no E-voting for you!

The Clown Man

Originally posted by star gazer
Unfortunately that argument is full of holes.
First hole is that the terms of reference for the commission were quite narrow in that only secrecy and accuracy were to be judged, not the electronic voting system and it's suitablity for use in our electoral system. So we really have no comparison between the old system and the proposed Electronic voting system by an independent body.
second hole, the system used before was not certified or accredited by any independent body for use, in fact the system brought before the commission couldn't possibly be certified either because the finalised version of the system still wasn't available.
thrid hole. as was said above a bug was found in the software for distribution of transfers and had the Political pressure not come from the opposition and concerned experts, there would have been no commission to find that bug and the election could well have been incorrect. Berating political parties for doing their job is arrogant because no government is perfect and should be scrutinised even when they don't want it.
fourth hole. Paper ballot system is trusted, electronic voting had not yet earned the trust of the people and theMinister did it no favours by being reluctant in giving full information about the system and the testing done on the system.
fifth hole. The Commission on Electronic voting found that there were some parts of the system that hadn't even been tested.
sixth hole. If the system was as flawless as some people told us it was, why were there not the test reports provided which such an assumption must have been based upon? the only conclusion there is that there was no conclusive proof that these voting machines were technically up to the level that they were politically promoted as.
enough holes or do you want more?

OK I can see this taking most of my day so I'll try to be brief.

1. True, secrecy and accuracy were to be tested but I made no connection between the commission and the old system. What I said were my own observations from my own experience.

2. I have maintained that it was not certified or accredited my the commission from the start. (See also above) However, it has been used by others who have accredited it. (Don't ask me where to find any reports)

3. See above for the bug issue. I am angry that the opposition would do thier best to harry the introduction of the E-Voting system while they themselves know next to nothing of it, and while IT experts point out what they see as flaws, theoretical flaws can be found in almost everything on a microchip. Politicians, however, are fully aware of the inaccuarcy of the current system and are totally aware that a better one is needed. (In my opinion) You know that a recount with our current system can sway the votes in a referendum either way by hundreds and in the larger consituencies, thousands. That's a large margin of error.

4. I don't know why the minister was reluctant to give details of the system but my guess is that he believed the less peple knew about the specific details of the code of the system, the less chance some outsider could find a way to disrupt it. Seems like a logical safegaurd for any non-IT based professional. However, this wasn't picked up on by the opposition very much was it? Seems to me to be a good argument though, but not the reason that E-Voting is not going ahead.

5. By them. They hadn't got a chance to test everything and some things they couldn't as a result of the government not allowing them to. Why? See 4. above.

6. Again, see 4. above. I'd say that test reports would have code included and the ministers decision in the interests of security were to withold them. Again though, that's just my guess.


Anyway, bottom line is, no one has said at any stage that the Powervote system would not work. Some have lingering doubts, but that is unavoidable. They are certainly not worth €40m. The system has been tested and it counts the votes accurately. Security is far tighter than the older system. (Some constituencies actually leave their ballot boxes in primary schools completely unguarded and with no security other than a mortis lock.)

The far superior system has been sacrificed because people want to bicker over issues that are minute compared to the issues that were trying to be solved in the first place.

(And incidentally, points 1-3 were arguing percieved "holes" in my argument while points 4-6 were your own arguments nothing to do with mine.)

monument

Originally posted by Cork
Why? Eletronic voting worked.

The OS Windows works. That is not to say it is secure.

Originally posted by Cork
An independent audit trail? When some opponants of this system use eletronics in their daily lives - Do they Ask for an independant audit trail?

For important things, yes… receipts at ATMs, receipts after using a credit card.

Companies should (and some do) keep printouts of any important emails or faxes.

Originally posted by Cork
How many of these people go into their banks and examine banking systems?

What? The banking systems that have paper trails? On the other hand, are you talking about the online ones that have recently had an up rise in security issues because of the end users?


If the above questions were to help your case, you are ill informed on the topic.

The Clown Man

Ok hang on - you're all posting too fast so I'll try to get to as many points as I can.

