Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Linux On Brazilian Voting Machines, the Video

Posted by kdawson on Tue Oct 14, 2008 03:26 PM
from the eat-your-heart-out-diebold dept.
Software Government Linux Politics
Augusto writes "Just 10 days ago, 130M Brazilian voters were turned into users of one of the largest Linux deployments worldwide: the 400,000 electoral sections in all of the 5,563 Brazilian municipalities were running electronic voting machines, and the Linux kernel was running in all of them. These voting machines have been used in Brazil since 1996, and are rugged, self-contained, low-spec PCs. We've discussed the technical details of this Linux deployment and implementation elsewhere, but I thought it would be interesting to show some pictures (and a movie) of Linux booting on these voting machines. So I asked for official permission and thus was helped by a technician while I took some quick pictures and made a small movie showing the boot process, where you can actually read the kernel messages."
+ -
story

Related Stories

[+] Politics: Linux-Based E-Voting In Brazil 302 comments
John Sokol writes "I just heard from a good friend and Linux kernel hacker in Brazil that they have just finished their municipal election with 128 million people using Linux to vote. They voted nationwide for something like 5,000 city mayors. Voting is mandatory in Brazil. The embedded computer they are using once ran VirtuOS (a variant of MS-DOS); it now has its own locally developed, Linux-based distro. These are much nicer, smaller, and cheaper than the systems being deployed here in the US. Here is a Java-required site with a simulated Brazilian voting system. It's very cool; they even show you a picture of the candidate you voted for."
Firehose:Linux on brazilian voting machines: the video by brazilian brain (12673)
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Linux On Brazilian Voting Machines, the Video 25 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • Linux is great, but... (Score:5, Insightful)

    by religious freak (1005821) on Tuesday October 14 2008, @03:29PM (#25373141)
    IT is great... Linux is great, but e-voting doesn't belong anywhere in major, general elections, IMHO.

    If you can code it, you can hack it. If you have coders or admins, you have potential security threats.

    • Re:Linux is great, but... (Score:5, Interesting)

      by moderatorrater (1095745) on Tuesday October 14 2008, @03:36PM (#25373267)
      If it's coded properly, open sourced and widely scrutinized, electronic voting would be more resilient than pen and paper voting.

      • Re:Linux is great, but... (Score:5, Insightful)

        by buchner.johannes (1139593) on Tuesday October 14 2008, @04:19PM (#25373859) Homepage Journal

        An election process has to provide the following characteristics (in some countries these are taken serious):

              1. Access: Only people allowed for voting may place their vote
              2. Equality: Each person may only be counted once and with the same weight of vote.
              3. Privacy: Noone can find out for whom a person voted.
              4. Secure against forgery:
                          1. Valid votes can not be changed/forged.
                          2. Valid votes may not be destroyed.
                          3. Invalid votes may not be added
              5. Checkable: Each voter has the possibility, independent from any other person, to check the correctness of an election including all previous points.
        ( I didn't find this in the English Wikipedia, this is a quick translation from the German Wikipedia [wikipedia.org] )**.

        You cannot ensure these with voting machines without the use of paper*. It is not a matter of code, just a fact of information and physics.

        Use paper. Optionally with punchscan [punchscan.org] and the such. Even the cost factor is irrelevant. Democracy is worth it.

        ____
        *Maybe with quantum computers. But can the average person check the setup? With paper, you can.
        ** I'd be grateful for a link

    • Re:Linux is great, but... (Score:5, Interesting)

      by Brigadier (12956) on Tuesday October 14 2008, @03:38PM (#25373291)

      yea your right, what we need is a bunch of paper, marked in #2 pencil in a box. Yea that is much more secure. not everyone can hack an encrypted voting machine, everyone can steal a box and reprint voting forms.

      • Re:Linux is great, but... (Score:4, Funny)

        by barzok (26681) on Tuesday October 14 2008, @03:43PM (#25373379)

        No, you need cards with little holes that get punched out to indicate your selections. Those work much better.

      • Re:Linux is great, but... (Score:5, Interesting)

        by amorsen (7485) <benny+slashdot@amorsen.dk> on Tuesday October 14 2008, @03:55PM (#25373531)

        Physical security is something we're really good at. Thousands of years of experience. That doesn't mean that there are no failures, but in general you can at least detect that tampering took place and that it was deliberate.

        With voting machines, you get a bunch of places where candidates happen to win by a 16384 vote margin -- is that deliberate tampering, machine error, or maybe just plain luck? You'll never know, and therefore you'll probably never catch the criminals.

      • I don't think so. Remember that it isn't enough to merely change votes; that just wins you a quick ticket to prison. The criminals' goal is to change votes without being caught by any election observers who are watching the polls. And what system makes that goal easier to achieve? Creating an electronic voting machine that can change digital ballots undetected just requires basic programming skills and access to the machine. Creating a ballot box that can change paper and pencil ballots undetected requ

    • Re:Linux is great, but... (Score:5, Insightful)

      by FlyingBishop (1293238) on Tuesday October 14 2008, @03:41PM (#25373337)

      My main question is who can modify the source of the software they're using, and how are they verifying that the binaries are unmodified. Generally, I agree that Linux doesn't belong there, but I don't think it's unreasonable to say that any software used in voting machines must be open source.

      Here in the states, state law clearly defines how votes should be cast and counted. Without the source code to the program responsible for counting the votes, these laws will quite literally read something along the lines of:

      1.Voters enter votes into machines.
      2. ???
      3. Voters receive election results.

