User: Password:
|
|
Subscribe / Log in / New account

Voting machine integrity through transparency

Voting machine integrity through transparency

Posted Mar 27, 2008 9:07 UTC (Thu) by ljt (guest, #33337)
Parent article: Voting machine integrity through transparency

Transparency is impossible as soon as you have a two stages (source and compiled) code
production.
No matter how you lock things (TPM, source review, etc..) the interaction between compiler (a
complicated compiled code) and source code cannot be ensured.

The only solution would be to write directly machine code by hand and have it audited by
independent people. But then you have the processor and its intruction set, etc..

IMHO, the traditionnal hand based process solves all the issues and is much cheaper and
infinitely more trustable. 


(Log in to post comments)

Voting machine integrity through transparency

Posted Mar 28, 2008 10:45 UTC (Fri) by dvdeug (subscriber, #10998) [Link]

The traditional hand-based process isn't much cheaper, which is one of the reasons they're
changing. It's basically not auditable; any sort of recount is very expensive. And do you have
any idea what type of insane, biased software is running on some of the vote counters in the
traditional hand-based process?

Standard off-the-shelf processors and compilers are generally trustworthy. If they give you
the code, you can compile it yourself. Alternately, high-reliability software, like for
airplanes and military applications, will compile without complex optimizations just so they
can audit the assembly and the source code simultaneously. 

Reason for move to machines

Posted Apr 14, 2008 21:38 UTC (Mon) by Max.Hyre (guest, #1054) [Link]

Despite all the hoopla, the real reason machines are being pushed is so the vote is available the instant the polls close—we can't keep CNN waiting, now can we?

Canada manages to do it on paper ballots quite well, thank you. (For an interesting aspect of the method, check out the FAQ Can I eat the ballot?) Given the Canadian example, it's perfectly reasonable for every state to use paper ballots, including California, the most populous.

Voting machine integrity through transparency

Posted Mar 28, 2008 15:40 UTC (Fri) by alkandratsenka (guest, #50390) [Link]

I just wanted to post similar comment.

But I don't think it's impossible. You 'simply' need to audit machine code of one version of
gcc (statically linked) and one version of kernel.

Then you publish this gcc and kernel along with source and then anyone can verify object code
by recompiling it with published certified gcc launched on certified kernel.

Via source code review and usage of certified tools you can then certify other versions of gcc
and kernel more easily.

Something like this should work I think.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds