Re: code validation?

From: Ron Crane <voting_at_lastland_dot_net>
Date: Wed Feb 23 2005 - 13:00:11 CST

>>> There's a problem here. There must be a known set of vendors who
>>> have earned trust via the review process you described. Let's posit
>>> that OVC is the only such vendor initially
>>
>> Nah... OVC is more like a certifying standards body. Voting is very
>> decentralized in the USA, and it's almost certain to be a lot of
>> different vendors in different locales. Think of us like OASIS,
>> IEEE, or W3C: we might provide a reference implementation--and
>> vendors might even use our code (probably should do so to insure code
>> quality and auditing)--but vendors can compete for a particular
>> service contract.
>>
>> But certainly qualifying as a vendor of Public Software should be
>> subject to laws (some OVC'ers are working on this in various states).

There's another, more insidious problem with OVC not being the sole
vendor. That is, since elections officials will demand turn-key
systems, vendors will provide hardware. It would be easy for a vendor
to include a ROM in its hardware containing a cheating version of the
software. The hardware easily could pretend to boot from the CD
containing the verified software, and the cheating software could
perform except for the cheating exactly as if it were the verified
software. If the hardware had, say, wireless networking capability, the
timing and nature of the cheating could even be controlled remotely
[1].

Even if OVC were to enter the business of certifying voting machines
produced using its code, it would be hard-pressed to detect this kind
of cheating. A vendor could supply OVC with non-cheating machines to
test. And even if it didn't, black-box tests of a cheating machine
would be vanishingly unlikely to discover the cheating.

-Ron

[1] Long-distance WIFI is coming soon to a computer near you.
http://news.com.com/2100-1033-959924.html?tag=fd_top .

_______________________________________________
OVC discuss mailing lists
Send requests to subscribe or unsubscribe to arthur@openvotingconsortium.org
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Sun Feb 27 17:17:12 2005

This archive was generated by hypermail 2.1.8 : Sun Feb 27 2005 - 17:17:13 CST