WAT?!
How is this software not tested to within an inch of its life?
"Counting up the votes" seems like the most fundamental feature of the software, for that to not work reliably really does cast doubt on the abilities of the company in question.
The confirmation of Sadiq Khan as Mayor of London last month was delayed for several hours by a database application bug. The announcement of the election's winner was pushed back from May 6 to May 7 as a result of the programming cockup, which was buried in the IntElect systems used to scan and tabulate citizens' votes. …
This post has been deleted by its author
According to the BBC, you're not far of the mark. Not sure what the world is coming to when the BBC have more technical details than El Reg.
> Staff had to collate discrepancies in a spreadsheet, rather than automatically, when tallying final results, said chief executive Steve Gowers.
> A resulting investigation found that the underlying data, the actual numbers of votes in the database, was correct - but the counting software was not reporting it accurately.
> The decision was then taken to disregard the system's ability to collate results from each constituency - querying this data was instead done by programmers.
> "The manual part of the process meant that we took the output of those queries and put them into a spreadsheet to add them up," explained Mr Gowers.
http://www.bbc.co.uk/news/technology-36558446
Scenario 1: Votes are counted at one go, result is not Sadiq, tamperer changes database but find the voting software updates the vote totals but no the grand total.
Scenario 2: Voting software reports votes entered originally, not the count of DB records. Database has entries deleted to make Sqdiq win, voting count mismatch.
Scenario 3: Crap software that somehow fails even a basic count.
It makes no difference which of those it is, the count is void, the software and this the database are untrustable.
We here in San Francisco published the news hours and hours before the BBC did by listening to the Assembly meeting. At the time we couldn't reach DRS for comment and went with what we had for the UK early breakfast time.
It looks as though the BBC got more info out of them during the day, and really the extra info is that they used a spreadsheet to count up the totals. The main problem, that their software was broken and they had to manually query the database, was broken by us hours ago.
So, OK I'll add in the bit about the spreadsheet. We strive to get all the techie details into stories, but sometimes we have to call time and publish what we've got.
C.
I'm curious as to what development methodology they followed: was it agile, waterfall? Did they use Kanban? Were DevOps involved? What language(s) were used for the implementation? Did they outsource/offshore the code? What reviews were undertaken? Who reviewed the test scripts and results?
'It could be as little as something went in and something came out'
I've found tests like that:
input = new TestInput
result = new Result
class = Mock.Class()
mock.class.ValidateInput(input).Return(true)
mock.class.Save().Return(true)
mock.class.ProcessData(input).Return(result)
result = Class.FunctionToTest(TestInput)
Assert result.IsNotNull()
It means the election is null and void. A talley miscount is a clear sign of tampering, claiming the data into the database is correct is a claim they could not know without manual rechecking each entry. So it is a false claim.
Ergo the election count needs to be voided and the paper ballots checked and counted by hand. If there has been the possibility of tampering with those ballots then the election needs to be rerun completely.
You cannot have a situation where an election official asks a contractor who won. The election officials job is to determine who won, not accept someone elses word for it. Hence Sadiq did not win the vote, he won a contractors opinion as to the vote result.
It should be a legal requirement that all software used to decide the outcome of elections should be open source. Determining the winner in elections run on a non First Past the Post basis (Single Transferrable Vote and various forms of PR) can require some relatively complicated algorithms. The implementation of these algorithms needs to be open to public scrutiny so that it is harder for errors or deliberate cheating to affect the outcome of the democratic process.
Human counted election are transparent because the counting is done in public by a large group of people.
Computer counted elections can only be equivalently transparent if the source code is open to all for inspection.
And there's no need for this code to be closed source. The vendors have to adjust their business models from "selling election software" to "providing election vote counting services"
Computer counted elections can only be equivalently transparent if the source code is open to all for inspection.
Open source is vital. It is also necessary to have a permanent record of votes so that a recount is possible. Electronic storage doesn't allow for an audit using effectively unchangeable data in the way that paper and pencil does.
The vendors have to adjust their business models from "selling election software" to "providing election vote counting services"
They don't even have to do that, they just have to publish the source. They don't need to go the full GNU route of allowing anybody to use their code, and they can still sell it on a traditional, subscription, or per-election basis. It's not like anybody is going to steal their code - it's of no practical or business use to most people, and if the government used their software without paying, it would be pretty bleedin' obvious!
