HomeLatest ThreadsGreatest ThreadsForums & GroupsMy SubscriptionsMy Posts
DU Home » Latest Threads » Forums & Groups » Main » Latest Breaking News (Forum) » DARPA Is Building a $10 M...

Thu Mar 14, 2019, 04:16 PM

DARPA Is Building a $10 Million, Open Source, Secure Voting System

Source: MOTHERBOARD | By Kim Zetter | Mar 14 2019

For years security professionals and election integrity activists have been pushing voting machine vendors to build more secure and verifiable election systems, so voters and candidates can be assured election outcomes haven’t been manipulated.

Now they might finally get this thanks to a new $10 million contract the Defense Department’s Defense Advanced Research Projects Agency (DARPA) has launched to design and build a secure voting system that it hopes will be impervious to hacking.

The first-of-its-kind system will be designed by an Oregon-based firm called Galois, a longtime government contractor with experience in designing secure and verifiable systems. The system will use fully open source voting software, instead of the closed, proprietary software currently used in the vast majority of voting machines, which no one outside of voting machine testing labs can examine. More importantly, it will be built on secure open source hardware, made from special secure designs and techniques developed over the last year as part of a special program at DARPA. The voting system will also be designed to create fully verifiable and transparent results so that voters don’t have to blindly trust that the machines and election officials delivered correct results.


Read more: https://motherboard.vice.com/en_us/article/yw84q7/darpa-is-building-a-dollar10-million-open-source-secure-voting-system

49 replies, 3797 views

Reply to this thread

Back to top Alert abuse

Always highlight: 10 newest replies | Replies posted after I mark a forum
Replies to this discussion thread
Arrow 49 replies Author Time Post
Reply DARPA Is Building a $10 Million, Open Source, Secure Voting System (Original post)
mbusby Mar 2019 OP
LanternWaste Mar 2019 #1
TheBlackAdder Mar 2019 #33
LastLiberal in PalmSprings Mar 2019 #39
TheBlackAdder Mar 2019 #42
SKKY Mar 2019 #44
sandensea Mar 2019 #2
True Blue American Mar 2019 #10
gtar100 Mar 2019 #15
DrToast Mar 2019 #3
Kurt V. Mar 2019 #18
littlemissmartypants Mar 2019 #32
Adrahil Mar 2019 #36
ProfessorPlum Mar 2019 #4
DrToast Mar 2019 #7
catrose Mar 2019 #25
SunSeeker Mar 2019 #5
CDerekGo Mar 2019 #6
ArizonaLib Mar 2019 #8
japple Mar 2019 #16
ArizonaLib Mar 2019 #17
TexasBushwhacker Mar 2019 #28
mellow Mar 2019 #9
unc70 Mar 2019 #13
mopinko Mar 2019 #38
FiveGoodMen Mar 2019 #11
Opel_Justwax Mar 2019 #12
JCMach1 Mar 2019 #41
gtar100 Mar 2019 #14
ArizonaLib Mar 2019 #19
justgamma Mar 2019 #20
ArizonaLib Mar 2019 #22
gtar100 Mar 2019 #40
flyingfysh Mar 2019 #24
gtar100 Mar 2019 #37
mart48 Mar 2019 #21
flyingfysh Mar 2019 #23
LiberalLovinLug Mar 2019 #26
DrToast Mar 2019 #27
LiberalLovinLug Mar 2019 #30
h2ebits Mar 2019 #29
LiberalLovinLug Mar 2019 #31
IronLionZion Mar 2019 #45
LiberalLovinLug Mar 2019 #46
IronLionZion Mar 2019 #47
LiberalLovinLug Mar 2019 #49
rwsanders Mar 2019 #34
lapfog_1 Mar 2019 #35
Hekate Mar 2019 #43
hunter Mar 2019 #48

Response to mbusby (Original post)

Thu Mar 14, 2019, 04:24 PM

1. And it allows the voter to verify their own vote.

And I really like this...

Members of the public will also be able to use the cryptographic values to independently tally the votes to verify the election results so that tabulating the votes isn't a closed process solely in the hands of election officials.

“Any organization [interested in verifying the election results] that hires a moderately smart software engineer [can] write their own tabulator,” Kiniry said. “We fully expect that Common Cause, League of Women Voters and the [political parties] will all have their own tabulators and verifiers.”

Reply to this post

Back to top Alert abuse Link here Permalink


Response to LanternWaste (Reply #1)

Thu Mar 14, 2019, 09:49 PM

33. Open-Source Software--You get what you pay for. Almost all not reviewed, and many done by hackers.

.

There's a fallacy that open-source software is more secure because it is reviewed by others.

In reality, no one really reviews it besides academia, nation states and hackers. They do not have to disassemble the code because the source is given to them to exploit. On top of that, many of the open-source groups are infiltrated with hackers and nation state developers to inject rogue code or malware.