Secrecy - the commission accepted the issue of not being able to track votes to a specific person. They found it democratically sound. One of the main garauntees of voting is that it is entirely anonymous.

On the banking systems: I have never worked with a banking system in my life so, I may be wrong about the testing. I do know that this system has been in testing for 10 years and thats pretty good going. The point of the comparison was to highlight the reaction of the average person to a normal change in computer systems used in everyday life. Of course, people are going to be fairly pissed if you take their democracy away from them, but do you think that is happening? Do you think that democracy is being overthrown or that this is a possible step towards that end? I think that this is a positive step towards a more assured way of voting. At the moment only 40% of people on the register vote. If it was possible to vote at your PC I would welcome the change. And as long as I'm satisfied that it was better than the old way I'd be happy.

So why not this change? It is clearly better than what we had. Any problems along the way and the vote can be declared void. Hold it using the old way till everyone is happy. But jesus, don't treat it like it is going to ruin your voting right. It's not! If FF put in a system that defied democracy they would not last a week in government.



Right I'm hoping there is not 10 more posts after this one cause I can't stay at this PC all day.

ShaneHogan

The attempted spins of the CEV report by Cullen/Cork/Clown is almost laughable. Attempts to pass it off as a slight delay on the basis that the CEV 'didn't have sufficient time' to approve the system do not reflect the real world. Let's review the facts;

- The CEV reviewed all the test results produced by the Dept over the last four years. Remember - those 'six independent consultancies' that Cullen spouted about incessantly (and that cost millions of taxpayers money to produce). The CEV found that despite four years of testing, six independent consultancies, there was insufficient evidence to show that the system was safe, accurate and secure. This point on its own is a damning indictment of the competence of Minister Cullen and his officials.

- The CEV did its own testing within the restricted timescale of 6-8 weeks open to them. They managed to find one bug in the counting software and to easily break into the 'security hardened' PC's.

- The CEV highlighted that that the version of software to be used in the June elections was not yet available, so no-one, not Nedap, not Nathean, not the Dept of Environment and not the Minister can say anything about this version of software - it doesn't exist. Here we are, just 5-6 weeks away from polling day and the software on which our entire democratic system was to be based just doesn't exist. It is vapourware.

- The CEV raised three seperate concerns regarding the secrecy of the proposed system;

The voting machine “beeps” as preferences are being selected; publication of ballot results in full can allow voters to identify themselves in a context of corruption or intimidation; it may be possible for an insider to overcome the randomness of the method used for the storage of votes in the ballot module.

Telling us that the 'old system wasn't perfect' just doesn't cut it. If you are going to spin this line, be specific. What specific faults existed with the old system? How many errors were found? Vague allegations about the oul ballot boxes just don't stand up against the litany of faults found with the proposed new system.

Comparison against banking systems are irrelevant. eVoting systems have a unique requirement - to protect the anonymity of the voter while maintaining the security and integrity of the vote. The only way to do this is via a voter verifiable audit trail - something that the Nedap/Powervote system doesn't have. Remember this isn't a debate about whether eVoting is a nice idea in principle (It is, though I've never seen a cost/benefit analysis that really stands up). The debate is about whether the Nedap/Powervote system which has been purchased with 52 million euro of taxpayers money is an accurate, safe & secure eVoting system - It's not.

There is no doubt that Min Cullen is damaged goods. Who is going to believe any word that comes out of this man's lips in future, given that he has been proven so badly wrong by the independent commission.

And don't expect me to believe the line that the Minister is doing us some kind of big favour by taking the CEV's recommendation to defer use of this system. Even Minister Cullen knows that there is no way he could possibly do anything, giving the glaring errors, inaccuracies and incompetence highlighted by the commission's report.

There are two really sad things about this event.

