Comments (21)

joel3000 wrote on December 29, 2006 7:29 PM:

Let me gues s, Judge Gary is a Republican appointee. That's why he puts the protection of the company's bug ridden and obvious code over the protection of the public's right to choose its leaders.

MW wrote on December 29, 2006 7:53 PM:

I've no idea about the merits of the case, but as a software developer, I can tell you that poring over the source code is unlikely to offer anything remotely definitive about what happened in Florida. If they want to prove that the software has bugs, it would be better to subpoena any log files created by the software, bug tracking reports from the Q/A team, and Q/A's test plan. Even better, just get a copy of the software (without the source code), and test the thing.

liberal wrote on December 30, 2006 1:44 AM:

MW wrote, "If they want to prove that the software has bugs, it would be better to subpoena any log files created by the software, bug tracking reports from the Q/A team, and Q/A's test plan."

That makes sense. Though given the quality of the work by Diebold et al., I wouldn't be surprised if there was no logging or Q/A test plan...

Salmo wrote on December 30, 2006 6:17 AM:

I understand that Princeton showed bugs could be self-deleting and untraceable. It may be possible to prove that this is true in Florida too with the kind of records and test MW suggests, but it seems likely that little else is available. If there is evidence of vote tampering, it seems more likely to be on the human side.

BW wrote on December 30, 2006 9:55 AM:

I hope the new congress does not seat Buchanan.

Dean: Dems should keep out Buchanan
"Absolutely not,"
"You cannot seat someone if you don't have an election that's valid.
http://www.sptimes.com/2006/12/07/Worldandnation/Dean__Dems_should_kee.shtml

BW wrote on December 30, 2006 9:57 AM:

damn I wish the comments section here would at least let us hyperlink. :(

AuntieM wrote on December 30, 2006 11:00 AM:

What if the machines were punch card type voting machines with a knob on the back used to hack the vote. Would judge Gary rule vote hacking is"nothing more than conjecture and not supported by credible evidence," and said that making the secret code(knob) available for scrutiny "would result in destroying or at least gutting the protections afforded those who own the trade secrets." By his logic any machine hack, software code or mechanical knob could be a "trade secret".

Jim McKay wrote on December 30, 2006 1:09 PM:

MW said:
(q)I can tell you that poring over the source code is unlikely to offer anything remotely definitive about what happened in Florida.
(end q)

As a software developer, I completely disagree: designed backdoors/alteration commands and such can be no more definative than as revealed in source code... it's the DNA of the software.

I do agree w/checking logs as you suggest.

...

I'd also point out that this same decision has been issued in Florida at least 2 times prior (that I'm aware of... could be more). Sure seems to me that incoming dem lawmakers may want to address the question:

Regarding *public elections*, which consideration has higher priority:
* a) Protecting proprietary "rights" of a private company who's product registers, counts and tabulates vote counts.... & has many times been implicated in untraceable results accompanied by strong evidence suggesting malfeasance.
* b) The integrity of public elections, and the public's interest in pursuing vote counting errors, manipulation, or outright fraud.

{õ£õ} wrote on December 30, 2006 1:10 PM:

"...trade secrets." ????
What Trade Sectets???
That's ludicrous.

I can hardly think of a simpler assignment than to write code for a voting machine.

This judge is an asshole !

nofltwlt wrote on December 30, 2006 1:30 PM:

Voting machine code should be made public for reasons of national security. If we cannot verify elections we are not secure and we are not free. If we cannot verify that the will of the people prevails, we will all be at the mercy of a few corrupt politicians and money mongers.

There is no reason for the code on any voting machine to be a secret; the code itself is trivial enough that an entry-level programmer could construct it (error free) in a very short period of time.

There can be only one reason to protect this code from scrutiny, and that is that it is stealing votes for republicans. Voting machine manufacturers are stealing democratic votes and giving elections to republican - plain and simple. It is no coincidence no one is worried about protecting republican votes and there are no reports of votes being stolen from republican candidates; only democrats are having votes stolen from them.

Congress should pass legislation that requires voting machine code to be examined and certified to be error and sabotage free prior to and after elections. Under no circumstance should Americans fall prey to another election that cannot be verified.

nofltwlt wrote on December 30, 2006 1:42 PM:

The judge should be made aware of one of the most simple and important concepts in software engineering, that errors cannot be "tested away". Software engineers know that code must be "verified" to be correct in its design and execution - thus eliminating errors.

I am a computer professional with over twenty years experience and it is inconceivable to me that voting machine code should be deemed "secret" because it is a very simple application to construct. Voting machine manufactures cannot be entrusted with something as important recording the "will of the people" without being held accountable.

MW wrote on December 30, 2006 8:19 PM:

AuntiM writes: designed backdoors/alteration commands and such can be no more definative than as revealed in source code

I find it difficult to believe that the software company built a backdoor to change an election in a specific district. If they did, they wouldn't provide that source code anyway. You would need to subpoena all their machines.

nofltwlt writes: errors cannot be "tested away". Software engineers know that code must be "verified" to be correct in its design and execution

Q/A is not perfect, but if nofltwlt knows a way to reliably "verify" that source code works, he/she should patent it, and we can get rid of all our Q/A teams. It's extemely difficult to spot a bug by looking at someone's source code without test conditions that reproduce it. If the code really is so simple that a developer can see a bug by examining the code, then the Q/A tests would also be trivial.

Rather than trying to find a smoking gun, which to me seems extremely difficult, I would cast doubt on the practices of the software company by having an expert witness criticize their development and Q/A practices. Either that, or perform extensive tests on the software and try to reproduce a bug.

