What is Digg?Sponsored by openforum.com
5 Trends That Will Shape Small Business in 2010 - John Jantsch view!
openforum.com - I think we will see small business owners finally start to embrace the following five significant expansions in the New Year.
88 Comments
- Elsewhere42, on 10/23/2009, -1/+79About damn time! I won't trust an electronic voting system until three conditions are satisfied:
1. All software is Open Source and available for public inspection
2. All hardware "as build" schematics available for public inspection
3. Voting machines are controlled and regulated in a matter similar to the gambling machines in Nevada. (A technician can't fart without it being logged.) - holychicken, on 10/23/2009, -2/+59We need to move to the digital age when it comes to voting. I understand the distrust of a closed system like diebold. However, if we could be relatively assured that this code was getting into all of the machines, that would be great.
Open sources means we know what is going on under the hood. I hope this story gets some lovin'. - Langford, on 10/24/2009, -1/+25My cynical prediction:
The open code will be reviewed, as it should be, and one or more bugs will be seen, as is normal. The corporate supporting politicians will then treat the one or more bugs like it is the end of the world, and FOX news will declare it to be an attempt to destroy America. TV ads will air, and somehow we will end up with a cowardly bill being passed that makes it illegal to use. - seanmc303, on 10/24/2009, -0/+20No. Coding this is not the hard part. Proving and convincing everybody that this solution is secure and impartial without money to bribe politicians is the hard part.
- loconet, on 10/24/2009, -1/+20Direct link to source code for the various components: http://github.com/trustthevote
- Shadic, on 10/24/2009, -0/+13Back before the elections, I was talking to my Grandma about this, and she pays quite a bit of attention to politics and what not. She came up with a pretty genius solution that would be amazingly transparent regardless of what's in the machine itself.
When you vote, you'd get a paper printout with something like a 15-digit code. It'd be randomized, of course. After the elections, ALL votes are posted online, listed next to the random key that everybody is given after voting. That way, you can not only check to see if your vote was counted, but that it was counted correctly. You could even make the slips that are printed on hard to modify - Something like the dollar bill.
Perhaps one more technical than I could find a hole in it, but I think it would work. - trs21219, on 10/24/2009, -0/+13actually you are completely wrong. linux is open source and is considered to be very very secure because of that fact. same goes with firefox. security through obscurity is completely the wrong way to go about it because any hacker that would have the balls to hack a voting system can already get the sourcecode. when its available to the public then security professionals around the world can look at it and test it for flaws instead of just the people a company has on their payroll.
you also have to remember that the voting machine companies are in it as a business, if an 11th hour bug is found right before election time do you really thing that they are going to say stop all elections so we can produce, test, and deploy a fix. no that would make them look unreliable and weak and would make them lose the contract with whatever entity licensed those voting machines.
again you totally are missing the point of open source software. - hikaruzero, on 10/24/2009, -0/+11I think too many people get caught up on #1 and don't realize the importance of #2 as without it, #1 is next to worthless (although #3 is also rather important; the code needs to be available publicly but who can modify the code needs to be extremely strictly monitored and logged [and released publicly]).
- seanmc303, on 10/24/2009, -1/+11I would say that is highly unlikely.
- SickIcarus, on 10/24/2009, -2/+10I'm no programmer, but I would say "yes" - simply because the goal is to develop something thats essentially hack-proof. As everybody knows, theres really no such thing, only deterrence. Its like I tell my clients who ask me about security - if somebody really really wants to access your data (or in this case to manipulate it), then they're going to.
At least with open-source theres a fighting chance - with so many eyeballs looking at the code, the chances of critical flaws are greatly reduced. The danger comes when a flaw is discovered too close to an election to do anything about it. - the8thbit, on 10/24/2009, -0/+7Right, because open source systems are so insecure compared to their proprietary counterparts. How many Linux bot nets are there again?
- seanmc303, on 10/24/2009, -0/+7"Would it be wise to trust or vote in a completely Open-source system?"
