Different election types

[Henrik Ingo]

Hi

Last night, after some creative implementation of installation
instructions, I managed to install Helios.

I can't find much documentation on the meaning of some options when
creating an election. What is the difference between:

Election vs referendum

Result type: absolute vs relative

Selecting min and max choices: How is this enforced by the algorithm?
How are multi-choice selections summed?

Thanks!

henrik

--
henri...@avoinelama.fi
+358-40-8211286 skype: henrik.ingo irc: hingo
www.openlife.cc

My LinkedIn profile: http://www.linkedin.com/profile/view?id=9522559

[Ben Adida]

On Mon, Jan 28, 2013 at 12:42 AM, Henrik Ingo <henri...@avoinelama.fi> wrote:

Last night, after some creative implementation of installation
instructions, I managed to install Helios.

What troubles did you have? Have you seen the new branch:

 https://github.com/benadida/helios-server/tree/new-packaging

and its installation instructions:

 https://github.com/benadida/helios-server/blob/new-packaging/INSTALL.md

Those might make things easier. 

I can't find much documentation on the meaning of some options when
creating an election. What is the difference between:

Election vs referendum

purely cosmetic.

 

Result type: absolute vs relative

mostly cosmetic: it will highlight winners at the end based on whether the margin should be absolute or relative.

 

Selecting min and max choices: How is this enforced by the algorithm?

That's relatively well documented at:

http://documentation.heliosvoting.org/verification-specs/helios-v3-verification-specs

High-level: there's a range-proof that the sum of all your individual choices (which are individual proven to be 1 if you picked the candidate, or 0 if you didn't) lies between the min and max defined for that question.

 

How are multi-choice selections summed?

It's basically approval voting: each candidate gets the number of votes cast for him/her. If you vote for 3 candidates, each gets a point.

-Ben

[Henrik Ingo]

On Mon, Jan 28, 2013 at 5:07 PM, Ben Adida <b...@adida.net> wrote:
> On Mon, Jan 28, 2013 at 12:42 AM, Henrik Ingo <henri...@avoinelama.fi>
> wrote:
>>
>> Last night, after some creative implementation of installation
>> instructions, I managed to install Helios.
>
>
> What troubles did you have? Have you seen the new branch:
>
> https://github.com/benadida/helios-server/tree/new-packaging
>
> and its installation instructions:
>
> https://github.com/benadida/helios-server/blob/new-packaging/INSTALL.md

No, I just went with

what is up on the website at:
http://documentation.heliosvoting.org/install

I was actually going to share it separately, but I did take notes of
what I had to do differently:
https://github.com/henrikingo/solon-voting/blob/master/docs/helios-install-howto.md

The high level of it anyway is:
- When trying with Ubuntu 10.04, some of the python modules don't
really work on such old base ubuntu anymore. For example some of them
seemed to require python 2.7, I think.
- With Ubuntu 12.04 or newer, it works better, but Helios really
needs Django 1.2 so once you get to the reset.sh script, it will not
work as the model for auth_user table fails on Django 1.3.

So the solution was to use Ubuntu 12.04 but manually install Django
1.2 from tarball.

>
> Those might make things easier.
>

Looks terribly simple indeed! If it actually works, please consider
updating the installation docs on the website too.

>> I can't find much documentation on the meaning of some options when
>> creating an election. What is the difference between:
>>
>> Election vs referendum
>
> purely cosmetic.

Thanks :-)

>> Result type: absolute vs relative
>
>
> mostly cosmetic: it will highlight winners at the end based on whether the
> margin should be absolute or relative.

You mean whether I need 50% of the votes or 15 votes to win? Maybe I
should complete my mock election and it will become clearer...

>> Selecting min and max choices: How is this enforced by the algorithm?
>
>
> That's relatively well documented at:
>
> http://documentation.heliosvoting.org/verification-specs/helios-v3-verification-specs
>
> High-level: there's a range-proof that the sum of all your individual
> choices (which are individual proven to be 1 if you picked the candidate, or
> 0 if you didn't) lies between the min and max defined for that question.

