Forgot your password?
typodupeerror
Security Politics

Bug In DOS-Based Voting Machines Disrupts Belgian Election 193

Posted by samzenpus
from the slowing-things-down dept.
jfruh (300774) writes "In 20 cantons in Belgium's Flanders region, voting machines are x86 PCs from the DOS era, with two serial ports, a parallel port, a paltry 1 megabyte of RAM and a 3.5-inch disk drive used to load the voting software from a bootable DOS disk. A software bug in those machines is slowing the release of the results from yesterday's election, in which voters chose members of the regional, national, and European parliaments. The remaining voting machines, which are Linux-based, are unaffected, as were voters in the French-speaking Wallonia region of the country, most of whom use paper ballots."
This discussion has been archived. No new comments can be posted.

Bug In DOS-Based Voting Machines Disrupts Belgian Election

Comments Filter:
  • by Anonymous Coward on Monday May 26, 2014 @03:19PM (#47094127)

    They were just about to upgrade to Windows XP for the next election.

    • by Darinbob (1142669)

      DOS is still the most reliable product from Microsoft, they should stick with it. Newer is most definitely not better.

  • C:\DOS (Score:2, Funny)

    by barlevg (2111272)

    c:\dos

    c:\dos\run

    run\dos\get convicted for election fraud

  • by mechtech256 (2617089) on Monday May 26, 2014 @03:25PM (#47094177)

    A graphing calculator would probable have adequate power to handle taking votes. If the DOS machines are meeting the specifications required for Flanders elections, there's not much of a reason to upgrade them.

    I guess I'm just not seeing the story here. Linux wouldn't stop a software bug either. I guess the only hassle here is that they might have to dig out the parallel cables to patch the machines.

    • by Hsien-Ko (1090623) on Monday May 26, 2014 @03:30PM (#47094217)
      I guess their next 'logical' step is to upgrade to Windows XP


      and then use the same software in the DOSBox emulator

      and then complain on the DOSBox forum that it doesn't work, among the sea of other overentitled 'IT pros' that demand a gaming emulator to fit critical application usage
      *facepalm*
      • and then complain on the DOSBox forum that it doesn't work, among the sea of other overentitled 'IT pros' that demand a gaming emulator to fit critical application usage

        That's a good problem for the DOSBox developers to have. Should provide for some well paying consulting jobs...

    • by TheGratefulNet (143330) on Monday May 26, 2014 @05:25PM (#47095007)

      If the DOS machines are meeting the specifications required for Flanders elections, there's not much of a reason to upgrade them.

      do I have to say it?

      alright then:

      "stupid flanders!"

      • by sillybilly (668960) on Monday May 26, 2014 @11:26PM (#47096869)
        Your sig says "It is now safe to switch off your computer."

        With DOS, in the old days, you could just cut the power to the computer without any warning, and it would be fine, so shutdown time was 0 seconds, also boot time was super fast, like 1-10 seconds, unless you had a long autoexec.bat and config sys. And that was on 486 CPU's, pre-Pentium's.

