Are open source codes a solution to the electronic voting problem?

Some friends of mine who are involved in election reform are now talking up the possibility of open source codes.

I don't know much about this area and I'm not sure how this would solve the problem of voter fraud and/or hacking.

What are your thoughts about the use of open source coding?

There is no such thing as foolproof voting, or even voting on a security level of something as simple as an online transaction. The immense stakes involved (in our last election one could argue the global future for the next 20 years) are what makes fair elections such a holy grail.

Open source code takes a huge bite out of the possible ways to hack an election, and for that reason it is essential. Other ways to maximize the possibility of a fair election:

1) Paper trail
2) Transparent audits
3) Online verification of a unique userid and corresponding vote recorded

Would they also post the MD5 checksum of the program executable, and allow each voter to somehow verify it before voting? Otherwise you can never guarantee that the program running is the one you have the source code for.

There still need to be paper ballots.

republican. He says open source isn't secure either; better than proprietary but still not secure. He says paper ballots hand counted are the only way to go. He talks about open source somewhere on his website but I can't find it. If you poke around here, you should be able to get more than enough info on the whole issue.

http://www.chuckherrin.com/paperballots.htm
http://www.chuckherrin.com/evotingquestions.htm
http://www.chuckherrin.com/hackthevoteFAQ.htm
http://www.chuckherrin.com/sinceyouasked.htm

The section on open source voting is on this page:
http://www.chuckherrin.com/sinceyouasked.htm

Luzerne Co in NE PA will be in the process of scrapping the lever machines in favor of electronic machines this year and I want to be armed with information. I've e-mailed the Director of Elections requesting information about the process they are following since very little information has been publicized locally.

when it's a republican saying it. See his article on conservative's guide to empathy. It's the best election fraud article I've ever seen for dems or repubs.
http://www.chuckherrin.com/ConservativeEmpathy.htm

.

Those execute the source code directly.

However, while there ARE ways, including trusted computing where only
cryptographically signed binaries are allowed to be executed by the
hardware, I'm a computer specialist who is perfectly willing to point out these few things:

1) A system that only graduate computer professionals can understand does not qualify as transparent. Maybe the system is fine, but the rest of society has to rely on the opinions of "experts" about that.

2) While a basic computer setup may be pretty cheap, support of the system almost invariably is not. BOEs do not have the cream of the computer applications job pool. Expecting them to correctly create and deploy local elections ballots is a bit naive.

3) The only possible alternative to a voter verified paper ballot which is acceptible is a scheme using personalized digital signatures and stored ballots that may be checked in person, in private. As per #1, while these may be secure, they are not transparent. You have to understand high math to know they are secure. As per #2, if you do not use this alternative, you do not save any money in the paper handling department.

4) Realistically, by the time any legislation actually passes, it will probably be only a year until the next election. Just try to get any BOE to go through a selection process, analyse the competitors with their highly funded sales force, and even upon selecting the opensource solution, implement it in a year.


So while I do encourage the work on creating OpenSource voting machines, for application on less critical matters and possibly in the far future, if you want to use your opensource talents to actually do something about the situation, please go here instead:


http://sourceforge.net/projects/uscvprogs/

go? I am working with a group in OR and we have paper ballots but they are counted on Diebold tabulators. We'd like to push for hand counting, but we have very complex ballots with lots of ballot measures, candidates for city commissioner, dog catcher etc. etc. Don't know if hand counting is practical so we are trying to ascertain if there is any reliable way to machine count or if we need to change ballot design, or??? Suggestions?

There is one way with current technology to use machine counts to reduce hand-counting. However, it, like the machines themselves, requires a lot of work to make the system transparent.

That is to machine count and then hand recount a random sample of precincts, such that you know with 99% (or whatever your comfort margin is) certainty that there was not enough fraud to change the outcome.

However, just like having the machines in the first place causes all sorts of transparency issues -- like how do citizens know that the machines were not badly calibrated in certain precincts on purpose (not how the BOE knows, how do the citizens know?) -- the same types of
issues are raised with statistical hand counts.

How do the *citizens* know that the precincts selected for the recount are actually selected randomly?

How do the *citizens* know that ballots were not altered between the time the machine count was done and the hand count started?

You get the idea.

any info on hand counting when you have complex ballots? Any info about the Canadian system? Or any others where hand counting works well? Or do they just have diffenent kinds of ballot designs?

can qualify as transparent if the professionals are provided by representatives of the parties involved, and allowed to conduct random checks on both hardware and software, before and after the election.