Many companies are moving to this Spring Open Development platform, because it's free. It's also rife with hundreds of vulnerabilities.

.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to TheBlackAdder (Reply #33)

Fri Mar 15, 2019, 10:10 AM

39. Australia has been switching to open source voting.

A commercial software company developed the basic code and published it for review by the public. So far the process has produced a more accurate result, when the tallies are compared with hand counts. The main complaint has been the lack of a print out for the voter to review.
Source: Wired

Reply to this post

Back to top Alert abuse Link here Permalink


Response to LastLiberal in PalmSprings (Reply #39)

Fri Mar 15, 2019, 11:57 AM

42. Well, good luck with that, as it probably had scores of vulnerabilities.

.

Read the following article and then travel to Sonatype, register and get the free download of the report.

https://www.theregister.co.uk/2018/09/25/open_source_security/

Just search: SONATYPE OPEN SOURCE SECURITY

.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to TheBlackAdder (Reply #33)

Fri Mar 15, 2019, 02:47 PM

44. No one who works in IT who knows what they're talking about...

...would ever say open source software is more secure.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to mbusby (Original post)

Thu Mar 14, 2019, 04:25 PM

2. Good on them. But of course, that's not what the GOPee wants.

They want what Wally O'Dell and his buddy Bush wanted: high-tech, unverifiable ballot stuffing.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to sandensea (Reply #2)

Thu Mar 14, 2019, 04:45 PM

10. Diebold!

Reply to this post

Back to top Alert abuse Link here Permalink


Response to True Blue American (Reply #10)

Thu Mar 14, 2019, 05:57 PM

15. An appropriately named right-wing company. (n/t)

Reply to this post

Back to top Alert abuse Link here Permalink


Response to mbusby (Original post)

Thu Mar 14, 2019, 04:27 PM

3. Good news. DARPA is badass.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to DrToast (Reply #3)

Thu Mar 14, 2019, 06:12 PM

18. +1

Reply to this post

Back to top Alert abuse Link here Permalink


Response to DrToast (Reply #3)

Thu Mar 14, 2019, 09:25 PM

32. Got my attention. nt

Reply to this post

Back to top Alert abuse Link here Permalink


Response to DrToast (Reply #3)

Fri Mar 15, 2019, 09:46 AM

36. I've worked on three DARPA projects...

 

All of them were cutting edge, and all emphasized thinking outside the box, but executing the project with rigor.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to mbusby (Original post)

Thu Mar 14, 2019, 04:31 PM

4. well, that's promising

can we put it in all 50 states

Reply to this post

Back to top Alert abuse Link here Permalink


Response to ProfessorPlum (Reply #4)

Thu Mar 14, 2019, 04:37 PM

7. Agree. Should find a way to make it mandatory

Not sure how that would work, as the States control elections.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to DrToast (Reply #7)

Thu Mar 14, 2019, 07:03 PM

25. Doesn't Australia maintain its voting machine code. And voting machine manufacturers have to use it.

I sincerely hope that someone in government then checks the machines to make sure the manufacturer didn't get creative.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to mbusby (Original post)

Thu Mar 14, 2019, 04:33 PM

5. K & R

Reply to this post

Back to top Alert abuse Link here Permalink


Response to mbusby (Original post)

Thu Mar 14, 2019, 04:37 PM

6. Ready by 2020?

GOD! I sure hope so!

Reply to this post

Back to top Alert abuse Link here Permalink


Response to mbusby (Original post)

Thu Mar 14, 2019, 04:41 PM

8. Military Industrial Complex hosts

want us to vote on their machines? Feels weird, but ok. I don't understand how all the money we can spend on new voting machines won't wind up outputting auditable paper (receipts and encrypted real time ticker data) that a high schooler could program? I keep hearing we can't use paper, because the networks need vote totals quickly. The 'quickly' seems to be destroying our democracy. The system allows for time between poll closings and vote tallies/certifications.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to ArizonaLib (Reply #8)

Thu Mar 14, 2019, 05:58 PM

16. My thoughts exactly. Who was that creep during GWB's admin. that was a holdover

from Nixon's admin. that worked with DARPA? John Ehrlichman?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to japple (Reply #16)

Thu Mar 14, 2019, 06:11 PM

17. Sounds right

This whole military culturization creeps me out. I was watching the food channel with my daughter the other night and got pissed when one of the hosts was wearing a different military style jacket after every commercial break. The military product placement everywhere is driving me nuts.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to ArizonaLib (Reply #8)

Thu Mar 14, 2019, 07:20 PM

28. I don't give a rat's ass what the networks want n/t

Reply to this post

Back to top Alert abuse Link here Permalink


Response to mbusby (Original post)

Thu Mar 14, 2019, 04:45 PM

9. Yes, voter-verifiable paper audit trail ...

From the link:

"The first will be a ballot-marking device that uses a touch-screen for voters to make their selections. That system won’t tabulate votes. Instead it will print out a paper ballot marked with the voter’s choices, so voters can review them before depositing them into an optical-scan machine that tabulates the votes."