        DOS came with no bullshit, you can't really blame DOS for the programming error in the voting software, DOS is a reliable, secure(has no network layer unless you add one, and you can add non-tcp-ip stuff), real time, direct hardware access, and it is reliable and secure because it's so small, it fits on a floppy with plenty of room to spare unlike these 5 GB bloatloads of crap with daily patches they are releasing at microshaft these days. I don't remember a single service pack for DOS. Well, there were incremental versions, like 6.0, 6.2, 6.21, 6.22. By the way windows 95 comes with DOS 7,0, a very good version, and you can find most of the missing stuff in the oldmsdos folder on the win95 cdrom. Plus you get a neat version of windows for free,with a very small registry, and relatively low bs, but it doesn't run much modern stuff either, but it runs VB6 classic, and Office 97 just fine. They have yet to make an office version better than Office 97sp2 (service packs mostly fix vba crashes, but you can almost live with those crashes/hangs), Office 2000 is on par without needing bugfix service packs, while office 2002 is already too bloated(plus may require the activation bullshit), shit started going downhill by then, really accelerating by 2003, and pretty much turning into annoying piece of crap by office 2007, plus activation. Activation means you can't run it 50 years from now if Microsoft is out of business by then, or they simply refuse to activate it, and instead tell you to upgrade, which may happen even these days, to all versions starting with office xp=office 2002. Same goes for the OS, if you're packing up reserves for the future, and archiving stuff in case you have to go back to it, go for win95 full version that includes dos 7, and windows 2000, the very last windows without activation, also office 97 with sp1+sp2, and VB6 sp5 (don't use sp6, it introduces bugs on purpose, to usher along for upgrading.) Also Firebase database might come in handy, or ADO with SQL Server 7 or 2000, but SQL Server is expensive, and on a network it requires NT/2k server with client access licenses and such, so it's better to run off a common file on a network drive, or off of PostgreSQL 6-8 on Linux 2.4/2.6. The DOA database with office 97 access kinda sucks, but the access 2000 one is ADO, and the two are not compatible, ADO being much simpler than DOA, but it started to get bloated a bit, not enough to not make it better than DOA. Also from what I read delphi 5 and 7 are golden, but there is Lazarus now, I don't know how that would work on win95. Absolutely nobody is selling delphi 5 or 7, or it's like 300 bux. Delphi was a secret of coding houses cutting development time by like 5x compared to all the alternatives. I never programmed in it, but I've seen a lot of quality software by very smart people written in it, so it must be something really good if they chose it. VB6/VBA still kicks ass for basic stuff, but it's not very fast, and for heavy duty large projects, in development speed and code execution speed and codesize kept in balance, nothing beats delphi 5 or 7. The later dotnet versions of delphi are absolute pure raw crap, from what I read, just like anything touched by dotnet.
        • Reading code in dotnet or java has the following retarded feeling: they keep specifying the context, just to make sure you don't get bitten in the ass if someone switches context on you or it's confusing what context you are in. So

          Author("Shakespeare").Play("The Merchant of Venice").Scene("Scene1").Actors("Antonio, Salarino, Salario").Actions("Enter");
          Author("Shakespeare").Play("The Merchant of Venice").Scene("Scene1").Actors("Antonio").Actions("Speak").Phrase("In footh I know not why I am so Sad");
          A
          • In fact I should have been more specific and include the above in a context like this:

            ParallelUniverse("Universe#347").Galaxy("Milky Way).Star("Solaris").Planet("Earth").Calendars("Gregorian").Century("16th AD")..AuthorLastname("Shakespeare").AuthorMiddleName("#NULL").AuthorFirstName("William").Play("The Merchant of Venice").Scene("Scene1").Actors("Antonio, Salarino, Salario").Actions("Enter");

            etc,etc. Hey in VB Classic (pre dotnet) the custom was this:

            With ParallelUniverse("Universe#347").Gala
        • by X0563511 (793323)

          With DOS, in the old days, you could just cut the power to the computer without any warning, and it would be fine.

          I know, right? Who needs buffers, or disk cache, or any of that other fluff...

          Apparently you don't need line breaks, either.

  • Paltry (Score:5, Insightful)

    by wiredlogic (135348) on Monday May 26, 2014 @03:26PM (#47094185)

    The problem wasn't on the voting machines with the "paltry" amount of memory:

    After the elections are over the results are loaded on a 3.5-inch floppy disk and shipped to the canton headquarters where the disks are fed into another computer that adds up the votes before sending the results to the ministry. It was there that the problem occurred, the spokesman said, adding that the votes that ended up on the disks were correct.

    There is nothing wrong with a simple dedicated system that is based on proven hardware. Most of the computers in use today have even less than 1MiB at their disposal. It is a fallacy of thought that you have to have an extensive operating system with virtual memory and other elaborate support systems to accomplish a simple task.

    • Hell, an x86 computer with 1MiB of RAM and a 3.5-inch floppy drive is totally overkill.

      A simple ATmega328P would be more than enough for this simple task.

      • This is the kind of project you could do in a weekend on a Raspberry Pi. Off-the-shelf , disposable hardware; demonstrably provable software.
        • Re:Paltry (Score:4, Insightful)

          by fgouget (925644) on Monday May 26, 2014 @05:34PM (#47095083)

          This is the kind of project you could do in a weekend on a Raspberry Pi. Off-the-shelf , disposable hardware; demonstrably provable software.

