I think the voting software should only be open source if it can be made to be as proven-unbreakable as possible, which would take some years. There is much more incentive to tamper with an election than other FOSS things, and giving those people instructions on how it works will only help them. If it’s source is closed, no one knows (or can as-easily learn) how to break it.
On the other hand, if its closed-source, you have to be able to trust whomever wrote it, and whomever wrote it has a lot of power. A wise man once said “absolute power corrupts absolutely,” and while being the only one who knows how the voting software works isn’t “absolute,” it’s more than enough to be exceedingly tempting.
I say we stick to pen and paper like the days of yore. I can’t be reasonably confident in anything else.
A motivated nation state actor won’t be as affected by the unavailability of source code (if they have to reverse engineer). The techniques for doing this are well known but they may take a lot of resources.
A motivated nation state actor may also have a good shot at penetrating or infiltrating the closed source system at its source. Closed source doesn’t mean “no source”, it just means that the source is kept closely guarded with access limited to a select few.
Another observation regarding voting being under the control of a private company is … who owns that company? who controls it? A nation state actor?
Security through obscurity is not an accepted principle in general and I’m not embracing it in this case either.
… and the vote is close enough so that a tweak here and there is small enough to go under the radar but big enough to make a difference.
I agree you would want the solution rock-solid. I think you would have a lot of eyes on the software, looking for vulnerabilities. Putting a reward on anyone who could hack it (a good-sized reward at that) might help get some of the best hackers looking at it, and getting it fixed.
After a couple of years of no one being able to crack the software (with the reward still in place) might be enough.
One of the problems with closed-systems is the loss of trust. If people don’t believe their votes matter, they’ll stop voting. On the other hand, if the source code is on the internet, and accusations of back-doors are made, it comes down to “Okay, the source code is right there. Prove it.”
Though I do agree with @fralb5 - hardware is also an issue. And complexity. You’d have to be able to audit from top to bottom to make sure the system is secure. The simpler the system the better.
If the system is open and auditable (and very heavily vetted), I would trust it across the country. Though I will admit my bias that I distrust huge companies with closed systems. I think a lot of people on these forums share my distaste in the giants (G-MAFIA … Google, Microsoft, Amazon, Facebook, Intel, Apple… etc).
That comment though was about the voting system, rules and processes i.e. nothing to do with technology (hardware and software).
If you don’t have the same voting system and rules, it may not be possible to use the same technology but if it is possible to use the same technology, it may be very much harder to audit it and more error prone e.g. due to the necessary configuration.
The results can be audited, depending on whims of officials in a particular jurisdiction, but I doubt the source code would ever be audited except in case of a criminal investigation.
So true. The whole process source, compile, load, tamper detection, transport, hardware supply chain – all need to be open and auditable by everyone. It’s not impossible, you have to want to do it, then actually do it.
That is true, but I would say the fact that each jurisdiction implements the vote in their own way is a feature, not a bug. Every place should have to adhere to the same standards, but the non-uniformity enhances the resiliency of the system as a whole.
Fair call. It’s just opinion. I dare say we are not going to agree on that one. (My thinking is that if you are electing to a body that is supposed to be fair and equal representation then the voting system, rules, exclusions etc. should be uniform. In other words, states can do what they like when electing to their own state legislatures but when electing to Congress there should be uniformity.)
It looks even worse. 68% error rate in one case, while the agreed upon norm is several orders of magnitude lower together with missing security records – all of this seems to not warrant any criminal investigation. Or did I miss one?
It shouldn’t be the only security method in place (there should be digitally signing the code, etc), but I don’t see how keeping the code away from John Q Public is a bad decision, except you won’t benefit from some unknown security genius looking at the code. The source can still be audited by companies paid to do such things, companies who would likely find the faults in the code were it open source anyway. Besides, being closed makes possible a chain of accountability as far as who’s seen and messed with the code. Sometimes (and I think this is one of those times) information needs to be tightly controlled.
I still think pen and paper is the way to go, I just don’t think being closed is as dismissable as you imply, for the reasons above.
Now you are talking politics. Just leave it out. You started this thread and made it half-political. Just stop with your Trump pushing.
No not half of the country thinks that the election was rigged. To my last knowledge it was 70% of Republicans. By the way this survey was made by what you call a liberal mainstream media or others just call news media. Republicans do not even represent 50% of the population as seen in this election. And even more, the voter turnout was about 67%. That means not nearly half of the population think that this election was rigged. Do your math before posting such backless statements.
Voting systems are a huge problem. Overall transparency is becoming less and less in Western politics. It completely sucks. However, I do not get why support someone who is openly using his powers to benefit himself and his business buddies.
Even Barr does not take this bully no more.
Enough about politics!
I really hoped to learn something here besides what you can read in every newspaper and on Parler.Or at least a good discussion about benefits and disadvantages of open sourcing the code and how to handle it best. However, most of the posts are just about complaining.
I share your opinion. Pen and paper is the best and impenetrable option right now.
Blockchain is a prospect on the horizon and I am really looking forward to it. I believe that ultimately it will be used. Pen and paper is just not feasible.
I remember the Florida recounts in 2000 (George W Bush vs Al Gore), specifically looking at the “hanging chads” etc. The actual paper was looked at. One of the lawyers was arguing for “If the person circled a name, it should count”… things like that. He was arguing for “Looking at the paper, is it possible to determine the intent of the voter?”. I also remember the judge questioning him with, “Why not put in objective standards, like 2 corners of the chad are punched out, or 3 corners?”
