Re: Shamos Rebuttal, Draft 2

From: Ron Crane <voting_at_lastland_dot_net>
Date: Wed May 04 2005 - 10:44:04 CDT

On May 4, 2005, at 8:27 AM, Arthur Keller wrote:

> More comments:
> 1. I think that Ron's paper should applaud the concept that open
> source is useful.

I do, via criticism of Shamos's "partial open source" approach. See
s.4.4. But I could emphasize the point more.

> "On the other hand, there is no reason that the ballot setup, display,
> tabulation and reporting sections of voting system code should be kept
> secret, and manufacturers would be wise to accede to public demand in
> this regard." (Section 3.2)
> However, I think we should urge the amount of secret software to be as
> small as possible.

It should be ZERO. "As small as possible" does little to avoid the
presence of malware, as s.4.4 indicates.

> And also point out that Linux has not suffered from being completely
> open. Cite:

Good point.

> Point out hiding a key in voting systems is a bad idea. Right now,
> only the vendor knows where the hidden key is. With open source,
> everyone can be aware that there is a hidden key. That awareness will
> lead to vendors avoiding leaving hidden keys.
> 2. I think we should acknowledge that parallel real-time testing
> during elections *is* a good idea.

I do. See s.4.3. "While this test is valuable, it can fail of its
purpose in a number of ways."

> However, it does not eliminate problems with the tabulation systems,
> such as Diebold's GEMS. (Section 3.5)
> It also doesn't eliminate the potential that field operatives enable
> the malware through a particular obscure sequence of voting steps or
> through hidden buttons. Cite: Clint Curtis
> and

I might add that in a footnote, but don't want to clutter the main
argument -- which concerns how wholesale fraud, without any local
action, can occur.

> 3. We'd like to see the suggestion for Objection 2 happen.
> But most important, the only of his suggestions that have been put
> into place is parallel testing. All other techniques suggested have
> not been put into effect. (Is that true?)

I don't know. Does anyone?

> 4. Another point to make is that the software is unlikely to remain
> static for years. It will likely be updated at least once each
> Presidential election. This is a point to make re 3.5, footnote 35.

I'll look at that. I consider "updates" in s.4.1, but I don't make that
precise point.


OVC discuss mailing lists
Send requests to subscribe or unsubscribe to
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Tue May 31 23:17:17 2005

This archive was generated by hypermail 2.1.8 : Tue May 31 2005 - 23:17:52 CDT