          A voter will never be allowed to verify that the software actually running on the voting computer is your 'demonstrably provable software' software. If he were allowed to do so, not only would it cause a huge backup in the line, but it would also require completely compromising the security of the system. Then that voter would also have to check that the hardware is really an unmodified Raspberry Pi board rather than one that was 'upgraded' by the NSA (or someone else).

          Open-source (or provable software) and open-hardware change strictly nothing to the electronic voting opacity.

          • Yeap, because closed source software and hardware cannot be "upgraded" by NSA, right? I agree with you that cannot be a "Rasperberry PI", but it should be a open source solution, open to be auditable by any interested experts.
        • by Goaway (82658)

          demonstrably provable software.

          No such thing exists, or can exist.

      • by makapuf (412290)

        You'd use a Mega for this ? An attiny25 should be enough !

    • by v1 (525388)

      It is a fallacy of thought that you have to have an extensive operating system with virtual memory and other elaborate support systems to accomplish a simple task.

      My work with the Arduino can produce surprisingly complex operations in under 32kb. (for the program, the runtime, AND the variable ram)

    • by Firethorn (177587)

      There is nothing wrong with a simple dedicated system that is based on proven hardware.

      There are however problems when your 'simple dedicated system' is based on hardware that is now so obsolete that it's no longer manufactured; meaning that any hardware failures means that you're having to source unproven used hardware in increasingly limited quantities, or go to shady 3rd party manufacturers that don't have the quality control of the original.

      • There are however problems when your 'simple dedicated system' is based on hardware that is now so obsolete that it's no longer manufactured; meaning that any hardware failures means that you're having to source unproven used hardware in increasingly limited quantities, or go to shady 3rd party manufacturers that don't have the quality control of the original.

        I think the words you're looking for there are “decreasing limited quantities.”

        • I stand by my words in this case. 'Increasingly' is modifying 'limited' in this case, indicating an increase in the limits of the quantities.

          Not only are there fewer devices available, of unknown providence, but at some point you start having to go through rather crazy acrobatics to get them. I've heard of NASA going to garage sales hoping to get some older computer parts, for example.

          After a certain point it makes sense to upgrade the system just to restore availability because otherwise the option is to

    • I enjoyed DOS and in particular IBM PC DOS. And we could do a lot with it. Even if we went back to the 386 era I'll bet that there could still be lots of software improvements that were never exploited.
    • 3.5" floppy disks are proven... to be horribly unreliable.

      • by freeze128 (544774)
        3.5" floppy disks are proven... to be horribly unreliable.... Over the course of several years.

        However, for one night, I think they will do just fine.
  • by WhiteZook (3647835) on Monday May 26, 2014 @03:29PM (#47094207)
    A simple microcontroller could have done the job, so why introduce unnecessary complications and attack vectors by using DOS or Linux ?
    • Because writing the 3.5" floppy driver would suck.

      • That's why you'd use a USB stick instead. Seriously, who ever thought that a 3.5" floppy disk would be a good way to transfer data ? I haven't seen a floppy drive on a computer for at least a decade.
        • A USB driver is a lot more complex than a 3.5" floppy disk driver.

          PCMCIA/CF is pretty simple. If I was doing custom hardware, I would use that. Off the shelf cards. Simple bus operations. Many microcontrollers can drive the bus directly.

          DOS is still a reasonable choice. It works, isn't complex and there's lots of off the shelf hardware that runs it.

          • SD cards are actually even easier since you can talk to them over SPI. You can get a fifty cent microcontroller to read and write from those with no problem. The annoying thing is that those microcontrollers use a Harvard architecture. Instruction and data code use entirely different memory. So you can read and write to an SD card, you just can't run code off it.

            • > So you can read and write to an SD card, you just can't run code off it.

              That seems like a good thing for a voting machine.

              • > So you can read and write to an SD card, you just can't run code off it.

                That seems like a good thing for a voting machine.

                Good for voting machines, bad for anyone who doesn't need any fancy features but needs more than 4k Bytes of code. Since that's your entire program space with those small microcontrollers. You find weird bugs and limitations in many of those since they have to use a stripped down libc. When you hit that code cap most of the time your only option is to redesign the entire board or start using hacks to cut down on code size. The Arduino might have popularized them, but microcontrollers are still a game wh

                • Where did 4K of code come from?

