More on why Smartmatic is better than the big 3

From: David Mertz <voting-project_at_gnosis_dot_cx>
Date: Mon Aug 23 2004 - 17:14:21 CDT

I bit on voter verification:

  2.3 What differentiates the new voting machines from similar voting
  machines used in the USA?

  The SAES3000 machines have two fundamental differences with respect to
  similar voting machines used in the USA:

      * The printout of a physical vote using security paper.
      * The multiple methods and procedures that are used to ensure the
        system is 100% secure and auditable.

  Each new machine prints a physical vote on security paper displaying
  what the machine has just recorded so the elector can check it
  immediately. The voting machines used in the USA, which gave rise to
  many scandals, did not print a physical vote and electors could not
  check whether his/her vote was correctly recorded in the machine.

  In addition, SAES' security and audit ability are 100% guaranteed via
  a number of different mechanisms, including:

      * Encrypted and randomly recorded votes on the voting machine;
      * Seven sites for voter registration;
      * The encrypted transmission to tabulation centers;
      * Validations done by the tabulating system to certify the votes received;
      * The automatic blockage procedures of the machine to preserve the
        uniqueness of each vote registered;
      * The strong tools and procedures for external software auditing.

And a little bit on Arnie's question about ITA:

  2.6 Can the system be audited?

  Yes. The unified SAES system is fully auditable, guaranteeing 100%
  transparency of the procedures and the results of the system.

  To ensure that the operation of the software is not adulterated, the
  source code undergoes the strictest quality controls performed by the
  internal Quality and Security divisions of CNE.

  In the interest of transparency the voting software is available for
  audit. One of the most important verifications done on the SAES
  software is the code verification to ensure that there are no
  alterations in the execution of the program that may favor a specific
  party or candidate.

  For the specific case of the referendum, Smartmatic allows any
  CNE-approved organization to audit the voting software. The audit can
  verify aspects like:

      * The management and integrity of the data within the system;
      * The procedures used to elaborate the voting software;
      * The safety schemes used to store and send the data;
      * The results of the multiple system tests; and
      * The simulation of attacks against the physical and electronic
        safety of the system.

  Once all the entities participating in the audits approve all the
  aspects tested, the copy is certified by the CNE and then installed in
  all the machines and servers where the system is going to be executed.

  There is also a record of everything that has been done in the system,
  from the moment the elector records his/her vote, until the
  proclamation documents are issued. This creates a log of events that
  cannot be altered by any system user and serves as a certified backup.

  On the other hand, every vote recorded in the machines is stored in
  seven different places-one of them being the physical vote.
  Therefore, the elector has the chance to verify for himself what the
  machine recorded, and it also provides a physical backup of the
  electronic votes. This redundant data storage allows corroborating
  the accuracy and precision of the system.

It's not quite the Free Software ideal. But it's a lot better than the
single-source privatized ITAs who get paid by the voting machine
vendors... like we have in the USA.

Btw. The rest of the FAQ is interesting too. There's some good
discussion of anti-tampering assurances. Not quite as technical as we'd
like to know, but good for a layman discussion.
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Tue Aug 31 23:17:18 2004

This archive was generated by hypermail 2.1.8 : Tue Aug 31 2004 - 23:17:23 CDT