That said, the evidence seems suggests poor UI design resulted in human error. Rather than a bug implausibly ignored votes for a single candidate in a single election.

nofltwlt wrote on December 30, 2006 10:21 PM:

** MW writes, "That said, the evidence seems suggests poor UI design resulted in human error. Rather than a bug implausibly ignored votes for a single candidate in a single election."

-- MW speaks like an apologist for the voting machine vendors and the GOP; keep the balls in the air to distract people. If the code were constructed with nefarious intentions, there would be no sense in testing it; code will do the same thing over and over. No UI could be designed so poorly that it would cause voters, who are on the lookout for problems anyway, that would cause voters to cast 13,000 ballots in error, all to the advantage of the republican candidate. ALWAYS REMEMBER, NO REPUBLICAN VOTES ARE BEING LOST!!!

** MW writes, "I would cast doubt on the practices of the software company by having an expert witness criticize their development and Q/A practices."

-- What MW suggests is exactly what code verification does - cast doubt - but it does so ahead of time rather than after the fact.

It is important that any machine could be opened at any time for any reason and the code running on that machine could be compared against a master copy.

** MW writes, “... If they did, they wouldn't provide that source code anyway.”

E-voting vendors could not deploy nefarious code if they are not permitted to shroud it from view. Who in the world gave them the permission to protect their code from view of the American electorate? They can keep their code secret from other vendors but they must verify that their code is not stealing votes; recording the true will of the people trumps intellectual property concerns; especially when the voting application does not require a great deal of intellect.

I don’t know the background of MW but I have been indoctrinated in software engineering and have written hundreds and hundreds of applications. Under no circumstance would I even consider keeping E-voting code from the scrutiny of government or public auditors. What purpose, other than a nefarious one, would be served?

MW wrote on December 31, 2006 2:05 AM:

You're welcome to debate the merits of my argument, but impugning my motives by calling me an "apologist for voting machine vendors" is a rhetorical fallacy.

I have no association with electronic voting machines whatsoever. Moreover, I entirely agree that voting systems should be transparent. E-voting software products should be audited, both the source code and the Q/A practices. I also believe that paper receipts should be printed. I would even argue people should be able to verify their votes online based on a random ID assigned to them by the voting machines.

My original comment was very pointed: reviewing source code is unlikely to pinpoint a specific bug that cannot be reproduced. Auditing does not ensure that software is bug-free; it helps to demonstrate that good coding and Q/A practices have been followed. And if there were actually malicious code in the software, the developer is unlikely to hand over the actual source code anyway. So Jennings' case would not likely be strengthened by forcing the company to hand over its code. That is not to say that the country wouldn't benefit by requiring evoting product companies to be audited and source code to be made public.

I do think it's clear from the statistics that Jennings was unfairly denied the election, but no one knows the reason for it. This article suggests a ballot design problem: http://heraldtribune.com/apps/pbcs.dll/article?AID=/20061205/NEWS/612050604. That sounds more plausible to me than a conspiracy theory or a bug that cannot be reproduced, but what do I know?

BW wrote on December 31, 2006 2:15 AM:

The problem is the voting machine companies use microsoft based systems instead of a proprietory OS.

["... Diebold's machines, which use Microsoft Windows, Hanna said. The company does not have the right to provide Microsoft's code ... "]
http://www.msnbc.msn.com/id/10252248/from/RS.4/

Microsoft will go to any length to protect its source code. The real crime is that the companies are allowed to use an off the shelf operating system. No wonder it is so easy to hack.

Jimbo wrote on December 31, 2006 2:46 AM:

Whether viewing the source code will yield any answers is irrelevant. If our democracy is to be entrusted to private corporations then EVERYTHING should be able to be viewed and reviewed by independent auditors/techinicians. THere is no credible reason for any corporation to refuse this other than software is grossly flawed or easily tampered with. Any corporation that trys to argue that its voting software and hardware is proprietary should be automatically banned from providing voting machines to any government body be it federal, state or local.

Chabuka wrote on December 31, 2006 9:02 PM:

can we impeach these assholes...? or maybe we just have to tar and feather their happy asses...I am so sick of this type of "justice"..in Iraq and in our own country...can't we get a fair trial anymore..? Justice is not blind..its bought with money and idealism

Anonymous wrote on January 1, 2007 12:09 PM:

Joining the cacophony of software engineers, I suggest that Congress commission an open-source balloting system, then require that it be used in all Federal elections.

Open source would promote vigorous scrutiny of the code; states-rights issues could be overcome by appealing to Bush v. Gore, wherein equal protection overcomes state sovereignty.

Chabuka wrote on January 1, 2007 3:42 PM:

What do you call a judge who obstructs justice....?

GreenDreams wrote on January 2, 2007 1:36 PM:

The contested districts should re-vote. The Democrats could first hire an independent firm to poll a random subset of voters in these districts with unambiguous and unbiased questions: "Did you vote? Did you vote for a Congressional Rep? For whom did you vote?"

And yes, let's fix this. Open source software only. If Diebold (or others) can't find or develop open source software to count and record votes (sheesh. what's the big secret?), they can simply NOT BID to supply the hardware.

Greenjeans wrote on January 2, 2007 3:53 PM:

Even if you assume that there is a genuine risk to trade secrets, courts ordinarily have the power to order disclosure if necessary to prevent fraud or injustice. Moreover, the judge could have issued a protective order strictly limiting access to the data.