Firstly, most of what the Minister was told by the commission was also told to him by me (via the Labour party policy paper), by Joe McCarthy, by ICTE, by Fine Gael and the Greens last October/Nov/December. If the Minister had cared to shut his mouth and open his ears, he could have actually acted at that time to either save the taxpayer a pile of money by not signing the final contracts, or by implementing an audit trail which would have addressed a large part of the concerns about this system. But he chose not to listen and to blunder on shovelling taxpayers money to Nedap/Powervote and Q4 PR agency without addressing the real problem.

And secondly, let's remember the Ministers attempts to divert attention from the real issues by name-calling. Remember his 'I've got my six independent consultancies and Labour have two branch secretaries' line - to quote the Irish Times Chief Political Correspondant on Saturday, "let's hear it for the two branch secretaries". Remember his attempt to link ICTE to the anti-globalisation movement, for which he still hasn't produced any supporting data. Remember Bertie's slagging off of Bernard Allen (FG) as an old man grasping onto old ways. What goes around, comes around, Martin......

secret_squirrel

Originally posted by The Clown Man
But jesus, don't treat it like it is going to ruin your voting right. It's not! If FF put in a system that defied democracy they would not last a week in government.

How do you know its not? Thats the major point most of us are making. I think most people would be happy to see E-voting if it meant more people voting. I know I would.

You seem to be confusing in part our criticisms of the current flawed evoting system - with any evoting system.

And oh how many tribunerals have there been now and in the past where our politicians have defied democracy?

And why would you trust Powervote - a company that you (I assume) know nothing about, for all we know they could be quite open to inserting dodgy code into the system. They are a corporation at the end of the day, and are there to make money. Not to ensure we elect the people we voted for. You only have to look at how Diebold have behaved in the States to wonder what the other companies are like in this area.

I cant believe the complacency and naiveté of some of the posters in here. This issue is fundamental to our democracy and therefore far more important than for example a few euro's going missing from an account or overcharging on a mobile to name just 2 of the flawed comparisons people have made.

secret_squirrel

And for all those who think evoting companies will behave.

read here ..and follow the links to the back story as well.

(Ca have just decertified Diebold Evoting machines)

This is why evoting has to be done properly - bespoke open source software with some kind of audit trail. Not some closed software system that is (ironically) full of holes

star gazer

originally posted by the Clown man
Secrecy - the commission accepted the issue of not being able to track votes to a specific person. They found it democratically sound. One of the main garauntees of voting is that it is entirely anonymous.

the commission wasn't happy with the sound the machine made every time a voter made a preference which could be heard by others. The commission also had a problem with the access for people with certain disabilities.
check out the report
http://www.cev.ie/htm/report/index.htm

2. I have maintained that it was not certified or accredited my the commission from the start. (See also above) However, it has been used by others who have accredited it. (Don't ask me where to find any reports)

The system has not been used anywhere else in the world, our PR stv voting system is almost unique in the world and has not been adapted for the Nedap system by anyone else. The Nedap/Powervote system has a lot of similarities with machines used in Holland and elsewhere but it is different.

4. I don't know why the minister was reluctant to give details of the system but my guess is that he believed the less peple knew about the specific details of the code of the system, the less chance some outsider could find a way to disrupt it. Seems like a logical safegaurd for any non-IT based professional.

The "trust us we're right" argument may work elsewhere but for the electronic voting system that was to be used to elect our governments, local and central it is not good enough. Transparency is vital for public confidence and trust. There was no effort made to accomodate public and opposition concerns when it interupted the governments timetable. Back in december there were concerns (which have been echoed in the commissions report) raised at the Environment committee of the dail but they wanyed to sign contracts the next day and so the concerns were ignored and the contracts signed. It's not good enough.

So why not this change? It is clearly better than what we had. Any problems along the way and the vote can be declared void. Hold it using the old way till everyone is happy. But jesus, don't treat it like it is going to ruin your voting right. It's not!

The problem is that if there is a small error in this system it can affect the whole election in every ward, with the old system it would mean a small error in the result. One headline i remember. Better the vote you know than the evote you don't, if there was a reason to call the electronic voting void, then public confidence in electronic voting could be terminally damaged for a long time. Most see electronic voting as the way forward, it's just that that in elections where anonymity is imperative, the best way to keep transparency and the fast count is to have a voter verifable audit trail which can be a back up in the case of any problems.

