Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

no E-voting for you!

2»

Comments

  • Registered Users, Registered Users 2 Posts: 1,305 ✭✭✭The Clown Man


    Look, if I was going to specify everything for each post I would be here explaining for a very long time. The system that was to be used here was customised for our specific use (and would have to be customised for each election - there will be slight changes made for the presedential election in November) The main code, however, is the the same. The setup is the same. The procedures have changed very slightly. The operating systems on the upload PC's has changed.

    When I say "System" I'm talking about the base system. By the nature of IT systems there are going to be changes every time. Do you know any computer system that is not constantly being changed and improved?

    Now please, no more silly specifics.


  • Registered Users, Registered Users 2 Posts: 15,956 ✭✭✭✭Villain


    Originally posted by The Clown Man
    Oh, it has been tested alright and has been used for one decade. Just not by us. The Belgians, Germans and Dutch for example, who have used it nationally but not for the same purposes have tried and tested it and found it sound

    And then
    Originally posted by The Clown Man

    1.The procedures have changed
    2.The system that was to be used here was customised
    3.The operating systems on the upload PC's has changed.

    Now please, no more silly specifics.

    Sorry if these differences seem silly to you, but I think when it comes to elections nothing is silly in regards to our votes are counted, sorry for being smart assed about it, but I think your arguments are incorrect.


  • Registered Users, Registered Users 2 Posts: 1,305 ✭✭✭The Clown Man


    OK, granted. Well put it this way:

    Day in day out you accept computer systems to continue to perform the tasks that they are programmed to perform. Take banking systems. Everyone wants their banking to work perfectly. Banking mistakes are unacceptable. Banks use computers for just about every aspect of banking. They are forever implementing new computerised schemes. They change, you are aware they change. They sometimes are faulty, you are aware they are sometimes faulty, yet you accept that in the end, you will not get done over bacause there are people behind the computers who can see if something goes wrong.

    What makes this system so different? Well for one it has had far more testing than most new banking systems. It is not trying to achieve a monetary gain or any gain for that matter other than to be as fair as is possible. It is completely unbiased in that it is not government departments that are operating it but the civil service, who are neutral (or at least a fair reflection on the average views of the public.)

    This system is far more apt to deal with what it is meant to do than most new banking systems and much more trustable, yet a bank implements a new system to deal with your money and the general attitude amongst its customers is - "Oh, I see - can you pass the sugar?"

    People are not out to warp the voting system. Everyone who works on it just wants it to be fair. Even if there were a minute flaw, the neutral people behind it would sort it out. There is no cloak and dagger politics going on.

    Actually, it was just normal politics that has sown doubt and fear into peoples minds over something that deserves neither. Because that's what opposition parties do. They stir shít. And money is wasted and in this circumstance a perfectly good system which could and should have replaced the archaic system currently in use.


  • Closed Accounts Posts: 3,357 ✭✭✭secret_squirrel


    Originally posted by The Clown Man
    When I say "System" I'm talking about the base system. By the nature of IT systems there are going to be changes every time. Do you know any computer system that is not constantly being changed and improved?

    Now please, no more silly specifics.

    Do you work in IT? I work with and manage plenty of systems that havent been changed for years. In fact many or most systems approach a point of stability, where the number of mods drops near or close to zero.

    Now please no more sweeping generalisations.

    You are really showing you ignorance if you think that the 'magic of IT' will make everything better and we can all sleep soundly in our beds knowing that the system is infallable.

    If we're really lucky maybe the fairies will fix our shoes overnight too.


  • Closed Accounts Posts: 14,483 ✭✭✭✭daveirl


    This post has been deleted.


  • Moderators, Society & Culture Moderators Posts: 1,735 Mod ✭✭✭✭star gazer


    originally posted by the Clown Man
    The commission did not find that the system did not work. For all they knew it could be absolutely flawless. They recommended that it not be used because basically, they didn't know. There were small code changes in the last few months that would have been seen as totally insignificant to anyone who could read and understand the code. They were mainly procedural changes and changes to the userablility of the program. Never once did the commission suggest that the system was incapable of doing it's job; they simply said that in the time they were given to test this system, they could not provide a satisfactory conclusion. And the default result had to be a "No" - how can they say yes until they are 100% sure; it's thier asses on the line if they did.
    A far superior system has been sacraficed for the initially flawed one because of exactly what Cork has been talking about. Moaners. Sure there are genuine doubters with good reason because there are good reasons to doubt but the VAST majority are people with a gripe because their daddies voted FG or Labour or whatever and who don't really care what they are arguing about as long as it's the total opposite of what the others are saying. Viva la politics.
    Unfortunately that argument is full of holes.
    First hole is that the terms of reference for the commission were quite narrow in that only secrecy and accuracy were to be judged, not the electronic voting system and it's suitablity for use in our electoral system. So we really have no comparison between the old system and the proposed Electronic voting system by an independent body.
    second hole, the system used before was not certified or accredited by any independent body for use, in fact the system brought before the commission couldn't possibly be certified either because the finalised version of the system still wasn't available.
    thrid hole. as was said above a bug was found in the software for distribution of transfers and had the Political pressure not come from the opposition and concerned experts, there would have been no commission to find that bug and the election could well have been incorrect. Berating political parties for doing their job is arrogant because no government is perfect and should be scrutinised even when they don't want it.
    fourth hole. Paper ballot system is trusted, electronic voting had not yet earned the trust of the people and theMinister did it no favours by being reluctant in giving full information about the system and the testing done on the system.
    fifth hole. The Commission on Electronic voting found that there were some parts of the system that hadn't even been tested.
    sixth hole. If the system was as flawless as some people told us it was, why were there not the test reports provided which such an assumption must have been based upon? the only conclusion there is that there was no conclusive proof that these voting machines were technically up to the level that they were politically promoted as.
    enough holes or do you want more?