YES
It would be a lot more wise to trust an open source system that can be reviewed by anyone than trusting a hand full of corporations with our voting. Security though obscurity is always a bad policy. Is Windows the most secure OS on earth. Microsoft may tell you it is, but people know Windows security record. Is Linux secure? The US Navy, stock markets, banks, most websites, and others seem to think so. Linux is not 100% secure but all of its source code is available for full review. - seanmc303, on 10/24/2009, -0/+7@CrudOMaticCrudOMatic,
People can make software that looks like other software to the point that any user would not know that they were not running the original software. Being proprietary does not stop that. People use their computers with Trojan viruses every day without knowing that their computer has been compromised. How does proprietary software have an upper hand here?
It is possible to validate that software is legitimate with hash checksum key verification, but I'm not making the argument for voting software to be on voting machines. We can agree on the physical weakness of security of voting machines. I think using an open source web based voting system is the way to go. Then any citizen with the skills could review the voting system code any time they want. What is so wrong with that. Personally, I think it would be a good thing if citizens could review their voting system rather than trusting corporations with our voting system. - Khast, on 10/24/2009, -1/+7But under the current system that would never fly...everything has to be secretive so it can be modified....for a price.
- ugetab, on 10/24/2009, -0/+6Personally, I think an idea I heard a few months ago about having a code to look up the results of your own vote would greatly improve confidence in the system. If a third party was given the option to tally and confirm the votes, then all they would have to do is ask several statistically random people to get data out of said database as proof that it's accurate, and you could be reasonably sure that it was correct, assuming of course that one could find a way to legally and safely access said data without compromising election information or personal privacy.
- xamox, on 10/23/2009, -8/+13The sad thing is people think we live in a democracy when really it's a republic powered by financed politicians and lobbyist.
- CrudOMatic, on 10/24/2009, -0/+5Your Grandma is a smart cookie
- thecoolestguy, on 10/24/2009, -1/+6No, it's SUPPOSED to be a republic, but people think it's supposed to be a democracy, which allows for an unlimited government that benefits the oligopoly that fund the candidates.
- seanmc303, on 10/24/2009, -0/+4@A11YND, who ever said this system was physically available? The voting software they are building appears to be web based. That would be the same as trying to plug a flash drive into e-bay.
- seanmc303, on 10/24/2009, -0/+4If the voting system had a real time http api multiple parties could track the voting results and verify the data was not manipulated after the fact.
- seanmc303, on 10/24/2009, -1/+5Has it lied to you? Let you down? Did you fall for the lures of a certain so called Nigerian prince needing help with his money?
- Culyt, on 10/24/2009, -1/+5I wouldn't say they are particularly insecure, but I would prefer a language that is focused on security from the ground up. As for what language, I don't know. NASA use Ada for space shuttles (or they used to anyway), power plants used Fortran (or was it Cobol?).
Firstly python is more resistant to bugs, but in some ways that is a bad thing, you want to ensure that you know what all the memory is doing, you want it to be a nightmare to program for because everything should be doing exactly what it is supposed to. Python doesn't have compile time error (since there is no compile time). Python is much easier, more flexible and quicker too code in which is great, but sometimes you want a system to be as hard ass as possible, this is one of those times. You don't want flexibility since the system is only doing one thing, the flexibility itself could be a security problem.
For example I managed to crash a computer in a museum that was running an Internet browser on a locked down system by shift+clicking a whole load of times and opening new windows until it ran out of memory and then fired up solitaire. This wouldn't have happened if it hadn't been for the fact that there was a whole HTML browser and OS just to display some basic textual information and pictures.
Python is more complex in its execution since its a scripting language, more levels of complexity produce more areas for manipulation (could the interpreter itself be manipulated rather than the script?).
I wouldn't trust Python in a life or death situation (ie a medical robot, heart monitor, jetfighter, etc...), the respective industries don't either, there are good reasons.
Ideally the voting system would be an embedded system since there is less chance for manipulation if it is designed right. For example on the hardware level you have something that makes a hash of the firmware and generates a random image based on it and puts it directly to the screen or some LED lights or stamps it on the vote stub (like those avatars on some blogs generated from usernames). That way if a specific machine is altered in a specific place there is a visual difference.
