DARPA Is Building a $10 Million, Open Source, Secure Voting System
Source: MOTHERBOARD | By Kim Zetter | Mar 14 2019
For years security professionals and election integrity activists have been pushing voting machine vendors to build more secure and verifiable election systems, so voters and candidates can be assured election outcomes havent been manipulated.
Now they might finally get this thanks to a new $10 million contract the Defense Departments Defense Advanced Research Projects Agency (DARPA) has launched to design and build a secure voting system that it hopes will be impervious to hacking.
The first-of-its-kind system will be designed by an Oregon-based firm called Galois, a longtime government contractor with experience in designing secure and verifiable systems. The system will use fully open source voting software, instead of the closed, proprietary software currently used in the vast majority of voting machines, which no one outside of voting machine testing labs can examine. More importantly, it will be built on secure open source hardware, made from special secure designs and techniques developed over the last year as part of a special program at DARPA. The voting system will also be designed to create fully verifiable and transparent results so that voters dont have to blindly trust that the machines and election officials delivered correct results.
Read more: https://motherboard.vice.com/en_us/article/yw84q7/darpa-is-building-a-dollar10-million-open-source-secure-voting-system
LanternWaste
(37,748 posts)And I really like this...
Members of the public will also be able to use the cryptographic values to independently tally the votes to verify the election results so that tabulating the votes isn't a closed process solely in the hands of election officials.
Any organization [interested in verifying the election results] that hires a moderately smart software engineer [can] write their own tabulator, Kiniry said. We fully expect that Common Cause, League of Women Voters and the [political parties] will all have their own tabulators and verifiers.
TheBlackAdder
(29,103 posts).
There's a fallacy that open-source software is more secure because it is reviewed by others.
In reality, no one really reviews it besides academia, nation states and hackers. They do not have to disassemble the code because the source is given to them to exploit. On top of that, many of the open-source groups are infiltrated with hackers and nation state developers to inject rogue code or malware.
Many companies are moving to this Spring Open Development platform, because it's free. It's also rife with hundreds of vulnerabilities.
.
LastLiberal in PalmSprings
(13,018 posts)A commercial software company developed the basic code and published it for review by the public. So far the process has produced a more accurate result, when the tallies are compared with hand counts. The main complaint has been the lack of a print out for the voter to review.
Source: Wired
TheBlackAdder
(29,103 posts).
Read the following article and then travel to Sonatype, register and get the free download of the report.
https://www.theregister.co.uk/2018/09/25/open_source_security/
Just search: SONATYPE OPEN SOURCE SECURITY
.
SKKY
(12,333 posts)...would ever say open source software is more secure.
sandensea
(22,850 posts)They want what Wally O'Dell and his buddy Bush wanted: high-tech, unverifiable ballot stuffing.
True Blue American
(18,254 posts)gtar100
(4,192 posts)DrToast
(6,414 posts)littlemissmartypants
(26,076 posts)Adrahil
(13,340 posts)All of them were cutting edge, and all emphasized thinking outside the box, but executing the project with rigor.
ProfessorPlum
(11,389 posts)can we put it in all 50 states
DrToast
(6,414 posts)Not sure how that would work, as the States control elections.
catrose
(5,244 posts)I sincerely hope that someone in government then checks the machines to make sure the manufacturer didn't get creative.
SunSeeker
(54,199 posts)CDerekGo
(507 posts)GOD! I sure hope so!
ArizonaLib
(1,266 posts)want us to vote on their machines? Feels weird, but ok. I don't understand how all the money we can spend on new voting machines won't wind up outputting auditable paper (receipts and encrypted real time ticker data) that a high schooler could program? I keep hearing we can't use paper, because the networks need vote totals quickly. The 'quickly' seems to be destroying our democracy. The system allows for time between poll closings and vote tallies/certifications.
japple
(10,403 posts)from Nixon's admin. that worked with DARPA? John Ehrlichman?
ArizonaLib
(1,266 posts)This whole military culturization creeps me out. I was watching the food channel with my daughter the other night and got pissed when one of the hosts was wearing a different military style jacket after every commercial break. The military product placement everywhere is driving me nuts.
TexasBushwhacker
(20,777 posts)mellow
(97 posts)From the link:
"The first will be a ballot-marking device that uses a touch-screen for voters to make their selections. That system wont tabulate votes. Instead it will print out a paper ballot marked with the voters choices, so voters can review them before depositing them into an optical-scan machine that tabulates the votes."
unc70
(6,332 posts)What is the justification for having all the extra complexity and cost of creating a ballot marking system? Just mark ballots by hand, then scan them directly.
mopinko
(72,054 posts)they also translate into innumerable languages.
plus, as simple as it is, there are always ballots that get spit out because the voter didnt really get it right. and lots of votes dont get spit out or counted.
this works for me.
FiveGoodMen
(20,018 posts)Proprietary vote-counting software that no one is allowed to examine should have gotten a number of decision-makers locked up.
Opel_Justwax
(230 posts)JCMach1
(28,168 posts)We need block chain voting with a paper trail and receipt with a searchable and verifiable key to check your vote in the chain
gtar100
(4,192 posts)voting systems can too. And awesome that it will be open source, as it should be since this is a public service.
Guess that means they won't be using Microsoft Access anymore for the database of choice.
