• Great articles on other sites
  • RSS Great articles on other sites

  • Featured, News - Written by on Monday, March 8, 2010 17:29 - 15 Comments

    Victoria expands Linux e-voting rollout

    Victoria’s Electoral Commission has flagged plans to expand its use of electronic voting kiosks based on Linux software in the next state election in November this year.

    The state first started using the machines in a limited trial during the last state election in 2006. It appears as if the machines were used for voting for the vision-impaired, as well as for military personnel. News of the rollout was broken by Computerworld.

    However, in tender documents released last week, the state revealed it would expand its use of the machines. About one hundred kiosks will be deployed to early voting centres (including mobile facilities) around the state as well as in the United Kingdom.

    According to the tender documentation, the machines will consist of one in-built 19″ LCD touch-screen, one PC with an Ethernet network port, and an in-built USB smartcard reader. The machine must be able to run Linux, as the commission has requested Linux drivers for the components.

    The commission stated it would install Linux on the machines itself, but it remains unclear which exact version of the open source operating system it will use.

    The tender documents stated that drivers must be compatible with the “2.6 kernel/Gentoo release of Red Hat Enterprise Linux”. However Red Hat and Gentoo are quite different Linux distributions.

    It appears as if Victoria’s previous e-voting system was supplied by Hewlett-Packard, in conjunction with Spanish company Scytl.

    The news comes as Linux has not been making headway for desktop use in Australia — even in such limited use as customised and locked down terminals such as e-voting systems require.

    One of the last stand-out Linux desktop deployments in Australia was that found at Kennards Hire. However, in December 2009 the plant and equipment company revealed it had migrated its 300 desktop machines running Fedora Linux back to Windows (thin clients) in 2008.

    In contrast, the New Zealand government is currently engaged in a pilot to replace Windows PCs with desktops running Linux and open source software. However, Linux remains a force in local server deployments, where it is seen as the main rival operating system to Microsoft Windows.

    Image credit: Larry Ewing

    submit to reddit


    You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

    1. David F. Skoll
      Posted 09/03/2010 at 9:18 am | Permalink |

      This is bad news. When (not if) serious security flaws are found, closed-source promoters will gleefully jump on them and say that only closed-source software should be used for e-voting.

      This will obscure the real problem, which is that e-voting is fundamentally non-securable and should never be used by anyone who actually cares about democratic institutions.

      • Posted 09/03/2010 at 9:30 am | Permalink |

        Do you think so David? I would assume they would have this environment fairly locked down. And it’s not as if Microsoft has a great reputation for security.

        I agree with you that e-voting is fundamentally non-securable tho — although I’m not sure that paper voting is either.

        • David F. Skoll
          Posted 10/03/2010 at 1:49 am | Permalink |

          Paper voting is substantially harder to tamper with than e-voting. Where I live (Canada), counting paper votes involves thousands of people and is scrutinized by representatives of each political party. It would be quite difficult to subvert enough counters and scrutineers to materially affect the outcome of an election.

          E-voting can be tampered with stealthily and silently. No-one can see malicious code or malicious network traffic. Anyone who takes control of the e-voting software can manipulate it silently and remotely, and force it to produce whatever results he/she likes. A skilled attacker can hide his/her tracks and make it almost impossible to detect that tampering has taken place.

          In the United States, parties spend about a billion dollars per election. If they could spend half that much to win the election through tampering, that would be pretty tempting. And 500 million dollars is enough to mount a very robust attack against an electronic system.

          • Chris
            Posted 10/03/2010 at 11:16 pm | Permalink |

            But we vote using pencils… to number candidates…. Tampering just takes a few people with an eraser and another pencil… It’s not like hanging chads or anything.

            • David F. Skoll
              Posted 11/03/2010 at 8:37 am | Permalink |

              “Tampering just takes a few people with an eraser and another pencil”

              Well, yeah.

              Except those few people have to get into the sealed ballot boxes. They have to convince the people watching them to let them get the boxes and to look the other way while they tamper.

              You really have no idea how real elections are run.

            • Danielle
              Posted 11/03/2010 at 8:41 am | Permalink |

              There are two kinds of election fraud: retail election fraud, where some number of votes are individually changed; and wholesale election fraud, where a flaw in the system enables a mass changing of votes. Retail election fraud rarely alters the outcomes of elections.

              You are right, voting with pencil on paper, someone could change individual votes, but in Australia ballot boxes are secured with coded tags, which scrutineers watch being applied, and being removed. The count is also scrutinised. The opportunity for mass-alteration of votes is not present. Even a corrupt election official would find it difficult to commit a wholesale fraud.

              E-Voting systems however are incredibly hard to scrutinise, and provide ample opportunities for wholesale fraud, either through an intentional programming flaw, or exploitation of the system.

              In Australia, the (Reps) votes are counted at least twice (and further times if the counts are not close enough), once on election night, and again during the following week. An electronic voting system with a sufficiently complete paper trail (that the voter could verify) would allow for both instantaneous results (and less staff on election day) and a manual second count later in the week. With correct design, such a system could still be secure.