Silent Bob

Originally posted by The Clown Man
Oh, it has been tested alright and has been used for one decade. Just not by us. The Belgians, Germans and Dutch for example, who have used it nationally but not for the same purposes have tried and tested it and found it sound.

No they haven't. They have a different electoral system than ours and so the software and hardware had to be customised to the Irish electoral process.

This makes the system we were meant to be using different to those that have been "tried and tested" on the continent.

The Clown Man

Originally posted by ShaneHogan
- The CEV reviewed all the test results produced by the Dept over the last four years. Remember - those 'six independent consultancies' that Cullen spouted about incessantly (and that cost millions of taxpayers money to produce). The CEV found that despite four years of testing, six independent consultancies, there was insufficient evidence to show that the system was safe, accurate and secure. This point on its own is a damning indictment of the competence of Minister Cullen and his officials.

- The CEV did its own testing within the restricted timescale of 6-8 weeks open to them. They managed to find one bug in the counting software and to easily break into the 'security hardened' PC's.

- The CEV highlighted that that the version of software to be used in the June elections was not yet available, so no-one, not Nedap, not Nathean, not the Dept of Environment and not the Minister can say anything about this version of software - it doesn't exist. Here we are, just 5-6 weeks away from polling day and the software on which our entire democratic system was to be based just doesn't exist. It is vapourware.

- The CEV raised three seperate concerns regarding the secrecy of the proposed system;

Telling us that the 'old system wasn't perfect' just doesn't cut it. If you are going to spin this line, be specific. What specific faults existed with the old system? How many errors were found? Vague allegations about the oul ballot boxes just don't stand up against the litany of faults found with the proposed new system.

This is the last reply I will post in this thread as I'm all too aware of the futility of trying to argue with a politician. This thread does not warrant that much of my time and effort.

However, I will point out that

1. The "security hardened computers" were only accessable to service, consituancy and local level systems administrators and count officials and the CEV only found that the PC's administrative files were easily accessed only if you were one of them. That point is hardly an issue. This issue would ony stand if there was corruption within the count staff. And this is not an issue specific to E-Voting.

2. The bug has already been discussed. It was submitted it "could" affect the surplus distribution. The CEV spent weeks testing the surplus distribution and count results in machines all round the country and did not find any counting defect in the count software.

3. The final version of the software was not vapourware. It was just not finished yet. This is the nature of a computer program. After the system had been adapted to suit our particular voting system there were going to be one or two bugs. Also, if my memory serves, the backend version of access from which it runs had been upgraded from access 97 to access 2000 for this particular vote because it was found to heighten security. The last version was supposed to fix the first, last and only bug arising from those changes which had not been caught by Nedap's own testers.

Also, the concerns risen by the CEV were simply that. Concerns. My own belief is that they were frivilous and irrelavant and were issues that had been put up with similarly with the ballot box system for years.

As for the cons of the Ballot Box system, there have been no discussions in the media or otherwise on the cons of same but I will endevour to throw up a few for you:

- The count result is INACCURATE. Recounts can cost hundreds of thousands and may sway the vote by hundreds or thousands.

- Ballot Boxes are easily tampered. There is a small lock securing the box and votes. A swift kick and you can tamper away. Trying to access the votes on a Powervote module is comparitively a next to impossible task.

- Count sessions are fully controled by the count staff. The CEV raised the issue of accessable computers and the possibility of somehow tampering with the vote? Christ, in the current system, all a staff member has to do to tamper with the vote is place a vote to their left as opposed to their right. Or accidentally put it in the wrong place. With Powervote no one person or one group has full control over the vote.

- Ballot leafs are susceptable to damage. If someone really wanted to spoil an election, a well placed match or lighter could destroy the entire vote in all stations and wards. If a module is damaged with this system, there are back-ups in place to ensure that everyone's vote is registered.

