Phantom votes, and voter fraud to become a thing of the past?

In Industry First, Voting Machine Company to Publish Source Code

From wired.com HERE is the full article, but I will provide the most important parts in this thread.

Sequoia Voting Systems plans to publicly release the source code for its new optical scan voting system, the company announced Tuesday — a remarkable reversal for a voting machine maker long criticized for resisting public examination of its proprietary systems.

Apparently, Sequoia's new public source optical-scan voting system (say that three times fast) , called Frontier Election System, will be federaly certified and tested early next year. We will get to see it in November, according to their web site.

Open Source Software is software for which the underlying programming code is available to the users so that they may read it, make changes to it, and build new versions of the software incorporating their changes. There are many types of Open Source Software, mainly differing in the licensing term under which (altered) copies of the source code may (or must be) redistributed.

A little different than Sequoia’s public source software where we only get to read it.
Their old policy was what is known as "security through obfuscation". This basicly means they believe hackers will have a harder time finding weaknesses in the software if the source code is private, whereas open source code is believed by some to provide hackers with an instruction manual of sorts.

Sequoia has changed their mind on that stance. They announced this five days after a non-profit foundation announced their open-source election software for public review, but they say it had no influence on their end. Sure.

The company has long had a reputation for vigorously fighting any efforts by academics, voting activists and others to examine the source code in its proprietary systems, and even threatened to sue Princeton University computer scientists if they disclosed anything learned from a court-ordered review of its software.

That makes sense to me also, but here is where I begin to disagree:

Given that Sequoia is now acknowledging the value of code disclosure as something that can lead to better security rather than worse security, as it has claimed in the past, Felten said “it seems that it should follow that they would now be willing to release code for all of their other products as well.”

There is no way we can make everything open-source. That is an infringement on a companies secrets and ways of doing things. They should have the right to keep most things closed source IMO. Just think of the domino effect this could have! If I was a software developer I would abhore the idea of being forced to Open Source everything!

Appel, in a separate issue, also found a discrepancy between summary tapes printed from Sequoia touch-screen machines during New Jersey’s primary election and totals that were recorded on the machine’s memory cards. Summary tapes from machines in one district showed a phantom vote for then-presidential-candidate Barack Obama that didn’t appear in the memory card totals.

Sequoia blamed this on the election officials for pushing the wrong buttons, but later on they admitted that they found a problem in the software that was fixing the issue. One phantom vote isn't that bad though, right?
It gets better though:

Earlier this year, in a separate case, Sequoia agreed, after a concerted battle, to hand over its source code to election officials in Washington, DC, to investigate why, during the city’s September 2008 primary election, Sequoia’s optical-scan machines added about 1,500 “phantom” votes to races on ballots cast in one precinct.

This one was blamed on static discharge...

After the city demanded to look at the source code to determine the problem, Sequoia in turn demanded a $20 million bond from officials guaranteeing they wouldn’t disclose information about the system. Sequoia finally relented to provide the code without a bond, though only after the city agreed to keep the company’s trade secrets confidential.

Sequoia’s history of hiding behind its proprietary code could make this public effort come to naught, but I don't care wither way as long as they get it right, and we don't have so many phantoms making it to the polls. The question becomes: How can we trust that the code loaded onto the machines is the one we were satisfied with? Because it is my understanding that open source code must have several versions in the process.

And how can we trust the hardware? Given that the smallest microchips in the world (that we know of) are smaller than a grain of salt, they would have to make the hardware open source as well before I was able to trust it. Even then I would be dubious. I am just not ready to trust electronic voting, there is always a way to manipulate 1's and 0's.

Then there is the issue of equality. Voting and the process itself is sopposed to be open to everyone. It seems that this open source idea is discriminating against poor folks wjo don't own computers and folks who don't understand the programs we will be writing it with,; which are as follows:

The optical-scan machines are wrote in C#, and runs on Linux. The election management software that creates ballots and tabulates votes runs on XP and uses a Microsoft SQL database.