    2. […] Victoria expands Linux e-voting rollout Victoria’s Electoral Commission has flagged plans to expand its use of electronic voting kiosks based on Linux software in the next state election in November this year. […]

    3. […] Victorian Electoral Commission has released a tender requesting suppliers for a Linux-compatible eVoting kiosk. Apparently, they will be installing […]

    4. Posted 11/03/2010 at 2:14 am | Permalink |

      worst part of this idea is linux just got the most exploits to date so call off the voters =)

    5. Posted 11/03/2010 at 8:36 am | Permalink |

      There is a difference between security flaws and a locked-down system. You can make them tamper proof regardless of the software if it is done right (gaming machines come to mind), but given Victoria’s reputation (miki smart-card travel systems) there are so many levels and ways they can stuff it up, and probably will.
      It’s not that paper is less tamper proof, it’s just that the effect is limited and the change is more identifiable in review. I hope it’s done right, but I am not sure that the current system actually needs any changing.. Is it just business that needs to sell more hardware and contracts or is it actually going to make voting easier, cheaper and result in a better outcome?

    6. Adam
      Posted 12/03/2010 at 11:35 pm | Permalink |

      So, like with cash registers, you make the machine print a paper receipt that is given to the voter and an identical copy kept internally. Random spot checks make sure the votes being returned by the machine match what is being recorded on the receipts. People can go home, type in the code on their receipt and check online (or over the phone) that the vote counted matched the one they cast, thus putting their mind at ease that the machine they used wasn’t tampered with and helping build trust in the system.

      I think it’s great they’re using Linux for this, but really the security aspect is irrelevant to the OS. You can never make something 100% secure, but you can make sure that any tampering is detected and reversed before it causes any problems.

    7. Chris
      Posted 12/08/2010 at 2:21 pm | Permalink |

      I met someone who counted the votes from the last election. He was a 16yo student at the time, and mentioned that a huge number of “donkey” ballots were simply blank. Even without an eraser, the opportunity for this bloke to make a serious dent in the results was totally real. Students are almost always poor, and usually the most pollitically motivated subsection of our entire community.
      Among the other interesting things he mentioned was that they treat different kinds of informal votes (eg: empty ballots, versus ballots with abuse written on them versus jokers who’ve added their own things like “Homer Simpson Party” to vote for, versus mistaken voting etc) in different ways. Some get discarded, while others get retained – and again – it’s these students who choose which ones go into the bin, or not. Whether anyone checks these we’ll never know – but I’m sure we’ll be told they’re checked (whether or not they really are).

      It’s hard enough trusting governments, but when they pick possibly the highest-risk individuals I can think of to count the votes, they *really* should **not** be making voters use pencils to vote with.

      Roll on a secure electronic system I say. It can’t possibly be worse than our current pencils on paper system with the risk of trusting thousands of uni students not to change/discard anything improperly.

      • Andrew
        Posted 12/08/2010 at 10:59 pm | Permalink |

        Chris, given this site caters to Linux users from all over the globe I’m not sure if you are referring to the Australian system or another country. For the sake of this article I’ll assume Australian.
        I’m lucky enough to have family who manage voting centres etc at federal and state elections and I think your young uni friend was telling you his understanding of the system.
        Every vote is counted by more than one person, an AEC official and a scrutineer from multiple parties. Every invalid vote can be challenged by a scrutineer and is assessed by set policies. As for the idea that ballots are binned, you are seriously misinformed. Every single voting slip is accounted for and archived for any challenge to numbers that may occur in future, NOTHING is binned.
        Reading between the lines I get the impression you feel these “Uni students” are left leaning and their intentions are to thwart a conservative election victory. The effort required to do this via a pencil is next to impossible. It would require a conspiracy on the level where every single employee of the AEC was involved and determined to ensure the victory of one party. Given that the family members I know working at the AEC are of opposing political ideologies I know this is impossible.
        The fact that each voting centre has scrutineers checking the votes as well, you are suggesting that a scrutineer for one party is happy to give the election to their nemesis.
        Unless you also believe the moon landing is a fraud? That’s a discussion for another forum.
        Don’t take my word for it, call the AEC and apply for work at the next election. It’s a great day and it pays well, you will make some new friends and each election you may progress to a higher role and increase your wage for the day.
        Increase the efficiency definitely, but accept that IT solutions are not error free and far easier to subvert. If it weren’t so, why the need for virus checkers, firewalls and encryption? I can write a patch for any system. You want to win the election by %5 and you want it in Perl, C or how about Fortran. As soon as I finish this Trojan for Linux, OSX and Windows 7 I’ll get right on it.

    8. By kristinpowell.com.au on 10/03/2010 at 9:19 pm

      […] read more […]

    9. Andrew
      Posted 11/03/2010 at 11:30 am | Permalink |

      Here’s a novel idea. Paper output which prints for the voter to verify their vote plus a hash which they can keep to verify online if they wish, which has no identifying details. The paper output is dropped into a lock box for physical verification on the day or at later point.