  • Registered Users, Registered Users 2 Posts: 1,305 ✭✭✭The Clown Man


    I do work in IT.

    I don't trust the IT behind it as much as I trust the goodwill of the people behind it. Good people are not as rare as fairies, actually just about everyone has a good idea of morals and only wants to see the right thing done. Actually, I find your suspicions of untrustable administrators, crooked program testers, conspiracy theories and things that go bump in the night equally laughable.

    And the E-Voting Commision did not say the opposite. They said that they couldn't be sure as they did not have the time left to test fully the exact code that was going to be used on the day of the election.

    The bugs they found were bugs relating to the display of a followup screen to a count. I do not know the exact specifics of the bug but I do know that the system developers in Nedap in the Netherlands were aware of the bug and it had no effect on the actual counting of the votes or the testing itself but was due to be fixed in the final patch anyway.

    Remember, the system had to be changed slightly to be suitable for the Germans, had to be changed slightly to suit the Belgians and had to be changed slightly to suit us. Small bugs were, in all fairness, to be expected. However, the code that deals with the counting of the votes, as far as I'm aware, was the same for all.


  • Moderators, Society & Culture Moderators Posts: 1,735 Mod ✭✭✭✭star gazer


    originally posted by the Clown Man
    I don't trust the IT behind it as much as I trust the goodwill of the people behind it. Good people are not as rare as fairies, actually just about everyone has a good idea of morals and only wants to see the right thing done. Actually, I find your suspicions of untrustable administrators, crooked program testers, conspiracy theories and things that go bump in the night equally laughable.
    amazing. Do you think we should ignore the commissions findings and go ahead with the electronic voting system's introduction in June? Luaghing at people who want to take precautions around changing a fundamental part of our electoral process is a bit rich. Proper testing of the system is not only vital to the system it is also vital for public confidence and when you are talking about a system that cannot have a link between the input and the inputer (ie voter anonymity) the level of testing has to be of the highest order and fully independent. That is why even though the commission was not allowed to look at it within it's terms of reference it did mention a voter verifiable audit trail in its report. This would allow for ongoing feedback as to the accuracy of the electronic vote and would make testing end to end more effective in finding prolems.
    Remember, the system had to be changed slightly to be suitable for the Germans, had to be changed slightly to suit the Belgians and had to be changed slightly to suit us. Small bugs were, in all fairness, to be expected. However, the code that deals with the counting of the votes, as far as I'm aware, was the same for all.
    that depends on your definition of slightly; was the system here changed slightly by a few hundred lines of code or tens of thousands of lines of code?


  • Technology & Internet Moderators Posts: 28,830 Mod ✭✭✭✭oscarBravo


    I'm getting rather fed up seeing this type of meaningless comparison:
    Originally posted by The Clown Man
    Day in day out you accept computer systems to continue to perform the tasks that they are programmed to perform. Take banking systems. Everyone wants their banking to work perfectly. Banking mistakes are unacceptable. Banks use computers for just about every aspect of banking. They are forever implementing new computerised schemes. They change, you are aware they change. They sometimes are faulty, you are aware they are sometimes faulty, yet you accept that in the end, you will not get done over bacause there are people behind the computers who can see if something goes wrong.

    What makes this system so different?
    I know you put that as a rhetorical question, but let me point out to you the single most important distinction: secrecy. A core aspect of any system that aims to implement our electoral system is the fact that it must be impossible to establish afterwards how any given individual voted.

    Next time you try to find a parallel system to compare to electronic voting, make sure you find one in which all identifying information must be stripped away.

    Back to your points:
    Well for one it has had far more testing than most new banking systems.
    You are taking the piss, right? Do you have the faintest idea how much testing goes into a banking system?
    It is not trying to achieve a monetary gain or any gain for that matter other than to be as fair as is possible.
    In theory, yes. It's also entirely possible - in theory - that certain people could have something to gain from it not being fair. There's potentially greater incentive to corrupt an electoral system than a banking system.
    It is completely unbiased in that it is not government departments that are operating it but the civil service, who are neutral (or at least a fair reflection on the average views of the public.)
    ...but it's a foreign-owned private company that's writing the software.
    This system is far more apt to deal with what it is meant to do than most new banking systems
    How do you know?
    and much more trustable,
    How do you know?
    yet a bank implements a new system to deal with your money and the general attitude amongst its customers is - "Oh, I see - can you pass the sugar?"
    If money starts evaporating out of my account, whether because of deliberate fraud or an undetected bug, I'll find out about it on my next bank statement. When will we find out about an incorrect result from this system?
    People are not out to warp the voting system.
    How do you know?
    Everyone who works on it just wants it to be fair.
    How do you know?
    Even if there were a minute flaw, the neutral people behind it would sort it out.
    How would they detect the flaw? If the machine announced that one candidate had received 100% of the poll, how would they sort it out?
    There is no cloak and dagger politics going on.
    How do you know?
    Actually, it was just normal politics that has sown doubt and fear into peoples minds over something that deserves neither. Because that's what opposition parties do. They stir shít. And money is wasted and in this circumstance a perfectly good system which could and should have replaced the archaic system currently in use.
    Much of the objection was created by non-political, technical-minded individuals, who were deeply dissatisfied with the obvious flaws in the system. The political fuss since was a smokescreen the minister tried - unsuccessfully - to hide behind.


