Re: vendors vowing to cooperate with disclosure?

From: Nancy Tobi <ntobi_at_democracyfornewhampshire_dot_com>
Date: Mon Apr 23 2007 - 14:48:29 CDT

If federal legislation offered NO COTS exemption but rather required full
source code disclosure, would there be voting equipment available for
purchase for the 2008 elections, and if so, what would it look like, cost,

I am looking for a practical answer on the IMPLEMENTABILITY of a full
disclosure requirement.


On 4/23/07, Richard C. Johnson <> wrote:
> Nancy,
> Open Voting Solutions believes that there are Linux drivers for most of
> the COTS hardware needed for a decent precinct scanner system. In our case,
> we expect that the scanner will be controlled by an open source driver; the
> scanner driver is a key piece which we want to be open source.
> I don't think that there are any other drivers that touch the actual
> voting process remaining in our Linux-based system. We use COTS
> hardware...a PC, a printer (for posting precinct results), and a Kodak i40
> scanner. We use Linux (open source) drivers for all PC parts.
> But we have no BillWare anywhere (no Microsoft software) and we do not
> believe that COTS software is needed. If it were, we would be inclined to
> use Oracle in our system as a database. Then, we would have taken a step
> away from Open Source software...something we don't really want to do
> without good reason. The reason would be increased flexibility of
> legitimate access without sacrificing security. Oracle would help
> auditability as well. I am unaware of any such benefits from the other
> pieces of COTS software mentioned.
> The upshot is simply that allowing COTS software in databases, crucial
> drivers, or operating systems is not necessary. IMHO.
> -- Dick
> *Karl Auerbach <>* wrote:
> Nancy Tobi wrote:
> > Sorry for being such a johnny come lately -but can you please tell me
> > what you believe is the intent of CA law for COTS?
> It is a bit of recognition of the reality that modern software systems
> are really layers upon layers upon layers.
> People forget, for example, that inside many CPU's is a firmware engine,
> i.e. software, that mechanizes the machine instructions. And a lot of
> input/output is processed by controllers that contain embedded software.
> The COTS mechanism is to create a presumption of non-hostility on the
> part of software that was created without the knowledge that it would be
> used for voting, that it is used for a myriad of non-voting purposes by
> a broad variety of people.
> It's far from perfect, but it does make sense. And it creates a
> substantial barrier and requires an amazing amount of foresight on the
> part of an attacker to embedded a voting-specific flaw into a COTS
> system. (That said, it would not be that strange to see a
> non-voting-specific flaw/backdoor in such software.)
> Given the huge amount of software, particularly embedded software in
> what we think are chips and controllers, we could end up spending years
> spinning our wheels, probably without benefit, dredging into the COTS
> software used at those levels.
> As compared to deeply embedded code, the scale tips a bit more in favor
> of inspection for operating systems. But even then we have to recognize
> that if we take a position that we absolutely require, in all
> circumstances and all cases, inspection of broadly used operating
> systems (e.g. Windows CE) that we might end up burning our limited
> energies and make more distant the date when we have decent voting
> machinery and processes.
> As Napoleon (or someone) said - we should be careful about the battles
> we pick.
> --karl--
> _______________________________________________
> OVC-discuss mailing list

OVC-discuss mailing list

= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Mon Apr 30 23:17:13 2007

This archive was generated by hypermail 2.1.8 : Mon Apr 30 2007 - 23:17:16 CDT