                  I would expect to use a micro that can address enough memory for the job to be done right.
                  Who mentioned Arduinos? It wasn't me.

                  • Where did 4K of code come from?

                    I would expect to use a micro that can address enough memory for the job to be done right.
                    Who mentioned Arduinos? It wasn't me.

                    I was just talking in general. When someone says "simple microcontroller" I think of an ATMicro/Mega or something like the MSP430 most of which cap out somewhere between 2 and 16k. Anything more than that is a full ARM soc and normally is expensive and has finicky power and i/o requirements compared to the "simple microcontrollers" I normally work with. They're the lap of luxury since, like I said, you normally spend large amounts of time to make the code work with the 4k device instead of the 16k just t

                    • Microcontrollers come in many shapes and sizes. There's a whole spectrum of devices between MPS430s and ARM7TMDIs.

                      I personally like the Siemens 80C166 or one of the many 68k derivatives. Simple, lots of IO and robust. Young whippersnappers might choose AVRs 68HC16s or similar things for the same reasons.

                      But an x86 micro that can run DoS has the obvious advantage that it can run DoS. That addresses a number of issues,

                • 4K? Huh?

                  The Atmel megaAVR series ranges from 4Kb to 256Kb code space. The Arduino Uno boards have been running the 32Kb chip since rev 1.

                  • Like I said, cost is king.

                    Heck, I've been trying to redesign something to use the ATTiny and bitbang USB. Thinking about it, that's where the 4k number came from. Boards with more memory and more features are getting cheaper and that's awesome. I can't wait for when integrated USB becomes as common as integrated SPI and TTL.

                    Now if you'll excuse me I need to get out of my cave and yell at some kids on my lawn.

              • by makapuf (412290)

                Yes, and if the fuses allow that you could even program the flash with it ( boot loaders are allowed in Harvard arch)

      • Writing a floppy driver is by far one of the easiest hardware drivers to write
        • Writing a floppy driver is by far one of the easiest hardware drivers to write

          Using an existing, tested, and documented library so you can concentrate on the actual problem you're trying solve is even easier.

          • I think the legitimate issue with floppy disks is the reliability of the medium and the long term availability of replacements.

            Writing a floppy driver for hardware that has a floppy disk controller chip is easy. Writing one that has to bit bang the interface is anything but simple.

        • Writing a floppy driver is by far one of the easiest hardware drivers to write

          This is not true at all. Do you have any experience of writing a floppy driver?

      • by Darinbob (1142669)

        A floppy driver is much simpler to write than a USB driver by far.

  • Obligatory (Score:5, Funny)

    by ArcadeMan (2766669) on Monday May 26, 2014 @03:29PM (#47094209)

    Stupid Flanders.

  • Paper trail (Score:5, Insightful)

    by ArcadeMan (2766669) on Monday May 26, 2014 @03:30PM (#47094223)

    In Canada, we use paper voting and we usually know the results of national elections within 24 hours.

    Why mess with electronic voting?

    • Re:Paper trail (Score:4, Insightful)

      by sribe (304414) on Monday May 26, 2014 @03:33PM (#47094247)

      Why mess with electronic voting?

      SHINY! OOH OOH SHINY! That's why ;-)

    • electronic voting is easier to rig.

      With paper you have to stuff the ballot box

      • by OFnow (1098151)
        Any voting system can be subverted. The cool thing with electronic voting is that the subversion will of course make recounting meaningless.
      • by sd4f (1891894)
        That's the thing. I've worked at Australian elections, and the procedure basically ensures that the scale of the conspiracy to rig an election would require that a very large amount of fairly random people (the only common thing between them is that they all apply to work at the election) would have to be involved.
    • by CastrTroy (595695)
      Also worth pointing out that the votes are counted so fast, that they had to enact a law so that the results from the east coast weren't reported before the polls on the west coast had closed to prevent the results from influencing voters on the other side of the country. These laws were often ignored (not by the big media companies), and were hard to enforce, and I think they've been eliminated because of this, but the idea made sense.
      • How are they hard to enforce? You just tell your equivalent of what we in the mother country call "the returning officer" to not announce them until the right time.

