as many eyes as possible.
I would also suggest that the results be open as well. All readouts open and available.

I understand what you are saying (I think).
I would prefer not to have the machines at all, but if we are going to have them, then open the code to as many eyes as possible.
I would also suggest that the results be open as well. All readouts open and available.

They already are *supposed* to be. The problem is that polling stations have been illegally destroying the readouts. There were hundreds of videos of people going behind polling stations to find the poll records either shredded or thrown in the trash, or both. Without them, there is simply no way for a person to be able to say "hey, let me see how that machine said I voted".

but if we are going to have them, then open the code to as many eyes as possible.

That doesn't mean anything if you can't see it being compiled(and even then most of the shit being output isn't human readable) as TRIGRHAPPY said. It would just give people a false sense of security. It's really easy to add a few lines to a C[++] program that would call upon a module that would flip votes if one side was not to the module's liking

That doesn't mean anything if you can't see it being compiled(and even then most of the shit being output isn't human readable) as TRIGRHAPPY said. It would just give people a false sense of security. It's really easy to add a few lines to a C[++] program that would call upon a module that would flip votes if one side was not to the module's liking

And you think that none of the happy hackers that study code to find vulnerabilities would notice it?

Open source code is checked by many more eyes than proprietary code that is only seen by a few developers.
That is why bugs are caught sooner, and systems are more secure. As a vulnerability is found it is widely known. As opposed to code that is hidden.
As I said, I would rather paper ballots, but IF we have machines, then let the code be out in the open so it can be reviewed.

And you think that none of the happy hackers that study code to find vulnerabilities would notice it?

Open source code is checked by many more eyes than proprietary code that is only seen by a few developers.
That is why bugs are caught sooner, and systems are more secure. As a vulnerability is found it is widely known. As opposed to code that is hidden.
As I said, I would rather paper ballots, but IF we have machines, then let the code be out in the open so it can be reviewed.

Unless you can disassemble the software that is on the voting machine that was compiled by the company that put it there this will mean nothing. Of course software hackers won't find anything in the code they have but they will still have no access to the code on the actual machines just what they are being told is going on the machines.

Unless you can disassemble the software that is on the voting machine that was compiled by the company that put it there this will mean nothing. Of course software hackers won't find anything in the code they have but they will still have no access to the code on the actual machines just what they are being told is going on the machines.

That is the whole point of OPEN SOURCE. To make the software freely available to everyone. To make it verifiable.
As it is now, it is not. Not without borderline illegalities. Some have crossed the "line"only to find irregularities. Some have done it to highlight the lack of security and flaws in the present system.
Have you ever looked into Black Box Voting?
http://blackboxvoting.org/

Oh and more here,
http://www.bbvforums.org/forums/messages/9707/17129.html

That is the whole point of OPEN SOURCE. To make the software freely available to everyone. To make it verifiable.
As it is now, it is not. Not without borderline illegalities. Some have crossed the "line"only to find irregularities. Some have done it to highlight the lack of security and flaws in the present system.
Have you ever looked into Black Box Voting?
http://blackboxvoting.org/

Oh and more here,
http://www.bbvforums.org/forums/messages/9707/17129.html

The point is: ok, you go to the machine webpage and download the whole code, checked and see that it is correct. No manipulation there.

BUT, how do you know that is the same code that was used on the machine? How do you know they did not compile a different version of the code and put it into the machine?

You have access to the C, C++, Assembly or whatever language they used for the program. That's all good except you won't have access to the assembled program. They could do a number of things to it.

It can be open source, and that's fine. It gives people a warm fuzzy feeling........ Just the same as the votes do not count when you control who does the counting......the code doesn't matter unless you control who does the compiling. I wouldn't trust the code unless I compiled it myself, and then I would not expect (nor want) anyone else to trust that I did it honestly.

If YOU cannot physically SEE your specific vote being counted.......it is a flawed system. Yes, our system is already a flawed one.
Yup, you are exactly right.

Open source code is nothing more than a Red Herring. There are some many threat vectors into those machines and the tabulation system, that the code base used is really an irrelevant discussion, which is precisely why Debra Bowen is focused on this...its a Diversionary Vector.