      The local terminals are networked together with a master terminal which will only accept data from pre authorised terminals, no rogue entities can be added without security key and everything is encrypted. Absolutely NO WIRELESS component allowed anywhere near the system. The system could then dial home (old school dial up like EFTPOS) to send data through throughout the day. Heavy statistical analysis on all results based on polling data and previous voting trends for the area to flag dodgy poll booths.

      As for paper count, party representatives regularly request recounts and everything is scrutinised.
      Run the paper system and terminal system in tandem with random audits in perpetuity.

      The biggest cost for the day is then POS rolls which should be made the same size as the most common rolls for retail sales.

      You have the speed and efficiency of an IT solution with the added security of a paper system. The paper system should never be removed as I never trust any human being who seeks power. Especially the sycophants that help them and nod like sheep in the background of press meetings.

    Get our 'Best of the Week' newsletter on Fridays

    Just the most important stories, one email a week.

    Email address:

  • Enterprise IT stories

    • Super funds close to dumping $250m IT revamp facepalm2

      If you have even a skin deep awareness of the structure of Australia’s superannuation industry, you’ll be aware that much of the underlying infrastructure used by many of the nation’s major funds is provided by a centralised group, Superpartners. One of the group’s main projects in recent years has been to dramatically update and modernise its IT platform — its version of a core banking platform overhaul. Unfortunately, the $250 million project has not precisely been going well.

    • Qld’s Grant joins analyst firm IBRS peter-grant

      This week it emerged that Peter Grant, the two-time former Queensland Whole of Government CIO (pictured), has joined well-regarded analyst firm Intelligent Business Research Services (IBRS). We’ve long had a high regard for IBRS, and so it’s fantastic to see such an experienced executive join its ranks.

    • Westpac dumps desk phones for Samsung Android mobiles samsung-galaxy-ace-3

      The era of troublesome desk phones tied to physical locations is gradually coming to an end in many workplaces, with mobile phones becoming increasingly popular as organisations’ main method of voice telecommunications. But some groups are more advanced than others when it comes to adoption of the trend. One of those is Westpac.

    • Ministers’ cloud approval lasted just a year reverse

      Remember how twelve months ago, the Federal Government released a new cloud computing security and privacy directive which required departments and agencies to explicitly acquire the approval of the Attorney-General and the relevant portfolio minister before government data containing private information could be stored in offshore facilities? Remember how the policy was strongly criticised by Microsoft, Government CIOs and Delimiter? Well, it looks like the policy is about to be reversed.

    • WA Govt can’t fund school IT upgrades oops key

      In news from The Department of Disturbing Facts, iTNews revealed late last week that Western Australia’s Department of Education has run out of money halfway through the deployment of new fundamental IT infrastructure to the state’s schools.

    • Turnbull outlines Govt ICT vision turnbull-5

      Communications Minister Malcolm Turnbull has published an extensive article arguing that the Federal Government needed to do a better job of connecting with Australians via digital channels and that public sector IT projects needn’t cost the huge amounts that some have in the past.

    • NZ Govt pushes hard into cloud zealand

      New Zealand’s national Government announced a whole of government contract this morning for what it terms ‘Office Productivity as a Service’ services. This includes email and calendaring services, as well as file-sharing, mobility, instant messaging and collaboration services. The contract complements two existing contracts — Desktop as a Service and Enterprise Content Management as a Service.

    • CommBank reveals Harte’s replacement whiteing

      The Commonwealth Bank of Australia has promoted an internal executive who joined the bank in September after a lengthy career at petroleum giant VP and IT services group Accenture to replace its outgoing chief information officer Michael Harte, who announced in early May that he would leave the bank.

    • Jeff Smith quits Suncorp for IBM jeffsmith4

      Second-tier Australian bank and financial services group Suncorp today announced that its long-serving top technology executive Jeff Smith would leave to take up a senior role with IBM in the United States, in an announcement which marks the end of an era for the nation’s banking IT sector.

    • Small business missing the mobile, social, cloud revolution iphone-stock

      Most companies that live and breathe the online revolution are not tech startups, but smart smaller firms that use online tools to run their core business better: to cut costs, reach customers and suppliers, innovate and get more control. Many others, however, are falling behind, according to a new Grattan Institute discussion paper.

  • Blog, Enterprise IT - Jul 5, 2014 13:53 - 0 Comments

    Super funds close to dumping $250m IT revamp

    More In Enterprise IT

    Blog, Telecommunications - Jul 5, 2014 12:12 - 0 Comments

    What should the ACCC’s role be in guiding infrastructure spending?

    More In Telecommunications

    Analysis, Industry, Internet - Jun 23, 2014 10:33 - 0 Comments

    ‘Google Schmoogle’ – how Yellow Pages got it so wrong

    More In Industry

    Blog, Digital Rights - Jun 30, 2014 22:24 - 0 Comments

    Will Netflix launch in Australia, or not?

    More In Digital Rights