If a binary does not match compiled source code, there is an expanded audit and a nasty fine.

Essential to making this system work would be a national BOE with standardized machines.

what execute means? And when you refer to source code, do you mean open source is just for show?

is the list of instructions which are to be carried out by the computer to do its job, i.e. create the display which voters use, store the votes to disk, etc.

It is in text file format just like a letter on a word processor. If the computer's processor were to have to read a text file, though, its operation would be exceedingly slow. So the programmer uses a special program called a compiler to "crunch" the source code into a file which is much smaller. This file (called a binary) is not legible (it looks like "garbage" if you were to print it out) but the computer works with it much faster than text.

To say that source code is "just for show" is not accurate. It's the actual file the programmer writes to run the computer. Problem is, a very devious programmer could actually create a special compiler to insert devious candidate-abetting commands to the computer as it creates the binary.

As you can see there are numerous points in the process wherewith votes could be tampered, hence the difficulty.

source code is a text of programming language/s that programmers instruct the computer to do the job.

the computer translates this programming language into another form or machine language and use or execute this final product to do the job faster, better…

Source code or text of programming languages is for human to understand because it's extreme difficult or impossible to write a text of machine language directly. Just like crude oil and gasoline, book and forewords.

If E voting programming languages is Basic, they look like this:
Dim Votes
Votes = Server.CreateObject(‘UnknownSoftwareCD’)
Votes.UnverifiedPaperTrials

If, for example, they were required to provide 1) the source code, 2) details needed to compile the code, including compiler version, make files, flags, etc. and 3) copies of the executable code running on the machines, it would be reasonably easy to verify that (1)+(2) --> (3), and that (3) was really what was on the machines.

The bigger problem is that there are many very subtile ways to rig the machines, and it would take lots of eyeballs be sure of spotting them all. True open source code (note to the original poster: "code" is a mass noun, like "salt"--you don't say "open source codes" for the same reason you wouldn't say "pass the salts") tabulators and voting machines would be a very good thing, but it would not prevent tricks that make people stand in the rain for hours, sending people to the wrong polling place, throwing out their ballots, etc., etc.

--MarkusQ

The build logs need to be kept- and published- and the contents of every patch must have the same safeguards.

Fortunately, this is something that can be dealt with.

Even if we have the source code and can match it (via, say, checksum)
with the executable on disk on a voting computer on Election Day...
There are lots of vulnerabilities. Can we be 100% sure that the
computer is off of all networks at all times, and that the friendly
support people from Triad or whatever have not modified anything at
any point during the counting or recounting, that the microcode is
also the standard microcode, etc. ? It's a chain of custody thing..
Can we really trust everybody who has access to all local Boards of
Election to guard all of these paths from the moment the machine is
"certified" until the last count or recount?

Another way in which a ruse could occur (Rethugs agree grudgingly
to provide souce code but next election is stolen anyway) is
if the database, i.e. the vote count, is not secured. There could
simply be other hands incrementing and decrementing votes in the
database, while the official vote-counting program on the machine
could be identical to the one that everyone has the source code for.
By the way....kick....There are others who should read this, these
threads become history too fast.

Read the experts. Go to www.votersunite.org or www.chuckherrin.com. NO MACHINES.

Whom do you trust to be uncorruptable with this much power.

No one.

Votes retention should be human verifiable at all times from before the voter releases the vote until after the term of office ends -- at minimum. E.g., ballot readable by the voter. Possibly readable by a machine with open source code, randomly tested, critically approved by all voters willing and able to read source code. Could be on plain 8.5x11 paper, computer printed on a home computer, library, or polling place; officially approved for counting at polling place.

Simple. Cheap. And, clear.

The first principle of designing secure systems is that you need to identify the value of assets being protected. High-value assets require high-quality protection. In the case of an election, the assets are priceless, but as a starting point, there are clearly people to whom cracking an election is worth many billions of dollars. As these things go, the stakes don't get any higher.

The second principle of designing secure systems is that a system is only as good as it's weakest link. If any one of the links in a security system is subvertible, then the system isn't secure. State-of-the-art security on a front door is useless if the back door is wide open.

Each and every step of an election must be auditable and verifiable. It's not good enough to just count votes; you have to be able to provide evidence that the count was conducted correctly, and that evidence must be publicly verifiable after an election takes place. Evidence that is only privately verifiable is only as good as the credentials of those who verify the private evidence. The only people I can think of who have credentials good enough to weigh against the assets in question is all of the particpating candidates in the election. Having gone this far, it seems pointless not to make that evidence freely availble to the public at large as well.