P.S. Did anyone notice the first video at the linked page in the OP?: Future cloud apps won’t need humans

If YOU cannot physically SEE your specific vote being counted.......it is a flawed system. Yes, our system is already a flawed one.
I completely agree with this. I've done research on [electronic] voting systems and the most important aspect of any system should be transparency and open-auditing. Some counties have even gone as simple as scanning every [paper] ballot and posting it online for people to tally and verify themselves. I don't trust anybody but myself to count my vote.

http://www.openvotingconsortium.org/

It can be open source, and that's fine. It gives people a warm fuzzy feeling........ Just the same as the votes do not count when you control who does the counting......the code doesn't matter unless you control who does the compiling. I wouldn't trust the code unless I compiled it myself, and then I would not expect (nor want) anyone else to trust that I did it honestly.

If YOU cannot physically SEE your specific vote being counted.......it is a flawed system. Yes, our system is already a flawed one.

But if it was open source multiple parties could oversee the compiling of the code just
like "poll watchers" watch the polls.

That doesn't mean anything if you can't see it being compiled(and even then most of the shit being output isn't human readable) as TRIGRHAPPY said. It would just give people a false sense of security. It's really easy to add a few lines to a C[++] program that would call upon a module that would flip votes if one side was not to the module's liking

Have the code compiled by a dozen trusted sources and load one at random.

But if it was open source multiple parties could oversee the compiling of the code just
like "poll watchers" watch the polls.
Public viewing the of code base, and the codebase itself, are just one small aspect of a much larger election system.

For example, there is no meaningful auditing system built-in to the current configuration. Auditing an electronically run election requires another separate system to audit the first.

Then we have the fact that there is no way to confirm that the tally actually represents the voter's actions in the voting booth, while also maintain anonymity.

The system is flawed by it is very nature. Which is precisely what it was introduced in the first place. These discussion about how to modify small elements within this system will not achieve the objectives sought by the public, but will merely extend the use of this system.

It is true that this is just one aspect. As I said, I would rather not use electronic voting, But it is a present FACT of life.
Paper ballots can be forged, or lost also. So verification and transparency are also necessary.

This is a question about electronic voting, Which we have and will have in the foreseeable future.
I would rather have the code used by the machines OPEN to scrutiny, than the present CLOSED and HIDDEN code that is in use.
There will always be some that will try to manipulate the results. I would welcome any effort to make that more difficult.

It is true that this is just one aspect. As I said, I would rather not use electronic voting, But it is a present FACT of life.
Paper ballots can be forged, or lost also. So verification and transparency are also necessary.

This is a question about electronic voting, Which we have and will have in the foreseeable future.
I would rather have the code used by the machines OPEN to scrutiny, than the present CLOSED and HIDDEN code that is in use.
There will always be some that will try to manipulate the results. I would welcome any effort to make that more difficult.
You cannot audit the results, and it doesn't matter whether the code base is open source or not. There is no baseline to audit from, there is no way to track the results back to the voter's action.

To acquiesce to this system is to acquiesce to the notion that our republic is a fraud, right at its core. I am unwilling to make that sort of concession.

P.S. Yes, all election systems are subject to manipulation. But at least manual systems can be audited against the voters action. With a computerized system, the results can be totally and completely fabricated, and no one would know, not even the election officials.

You cannot audit the results, and it doesn't matter whether the code base is open source or not. There is no baseline to audit from, there is no way to track the results back to the voter's action.

To acquiesce to this system is to acquiesce to the notion that our republic is a fraud, right at its core. I am unwilling to make that sort of concession.

P.S. Yes, all election systems are subject to manipulation. But at least manual systems can be audited against the voters action. With a computerized system, the results can be totally and completely fabricated, and no one would know, not even the election officials.

I do not know where you get the false impression that it can NOT be audited. IT CAN.
Having the code open to thousands of programmers is several countries, gives the most chance to catch any shenanigans.

This is just one group,
http://www.bbvforums.org/forums/messages/1954/1954.html

This is just one test,
http://www.bbvforums.org/forums/messages/1954/79341.html?1228247349

Now put thousands of these together, and enforce laws that are already on the books.

Unless you have access to the compiled program the source code means nothing.

Poll watchers supposedly guard against corruption at the polls, there is no reason there couldn't be "watchers" at the programming level.

Unless you have access to the compiled program the source code means nothing.

Do you have any understanding of OPEN SOURCE??

http://www.opensource.org/


Open source is a development method for software that harnesses the power of distributed peer review and transparency of process. The promise of open source is better quality, higher reliability, more flexibility, lower cost, and an end to predatory vendor lock-in.

I do not know where you get the false impression that it can NOT be audited. IT CAN.
Having the code open to thousands of programmers is several countries, gives the most chance to catch any shenanigans.