- The security is minimal. Ballot Boxes are left in locked primary school buildings overnight in some constituancies. Seals and official equipment can be left lying about and may be easily stolen by an intent party.

- The paper trail is overrated. You have a paper trail and no way to accurately record a result from it. What is the point in having 100,000 votes if you can only really count them to the nearest thousand. Ballot paper accounts are helpful but only for the first Hour of the Count. After which votes are mixed up and disassociated from their respective ballot boxes.

- Counts cost time and money. I have attended Count sessions that have lasted well into the early hours of the morning. The bills for these counts can run well into the millions.

- An official seal of stamped wax is the safegaurd against hampering with the ballot boxes after the count has closed. I don't think that needs comment.

These are just a few of the plainly obvious reasons for why the old system is outdated. If I had a commission and loads of government funded money I could get you more!

Unfortunately, while we have an awful lot of "IT experts" to say that the new system is not up to their (new) standards, very few people seem to understand how weak the old system is. As much as you may think that hacking into the new system is a possibility and corrupting the vote is not altogether impossible, under the present system almost anyone could upset the vote without breaking a sweat.

Suddenly all these privacy and security issues come to light but no one has ever stopped and said, "Hang on, but that is still an amazingly significant step up from the way our old system is run. The chances of getting at this system is slight but it is far slighter than how it used to be."

Under the Powervote system there is far less chance of upsetting a vote. Period.

Anyway, for those of whom the Powervote system was not enough, please attend your local Count session on Saturday the 12th June to see how your security measures are being upheld. Watch how your chosen method of voting is actually performed because I get the distinct impression that none of you have ever watched a count from start to finish never mind researching how it is done in full.



That is really all I'm going to say on the matter. I humbly withdraw from this discussion.

ShaneHogan

Oh No - Please don't take the ball and run off now, Clown Man - it's just starting to get interesting as we get down to the real detail. I'm starting to wonder if you actually bothered to read the CEV report.. It's only 28 pages - it really is worth taking 30 minutes out of your busy day to check it out. So let me explode some of the glaring errors in your post quickly.

I generally hate writing a response post which consists of a series of quotes/answers, but I'm afraid I just don't know any other way to answer the many many inaccuracies in your post.

That point is hardly an issue. This issue would ony stand if there was corruption within the count staff. And this is not an issue specific to E-Voting.

This point is very specific to eVoting. In the traditional system, everything is done out in the open and in full public scrutiny. A corrupt staff member hasn't a hope of stuffing or hiding a few ballots without being seen by several of the tallyman watching closely. With the eVoting system, the person sitting at the keyboard can switch the entire count results - replacing the live database with a pre-prepared database with a single 'copy' command and no-one will ever know. There is no audit trail. That's the key difference which seems to have gone over your head. If there was no reason to secure the count centre PC's, why did they bother trying to 'security harden' them. The CEV report quite correctly points out that these PC's are the 'weakest link' in the entire system.

It was submitted it "could" affect the surplus distribution. The CEV spent weeks testing the surplus distribution and count results in machines all round the country and did not find any counting defect in the count software.

Why the double-quotes around 'could'? Is a software bug not real to you unless you can see it happening in the real world? Perhaps the whole point of testing software is unclear to you - the objective of software testing is to test/fix bugs in a test environment before they get out into the wild. This is a system on which three general election constituencies has already been decided - and there is a bug in the distribution of surpluses. And where did you get the 'machines all round the country' bit from? I didn't see anything in the CEV report about this. And as for 'did not find any counting defect in the count software' - for Chrissakes, they did find a counting defect - distributing of surpluses is a key part of the count and they found a bug.

The final version of the software was not vapourware. It was just not finished yet.

Eh - that meets the dictionary definition of vapourware perfectly.

The last version was supposed to fix the first, last and only bug arising from those changes which had not been caught by Nedap's own testers.

So despite the fact that the test reports show that they have released over 160 versions of the software to fix previous bugs, you really, really believe that they had finally managed to catch ALL the bugs, and the CEV were just lucky to find that one in their few weeks of testing. I've spent 20+ years in the software business, and I've never met a developer who will stand up and claim to have caught the 'first, last and only bug' in any version of software. Any developer who did claim this would be a laughing stock.