If someone who conducts an election cannot prove that a particular phase of an election was conducted correctly, then you've found a weakest link.

The particular problem that needs to be addressed with electronic voting systems is how to establish that the votes actually cast correspond to the votes actually recorded. How can you prove that every button pushed on a voting machine was correctly recorded? Once votes have been recorded, there are a number of relatively straightforward ways to ensure that no records have been modified, misplaced, and that all recorded votes hve been properly added up, even in computer-based systems.

In a manual system, the issue of verifying that ballots cast corresponds to the ballots recorded is addressed by a system of observers, and physical security on ballot boxes. Observers from all parties can watch the votes going into the ballot box, and coming out of the ballot box. Tamper seals and secure storage more-or-less ensure that what goes in comes out. The proof in this case is provided by a chain of evidence consisting of witnesses, tamper seals, and procedures that ensure that physical security of sealed ballot boxes. Once the integrity of physical ballots can be determined, auditing can be performed by performing random or targetted recounts of physical ballots in selected precincts.

In computer based systems, you need an auditable mechanism that ensures that what voters selected on the screen is the same as what gets recorded.

Paper printouts do solve this problem. Voters can verify that what got printed corresponds to the buttons they push. Whether voters verify every printed ballot, some, or few, visual verification of printed ballots by voters constitutes an audit system that ensures that votes entered correspond to votes printed. The physical printed ballots allow digitally recorded counts to be audited by re-counting the printed ballots, and ensuring they match the machine counts.

In reality, this means that a number of precincts will be randomly selected, counts will be verified for those randomly selected precincts. The emphasis is on random selection. If anyone knows with certainty that any precincts is not subject to random selection, then the random audit is as good as useless. Attackers can fearlessly hack only precincts that aren't subject to random audit.

It should be strongly noted that the Ohio manual recount procedure failed to acheive it's purpose because precincts selected for manual recounting were not selected randomly. For all practical purposes, no manual check of machine counts was performed in Ohio.

Open source isn't required to verify auditing if printed ballots are produced, and if precints are randomly audited. You also need an observer/tamper seal/physical security procedure to ensure the integrity of printed ballots. If physical integrity of the printed ballots isn't ensured, then the system becomes as weak as the purely digital path through which counted votes travel.

Some people have proposed cryptographic solutions as an alternative to printed ballots. While crytographic solutions can protect votes from the point at which they are recorded to the point at which they are counted, then cannot provide protection for votes between the time that they were entered, and the time they were recorded.

Note that the VoteHere solution, for example, provides a digital code that can be used to verify that the vote that was recorded was actually counted. The VoteHere verification code does not verify that the vote entered corresponds to the vote recorded. This is a signficant shortcoming of the VoteHere solution.

In pure crypto solutions, open source is not a luxury; it is a neccessity. Any attempt to verify that votes entered correspond to votes recorded requires that source code, and object code be available for review, along with a chain of evidence that guarantees that published source and object code correspond to the software that was actually running on the machines that translated votes entered into votes recorded.

Ask anyone who advocates a crypto solution this question: how do you prove that votes entered correspond to votes recorded? If they cannot provide a bulletproof answer then you have just identified the weakest link. I don't see any way to make such a claim without publishing source for public inspection.

Note that just publishing the source is not nearly enough. Either publicly available build systems, or inspectable object code are also required, since compilers can be (and have been) hacked to inject evil code. If only source code is provided, then a proof must be provided that the compiled source produces the correct object code, byte-for-byte. Being able to build object code from the source code of record that matches published object code signatures, registered at NIST would be acceptable; build fully replicable builds are difficult to achieve even in relatively controlled software development environments. For example, a number of common compilers and linkers will store random bytes in small fragments of un-initialized data areas in object files. These random bytes would make it impossible to match up source code with publicly registered object code signatures.

Even this isn't enough. Evil code could be injected by system components, or other unrelated software, while the recording software is runnnig. Beyond the DRE software, a chain of evidence is also required for all other software on the machine (in object code at a minimum, but ideally in source form as well).

These questions need to be asked, and there must be answers to these questions. How can you prove that a technician for Diebold hasn't swapped a system component, like USER32.EXE. How can you prove that some underpaid, but clever junior programmer at Microsoft hasn't injected a hidden source-code hack into -- for example -- a browser DLL, or a COM interop DLL? Given the value of the assets being protected, these are distinct and real possibilities. And nothing less than proof is acceptable.

