Washblog

Response to BryceM: Why Open Source Makes Sense for Voting in King County and the Country


[Front paged: NM. Here's a link to the California Top-to-Bottom Study. King County's Council in their Proposed Ordinance 2007-0402 this past July (the ordinance that recommended against adopting the "Reckless Plan" of King County Elections), cited the top-to-bottom review in several places: "Recognizing the important findings of the California "top-to-bottom" review 38 of voting systems, the elections section shall incorporate third party security experts in 39 the testing of any new equipment and software...." etc.]

BryceM makes the point that it is possible to have secure systems built around closed source and that experts may contribute to such systems. I, on the other hand, defend the idea that King County would be better off using the equipment it has now and then, after the 2008 election, evaluate Open Source with its other options for a new voting system to to be deployed before the 2012 elections.

Technically Bryce has a point. It is logically possible to have the small group of people who know and care about security, computing and voting review the offerings of vendors' requirements, design, code, test, etc., on a practical level this not going to happen in real life.  

With four large vendors and a bunch of small ones, many of whom have shown very little interest in improved security or motivation to invest in security, the vendors are simply not going to hire real independent experts. On the other hand, if a team like ours were funded by someone like King County, experts such as those who worked on the California Top to Bottom Review would likely volunteer to help.  Partly, this is because counties all over the country will likely end up using this technology as it would cost so much less than buying proprietary election equipment.  Those experts who volunteer services do not have the added burden of pleasing the client who is paying them; rather, they are more likely to serve the public interest. Independence from the vendor is critical to election security and Open Source permits that far better than the vendor lock-in tactic that proprietary systems foster.

Bryce, have you studied the California Top to Bottom Review? I think that after you do, you might also come to the conclusion that closed source has simply failed in the world of voting and we should throw in the towel and build Open Source solutions that election authorities can share with one another nationwide, even worldwide. It was not that the California experts could break into one voting system. They were able to compromise all of them. If this does not call for a change, what would?

Only Open Source allows an election official to be in a appropriate power relationship with regard to a vendor. It is critically important that a county be able to fire their support vendor, if circumstances warrant.  King County has been victimized by poor service from a vendor in the past, but  King County election officials still argue, after giving that vendor a score of only 5 out of 10, that they must buy from the vendor.  They argue that, because otherwise past investments in equipment and skills acquisition would be discarded, changing vendors would be too expensive. This is a perfect example of why closed source solutions in voting are unacceptable. They lead to lock in and a drug addiction-ike dependence that does not inspire public confidence in voting systems or elections..

Only Open Source provides transparency, i.e., that we are not trusting a few hired experts under Non-Disclosure Agreements but that every knowledgably person who wants to examine the code can and is invited provide a review and recommendations for improvement and that such results are freely publishable.

The King County situation cries out for, at the very least, a detailed evaluation of the comparative costs of building an Open Source voting system of its own.  The Open Source unbundled solution will allow best of breed in each category and will allow King County its proper role as master of its own elections.

Sincerely,

Richard Johnson
CEO
Open Voting Solutions, Inc.

< History Warns Us | Political Graphics 101: 34th LD lit deconstructed >
Display: Sort:
(I'm sorry I've been a no show on these issues. Work, family, exhaustion, etc...)

Fellas, please. To use open source election administration solutions, or not, is not the issue in King County.

The immediate issue is whether or not we should change everything about our elections right before a presidential election.

The secondary issues are whether or not we should use new technologies, such as automatic signature verification, cryptography, ballot image scanners, etc. in our elections. In brief, the answer is an unqualified "No.", just in case anyone was wondering.

Until there is a viable open source alternative, can we please stop insisting that this is something King County (and elsewhere) should be doing?

How to fund, develop, test, and certify an open source solution is a completely separate topic. Frankly, any open source alternative is still years away. And then timing is a serious concern, because all change, no matter how virtuous, is disruptive.

by zappini on Fri Oct 05, 2007 at 11:00:52 AM PST

* 1 none 0 *


I'm a big fan of Open Source, especially Free Open Source when done well - It can be a wonderful development methodology with lots of benefits.  I'm also a big fan of closed source models when done well, and have intimate knowledge of many wonderful solutions that have been created under this model as that is how I earn my livelihood.  That said, I don't have a horse in this race, whereas you apparently do.

