Re: logic and accuracy tests

From: Jerry Lobdill <lobdillj_at_charter_dot_net>
Date: Sat Aug 26 2006 - 15:33:12 CDT

My conclusion is wrong? Tell me more.

I'd agree that L&A testing has the purpose you state. I'd agree that
parallel testing could determine whether a given machine flipped
votes from candidate A to candidate B by comparing the ballots the
testers voted with the "ballots" the machine recorded.

But why do you think that L&A testing and parallel testing can
assure that a machine's software has no Trojan Horse? Have I missed something?

Jerry

At 02:00 PM 8/26/2006, you wrote:
>Content-Transfer-Encoding: 7bit
>From: Ron Crane <voting@lastland.net>
>Precedence: list
>MIME-Version: 1.0
>To: Open Voting Consortium discussion list <ovc-discuss@listman.sonic.net>
>References: <mailman.24.1156532404.19263.ovc-discuss@listman.sonic.net>
> <6.2.3.4.2.20060825164006.0451d280@pop.charter.net>
>In-Reply-To: <6.2.3.4.2.20060825164006.0451d280@pop.charter.net>
>Date: Fri, 25 Aug 2006 15:31:57 -0700
>Reply-To: Open Voting Consortium discussion list
> <ovc-discuss@listman.sonic.net>
>Message-ID: <44EF7A5D.7090003@lastland.net>
>Content-Type: text/html; charset=ISO-8859-1
>Subject: Re: [OVC-discuss] logic and accuracy tests
>Message: 2
>
>Jerry Lobdill wrote:
>>
>>At 02:00 PM 8/25/2006, you wrote:
>>
>>
>>>>>
>>>>>From: Paul Malischke <mailto:malischke@yahoo.com><malischke@yahoo.com>
>>>>>Date: Aug 24, 2006 8:11 PM
>>>>>Subject: logic and accuracy tests
>>>>>
>>>>>Hello,
>>>>>One major arguement that the clerks make against post-election
>>>>>audits of vote counts is that they do logic and accuracy
>>>>>pre-tests. How can we counter this argument?
>>>>>
>>
>>
>>To me the best answer to this is that L&A tests and even parallel
>>testing cannot reveal the presence of Trojan Horse software.
>>Tests--of any kind--can only test the advertised functionality of
>>software. There is no possibility of uncovering inserted software
>>that is designed to permit manipulation of the legitimate functions.
>>It's like trying to prove a negative--it can't be done.
>>
>>
>Your conclusion is incorrect. But L&A testing is not security
>testing, and is unlikely to discover a competently-designed fraud,
>such as one engineered to operate only on election day. Parallel
>testing can do better, since it is performed on election day and is
>meant to determine whether the machines are cheating. For example,
>parallel testing could determine whether a given machine flipped
>votes from candidate A to candidate B by comparing the ballots the
>testers voted with the "ballots" the machine recorded. That said,
>there are a host of ways a well-designed attack might try to escape
>detection during parallel testing, most of which involve determining
>whether the machine is, in fact, being tested. Unless the testers
>are exceedingly careful to make the testing exactly simulate actual
>voting -- from randomly selecting the machines to test right before
>the polls open, to casting a realistic assortment of votes at a
>realistic rate, to using varying amounts of pressure on the
>touch-screen to cast them, etc. -- it's quite likely that some
>well-designed attacks will escape detection during parallel testing.
>>
>>Post election audits are conducted to ascertain whether any kind of
>>irregularity occurred in the election. This is a completely different
>>function than testing.
>>
>Both audits and parallel testing aim to find irregularities and
>fraud. L&A testing mostly aims only to discover whether the machines
>appear to be setup correctly (e.g., to display the appropriate races
>and to allow voters to select the right number of candidates).
>
>-R

(In accordance with Title 17 U.S.C. Section 107, this material is
distributed without profit to those who have expressed a prior
interest in receiving the included information for research and
educational purposes. ProgressiveNews2Use has no affiliation
whatsoever with the originator of this article nor is
ProgressiveNews2Use endorsed or sponsored by the originator.)

"Go to Original" links are provided as a convenience to our readers
and allow for verification of authenticity. However, as originating
pages are often updated by their originating host sites, the versions
posted on ProgressiveNews2Use may not match the versions our readers
view when clicking the "Go to Original" links.

_______________________________________________
OVC-discuss mailing list
OVC-discuss@listman.sonic.net
http://lists.sonic.net/mailman/listinfo/ovc-discuss

==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Thu Aug 31 23:17:09 2006

This archive was generated by hypermail 2.1.8 : Thu Aug 31 2006 - 23:17:10 CDT