  • Advertisement
  • Technology & Internet Moderators Posts: 28,830 Mod ✭✭✭✭oscarBravo


    Originally posted by The Clown Man
    I don't trust the IT behind it as much as I trust the goodwill of the people behind it.
    Don't you think it would be a good thing to be able to trust both?
    Actually, I find your suspicions of untrustable administrators, crooked program testers, conspiracy theories and things that go bump in the night equally laughable.
    ...but you're perfectly happy to accept bugs in the system. The wrong election result is only a problem if it was arrived at corruptly, is that it?
    And the E-Voting Commision did not say the opposite. They said that they couldn't be sure as they did not have the time left to test fully the exact code that was going to be used on the day of the election.
    They said the standard of proof required to accept it was higher than that required to reject it. This doesn't seem to be a philosophy you subscribe to.
    The bugs they found were bugs relating to the display of a followup screen to a count. I do not know the exact specifics of the bug but I do know that the system developers in Nedap in the Netherlands were aware of the bug and it had no effect on the actual counting of the votes or the testing itself but was due to be fixed in the final patch anyway.
    I'm curious where you got this information from: the CEV report didn't specify the nature of the bug.
    Remember, the system had to be changed slightly to be suitable for the Germans, had to be changed slightly to suit the Belgians and had to be changed slightly to suit us. Small bugs were, in all fairness, to be expected. However, the code that deals with the counting of the votes, as far as I'm aware, was the same for all.
    When, exactly, did Belgium and Germany adopt our system of PR-STV?


  • Registered Users, Registered Users 2 Posts: 1,305 ✭✭✭The Clown Man


    Originally posted by star gazer
    Unfortunately that argument is full of holes.
    First hole is that the terms of reference for the commission were quite narrow in that only secrecy and accuracy were to be judged, not the electronic voting system and it's suitablity for use in our electoral system. So we really have no comparison between the old system and the proposed Electronic voting system by an independent body.
    second hole, the system used before was not certified or accredited by any independent body for use, in fact the system brought before the commission couldn't possibly be certified either because the finalised version of the system still wasn't available.
    thrid hole. as was said above a bug was found in the software for distribution of transfers and had the Political pressure not come from the opposition and concerned experts, there would have been no commission to find that bug and the election could well have been incorrect. Berating political parties for doing their job is arrogant because no government is perfect and should be scrutinised even when they don't want it.
    fourth hole. Paper ballot system is trusted, electronic voting had not yet earned the trust of the people and theMinister did it no favours by being reluctant in giving full information about the system and the testing done on the system.
    fifth hole. The Commission on Electronic voting found that there were some parts of the system that hadn't even been tested.
    sixth hole. If the system was as flawless as some people told us it was, why were there not the test reports provided which such an assumption must have been based upon? the only conclusion there is that there was no conclusive proof that these voting machines were technically up to the level that they were politically promoted as.
    enough holes or do you want more?

    OK I can see this taking most of my day so I'll try to be brief.

    1. True, secrecy and accuracy were to be tested but I made no connection between the commission and the old system. What I said were my own observations from my own experience.

    2. I have maintained that it was not certified or accredited my the commission from the start. (See also above) However, it has been used by others who have accredited it. (Don't ask me where to find any reports)

    3. See above for the bug issue. I am angry that the opposition would do thier best to harry the introduction of the E-Voting system while they themselves know next to nothing of it, and while IT experts point out what they see as flaws, theoretical flaws can be found in almost everything on a microchip. Politicians, however, are fully aware of the inaccuarcy of the current system and are totally aware that a better one is needed. (In my opinion) You know that a recount with our current system can sway the votes in a referendum either way by hundreds and in the larger consituencies, thousands. That's a large margin of error.

    4. I don't know why the minister was reluctant to give details of the system but my guess is that he believed the less peple knew about the specific details of the code of the system, the less chance some outsider could find a way to disrupt it. Seems like a logical safegaurd for any non-IT based professional. However, this wasn't picked up on by the opposition very much was it? Seems to me to be a good argument though, but not the reason that E-Voting is not going ahead.

    5. By them. They hadn't got a chance to test everything and some things they couldn't as a result of the government not allowing them to. Why? See 4. above.

    6. Again, see 4. above. I'd say that test reports would have code included and the ministers decision in the interests of security were to withold them. Again though, that's just my guess.


    Anyway, bottom line is, no one has said at any stage that the Powervote system would not work. Some have lingering doubts, but that is unavoidable. They are certainly not worth €40m. The system has been tested and it counts the votes accurately. Security is far tighter than the older system. (Some constituencies actually leave their ballot boxes in primary schools completely unguarded and with no security other than a mortis lock.)

    The far superior system has been sacrificed because people want to bicker over issues that are minute compared to the issues that were trying to be solved in the first place.

    (And incidentally, points 1-3 were arguing percieved "holes" in my argument while points 4-6 were your own arguments nothing to do with mine.)


  • Moderators, Motoring & Transport Moderators Posts: 14,093 Mod ✭✭✭✭monument


    Originally posted by Cork
    Why? Eletronic voting worked.

    The OS Windows works. That is not to say it is secure.
    Originally posted by Cork
    An independent audit trail? When some opponants of this system use eletronics in their daily lives - Do they Ask for an independant audit trail?

    For important things, yes… receipts at ATMs, receipts after using a credit card.

    Companies should (and some do) keep printouts of any important emails or faxes.
    Originally posted by Cork
    How many of these people go into their banks and examine banking systems?

    What? The banking systems that have paper trails? On the other hand, are you talking about the online ones that have recently had an up rise in security issues because of the end users?


    If the above questions were to help your case, you are ill informed on the topic.


  • Registered Users, Registered Users 2 Posts: 1,305 ✭✭✭The Clown Man


    Ok hang on - you're all posting too fast so I'll try to get to as many points as I can.

    Secrecy - the commission accepted the issue of not being able to track votes to a specific person. They found it democratically sound. One of the main garauntees of voting is that it is entirely anonymous.

