[E-voting] Irish Times: "Electronic voting unlikely to be used in next election"

David GLAUDE dglaude at poureva.be
Tue Sep 27 23:48:39 IST 2005


In Belgium the "College des Experts" does make recomendation that are
some time embeded into the law.

We (PourEVA) do not to agree with all of the recomendation they do (some
are only cosmetic change that do not solve the underlying problem).

One of the recomendation from last election year was to store a image
copy of each and every individual floppy (and decrypting) that contain
voting result and aggregated voting result onto a CD or DVD available to
them.

On the other side the Belgian law and electoral practice make sure that
individual result (1000+ elector) are never available alone but
randomized with other (manually we mix 6+ ballot box, electronicaly we
release aggregated result only by group of 10+ virtual ballot box [a
floppy = 1000 votes]).

So that CD/DVD will be very dangerous at it give very precise
information on who vote what where (with a 1000 citizen precision).

Also we know that the randomisation on the floppy recording is not good.
It can be fixed but since the "Expert" deny (in the same report) the
fact that it is rather easy to find the order of the vote... it is not
part of their recomendation.

The other thing they want is to be more associated with the law maker
and have more power.

In Belgium we have 5 "party" involved:
A) The "College des Experts" (wich is not independent because they are
choosed by our representative currenctly in power).
B) Software Vendor (who are not to be trusted).
C) "Independant Tester" (whose report in unavalable to all but the
"Expert" other non disclosure agreement)
D) The minister of the interior that certify the software based on the
"Independant Tester" report
E) The newly elected candidate that self validate the result of the
election based on the "administrative result" of the election (what
would be the "returning officer report") and the report of the "College
des Experts".

I don't know how and where the CEV can help in your scheme.

The nice thing is that you have "something/somebody" to study and
analyse BEFORE you realy use the beast (it could have been before
aquisition).

What I remember very well is that the CEV was really bounded (self
boundage?) to what it was authorised to say or do and wanted to avoid
any step outside that scope.

Our "College des Experts" (with the problem of having Expert rather than
Citizen "counting the vote") was able to do much more than their mandate:
* Started to work long before the election and days after the election
(they were suppose to only work durring the election day)
* Do some testing of the code and developed their own tools (like a
decryption/counting tool) where they were supposed to use the vendor
provided test software
* Impose that the code must be secured and lock under the public
services control (rather than at vendor place)
* Impose that the administration must have the capability to produce the
binary out of the source code and have the whole building environment
that can be reproduced without the vendor control
* ...

So we have a bunch of "good guy" that are "civil servant" and did try to
do their best in situation that was out of control without a mandate to
do so.

But whatever "good" are the "good guy" those are not citizen but
"expert" (in our case without the knowledge and technical skill you
expect from real security auditor).

So I hope your CEV will be as good as our good expert... and I hope you
will never need expert at all in the futur.

David GLAUDE

Catherine Ansbro wrote:
> I interpret this to mean the testers will recommend changes, and the CEV
> will analyse the recommendations.  I'm not sure what analysis they are
> in a position to do. (Prioritise recommended changes if the testers
> didn't do so?  Put conclusions into a frame that will avoid litigation
> from the vendors?  Political analysis?)
> 
> Catherine
> 
> Adrian Colley wrote:
> 
>> The most interesting comment (by the article's author, Carl O'Brien) is:
>> "Following these tests, the Commission on Electronic Voting will analyse
>> whatever changes are recommended."  I didn't know the CEV will be able
>> to recommend changes to the system.
>>
>> --Adrian.



More information about the E-voting mailing list