Slovakia – Yet Another Government Discovers GNU/Linux Is The Right Way To Do IT

The folks who suggest using GNU/Linux costs more obviously can’t do the maths. Here’s an example.“The Slovak Republic’s Bureau of Statistics has used PCs running Ubuntu Linux for recording votes in the country’s municipal election on 29 November. Using open source saves money, says Å tefan Tóth, Director GeneÅ•al of Informatics Section at the agency. For the bureau’s IT system administrators, Ubuntu proves easier to maintain and configure, and the software also withstands malware attacks better than the proprietary alternative, director Tóth confirms.” For the last municipal election in Slovakia, the government recorded the votes on PCs that were essentially thin clients of a central web-application. They put GNU/Linux on those PCs although they could have used that other OS and they found they saved money. The PCs are easy to manage thanks to FLOSS package-management. They were in total control of the PCs because it’s FLOSS, not code designed by some corporate salesmen, but folks who make software that works for the user. That’s been my experience in schools. That’s the experience of other folks who use GNU/Linux in the real world.

I recommend Debian GNU/Linux rather than Ubuntu GNU/Linux but it’s still GNU/Linux.

See Slovak statisticians rely on open source for voting machines.

About Robert Pogson

I am a retired teacher in Canada. I taught in the subject areas where I have worked for almost forty years: maths, physics, chemistry and computers. I love hunting, fishing, picking berries and mushrooms, too.
This entry was posted in technology and tagged , , , , , . Bookmark the permalink.

32 Responses to Slovakia – Yet Another Government Discovers GNU/Linux Is The Right Way To Do IT

  1. DrLoser says:

    2 years after election is a little late to be able todo anything.

    Too young for Nixon were you, Fifi?

  2. DrLoser says:

    2 years after election is a little late to be able todo anything.

    Yes indeed. It’s not like the USA has the Supreme Court, or even two Houses of Congress, or anything, is it? Let alone the complete slaughter that would follow if anybody from the following list believed in your drivel:

    1) Fox
    2) NBC, ABC, CBS
    3) HBO
    4) Huffingdon Post

    … and more.

    As always, you have no clue whatsoever about this stuff, do you, Fifi?

  3. DrLoser says:

    USA paper voting system has a weakness.

    And that weakness would be the lack of compulsory voting, Fifi? I think not.

    Only a complete fool would equate “compulsory voting” with “a guaranteed absence of electoral malfeasance, because obviously the police will look into it.”

    Good Lord, you don’t even understand how physical voting procedures work. Why on earth would anybody let a total incompetent like you dictate how a virtual voting procedure should work?

  4. oiaohm says:

    DrLoser something interesting. Here in Australia we don’t need a secondary count system to locate missing boxes. Why Australia has Mandatory voting and fines if you don’t vote. So exact number of votes is know and if someone does not vote police has to get answer. So missing boxes turn up as being missing Quickly in Australia because police have numbers of people claiming they did vote yet they are not marked as voting or voter numbers don’t match votes in boxes.

    USA paper voting system has a weakness.

  5. oiaohm says:

    DrLoser
    Largely because no such “multi million votes messes” happened, oiaohm

    Don’t you imagine that this would have made the national news headlines in the USA?
    http://www.michaelparenti.org/stolenelections.html#notes
    If you read the cites at the bottom it truly did make the News DrLoser. You can in fact get the news papers covering it. Yes basically sweep issue under carpet pretend it did not happen.

    http://www.amazon.com/What-Went-Wrong-Ohio-Presidential/dp/089733535X
    2004 is a formal book the investigation with how it was done.

    Do you know what gave away the 2004 issue was the boxes being found in 2006. Yes someone was not careful enough to destroy the evidence.

    2 years after election is a little late to be able todo anything.

    And rather easily traced, in terms of electoral fraud, I would suggest. At least given some level of belief in the electoral system itself, which thankfully we can all enjoy in the “western world.”
    So DrLoser if it rather easily traced please explain how the boxes could be uncounted for over 2 years and no one know they were missing. 2004 was almost perfection and displays the flaw in the paper system.

    You are basing your belief on nothing but faith. The problem here the 2004 case would have never been found if someone rigging had done job properly. Now DrLoser can you say ones attempting todo today would not have learnt from the mistake or 2004.

