On Wed, Aug 13, 2008 at 5:58 AM, James P. Kinney III <jkinney@xxxxxxxxxxxxxxxxxxxxx>
On Tue, 2008-08-12 at 23:55 -0700, Bill Ries-Knight wrote:I must strongly disagree that that open source programming is relegated
> I have been around the block on voting systems for years and have come
> to the conclusion that neither Traditional OpenSource nor Traditional
> proprietary code will do the task.
> For routine things, opensource is great. For SECURE systems, not so
to the routine tasks. The issue with electronic voting is transparency.
The only security requirements are that the code does what it is
supposed to do and ONLY what it is supposed to do. That, too, is handled
by the principles of transparency that only open source programming
The concern is the possibility, with open source code, that a pre zero day flaw is discovered and manipulated in some fashion. I do suggest that the more restrictive the views, the less likely the bad hats of hacking will meet up with the bad hats of politics and run some nefarious scheme. You are right in that open source offers transparency, but it also opens up that other world.
With closed but "verified" source this only expands the number of people
required to effect fraud by a few. It also makes real programming
mistakes (the accidental ones that are going to exist in nearly any
project) visible to fewer eyes for resolution.
And this is the reason that open source is only a "not so much" for security. There is a need for anyone with the appropriate level of "Need to Know" to be able to look over the source code. In the United States there are over a 1,000 County/Parish level election jurisdictions. There are 50 States plus the Federal Government. Until now the process has been "Closed Proprietary Systems" where testing is performed in a sterile environment. The vendor prepares the systems and monitors the testing, and no one is allowed to see the software that makes the black box run.
The Federal Government has an office that takes care of this testing and the tests are run behind sealed doors. Once passed by the Feds, that is good enough for everyone.
. Only a select few see the process. This has to come to a screeching stop. If one of those 1,000 plus jurisdictions wants to examine the systems for safe stable code, they should be able to do so. This minimizes the closed nature. But at the same time, would you want the security software at a Nulear Weapons Material Facility for the USA be availible to international crime syndicates or National Governments that have a desire to see some objective met in an election. Elected Government Persons often have access to secure information that would otherwise be well above their pay grade.
I have come to the conclusion that every aspect of the voting process
must be fully open for analysis by everyone. From the design and
components of the machines hardware to the process used to count,
verify, tally and present the scores, every aspect must be fully
available for review by everyone who wants to review it.
And this is where we disagree. Not just "Everyone" on the street should have access.
I personally like the big touchscreen displays. It makes the choosing
process quite simple. What I would like to see produced by these
touchscreens is only a single, card stock ballot that is printed, in
easy to read text, with an <office>=<choice> pattern. This can be
verified by humans and quickly counted by machine. We have the
technology to do this. Further, I would like to see the counting
machines produced by a separate company from those that make the
balloting machines. I also want to be able to feed my newly-printed
ballot into a counting machine and be able to verify that that machine
has correctly read my ballot accurately.
I too love the touch screens that you mention for the same reasons. Yours is a differnt solution to the hardcopy version of a vouchsafe tracking. The printed rolls, in reality, are more secure because each transaction, good or bad, is counted. With the card there can arise other issues. The big reason that we don't want to have a "free copy" of the votes in the wild is the sale of votes. There are good aspects to your solution, but very negative ones as well.
In other words, I want full accountability for every aspect of what the
Constitution describes as my right to vote. Closed-source does not, and
can not, fulfill that requirement.
And I agree. TRADITIONAL open source has issues as I noted above. Open source, yes. Universal access, no. Perhaps there is a need to consider a limited access version of a license.
> my FWIW.
> On Mon, Aug 4, 2008 at 3:20 AM, Joel Kahn <jj2kk4@xxxxxxxxx
> Here's an angle on FLOSS principles
> applied to electronic voting systems:
> Be sure to look at the responses; this
> posting really brought lots of analytical
> nerds out of the woodwork.
> I'm thinking the topic might have educational
> value at the college level--maybe even high
> school? Any ideas for ways to fit this into
> a curriculum somehow?
James P. Kinney III
CEO & Director of Engineering
Local Net Solutions,LLC
GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Why you have the wrong view.
Respect the process, Vote.