If you cannot provide provable answers to these questions, then these things will happen.

It has to be said, that current electronic voting systems don't come remotely close to providing the kinds of evidence chains, and audit mechanisms that are required to provide even rudimentary security in the election process.

Open source does provide key evidence in certain important situations; but it provides evidence for only small portions of the overall evidence chain. If the full chain of evidence isn't in place, then open source isn't much good.

...is that they depend on trust from those who do not understand them. Just like you correctly note that private verification requires trust in the verifiers, so it goes when the technocracy are the only people that can do the verification.

(In answer to your question about cryptographic solutions, the solution to the question about whether the vote changes between the time it is cast and the time it is counted can be solved by making that individual vote decryptable by the voter as long as they also have a "booth key", to coin a term. The "booth key" in combination with the voters key would allow them to view the contents of their vote, but could not be removed from the poll. The booth key could later be checked out at the BOE to verify one's own vote, in private. The function of the booth key is of course to prevent vote buying, by not allowing another person to see their vote, even with their permission.)

We may yet see e-voting become secure some day (in fact it may be indispensible once geographic borders decay to the point where practically every ballot is an absentee ballot,) but before it can afford the citizens "transparency" citizens are going to have to become comfortable with some form of cryptographic appliance that permeats society, which is widely held to be secure for more purposes than just voting. Until we all have a general purpose security system that has become regarded as secure by both the academics and society at large, the systems don't have a practical use in high stakes elections.

that computers offer little to recommend them over punch cards, period. Despite 'hanging chads' and all the other overhyped concerns with printed ballots, there is a huge element of public confidence involved. With most of the population computer-illiterate, suspicion is little better than fraud. This and the opportunities for real fraud created by computerized voting outweigh its benefits.

As cryptographer Bruce Schneier says summarily, "computerized voting is a horrendously dangerous idea."

the machines are well maintained and the ballots are well designed; that they got a bad rap in FL for reasons that are easily corrected. I don't know enough to make that judgment but they sound a whole lot better than
DREs.

Obviously someone who knows what's up.

I think the chain of custody cannot be emphasized enough. With current DREs, the chain starts at development, goes through manufacture, transportation, warehousing, testing, transportation to voting places, election day, and tabulating. Finding a weak link in that incredibly long chain is as easy as finding a weak spot in a roll of toilet paper that was left in the rain. Especially given the risk/reward problem, as you mention.

Welcome to DU!! :toast:

Like TIA said - open source code would just be pacification - for show.

You can show me source code all day long, but how do I know this is the same source code that was compiled to make the executable object code? You can have 2 versions of the source code - one to compile and one to show to people. Also, discreet 'patch areas' can be imbedded in the source code which would allow the object code itself to be modified without changing the source code. There are so many ways to cheat with computers it's not even funny!

First, you still have to rely on the BOEs or vendor techs to set up the system. Even if the source code is open, there may still be human errors in the configuration. There can still be the inevitable finger pointing between the BOE and the vendor as voters see their votes go awry! The recent articles about the Unilect machines in NC and PA are perfect examples of this. I don't want my BOE to have to worry about such things as memory utilization, and I don't want to have to trust vendors with no direct public accountability to deal with it either. (BTW, if they do in fact have such accountability, we should be suing the pants off them for all these "glitches!")

Also, the issue is not just the source code itself, but the source code at the time of the election. This means you need IT security, change control procedures, version control, etc. which are other areas of expertise that BOEs may be totally unfamiliar with.

So what is needed is the voter-verified paper ballot (VVPB) that can be hand counted by anyone who understands the voting process. The machines, if used, should only be used to expedite the counting process and should be randomly audited by use of the paper ballots. This way, it doesn't make much difference how screwed up the source code is. The errors can be detected and corrected. and there is also the deterrent effect inherent in knowing that the results WILL BE verified.

The more I think about it, it's not just the vote that is being verified here, it's the PERFORMANCE of the vendors' products. This is reason enough for them and their lackeys in Congress and elsewhere to oppose the VVPB, aside from the more sinister intent to steal our democracy. After all, what business, or individual for that matter, wants to be audited, if they can avoid it?

If you let the camel get that nose in the tent, game over.

Tabulation should be done by standard calculators or off the shelf stuff. No proprietary, or even open source software made by the crooks who make the current crop of loot-inviting crap.

Machines, if desired especially for accessibility issues, can be used like a word processor and printer -- unconnected to anything except each other, to generate an easily read ballot.

Ballot GENERATOR. Not Tabulator.