This is just one group,
http://www.bbvforums.org/forums/messages/1954/1954.html

This is just one test,
http://www.bbvforums.org/forums/messages/1954/79341.html?1228247349

Now put thousands of these together, and enforce laws that are already on the books.
It was teh outcome of extensive testing in Ohio.... of a real live election. That is where this conclusion came from.

Unless you have access to the compiled program the source code means nothing.
And then there is the discussion of which system codebase we're talking about....

- recording devices
- tabulation devices
- recording device authroization cards


Oh, then there are data base configuration and security, like on the PC Cards that carry the recording machine device totals, and how those totals are transferred from the recording device to the card and then from the card to the tabulation readers.

There are just so many damn nodes in this system where the transaction across the node cannot be confirmed or audited.

And then there is the discussion of which system codebase we're talking about....

- recording devices
- tabulation devices
- recording device authroization cards


Oh, then there are data base configuration and security, like on the PC Cards that carry the recording machine device totals, and how those totals are transferred from the recording device to the card and then from the card to the tabulation readers.

There are just so many damn nodes in this system where the transaction across the node cannot be confirmed or audited.

Most of what you are talking about is DIEBOLD technology.

It could be done much more simply with an open source system.

There are just so many damn nodes in this system where the transaction across the node cannot be confirmed or audited.

I am no fan of electronic voting, I am also opposed to lax, inept, and corrupt voting officials.
But your logic is flawed,
You take IS NOT being done to conclude CAN NOT be done.
I believe that it can be done, and in a much more Honest, OPEN and transparent manner.

Do you have any understanding of OPEN SOURCE??

http://www.opensource.org/

Do you have no understanding of programming?

The source code may be freely available, but once you compile it, there's no way to know exactly what code is in the program...period. The exception here are languages like Java, in which the "source code" is not compiled into a binary until runtime. Even with java, however, whoever wrote the compiler/interpreter controls the program being run with it.

So while diebold could release a copy of its source code to every person on earth for editing and improvements......in the end, the code is put back in control of Diebold for compiling and installing on the machines.

Do you have no understanding of programming?

The source code may be freely available, but once you compile it, there's no way to know exactly what code is in the program...period. The exception here are languages like Java, in which the "source code" is not compiled into a binary until runtime. Even with java, however, whoever wrote the compiler/interpreter controls the program being run with it.

So while diebold could release a copy of its source code to every person on earth for editing and improvements......in the end, the code is put back in control of Diebold for compiling and installing on the machines.

Haven't your heard - DIEBOLD IS DEAD.

Shot themselves in the foot one too many times.

But another will raise up in its place. There is no reason why the code could not be in the custody of an elected official who is monitored to keep him honest.

You install programs in your computer all the time, don't you?

I love Big Brother.

non-electronic immaculate paper trail & public hanging for vote fraud.

99% of issue resolved and voter confidence restored.

I agree...

As for everyone else stating that open source is better, have a look at dwm...http://dwm.suckless.org/ ...DWM is a window manager I use regularly, you can find the source code right at that site, and it has to be compiled to make any changes to it. So do you think I run that code you see, or have I made changes to it?

I agree...

As for everyone else stating that open source is better, have a look at dwm...http://dwm.suckless.org/ ...DWM is a window manager I use regularly, you can find the source code right at that site, and it has to be compiled to make any changes to it. So do you think I run that code you see, or have I made changes to it?

I believe that a serious study would have to be done. Even with paper voting there are chain of custody issues.

The bottom line is that people have to:
1) understand that the vote is broken.
2) want to fix it and put honest government into office.
3) continue to watch an make sure those who are in charge STAY honest.

Most of what you are talking about is DIEBOLD technology.

It could be done much more simply with an open source system.
My comments apply to ALL the current technologies that have been deployed.

I am no fan of electronic voting, I am also opposed to lax, inept, and corrupt voting officials.
But your logic is flawed,
You take IS NOT being done to conclude CAN NOT be done.
I believe that it can be done, and in a much more Honest, OPEN and transparent manner.
Have you actually worked in the election space? Do you understand the political realities of all of the players in the game, and their interests?

The technology issues are actually only approx 10% of the problem. The rest is political, financial, commercial and concentration of power.

Have you actually worked in the election space? Do you understand the political realities of all of the players in the game, and their interests?

The technology issues are actually only approx 10% of the problem. The rest is political, financial, commercial and concentration of power.


Do you believe those realities could be brought down by a truly PISSED-OFF and educated American public?

I do.... I pray I'm right and I'll get the chance to see it.

Do you believe those realities could be brought down by a truly PISSED-OFF and educated American public?
Absolutely!