Now we have to watch for the republicans to come along and try to fuck it all up. Their greatest fear is fair elections. They'd have to actually justify their absurd ideas.
Crossing my fingers this takes off like the internet.
ArizonaLib
(1,266 posts)Diebold who provides ATM machines to the major banks also provides the voting machines.
justgamma
(3,679 posts)the owner of Diebold, who was also Bush's campaign chairman, guaranteed Ohio would go to Bush. He claimed that they couldn't print out receipts for voting,but they did fine with the ATM's.
ArizonaLib
(1,266 posts)for 'counting'?
gtar100
(4,192 posts)Diebold engineers are capable of building ATM machines that work as well they do, but their voting machines are so vulnerable and problematic. It's obvious that this was by choice and not because voting systems are too hard to do by nature. It shows they willfully created substandard, hackable systems. And anyone who works with software damn well knows it. Politics took over good design principles, common sense and well known best practices. It was willful and intentional bad design.
flyingfysh
(1,990 posts)If your banking system shows incorrect information, you can detect that immediately, and come up with evidence to prove that the system went wrong. You don't have to know if all the other bank customers are getting good information. Their accounts have nothing to do with yours.
For voting systems, being told that it understood your vote does not help. It may have some number for the total of all other votes, and that can't be verified by an individual voter. You would have to talk to all of those thousands of voters, and many would not tell you how they voted.
gtar100
(4,192 posts)But they are both complex systems that have to work everywhere, in all towns and cities, with accuracy and consistency, securely and with an audit trail for tracing discrepancies. I could have used other examples - i.e., building robots that can work for years on the surface of Mars. There is no room for error in that code! Highly sophisticated software engineering...the requirements aren't the same but if we can do these highly complex projects (international banking systems, interplanetary robots), an accurate, honest voting system is well within our abilities.
mart48
(82 posts)flyingfysh
(1,990 posts)I believe they can construct this kind of software. But a basic problem is: how can the average voter make sure that that software is what is actually running on the machines in use? You can't tell just by looking at the machine.
Also, most people don't have the technical background to appreciate this kind of accomplishment. A voting system has to be understandable by anyone, even low-education voters. No software systems satisfy that. The system has to be something everyone can trust.
LiberalLovinLug
(14,386 posts)..even 20 percent of the problem."
Isn't there a cheaper, more secure system that will fix almost 100% of the problem?
Hint:
DrToast
(6,414 posts)What happens when people screw up their paper ballots and we have to rely on election officials to determine intent of the voter?
LiberalLovinLug
(14,386 posts)There are reps from each party in any count. They must all agree with a vote or it is discarded. Its pretty easy to see if the person just accidentally went over a line in a box or if they intentionally spoiled the ballot. Even IF this was a difficult process, which it is not, it would hardly effect even 1% of the vote.
h2ebits
(791 posts)LiberalLovinLug
(14,386 posts)I am in Canada. We have always used paper ballots. I worked one year at a ballot box polling station as well. The vote tally is completed by about 8 pm in the Western end of the country. One further excuse in the same vein I hear is that....well, there are 10 x more voters to deal with, so it would be too big a job. What? You also have 10x the population you can draw on to work at those polling stations! So it would theoretically take the same amount of time. Its not that complicated. In fact it is far less complicated, while being almost 100% secure, that is the beauty of it.
IronLionZion
(47,309 posts)Somehow, the great state of Florida managed to screw up paper ballots so badly under Jeb Bush's brilliant leadership that his brother got elected president with fewer votes.
LiberalLovinLug
(14,386 posts)Throw out all the fricken mechanical and computer machinery.
Booth
Pencil
Paper
Box
Done
IronLionZion
(47,309 posts)LiberalLovinLug
(14,386 posts)I think that is one of the fake news myths that Republicans have been stoking. How it would be IMPOSSIBLE because they are such a large country. Or because they have more people. Canada is a bigger country, by land mass. And many European countries are more densely populated, per square mile, than the US is. Its simple math. More population, more temporary workers available to work at polling stations for the day.
rwsanders
(2,789 posts)a precaution.
lapfog_1
(30,285 posts)for well over 50 years now... I was a hacker before the term was invented... back when if you broke into a computer you got hired, not arrested.
I have to ask... why?
What is wrong with paper ballots... hand counted multiple times in plain view of all concerned.
And if it takes a few days to know who won... I'm good with that.
Hekate
(95,574 posts)Whoopsie. The whole thing with black box voting with vapor trails stank from the start. Was there a problem with hanging chads? Well, let's makes sure there's no paper to make chads at all. And let a member of the Bush family get in on selling the all new and improved electronic systems.
While I would prefer paper ballots and slower outcomes, having DARPA involved seems an excellent alternative.
hunter
(39,114 posts)Modern computers and operating systems are incomprehensibly complex.
Malware is easily hidden in both the software and hardware. Bugs in the software are difficult to find. It's impossible to make the system transparent without creating a window that connects the voter with their vote.
The incentives to cheat in elections are high, even greater than incentives to steal money.
Hand marked and hand countable paper ballots are the only way to go.
I also think our ballots are too long. We are asked to vote for issues and offices that our elected representatives are too timid to deal with themselves. There are so many items on a ballot that many people don't bother voting at all, and many who do vote are misinformed and easily manipulated by advertising and propaganda, especially television advertising and propaganda.