Re: OVC - I "really" need your help with "public disclosure" legislative suggestion

From: Richard C. Johnson <dick_at_iwwco_dot_com>
Date: Mon Nov 27 2006 - 14:21:34 CST

The code is best controlled in a thin client model, where the thin client (voting machine) has no storage capability (no HD) and only displays the results from the central server, which is easy to verify and safeguard. The problem, then, is connecting such a thin client with the server. Internet? No way. Denial of service attacks make that out of the question. I like the idea of connecting through a telephone link (DSL) to a phone company's private leased line. Some states, like CA, outlaw network connections outside the polling place altogether.

Then, the only possibility is some local storage media like we have with DREs and other precinct based machines. The best of the lot, in my view, is the CD-R, which can be written only once and cannot be erased. The volatile memories are all too flaky or too easily altered or too expensive.

So...the compromise best solution is to take out the HD and the volatile storage media and both boot off the CD-R and write results to it. Coupled with a voter verified paper ballot, this approach allows for a high degree of security, cross checking between paper and electronic election data, and a relatively low cost.

Official CD-Rs can, as you suggest, be signed and handled in a secure manner. Together with Open Source (and Open Test), I think this is clearly the way to go.

-- Dick

Charlie Strauss <> wrote: Personally I want to see open source. However, A separate issue is
knowing that whatever executable code on the machine, whether it
comes form open or closed source, is unaltered. Thus I'm in favor of
having some reasonably authoritative method of dumping the code out
of the machine. This might be as simple as having an appropriately
lobotomized computer derive all it's instructions from an immutable
self contained medium like a CD rom. Such roms could be removed and
signed by poll judges and delivered with the poll tapes. It then
remains to have some way eliminate the likelihood that some piece of
firmware like a bios or video card software is not corrupt. A
sufficiently "dumb" computer with roms physically too small to
contain substantial code may be sufficient. Or a mechaincal lockout
that depowers or cripples the rom address space entirely after launch
comes to mind. Or other some way for the program running off the cd-
rom to prove it is in charge of the system.

In any case I don't want to get hung up on that aspect. The point is
disclosing code is not the same as knowing what code ran. Depending
upon what sort of problem one is worried about having the as-run-
executable may be as important. And they have different legislative

On Nov 27, 2006, at 1:21 AM, Kathy Dopp wrote:

> OVC members like Alan and Arthur,
> I "really" need your help on the "public disclosure" item because I
> just realized that it may need funding and could be a "can of worms"
> if not done right and I do not know enough about it myself.
> Please help me reword my item #9. I need a short readable version AND
> a slightly longer detailed version:
> Our current short version:
> "Mandate publicly disclosed software for all voting systems."
> Our current long version:
> "Publicly disclose all software including boot-loader, drivers,
> operating systems, voting programs, configuration, etc. as long as the
> rights needed under Copyright law (17 USC 106) by evaluators are
> granted."
> If this is enacted, what is involved in implementing it? Are funds
> needed for it? If so, please add another item to my list, which would
> be its item #14 for funding.
> You folks really need to word this one, not me. I have not given it
> enough thought to fully understand the public disclosure issue at all.
> Thank you. I've only got until Tuesday evening to get this finished
> for this round. I was planning on submitting both Alan and Arthur's
> names and contact info as the experts for this "public disclosure"
> item. Would that be OK with you?
> --
> ----
> Kathy Dopp
> National Election Data Archive
> "Enlighten the people generally, and tyranny and oppressions of body
> and mind will vanish like evil spirits at the dawn of day," wrote
> Thomas Jefferson in 1816
> _______________________________________________
> OVC-discuss mailing list

OVC-discuss mailing list

OVC-discuss mailing list

= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Thu Nov 30 23:17:13 2006

This archive was generated by hypermail 2.1.8 : Thu Nov 30 2006 - 23:17:19 CST