As Zappini points out however, the Proprietary/OSS debate is largely a side-show:  The only point that is at issue here is what should King County do?  Personally I think that we should double-down on our current mail-in balloting system and make it work in as reliable and secure a manner as possible for a few years to recoup our investment in the system, and wait for alternatives to mature.  

I believe that if we take what's been learned about the strengths and weaknesses of our current solution, we can operate it responsibly with our eyes wide-open and limp by until a better solution is available.

I sincerely hope that your firm is able to develop a compelling offering in this space, but I do not believe that King County is set up to go around playing Angel Investor with county funds if that's what you're looking for...

-Bryce

by BryceM on Fri Oct 05, 2007 at 12:14:25 PM PST

* 2 none 0 *


  • Proposal by zappini, 10/05/2007 12:40:25 PM PST (none / 0)
... that's what VoteHere started out with, to the best of my recollection: a system which anyone could implement, but upon which they held the business process patents. It relied heavily on cryptography which only policy wonks, mathematicians and cypherpunks (and as a member of at least one of those cohorts, I understood that theoretically their system worked, and yet as a practical person I saw no way that it would work practically, because nobody outside of the 'leet) had a hope of truly understanding... Therefore, no real hope of establishing public trust... other than, of course, by you know, blind faith in Bob, Jesus, the American Way and so forth.

Then they morphed into some secret ballot veil piercing tOOl taken to court by some guys who lived where this thing was test driven and a major investor apparently had a second (or third or fourth home) and who noticed huge disconglobberations in the ahhhh interface to the fabricated public trust... Or maybe it was just plain wrong or made up... but as far as I know nobody would ever say, nor has that been determined.

Now they're out of business.

by m3047 on Fri Oct 05, 2007 at 11:36:41 PM PST

* 4 none 0 *


As Zappini points out, going with a new system in a presidential year is the height of stupidity, open source or not.  You try out new systems in the off years.  Is Sims deliberately TRYING to get Gregoire unelected, or what?

Also, putting serious auditing requirements in place is far more important than open source software.

A laboratory scale is not all that complicated, even one of the new digital models.  They are very reliable, but it doesn't matter in the slightest that the ones in my lab have only flunked their daily test twice in 15 years--we check them every morning with a set of standard weights anyway.

Now, in order to insure consistently reliable weight measurments, what is more useful--having schematics of the innards of the scales, or having a set of standard weights?  The latter obviously, though the schematics are useful.

by eridani on Sat Oct 06, 2007 at 01:05:23 PM PST

* 5 none 0 *


1995 was when I first really really really got interested in software, and that was in part due to this internet thingy. I saw millions and millions of worthless managers and bureaucrats, public and private, fired. Maybe, maybe, they'd re-tool their petty Machiavellian brains and figure out how to make processes work to serve customers, instead of their petty empires.

as I was finishing my math degree at the u.w. in 1996, the technology job market was hotter than hot.  I figured out how to b.s. my way into interviews (I skimmed a LOT of the '...for dummies' books outside recruiter's offices) and in interviews they'd ask me what I was passionate about and I'd say

"USING SOFTWARE TO FIRE BUREAUCRATS AND NITWIT EMPIRE BUILDERS"

After a few interviews I could see that line wasn't stirring passions, so I dropped it.

(after having worked as a chef for most of 15 years, I was more concerned with getting my feet in the door than with how perfect the fit would be)

By my first year of working in email server support in Building 11 in redmond ... I realized that computer people were the absolute worst of the worst when it came to building empires of nitwits twiddling away with no freaking clue how real humans worked AND no freaking clue about making sure stuff ran well -

it is work to carry 100 pounds of onions on your head around the exterior of the building, it is also a waste of time for making onion soup, chowder ...

then I worked for 2.5 years supporting about 25 intranet sites for various internal business processes.

It AMAZED me how hard it was for so many to come up with a rough order of magnitude of time and money costs for proposed tools and tasks.

The place was permeated with big company big government defense department / boeing kind of infinite puttering ...

frankly, when they were outsourcing us in 2002 to across the western pond to people who make 12 bucks a day, um

the only complaint I had is that they weren't firing all the nitwits with 6 and 7 figure paychecks who had managed this rot for decades.