You should ensure that the systems are rock solid, test them over years and have mock elections and then freeze them at a point, ensure that stuff is publically available (so we can generate the hash image at home and ensure the code on the systems is the same). Make sure there is no way to patch the system after that point (there was that whole thing with the programmer that claimed he was told to rig the system to give faulty results). Burn the firmware onto a write once chip. Solder it directly onto the motherboard, encase it in that epoxy crap console developers add on to stop modchippers. You do run the risk of ***** it up in a major way and loosing money/time but that why you get this set up years in advance and have thorough testing.
The only thing that should be changeable is the basic election configuration (ie the names, photos, election year) so they can be reused next year (or if someone has a heartattack the night before), and then you have to be sure that someone can't do something like swap the names around so people are voting for the wrong person by ensuring that those are the names that are used on the vote system rather than some ID number that isn't seen by the end user, or that someone doesn't manipulate the GUI pictures to make an option appear invisible, by ensuring that the text is the last thing drawn and that it has an outline to stop someone making the background black with black text. (I would guess that would be re-themed each year).
The seL4 microkernel was machine checked to ensure it was secure with mathematical proof, the same should be done here. - seanmc303, on 10/24/2009, -0/+4That argument is so two + years ago. Yeah yeah yeah, Twitter Fail Whale. A national election system would probably get a fraction of twitter's daily traffic.
- Culyt, on 10/24/2009, -1/+4I think we should also have a system where the vote databases are publicly available (without personal information, and only if there is a minimum number of people so off sore drilling voters or whatever don't get screwed).
Also it would be cool to have a system where a voter can go and call up their vote by using some kind of random UUID so they can verify their vote later. Unfortunately you can't do that publicly as if people can verify their votes they can have their votes brought since there is a way to prove who you voted for.
Maybe if its only possible in a secure location, one where you walk into a room, someone flags a terminal to allow you exactly one lookup, you scan in your printed off barcode and the vote is recalled, there are still issues though since you could scan your friends barcode). All votes should have a physical punch card produced in front of the voter in a transparent case that is dumped into a bin and they should be checked later no matter if there is any concern of voter fraud of not.
The problem is you have no way to tell if a vote booth has been tampered with to ensure that a vote for one person doesn't randomly count as a vote for another. With a physical copy that is less of a problem, but it sill is an issue since you can't be sure a physical vote is legitimate either (in my punchcard example it would be possible to just make a machine that does them all, so maybe the paper itself has to have a UUID and be signed with a digital signature printed on it. Ensure the machines scan in what paper is used as its used so unused paper can't be used to fake physical votes. - seanmc303, on 10/24/2009, -0/+3"Why mix both? They are basically the same language. That seems kind of stupid."
I get what you're talking about. Python and Ruby both fulfill the same programming need. Maybe they wanted to reach out the the python developers out there to include them. I don't know. Personally, I would agree that fragmenting the technology is a strange and maybe bad choice. - Smokeydabear, on 10/24/2009, -1/+4seems like a good idea
- bwdigg, on 10/24/2009, -0/+3Very good idea. One issue left to deal with, though, is what happens if you find your vote is listed differently than the way you voted? Who do you complain to, at what point are they required to recount? Could cranks claiming their votes changed (when they didn't) be able to clog up the process and stall any result?; or would people claiming so when their votes actually changed be ignored?
Maybe the whole thing could be web-based. You get a code, and vote on the web with that code. You could check it to there online to make sure it agrees with what you voted, and you could also look at the voting result at any moment. And you could change your vote up to some deadline (and alarms would be set to go off if suddenly, right at deadline, the overall result changes noticeably).
Problem there could be that votes might not be secret (say, in case of a domineering spouse), or could be reliably bought (people buying a vote could get the "code" to verify by themselves whether the vote was the way they paid for). Those problems might mean that voting would have to be done in a restricted public setting, and a person would only be allowed to check a single code on returning to the setting before the election deadline.
Overall, not as simple a problem as it looks, but I think this is still a good approach to work from. - AgmLauncher, on 10/24/2009, -0/+34. They must be sufficiently regionally isolated from one another such that if the system is breached at one point, it doesn't give the ones who breached it access to the rest of the system.
