ES&S Sues Former Workers Over Taking Buggy, Vulnerability-Filled Code

from the why-would-they-bother? dept

Michael Scott alerts us to the news that e-voting firm ES&S has sued two former employees, claiming copyright infringement over code they took with them from ES&S, along with additional trade secrets. I have no idea whether or not this is true, but all I can ask is “why?” As has been documented time and time again, ES&S’s e-voting code has a ton of problems. Remember, these are the machines that have been found to have serious security vulnerabilities, with some serious bugs, such as adding votes to the wrong election, calibration problems that lead to people voting for the wrong candidate, and bugs that resulted in phantom votes. And ES&S is the company that knew about some of these bugs, and let them be used in elections anyway. So if you were going to go off and start your own e-voting company (and it’s not clear these individuals did that), wouldn’t you be better off starting from scratch?

Filed Under: , , ,
Companies: es&s

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “ES&S Sues Former Workers Over Taking Buggy, Vulnerability-Filled Code”

Subscribe: RSS Leave a comment
18 Comments
Money Mike (profile) says:

I think the main thing to realize is that whether it’s buggy code or not, it’s still complete code and it just can’t be all bad. I’m sure there are pieces of it that work well and are quite valuable, so why not use it and build on top of it?

However, even if they consider it “complete” and use it as is, then why shouldn’t they? If ES&S can use it as is, why couldn’t a competitor? More importantly, if these guys are taking code and trade secrets from their former employee, do you really think they would let integrity stand in the way of profit? Keep in mind that they did come from this shady company in the first place.

chris (profile) says:

Re: Re: Re:

You are obviously not a programmer. Debugging bad code is much harder than writing good code the first time.

sure if you intend to use the code to build products from.

if you just want to sell it to competitors or to people interested in rigging elections, then the bugs (0dayz) contained in the code are worth more than the completed code.

Money Mike (profile) says:

Not Surprised

I think the main thing to realize is that whether it’s buggy code or not, it’s still complete code and it just can’t be all bad. I’m sure there are pieces of it that work well and are quite valuable, so why not use it and build on top of it?

However, even if they consider it “complete” and use it as is, then why shouldn’t they? If ES&S can use it as is, why couldn’t a competitor? More importantly, if these guys are taking code and trade secrets from their former employee, do you really think they would let integrity stand in the way of profit? Keep in mind that they did come from this shady company in the first place.

Dark Helmet (profile) says:

Question:

What reasonable person can take a machine that “have serious security vulnerabilities, with some serious bugs, such as adding votes to the wrong election, calibration problems that lead to people voting for the wrong candidate, and bugs that resulted in phantom votes” and NOT realize that this is a purposefu endeavor?

Are we so far gone as a “free” nation that we are no longer all that concerned when the machinations of VOTING are so flawed as to render the whole process meaningless?

hmm says:

When i installed word, I didn’t have to “calibrate” the software so it knew when i pressed A that I wanted the letter A on screen, I didn’t have to worry that if I clicked File/Save that it would (without telling me) decide to change the font size.

All this stuff about “calibrating” votes is 100% bullshit. Its a simple matter of “if button A is pressed then candidate A’s votes=candidate A’s votes+1.

I’ve never been sure why these companies claim that their software is so difficult to fix and make sure votes are correct. the only “difficulty” involved is making sure the software has a reasonable level of security (a basic web-connected interface with 2 buttons that sends info on the button pressed (encrypted) would be sufficient…and virtually hack-proof as theres nothing to actually exploit in there.

Chronno S. Trigger (profile) says:

Re: Re:

“When i installed word, I didn’t have to “calibrate” the software so it knew when i pressed A that I wanted the letter A on screen”

No, but if you have a touch screen display (like most voting machines), you have to calibrate it to make sure that when you hit the A on the screen it types A instead of the S beside it. That’s still something that should be insanely easy and should be a one time thing.

R. Miles (profile) says:

Start from scratch? This isn't the 70s, Mike.

So if you were going to go off and start your own e-voting company (and it’s not clear these individuals did that), wouldn’t you be better off starting from scratch?
Better yet, why not take what’s broken and fix it, as this would be faster than starting from scratch and get the business up and running much faster.

I would speculate these employees may know exactly what’s wrong with the code in order to take it to begin with.

That alone should make one wonder about it. But hell, what do I care.

Corporate America owns every damn politician anyway, so it doesn’t matter who gets “voted” in.

anymouse (profile) says:

I'm with Miles

“I would speculate these employees may know exactly what’s wrong with the code in order to take it to begin with.”

I would go a step farther and say that perhaps these two are the ones who were ‘encouraged’ to break the code in the specified manner in order to get it to do what ES&S wanted it to do (Dropped votes, misplaced votes, phantom votes…. these sound like designed ‘features’ to me). Nothing pisses off a programmer more than taking the excellent work they did and asking them to ‘break’ it in specific ways. Perhaps these two got tired of all the crap and decided to take their code so they could clean it up to do what it was intended to do, not what ES&S Twisted it into.

What better way to shut them up then to drop them and file suit against them. If they did stand up and say ES&S made us write ‘buggy’ code on purpose, who would believe them now?

Or perhaps my tinfoil hat is just a little tight today….

hmm says:

final note…i assume there aren’t 26 buttons on a voting screen…”please type the name of your candidate here..spelling errors invalidate your vote”…

so why isnt the screen simply split into large chunks, where calibration wouldn’t be needed.
You press for your candidate..it comes up with “you have chosen….NAME…..are you sure?” with big yes/no buttons underneath.

Then shows a final third screen “you voted for NAME…vote recorded”…no fancy interface just plain text…

That way if the vote suddenly “accidentally” goes to the wrong candidate we’d have 100% proof that the election was rigged and whoever created the voting machine could be charged with treason.

Leave a Reply to Anonymous Coward Cancel reply

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...