So, in closing - let's say you work at catering / banquent place with quality people.  Potential customers come in, and of course you say

'we do what the customer wants'

and, believe me, every customer wants THE BEST!

you do NOT say

"I don't understand your questions",
"I don't understand your requirements",
"I'll get back to you in 1 month with an estimate, after you pay me 10 grand to do the estimate"

you figure out what kind of stuff they think they want, (and everyone wants filet mignon and copper river salmon and caviar for 4 bucks a person)

AND, you estimate what they're willing to pay / what they can pay

AND you try to make it work with their budget / needs & what you can make a living on

THEN you educate them on how YOUR stuff is going to serve THEIR needs.

For some people, it is more important to be at the Ritz, even if they are eating chicken (OOOPS, I mean Range Raised Game Poulet) than it is too be eating the latest greatest culinary whatever.

Some people would rather eat Dungeness crab and fresh lamb off of paper plates next to a beach bonfire.

only a few people can afford the Four Seasons catering Lobster and Veal Medallions, then the $300 night rooms for 100 guests. (125 bucks a person, for food ONLY, in 1986!)

oh, btw, the ritz or the four seasons ain't gonna do kool aid and hot dogs so you can say your party is at the ritz.

Here is my rule of thumb for software projects:

1. if people can't help me, in 60 mins., define a rough scope* of the project, then don't hire them.

*scope = proposed features, rough timelines, rough manpower reqs, rough costs.

(oops, you can hire them if boeing or microsoft is going to pay for whatever happens )

open source,
evil empire,
BIG evil of oracle / IBM / SAP ...

I don't trust none of it!

Software should be about making organizations work better for customers, NOT about making paychecks for software nitwits.

(some of ya I know and I like - this ain't about you the person I know. )

rmm.

http://www.liemail.com/BambooGrassroots.html

by rmdSeaBos on Sat Oct 06, 2007 at 03:41:46 PM PST

* 6 none 0 *


With real respect for good thinking but there is this underlying problem.

1.  Whatever the system, it can be hacked. E.g.:  Ballot Definition Files or equivalent aren't optional; you have to have them.  Who creates them?  Who scans them? etc...Besides which, how can you be sure, if something has been twisted, that you can spot it?

Given a software package - open source or not - there is no screening process that can ensure that there is no lurking malware.  And, of course, such can be planted long before an election...

Nor does a digital signature guarantee that the code under scrutiny is the same as the code originaly written.  1, such signatures can be cracked, tweaked, and the tweaked version fitted with the original signature.  2, how conduct a test of a signature?  Can't use anything that is in the code itself; if its been hacked, confirming the signature does not fix the hacked code.  Also: where is the mechanism - software and hardware - which holds a purported valid signature to be used in testing the code at hand?  Are we delivering a test device to every place with an e-voting machine?  How do we know these devices are valid?  And can everyday people at the machine sites conduct the test correctly and respond appropriately?

2.  We should not rely on experts to write and validate code.  SoS Bowen's TTB review shows how experts can do really great things: they can spot many - if not defnitively all -serious flaws.  And other people can confirm their discoveries given access to the code.

But to accept code just on the grounds that experts have passed it - no...

This is the elitist game again:  "trust me."  Public should not have to rely on an assertion  that code is effective and hack-free.  

Also, however well-recommended the reviewers are,
the public should not have to rely on faith that they were not blackmailed or bought...

Quote:  SRI Professor Peter Neumann, one of the
world's leading computer scientists:
"Even if you can look at the source code, you can't guarantee that there's not a Trojan horse embedded somewhere in the code. Any self-respecting system programmer can hack the innards of the system to defeat encryption techniques or any password protection, or anything like that. All this stuff is trivial to break, for the most part. In most computer systems out there, it is child's play. Given the fact that the underlying systems are so penetrable, it is relatively easy to fudge data-for example, to start out with three thousand votes for one guy and zero for the other before the counting even starts, even though the counter shows zero. Essentially a Trojan horse in the coding. I can do it in the operating system. I can do it in the application program. Or I can do it in the compiler. I can rig it so that all test decks work perfectly well...."  

http://www.csl.sri.com/users/neumann/dugger.html

Finally:  the defense always loses...always.

And there are politicians who want to rule, not govern, and have no inhibitions about how they do it.  And some of them have influence with government agencies with galactic-scale computing power...Bear in mind that SecDef Gates was at CIA, was on the board of Vote Here, the proposer of a cryptographic voting system and with an officer who was ex-Washington SoS chief of elections..

Hence the subject line above: to me it seems that the elephant is here - there just is not any way to build a secure voting system based on software.

