Re: Why freedom matters

From: Alan Dechert <adechert_at_earthlink_dot_net>
Date: Tue Aug 19 2003 - 00:47:51 CDT

David wrote:
>
> The freedom of the code will let users--i.e., ultimately voters--examine
> the code in every way they wish to. For example (but not only), security
> researchers will have the complete implementation available to attempt
> cryptographic attacks against, and to model ballot tampering threats.
> Not only if the code is accidentally left on an FTP site, but up-front,
> and overtly.
>
I have consistently argued over the past 2.7 years for voting machine source
code that is open for public inspection and testing. The remarks I made in
this thread have nothing to do with that.

> The freedom of the code will let elections agencies and vendors in
> countries other than the USA use (and audit) the code for their own
> elections. The certification issues are probably different elsewhere, and
> may cost more or less, ....
>
Right. The point I was making was simply that, in practice, counties in the
USA probably would not be making modifications to the code since they'd have
to re-certify the software (an expensive and lengthy process).

I don't know how involved the certification process is in other countries.
Doug Jones likely knows quite a bit about that.

The Open Voting Consortium would want to be an international organization, I
would think. It's something to look at... i.e., the impact of GPL license
for voting software in the USA might have in other countries. I note that
the Australian open source software for PC based voting is GPL but the
company that developed it is not especially interested in making it easy to
set up and run.

FYI, I cut and paste what we got from them:
*********
Hi Adrienne,
    Thank you for your interest, I'm sorry for the delay.

    You can retrieve the software published by the ACT Electoral
Commission at http://www.elections.act.gov.au/Elecvote.html. This is the
actual code used for the 2001 election.

    You will notice that there is some 'glue' missing. For example, the
software which creates and populates the database.

These pieces of 'glue' do not effect the outcome of an election and
therefore not required for verification puposes.

We hung on to these pieces of software in order to keep our competitive
advantage, as we have not yet recovered the cost of develeping the
software in the first place.

This represents a compromise between transparency of the software used
to conduct an election, and an acknowledgement that SI has invested
resources in the system, and cannot (yet) afford to give it away free of
charge for others to profit from.

So - you may do anything you like with the versions found on the ACTEC
website. If you would like the most up-to-date versions with
pre-populated databases etc.etc. then we would need to come to some
mutually acceptable agreement regarding IP.

Good luck with your project, and please don't hesistate to ask me
questions as they occur to you. If e-mail becomes to restrictive, we
could organise a time to have a one-on-one session at some stage.

Once again, thanks for your interest and I look forward to hearing from you.

Sincerely,

Matt Quinn
Senior Software Engineer
Software Improvements Pty Ltd
www.softimp.com.au
***************************

> but the issue is to allow democrats (small "d")
> worldwide benefit from what we learn and implement.
>
Right. I agree. We should do much better than the Australians.

> For that matter, the
> freedom of the code will let non- or less regulated elections in the USA,
> or outside it, use the code (i.e. university student elections, or union
> elections) if they so wish.
>
Right. But people don't ordinarily want to hire a team of NFL referees to
call a picnic softball game.

The stakes involved in Florida in 2000 for the general election were a lot
different from the university student elections at U of Florida. Sure the
code for the production voting system could be used in part for other types
of elections, but this can have nothing to do with the design of our
software.

--Alan Dechert

==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Sun Aug 31 23:17:12 2003

This archive was generated by hypermail 2.1.8 : Sun Aug 31 2003 - 23:17:18 CDT