While I agree that open source is important, that's not going to make it anything like "equivalently transparent". How many people are qualified to read and fully understand the source code?
And the compiler?
And the OS it runs on?
And the hardware the OS is installed on?
If you don't understand all of that, how can you be confident you really know what it's doing?
The only really, meaningfully "transparent" system is the one where people sort bits of paper into piles, and count them. In front of as many witnesses as can be bothered to turn up. Anything else is a huge loss in transparency.
This post has been deleted by its author
F*&k off.
I do a postal vote, because I work, my wife works and we have two young kids. Going to a polling station would be an almighty ball ache.
Add to that I am a contractor and could be called to the other end of the country the night before the vote.
There are lots of people that simply won't vote if you take these options away, of they open the doors for EXTREMLY small scale fraud, really how much of a difference does one vote really make? If an election is close enough that one vote swings it I'd me more worried about miscounting than fake postal votes.
This post has been deleted by its author
"What I'm saying is that postal and proxy votes should be the exception, not a matter of convenience. You f*&ker! :-)"
I said nothing different, just that the exceptional circumstances should be quite wide.
For example, you might be ok taking your kids but if I'm away my wife has two options.
Take my two kids (one autistic) and queue to vote.
Or don't vote.
As I am unexpectedly not in the area I can't vote at all..
This is why our default if postal votes, it's that or we dont bother.
Exceptional circumstances will vary from person to person and you cannot prescribe what those should be without excluding voters.
However they haven't done everything to make a polling station voting "accessible". There's no law that says voting has to take place on a Thursday, it's just a tradition. Elections and referendums* could easily be held on a Saturday or a Sunday and it'd be much easier for people to turn out meaning postal voting would be used less. As there would be fewer postal votes they could be scrutinised more and maybe votes could be permitted if only a good reason can be given.
Until they do that it could be claimed they're not really interested in reducing the chances of postal vote fraud.
* Okay, referenda.
Well proxies can have that issue, but that's surely a problem with whom you select as your proxy.
A postal vote (or equivalent online vote) IMHO is *better* than an in person vote. I'm OK with there even being a record of who I voted for, that I can check. I do understand why some people are ashamed of who they vote for, so need privacy, but it would be far easier to ballot stuff rather than forge postal votes.
Tower Hamlets is a basket case for electoral fraud, in the same way that Chicago is in the US. It's very much the exception, but much like 110% turnouts the fraud is blatent and obvious. Still bad, but most places are quite a lot better.
My main issue with the UK system is that I've only had two votes that mattered in my lifetime, the AV change, and the EU one coming up. FPTP means that unless I can rally 20k+ like minded people then my vote is without meaning. In NZ, at least one of my two votes always meant something, and the FPTP part was more contested.
"However, the code that queried the database to pull out the totals was not working properly, leading to "small discrepancies" between the number of paper votes and the reported totals."
Dump it out and pop it into an Excel sheet and do a pivot table? Its only 2 million+ rows.
Seriously: I support the idea of requiring all software used in elections to be open source (or source code available). Similar moves in science have gained some support already...
https://opensource.com/life/14/6/respected-journal-makes-transition-open-science
Technically the London Assembly uses the Additional Member System for elections ( https://en.wikipedia.org/wiki/Additional_Member_System ), which is of course far more complicated and expensive (considering the use of closed source software at who knows what price) than AV ever would have been.
It seems shocking, but often politicians lie in order to get the desired outcome from a national referendum.
Technically, for the assembly, I think it's a modified d'Hondt system, which allows you to maintain the constituency link, but have a proportional result.
For the mayor, it's technically Supplementary Vote.
Meanwhile, elsewhere in the UK, we use Single Transferable Vote for NI Assembly, local elections in Scotland and NI, and European Parliament elections in NI.
The Additional Member System (that d'Hondt method) is also used for Scottish Parliament and Welsh Assembly. And Closed Party List for MEPs except in Northern Ireland.
And then FPTP for most other things.
No one ever pretended the UK made sense...
http://www.parliament.uk/about/how/elections-and-voting/voting-systems/
Assume that the 'software' in question was some official's nephew straight of college who said it would be 'easy' as he runs a Minecraft server.
Honestly, I question the abilities of this so called tech company, when a simple SQL query on pretty much any client would have totalled up the votes in a matter of seconds.