Wilms
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 10:06 AM
Original message |
Voting Systems with "Open Source" Software are Computerized Voting |
|
:shrug:
What am I missing? What are the advantages?
|
Occulus
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 10:08 AM
Response to Original message |
1. Open source software allows for public verification of the code |
|
Unlike the ones made by Diebold etc.
|
Wilms
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 10:10 AM
Response to Reply #1 |
3. You mean public verification of the source code. |
|
Edited on Wed Jul-30-08 10:11 AM by Wilms
That's not what runs on the machine, though. Object code does.
So how do I know what's been loaded on a given machine? And how do I know IT wasn't hacked? :shrug:
|
slackmaster
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 10:09 AM
Response to Original message |
2. Open souce is auditable. The opposite, propriatery software, is not. |
|
In proprietary systems the source code (human-readable language that gets compiled into binary objects), is secret.
|
Wilms
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 10:12 AM
Response to Reply #2 |
4. And the "compiled into binary objects" code is not a "human-readable language", however. |
|
Edited on Wed Jul-30-08 10:14 AM by Wilms
So how do I know what's on the machine? And that it wasn't hacked??
|
slackmaster
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 10:33 AM
Response to Reply #4 |
5. You can take the purported source code, compile it using the same open-source compiler |
|
Edited on Wed Jul-30-08 10:34 AM by slackmaster
...that was used to create the binary object in question, and compare the two output files (yours and the binary in question). If they are not identical, then you can be sure something isn't right.
If you are concerned that the compiler itself contains a hack, you can check it out as well because it is open-source. On up the food chain.
|
Wilms
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 11:01 AM
Response to Reply #5 |
7. Would that work on those reported hacks where the bad code eats itself? |
|
And even there, I'm assuming we're checking what's loaded on an individual machine. I don't think that's often done.
|
slackmaster
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 01:42 PM
Response to Reply #7 |
10. I don't believe it could be hidden if all the source for the application, compilers, and linkers |
|
Are available for inspection.
|
Bill Bored
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 01:43 PM
Response to Reply #5 |
11. Maybe I could, but what about the little blue-haired ladies working the polls? nt |
slackmaster
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 03:20 PM
Response to Reply #11 |
16. They are indeed the ones you need to keep an eye on |
Wilms
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 08:36 PM
Response to Reply #16 |
Bill Bored
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 01:45 PM
Response to Reply #5 |
12. Oh, and how do I know the compiler is the same compiler? |
|
Edited on Wed Jul-30-08 02:06 PM by Bill Bored
Do I need to compile its source code on another compiler?
|
slackmaster
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 03:18 PM
Response to Reply #12 |
14. Same way you validate the object you are primarily concerned with |
|
Do I need to compile its source code on another compiler?
That's one way.
|
Bill Bored
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 03:58 PM
Response to Reply #14 |
18. And there ought to be a log file, and a log of what's going into the log file, and a log of that.... |
diva77
(999 posts)
Send PM |
Profile |
Ignore
|
Thu Jul-31-08 01:36 AM
Response to Reply #5 |
21. why try to insert complexity where it's not needed; simple collating skills |
|
are all that's necessary Sorting made simple!
|
Wilms
(1000+ posts)
Send PM |
Profile |
Ignore
|
Thu Jul-31-08 08:59 AM
Response to Reply #21 |
slackmaster
(1000+ posts)
Send PM |
Profile |
Ignore
|
Thu Jul-31-08 09:45 AM
Response to Reply #21 |
23. I've never been convinced of the cost benefit of automated voting systems |
AndyTiedye
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 10:38 AM
Response to Reply #4 |
6. Compile the Source and Compare the Resulting Binary |
|
do the same with the compiler and linker.
|
Wilms
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 11:05 AM
Response to Reply #6 |
|
But there's still the ballot definition files for a given election...a fairly likely way to hack or just screw up an election. No fault of "open source" but it won't help there either.
So I'm still stuck with the idea that it's computerized voting, and that for any given machine/election I don't know what's going on.
PLUS, by being in the public view, bad guys have an easier time learning how to breach it. Correct? :shrug:
|
AndyTiedye
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 11:47 AM
Response to Reply #8 |
9. We Need to Inspect the Data Files Too |
|
Ideally, the system uses some sort of ASCII files for ballot definitions and the like so any member of the public can verify that they are correct.
The best system would be an open-source system that generates paper ballots. The voter can inspect the resulting ballot before submitting it. Any computerized total would be considered preliminary, pending a hand count of the real ballots. Hand-counting is televised and/or webcast so the whole process is open.
|
Bill Bored
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 01:51 PM
Response to Reply #9 |
13. Oh, so you're saying the post-election audit is really the way to verify? |
|
Edited on Wed Jul-30-08 02:05 PM by Bill Bored
In that case, the only benefit of open source is to un-privatize elections. That's a worthy goal, but it won't tell me who won and who lost, will it?
So I agree that there needs to be a really good audit, using hand-to-eye counts of the paper ballots, with a reliable chain of custody and ballot accounting (because paper ballots are easy to manipulate like software, no matter how they are produced). Too bad no state actually does all that, except for the occasional "spot checks" huh?
|
slackmaster
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 03:19 PM
Response to Reply #13 |
15. The easiest way to audit an election is to count the paper ballots by hand under dual control |
|
Dual control = Two people doing the counting and keeping an eye on each other.
:hi:
|
Bill Bored
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 03:48 PM
Response to Reply #15 |
17. Agreed. As long as enough of them are counted, and they haven't been tampered with beforehand. nt |
slackmaster
(1000+ posts)
Send PM |
Profile |
Ignore
|
Thu Jul-31-08 09:46 AM
Response to Reply #17 |
24. Controlling boxes of paper is a lot easier than controlling things nobody can see |
|
Automated machines that count and sort currency in a bank make sense. Not so with ballots IMO.
|
eridani
(1000+ posts)
Send PM |
Profile |
Ignore
|
Wed Jul-30-08 08:10 PM
Response to Original message |
19. Open source is better than private. However-- |
|
--if you want to make sure your laboratory scales are working properly, which is more useful? A schematic detailing the scale's design, or a set of standard weights that you use to check its performance?
|
DU
AdBot (1000+ posts) |
Tue Apr 23rd 2024, 07:33 AM
Response to Original message |