What do you think? Is this a step towards elections free of phantom votes? Will you participate? Will you trust the results? If this is not the solution. what would you do to fix it? And finially, how do you feel about their idea of making EVERYTHING open source??I'm very interested to hear your thoughts, as I feel this is HUGE news.

I will also post a how-to-wiki on open source code, for those of you who are not going to participate because it intimidates you. And I will also post a list of the rules for something to be considered open post, so please refrain from posting until the next page is up...thank you.

[I posted something similar to this, but it was not as in depth and I feel there is more to offer on this subject, this will include an extra how-to, and a list of regulations on open source software.]


[edit on 29-10-2009 by Enigma Publius]

[edit on 29-10-2009 by Enigma Publius]

This is a how-to wiki from Wired.com as well. The full article is HERE

If you find yourself having to (or wanting to) compile a piece of software, don't panic. The process is fairly simple. Every piece of software is different, but here is a summary of the most common scenario for Unix-based OS such as Linux or Mac OSX. These instructions are not so useful for Windows, as apps are usually built with special GUI development tools, not command line tools.

First, you'll need a command line and a compiler.

1.DOWNLOADING YOUR COMLILER:

Linux You almost certainly already have a command line, and a compiler called gcc. Try typing gcc on the command line. If it tells you command not found, install gcc using your package manager.

Mac OS X Your command line is Terminal, which is located in Applications/Utilities. You'll need to download XCode, which contains Apple's compiler, from the Apple developer tools web site. XCode is often bundled on the operating system CD or DVD that comes with your computer.

Windows Microsoft provides a compiler with its free downloadable GUI development environment Visual Studio Express, but Cygwin is both more useful and more Unix-compatible. Download and install it, making sure to include all the packages from the "Devel" section when you choose packages.

2.Obtaining the code:

Downloading Practically all source packages come in a zipped-up archive file. This will have the suffix .tgz or .tar.gz. (on Windows .zip) It will also have a name and a version number, something like example-3.2.8.tar.gz. You should make yourself a directory to work in, called "source" or "build" or something along those lines. Using a browser, download the source file into that directory.

Unpacking From your command line, go into your working directory (using the cd command): "cd source"

The quickest way to unzip the archive is tar: "tar -xzvf example-3.2.8.tar.gz"

( on Windows, right-click on the .zip file and select Extract All... )

This will unzip all the files of the source code into a new subdirectory with the same name as your application, including the version numner. Go into this directory by typing: "cd example-3.2.8"

3.Reading the documentation:

Reading the Documentation Practically every source package contains some reading material, typically files with names in all caps, like README and INSTALL. Read these! They tell you how to proceed. There may also be documentation for your specific situation, like README.macosx. You can use the less command on the command line to read them:

"less install"

or just open them in your favorite text editor. The documentation may point you to other software that you need to install before you can install this package ("dependencies"), or to quirks of the installation process that you need to be alert for. Much of this may be covered on the software's web page as well.

BUILDING:

Building The process may differ (especially on Windows), but the most common procedure is as follows. Type: ./configure

For a full list of all the options you can give to the configure tool, "run:./configure --help"

The configuration process may take several minutes. When it's done, if it doesn't give you an error message, you're ready to compile. If it does give you an error message, refer to the Troubleshooting section below. To compile the software, just type: "make"

This performs the meat of the operation. If all goes well, it should take a while, and may monopolize your computer's processor while it's running. Don't worry, compiling software is intensive work. When it ends, if you don't see an error message, you're ready for the last step. Note that you probably won't see a congratulations message either.

The software has been compiled. All that remains to do is to put it where it belongs.

"make install" will place the various files that have been built in their proper locations in the filesystem. Now they're ready to be used. Often, you will need to run make install with root level permissions so files can copied to correct location.

"sudo make install" Most systems have the sudo command, which will allow you run commands as the super-user. Note that, When running commands with sudo you will be prompted for a password.