    On the banking systems: I have never worked with a banking system in my life so, I may be wrong about the testing. I do know that this system has been in testing for 10 years and thats pretty good going. The point of the comparison was to highlight the reaction of the average person to a normal change in computer systems used in everyday life. Of course, people are going to be fairly pissed if you take their democracy away from them, but do you think that is happening? Do you think that democracy is being overthrown or that this is a possible step towards that end? I think that this is a positive step towards a more assured way of voting. At the moment only 40% of people on the register vote. If it was possible to vote at your PC I would welcome the change. And as long as I'm satisfied that it was better than the old way I'd be happy.

    So why not this change? It is clearly better than what we had. Any problems along the way and the vote can be declared void. Hold it using the old way till everyone is happy. But jesus, don't treat it like it is going to ruin your voting right. It's not! If FF put in a system that defied democracy they would not last a week in government.



    Right I'm hoping there is not 10 more posts after this one cause I can't stay at this PC all day. :(


  • Closed Accounts Posts: 67 ✭✭ShaneHogan


    The attempted spins of the CEV report by Cullen/Cork/Clown is almost laughable. Attempts to pass it off as a slight delay on the basis that the CEV 'didn't have sufficient time' to approve the system do not reflect the real world. Let's review the facts;

    - The CEV reviewed all the test results produced by the Dept over the last four years. Remember - those 'six independent consultancies' that Cullen spouted about incessantly (and that cost millions of taxpayers money to produce). The CEV found that despite four years of testing, six independent consultancies, there was insufficient evidence to show that the system was safe, accurate and secure. This point on its own is a damning indictment of the competence of Minister Cullen and his officials.

    - The CEV did its own testing within the restricted timescale of 6-8 weeks open to them. They managed to find one bug in the counting software and to easily break into the 'security hardened' PC's.

    - The CEV highlighted that that the version of software to be used in the June elections was not yet available, so no-one, not Nedap, not Nathean, not the Dept of Environment and not the Minister can say anything about this version of software - it doesn't exist. Here we are, just 5-6 weeks away from polling day and the software on which our entire democratic system was to be based just doesn't exist. It is vapourware.

    - The CEV raised three seperate concerns regarding the secrecy of the proposed system;
    The voting machine “beeps” as preferences are being selected; publication of ballot results in full can allow voters to identify themselves in a context of corruption or intimidation; it may be possible for an insider to overcome the randomness of the method used for the storage of votes in the ballot module.

    Telling us that the 'old system wasn't perfect' just doesn't cut it. If you are going to spin this line, be specific. What specific faults existed with the old system? How many errors were found? Vague allegations about the oul ballot boxes just don't stand up against the litany of faults found with the proposed new system.

    Comparison against banking systems are irrelevant. eVoting systems have a unique requirement - to protect the anonymity of the voter while maintaining the security and integrity of the vote. The only way to do this is via a voter verifiable audit trail - something that the Nedap/Powervote system doesn't have. Remember this isn't a debate about whether eVoting is a nice idea in principle (It is, though I've never seen a cost/benefit analysis that really stands up). The debate is about whether the Nedap/Powervote system which has been purchased with 52 million euro of taxpayers money is an accurate, safe & secure eVoting system - It's not.

    There is no doubt that Min Cullen is damaged goods. Who is going to believe any word that comes out of this man's lips in future, given that he has been proven so badly wrong by the independent commission.

    And don't expect me to believe the line that the Minister is doing us some kind of big favour by taking the CEV's recommendation to defer use of this system. Even Minister Cullen knows that there is no way he could possibly do anything, giving the glaring errors, inaccuracies and incompetence highlighted by the commission's report.

    There are two really sad things about this event.

    Firstly, most of what the Minister was told by the commission was also told to him by me (via the Labour party policy paper), by Joe McCarthy, by ICTE, by Fine Gael and the Greens last October/Nov/December. If the Minister had cared to shut his mouth and open his ears, he could have actually acted at that time to either save the taxpayer a pile of money by not signing the final contracts, or by implementing an audit trail which would have addressed a large part of the concerns about this system. But he chose not to listen and to blunder on shovelling taxpayers money to Nedap/Powervote and Q4 PR agency without addressing the real problem.

    And secondly, let's remember the Ministers attempts to divert attention from the real issues by name-calling. Remember his 'I've got my six independent consultancies and Labour have two branch secretaries' line - to quote the Irish Times Chief Political Correspondant on Saturday, "let's hear it for the two branch secretaries". Remember his attempt to link ICTE to the anti-globalisation movement, for which he still hasn't produced any supporting data. Remember Bertie's slagging off of Bernard Allen (FG) as an old man grasping onto old ways. What goes around, comes around, Martin......


  • Closed Accounts Posts: 3,357 ✭✭✭secret_squirrel


    Originally posted by The Clown Man
    But jesus, don't treat it like it is going to ruin your voting right. It's not! If FF put in a system that defied democracy they would not last a week in government.

    How do you know its not? Thats the major point most of us are making. I think most people would be happy to see E-voting if it meant more people voting. I know I would.

    You seem to be confusing in part our criticisms of the current flawed evoting system - with any evoting system.

    And oh how many tribunerals have there been now and in the past where our politicians have defied democracy?

    And why would you trust Powervote - a company that you (I assume) know nothing about, for all we know they could be quite open to inserting dodgy code into the system. They are a corporation at the end of the day, and are there to make money. Not to ensure we elect the people we voted for. You only have to look at how Diebold have behaved in the States to wonder what the other companies are like in this area.

    I cant believe the complacency and naiveté of some of the posters in here. This issue is fundamental to our democracy and therefore far more important than for example a few euro's going missing from an account or overcharging on a mobile to name just 2 of the flawed comparisons people have made.


  • Advertisement
  • Closed Accounts Posts: 3,357 ✭✭✭secret_squirrel


    And for all those who think evoting companies will behave.

    read here ..and follow the links to the back story as well.

