Re: Microsoft-backed Consortium, AeA, Opposing Open Voting Bill, AB 852

From: <lairdp_at_gmail_dot_com>
Date: Thu Apr 26 2007 - 13:28:26 CDT

This logic has some errors.

First, there is no absolute security. There is no firewall that can stop 100% of all possible network attacks. But there is still value in improving security, even if you are always vulnerable to some hypothetical attack, because by closing off lines of attack you have increased the cost of the successful attack.

Second, you have to secure against all layers of attack. For example, buying a "perfect firewall" wouldn't protect you from someone with physical access to your network, so you also need to secure applications, passwords, user accounts and permissions, etc. Similarly, even if a DRE had "pefect software" the system could be attacked at many other layers, making it valuable to be able recount voter verified paper ballots, have the vote collection and tabulation process verifiable by independent observers, verify software checksums, etc.

- LP
Sent via BlackBerry from Cingular Wireless

-----Original Message-----
From: Hamilton Richards <>
Date: Thu, 26 Apr 2007 11:42:03
Subject: Re: [OVC-discuss] Microsoft-backed Consortium, AeA,
 Opposing Open Voting Bill, AB 852

At 9:16 PM -0700 2007/4/25, wrote:
>Message: 6
>Date: Thu, 26 Apr 2007 00:16:31 -0400
>From: "Nathan L. Adams" <>
>Subject: Re: [OVC-discuss] Microsoft-backed Consortium, AeA, Opposing
> Open Voting Bill, AB 852
>To: Open Voting Consortium discussion list
> <>
>Cc: OVC Announce <>
>Message-ID: <>
>Content-Type: text/plain; charset=ISO-8859-1
>Summary: "Code review will never be perfect, so why bother?"

Suppose you undertake the most thorough possible review of a
printerless DRE's code, and every flaw you discover is corrected.
Would you then trust it to count the votes correctly? If so, then
logically you should oppose the calls for OVC-style ballot printers.

If you (like me) believe that even after an exhaustive code review
ballot printers would still be necessary, what would have been gained
by the code review? Better code, presumably, but --strictly from the
point of view of *knowing* that it counts votes correctly-- still not
good enough.

Note that I'm in no way opposing code reviews. They're great for
improving code's quality. It's just that they can never deliver the
assurance that all the bugs have been found, and without such an
assurance the code can't be trusted.

There's an ethical issue here. If we justify our demands for public
disclosure by claiming that this will enable us to prevent
vote-counting fraud, we're being just a tad dishonest.

There's also a practical issue. If public disclosure becomes law, how
will we handle the argument, "OK, now you can inspect the code, stop
bothering us about ballot printers. ... Oh? Ballot printers are still
needed? Then what was all that fuss about public disclosure?"



OVC-discuss mailing list

OVC-discuss mailing list
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Mon Apr 30 23:17:15 2007

This archive was generated by hypermail 2.1.8 : Mon Apr 30 2007 - 23:17:16 CDT