Ballot Boxes are easily tampered. There is a small lock securing the box and votes. A swift kick and you can tamper away. Trying to access the votes on a Powervote module is comparitively a next to impossible task.

Not true. Both ballot boxes and ballot modules are sealed. Neither seals offer foolproof mechanisms, but both offer a basic layer of physical protection.

Count sessions are fully controled by the count staff. The CEV raised the issue of accessable computers and the possibility of somehow tampering with the vote? Christ, in the current system, all a staff member has to do to tamper with the vote is place a vote to their left as opposed to their right. Or accidentally put it in the wrong place. With Powervote no one person or one group has full control over the vote.

This paragraph clearly demonstrates your lack of understand of both the old system AND the new system. In the current system, every counting step is double-checked by another member of staff and supervised by the tallymen representing all parties looking over the counters shoulders. Everything is out in the open & transparent, by contrast to the eVoting system. And as explained above, one person sitting at the keyboard of the count centre PC HAS FULL CONTROL OVER THE ENTIRE VOTE DATABASE. This is the huge vulnerability of the new system.

Recounts can cost hundreds of thousands and may sway the vote by hundreds or thousands.

No recount - even the 3 or 4 day marathons have cost hundreds of thousands of euro. Count staff are just not that expensive. Please provide some data to back this up. No recount has ever swayed the vote by hundreds or thousands. Recounts generally sway the vote by single digit, or possibly two digit sums. Please provide just one example of a recount which swayed a vote by 100 or more votes?

If someone really wanted to spoil an election, a well placed match or lighter could destroy the entire vote in all stations and wards.

True - but they could not do any such damage undetected. Their attack would be immediately obvious. By contrast, there are many, many possible routes of attack on the eVoting system which could never be detected or audited.

The security is minimal. Ballot Boxes are left in locked primary school buildings overnight in some constituancies. Seals and official equipment can be left lying about and may be easily stolen by an intent party.

Ballot boxes are left overnight sealed, and under direct supervision of a Garda. They are normally moved to the count centre on the night of the election, where they typically supervised by election agents representing all parties. Again, all open & transparent, by contrast to the 'black box' approach of the new eVoting system.

You have a paper trail and no way to accurately record a result from it. What is the point in having 100,000 votes if you can only really count them to the nearest thousand. Ballot paper accounts are helpful but only for the first Hour of the Count. After which votes are mixed up and disassociated from their respective ballot boxes.

This is just plain untrue. With a voter verified audit trail, you simply go through the normal count process with the paper votes. it may take a day or two, but so what - what's the rush? This is a fundamental cornerstone of our democracy. We can't take short-cuts. It has to be done right.

- Counts cost time and money. I have attended Count sessions that have lasted well into the early hours of the morning. The bills for these counts can run well into the millions.

Again, you just don't seem to know much about the new system. It will take MORE manpower to operate the new computerised system than the old manual system. The requirement for a dedicated 'control operator' to sit with each of the 6500 voting machines on polling day will more than outweigh any saving in count centre personnel. The bills for the manpower on the new system will be higher than the old system (in addition to the €52 million already spent on the new system).

- An official seal of stamped wax is the safegaurd against hampering with the ballot boxes after the count has closed. I don't think that needs comment.

Again, you are demonstrating your lack of knowledge about the old system. The ballot box seal is just one part of the security. The other key feature of the old system was that all the security was done in an open & transparent manner - election agents representing the candidates supervise the sealing of the boxes at the polling station and the opening of the boxes at the count centre. All done out in the open & transparently - by contrast again to the 'black box' approach of the proposed new system.

under the present system almost anyone could upset the vote without breaking a sweat.

Please present some evidence to back this up.

attend your local Count session on Saturday the 12th June to see how your security measures are being upheld. Watch how your chosen method of voting is actually performed because I get the distinct impression that none of you have ever watched a count from start to finish never mind researching how it is done in full.