        Now that won't do anything about speculation, but that's not the same as getting the actual results. Indeed it's frequently far from it [research-live.com]

      • by laird (2705)

        Actually, they weren't reporting the actual reported totals, they were reporting the exit poll results. The actual results were never announced until polls closed, but the exit polls are collected during the voting, and are amazingly accurate, to the point where when the exit poll is "wrong" that's a pretty good indicator of election fraud.

    • > Why mess with electronic voting?

      Because it's much less heavy lifting to stuff the ballot box.

    • Re:Paper trail (Score:5, Insightful)

      by cpghost (719344) on Monday May 26, 2014 @04:00PM (#47094443) Homepage
      24 hours is quite a long time actually. In Germany, we use paper voting too, and the (final) results are usually available within 2-3 hours, 4 hours at most.
      • by Zeromous (668365)

        Does Germany have 5 timezones?

        • Re: (Score:2, Informative)

          by Anonymous Coward

          Continental UE has 3 timezones and results of the European elections were known the same evening. Actually, in some EU countries voting ends at 19 pm and first official (partial) results are ready to go on TV at 20pm. For European elections Italy votes until 10pm or something like that, first official results (for the whole EU) were delayed until after Italy finished voting. Citizens from overseas territories under EU jurisdiction voted few days before to avoid delays due to their timezone.

          • by Zeromous (668365)

            Canada voting stops at 9pm in the last timezone. Zones span 4 hours. So the last vote is presumably cast at 1am Atlantic time.

            Results are usually reported the next morning so it really isn't that bad.

        • by dave420 (699308)
          So add the difference between the first and last timezone to 4 and compare. It's not too difficult :)
    • by cpghost (719344)

      Why mess with electronic voting?

      So that the NSA gets to see the results before the Canadians themselves?

    • Re:Paper trail (Score:4, Insightful)

      by Rumagent (86695) on Monday May 26, 2014 @04:15PM (#47094559)

      No good reason. Except perhaps that a perfectly implemented system (if such a thing is possible, so far none has been devised) would be faster.

      Apart from that, the paper version is:

      Cheap,
      Reliable,
      Repeatable
      Extremely hard to rig on a large scale,
      Well tested
      Durable,

      And most important of all: Easy to understand and audit by a layperson.

      Many slashdot readers are well versed in CS and we do not trust these systems. How then can we expect the public to have any faith in these systems?

      If the many CS guys out there really want to help, they should think out algorithms for sorting that are efficient, precise and can be done by humans - preferably with some error correction built in. It will not make anyone rich, but it may just keep a bit of faith in elections

      • How about inserting voting results into the bitcoin blockchain? Some transactions come with comments built-in (ex: "CoinAd.com Payment").

        If you can trust the data going into it (vote counts as bitcoin blockchain public comments), I don't know anything else that would be harder to rig right now.

        • by Rumagent (86695)

          I do not know:) Perhaps, if you somehow could create a trusted and platform to run it on, educate the voters enough to both verify their vote and the election process itself (the blockchain and the platform). None of which is trivial, but I guess it is not impossible

          The point remains however: What have you gained apart introducing a lot of complexity?

      • Many slashdot readers are well versed in CS and we do not trust these systems. How then can we expect the public to have any faith in these systems?

        Unless you inherited or bought that UID you must remember the Y2K thing. I personally fixed bugs that would have caused havoc with a major company's billing and emergency repair systems.

        Yet a surprising number of the public think the whole thing was a con because nothing actually blew up or fell out of the sky.

        In short, your assumption that distrust is a monoto

      • Is it really cheap? You need a lot of manpower that you wouldn't if you'd use an electronic system. And manpower is typically where the most of the costs come from.
      • by Bert64 (520050)

        Many slashdot readers are well versed in CS and we do not trust these systems. How then can we expect the public to have any faith in these systems?

        Precisely because they are not well versed, and thus blindly trust the system without being aware of the possible flaws... This happens all the time.