Ive learned alot about this issue tonight thanks to everyone and I feel much more informed.

I have to say after reading the responses I continue to feel we should not be allowing these machines to be used and the best, most transparent option is to stick with pencil, paper and manual recounts until (and if*) we have a way to create a more transparent voting process with computers and optical scanners.

Still seems like there is much too much invitation for fraud, and like we saw in November, there can be volumes of circumstantial evidence (and/or circumstantial proof), but when will that prove to be enough to call for a FULL recount and/or re-election? I guess when we get mad enough.

How long can we wait?

It's the best way to go.

and improve it if security was lagging behind the sneaks out there.

Open Source + Public (not Private) Control of the Voting Machines + Paper Trails + Post-Election Audits of all electronic voting + Uniform Election processes for all national elections is where we need to be.

An electronic voting system with open source codes and voter verified paper ballot.

See: http://www.OpenVotingConsortium.org

the problem with any source code is that they are inherently prone to error. the other problem is that even an honest system can be easily modified. The problem with software is that is it NOT TRANSPARENT TO THE CITIZEN.

I found a very good election law in GA that supports this, it must be obvious to the voter how the electronic machine operates. With all my 20 years of computer background, I'm not clear how a Diebold machine operates other than I am certain when I hit cast ballot, the ONLY PERSON who knows what it registers is the Diebold programmer... this creates a situation where you are not voting in secret, that indeed the software becomes a kind of 2nd person watching your vote and hopefully (if you trust it) transcribing your vote accurately.

I just got back from the PDA summit where all the OH folks were there. I'm sorry to say, Andy Stevenson was pushing this same "Computers are OK " agenda. His approach and anyone else advocating open source needs to be stopped at the source.. as a community we must advocate ONE THING ONLY, PAPER Ballots. If you must continue spending millions on computers, use them as printers, fine, no problem, but we must generate paper ballots and we must COUNT THE PAPER ballot as the ballot of record.

In this I am quite sure there can be no compromising.. our very democracy depends on our community understanding the fundamentals of this argument....

I'm with you, as are many others.

I think it's time we pool our resources and names of people willing to commit to working on this issue, so we can get statewide initiatives moving ahead. I think we also should be implementing tabling efforts to get more people informed about electronic voting in general and the need to return to paper ballots.

In short we need to eliminate electronic voting, along with the privatization of our vote, from the voting equation PERIOD. There can be no substitutes here.

I'm starting a movement called countpaperballots.com because I'm even this moment on a phone call of voting reform activists that have no idea of the difference between PAPER TRAIL (which the republicans have co-opted our issue and are not proponents of Paper Trail cause they know they will never get counted) versus PAPER BALLOT, and the voting bill of rights #1 is written totally wrong....

so within the next day, check out countpaperballots.com where I will share with folks nationwide how to launch open records fights in States and start putting Diebold on the run legally and financially when they see mass citizens coming out to fight the 'defacto' choice to outsource the very core of democracy..

Thanks,

We don't have alot of time.

One thing I found interesting was some citizens are working to create "parallel" elections for the 2006 upcoming elections, which means exactly that. They will be holding a parallel voting/polling places next to the polling places with electronic voting machines.

I think it is not only a terrific exercise in taking our voting process back, but it actually could be a step in the right direction of showing how a fair election should in fact work.

I found the information on banvotingmachines.org, and at ecotalk.org. This could be the best way and most immediate way to deal with the issue, along with lobbying our state officials, (and federal officials as well).

....one approach to an "election fraud prevention literacy program."

We do need to educate our fellow citizens about all that many of us might be tempted to think is common knowledge. And, I think it important for the development of a "election fraud prevention literacy program" that one reality I'm personally quite concerned be confronted:

http://www.democraticunderground.com/discuss/duboard.php?az=view_all&address=203x302606

Two other DU threads have specifics that you may find interesting if you haven't already seen them:

http://www.democraticunderground.com/discuss/duboard.php?az=view_all&address=203x303400

http://www.democraticunderground.com/discuss/duboard.php?az=view_all&address=203x302631#303031


Peace.

TBO;24/7

Thanks!

OPEN SOURCE CODE WILL NOT MATTER!!! HACKERS WILL TELL YOU> YOU CAN GET IN AND OUT, CHANGE THE TOTALS, ALL WITHOUT LEAVING ANY TRACES WHATSOEVER. ON ELECTION DAY - SO THEN WHERE ARE YOU WITH OPEN SOURCE CODE????