Reply to this post

Back to top Alert abuse Link here Permalink


Response to mellow (Reply #9)

Thu Mar 14, 2019, 05:34 PM

13. Why not just mark paper ballots by hand?

What is the justification for having all the extra complexity and cost of creating a ballot marking system? Just mark ballots by hand, then scan them directly.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to unc70 (Reply #13)

Fri Mar 15, 2019, 10:04 AM

38. some people cant. the disabled community wants touchscreens.

they also translate into innumerable languages.

plus, as simple as it is, there are always ballots that get spit out because the voter didnt really get it right. and lots of votes dont get spit out or counted.

this works for me.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to mbusby (Original post)

Thu Mar 14, 2019, 04:50 PM

11. 'Bout fucking time!

Proprietary vote-counting software that no one is allowed to examine should have gotten a number of decision-makers locked up.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to mbusby (Original post)

Thu Mar 14, 2019, 04:51 PM

12. LOL! Nothing is secure on the Internet.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Opel_Justwax (Reply #12)

Fri Mar 15, 2019, 10:48 AM

41. Sure as heck isn't safe now...

We need block chain voting with a paper trail and receipt with a searchable and verifiable key to check your vote in the chain

Reply to this post

Back to top Alert abuse Link here Permalink


Response to mbusby (Original post)

Thu Mar 14, 2019, 05:53 PM

14. If banking and credit card systems can be built securely,

voting systems can too. And awesome that it will be open source, as it should be since this is a public service.

Guess that means they won't be using Microsoft Access anymore for the database of choice.

Now we have to watch for the republicans to come along and try to fuck it all up. Their greatest fear is fair elections. They'd have to actually justify their absurd ideas.

Crossing my fingers this takes off like the internet.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to gtar100 (Reply #14)

Thu Mar 14, 2019, 06:13 PM

19. YES!!!

Diebold who provides ATM machines to the major banks also provides the voting machines.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to ArizonaLib (Reply #19)

Thu Mar 14, 2019, 06:22 PM

20. Remember when

the owner of Diebold, who was also Bush's campaign chairman, guaranteed Ohio would go to Bush. He claimed that they couldn't print out receipts for voting,but they did fine with the ATM's.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to justgamma (Reply #20)

Thu Mar 14, 2019, 06:23 PM

22. Wasn't that the time the votes were sent to Kentucky

for 'counting'?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to ArizonaLib (Reply #19)

Fri Mar 15, 2019, 10:18 AM

40. That's right! Even more damning...

Diebold engineers are capable of building ATM machines that work as well they do, but their voting machines are so vulnerable and problematic. It's obvious that this was by choice and not because voting systems are too hard to do by nature. It shows they willfully created substandard, hackable systems. And anyone who works with software damn well knows it. Politics took over good design principles, common sense and well known best practices. It was willful and intentional bad design.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to gtar100 (Reply #14)

Thu Mar 14, 2019, 06:36 PM

24. there is a fundamental difference between voting systems and consumer financial systems

If your banking system shows incorrect information, you can detect that immediately, and come up with evidence to prove that the system went wrong. You don't have to know if all the other bank customers are getting good information. Their accounts have nothing to do with yours.

For voting systems, being told that it understood your vote does not help. It may have some number for the total of all other votes, and that can't be verified by an individual voter. You would have to talk to all of those thousands of voters, and many would not tell you how they voted.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to flyingfysh (Reply #24)

Fri Mar 15, 2019, 10:00 AM

37. Right, it's not the exact same problem set

But they are both complex systems that have to work everywhere, in all towns and cities, with accuracy and consistency, securely and with an audit trail for tracing discrepancies. I could have used other examples - i.e., building robots that can work for years on the surface of Mars. There is no room for error in that code! Highly sophisticated software engineering...the requirements aren't the same but if we can do these highly complex projects (international banking systems, interplanetary robots), an accurate, honest voting system is well within our abilities.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to mbusby (Original post)

Thu Mar 14, 2019, 06:23 PM

21. Not worth anything until it's deployed, which will be when?

 

Reply to this post

Back to top Alert abuse Link here Permalink


Response to mbusby (Original post)

Thu Mar 14, 2019, 06:31 PM

23. There is a basic problem with all of these schemes

I believe they can construct this kind of software. But a basic problem is: how can the average voter make sure that that software is what is actually running on the machines in use? You can't tell just by looking at the machine.