TROUBLESHOOTING

Troubleshooting If any of the steps above don't go smoothly, there are a few systematic steps to take that will help figure out what the problem is. Make sure you've followed all the instructions rigorously, and that you have any necessary dependencies installed.

I hope this helps some of you better understand the process, and I hope you all participate!

Open source doesn't just mean access to the source code.The distribution terms of open-source software must comply with the following criteria:

1. Free Redistribution:
The license shall not restrict any party from selling or giving away the software as a component of an aggregate software distribution containing programs from several different sources. The license shall not require a royalty or other fee for such sale.

2. Source Code:
The program must include source code, and must allow distribution in source code as well as compiled form. Where some form of a product is not distributed with source code, there must be a well-publicized means of obtaining the source code for no more than a reasonable reproduction cost preferably, downloading via the Internet without charge. The source code must be the preferred form in which a programmer would modify the program. Deliberately obfuscated source code is not allowed. Intermediate forms such as the output of a preprocessor or translator are not allowed.

3. Derived Works :
The license must allow modifications and derived works, and must allow them to be distributed under the same terms as the license of the original software.

4. Integrity of The Author's Source Code:
The license may restrict source-code from being distributed in modified form only if the license allows the distribution of "patch files" with the source code for the purpose of modifying the program at build time. The license must explicitly permit distribution of software built from modified source code. The license may require derived works to carry a different name or version number from the original software.

5.No Discrimination Against Persons or Groups:
The license must not discriminate against any person or group of persons.

6.No Discrimination Against Fields of Endeavor:
The license must not restrict anyone from making use of the program in a specific field of endeavor. For example, it may not restrict the program from being used in a business, or from being used for genetic research.

7. Distribution of License:
The rights attached to the program must apply to all to whom the program is redistributed without the need for execution of an additional license by those parties.

8. License Must Not Be Specific to a Product:
The rights attached to the program must not depend on the program's being part of a particular software distribution. If the program is extracted from that distribution and used or distributed within the terms of the program's license, all parties to whom the program is redistributed should have the same rights as those that are granted in conjunction with the original software distribution.

9. License Must Not Restrict Other Software:
The license must not place restrictions on other software that is distributed along with the licensed software. For example, the license must not insist that all other programs distributed on the same medium must be open-source software.

10. License Must Be Technology-Neutral:
No provision of the license may be predicated on any individual technology or style of interface.

A lot of interesting questions arise when looking at the criteria IMO. Is this going to truly be open source I wonder? If it is, then this is going to be a HUGE undertaking, and I hust don't see it getting done by the deadlines they have set for themselves, and that would seem to compromise the criteria where ample time must be given.

Also, which form of open source will this be made in the spirit of? You have the Cathedral and Bazaar models.

They differ in a few ways that may be quite important to this project.

In the traditional model of development, which he called the cathedral model, development takes place in a centralized way. Roles are clearly defined. Roles include people dedicated to designing (the architects), people responsible for managing the project, and people responsible for implementation. Traditional software engineering follows the cathedral model. Fred P. Brooks in his book The Mythical Man-Month advocates this model. He goes further to say that in order to preserve the architectural integrity of a system, the system design should be done by as few architects as possible.

The bazaar model, however, is different. In this model, roles are not clearly defined. Gregorio Robles [8] suggests that software developed using the bazaar model should exhibit the following patterns:

Users should be treated as co-developers:
The users are treated like co-developers and so they should have access to the source code of the software. Furthermore users are encouraged to submit additions to the software, code fixes for the software, bug reports, documentation etc. Having more co-developers increases the rate at which the software evolves. Linus's law states that, "Given enough eyeballs all bugs are shallow." This means that if many users view the source code they will eventually find all bugs and suggest how to fix them. Note that some users have advanced programming skills, and furthermore, each user's machine provides an additional testing environment. This new testing environment offers that ability to find and fix a new bug.

Early releases:
The first version of the software should be released as early as possible so as to increase one's chances of finding co-developers early.
Frequent integration:

Code changes should be integrated (merged into a shared code base) as often as possible so as to avoid the overhead of fixing a large number of bugs at the end of the project life cycle. Some open source projects have nightly builds where integration is done automatically on a daily basis.