      The procedures for voting are a matter of public law. That must extend to procedures within the voting machines.

      If you think that's putting too large a technical burden on the lawmakers, look at building codes, patent law, etc. It's a little too late to call for law that is perfectly accessible to non-technical citizens.

    • Re:Linux is great, but... (Score:4, Interesting)

      by MozeeToby (1163751) on Tuesday October 14 2008, @03:59PM (#25373583)

      If banks can transfer billions of dollars every day safely and securely (in many cases without even a paper trail), there is no reason why a decent electronic voting system can't be made. Compared to an ATM, a voting machine should be a piece of cake, you don't have to worry about verifying the user's identity. You don't need to check the balances and rights. All you need to do is accept and record the current user's vote, them reset for the next user.

      Do give us open source so there are 50,000 coders doing Q&A on it. Do give us a paper trail so that if there is any suspision then the vote can be verified. Do involve election officials in at least the requirements process.

      Don't give us a function that clears all votes made on the system so that polling officers can 'adjust' the vote. Don't give us hardware which uses the same exact key to unlock every case. Most important, Don't try to cover it up if you screw the pooch; let us know so the recount can be performed by hand.

      • Re:Linux is great, but... (Score:4, Insightful)

        by neuromanc3r (1119631) on Tuesday October 14 2008, @04:36PM (#25374095)

        If banks can transfer billions of dollars every day safely and securely (in many cases without even a paper trail), there is no reason why a decent electronic voting system can't be made.

        Wow, that's a pretty terrible non-sequitur. The requirements for banking and voting are completely different. An ATM does not have to make sure that you cannot prove to anybody what you did when you used it. It does not have to prevent other people from tracing any action back to you. And if something goes wrong or someone tampers with the machine, you will know it sooner or later and can complain to your bank.

      • It's much easier to destroy or modify 10,000 votes on a flash disk without a trace then destroy or modify 10,000 paper ballots without a trace.

          • Re: (Score:3, Insightful)

            by jeffmeden (135043)

            Are you kidding? This may be a phyrric argument (either way of doing it is fraud, and a real problem.) But, if you think it's hard to exploit a security hole (hint, they are in every piece of election software ever written) and dramatically change the voting results with little effort and even less evidence, you need to do some research on election systems. Paper voting means a physical paper trail, it absolutely IS harder to hide/destroy something that was once real (paper ballots) than to find something

            • Re: (Score:3, Interesting)

              by liquidpele (663430)
              Oh don't be stupid. It would be wise to keep all the votes either in one big encrypted file. You think when they ask for the electronic votes that you can just say "oh, no one came to vote" because you deleted that file? That's just one way to mitigate it.

              e-voting is not the problem, it's just another tool to use for the voting process. A good system, either electronic or physical is needed to curb any and all fraud. Personally, I like a combination of the two (ie, e-voting with printed ballots for

  • Free vote (Score:5, Interesting)

    by Jabbrwokk (1015725) <grant.j.warkentin@g m a i l.com> on Tuesday October 14 2008, @03:33PM (#25373221) Homepage Journal

    Free software for free votes, what a great match-up. Plus, it beats the Diebold machines running on Windows CE that kept crashing. [nytimes.com]

    Incidentally, I just voted in our Canadian federal election and we're still using the pencil-and-paper and human-counted voting method. Slower, but still the most reliable and secure method IMO.

    • Re:Free vote (Score:5, Funny)

      by glwtta (532858) on Tuesday October 14 2008, @04:01PM (#25373611) Homepage
      I just voted in our Canadian federal election and we're still using the pencil-and-paper and human-counted voting method.

      Yeah, well, there's only like 47 people living in Canada - that makes things easier to do by hand.

        • Re: (Score:3, Interesting)

          by Nathanbp (599369)

          With pen and paper voting in the US, we'd need 10 times as many people to rig the election, thus greatly increasing the chance that someone would talk about it. Whereas with computerized voting machines, we don't have that problem.

  • Certainly the Year of Linux!

    • Re:I spy with my little eye... (Score:5, Informative)

      by socsoc (1116769) on Tuesday October 14 2008, @03:39PM (#25373317)
      from TFA:

      The hardware is publically bought (in recent years, Diebold has been the main provider), but the software is developed in house by the Electoral Justice.

    • Re: (Score:3, Informative)

      by scott_karana (841914)

      Yeah, I find it hilarious that in one story Slashdotters can rant and rave about how terrible Diebold is, and then just gloss over that fact in another which just so happens to also be about Linux.

      • Re: (Score:3, Insightful)

        by amorsen (7485)

        Luckily Diebold are probably too incompetent to manage a hardware hack. However, the threat model for Brazil really ought to include CIA involvement.

    • Cool that it runs a Linux kernel, but every single pic from TFA clearly shows Diebold written all over (literally) - everything from the chassis/mold, GUI, and even the POST screen are customized to have Diebold on it...

      If only I had the mod points I had 2 days ago...

    • It appears theses machines are made by Diebold. Why don't we use them in the US elections instead of the terrible versions we seem to get statside

      it's because

      Diebold is the main hardware supplier to the Brazilian government but not the unique or exclusive one.

      Meaning they actually have to make a product worthy enough to get purchased over their competitors... instead of just getting an exclusive contract.

    • Re: (Score:3, Insightful)

      by blazerw11 (68928)

      Linux in embedded applications is not necessarily any more secure than Windows. On both, if you take out things you don't need

      Your entire premise is flawed.

      if you take out things you don't need

      You can't take out things on Windows, thus you can't prove

      you end up with about the same level of security

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.