  6. DrLoser says:

    Are you really defending the Ichthyosauroidal One on the basis that he doesn’t really need to be “specialised,” Robert?

    Because that doesn’t really work when I’m accusing him of knowing nothing at all about anything he posts on this site.

    For example: oiaohm might possibly have worked in the IT tax department of a lawyers’ office: he likes to cite Australian tax law precedent, so that would make sense.

    At a stretch, and only because oiaohm has claimed this, he might even have worked as a Microsoft Value Added Reseller.

    Other than that? I wouldn’t even employ Fifi as a chippie.

    And by “chippie,” I mean somebody who slices potatoes and deep fries them. I have spent the last year working with carpenters, and I don’t … and this is of course only my own personal opinion … believe that oiaohm would stand a chance of qualifying as a professional “chippie.”

    Then again, there’s always the street light on the corner.

  7. DrLoser says:

    That’s why the dinosaurs failed. They were too specialized.

    I see oiaohm as more of an Ichtyosaur, myself.

    Naturally, other peoples’ comparisons may differ.

    Having said which, you can’t really knock being specialised for sixty five million years, can you?

  8. DrLoser wrote, “you must surely specialise in something, otherwise you would be totally unemployable.”

    That’s why the dinosaurs failed. They were too specialized. Iwas a teacher for ~15 years. On paper, I was specialized for Maths/Science and Physics in particular. I taught Physics only a few times in all those years. There just aren’t that many students of Physics in the North. They are into other things up there. My employability was based on many other factors: the fact that I was physically and mentally able to teach anywhere, the fact that I absorbed new technology rapidly and could keep PCs working without having to fly in/out techs or equipment, and that I worked hard taking assignments many other teachers would not because there were too many courses and too many multi-level/multi-grade classes to handle. Many of the places I worked demanded teachers be generalists, not specialists. IT for me became a speciality but only once or twice was IT/computers my only role. Specialization enhances performance of an individual worker but it does not guarantee throughput for the whole system/organization. Folks with multiple specialities or generalists are necessary.

  9. DrLoser says:

    However, I don’t wish to deny you the opportunity to explain to us all what precise areas of IT you have worked in, oiaohm.

    From my limited knowledge (ie I have worked in these areas, and you clearly have not), you have zero knowledge of the following:

    1) Voting systems
    2) Telcos
    3) Stock Exchanges
    4) Credit Card Agencies
    5) Security Audits
    6) Embedded Systems

    These are just some of the things you claim to know lots about, but can be proved (simply by me) not to know anything at all.

    I mean, you must surely specialise in something, otherwise you would be totally unemployable.

    What could it possibly be, I wonder?

  10. DrLoser says:

    Just make the complete box get lost and magically all those votes have disappeared never to be seen again.

    And rather easily traced, in terms of electoral fraud, I would suggest. At least given some level of belief in the electoral system itself, which thankfully we can all enjoy in the “western world.”

    Tracing electoral fraud based upon a pure Internet vote? Probably impossible, I would say. Certainly several orders of magnitude more expensive.

    And I still stand by my main point. You turn up to vote, you are at least physically present and an active member of society who put a bit of effort in.

    Voting over the Internet? Not quite the same thing at all, is it?

  11. DrLoser says:

    Leave aside the hanging chad election, please. I mentioned it out of courtesy and completeness. It has no bearing on this argument.

  12. DrLoser says:

    20,000 ballot papers is not even close that is in the multi million votes messes with in both the 2000 and 2004 by boxes disappearing and other underhanded transport attacks.

    Largely because no such “multi million votes messes” happened, oiaohm

    Don’t you imagine that this would have made the national news headlines in the USA?

    Are you completely incapable of dealing with powers of ten, without taking your shoes and socks off?

    Evidently so.

  13. oiaohm says:

    DrLoser false identity attack is more detectable than substitution.
    http://eagnews.org/chicagoland-voting-machine-casts-candidates-vote-for-his-dem-opponent-2/
    http://www.washingtontimes.com/news/2014/oct/28/calibration-issue-in-maryland-voting-machines-swit/
    October 21, 2014 this year another Windows based Diebold voting machine doing bad things again. Please note Diebold machine is not the type that prints out paper slips that person puts in box.

