Slashdot Mirror
Maryland Plans Code Review for Voting Software
asmithmd1 writes "We already knew Diebold software is insecure, now the Baltimore Sun is reporting that the Governor of Maryland has asked SAIC to review the software in Diebold voting machines. Diebold has graciously allowed SAIC access to their proprietary code. Why isn't this code open source by law?" In a related story, a trade show for closed-source electronic voting systems is doing their best to keep critics out. Update: 08/07 15:23 GMT by M : Diebold's website security is less than outstanding.
even if the code is opensource, how can you be sure the voting machine executable has been compiled from the genuine source code ?
Voting via absentee ballot. At least there is a greater chance of my vote not being screwed up or changed.
Anyone who thinks these voting computers are going to be flawless and secure by Nov. 2004 is greatly mistaken.
But for the love of god and all that is holy, WHY are they fighting so hard against paper records? It makes no sense. (unless you are conspiracy-minded) Seriously. I just can't come up with any decent reason that Diebold et al would be so strongly against hooking a printer up to the system to produce a physical record. Much less why our elected officials would buy into such an idea.
Bush: He's Liberal in all the wrong ways.
you need to build it. They're not interested in building it open source apparently. Remember, Diebold makes ATM machines and other commercial products, and they have stiff competition. By the design of their business plan their software won't be open.
So, if you want to see an open source implementation of voting software, something that you can argue is perfect and be able to show the world such, you need to make it. Diebold and their competitors won't.
If you can build the software to make a secure voting system, someone else can design the hardware once the software is ready. That seems to be what people are missing here. Design the system right and the hardware will be built to work. Design the hardware first, and the system will be dependent on whatever wacky design is chosen.
Do not look into laser with remaining eye.
your vote has caused a fatal exception in kernel32.dll - try picking another option
"Why isn't this code open source by law?"
This wouldn't fix the problem of faulty(by design) hardware, lack of audit trails, and no trust in the delivery method.
Sure with open source we can see the code, but that doesn't help if it is compiled by a compiler that you can't see the code for, run on microchips that you can't see the code for, and administered by people you can't trust.
The ``but it should be open source'' comment that gets thrown around in every single story about electronic voting does not take into account everything that happens to the code _AFTER_ we would be able to see it.
Anyway,
here is a link to a page on Electronic Voting:
Dr. Mercuri's Page on Electronic Voting
--xPhase
The following sentence is TRUE. The previous sentence is FALSE.
"If electronic voting becomes the norm (likely), I just won't vote."
The odds are already heavily against your voting currently anyway, so I don't see how this will matter much.
At least we don't use the "Telelection" methodology a'la Max Headroom...
Do not look into laser with remaining eye.
Security through Obscurity is not Inherently Evil.
In this case, it is.
With normal elections, the abilty to tamper with the results are minimal. The reason is that the votes do not end up in one place. In addition, you have several different parties counting at all times (typically Dems and Republicans). With this approach, it offers a single point of entry. It is possible for the votes to be rigged here either directly or indirectly. Somebody could offer 10 to 100 million dollars to the coder or even CEO within the company (keep in mind that some elections are spending a great deal more money to win them these days; apparently it pays off). Or since it may have a unknown opening, only the bad guys would know. Only the problem is that the bad guys would be a party member.
BTW, the orginal bribe may be to simply forget about an opening, rather than the introduction of one. Then the party would simply introduce something to manipulate it nationaly. At that point, they would manipulate close elections. Totally undectable.
I prefer the "u" in honour as it seems to be missing these days.
Seriously. One of the things I do for Comp Sec is change management and version management. There are VERY strict auditing standards that companies like this need to meet. In the US there is a SAS 70 auditing standard that companies need to meet in order to do things like this. Up here in Canada, we call it a Section 5900 but its the same basic idea.
The way it works is, a company says that there are controls in place to assure people that something is or is not happening. If someone wants to test those controls, they'll call in a team of qualified IT auditors and we'll do a Section 5900.
For the 5900, the people hiring us to do the job (could be the company in question, a regulatory board, a judge, a client etc) will draft a list of risks or controls. These controls are things they want to see in place.
So, for a voting machine, the people requesting the 5900 would list controls similar to the following:
-All changes to code are authorized and approved.
-All changes are adequately tested, approved and testing is not carried out by the original developer.
-No changes are introduced to the code after testing.
-Changes are promoted and versioned by someone other than the original programmer.
-Code that is installed into the production system is the same code that was tested and approved.
... and so on.
Then the auditors will go in and verify that these controls exist, that the risks these controls are designed to cover off are adequately covered and that the controls are effective. If a company fails a SAS 70 or a 5900, they usually HAVE to fix the problems.
Also, it usually isn't that hard to get your hands on a Section 5900 or SAS 70 report. Most companies will happy give them out unless they failed them or there are other NDA issues. As a voter, you probably have rights to these reports, and even if you don't, your elected representatives definitely do.
If you think about it, an election is like a high speed race. The only difference is that the voters are behind the wheel. With that in mind, I'm surprised the system allows uninformed voters to actually cast a vote without knowing about the issues and the politicians.
Before you can drive, you take driver's ed. Every election before vote time, there voter's ed should be a requirement. The issues are constantly changing, as well as the politicians. If this was manditory like a driving test (written or hands on, doesn't matter), then the people would be far better informed. Imagine the difference that could make. Imagine the turnout.