Ok, makes sense.

[Stéphane Glondu]

Le 28/01/2013 19:25, Henrik Ingo a �crit :

> I was actually going to share it separately, but I did take notes of
> what I had to do differently:
> https://github.com/henrikingo/solon-voting/blob/master/docs/helios-install-howto.md

These instructions should also work on a reasonnably recent Ubuntu:

https://github.com/glondu/helios-server/blob/wip/QUICKSTART.txt

> - With Ubuntu 12.04 or newer, it works better, but Helios really
> needs Django 1.2 so once you get to the reset.sh script, it will not
> work as the model for auth_user table fails on Django 1.3.

Django 1.2 is no longer supported by upstream authors and should not be
used any more. There is also a fix for Django 1.3 (and 1.4) in my
repository.


Cheers,

--
St�phane

[Henrik Ingo]

On Mon, Jan 28, 2013 at 5:07 PM, Ben Adida <b...@adida.net> wrote:
> What troubles did you have? Have you seen the new branch:
>
> https://github.com/benadida/helios-server/tree/new-packaging
>
> and its installation instructions:
>
> https://github.com/benadida/helios-server/blob/new-packaging/INSTALL.md
>

> Those might make things easier.

These instructions lack instructions for installing
postgresql-server-dev, gcc/build-essential, and maybe something python
related (what does pip come with?).

Also, it would be useful to separate optional stuff (in this case
virtualenv) from the bare necessities (helios proper). For example, I
already use Vagrant/Virtualbox to have a dedicated helios guest
instance, so virtualenv is superfluous.

On Thu, Jan 31, 2013 at 12:56 PM, Stéphane Glondu <st...@glondu.net> wrote:
> These instructions should also work on a reasonnably recent Ubuntu:
>
> https://github.com/glondu/helios-server/blob/wip/QUICKSTART.txt

Correct link nowadays is
https://github.com/glondu/helios-server/blob/wip/QUICKSTART.md

But other than that it works exactly as per instructions. Thanks.


Some more usability feedback:

I think I'm not the only one on this list that hesitated a bit to use
the Google login mechanism when I just want to test in a dev
environment. Mostly this is just being suspicious of new things - for
example it turns out using Google Account even when I setup Helios to
only work on localhost seems to work just fine.

But I suppose there are many people who would be more comfortable if
the first time they could just use a local username/password login to
start exploring. Also, with this method I'm left with the feeling I
probably don't have 100% administrator rights. It would feel more
convincing for a first timer if I could login with, say, "admin" and a
password.

***

After bulk uploading users, I can't seem to send them emails. When I
click on an [email] link next to a user, I get 403 Forbidden. The
debug output shows:

2013-02-18 21:08:30,637 DEBUG (0.012) SELECT "helios_election"."id",
"helios_election"."admin_id", "helios_election"."uuid",
"helios_election"."datatype", "helios_election"."short_name",
"helios_election"."name", "helios_election"."election_type",
"helios_election"."private_p", "helios_election"."description",
"helios_election"."public_key", "helios_election"."private_key",
"helios_election"."questions", "helios_election"."eligibility",
"helios_election"."openreg", "helios_election"."featured_p",
"helios_election"."use_voter_aliases",
"helios_election"."use_advanced_audit_features",
"helios_election"."cast_url", "helios_election"."created_at",
"helios_election"."modified_at", "helios_election"."frozen_at",
"helios_election"."archived_at",
"helios_election"."registration_starts_at",
"helios_election"."voting_starts_at",
"helios_election"."voting_ends_at",
"helios_election"."complaint_period_ends_at",
"helios_election"."tallying_starts_at",
"helios_election"."voting_started_at",
"helios_election"."voting_extended_until",
"helios_election"."voting_ended_at",
"helios_election"."tallying_started_at",
"helios_election"."tallying_finished_at",
"helios_election"."tallies_combined_at",
"helios_election"."voters_hash", "helios_election"."encrypted_tally",
"helios_election"."result", "helios_election"."result_proof",
"helios_auth_user"."id", "helios_auth_user"."user_type",
"helios_auth_user"."user_id", "helios_auth_user"."name",
"helios_auth_user"."info", "helios_auth_user"."token",
"helios_auth_user"."admin_p" FROM "helios_election" INNER JOIN
"helios_auth_user" ON ("helios_election"."admin_id" =
"helios_auth_user"."id") WHERE "helios_election"."uuid" =
'7c8bdb4e-7a0b-11e2-b3c5-08002710ab51' ;
args=(u'7c8bdb4e-7a0b-11e2-b3c5-08002710ab51',)
2013-02-18 21:08:30,644 DEBUG (0.005) SELECT
"django_session"."session_key", "django_session"."session_data",
"django_session"."expire_date" FROM "django_session" WHERE
("django_session"."session_key" = '19944bbf35ebc63839c6cd2675ae85a5'
AND "django_session"."expire_date" > '2013-02-18 21:08:30.638216' );
args=('19944bbf35ebc63839c6cd2675ae85a5', u'2013-02-18
21:08:30.638216')
2013-02-18 21:08:30,651 DEBUG (0.002) SELECT "helios_auth_user"."id",
"helios_auth_user"."user_type", "helios_auth_user"."user_id",
"helios_auth_user"."name", "helios_auth_user"."info",
"helios_auth_user"."token", "helios_auth_user"."admin_p" FROM
"helios_auth_user" WHERE ("helios_auth_user"."user_id" =
'henri...@gmail.com' AND "helios_auth_user"."user_type" = 'google'
); args=(u'henri...@gmail.com', 'google')
[18/Feb/2013 21:08:30] "GET
/helios/elections/7c8bdb4e-7a0b-11e2-b3c5-08002710ab51/voters/email?voter_id=bob
HTTP/1.1" 403 22



Help is appreciated!

[Henrik Ingo]

On Mon, Feb 18, 2013 at 11:14 PM, Henrik Ingo <henri...@avoinelama.fi> wrote:
> After bulk uploading users, I can't seem to send them emails. When I
> click on an [email] link next to a user, I get 403 Forbidden. The
> debug output shows:

Ah. Seems like I simply had not installed mailutils nor exim. Now I
can send out the emails in bulk or one-by-one, and complete the
election. Thanks.

[Ben Adida]

Hi Henrik,

On Mon, Feb 18, 2013 at 1:14 PM, Henrik Ingo <henri...@avoinelama.fi> wrote:

These instructions lack instructions for installing

postgresql-server-dev, gcc/build-essential, and maybe something python
related (what does pip come with?).

Good point, I will update them accordingly.

 

Also, it would be useful to separate optional stuff (in this case
virtualenv) from the bare necessities (helios proper). For example, I
already use Vagrant/Virtualbox to have a dedicated helios guest
instance, so virtualenv is superfluous.

Increasingly, I think it's best to use virtualenv by default. The reason is to prevent dependency hell. If you're fluent in Vagrant and want to set it up that way, that's great, but certainly virtualenv isn't going to hurt you, I don't think?

 

I think I'm not the only one on this list that hesitated a bit to use
the Google login mechanism

Yes, agreed. The thing is, I don't really want to add yet another email/password mechanism to the web. So I'm actually thinking of switching to Mozilla Persona by default (https://persona.org). Yes, of course, I'm biased, but then again Mozilla Persona is built to be truly federated and certainly no worse (and actually lots better) than yet another password database.

How would you feel about that option?

-Ben

[Henrik Ingo]

On Tue, Feb 19, 2013 at 4:59 PM, Ben Adida <b...@adida.net> wrote:
>> Also, it would be useful to separate optional stuff (in this case
>> virtualenv) from the bare necessities (helios proper). For example, I
>> already use Vagrant/Virtualbox to have a dedicated helios guest
>> instance, so virtualenv is superfluous.
>
>
> Increasingly, I think it's best to use virtualenv by default. The reason is
> to prevent dependency hell. If you're fluent in Vagrant and want to set it
> up that way, that's great, but certainly virtualenv isn't going to hurt you,
> I don't think?

Well, I don't know what virtualenv is or what drawbacks it might have,
but since I work with virtual instances I know I don't need it.

All I'm saying, just separate it into its own section so I can skip it
when I understand that I can skip it. (Of course, I already can figure
out how to skip it, but making it a sub-section would be user
friendly.) Stephane did the same with kvm/qemu stuff at
https://github.com/glondu/helios-server/blob/wip/QUICKSTART.md

Btw, the section "Dealing with mails" was also worth gold in those instructions.

>>
>> I think I'm not the only one on this list that hesitated a bit to use
>> the Google login mechanism
>
>
> Yes, agreed. The thing is, I don't really want to add yet another
> email/password mechanism to the web. So I'm actually thinking of switching
> to Mozilla Persona by default (https://persona.org). Yes, of course, I'm
> biased, but then again Mozilla Persona is built to be truly federated and
> certainly no worse (and actually lots better) than yet another password
> database.
>
> How would you feel about that option?

Uh.... At least I have a Google, Facebook, Twitter account and for
your average user they are likely to have at least one but maybe all
of those three. But I don't have a Mozilla Persona account, so that
would raise the threshold even more.

Really, what I'm asking for is just a one-liner either in
documentation or in reset.sh that I could choose to run a command and
get an account with
username: admin
password: password
I know that this account has all rights and can do anything that is
possible to do in the web interface.

[Ben Adida]

On Tue, Feb 19, 2013 at 1:12 PM, Henrik Ingo <henri...@avoinelama.fi> wrote:

Well, I don't know what virtualenv is or what drawbacks it might have,
but since I work with virtual instances I know I don't need it.

Ahah, I see the confusion. It's not a virtual machine. It's an isolated python environment.

So it's not a question of whether you need it or not, it's the method I'm looking at to make sure Helios python dependencies can be safely pulled in without modifying the rest of your system. Even if you choose to run this in a VM.

 

All I'm saying, just separate it into its own section

I can't do that, you won't be able to skip it. I'm looking at making this the de-facto way of installing Helios, as it is simpler and better in every way I can see so far. And it will not slow you down, again, it's not a VM, just an isolated Python env.

 

Uh.... At least I have a Google, Facebook, Twitter account and for
your average user they are likely to have at least one but maybe all
of those three. But I don't have a Mozilla Persona account, so that
would raise the threshold even more.

I can see how that is confusing, but in fact Mozilla Persona is only about outsourcing the password storage so that each site doesn't have to do it securely (which is quite tough.) In any case, I'll prototype this so you can see what I'm talking about :)

-Ben

[Henrik Ingo]

On Tue, Feb 19, 2013 at 11:18 PM, Ben Adida <b...@adida.net> wrote:
>> Well, I don't know what virtualenv is or what drawbacks it might have,
>> but since I work with virtual instances I know I don't need it.
>
>
> Ahah, I see the confusion. It's not a virtual machine. It's an isolated
> python environment.

I know that. The point is just that since I have a dedicated server
already, I know I probably don't need this.

>
> So it's not a question of whether you need it or not, it's the method I'm
> looking at to make sure Helios python dependencies can be safely pulled in
> without modifying the rest of your system. Even if you choose to run this in
> a VM.
>> All I'm saying, just separate it into its own section
>
>
> I can't do that, you won't be able to skip it. I'm looking at making this
> the de-facto way of installing Helios, as it is simpler and better in every
> way I can see so far. And it will not slow you down, again, it's not a VM,
> just an isolated Python env.
>

If you insist to keep it there (and maybe there is a benefit from QA
point of view in enforcing the same installation steps on everyone)
then maybe go the opposite way than what I suggested: just have it
there as one of the packages to install along with build-essentials
and postgresql-server-dev and others, and don't make a big issue out
of it at all. Then I'll just copy paste whatever commands you are
telling me to use.

If you try to explain what virtualenv is, then I will start second
guessing you on whether it is needed.