    20,000 ballot papers is quite a min figure compared to the number suspected to be screwed with in the usa.

    http://www.michaelparenti.org/stolenelections.html
    DrLoser 2000 and 2004 USA elections have documented successful attacks on transport of the paper votes. Just make the complete box get lost and magically all those votes have disappeared never to be seen again.

    20,000 ballot papers is not even close that is in the multi million votes messes with in both the 2000 and 2004 by boxes disappearing and other underhanded transport attacks.

    Never know is not exactly the right words. If the votes were not counted as they were made you will never know what stolen boxes/missing did contain. It takes very little man power to steal the boxes form areas known hostile. Depending on the case that it will be too expensive to rerun the vote.

    DrLoser the fact these attacks have happened and has altered the outcome makes your arguement look like a person sticking head under water and wondering why they die from drowning because water contains O2. Yes paper votes have all these nice safe guards that in theory you should catch any tampering. Reality not so much.

  14. DrLoser says:

    The crucial thing here, oiaohm, and I do actually welcome and appreciate your thinking, is that a physical infiltration at a voting booth is a question of man-power. It’s also a one-off job, because you’ll have to commit the same man-power to the next election.

    An internet infiltration might easily consist of five guys in a back room with a bit of software. And if you’re not detected, you can go again. (Even if you are detected in one electorate, I don’t think it would be too hard to sell the infiltration software on at par, more or less.)

    The idea that this is secure is wrong. The paper is open to attack in transport. DrLoser if its been done successfully in a paper only system you will never know.

    It’s quite difficult to “attack” ballot papers in transport without leaving some sort of indication that you did so, oiaohm. I’m not being rude here. I’m just pointing it out. For example, in the election I quoted, there was indeed a fairly large scale fraud, on the order of (from memory) 20,000 ballot papers — enough to swing a particular seat. And it was indeed physical.

    But it didn’t occur “in transit.” It occurred before the declaration papers were even delivered. (The declarations being the “I am a registered voter” thing.)

    Somebody, very local to me, snatched those 20,000 declaration papers and printed off 20,000 matching ballot papers, which were thusly doctored.

    Want to guess how they were caught? Obviously the Official Secrets Act forbids me from telling you — thank God for the OSA in this case, although I’m even now probably saying too much — but there are other obvious physical checks in place.

    Electronic + paper both system back each other up so meaning 2 systems has to be breached not one.

    And here, sadly — it was a lovely little interlude — you lapse back into letting your brain flap around at random, and you’re contradicting your original premise that the Internet alone is a viable security mechanism for voting in a democratic society.

    I’m telling you, oiaohm, I have worked — however briefly — with this software and in this domain. I don’t claim to know a huge amount about it.

    What on earth suggests to you that you know anything at all?

    Don’t take this the wrong way, but it wouldn’t hurt you, once every now and again, to just shut up and listen to people who have a vague idea what they’re talking about. From direct experience.

  15. oiaohm says:

    DrLoser there are documented cases of complete ballet boxes being swap. Counter measure to this is a unique 1 time use code per vote.

    http://www.sundaytimes.lk/090426/News/sundaytimesnews_05.html

    You will find documented cases in the USA as well DrLoser. Of course some go undetected without a secondary system counting.

    All of our successful work was done with paper, and with matching barcodes between declarations and ballots.
    The idea that this is secure is wrong. The paper is open to attack in transport. DrLoser if its been done successfully in a paper only system you will never know.

    Electronic + paper both system back each other up so meaning 2 systems has to be breached not one.

    Preprinted vote papers are more open to election rigging because you can put a few thousand people in a room to fill them out. Unique to the day is absolutely required.

    All of the fraud was done over the Internet.
    This is over claiming DrLoser. You don’t know that there was no fraud in the counting room or ballet box replacements.

    Particularly after this.
    http://www.sott.net/article/286057-Scottish-referendum-result-undoubtedly-rigged
    Yes video cameras in the counting room document that the count was done wrong.

    So are you saying to me that the people counting the paper ballets could be trusted.

    Proper vote system need mutual distrust.
    You electronic count the vote as the its done and you also count the paper. Both numbers should exactly match. Those in the counting room should never be told what number the computer thinks they should get.

    If the number cannot be made match. System has had a error somewhere. Either some paper votes have been changed/lost or the electronic was breached.