Thanks - I couldn't have said it better myself. With the old system, (and apologies for the repitition here), everything is done out in the open - transparently, visible to all who are interested. With the proposed new system - everything is done down in the guts of a few machines, with no visibility or transparency.

The proposed new eVoting system would have handed over the keys of our democracy to the hands of a small number of individuals. This is just plain wrong.

So please do come back Clown Man and give us some real answers.

PS I'm not a politician - I'm an IT professional who happens to be a member of a political party.

oscarBravo

Originally posted by The Clown Man
Under the Powervote system there is far less chance of upsetting a vote. Period.

You keep making this statement - now prove it. It's simply not enough to make the assertion.

Anyway, for those of whom the Powervote system was not enough, please attend your local Count session on Saturday the 12th June to see how your security measures are being upheld. Watch how your chosen method of voting is actually performed because I get the distinct impression that none of you have ever watched a count from start to finish never mind researching how it is done in full.

I stayed to the bitter end of the last general election count here in Mayo. I'm not a politician, and have no firm political allegiance. One of the reasons I watched the count was for nostalgia for the old system, and to make sure I saw it in action for comparison with the new. For all its flaws, the old system not only works, but can be seen to work. That's missing from the Nedap/Powervote system.

If the system had been implemented, I had planned to ask the poll staff "how do I know my vote is in that box?" With the old system, given that I had just dropped my ballot into the box, it would have been a stupid question. With the proposed system, there would have been literally no way to give a valid answer.

That is really all I'm going to say on the matter. I humbly withdraw from this discussion.

I'd rather you stayed and answered some of the questions you've been asked.

Victor

Originally posted by The Clown Man
We were less than one month away from using this new improved system

Ah, the good old soap powder argument "new" and "improved".

Originally posted by The Clown Man
The Belgians, Germans and Dutch for example, who have used it nationally but not for the same purposes have tried and tested it and found it sound.

Actually, it has not been used in Belgium (certainly neither the manufacturers nor the department aren't saying so - but what is one to expect from them ). The Germans have only used it in Cologne and tested it in parts of Dusseldorf. So, congratulations two out of three wrong.

ecksor

I too have been frustrated at the poor banking analogy been trotted out all along during the various discussions on e-voting, but I haven't had the experience before that I've just had with online banking (I'm not using it very long) where my account balance appears to be in the correct ballpark, but it's missing some transactions. (It initially appeared to be way off, then I remembered that my rent is automatically deducted on the first of the month which would account for it, but there's no record of that transaction ... ).

I mentioned it to a friend who claims that it's a common oddity associated with bank holiday weekends. Ok, so far so good. Except my balance history has been slightly reverse engineered to make the figures appear correct in the short term (it won't give me details past a week ) which (if taken as truth) would mean I'd pay more interest on my overdraft. Not good. Even if we assume that banks are very honest institutions that give us value for money, then you must either say that the analogy fails because the voting system can't be allowed to get itself into such situations, or you need to think about how the bank resolves such a situation and translate similar scenarios of discrepancies creeping in into e-voting terms and describe how they get resolved.

Goshdarnit, and I was just about ready to accept a poorly designed voting system and all ...

seamus

Originally posted by ecksor
I mentioned it to a friend who claims that it's a common oddity associated with bank holiday weekends. Ok, so far so good. Except my balance history has been slightly reverse engineered to make the figures appear correct in the short term (it won't give me details past a week ) which (if taken as truth) would mean I'd pay more interest on my overdraft. Not good. Even if we assume that banks are very honest institutions that give us value for money, then you must either say that the analogy fails because the voting system can't be allowed to get itself into such situations, or you need to think about how the bank resolves such a situation and translate similar scenarios of discrepancies creeping in into e-voting terms and describe how they get resolved.

