Obfuscated Vote Counting Contest

Daniel Horn writes "In a flash of inspiration coming from the Obfuscated C code contest and the current E-voting scandals, I wondered if there shouldn't be a similar code obfuscation contest based on obfuscating voting results, that is, C code that appears correct but does the wrong thing when counting votes. Submit your obfuscated vote-counting code now, and the two winners will be selected on November 2 and will receive a free Vega Strike CD. Obviously incorrect code, however, is not welcome."

Similar to Dr. Rubin's challenge

[bjtuna]

This seems to be similar to Dr. Avi Rubin's [avirubin.com] challenge to the community, which basically states that a team of security specialists and programmers should be given access to the development environment of one of the major DRE machines, by the vendor. The team should then attempt to rig the machine in favor of one candidate, and then submit the machine for approval by the elections board's testing agency. The testing agency doesn't know it's being tested, and doesn't know the machine is rigged. Could they catch the rigged machine as they currently claim? It's the same basic principle as having undercover agents attempt to sneak weapons through airport security.

The paper can be found at:
http://avirubin.com/vote/ita.challenge.pdf [avirubin.com]

Why? Already there!

[DigitalRaptor]

Why create code that distorts the voting results, Diebold has already done it.

My favorite story was a county in Pennsylvania (if I remember correctly, it's in this months Readers Digest) where the electronic voting machine correctly counted all 144,000 votes. Except there were only 19,000 registered voters in the entire county.

We're screwed in this election. It is going to make the 2000 Florida crap look like a cakewalk.

Course at Rice

[offby1]

Dan Wallach is teaching a course [rice.edu] at Rice that, I think, includes this sort of challenge.

Re:I WIN!

[Fjornir]

You're missing something more important than a default case.

Re:I WIN!

[00420]

It has nothing to do with default case. It has to do with the lack of breaks.

Read it again. A vote for kerry means both kerry and bush get a vote. A vote for nader means nader kerry and bush get a vote.

Almost as scary as Florida

[toby]

And a bit trickier than rigging evoting: the Byzantine setup that tilts Venezuelan elections [salon.com]. That should give Vote-Robbing Hood and her cronies some ideas.

It would be interesting if contestants could defeat the statistical methods [salon.com] used to uncover fraud mentioned elsewhere on that blog.

Re:I WIN!

[Tony-A]

It's not the DEFAULT, it's the fall-through.
This is one case where the lack of goto's is harmful.

The body is
yada_yada += 1;
nader += 1;
kerry += 1;
bush += 1;

The cases just determing where the stream is joined.
Anytime nader gets a vote, kerry and bush also get a vote.
Anytime kerry gets a vote, bush gets a vote.

None of the above will fail to register, with or without a DEFAULT.

Re:Course at Rice

[berteag00]

Okay. I know that was an off-hand comment, so I'll forgive you. But next, time perhaps you should check the syllabus [rice.edu] before you go about criticizing what was truly an excellent course. One of the best CS class I took at Rice, actually (just behind Keith Cooper's compiler construction class. [rice.edu])

You'll note that the very first substantial lecture is on ethics.

Re:What the fsck is wrong with this?

[Anonymous Coward]

/* Print results */
printf("Bush: %d\nKerry: %d\nNader: %d\n",
Count(_b),Count(k)(),Count(_n));
return 0;
}

The diffis between:
Count(_b)
Which accesses a variable called for_b

and:
Count(k)()
which calls a function called fork()

Re:I WIN!

[ryanmfw]

I think you misunderstood the point. It's *meant* to do the wrong thing.

registration fraud

[attonitus]

Sadly that's a little too close to what actually may have happened in the fantastically free and fair elections that the west has managed to organise in Afghanistan [bbc.co.uk]

Which made me wonder whether when, during the third debate, President's Bush boasted that, "the first person to vote in that election was a 19 year old girl", he might also have been correct to say that she was the second person, and the third person ...

Re:Similar to Dr. Rubin's challenge

[AsOldAsFortran]

Dr. Rubin has already done this in a class. In CS 600.643: Advanced Topics in Computer Security he has student research methods for malicious code hiding and then as groups, try to hid code to rig the vote in a program. Once done, the groups switch programs and try to find the malicious sections. Groups were given one clean, one dirty and one version picked at random.
Results? Very few sections of malicious code were found, even in this highly controlled environment. The graduate students proved very adept at obsfucation.
I hope Dr. Rubin reports on this in the literature because the results sound fascinating from a keynote address he gave last Friday (Oct. 15 at CCSCE 04). Sounds like a great class assignment.