Re: vendors vowing to cooperate with disclosure?

From: Doug Kellner <dkellner_at_elections_dot_state_dot_ny_dot_us>
Date: Mon Apr 23 2007 - 23:16:37 CDT

We should not lose sight of the fact that there is no voting system that has
been certified to the 2005 VVSG, and the work that we have been doing in New
York shows that even those systems certified by NASED to the 2002 VSG have
subsequently been shown to have features that are not in compliance with the
2002 standards.

The simple answer is that there is no voting device or scanner on the market
that I know about that currently conforms to all of the standards. If there
were, New York would buy it.

Douglas A. Kellner
New York State Board of Elections

Tel. (212) 889-2121
Fax (212) 684-6224

From: Nancy Tobi <>
Reply-To: <>, Open Voting Consortium
discussion list <>
Date: Mon, 23 Apr 2007 15:48:29 -0400
To: <>, Open Voting Consortium discussion list
Subject: Re: [OVC-discuss] vendors vowing to cooperate with disclosure?

If federal legislation offered NO COTS exemption but rather required full
source code disclosure, would there be voting equipment available for
purchase for the 2008 elections, and if so, what would it look like, cost,

I am looking for a practical answer on the IMPLEMENTABILITY of a full
disclosure requirement.


On 4/23/07, Richard C. Johnson <> wrote:
> Nancy,
> Open Voting Solutions believes that there are Linux drivers for most of the
> COTS hardware needed for a decent precinct scanner system. In our case, we
> expect that the scanner will be controlled by an open source driver; the
> scanner driver is a key piece which we want to be open source.
> I don't think that there are any other drivers that touch the actual voting
> process remaining in our Linux-based system. We use COTS hardware...a PC, a
> printer (for posting precinct results), and a Kodak i40 scanner. We use Linux
> (open source) drivers for all PC parts.
> But we have no BillWare anywhere (no Microsoft software) and we do not believe
> that COTS software is needed. If it were, we would be inclined to use Oracle
> in our system as a database. Then, we would have taken a step away from Open
> Source software...something we don't really want to do without good reason.
> The reason would be increased flexibility of legitimate access without
> sacrificing security. Oracle would help auditability as well. I am unaware
> of any such benefits from the other pieces of COTS software mentioned.
> The upshot is simply that allowing COTS software in databases, crucial
> drivers, or operating systems is not necessary. IMHO.
> -- Dick
> Karl Auerbach < > wrote:
>> Nancy Tobi wrote:
>>> > Sorry for being such a johnny come lately -but can you please tell me
>>> > what you believe is the intent of CA law for COTS?
>> It is a bit of recognition of the reality that modern software systems
>> are really layers upon layers upon layers.
>> People forget, for example, that inside many CPU's is a firmware engine,
>> i.e. software, that mechanizes the machine instructions. And a lot of
>> input/output is processed by controllers that contain embedded software.
>> The COTS mechanism is to create a presumption of non-hostility on the
>> part of software that was created without the knowledge that it would be
>> used for voting, that it is used for a myriad of non-voting purposes by
>> a broad variety of people.
>> It's far from perfect, but it does make sense. And it creates a
>> substantial barrier and requires an amazing amount of foresight on the
>> part of an attacker to embedded a voting-specific flaw into a COTS
>> system. (That said, it would not be that strange to see a
>> non-voting-specific flaw/backdoor in such software.)
>> Given the huge amount of software, particularly embedded software in
>> what we think are chips and controllers, we could end up spending years
>> spinning our wheels, probably without benefit, dredging into the COTS
>> software used at those levels.
>> As compared to deeply embedded code, the scale tips a bit more in favor
>> of inspection for operating systems. But even then we have to recognize
>> that if we take a position that we absolutely require, in all
>> circumstances and all cases, inspection of broadly used operating
>> systems ( e.g. Windows CE) that we might end up burning our limited
>> energies and make more distant the date when we have decent voting
>> machinery and processes.
>> As Napoleon (or someone) said - we should be careful about the battles
>> we pick.
>> --karl--
>> _______________________________________________
>> OVC-discuss mailing list
>> <>

OVC-discuss mailing list

OVC-discuss mailing list

= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Mon Apr 30 23:17:13 2007

This archive was generated by hypermail 2.1.8 : Mon Apr 30 2007 - 23:17:16 CDT