Several versions:
There should be at least two versions of the software. There should be a buggier version with more features and a more stable version with fewer features. The buggy version (also called the development version) is for users who want the immediate use of the latest features, and are willing to accept the risk of using code that is not yet thoroughly tested. The users can then act as co-developers, reporting bugs and providing bug fixes.

High modularization:
The general structure of the software should be modular allowing for parallel development on independent components.

Dynamic decision making structure:
There is a need for a decision making structure, whether formal or informal, that makes strategic decisions depending on changing user requirements and other factors. Cf. Extreme programming.

Most well known open-source software products follow the bazaar model as suggested by Eric Raymond. These include projects such as the Linux kernel, Firefox, Apache, the GNU Compiler Collection, and Perl.

Okay, that's it. I felt that this was all important and relevant. Only problem with providing all of this info is, by the time I was finished preparing this thread, I am already almost off of the "recent thread" links on the right side of the screen, so this is going to be a tough one to get folks to notice. You know people, a few stars and flags wouldn't hurt if you think this is important...

I just think this is the biggest news for voting in a long time. People have a general distrust oof electronic voting, and this is an attempt by Sequoia to fix that, but given their past, it will be hard for them to get on anyone's buddy list anytime soon. Still, I applaud the effort.

How many of you will participate in this I wonder?

This is very interesting, I hope this gets more attention. I am still intimidated at the very thought of trying this but the links and info you have given us is very helpful, but even so, I think I'm a lost cause on this one.

What about the legal issues regarding the copyrites and such?
If everyone helped make it, then shouldn't we all get a portion?

reply to post by Grandma


Well I wondered about that as well. It came to mind when I saw it was obvious that Sequoia is only doing this because of the of the non-profit company that released their open source voting software five days prior to this announcement by Sequoia.

The article on the non profit company is HERE

Miller said the foundation wasn’t looking to put voting system companies out of business but to assume the heavy burden and costs of research and development to create a trustworthy system that will meet the needs of election officials for reliability and the needs of the voting public for accessibility, transparency, security and integrity.

I guess Sequoia saw it differently!



Here is the legalities for licensing and copyrights:

An open source license is a copyright license for computer software that makes the source code available under terms that allow for modification and redistribution without having to pay the original author. Such licenses may have additional restrictions such as a requirement to preserve the name of the authors and the copyright statement within the code. One popular (and sometimes considered normative) set of open source software licenses are those approved by the Open Source Initiative (OSI) based on their Open Source Definition (OSD).

A license defines the rights and obligations that a licensor grants to a licensee. Open Source licenses grant licensees the right to copy, modify and redistribute source code (or content). These licenses may also impose obligations (e.g., modifications to the code that are distributed must be made available in source code form, an author attribution must be placed in a program/ documentation using that Open Source, etc.).

Authors initially derive a right to grant a license to their work based on the legal theory that upon creation of a work the author owns the copyright in that work. What the author/licensor is granting when they grant a license to copy, modify and redistribute their work is the right to use the author’s copyrights. The author still retains ownership of those copyrights, the licensee simply is allowed to use those rights, as granted in the license, so long as they maintain the obligations of the license. The author does have the option to sell/assign, versus license, their exclusive right to the copyrights to their work; where upon the new owner/assignee controls the copyrights. The ownership of the copyright (the “rights”) is separate and distinct from the ownership of the work (the “thing”) - a person can own a copy of a piece of code (or a copy of a book) without the rights to copy, modify or redistribute copies of it.

When an author contributes code to an Open Source project (e.g., Apache.org) they do so under an explicit license (e.g., the Apache Contributor License Agreement) or an implicit license (e.g., the Open Source license under which the project is already licensing code). Some Open Source projects do not take contributed code under a license, but actually require (joint) assignment of the author’s copyright in order to accept code contributions into the project (e.g., OpenOffice.org and its Joint Copyright Assignment agreement).