As a backup, looking at the paper is a great idea. It would be slow on a national basis, but it can be done easily when certain states are challenged. The 2000 elections weren’t that long ago, and the population hasn’t increased that much.
Which brings a question to mind - these voting machines, they are all leaving a paper-trail, right? I used a machine once (usually I fill in the circle with the black ink on paper), and I remember after the selection the instructions were “Look at the paper through the window, and make sure your vote was recorded correctly”. The paper was a little bigger than that used for receipts, but I could see it.
Assuming all the voting machines (Dominion and otherwise) leave a paper trail, it should be easily auditable. That would be unless the machines are programmed to create additional votes which include a paper trail (that would seem to be harder than just adding numbers to a variable). Also, if voters follow similar instructions to what I got, then your vote couldn’t be “switched” without you knowing it.
[EDIT: I guess my point is that using paper is feasible, it’s been done and not so long ago it was the standard. Or if we use machines, a paper trail should be included]
At the start of this post, I stressed that I didn’t want it to be about the politics and if necessary, to pretend that it involves your favorite politician a few years from now instead of President Trump now. Some people want to nit-pick words and fight about politics here instead of grasping the salient issues. Whether or not it’s exactly half of the country or with some margin in either direction is irrelevant. We’re not talking about a small percentage of the people here that are unhappy and who are potentially disaffected.
What is about to happen in the US between now and January 20th could rival the collapse of the Soviet Union, by comparison. We already have some state legislators calling for secession from the union because the US Supreme Court denied them and eighteen other states legal ‘Standing’ (basically saying it’s none of one state’s business if another state cheats the election). Stay tuned about this until January 20th which is the constitutionally-mandated day for the transfer of power. The stakes couldn’t be higher.
I think that the polling machine software has to be open source to maintain integrity. Like a cell phone or a PC, “open-source” does not mean insecure. It means more secure. Making the polling software become open source and thus more secure is a political challenge because some parties benefit every time from the cheating and they want to hide how they do it. Yesterday, our legislators spent most of the day on TV discussing some of these issues. Many people said early-on, “there is no evidence” (ie: you haven’t actually caught us). Later they say “… well, there is not enough evidence” (ie: you haven’t fully unraveled enough of the conspiracy to overturn the election. So let’s just drop the issue). It’s almost like they’re saying “we stole it fair and square and now let’s just move on and put this behind us” and “trust us, we didn’t cheat”. Even if they didn’t cheat (perhaps a debatable issue) why not let the software be audited by the people who have a stake in the outcome? Maybe the US CIA might not like that kind of open source software readily available for use by other countries where they want to tip the scales themselves. Maybe the chickens are coming home to roost.
The major concern is not that but instead … intentional obvious fraud behind the scenes, which closed source enables.
Potentially, although that won’t deal with intentional fraud behind the scenes, since the “source” that is handed over for auditing need not be the real source. That will have potential benefits in finding accidental errors if the source company is otherwise honest.
I want all of that … audited by an unknown security genius, audited by companies that get paid to do such things, audited by any voter.
The way things work in the financial sphere is that auditors may get too close to the company they audit, and independence starts to wane. Also, auditors have a conflict of interest because if they get too picky then they will get replaced and so they lose business.
The very idea that democracy is accountable only to the select few does not sit well with me.
The potential for a system to be audited by anyone and everyone is itself a disinfectant against fraud.
It should be obvious too that such a system of secret ‘closed group’ auditing will undermine confidence in democracy. You know how the conspiracy theory will spread. If they are keeping it a secret and showing it only to a select few then there must be a reason for it. … The usual suspects will get dragged in. … The new world order secret cabal is rigging the voting system in order to cement in perpetuity their control over the ignorant fool voters who trust them and the voting system.
(For clarity, I am not myself endorsing such a conspiracy theory. I am only suggesting that it is entirely predictable that such a conspiracy theory will arise.)
Also published “source” could be just as fraudulent.
Regardless, we’re both trying to convince the other that the issue is whom to trust. You see issues with my points (which is good), and I see issues with yours (which I think is also good). I don’t believe in saying “agree to disagree,” but I think we’ve pretty well illustrated the issues with voting via software.
Yes, I agree. However I think the problem is that the government is going to do voting via software whether we think pen and paper is the way to go, or not. So we, collectively, need to find a way to make computer voting work. To me that means being completely honest and open about where the flaws are and welcoming that flaws get found and removed.
(I’m using the term “flaws” here because I am not concerned solely with software problems in the voting. It is equally important that all the administrative processes that go on behind the scenes are also 100% robust. It is an end-to-end thing, from vote to democratic outcome.)
After watching the video, you can consider this is me laughing at people who pretend paper is not a sustainable solution: many contries with millions of voters are using it because they have improve the rules over centuries
Remember that you don’t need to control 100% of the votes to change the result, only paper with openess is a nightmare to hide a corrupted small percentage
If you want to keep a democratic vote, paper with strict rules and openess is the only way that will keep it over centuries, going any other way will end up with a blackbox controlled by a small group of people, with no garantee of result nor privacy
Out of context, maybe, in the context of the rest ex-soviet republics where pen-and-paper mass vote-rigging happens as business-as-usual - not so much, you then come to understanding that it’s not the media which matters, but the processes.