    • by Kjella (173770)

      Well, this was about electronic aggregation. As far as I know most quick paper elections use a bar/QR code, electronic counting/sorting and the preliminary sums are sent in electronically. The official results (hand counted, disputed votes, signed election protocol etc. are typically not available until a while later but the number of votes is usually too small to matter much. Occasionally two candidates are really really close though, I know in our last parliament election one was in and out until the very

    • by laird (2705)

      With paper ballots and manual counting, there's no huge system integrator contract with a fat budget to award to your campaign contributtor who runs an IT shop. And it's harder to steal elections. So, paper ballots are a terrible idea. (For the politicians)

  • by TechyImmigrant (175943) on Monday May 26, 2014 @03:33PM (#47094257) Journal

    >The fault appeared in the system despite the fact that the application was especially developed for these elections, was "tested thousands of times" and was certified by PriceWaterhouseCoopers, he said.

    There's your problem

  • Incorrect story (Score:4, Informative)

    by Anonymous Coward on Monday May 26, 2014 @03:45PM (#47094329)

    While it is true that most of Wallonia votes with paper, all the places using e-vote in Wallonia and in Brussel are "affected" by the bug as well.

    "affected" with marks, as the actual problem happened with the software in charge of centralizing all the votes coming from these places. So the e-vote process had no actual problem, it's the counting afterwards that crashed.

    source: I live in Belgium, it's been all over the news here. I'll also add that I heard exactly zero reports about the same problem occuring in Flanders, but I might have overlooked some reports.

    disclaimer: I strongly oppose e-vote.

    • So do I, I've seen nothing about it.

      All I heard was that the VB got a lot of votes. Makes you wonder if the bug caused that, or that caused the "bug"...

      I don't agree with them, but I agree with banning them (as that cretin Verhofstadt tried to do) even less.

  • by joris.w (1003616) on Monday May 26, 2014 @04:38PM (#47094671)
    for a more accurate account of the facts, you could read http://datanews.knack.be/ict/n... [knack.be] (in dutch)
    the vote counting problem in Flanders was related to manual procedures in the Ghent area
    the DOS based e-voting system is used in Brussels, not Flanders
    as stated already in other comments: the DOS based systems did not fail, it was the central vote collecting system that failed
    lesson learned: If you want accurate reports, go to the source and don't rely on second hand reports
  • by Tablizer (95088) on Monday May 26, 2014 @04:39PM (#47094677) Homepage Journal

    a paltry 1 megabyte of RAM...

    640 votes ought to be enough for anyone. -B. Gates

  • by Opportunist (166417) on Monday May 26, 2014 @04:45PM (#47094707)

    Especially when you do not have a problem. If anything, computers are a liability for elections. For many reasons.

    First, the obvious one that was showcased in this issue: KISS is the principle to follow with elections. The more complicated it gets, the more places something can go wrong. Moreover, the more places someone can try to manipulate without anyone having a chance to detect it. I'll get to that in a bit. But the bug in the software shows quite well what's wrong with this idea: It's complicated. Paper and pencil is a technology ANYONE can use and understand. It's time tested and foolproof. There is exactly NOTHING that could go wrong with making a cross somewhere on a sheet of paper and tossing that into a box. It's a simple, mechanical way of voting that simply can not fail, from a "technical" point of view. Yes, it's more complicated to count, but that's all that makes it less attractive.

    And yes, a paper ballot can be manipulated. But it is WAY harder to detect manipulations with computer voting systems. With a paper ballot, provided your system allows it (which it should), anyone who wants to check whether there has been some foul play can do so. Any party that thinks there might be some sort of election fraud can send observers to any of the polling stations and ensure that people can (actually must!) vote in secrecy and that the ballot is not only sealed and tamper free until counting but also that any kind of transport happens in a secure way. Simply accompany that ballot box. You don't need any kind of specially trained personnel to do that. What the observer needs is fairly good vision (may be corrected) and a more or less functioning brain.

    To test a voting machine against tampering or election fraud, at the very least you need a pretty good security auditor. And then you also need to trust that guy. I guess I'm not the only one who could see some populist party crying foul play should people start to realize that they're selling snakeoil and pretend that those voting machines are rigged. And then try to disprove that in such a way that the population, who knows jack about computers, believes you.

    In a nutshell, voting machines are dangerous to the faith people have in democracy and elections.

If it's not in the computer, it doesn't exist.

Working...