- seanmc303, on 10/24/2009, -0/+3What language would that be, and how is python or ruby insecure? Please enlighten me in detail.
- seanmc303, on 10/24/2009, -2/+5Let people vote online. Voting machines are prone for fraud. Most sane people trust the internet for handling their banking, tax filing, investments, etc. Why not voting? A very well designed public voting website could be the most secure way of handling voting. If many university's computer science programs and thousands of coders tests this for security, I highly doubt there will be any significant security vulnerabilities.
- rpgmakr, on 10/24/2009, -0/+3Why no paper voting? No machine is exempt of hacking. It's not the same the guy that get his bank account stolen that a ***** presidential election.
- InactiveUser, on 10/24/2009, -0/+3icfshop needs a good month of DOS.
- seanmc303, on 10/24/2009, -0/+3@Culty, I have never got such an excellent response on Digg. Thank you.
I agree with you on many of the points you brought up. My only observation about the software is that they are building web based software. So I do not believe they are trying to make client software that can be distributed and used in voting kiosks. There are a couple advantages that Ruby and Rails have that make them excellent technological candidates from my perspective.
Ruby has the ability to be written in a highly readable syntax that would make it very easy to be reviewed by many people.
Rails has been designed to be used with test suites. It would not surprise me if > 10x the amount of the application code was dedicated to the testing of such system. I am not saying that you can't write tests for other languages and frameworks, but I will say that the testing frameworks for Rails support some of the most easily maintainable and readable code I have ever seen in my life.
Another plus I would give to the choice to using Rails is that it is a framework of convention. Anyone who knows how Rails works can easily review any other Rails app. If the application developers constructed some convoluted or even unique way of engineering the software, the software would not be as easily reviewable.
I do agree with you that scripting languages have "magic" that happens behind the scenes that could lead to issues if the issues were not considered or tested for.
The trade-off for the choice of technology in my mind is being able to write highly reviewable, readable, maintainable, and concise code VS. faster, and strictly typed.
Ada and Fortran are a dying languages where Ruby and Python are emerging. I could understand if they chose to use Java, C, or C++ because of the ability to write strictly typed code and due to the adoption of these languages. If they were writing for embedded devices or for a client-side application, I would demand that they use Java, C, or C++. But for the reasons I have stated, I think Python and Ruby are great choices for the web application they are building. - biggestprick, on 10/24/2009, -0/+3These ***** need to be reported by everyone, every time they post this *****. Maybe if we can keep getting their crap removed, they will stop wasting their time ***** with us on Digg.
- seanmc303, on 10/24/2009, -0/+3@CrudOMatic, I do not know how you define "knee-jerk reaction", but I think I have been posting relevant rebuttals to your comments.
"A system is composed of many parts, the software may be 100% secure, but what about the open source hardware? what about encryption (if it exists on these machines), what about REPLACING THE SOFTWARE with a modified version?
These questions have still not been answered. "
The software this project is currently developing is web based software that will run on servers. I would wager that they will be using hardware from proprietary vendors for the web and database servers. They will not be crafting their own servers. I'm absolutely positive they will be using encryption. It is relatively easy to update software on web servers you have control of in your data center.
If you want a proprietary option, I will bet that you will be able to vote from your computer using Internet Explorer. - the8thbit, on 10/24/2009, -1/+4Yes, I suppose 'hackers' will be happy, in the rms sense of the word. Not so much in the Hollywood sense, as an open source system would be far more secure than what we have right now.
- JoeCool51, on 10/24/2009, -0/+3Voting Machine vs. Vegas Infographic
http://media3.washingtonpost.com/wp-dyn/content/gr ... - bwdigg, on 10/24/2009, -1/+3Clearly a comment from someone who hasn't the least clue about programming or hacking.
- king_aaronj, on 10/24/2009, -0/+2It's good to see someone of digg who knows what the founding fathers really intended when they started this country. :)
- seanmc303, on 10/24/2009, -0/+2@Culyt, good point about the likely hood of real-time results swaying the final result.
I wish we had a tiered voting system in the states. - the8thbit, on 10/24/2009, -1/+3*ahem*
Linux bot net.