It's a descrepancy that pops out because Internet Banking is something that people want available 24 hours a day, but the bank's tranactions records don't update automatically.
With BOI anyway, I've seen it reverse engineer the past week, and get it totally wrong. For example, one day I have €100, and take out €20. I check the balance the next day, just after midnight, just after getting paid, and it tells me I have €2,080 (for example ). Now, it doesn't have a record of me getting paid, but the balance it's receiving is correct, so it reverse engineers my past week's transactions, and tells me I had €2,100 yesterday before I took out €20. Which is blatantly wrong. I've seen it do this.
But it's no biggie, because the balance is right, and it will update eventually. If it doesn't, I can dispute it, because I know who paid me money and when they paid me, and I also know when and where I withdrew money.

The analogy fails because of that. With the evoting system, there was no papertrail. How can someone dispute a vote result when nobody can verify who voted for whom? If I have a problem with my balance, I contact the bank, who verify their records, and produce proof, that yes, that is my correct balance, or I produce my receipts and say, no it's wrong, transaction x is missing.
Short of each candidate getting a signed Affidavit from each person who voted for them, how can we be 100% sure that results are correct, particularly when the machine isn't deemed to be tested enough so as to be reliable, and when there is no papertrail. If the sourcecode is private, how can we be sure that peopel with vested interests can't add in something to swing an election?

bonkey

Originally posted by The Clown Man
I do know that this system has been in testing for 10 years and thats pretty good going.

Thats a misrepresentation. This system has been in constant development for 10 years, and each iteration has been tested. However, only the tests on teh final iterations are significant. I could just as easily say that MS WIndows has been in testing for almost 20 years since MS Windows 1.0 was released in 1984 or 1985. How much of that testing is relevant to the current version?

The point of the comparison was to highlight the reaction of the average person to a normal change in computer systems used in everyday life.

Bank systems typically differ in a number of significant ways from the e-voting implementation which makes the comparison invalid.

Firstly, one prime requirement for any financial software is audit-trailing. This audit-trail forms a key compenent in testing, as well as in verifying the system in the event of queries. Yes, there are bugs, but teh audit-trails etc. are typically what are used to handle the queries. The existence of the verification process is what makes these systems trustworthy in the first place.

Secondly, I have yet to work in a production financial environment (and I've worked in several) where there was not a "parallel" system where the newly modified software was run alongside the existing production system to ensure that the only output differences were those expected by the changes being tested.

Of course, people are going to be fairly pissed if you take their democracy away from them, but do you think that is happening?

I don't. I think that a degree of surity in our democratic system was being taken away from us. Every single flaw or risk inherent in the existing system still potentially exists in one form or another in the new one, and a whole heap of new ones to boot.

If it was possible to vote at your PC I would welcome the change.

I would as well....as long as it was secure. However, internet-voting cannot be secure enough for what you propose. Its simply not possible. I'm not going to go into the tehnical details here, but suffice it to say that the risks are simply not fully counterable.

And as long as I'm satisfied that it was better than the old way I'd be happy.

Yes, but satisfied based on what? Are you enough of an expert on IT security in general (and internet security in specific) to make that judgement informedly? Very few people do, and I've yet to meet one of those say it ain't possible, unless they were selling a solution. I've yet to meet one who said it is possible who could specify how to get around the problems I posed in a manner that was possible using today's hardware.

It is clearly better than what we had.

No. Its not. The only people saying that are those who listen to all of the criticism and new problems and then once more say "but its clearly better than what we had" without explaining why.

It has advantages, but it is not clearly better.

Any problems along the way and the vote can be declared void.

You've been missing the whole thing about how there is no way to determine if problems occur? And what size of problem, exactly? If one vote-storing unit suffers hardware failure after the vote is closed, but before it is tallied, what do you do? Declare the entire constituency null and void? The national election?

Hold it using the old way till everyone is happy.

Thats what people are saying to do now, because they're not happy, and they're not sure that all of the problems along the way can even be identified.

So why are they wrong to say "hold it the old way till we're happy" now?

If FF put in a system that defied democracy they would not last a week in government

FF wanted to put in a system which risked defying democracy and in an undetectable manner. Subtle difference, but when you can make it and still present your argument, people might be more willing to listen.

jc