  16. DrLoser says:

    Electronic voting printing votes is more possible to cancel and run a new day. As each vote can have a unique voting event id without any real extra costs.

    Preprinted vote papers are more open to election rigging.

    Of course, I should have known. Our resident Universal Expert On Everything just had to chip in, didn’t he?

    Not a single word of that entire stupid comment was worth even considering, I’m afraid, oiaohm. You haven’t been there, you know nothing, you’re not even making sense.

  17. DrLoser says:

    So, if it’s not that difficult, have at it! Design something that is unbreakable within five nines, say. (The hanging chad after the five nines isn’t going to cost anybody an election in any reasonable scenario.)

    You’d be doing the democratic world a huge favour.

    You’d probably get a Nobel Prize as a side-line.

    Oh, and you’d make a few bucks, too. Remember: you don’t have to implement it. You just have to design it.

    A suitably elegant forty page proposal, and you’re away!

  18. DrLoser says:

    It’s not that difficult to have a completely unbreakable system except for denial of service or central corruption built in.

    Actually, it’s astonishingly difficult, Robert. And I’m only talking about “internet voting” here, which at least limits the attack vectors.

    Forcing people to turn up physically to vote (where possible, and naturally there are areas of the world and employment restrictions and so on that limit this) is a good thing for Democracy.

    Why? Because it forces people to participate, and to recognise that they are participating. It also humanizes the process, as with “Town Hall Democracy” in the North-Eastern States.

    It also, by definition, requires a paper trail. Which can be easily audited.

    Once again, Robert, I have been involved in this, and you have not. I actually know what I am talking about here. I was part of a ten-person team that wrote the declaration/ballot system for large swathes of England in the 2004 Euro Elections.

    All of our successful work was done with paper, and with matching barcodes between declarations and ballots.

    All of the fraud was done over the Internet.

  19. oiaohm wrote, “even sharing using ssh over an open networking you are praying that the ssl libraries are not flawed. Remember this is an election overseas powers may be interested in interfering.”

    It’s a Hell of a lot more secure than moving truckloads of ballot-boxes all over a region. It’s also possible for users of SSH to add an additional layer of encryption like a one-time pad or steganography to prevent hackers from figuring things out in real time. Ballots are sparse documents easily hidden. The administrator of the system could go for a walk with a camera minutes before the polls open, take a snapshot of some garden and use a random finite set of bits in those images to transfer the data. Just for fun he could add some other random noise to the image at other bit-positions. Good luck finding anything in years of work. To avoid problems with folks collecting all the images and XORing them, use a different set of bits or images for each polling-place/ballot. It’s not that difficult to have a completely unbreakable system except for denial of service or central corruption built in. It’s not that huge amount of data because you don’t need to send the ballots themselves, just the votes, a few bits per voter, so way less than 1gB altogether. One-time pads and other paranoid methods are feasible.

  20. oiaohm says:

    Electronic voting printing votes is more possible to cancel and run a new day. As each vote can have a unique voting event id without any real extra costs.

    Preprinted vote papers are more open to election rigging.

  21. oiaohm says:

    Robert Pogson even sharing using ssh over an open networking you are praying that the ssl libraries are not flawed. Remember this is an election overseas powers may be interested in interfering.

    Setting up voting machines for a country is a true pain in ass.

    Internet was not design for security. This is the serous problems somethings we truly do need a proper isolated secure network. Banks set these up for ATMs. It is possible for government departments to have proper not Internet linked networks setup. This means an attacker has to breach that network somehow.

    Its layers of security like a onion. You presume the out layers may be destroyed. So if the government private network is broken the encryption acts as you next layer. If the encryption and server end up broken the paper ballets come a fall back. In fact if too much is breached you would be better to cancel the election and run it a new day.

  22. oiaohm wrote, “DrLoser I don’t agree with over the web either. Https over a private network for voting is fine.”

    One could forward port 80 over SSH with a fair degree of certainty with pre-shared keys. Each client could have a unique key for the greater certainty. It would almost certainly take hackers more than a day to fake a key if the machines go online the day of voting. The machines could be well tested locally on a private LAN before deployment. Then you’re good unless there is an “inside man” or a machine gets stolen. Both of those problems can be solved simply by requiring multiple vetted people to make anything happen and pinging the machines periodically.