>> Uh.... At least I have a Google, Facebook, Twitter account and for
>> your average user they are likely to have at least one but maybe all
>> of those three. But I don't have a Mozilla Persona account, so that
>> would raise the threshold even more.
>
>
> I can see how that is confusing, but in fact Mozilla Persona is only about
> outsourcing the password storage so that each site doesn't have to do it
> securely (which is quite tough.) In any case, I'll prototype this so you can
> see what I'm talking about :)

If you are saying I could simply use Mozilla Persona without having to
register myself there, then maybe. Still, when I'm setting up a test
box to test something I never used before, I'm kind of looking to just
use it as a black box and would like to first try something that
doesn't depend on the outer world. Cleartext passwords in Postgres is
completely fine for that usage.

As an example, the way Stephane instructs me to read the exim mail
delivery queue is right on the money. I'm not actually planning to
deliver mail to anyone at all (by default it is set to send status
email messages to you!). So the way Stephane recommends to read mails
from exim is exactly what I want to do (and have done with other
similar software too).

Note that all of what I'm proposing is perhaps not so useful as
default settings and at least not sensible for production use
(obviously). I'm just trying to explain the user story of someone
testing Helios for the first time.

[Stéphane Glondu]

Le 19/02/2013 22:33, Henrik Ingo a écrit :
> If you are saying I could simply use Mozilla Persona without having to
> register myself there, then maybe. Still, when I'm setting up a test
> box to test something I never used before, I'm kind of looking to just
> use it as a black box and would like to first try something that
> doesn't depend on the outer world. Cleartext passwords in Postgres is
> completely fine for that usage.

I don't have a strong opinion about what should be the default
authentication system, but for development, even typing a password is
cumbersome. Therefore, I've created a "dummy" authentication system,
available in my master branch. Just use "dummy" instead of "google" in
settings.py, and authentication will just ask you for a login (it's
useful to be able to log in with several identities) and whether you
want to be admin or not. I prefer that approach instead of cleartext
passwords in Postgres to avoid a false sense of security.


Cheers,

--
Stéphane

[Henrik Ingo]

This sounds wonderful! Could you please advertise this a bit more, for
example put this in settings.py:

# For testing purposes, you can omit asking for a password altogether
# AUTH_ENABLED_AUTH_SYSTEMS = ['dummy']
# AUTH_DEFAULT_AUTH_SYSTEM = 'dummy'

[Stéphane Glondu]

Le 19/02/2013 23:11, Henrik Ingo a �crit :

> This sounds wonderful! Could you please advertise this a bit more, for
> example put this in settings.py:
>
> # For testing purposes, you can omit asking for a password altogether
> # AUTH_ENABLED_AUTH_SYSTEMS = ['dummy']
> # AUTH_DEFAULT_AUTH_SYSTEM = 'dummy'

Done [1], with an update in the quickstart guide [2].

[1] https://github.com/glondu/helios-server/commit/ca7c8c95fd7c61fcf6
[2] https://github.com/glondu/helios-server/blob/master/QUICKSTART.md

Thank you for your feedback!


Cheers,

--
St�phane

[Stéphane Glondu]

Le 19/02/2013 15:59, Ben Adida a �crit :

> Yes, agreed. The thing is, I don't really want to add yet another
> email/password mechanism to the web. So I'm actually thinking of
> switching to Mozilla Persona by default (https://persona.org). Yes, of
> course, I'm biased, but then again Mozilla Persona is built to be truly
> federated and certainly no worse (and actually lots better) than yet
> another password database.

That looks great! (And I'm not a Mozilla employee ;-) What is the status
of this authentication module in Helios? Would you recommend it? Why
hasn't it been merged into your master branch yet?


Cheers,

--
St�phane

[Ben Adida]

On Wed, Feb 20, 2013 at 1:54 AM, Stéphane Glondu <st...@glondu.net> wrote:

That looks great! (And I'm not a Mozilla employee ;-) What is the status
of this authentication module in Helios?

Experimental side branch for now.

 

Would you recommend it?

Not quite yet, I think because Persona is a smoother flow, it needs a bit more tweaking on the auth_systems front.

 

Why
hasn't it been merged into your master branch yet?

Mostly because of my schedule :)

-Ben