[E-voting] UK govt circular mentions open-source e-voting

Craig Burton caburt at alphalink.com.au
Thu Jul 21 12:53:50 IST 2005

Catherine, I add more replies below,


>While the
>vendor has no control over some of these things, neither can a system be
>considered to be secure if they have not been addressed.  (Nor should it be
>promoted as being supposedly secure.)
The term "secure" meant something in the 1950s.
A better term is "hardened".  A system is designed to be hardened for 
the estimated risks and known attacks.
New attacks will be proposed or executed, the system should repel them 
or fail in a manner that exposes the attack.
It doesn't matter if its a human-paper system, a human-machine system or 

In your mind, will any form of automation be applied to voting which 
will be
"hardened" enough?  That is, is there any alternative to paper for both 
poll sites and remote voters?

>In the United States the national and state certification systems have been
>shown to be unenforced and possibly even fraudulent.  
Any federally mandated standards for something like democracy are going 
to be met with resistance by the various States.  It's always been like 
that.  We were at the meeting where the various secretaries of state 
voted to discontinue funding for the EAC after 2006.  It was very heated.
Still, the biggest risk to democracy is apathy, not election security.  
The more the debate widens the more people will get involved, the better 
the final outcome.

>[....] technical experts none of them pointed out the glaring holes and backdoors
>in the code. [...] Only when a Finnish expert was brought over were the problems
>brought to light--even though they are technically obvious.
The implication being that the US inspectors were incompetent or not 
impartial.  Perhaps this is a job for foreign observers? 

>Tampering with the central counting computer is one of the easiest ways to
>manipulate an election.
Yes, because this is where all the votes end up.  Machines with more 
votes in them are more attractive targets.
It is a surprise that BBV didn't look at tally systems until more recently.

>[...]  What's the point of going to elaborate trouble to
>develop open source election equipment, when one then has to trust election
>officials or vendor technicians?  No election system should require
>citizens to take things on faith.
Votes should have the choice to take the system on faith, or look as far 
into it as they need to to be satisfied that it works.  In fact, the 
largest body of citizens who don't take things on faith are the 
volunteers and staff and it is they whom we most rely on to alert us to 
the presence of foul play.

For evoting, this might be maintained if "mutually distrusting parties" 
were able to observe and have control of all systems as they do over the 
paper system.  Is this incompatible with automation?

I've attended e-vote counts in the UK executed by Nedap, no less.  
Evoting and tallying machines are just PCs running windows overseen by 
provider geeks.  This represents the very least that could be done with 
technology for democratic purposes.



More information about the E-voting mailing list