  23. oiaohm says:

    http://www.business-standard.com/article/beyond-business/e-voting-for-it-land-111072300044_1.html

    DrLoser Like it or not electronic voting over the web has been more successful and secure than Windows based voting machines. But the hack attempts kinda say using over the web is not highly wise. The fact that over the web has worked successfully with some issues says at least the html/https part is fine. Internet network bit not so much.

  24. oiaohm says:

    DrLoser there have between 12 different providers around the world of Windows based voting systems. Diebold holds the worst because 1 seat in the USA over half the votes were missing. So far none of the Windows based are getting much market share.

    None of which has anything to do with my proposition, oiaohm: given current (and as far as I am concerned, future) technology, voting over the Web is a seriously bad idea.
    Drloser Using https is part of dealing with that article.

    It’s called a man-in-the-middle attack. It’s a classic attack on security devices. You implant a microprocessor or some other electronic device into the voting machine, and that lets you control the voting and turn cheating on and off. We’re basically interfering with transmitting the voter’s intent.

    Lets look at this.

    1) Html tech allows the voter machine screen layout to be set on the day of the vote reducing attacker before hand knowledge.
    2)Html tech allows javascript based encryption to be sent down on the day of the vote again under mining before hand knowledge.
    3)https tech has the result transmitted off site straight away.

    DrLoser I don’t agree with over the web either. Https over a private network for voting is fine. Realistically the html used does not have to be super fancy dial-up modem would be suitable. Basically old school BBS with a phone line per voting location could be done.

    Printed ballet is also a another defense against man in middle. Printed Ballets get stolen. Electronic voting machines get tamped with and stolen. The reality you might as well go with a stock computer. Something that does not have to be shipped to the site or taken away. Something IT personal will know what it should look like so it can be audited and secured at point of deployment.

    The thing that has made so many Windows voting machines attackable is that they are some custom bit if hardware that no one normally handles. Realistically you would be better of having to vote by a standard in place bank atm other than the privacy issues. Yes it has a camera it takes a picture of the user.

    Security by obscurity does not work that well.

    Like a raspberry PI with a certified image, mouse, screen and docket printer would make quite a good voting machine. Of course a clear closed box to lock it onto table when certified. Most people can find out exactly what a Raspberry PI should look like. Mouse and screen could be nicked from any old computer around the place so could the docket printer. Of course a Raspberry PI is not absolutely idea as it has a little bit of hidden firmware but it way less than Diebold system.

    Its very hard to tamper with hardware when its in a clear case. Australian Prisons all their PCs are in clear cases. Clear casing reduces tampering to software only.

  25. DrLoser wrote, “Code designed by corporate salesmen.
    Do you have further comment on that unlikely proposition?”

    e.g. Joachim Kempin of M$, “Joachim Kempin (born in 1942) is a German-born businessman and retired Senior Vice President of Microsoft Corporation. He ran Microsoft’s division selling operating software to PC manufacturers for 15 years.”, wrote, in an e-mail to Bill and Steve etc.:
    “This in itself might slow down replacement cycles and life time shortening until we find true MIPS eating applications- a priority not only INTEL should subscribe to.”
    I added the emphasis on the “we” in that quotation. That’s from Exhibit 365 in US DOJ v M$. You could argue he wasn’t actually designing software but he was trumpeting all over M$ what “sales” wanted in software and I think it’s true that he got it with every automatic update when I was teaching.

  26. DrLoser says:

    Well, let’s tally up the week, Robert.

    Code designed by corporate salesmen.

    Do you have further comment on that unlikely proposition?

    Can’t do the MATHS?

    This seems to be your refuge of last resort when somebody else (invidually, or as a corporation) doesn’t come up with the same numbers as you do.

    Perhaps you could formalise this interesting, yet very personal, system for us all?

  27. DrLoser says:

    Web-application for voting can be quite a good choice. The key question what kind of network was the web application on and did it still generate printed ballets. A printed ballet can be like a shopping receipt with a barcode containing the vote. Yes the shopping receipt is a lot less paper than a full ballet sheet.

    None of which has anything to do with my proposition, oiaohm: given current (and as far as I am concerned, future) technology, voting over the Web is a seriously bad idea. Having an HTTP interface in a polling booth with a printed ballot and a barcode is a completely different thing.

