Re: Applicability of thin-client to voting

From: Richard C. Johnson <dick_at_iwwco_dot_com>
Date: Mon Jul 25 2005 - 16:50:58 CDT

Hi David!
Yes. Thin client is the very model on which I worked at Oracle and which Oracle was discussing with OVC. The idea was that the OVC design could be implemented using existing industrial strength Oracle software (plus the datebase and application server as COTS [commercial off the shelf] pieces), which voting software would be put into the public domain as OpenSource.
This model was actually run in real elections in England, where Oracle contracted with local authorities.
The idea was that any particular design of voting procedure could be implemented with this server-based software, versioned and tested, and then installed on a central server and accessed by rom-based software (Linux+browser) running on a bare bones diskless PC and operated by authenticated and authorized voters and officials. It would be configured for each voter by information on the voter's electronic card.
The connection with the server would have to be over a dedicated private network (plus Virtual Private Network encryption), which would keep unauthorized folks from getting at it, while retaining records of all who did have access. The technical poll watchers would be able to validate the server operation at election central in the state (where the software is actually running) and the thin clients would be extremely difficult to crack by the bad guys. Use of normal security measures (such as an electronic voting card issued when the voter shows up to vote by election officials, who are able to access the online registry of voters) means that provisional and absentee voting could take on a whole new aspect of security.
Post Offices could accommodate absentee voters anywhere in the US (using the absentee voting card, which contains the ballot configuration) and abroad there are embassies and comsulates, mailing back the hard copies to the local precincts. And...there is no reason not to print out the ballots at the PC, with the machine readable OVC-style bar codes, and there we are. Unfortunately, I got laid off in January and I have no idea where the plans for this have gone.
This design would integrate regular, absentee, and provision voting along with (even!) military voting. I don't know if Oracle is still interested--I certainly can no longer speak for the company. But the thin client solution is one which has a lot to recommend it: security, cheapness, and voter verified paper ballots.
I would love to work on such a project, should it ever seem feasible. I simply don't have the resources to work on this pro-bono, except for consulting pro bono during the design phase of a project. This is the best way to do it in most places (and all urban places) in the US, in my opinion.
Best wishes,
-- Dick

"David Webber (XML)" <> wrote:
I'm seeing this could be an alternate model - where a
secure server provides all the processing for a voting
system - and the voting clients are little more than
a display device and input keyboard / audio system,
and a single firmware bootup and control program (the
traditional *nix dumb-terminal approach).

This narrows the potential attacks to each individual device,
and instead focuses attention on the central server - where
of course - you can marshall some very significant defenses,
and only need to test one component for compromises...

It certainly seems a worthwhile alternate. There could also
be cost savings - especially if you can get these
off-the-shelf from banking applications

OVC discuss mailing lists
Send requests to subscribe or unsubscribe to

OVC discuss mailing lists
Send requests to subscribe or unsubscribe to
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Sun Jul 31 23:17:19 2005

This archive was generated by hypermail 2.1.8 : Thu Sep 15 2005 - 11:43:09 CDT