[E-voting] UK govt circular mentions open-source e-voting
caburt at alphalink.com.au
Thu Jul 21 12:53:50 IST 2005
Catherine, I add more replies below,
>vendor has no control over some of these things, neither can a system be
>considered to be secure if they have not been addressed. (Nor should it be
>promoted as being supposedly secure.)
The term "secure" meant something in the 1950s.
A better term is "hardened". A system is designed to be hardened for
the estimated risks and known attacks.
New attacks will be proposed or executed, the system should repel them
or fail in a manner that exposes the attack.
It doesn't matter if its a human-paper system, a human-machine system or
In your mind, will any form of automation be applied to voting which
"hardened" enough? That is, is there any alternative to paper for both
poll sites and remote voters?
>In the United States the national and state certification systems have been
>shown to be unenforced and possibly even fraudulent.
Any federally mandated standards for something like democracy are going
to be met with resistance by the various States. It's always been like
that. We were at the meeting where the various secretaries of state
voted to discontinue funding for the EAC after 2006. It was very heated.
Still, the biggest risk to democracy is apathy, not election security.
The more the debate widens the more people will get involved, the better
the final outcome.
>[....] technical experts none of them pointed out the glaring holes and backdoors
>in the code. [...] Only when a Finnish expert was brought over were the problems
>brought to light--even though they are technically obvious.
The implication being that the US inspectors were incompetent or not
impartial. Perhaps this is a job for foreign observers?
>Tampering with the central counting computer is one of the easiest ways to
>manipulate an election.
Yes, because this is where all the votes end up. Machines with more
votes in them are more attractive targets.
It is a surprise that BBV didn't look at tally systems until more recently.
>[...] What's the point of going to elaborate trouble to
>develop open source election equipment, when one then has to trust election
>officials or vendor technicians? No election system should require
>citizens to take things on faith.
Votes should have the choice to take the system on faith, or look as far
into it as they need to to be satisfied that it works. In fact, the
largest body of citizens who don't take things on faith are the
volunteers and staff and it is they whom we most rely on to alert us to
the presence of foul play.
For evoting, this might be maintained if "mutually distrusting parties"
were able to observe and have control of all systems as they do over the
paper system. Is this incompatible with automation?
I've attended e-vote counts in the UK executed by Nedap, no less.
Evoting and tallying machines are just PCs running windows overseen by
provider geeks. This represents the very least that could be done with
technology for democratic purposes.
More information about the E-voting