[E-voting] Source Code

Éibhear evoting at gibiris.org
Fri Mar 19 14:01:10 GMT 2004


--------- Original Message --------
From: Austin Kinsella <kinsella at itcarlow.ie>

> Putting source code in the public domain is of little benefit, unless
> you also put in place a mechanism to ensure that the published code is
> what has actually run.

All the below is predicated on the assumption that any chosen electronic
voting system uses VVAT.

The advantage of using Free Software is that, if the build mechanism (i.e.
turning the text source code into an operating software program) is
understood, then the mechanism of verification is wholly within the domain
of the Government. This is not true in the case of non-free/closed
source/proprietary (pick your preferred language) systems where thee
developers are more interested in their “intellectual property” than
fostering an maintaining the democracies which are their markets. Some
examples:

+ The DoLGH can directly hire a small team of
software engineers to build the software
packages.
+ The department can hire a consultancy which is
independant of the software developers to do
the same.
+ Mechanisms for verifying the software can be
completely independant of the software
and its build processes.

One scenario would be:

- Department acquires source from main project
web site.
- Engineers in the employ of the department
use whatever cryptographic means offered by
the project to ensure the code arrives onto
the department's systems in the same condition
as when it left the project's server.
- Department hires two consultancies to perform
code walk-throughs, to be independant of
each other.
- Department hires staff to build the software.
- Department develops a process which uses
public key cryptography for signing
and verifying the built software packages.
- At installation time, an appointed officer
of the election process verifies the package
prior actually installing it.

One could change or develop the scenario to a point where the processes of
build and installation are rigourously hedged in security steps (e.g. where
even Bruce Schneier would sign off on it ;-)

My point is that the department need not dedicate resources to the design
and development of the software itself, but can put time, people and money
into ensuring the constitutional requirements for voting are correctly
implemented by whatever software it does choose and the procedures it
implements itself. Right now, because the software is not Free Software or
is not developed in an "Open Source" manner, the whole process seems to be
in the control of two companies. Two companies who deem it easier to change
the definitions of words in the English language ( != "computer" && ==
"machine", "e-" != "electronic", etc.) than to provide VVAT capabilities in
their products.

Mind you, any Free Software project that facilitates the casting and/or
counting of votes is not a responsible project if it doesn't mandate the use
of VVAT.

Éibhear




More information about the E-voting mailing list