[E-voting] Source Code

Fergal Daly fergal at esatclear.ie
Mon Mar 22 22:35:57 GMT 2004

On Monday 22 March 2004 21:00, Éibhear wrote:
> I am an average voter by virtue of the fact that I vote. My brother is a 
> voter with legal expertise, and my Father is a voter with security 
> (military) expertise. Everyone, with their own skills and talents, are 
> still average voters if they vote. If their skills or knowledge allow 
> them to better analyse their environment, then others would defer to 
> them when they're curious or concerned. That I have experience in the IT 
> sector most certainly doesn't make me an above-average, or below-average 
> voter, whatever they could be.

You could take "average voter" == "voter" but then the word "average" is 
redundant. When Aengus first said it, it clearly meant "a voter with average 
source code reading skills" and I can't think of any other useful meaning in 
this discussion.

> > Their belief will almost certainly be false. There is noone who can really 
> > understand the source code, they may understand pieces, they may even have 
> > understood every piece at one time or another but there is no one who can 
> > understand it well enough that anyone should take their word for it's 
> > correctness.
> That's an astounding assertion. What happens if some one comes along and 
> proves you wrong?

Do you know or can you imagine someone who could credibly declare that the 
25,000 line C program from NEDAP and the 200,000 line Object Pascal program 
from Powervote are absolutely and unequivocally bug free (or be able to 
reliably list every single bug), even if they wrote them themselves?

How many questions would this genius have to answer correctly before I was 
proved wrong? There's no way to prove that you understand a program so well 
that I should take your word that it is bug free.

Donald Knuth and Linus Torvalds write buggy code, Gauss, Euler and Fermat 
wrote buggy maths theorems, the pentium FDIV bug problem was supposedly due 
to an error in a 10 line script for uploading the division table.

Nobody understands complex software (even their own) well enough that you 
should take their word when they say "it's bug free".

> Would you hold that line with respect to Nedap's or 
> Powervote's understanding of their own source code? Why bother getting 
> the code from these companies at all?

Absolutely and my own code too.

The reason I (and everone else) bother writing and using buggy code is that 
there are often so few apparent bugs that it's quite practical, sometimes 
even pleasant to use.

> Oh, and how do you keep separate those people who understand the various 
> parts and prevent them from pooling their comprehension into a report?

It's like unit testing, it's worth doing but passing all your unit tests 
doesn't guarantee a bug free prorgram. Understanding each component in 
isolation frequently doesn't tell you enough about what will happen when the 
parts come together. There will still be no one who fully understands the 
entire system,


More information about the E-voting mailing list