    (Ca have just decertified Diebold Evoting machines)

    This is why evoting has to be done properly - bespoke open source software with some kind of audit trail. Not some closed software system that is (ironically) full of holes :D


  • Moderators, Society & Culture Moderators Posts: 1,735 Mod ✭✭✭✭star gazer


    originally posted by the Clown man
    Secrecy - the commission accepted the issue of not being able to track votes to a specific person. They found it democratically sound. One of the main garauntees of voting is that it is entirely anonymous.
    the commission wasn't happy with the sound the machine made every time a voter made a preference which could be heard by others. The commission also had a problem with the access for people with certain disabilities.
    check out the report
    http://www.cev.ie/htm/report/index.htm
    2. I have maintained that it was not certified or accredited my the commission from the start. (See also above) However, it has been used by others who have accredited it. (Don't ask me where to find any reports)
    The system has not been used anywhere else in the world, our PR stv voting system is almost unique in the world and has not been adapted for the Nedap system by anyone else. The Nedap/Powervote system has a lot of similarities with machines used in Holland and elsewhere but it is different.
    4. I don't know why the minister was reluctant to give details of the system but my guess is that he believed the less peple knew about the specific details of the code of the system, the less chance some outsider could find a way to disrupt it. Seems like a logical safegaurd for any non-IT based professional.
    The "trust us we're right" argument may work elsewhere but for the electronic voting system that was to be used to elect our governments, local and central it is not good enough. Transparency is vital for public confidence and trust. There was no effort made to accomodate public and opposition concerns when it interupted the governments timetable. Back in december there were concerns (which have been echoed in the commissions report) raised at the Environment committee of the dail but they wanyed to sign contracts the next day and so the concerns were ignored and the contracts signed. It's not good enough.
    So why not this change? It is clearly better than what we had. Any problems along the way and the vote can be declared void. Hold it using the old way till everyone is happy. But jesus, don't treat it like it is going to ruin your voting right. It's not!
    The problem is that if there is a small error in this system it can affect the whole election in every ward, with the old system it would mean a small error in the result. One headline i remember. Better the vote you know than the evote you don't, if there was a reason to call the electronic voting void, then public confidence in electronic voting could be terminally damaged for a long time. Most see electronic voting as the way forward, it's just that that in elections where anonymity is imperative, the best way to keep transparency and the fast count is to have a voter verifable audit trail which can be a back up in the case of any problems.


  • Registered Users, Registered Users 2 Posts: 491 ✭✭Silent Bob


    Originally posted by The Clown Man
    Oh, it has been tested alright and has been used for one decade. Just not by us. The Belgians, Germans and Dutch for example, who have used it nationally but not for the same purposes have tried and tested it and found it sound.
    No they haven't. They have a different electoral system than ours and so the software and hardware had to be customised to the Irish electoral process.

    This makes the system we were meant to be using different to those that have been "tried and tested" on the continent.


  • Registered Users, Registered Users 2 Posts: 1,305 ✭✭✭The Clown Man


    Originally posted by ShaneHogan
    - The CEV reviewed all the test results produced by the Dept over the last four years. Remember - those 'six independent consultancies' that Cullen spouted about incessantly (and that cost millions of taxpayers money to produce). The CEV found that despite four years of testing, six independent consultancies, there was insufficient evidence to show that the system was safe, accurate and secure. This point on its own is a damning indictment of the competence of Minister Cullen and his officials.

    - The CEV did its own testing within the restricted timescale of 6-8 weeks open to them. They managed to find one bug in the counting software and to easily break into the 'security hardened' PC's.

    - The CEV highlighted that that the version of software to be used in the June elections was not yet available, so no-one, not Nedap, not Nathean, not the Dept of Environment and not the Minister can say anything about this version of software - it doesn't exist. Here we are, just 5-6 weeks away from polling day and the software on which our entire democratic system was to be based just doesn't exist. It is vapourware.

    - The CEV raised three seperate concerns regarding the secrecy of the proposed system;

    Telling us that the 'old system wasn't perfect' just doesn't cut it. If you are going to spin this line, be specific. What specific faults existed with the old system? How many errors were found? Vague allegations about the oul ballot boxes just don't stand up against the litany of faults found with the proposed new system.

    This is the last reply I will post in this thread as I'm all too aware of the futility of trying to argue with a politician. This thread does not warrant that much of my time and effort.

    However, I will point out that

    1. The "security hardened computers" were only accessable to service, consituancy and local level systems administrators and count officials and the CEV only found that the PC's administrative files were easily accessed only if you were one of them. That point is hardly an issue. This issue would ony stand if there was corruption within the count staff. And this is not an issue specific to E-Voting.

    2. The bug has already been discussed. It was submitted it "could" affect the surplus distribution. The CEV spent weeks testing the surplus distribution and count results in machines all round the country and did not find any counting defect in the count software.

    3. The final version of the software was not vapourware. It was just not finished yet. This is the nature of a computer program. After the system had been adapted to suit our particular voting system there were going to be one or two bugs. Also, if my memory serves, the backend version of access from which it runs had been upgraded from access 97 to access 2000 for this particular vote because it was found to heighten security. The last version was supposed to fix the first, last and only bug arising from those changes which had not been caught by Nedap's own testers.

    Also, the concerns risen by the CEV were simply that. Concerns. My own belief is that they were frivilous and irrelavant and were issues that had been put up with similarly with the ballot box system for years.

    As for the cons of the Ballot Box system, there have been no discussions in the media or otherwise on the cons of same but I will endevour to throw up a few for you:

    - The count result is INACCURATE. Recounts can cost hundreds of thousands and may sway the vote by hundreds or thousands.

    - Ballot Boxes are easily tampered. There is a small lock securing the box and votes. A swift kick and you can tamper away. Trying to access the votes on a Powervote module is comparitively a next to impossible task.

