| |||||||||||||
|
| |||||||||||||
Will 'controlled open source' software take over election work? (NewsForge)Will 'controlled open source' software take over election work? (NewsForge)Posted Aug 19, 2004 20:19 UTC (Thu) by JoeBuck (subscriber, #2330)In reply to: Will 'controlled open source' software take over election work? (NewsForge) by jabby Parent article: Will 'controlled open source' software take over election work? (NewsForge) I would be satisfied with a paper printout for every vote that is checkable by the voter (printed out in large type for easy reading by the elderly), then dropped into a locked box for use in recounts as well as for cross-checking. The code need not be open source, however, it would need to be made available in source form to trusted third parties (including opponents of software voting machines) for inspection and review, with no restrictions placed on the inspectors that harm their ability to report flaws to the public. Regardless of whether the code is open source or not, the third-party inspectors should verify the process for producing the binary code (possibly by running the build process themselves with the specified software development tools, and checking that the binaries match). Open source would be nice, but it's not a necessary condition for confidence in the election, and that's the problem that vitally needs to be fixed.
(Log in to post comments)
open source necessary condition for voter confidence Posted Aug 20, 2004 2:49 UTC (Fri) by jabby (subscriber, #2648) [Link] I don't trust any third party... or even a couple of them. I want to be able to review the code myself and to have the local computer science department perform a code review and the military and all interested political parties and the foreign governments who are affected by our political choices... Yes, everyone should be able to inspect the code. No more "trade secret" or "competitive advantage" whining from the companies who are making money hand over fist at the taxpayers' expense.
Remember Linus' Law: "Given enough eyes, all bugs are shallow." How long do you think it would take for *someone* *somewhere* in the world to find subverted code? With as much as there is at stake in the general election, my guess is "not long." When the Diebold source was leaked on the internet it took very little time for computer scientists to examine the code and find dozens of critical weaknesses.
Also, the compiler has to be open source and inspectable as well. I'm not forgetting the famous backdoor-inserting compiler hack by Ken Thompson:
http://www.acm.org/classics/sep95/
This actually demonstrates that you can't trust any program that handles programs, but I would still maintain that you are *far* better off with open source than with closed source. With closed source, only those "trusted parties" (who sign NDAs and are therefore bound in ways that make them untrustworthy) can see the source code and try to compile it and verify the binary. That's when you have the problem of closed source compilers and the inability to verify that the binary produced actually obeys the code that you approved and fed to it.
As for confidence in the election, I fail to see how closed-source (secret) software running on closed-source, proprietary operating systems and inspected by only a few "trusted parties" is going to inspire confidence. In general, people are smart enough to know that transparency is good and trustworthy and that wherever something is hidden from public view there resides the temptation to deceive the public.
open source necessary condition for voter confidence Posted Aug 20, 2004 17:59 UTC (Fri) by tzafrir (subscriber, #11501) [Link] You should realise though, that the "software" is the whole stack, not only the the voting software itself.
Backdoors cdan be added in the underlying OS. Quite easily.
But you can go even further: What about the firmware of the CPU? The firmware of the BIOS? The firmware of the disk controller?
|
|
||||||||||||