Comments on: Open Source and Voting Machines

By: TimTheFoolMan

TimTheFoolMan — Mon, 29 Sep 2008 15:18:17 +0000

Ultimately, using open source to review the code is a partial solution at best. If officials have the opportunity to test a system end-to-end (and the system has no way to determine whether it’s running the “real” election or the test), the high volume testing that California has proposed would make it difficult to create a trojan that presumed a test based on volume, and therefore didn’t hack specific results.

I understand the call for open source, but I think it’s the kind of thing that could engender a false sense of security. If you’re blindly trusting the hardware and firmware, reviewing only the source is a bit lame. – Tim

By: Bloor Robin

Bloor Robin — Sun, 28 Sep 2008 17:32:05 +0000

Steve

Thanks for the feedback. I’m pleased that something intelligent is being done. The mere suspicion of voter fraud and stolen elections undermines the whole democratic process.
The idea of completely forbidding internet connection seems a little bizarre since it implies that no connection via the Internet can be secured and that is simply not the case. A better idea would be to forbid all unsecured internet connection.
It’s an important point because, in what I’m suggesting, you need 2 data paths back to a central point in order to ensure that no votes are compromised on the way back.
Having a dual process system where one process uses the Internet and the other doesn’t seems sane to me.
The system I’ve mooted in the posting could work without Internet connection, but it would make it unnecessarily complex.

By: Steve

Steve — Sun, 28 Sep 2008 13:50:49 +0000

The new Voluntary Voting System Guidelines (VVSG) has been undergoing a review for more than a year including a request for public comments. Visit http://www.eac.gov/vvsg if you want to review the 598 page document. These guidelines have numerous and significant changes that will change the voting process in years to come.

The new certification guidelines REQUIRE that new voting processes shall be SOFTWARE INDEPENDENT. This does not mean that no software is permitted. The definition of “software independence” is that any software failure will not change the outcome of the election. This requirement is intended to increase voter confidence that their vote is counted as intended.

The use of connectivity to the Internet is expressly forbidden as is the use of wireless including Bluetooth. Infrared is however permitted.

Also, a new class of voting processes is going to be created for INNOVATIVE systems. The EAC (Election Assistance Committee) realizes that they may not be able to write today appropriate guidelines for processes that have not yet been created. To encourage innovation the VVSG allows for innovators to bring to the EAC new processes, systems, technologies and they will design guidelines that permit certification if warranted.

Robin you have made a good point suggesting that there be multiple processes that can independently count the vote and have them reconciled. The new VVSG will encourage these types of solutions.