    And then you went into your usual unfocussed and uncited ramble about how Windows polling booth systems have always been found to be defective. Maybe they have. But they’re not real common, are they? I believe Diebold still holds what is effectively a monopoly here.

    I could bring “Thin Clients” into the discussion at this point, but why pick at an open sore?

    Anyhow, choice of OS provider aside, the whole thing is a rotten idea at the moment. Here’s one article explaining why.

  28. oiaohm says:

    DrLoser Salesmen are you enemy when it comes to security from the point of view. Salesman want to avoid bad things being said about their product. So salesman don’t want to advertise that the software has faults. Result administrators don’t have the information they should so system not as secure as it should be.

    Web-application for voting can be quite a good choice. The key question what kind of network was the web application on and did it still generate printed ballets. A printed ballet can be like a shopping receipt with a barcode containing the vote. Yes the shopping receipt is a lot less paper than a full ballet sheet.

    http://www.openvotingconsortium.org/ This system still uses hand counting by scanner. I see absolutely no reason why a modern day web application provided over a secure network backed up with printed ballets could not be a suitable solution for voting booths. Yes a double count the ballet box should contain as many votes as people who voted electronically. If a box or the computers are tampered with this kinda of system would detect it.

    Please remember every Windows based voting solution that has ever been using in the USA had been found after the vote to be infected by something. Part of the problem is making Windows Live CD/USB keys technically are only allowed to be used inside your own cooperate hardware. Voting machine Linux/BSD something is is a better fit other than the X11 zombie that will not die. Yes this is another area where people saying Linux will never be desktop so it security does not matter is so badly wrong its not funny.

    Even if Linux remained under 10 percent market share the problem will be that 10 percent will contain a lot of critical stuff. Sooner Linux can get wayland the better. Yes the sooner Nvidia and other release Wayland drivers the better.

    Linux is truly one of the Desktop OS’s who glitch could kill you. The two most likely OS’s types to be blame if a computer glitch kills you is Linux and Windows. You would have to be down right unlucky to be killed by a OS X system.

  29. DrLoser says:

    And on a completely unrelated point, and irrespective of one’s position on FLOSS, I would suggest that having a web-based voting system is a particularly bad choice for any government to make.

    I still have a pathetic, naïve, belief in Participatory Democracy. If you’re not physically present (saving a contingency for postal votes, which are a dubious but necessary requirement, and are at least amenable to audit), then you don’t get to vote.

    Not that I find, say, the Slovenská národná strana remotely concerning in any way, of course. They’re pretty solid on Palestine.

  30. DrLoser says:

    No offence intended, but this is a linguistic anomaly I’ve long wondered about.

    You and me both, ram. I have no wish to limit the question to this site, either, because it seems to be a phrase used all over the Internet.

    I actually have no clue what it’s supposed to mean. It seems to be some sort of short-hand for “I’ve shown you some figures that you didn’t know I was going to show you, but I’m not going to wait for your response. I’ve already made my mind up.”

    In Robert’s case, it’s fairly clear. If the number in question is close to zero, then this is Good Maths. Anything else, and it’s at best Questionable Maths.

    I can sort of see his point, but I don’t see why it needs to be cloaked by an ill-defined imperative like “Do the maths!”

    What’s wrong with something simpler and more immediately relevant like “Just save money?”

  31. DrLoser says:

    They were in total control of the PCs because it’s FLOSS, not code designed by some corporate salesmen, but folks who make software that works for the user.

    It’s always a pleasure to watch you scratching the same old neuroses, Robert. “Code designed by corporate salesmen,” indeed.

    You may imagine that corporate salesmen are some form of omnipotent, multi-talented demi-gods. Presumably you have never met a single one of them.

    I have (in fact, most of the people on this site have — check with ram if you don’t believe me). My experience with the breed suggests that they’re not even capable of writing a watertight contract, because simple legal issues make their tiny little brains explode. The chances of them “designing” software are remote, to say the least.

    It’s a lovely little sound-bite, isn’t it? But on even a cursory examination, it makes no sense whatsoever.

  32. ram says:

    When did the Canuks pick the the lingo “Can’t do the MATHS”? I thought that was strickly an expression of the Australian lower classes, but maybe its origins date far further back than a century. No offence intended, but this is a linguistic anomaly I’ve long wondered about.

Leave a Reply