It sounds pretty strange to you, doesn't it? That's because it never happens. Linux is the most common operating system on the planet, and yet, bot nets and viruses are virtually unheard of.
This is because Linux is an open source operating system. Because of this, anyone can review the code, and thus, pretty much any security hole gets detected. - Culyt, on 10/24/2009, -0/+2Great idea, would also make the news more interesting with live statistics but you do need to verify that the polling stations are not sending out false votes.
There might also be the potential for the vote to be influenced by the partial results, for example why would I vote for someone who is loosing. This could cause problems when voting booths in one place that are heavily in favour of on political party open ahead of a different party. You could try and make it illegal for the media and anyone authorised to access the api (if its not public which would need to be the case for keeping it under raps) to release the results ahead of time but realistically its going to leak.
Here in Australia it isn't such an issue since we have a tiered voting system. You can vote for someone who has no chance of winning and not throw away your vote since it will just go onto the next person you selected. - mattmeow, on 10/26/2009, -0/+2Actually I think this is the way to go. There are countless security / identification measures that could be put in place.
- seanmc303, on 10/24/2009, -0/+2CrudOMatic, how is it that Windows has so many viruses wrote for it? Many hacks reverse engineer compiled code with decompilers to see the source. Are you saying Windows is not WIDELY HACKABLE? If millions of people have the opportunity to review a project, yes there will be a percentage of those people who try to find exploits for their own malicious intentions; however, most of those who review the code will be patching any security holes. The software they are making looks to be web based. Web based software is much less susceptible to attacks than desktop applications.
We have already seen how the proprietary Diebold machines have been hacked. We need to try a new option. - seanmc303, on 10/24/2009, -1/+3It is great to see that the software is wrote in Ruby on Rails and python
Rails:
http://github.com/trustthevote/ElectionManager
http://github.com/trustthevote/registrar
python:
http://github.com/trustthevote/tabulator - A11YND, on 10/24/2009, -0/+2Linux is by far the most common Operating System on the planet. I know Linux is pretty cool guy and doesn't afraid of anything but you're just living delusion if you believe it to be the most common OS.
- bwdigg, on 10/24/2009, -0/+2But you made a comment with your opinion of how this would work out. So your opinion has no basis? Exactly what I was suggesting. Hacking doesn't work like you assume.
What makes closed source code for voting secure, at ALL, from it being rigged to steal elections? Only by it being checked and its executable code recheckable by other programmers who know what it is supposed to do and what it's final image should be. In other words, by its being closer to open source code. The closer to open source, the more secure it can be from this kind of complete, devastating takeover (unless you assume real hackers are REALLY stupid and somehow couldn't get into a closed source system to do damage -- that would not be a good assumption at all!).
Thanks, by the way, I have a life already. One in which I try to offer opinions only on what I think I know something about. Sorry if your feelings were hurt. - srg13, on 10/24/2009, -0/+2Security through obscurity (ie. closed source) is like hiding your key under the doormat and thinking your house is secure because you didn't tell anyone where it is... Open source is inherently more secure than closed source because for a name project is going to have more security experts looking at it than any audit of closed source software ever could...
- the8thbit, on 10/24/2009, -0/+2Hoarders may get piles of money,
That is true, hackers, that is true.
But they cannot help their neighbors;
That's not good, hackers, that's not good. - the8thbit, on 10/24/2009, -0/+2"Also it would be cool to have a system where a voter can go and call up their vote by using some kind of random UUID so they can verify their vote later."
How about online voting using your social security number, or something similar, to verify your vote? I guarantee that if something like this were to be implemented the amount of people who would actually vote would increase astronomically.
Throw in a phone service and on sight voting services (like we have now) and there is no reason why anyone should miss the vote.
"Great idea, would also make the news more interesting with live statistics"
Election night is one of my favorite nights of the year, and something like that- real time updates for every single vote cast, would make that night all the more exciting.
I can just imagine some AJAX site where the entire page is dedicated to a count of the total votes for the major party candidates, and space at the bottom for total vote counts for third parties. -
Show 51 - 90 of 90 discussions
