Re: Polling Place conditions, reframing the issue

From: Douglas W. Jones <jones_at_cs_dot_uiowa_dot_edu>
Date: Mon May 17 2004 - 13:08:35 CDT

On May 14, 2004, at 12:39 PM, Arthur Keller wrote:

> At 12:27 AM -0700 5/14/04, Karl Auerbach wrote:
>> Personally I find the thumb drive more attractive than the writable
>> multi-session CD-ROM except for the implicit validation that comes
>> with
>> having everything from boot-code to final data on the same medium.
>
> I like idea of using the thumb drive *and* writing it all to the CD-R
> at the end of the day. CD-R's are easier to load, and then the votes
> and the program and parameters are all on one semi-permanent record.

The thing that bugs me about thumb drives, compact flash cards and
even PCMCIA cards is that they're so small. Small is not good when
you're concerned about chain of custody issues, either in
delivery to the voting machine before the election or in delivery
from the voting machine afterwards.

What you want is storage media big enough that "joint custody of
two election judges representing opposing parties" can be meaningful.
A ballot box that's 8 cubic feet and weighs 20 pounds satisfies this
easily. Put a handle on each side, and have one judge lift it by
each handle.

A thumb drive, PCMCIA card, or even a CD just doesn't do this very
well.

So, first, we protect its contents cryptographically, with signatures
and whatnot to make it hard to pull off a substitution, but still,
physical chain of custody is convenient.

What's tempting to do is what gas stations do with their restroom
keys. Attach the thumb drive to a 2-foot long chunk of two-by-four
lumber, or to a 1 foot diameter welded steel keyring, or something
like that.

                        Doug Jones
                        jones@cs.uiowa.edu
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Mon May 31 23:17:50 2004

This archive was generated by hypermail 2.1.8 : Mon May 31 2004 - 23:18:16 CDT