LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

#CONFIG_DRM_NONSENSE is not set

#CONFIG_DRM_NONSENSE is not set

Posted May 21, 2009 11:00 UTC (Thu) by tialaramex (subscriber, #21167)
In reply to: #CONFIG_DRM_NONSENSE is not set by jimbo
Parent article: Enabling DRM in the kernel?

As the article (you read that, right?) said, an example would be voting machines, some independent authority says that version 1.4.26.8 of the software is OK, this type of technology ensures that every voting machine has 1.4.26.8 on it and isn't "upgraded" to a version that gives half the vote to whoever paid off the software vendor.

I don't happen to like voting machines, a pencil & paper works for me, but lots of US states want machines, and if you want people in those states to know their votes count, trust in the machines must be improved.

I'm sure there are other examples, but as a matter of /social policy/ I don't believe this technology is appropriate in devices sold to individuals (and not just because of DRM), and would cheerfully support a ban on retail sale of devices incorporating a technology which prevents the purchaser from reprogramming them.

(Log in to post comments)

#CONFIG_DRM_NONSENSE is not set

Posted May 21, 2009 13:58 UTC (Thu) by anton (guest, #25547) [Link]

some independent authority says that version 1.4.26.8 of the software is OK, this type of technology ensures that every voting machine has 1.4.26.8 on it and isn't "upgraded" to a version that gives half the vote to whoever paid off the software vendor.
That's right, this technology could ensure that not only the software vendor, but also someone who signs the software gets a share of the spoils (but in practice it will probably all go to the vendor of the voting machine, as they do the software and the signing).

Do the voters or the voting administration have any way to determine which software runs on the machine? Nope.

So the voting machine scenario is just a red herring. And vice versa, treacherous computing will be used to muddle the waters in the discussion about the security of voting machines.

#CONFIG_DRM_NONSENSE is not set

Posted May 21, 2009 16:06 UTC (Thu) by dw (subscriber, #12017) [Link]

I'd happily trust an electronic ballot if its source code and binaries were accessible, and the voting machine printed a hard copy signature based on my vote and the exact software version as recorded in the TXT state.

I don't think such a scenario is far fetched at all.

#CONFIG_DRM_NONSENSE is not set

Posted May 21, 2009 17:19 UTC (Thu) by anton (guest, #25547) [Link]

I'd happily trust an electronic ballot if its source code and binaries were accessible, and the voting machine printed a hard copy signature based on my vote and the exact software version as recorded in the TXT state.
A fine demonstration of the water-muddling aspect I mentioned:

How would you know that the software version on the voting machine corresponds to the available source code and binaries? The only way for you to be sure would be if you and only you held the keys that locked down the machine (and you would also need a way to know that the machine was not replaced with a lookalike, and that there is no hole in the lock-down mechanism). Otherwise this means that you just entrusted the vote to whoever holds the keys.

Apart from that, if the signature is based on your vote, you have just done away with the secret ballot.

I don't think such a scenario is far fetched at all.
Unfortunately you are right. That is certainly one avenue that salespeople of voting machines will try to sustain their business model.

#CONFIG_DRM_NONSENSE is not set

Posted May 21, 2009 17:21 UTC (Thu) by tialaramex (subscriber, #21167) [Link]

“Do the voters or the voting administration have any way to determine which software runs on the machine? Nope.”

As the people who have the key, the voting administration would in fact be the only people who'd decide this. Obviously such a system is useless if you give the key to people you don't trust, I can't believe I needed to write that explicitly.

treacherous computing for voting machines?

Posted May 21, 2009 19:24 UTC (Thu) by anton (guest, #25547) [Link]

As the people who have the key, the voting administration would in fact be the only people who'd decide this. Obviously such a system is useless if you give the key to people you don't trust
So you have replaced a system where any person can check that the votes are cast and counted correctly with one where we have to place blind trust in the voting administration. And if that was not bad enough, it's not the local administration that I had in mind, but some central agency (which makes any manipulation much more effective), and judging from the past, they will just delegate that power to the voting machine vendors.

Note that checking the casting and counting by any person was even possible in East Germany, as I recently heard in a 20-years-after documentation; a few people did that in a few precincts and got a result that had more votes against the ruling party than the official result for the whole country. This embarrassment for the ruling party and the election would not have happened with voting machines (locked-down or not).

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds