[E-voting] Source Code

Fergal Daly fergal at esatclear.ie
Fri Mar 19 18:10:13 GMT 2004


On Fri, Mar 19, 2004 at 05:36:46PM -0000, Aengus Lawlor wrote:
> > "All the below is predicated on the assumption that any chosen
> > electronic voting system uses VVAT."
> 
> At which point, your philosophical preference for a particular licensing
> scheme for the software becomes irrelevant. Once you acknowledge that
> VVAT is necessary because it provides an independent mechanism for
> verifying the result of an election, the argument about whether "open
> source" or "free software" is any more or less trustworthy than
> "commercial software" becomes utterly irrelevant to the issue at hand,
> because VVAT negates the ability of whoever controls the balloting
> software to subvert the process.

I actually think that this is one situation where open source might be less
desirable from a security point of view than closed source.

Many holes are found in closed source software by poking and prodding
various interfaces with unexpected data and seeing what happens. This
requires access to a working copy, something you'll only get once every year
or so with an evoting machine.

With open source source you can find hole by examining the source code and
you also get unlimited access to a working copy of the software.

Studies have found both development  methodologies to be in the same
ballpark with respect to number and severity of security holes.

On the open source version, you have a situation where black hats and white
hats can continue at their usual pace, however the black hats' save up their
attacks until the election. This means it's not like other applications
where one guy gets cracked and everyone else fixes their own machine. This
gives the black hats an opportunity to own the election which could mean 5
(or many more) years of power.

On the closed source version, there are fewer white hats but the black hats
have no access to source code and no working copy to play with. It's game
over for the black hats.

Of course this assumes the black hats can't get a copy of the closed source
and harware to run it. However this will be true for almost all black hats.

I still want an open source version though!

F




More information about the E-voting mailing list