Re: First brush at KSG/NSF report

From: Alan Dechert <alan_at_openvotingconsortium_dot_org>
Date: Wed Jun 09 2004 - 16:44:55 CDT

Generally, we can't complain too much about this paper. It's skimpy, but
that's okay. It doesn't attempt to address many issues. We need to keep in
mind that there is much more to it than this. A real solution will by
necessity encompass a vast array of issues--many of them political.

I especially liked this notion:
     "The process is even more important
     than the underlying technology."

On the "hybrid" system. I note that a reporter asked Karl Auerbach on
camera if he would characterize the OVC system as a "hybrid." Karl said
"no." I liked his answer although I don't remember exactly what was said.
I think Karl was trying to emphasize that the OVC system is really
consistent with the age-old idea of a paper ballot. The fact we are using
an electronic system to print the paper ballot is less important.

I don't really care much for this:
     "If underlying mechanics or software are
     not in the public domain, they must at least
     be available for inspection by the larger
     security research community."

Eventually, we must demand public software, period. Very few people can
afford to look at proprietary software. Simply being open to inspection is
not adequate. I feel compelled to once again stress that people involved
with OVC should not look too closely at proprietary voting systems,
open-source or not. While blackbox testing is inadequate, so is white box
testing. You have to do both, and you can't really do that with proprietary
code. You also have to consider hardware/software that may not be included
with the disclosed source. These things are somewhat less critical for a
paper ballot system since tricks with trojans will be revealed on the paper
so they are less attractive to tricksters. Paperless systems are hopeless
in this regard.

All things considered, there is little to argue against in this paper--but
also little to argue in favor of it. We need to get on with the solution,
and the real solution is a lot more involved than that.

Alan D.
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Wed Jun 30 23:17:11 2004

This archive was generated by hypermail 2.1.8 : Wed Jun 30 2004 - 23:17:30 CDT