    - Count sessions are fully controled by the count staff. The CEV raised the issue of accessable computers and the possibility of somehow tampering with the vote? Christ, in the current system, all a staff member has to do to tamper with the vote is place a vote to their left as opposed to their right. Or accidentally put it in the wrong place. With Powervote no one person or one group has full control over the vote.

    - Ballot leafs are susceptable to damage. If someone really wanted to spoil an election, a well placed match or lighter could destroy the entire vote in all stations and wards. If a module is damaged with this system, there are back-ups in place to ensure that everyone's vote is registered.

    - The security is minimal. Ballot Boxes are left in locked primary school buildings overnight in some constituancies. Seals and official equipment can be left lying about and may be easily stolen by an intent party.

    - The paper trail is overrated. You have a paper trail and no way to accurately record a result from it. What is the point in having 100,000 votes if you can only really count them to the nearest thousand. Ballot paper accounts are helpful but only for the first Hour of the Count. After which votes are mixed up and disassociated from their respective ballot boxes.

    - Counts cost time and money. I have attended Count sessions that have lasted well into the early hours of the morning. The bills for these counts can run well into the millions.

    - An official seal of stamped wax is the safegaurd against hampering with the ballot boxes after the count has closed. I don't think that needs comment.

    These are just a few of the plainly obvious reasons for why the old system is outdated. If I had a commission and loads of government funded money I could get you more!

    Unfortunately, while we have an awful lot of "IT experts" to say that the new system is not up to their (new) standards, very few people seem to understand how weak the old system is. As much as you may think that hacking into the new system is a possibility and corrupting the vote is not altogether impossible, under the present system almost anyone could upset the vote without breaking a sweat.

    Suddenly all these privacy and security issues come to light but no one has ever stopped and said, "Hang on, but that is still an amazingly significant step up from the way our old system is run. The chances of getting at this system is slight but it is far slighter than how it used to be."

    Under the Powervote system there is far less chance of upsetting a vote. Period.

    Anyway, for those of whom the Powervote system was not enough, please attend your local Count session on Saturday the 12th June to see how your security measures are being upheld. Watch how your chosen method of voting is actually performed because I get the distinct impression that none of you have ever watched a count from start to finish never mind researching how it is done in full.



    That is really all I'm going to say on the matter. I humbly withdraw from this discussion.


  • Closed Accounts Posts: 67 ✭✭ShaneHogan


    Oh No - Please don't take the ball and run off now, Clown Man - it's just starting to get interesting as we get down to the real detail. I'm starting to wonder if you actually bothered to read the CEV report.. It's only 28 pages - it really is worth taking 30 minutes out of your busy day to check it out. So let me explode some of the glaring errors in your post quickly.

    I generally hate writing a response post which consists of a series of quotes/answers, but I'm afraid I just don't know any other way to answer the many many inaccuracies in your post.

