Re: Polling Place conditions, reframing the issue

From: Arthur Keller <arthur_at_kellers_dot_org>
Date: Mon May 17 2004 - 13:20:42 CDT

At 1:08 PM -0500 5/17/04, Douglas W. Jones wrote:
>On May 14, 2004, at 12:39 PM, Arthur Keller wrote:
>>At 12:27 AM -0700 5/14/04, Karl Auerbach wrote:
>>>Personally I find the thumb drive more attractive than the writable
>>>multi-session CD-ROM except for the implicit validation that comes with
>>>having everything from boot-code to final data on the same medium.
>>I like idea of using the thumb drive *and* writing it all to the
>>CD-R at the end of the day. CD-R's are easier to load, and then
>>the votes and the program and parameters are all on one
>>semi-permanent record.
>The thing that bugs me about thumb drives, compact flash cards and
>even PCMCIA cards is that they're so small. Small is not good when
>you're concerned about chain of custody issues, either in
>delivery to the voting machine before the election or in delivery
>from the voting machine afterwards.
>What you want is storage media big enough that "joint custody of
>two election judges representing opposing parties" can be meaningful.
>A ballot box that's 8 cubic feet and weighs 20 pounds satisfies this
>easily. Put a handle on each side, and have one judge lift it by
>each handle.
>A thumb drive, PCMCIA card, or even a CD just doesn't do this very
>So, first, we protect its contents cryptographically, with signatures
>and whatnot to make it hard to pull off a substitution, but still,
>physical chain of custody is convenient.
>What's tempting to do is what gas stations do with their restroom
>keys. Attach the thumb drive to a 2-foot long chunk of two-by-four
>lumber, or to a 1 foot diameter welded steel keyring, or something
>like that.

Or attach it to a piece of steel with the locking mechanism so it
locks into the enclosing hardware for the PC while the poll is open.
It can then be unlocked and removed at the end of the day in plain
sight of anyone who wants to see. Have room on it for a
chain-of-custody sticker where signatures are placed. For even more
fun, make the locking mechanism so that it automatically
(mechanically) covers the USB opening of the thumb drive as part of
the process of removal.

Best regards,

Arthur M. Keller, Ph.D.
tel +1(650)424-0202, fax +1(650)424-0424
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
