[E-voting] UK govt circular mentions open-source e-voting

Michael McMahon michael at hexmedia.com
Thu Jul 21 15:24:15 IST 2005

Craig Burton wrote:

> The term "secure" meant something in the 1950s.
> A better term is "hardened".  A system is designed to be hardened for 
> the estimated risks and known attacks.
> New attacks will be proposed or executed, the system should repel them 
> or fail in a manner that exposes the attack.
> It doesn't matter if its a human-paper system, a human-machine system 
> or all-machine.
The term "hardened" is just as imprecise as "secure". The vendors of the 
Irish system and the Govt. itself
claim the PCs are hardened, yet the vendors of the PCs themselves (HP) 
make no such claim.
I'm not aware of any standards which define what a "hardened"  PC is.

>> In the United States the national and state certification systems 
>> have been
>> shown to be unenforced and possibly even fraudulent. 
> Any federally mandated standards for something like democracy are 
> going to be met with resistance by the various States.  It's always 
> been like that.  We were at the meeting where the various secretaries 
> of state voted to discontinue funding for the EAC after 2006.  It was 
> very heated.
> Still, the biggest risk to democracy is apathy, not election 
> security.  The more the debate widens the more people will get 
> involved, the better the final outcome.
The point wasn't about the conflict between state and federal. It was 
that standards are simply not
being enforced when the will to do it does not exist. I was skeptical of 
this view initially,
but there is some evidence to support it.

>> [...]  What's the point of going to elaborate trouble to
>> develop open source election equipment, when one then has to trust 
>> election
>> officials or vendor technicians?  No election system should require
>> citizens to take things on faith.
> Votes should have the choice to take the system on faith, or look as 
> far into it as they need to to be satisfied that it works.  

I agree, and this is why I think the best hope in the long term lies 
with the crypto based
receipt systems like VoteHere. There is nothing to stop each and every voter
from verifying both their own vote and the overall integrity of the 
election, if they want to. The verification
data is easy to generate (as compared to VVPB systems), and therefore 
the election authorities have no excuse for not providing it.
In practise of course, this will involve having to trust the programmers 
of whatever validation software you use,
and some people have a problem with that. 
But, if you don't trust programmers affiliated to party X, then just go 
and find programmers from party Y, so I really
don't believe that objection stands up. It doesn't make sense to me 
that: on one hand it's not acceptable to
have to trust a computer programmer (of your own choosing), but on the 
other hand it is acceptable
to have to trust a set of party workers (whom you cannot choose).

- Michael.

More information about the E-voting mailing list