    That point is hardly an issue. This issue would ony stand if there was corruption within the count staff. And this is not an issue specific to E-Voting.
    This point is very specific to eVoting. In the traditional system, everything is done out in the open and in full public scrutiny. A corrupt staff member hasn't a hope of stuffing or hiding a few ballots without being seen by several of the tallyman watching closely. With the eVoting system, the person sitting at the keyboard can switch the entire count results - replacing the live database with a pre-prepared database with a single 'copy' command and no-one will ever know. There is no audit trail. That's the key difference which seems to have gone over your head. If there was no reason to secure the count centre PC's, why did they bother trying to 'security harden' them. The CEV report quite correctly points out that these PC's are the 'weakest link' in the entire system.
    It was submitted it "could" affect the surplus distribution. The CEV spent weeks testing the surplus distribution and count results in machines all round the country and did not find any counting defect in the count software.
    Why the double-quotes around 'could'? Is a software bug not real to you unless you can see it happening in the real world? Perhaps the whole point of testing software is unclear to you - the objective of software testing is to test/fix bugs in a test environment before they get out into the wild. This is a system on which three general election constituencies has already been decided - and there is a bug in the distribution of surpluses. And where did you get the 'machines all round the country' bit from? I didn't see anything in the CEV report about this. And as for 'did not find any counting defect in the count software' - for Chrissakes, they did find a counting defect - distributing of surpluses is a key part of the count and they found a bug.
    The final version of the software was not vapourware. It was just not finished yet.
    Eh - that meets the dictionary definition of vapourware perfectly.
    The last version was supposed to fix the first, last and only bug arising from those changes which had not been caught by Nedap's own testers.
    So despite the fact that the test reports show that they have released over 160 versions of the software to fix previous bugs, you really, really believe that they had finally managed to catch ALL the bugs, and the CEV were just lucky to find that one in their few weeks of testing. I've spent 20+ years in the software business, and I've never met a developer who will stand up and claim to have caught the 'first, last and only bug' in any version of software. Any developer who did claim this would be a laughing stock.
    Ballot Boxes are easily tampered. There is a small lock securing the box and votes. A swift kick and you can tamper away. Trying to access the votes on a Powervote module is comparitively a next to impossible task.
    Not true. Both ballot boxes and ballot modules are sealed. Neither seals offer foolproof mechanisms, but both offer a basic layer of physical protection.
    Count sessions are fully controled by the count staff. The CEV raised the issue of accessable computers and the possibility of somehow tampering with the vote? Christ, in the current system, all a staff member has to do to tamper with the vote is place a vote to their left as opposed to their right. Or accidentally put it in the wrong place. With Powervote no one person or one group has full control over the vote.
    This paragraph clearly demonstrates your lack of understand of both the old system AND the new system. In the current system, every counting step is double-checked by another member of staff and supervised by the tallymen representing all parties looking over the counters shoulders. Everything is out in the open & transparent, by contrast to the eVoting system. And as explained above, one person sitting at the keyboard of the count centre PC HAS FULL CONTROL OVER THE ENTIRE VOTE DATABASE. This is the huge vulnerability of the new system.
    Recounts can cost hundreds of thousands and may sway the vote by hundreds or thousands.
    No recount - even the 3 or 4 day marathons have cost hundreds of thousands of euro. Count staff are just not that expensive. Please provide some data to back this up. No recount has ever swayed the vote by hundreds or thousands. Recounts generally sway the vote by single digit, or possibly two digit sums. Please provide just one example of a recount which swayed a vote by 100 or more votes?
    If someone really wanted to spoil an election, a well placed match or lighter could destroy the entire vote in all stations and wards.
    True - but they could not do any such damage undetected. Their attack would be immediately obvious. By contrast, there are many, many possible routes of attack on the eVoting system which could never be detected or audited.
    The security is minimal. Ballot Boxes are left in locked primary school buildings overnight in some constituancies. Seals and official equipment can be left lying about and may be easily stolen by an intent party.
    Ballot boxes are left overnight sealed, and under direct supervision of a Garda. They are normally moved to the count centre on the night of the election, where they typically supervised by election agents representing all parties. Again, all open & transparent, by contrast to the 'black box' approach of the new eVoting system.
    You have a paper trail and no way to accurately record a result from it. What is the point in having 100,000 votes if you can only really count them to the nearest thousand. Ballot paper accounts are helpful but only for the first Hour of the Count. After which votes are mixed up and disassociated from their respective ballot boxes.
    This is just plain untrue. With a voter verified audit trail, you simply go through the normal count process with the paper votes. it may take a day or two, but so what - what's the rush? This is a fundamental cornerstone of our democracy. We can't take short-cuts. It has to be done right.
    - Counts cost time and money. I have attended Count sessions that have lasted well into the early hours of the morning. The bills for these counts can run well into the millions.
    Again, you just don't seem to know much about the new system. It will take MORE manpower to operate the new computerised system than the old manual system. The requirement for a dedicated 'control operator' to sit with each of the 6500 voting machines on polling day will more than outweigh any saving in count centre personnel. The bills for the manpower on the new system will be higher than the old system (in addition to the €52 million already spent on the new system).
    - An official seal of stamped wax is the safegaurd against hampering with the ballot boxes after the count has closed. I don't think that needs comment.
    Again, you are demonstrating your lack of knowledge about the old system. The ballot box seal is just one part of the security. The other key feature of the old system was that all the security was done in an open & transparent manner - election agents representing the candidates supervise the sealing of the boxes at the polling station and the opening of the boxes at the count centre. All done out in the open & transparently - by contrast again to the 'black box' approach of the proposed new system.
    under the present system almost anyone could upset the vote without breaking a sweat.
    Please present some evidence to back this up.
    attend your local Count session on Saturday the 12th June to see how your security measures are being upheld. Watch how your chosen method of voting is actually performed because I get the distinct impression that none of you have ever watched a count from start to finish never mind researching how it is done in full.
    Thanks - I couldn't have said it better myself. With the old system, (and apologies for the repitition here), everything is done out in the open - transparently, visible to all who are interested. With the proposed new system - everything is done down in the guts of a few machines, with no visibility or transparency.

    The proposed new eVoting system would have handed over the keys of our democracy to the hands of a small number of individuals. This is just plain wrong.

    So please do come back Clown Man and give us some real answers.

    PS I'm not a politician - I'm an IT professional who happens to be a member of a political party.


  • Advertisement
  • Technology & Internet Moderators Posts: 28,830 Mod ✭✭✭✭oscarBravo


    Originally posted by The Clown Man
    Under the Powervote system there is far less chance of upsetting a vote. Period.
    You keep making this statement - now prove it. It's simply not enough to make the assertion.
    Anyway, for those of whom the Powervote system was not enough, please attend your local Count session on Saturday the 12th June to see how your security measures are being upheld. Watch how your chosen method of voting is actually performed because I get the distinct impression that none of you have ever watched a count from start to finish never mind researching how it is done in full.
    I stayed to the bitter end of the last general election count here in Mayo. I'm not a politician, and have no firm political allegiance. One of the reasons I watched the count was for nostalgia for the old system, and to make sure I saw it in action for comparison with the new. For all its flaws, the old system not only works, but can be seen to work. That's missing from the Nedap/Powervote system.

    If the system had been implemented, I had planned to ask the poll staff "how do I know my vote is in that box?" With the old system, given that I had just dropped my ballot into the box, it would have been a stupid question. With the proposed system, there would have been literally no way to give a valid answer.
    That is really all I'm going to say on the matter. I humbly withdraw from this discussion.
    I'd rather you stayed and answered some of the questions you've been asked.


  • Registered Users, Registered Users 2 Posts: 78,577 ✭✭✭✭Victor


    Originally posted by The Clown Man
    We were less than one month away from using this new improved system
    Ah, the good old soap powder argument "new" and "improved".
    Originally posted by The Clown Man
    The Belgians, Germans and Dutch for example, who have used it nationally but not for the same purposes have tried and tested it and found it sound.
    Actually, it has not been used in Belgium (certainly neither the manufacturers nor the department aren't saying so - but what is one to expect from them :D). The Germans have only used it in Cologne and tested it in parts of Dusseldorf. So, congratulations two out of three wrong.


  • Moderators, Social & Fun Moderators Posts: 10,501 Mod ✭✭✭✭ecksor


    I too have been frustrated at the poor banking analogy been trotted out all along during the various discussions on e-voting, but I haven't had the experience before that I've just had with online banking (I'm not using it very long) where my account balance appears to be in the correct ballpark, but it's missing some transactions. (It initially appeared to be way off, then I remembered that my rent is automatically deducted on the first of the month which would account for it, but there's no record of that transaction ... ).

