l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
July 21: Defensive computing: Information security for individuals
Next Installfest:
TBD
Latest News:
Jul. 4: July, August and September: Security, Photography and Programming for Kids
Page last updated:
2004 Nov 04 15:13

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox] [Article] A Vote for Open-Source Voting Machines
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] [Article] A Vote for Open-Source Voting Machines



I got some opinion on this topic...

I don't think open sourcing the code is absolutely necessary.  I don't
think *any* code will be secure enough, open source or otherwise, because
there's absolutely no guarantee, even for the open-source code, that the
published code is what will be used on each machine.  I think the solution
is to make each individual votes public (but still keeping it anonymous),
not necessarily (though helpful) the code.

The voting machine running the voting software, open source or not, can
make each individual votes public via the Internet, by publishing each
voter's ballot number and how s/he voted.  No name or any identification
is published except for the ballot number, which is random, and the
prescinct in which s/he belongs.  A random sampling of the data can be
done by volunteers to verify that the results of the published data is
accurate, and anybody will be able to check whether his/her results were
published accurately on the Internet.  If an inaccuracy is found by any
individual, the paper trail will have to be traced (and that can be done
in a number of ways.)

This is actually more accurate than the current paper ballots.  For
example, as far as the current voting process goes I have no idea if my
vote was ever counted, got lost, manipulated, voided, counted late, or
whatever.  In the above method, I can verify that my vote was counted,
when it was counted, how accurately it was processed, etc.  And this can
be done by anybody who cares enough to check it and knows how to use the
Internet (or if they don't have Internet, they can just go to some
government facility like a Library or the City Office and ask someone to
verify it for them.)  But the actual check of accuracy doesn't depend on
any of that, as random sampling check of the accuracy of the votes can be
done even by some kid down the street who has Internet and wants to go
around the neighborhood asking people how they voted.  It's possible
someone might lie, but when you produce enough paper trail the result
should be reflected accurately (ie., you get a paper ticket stub with your
ballot number, which people already get, but also a checksum number of how
you voted.)

The process is very similar to public-key cryptography and digital
signatures, if you think about it.  It's security through publicity, as
opposed to security through absecurity.

If we're using the current process as the standard by which the electronic
voting is to measure up, I think the above method is good enough.  I don't
see any other way an electronic voting can become as accurate as the paper
ballots, except by publicizing how people voted.

BTW, has anyone ever used their ticket stub to verify that their vote was
counted correctly?  I think that's the purpose of the ticket stub, isn't
it?  How am I supposed to verify my vote???  Is there a phone number I can
call.....????

-Mark


On Thu, 4 Nov 2004, Bill Kendrick wrote:

>
> A Vote for Open-Source Voting Machines
> By Philip H. Albert
> LinuxInsider
> 11/02/04 5:00 AM PT
>
>   http://www.linuxinsider.com/story/37753.html
>
>     "Open-source programs can be more secure because the code is visible
>     and it speaks for itself in most cases. Thus, we can rely on the code
>     and don't have to rely on its author. Tampering with the code is easy
>     to detect and the nature and biases of the tamperer can be clearly
>     identified."
>
>
> Enjoy!
>
> -bill!
> bill@newbreedsoftware.com                            New Breed Software
> http://www.newbreedsoftware.com/               Tux Paint 0.9.14 is out!
> _______________________________________________
> vox mailing list
> vox@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox
>

-- 
Mark K. Kim
AIM: markus kimius
Homepage: http://www.cbreak.org/
Xanga: http://www.xanga.com/vindaci
Friendster: http://www.friendster.com/user.php?uid=13046
PGP key fingerprint: 7324 BACA 53AD E504 A76E  5167 6822 94F0 F298 5DCE
PGP key available on the homepage
_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.