You know where this ends: HCPB  :-)

Regards

by bltfsk on Mon Oct 08, 2007 at 02:46:14 PM PST

* 8 none 0 *


  • Pink by zappini, 10/08/2007 03:37:17 PM PST (none / 0)
    • Hand count by bltfsk, 10/11/2007 04:14:31 PM PST (none / 0)
Open source or closed source, the concept of making software secure is ludicrous.  Security is a combination of software, hardware, procedures and audit conducted by humans.   In short, it's extremely complex and it only takes 1 small error to make a huge security breach.

Take for instance the one of many cases of employees at Boeing and other large companies who exposed the personal data of the entire company merely by taking a laptop home... and then it was stolen.

Putting software between the voter and his ballot is being shown to be a really bad idea.   There are simply too many loopholes that can be exposed.   Maybe that's why it was introduced.

by RichardBorkowski on Thu Oct 11, 2007 at 11:02:57 PM PST

* 12 none 0 *


Display: Sort:

 

 

PNW TOPIC HOTLIST

 

Login

Make a new account
Username:
Password:

 HELP

Recommended Diaries

Washblog RSS Feeds

Political Contacts

Local Media

Coastal/Grays Harbor
Aberdeen Daily World
Chinook Observer
Montesano Vidette
Pacific County Press
Willapa Harbor Herald
KXRO 1320 AM

Olympic Peninsula
Peninsula Daily News
Bremerton Sun
Bremerton Chronicle
Gig Harbor Gateway
Port Orchard Independent
Port Townsend Leader
North Kitsap Herald
Squim Gazette
Central Kitsap Reporter
Business Examiner
KONP 1450 AM

Sound and Islands
Anacortes American
Bainbridge Review
Voice Of Bainbridge
San Juan Journal
The Islands' Sounder
Whidbey NewsTimes
South Whidbey Record
Stanwood/Camano News
Vashon Beachcomber
Voice Of Vashon
KLKI 1340 AM

North Puget Sound
Bellingham Herald
The Northern Light
Everett Herald
Skagit Valley Herald
Lynden Tribune
The Enterprise
Snohomish County Tribune
Snohomish County Business Journal
The Monroe Monitor
The Edmonds Beacon
KGMI 790 AM
KELA 1470 AM
KRKO 1380 AM

Central Puget Sound
King County Journal
Issaquah Press
Mukilteo Beacon
Voice of the Valley
Federal Way Mirror
Bothell/Kenmore Reporter
Kirkland courier
Mercer Island Reporter
Woodinville Weekly

Greater Seattle
Seattle PI
Seattle Times
KOMO TV 4
KIRO TV 7
KING 5 TV
KTBW TV 22
KCTS 9
UW Daily
The Stranger
Seattle Weekly
Capitol Hill Times
Madison Park Times
Seattle Journal of Commerce
NW Asian Weekly
West Seattle Herald
North Seattle Herald-Outlook
South Seattle Star
Magnolia News
Beacon Hill News
KIRO 710 AM
KOMO AM 1000
KEXP 90.3 FM
KUOW 94.9 FM
KVI 570 AM

South Puget Sound
The Columbian
Longview Daily News
Nisqually Valley News
Lewis County News
The Reflector
Eatonville Dispatch
Tacoma News Tribune
Tacoma Weekly
Puyallup Herald
Enumclaw Courier-Herald
The Olympian
KAOS 89.3 FM
KCPQ 13
KOWA FM 106.5
UPN 11

Cascade/Okanogan
Ellensburg Daily Record
Levenworth Echo
Cle Elum Tribune
Snoqualmie Valley Record
Methow Valley News
Lake Chelan Mirror
Omak chronicle
The Newport Miner

Spokane/Palouse
The Spokesman-Review
KREM 2 TV Spokane
KXLY News 4 Spokane
KHQ 6 Spokane
KSPS Spokane
Statesman-Examiner
Othello Outlook
Cheney Free Press
Camas PostRecord
The South County sun
White Salmon Enterprise
Palouse Boomerang
Columbia Basin Herald
Grand Coulee Star
Walla Walla Union-Bulletin
Yakima Herald-Republic
KIMA 29 Yakima
KAPP TV 35 Yakima
KYVE Yakima
Wenatchee World
Tri-City Herald
TVEW TV 42 Tri-cities
KTNW Richland
KEPR 19 Pasco
Daily Sun News
Prosser Record-Bulletin
KTCR 1340 AM
KWSU Pullman
Moscow-Pullman Daily News