Placing code (or content) in the public domain is a way of waiving an author’s (or owner’s) copyrights in that work. No license is granted, and none is needed, to copy, modify or redistribute a work in the public domain.

Mozilla is an example.

Unlike strong copyleft licenses, the code under the MPL may be combined with proprietary files in one program ("Larger Work"). For example, Netscape 6 and later releases were proprietary versions of the Mozilla Application Suite, by adding the proprietary AIM and other parts. The MPL treats the source code file as the boundary between MPL code and proprietary parts, meaning that a certain source file (e.g., C++, JavaScript or XUL file) is either fully MPL or fully proprietary. The GPL, in contrast, uses the process boundary of the executable as the license boundary (for details, see GPL).

So it is still their property, and they reap the profits. The only way we could ever make a dime off this I believe is if they make the source code PUBLIC DOMAIN.

I could be wrong but I believe that's how it works. Someone on here may know a better way to explain this hopefully, but as of yet, no one even seems interested in this bit of news!

reply to post by Enigma Publius

Okay, so what you are saying is this open source way of doing it only gives us permission to use their copyright, but not get the rewards from it.

In other words, we do the work, they get the profit?

reply to post by Grandma


In a sense, yes. That is how I understand it anyway. They are granting permission for us to use all of the code, but they still are responsible for all obligations under the license.

I do wish someone more knowledgeable would chime in though. I am just a very casual user of codes. Back when I learned how to write software, I had to type line after line of agonizing commands in BASIC.

THOSE WERE THE DAYS eh?

reply to post by Enigma Publius

Well good luck, but this is a LOT of reading material and in today's information overload, attention spans are dwindling. I'll bet most folks skip over this when they see how much info is behind it.

Sad but true. I skimmed most of it myself, maybe a summary would be helpful. But it is a good thing that you provided so much in case someone had a question.

I don't know, maybe you are right. But I always see people saying you need to put plenty of links and info in posts, maybe people just don't care about this at all?

If so, then this project is doomed before it strts! If I can't get any comments from this, then who will actually take the time to participate in this?

What worries me is this happening:
your average Joe is intimidated by the idea, and completely ignores it. So the software is written by a small group of people with special interests in mind.

THIS BURNS MY BUTT! All these people who post on here about rigged elections and what have you, and now we have a way to fix it (sopposedly) but no one will post a reply hardly, so it would seem that no one is interested in changing the system, they only like to whine about it.

Maybe they are worried that they won't get to whine about their candidate losing if there is no chance it was rigged? I am truly puzzled by the lack of interest here. I would expect this from a lot of other sites, but on a site where we routinely talk about corrupt politics and such, this is a breath od fresh air!

reply to post by Enigma Publius


It is a little ironic isn't it? I imagine it also has to do with the amount of time that has elapsed since the Florida voting fiasco. If this thread had been created then I think you would have generated a lot more responses.

But no matter, don't let it get to you. I know how you get upset when something you deem important for people to see is ignored, but there is nothing you can do to change that. At least now, when the project starts up full swing and it is bigger news, you can use the old:
"existing thread here"
line and show folks that you tried to tell them about this a long time ago.

reply to post by Grandma


Thanks for reminding me to not let it get me down. And it's not because i crave points that it upsets me. (although I DO want more points just so I can access R.A.T.S.) What upsets me is the people who may miss out on the opprotunity to actually do something about this corrupt system for a change! If it is not widely diversified in the production process, then the possibility for corruption rises.

Are you of the opinion that this will reduce the chance for an attack on the software's weaknesses? Or will it be like giving them a key to the city so to speak?

reply to post by Enigma Publius

I think the transparency of it will be a positive step towards getting the fixes made quicker and more efficiently.

reply to post by Grandma


Me too. Dad thinks that it is a dnagerous idea. He says that one side or the other will be able to get a majority on the production side. But even if that is the case, the "other side" will have a way to voice their views on flaws in the software and make changes.