    I mentioned it to a friend who claims that it's a common oddity associated with bank holiday weekends. Ok, so far so good. Except my balance history has been slightly reverse engineered to make the figures appear correct in the short term (it won't give me details past a week :D ) which (if taken as truth) would mean I'd pay more interest on my overdraft. Not good. Even if we assume that banks are very honest institutions that give us value for money, then you must either say that the analogy fails because the voting system can't be allowed to get itself into such situations, or you need to think about how the bank resolves such a situation and translate similar scenarios of discrepancies creeping in into e-voting terms and describe how they get resolved.

    Goshdarnit, and I was just about ready to accept a poorly designed voting system and all ...


  • Registered Users, Registered Users 2 Posts: 68,317 ✭✭✭✭seamus


    Originally posted by ecksor
    I mentioned it to a friend who claims that it's a common oddity associated with bank holiday weekends. Ok, so far so good. Except my balance history has been slightly reverse engineered to make the figures appear correct in the short term (it won't give me details past a week :D ) which (if taken as truth) would mean I'd pay more interest on my overdraft. Not good. Even if we assume that banks are very honest institutions that give us value for money, then you must either say that the analogy fails because the voting system can't be allowed to get itself into such situations, or you need to think about how the bank resolves such a situation and translate similar scenarios of discrepancies creeping in into e-voting terms and describe how they get resolved.
    It's a descrepancy that pops out because Internet Banking is something that people want available 24 hours a day, but the bank's tranactions records don't update automatically.
    With BOI anyway, I've seen it reverse engineer the past week, and get it totally wrong. For example, one day I have €100, and take out €20. I check the balance the next day, just after midnight, just after getting paid, and it tells me I have €2,080 (for example ;)). Now, it doesn't have a record of me getting paid, but the balance it's receiving is correct, so it reverse engineers my past week's transactions, and tells me I had €2,100 yesterday before I took out €20. Which is blatantly wrong. I've seen it do this.
    But it's no biggie, because the balance is right, and it will update eventually. If it doesn't, I can dispute it, because I know who paid me money and when they paid me, and I also know when and where I withdrew money.

    The analogy fails because of that. With the evoting system, there was no papertrail. How can someone dispute a vote result when nobody can verify who voted for whom? If I have a problem with my balance, I contact the bank, who verify their records, and produce proof, that yes, that is my correct balance, or I produce my receipts and say, no it's wrong, transaction x is missing.
    Short of each candidate getting a signed Affidavit from each person who voted for them, how can we be 100% sure that results are correct, particularly when the machine isn't deemed to be tested enough so as to be reliable, and when there is no papertrail. If the sourcecode is private, how can we be sure that peopel with vested interests can't add in something to swing an election?


  • Registered Users, Registered Users 2 Posts: 15,443 ✭✭✭✭bonkey


    Originally posted by The Clown Man
    I do know that this system has been in testing for 10 years and thats pretty good going.

    Thats a misrepresentation. This system has been in constant development for 10 years, and each iteration has been tested. However, only the tests on teh final iterations are significant. I could just as easily say that MS WIndows has been in testing for almost 20 years since MS Windows 1.0 was released in 1984 or 1985. How much of that testing is relevant to the current version?

    The point of the comparison was to highlight the reaction of the average person to a normal change in computer systems used in everyday life.
    Bank systems typically differ in a number of significant ways from the e-voting implementation which makes the comparison invalid.

    Firstly, one prime requirement for any financial software is audit-trailing. This audit-trail forms a key compenent in testing, as well as in verifying the system in the event of queries. Yes, there are bugs, but teh audit-trails etc. are typically what are used to handle the queries. The existence of the verification process is what makes these systems trustworthy in the first place.

    Secondly, I have yet to work in a production financial environment (and I've worked in several) where there was not a "parallel" system where the newly modified software was run alongside the existing production system to ensure that the only output differences were those expected by the changes being tested.
    Of course, people are going to be fairly pissed if you take their democracy away from them, but do you think that is happening?
    I don't. I think that a degree of surity in our democratic system was being taken away from us. Every single flaw or risk inherent in the existing system still potentially exists in one form or another in the new one, and a whole heap of new ones to boot.
    If it was possible to vote at your PC I would welcome the change.

    I would as well....as long as it was secure. However, internet-voting cannot be secure enough for what you propose. Its simply not possible. I'm not going to go into the tehnical details here, but suffice it to say that the risks are simply not fully counterable.

    And as long as I'm satisfied that it was better than the old way I'd be happy.
    Yes, but satisfied based on what? Are you enough of an expert on IT security in general (and internet security in specific) to make that judgement informedly? Very few people do, and I've yet to meet one of those say it ain't possible, unless they were selling a solution. I've yet to meet one who said it is possible who could specify how to get around the problems I posed in a manner that was possible using today's hardware.

    It is clearly better than what we had.
    No. Its not. The only people saying that are those who listen to all of the criticism and new problems and then once more say "but its clearly better than what we had" without explaining why.

    It has advantages, but it is not clearly better.

    Any problems along the way and the vote can be declared void.
    You've been missing the whole thing about how there is no way to determine if problems occur? And what size of problem, exactly? If one vote-storing unit suffers hardware failure after the vote is closed, but before it is tallied, what do you do? Declare the entire constituency null and void? The national election?

    Hold it using the old way till everyone is happy.
    Thats what people are saying to do now, because they're not happy, and they're not sure that all of the problems along the way can even be identified.

    So why are they wrong to say "hold it the old way till we're happy" now?

    If FF put in a system that defied democracy they would not last a week in government
    FF wanted to put in a system which risked defying democracy and in an undetectable manner. Subtle difference, but when you can make it and still present your argument, people might be more willing to listen.

    jc


Advertisement