WAKE THE F-K UP!!!!!!

the OP was asking an honest question. Maybe he/she is not as fucking smart as you, but I'm damn sure he/she isn't as obnoxious as you.
:eyes:

OUT.... since I'm NOT THE ONLY ONE WITH CAPS-TUDE. AND I WILL BE AS OBNOXIOUS AS IT TAKES TO GET PEOPLE TO WAKE UP. BEING NICE - LIKE THE REST OF THE SPINELESS DEMS DOESN'T SEEM TO BE WORKING VERY WELL - DOES IT?

THAT'S THE ONLY WAY WE'RE GOING TO ACCOMPLISH ANYTHING!!! BEING RUDE TO OTHER DEMOCRATS WHO ASK AN HONEST QUESTION...WHY DIDN'T I THINK OF THAT!!!

:P

I am so F-KING TIRED of being polite. IT'S NOT WORKING IS IT????

How do you think the Rs would be acting right now if the situation were reversed? (granted, it never would be because I don't believe we are capable of such hideousness.) and I know you meant this in a light-hearted way.....

THEY WOULD BE SCREAMING, AND VERY ORGANIZED, AND NOT SQUABBLING AND INFIGHTING ABOUT HOW WE SPEAK TO EACH OTHER. THEY'D BE F-ING FOCUSED!!!!!!!

Yipping about manners is a DISTRACTION. And a WASTE OF TIME AND ENERGY.

TO QUOTE HE-WHO-IS-MOST-HATED: "YOU'RE EITHER WITH US OR AGAINST US" IN THIS.

WE MUST FOCUS, OR WE'RE LOST.

Here you go... to honor your capslock attitude...

I agree totally. It's a shame we have to spend $15M on crap technology, imagine how far we'd be if that money were spent making our election system more auditable, more fair, more transparent, more enfranchising of diverse citizen groups.. just imagine?.....

it would work. You would have to have a print out that gave 1 copy to the voter (which he keeps) and the carbon copy is on a continuous roll. Each voters receipt should have a unique number on it, so they can go on line to check their vote. (This is the only reason that ATM's are accurate. If no one could check each of their transactions, do you think banks would be so honest?) If there is a mistake when the voter checks their unique number on line, then the carbon gets pulled out and the receipt checked against the carbon. If it matches (and it should, unless the voter is trying to pull a fast one), then hand counting of the carbon roll proceeds and the voting machine company picks up the cost for it. The only way everyone is going to be kept honest here is if there is random sampling. No one knows who will go on line to check their ballot, so they all have to be up there and be accurate. And, the SOS can't fudge the numbers because the poll book count and the on line count of voters would have to match.

zalinda

Zalinda..
sorry you must be new to this struggle... letting a voter keep your vote is a problem because over time in history, it's shown that this receipt of your vote can be sold or bullied or people can be fired or worse, discriminated against if the votes are not as their 'bosses' so desire. The other problem is the one of 'selling' votes adding a criminal element to voting.. it's critical the paper ballot be in secret in the booth (voter verifies paper) then walked across the room and deposited in the locked ballot box and then they leave knowing only in their head how they voted....

buying or any attempt at coercion is voter fraud, is a felony, and is punishable by up to 20 years in prison. Someone's going to risk that for a few votes in a general election? Well, I guess some might...

http://www.newstopic.net/articles/2005/01/07/editorials/23votebuyedit.txt

There is no way this could occur on a scale large enough to influence an election.

you still need to come up with the requirements for a viewing of the code. Paper ballots are the only way to get a fair elections any time soon.

:kick:

is the only way to build a more secure ballot. It would also raise the stakes for those commiting fraud. No voter verified paper trail will really do. We need to raise the bar really high, so it makes it tough for them before durring and after to muck with the ballots.

A signature can even be bullshited.

I had an interesting thought what if you put your thumb print on the poll book and ballot that way the ballot and voter can be verified at a later date. Increasing the difficulty of mucking with either the ballot or the poll book. Since the serial numbers on the individual ballots would be registered to the precinct it would be highly difficult to replace it with a generated ballot. People would also be able to take home a reciept with a serial number on it. You know modern day imaging systems could allow us the ability to post images of the ballots that could only be accessed then by serial number displaying only the choices, which then the public could use to verify that their vote was not changed and it was recorded!

Venezuela did that.

They voted all in one day. Put indelible ink on one certain finger of each voter -- that way, they couldn't come back for "seconds."

can compare it whenever neccessary with the last released version
including of the source coding from the master software, and from the object codes of CDs or HDs being decompiled.