Same hardware for BVA and BRP

From: Jan Karrman <jan_at_it_dot_uu_dot_se>
Date: Fri Jun 11 2004 - 16:25:37 CDT

On Thu, 6 May 2004, Arthur Keller wrote:

> At 10:41 AM +0200 5/6/04, Jan Karrman wrote:
> >
> >Perhaps the BVA and BRP can be the same machine.
> It's not clear whether security concerns with who can get access to
> the BRP will preclude that choice.

I have given this some more thought now. I don't think the voter
should have access to the BRP machine, but what do you think about
a setup something like this:

Place the CPU for the BRP/BVA on, or below, the desk where the ballot
box is placed. A voter could not tamper with the CPU unobserved since
there will always be officials close by.

Place the BVA just far away enough from the desk, so that the sound
from the headphones will not leak out. The monitor, a barcode scanner
and headphones will be at the BVA, and may need somewhat longer cables
than standard. The scanner should be placed in a way so that it is seen
from the desk, and hence could not easily be tampered with unobserved.
Alternatively, the scanner could be at the desk, and operated by the
voting staff. That would probably make it work smoother, but maybe a
blind person would feel uncomfortable about giving away the ballot
prior to its depositing in the ballot box.

When the voting has finished, the BRP software is started etc. One
will probably want to move the scanner and the monitor (make it a
flat screen to make it easier), but I suppose one could also do the
reconciliation with the hardware set up as it was.

Some advantages with this setup are:

* The same hardware will read the same ballots both when the voter
  verifies his votes and for reconciliation. This will make it much
  harder to play tricks with scanner firmware (one could still make
  it behave differently based on the time of an internal clock, or
  based on time intervals between scans).

* One will need one machine less, and one scanner less, at the voting

* Having the BVA just one or two meters away from the desk will make
  it easier to assist the voter.

For the voting station and the BVA it is vital that they are separate
machines, but as I see it there is no advantage having the BVA and BRP
on separate machines. If one can hack the BRP, then there is no reason
to hack the other systems. Actually, it would probably be slightly
more difficult to manipulate the BRP part of a shared BVA/BRP, since
one should not touch the part of the code that is shared between them.

Btw, I'll be away on vacation the next three weeks, and will probably
not have any mail access the next two weeks.

= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Wed Jun 30 23:17:12 2004

This archive was generated by hypermail 2.1.8 : Wed Jun 30 2004 - 23:17:30 CDT