Also, most people don't have the technical background to appreciate this kind of accomplishment. A voting system has to be understandable by anyone, even low-education voters. No software systems satisfy that. The system has to be something everyone can trust.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to mbusby (Original post)

Thu Mar 14, 2019, 07:13 PM

26. "This is a problem that is so big that one DARPA program isn't going to solve ...

..even 20 percent of the problem."


Isn't there a cheaper, more secure system that will fix almost 100% of the problem?

Hint:

Reply to this post

Back to top Alert abuse Link here Permalink


Response to LiberalLovinLug (Reply #26)

Thu Mar 14, 2019, 07:19 PM

27. Trading one problem for another

What happens when people screw up their paper ballots and we have to rely on election officials to determine intent of the voter?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to DrToast (Reply #27)

Thu Mar 14, 2019, 07:57 PM

30. Then if that happens, that is what they will do

There are reps from each party in any count. They must all agree with a vote or it is discarded. Its pretty easy to see if the person just accidentally went over a line in a box or if they intentionally spoiled the ballot. Even IF this was a difficult process, which it is not, it would hardly effect even 1% of the vote.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to LiberalLovinLug (Reply #26)

Thu Mar 14, 2019, 07:46 PM

29. Tabulating the vote is the problem

Reply to this post

Back to top Alert abuse Link here Permalink


Response to h2ebits (Reply #29)

Thu Mar 14, 2019, 08:04 PM

31. Total myth made up by those who have a stake in machines

I am in Canada. We have always used paper ballots. I worked one year at a ballot box polling station as well. The vote tally is completed by about 8 pm in the Western end of the country. One further excuse in the same vein I hear is that....well, there are 10 x more voters to deal with, so it would be too big a job. What? You also have 10x the population you can draw on to work at those polling stations! So it would theoretically take the same amount of time. Its not that complicated. In fact it is far less complicated, while being almost 100% secure, that is the beauty of it.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to LiberalLovinLug (Reply #26)

Fri Mar 15, 2019, 04:09 PM

45. Remember how that worked out for President Gore in 2000?

Somehow, the great state of Florida managed to screw up paper ballots so badly under Jeb Bush's brilliant leadership that his brother got elected president with fewer votes.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to IronLionZion (Reply #45)

Fri Mar 15, 2019, 09:58 PM

46. If I'm not mistaken they were using some ancient punch chad system

Throw out all the fricken mechanical and computer machinery.


Booth

Pencil

Paper

Box

Done

Reply to this post

Back to top Alert abuse Link here Permalink


Response to LiberalLovinLug (Reply #46)

Fri Mar 15, 2019, 10:21 PM

47. Who's going to count all that and aggregate it?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to IronLionZion (Reply #47)

Sat Mar 16, 2019, 01:30 PM

49. I refer you to my post #31

I think that is one of the fake news myths that Republicans have been stoking. How it would be IMPOSSIBLE because they are such a large country. Or because they have more people. Canada is a bigger country, by land mass. And many European countries are more densely populated, per square mile, than the US is. Its simple math. More population, more temporary workers available to work at polling stations for the day.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to mbusby (Original post)

Thu Mar 14, 2019, 10:13 PM

34. Very surprising from a group that sees the villians in sci-fi movies as inspiration rather than

a precaution.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to mbusby (Original post)

Fri Mar 15, 2019, 03:04 AM

35. as some who has spent my life writing code

for well over 50 years now... I was a hacker before the term was invented... back when if you broke into a computer you got hired, not arrested.

I have to ask... why?

What is wrong with paper ballots... hand counted multiple times in plain view of all concerned.

And if it takes a few days to know who won... I'm good with that.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to mbusby (Original post)

Fri Mar 15, 2019, 01:41 PM

43. Excellent news. I remember reading here that Diebold's software was proprietary & secret...

Whoopsie. The whole thing with black box voting with vapor trails stank from the start. Was there a problem with hanging chads? Well, let's makes sure there's no paper to make chads at all. And let a member of the Bush family get in on selling the all new and improved electronic systems.

While I would prefer paper ballots and slower outcomes, having DARPA involved seems an excellent alternative.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to mbusby (Original post)

Sat Mar 16, 2019, 12:47 PM

48. Such a thing is not possible for the simple reason we can't look inside the machine.

Modern computers and operating systems are incomprehensibly complex.

Malware is easily hidden in both the software and hardware. Bugs in the software are difficult to find. It's impossible to make the system transparent without creating a window that connects the voter with their vote.

The incentives to cheat in elections are high, even greater than incentives to steal money.

Hand marked and hand countable paper ballots are the only way to go.

I also think our ballots are too long. We are asked to vote for issues and offices that our elected representatives are too timid to deal with themselves. There are so many items on a ballot that many people don't bother voting at all, and many who do vote are misinformed and easily manipulated by advertising and propaganda, especially television advertising and propaganda.

Reply to this post

Back to top Alert abuse Link here Permalink

Reply to this thread