Re: OVC-discuss Digest, Vol 37, Issue 10

From: Hamilton Richards <hrichrds_at_swbell_dot_net>
Date: Sun Nov 04 2007 - 16:23:16 CST

At 12:00 PM -0800 2007/11/4, wrote:
>Message: 3
>Date: Sat, 3 Nov 2007 12:38:23 -0700
>From: "Alan Dechert" <>
>Subject: Re: [OVC-discuss] Ms. Tobi's overheated rhetoric
>To: "Open Voting Consortium discussion list"
> <>
>Message-ID: <01c001c81e51$19868650$0201a8c0@upstairs>
>[...] I have to continually deal with statements that confuse the
>non-experts ... like when Avi says, "open source is not a panacea... " (one
>of numerous examples where he says this
> ) or when Barbara
>Simons says, " ... open source code can contain bugs, and there is at least
>a small chance that it also could contain malicious code. There is also the
>problem of guaranteeing that the software running on the voting machine is
>identical to the software that is supposed to be running on the machine...."
>( )
>As true as these comments are, they are not helpful. We already know these
>things. The problem is that non-experts take these statements and use them
>to demonstrate that experts are not in favor of open technology.

Avi Rubin and Barbara Simons are both scientists, and the thing about
scientists (at their best) is that they are devoted to the truth--to
the best of their ability, they calls it like they sees it. That,
more than anything else, is what makes science valuable to society.

Now you're complaining that they don't parrot the party line on open
source. They dare to utter such heresies as that open source is not a
panacea, that making source code open doesn't guarantee that it's

>Someone once took an innocent-sounding comment from Doug Jones to prove that
>experts oppose open source for voting. I spent a whole afternoon debunking
>that in a long thread. It helped my case that Doug Jones was a founder of
>OVC -- something the writer didn't know, apparently.

Well, the truth is not always helpful in the short run, especially
when one is trying to make a point that doesn't quite hold water.

In the long run, however, I'm naive enough--and enough of a
scientist--to believe that the truth is far more helpful than a party
line whose gaps become covered with ever-higher mounds of band-aids.

In the open-election-source controversy, the truth (as I see it) is
pretty simple:

1. security by obscurity is an illusion

2. security by open-source is also an illusion (but open source has
other major advantages over proprietary source)

3. security comes from voter-verified paper ballots

This simply disentangles the issue of security from the issue of
whether source code is open.

If we're not basing our hopes for secure elections on the openness of
the source code, then

1. whether the typical voter can read the code and understand it
doesn't matter

2. whether the code has been tested to the standards of
flight-control software doesn't matter

3. whether the compiler used to generate the object code is secure
doesn't matter

4. whether the loader used to install the code in the voting stations
is secure doesn't matter

5. whether <the code that checks whether the code in the voting
stations is the correct code> is secure doesn't matter

This is a wonderful example of separation of concerns paying off big-time!

> > It is conceivable, I suppose, that some people in this
>> community don't know that. ...
>It's more than conceivable. It's a very widespread misconception.... or
>non-conception. Many decision makers simply have no idea what we're talking
>about -- likewise with voting reform advocates (who are not necessarily open
>voting advocates).
>One of the members of the NYS Board of Elections is a 77 year old florist.
>We need her vote to get the examination fee waiver. I could call her and
>tell her that all the experts want the technology to be open, but I don't
>think it would be compelling (and she would likely find a call from me
>The task for me and other advocates of open voting is largely educational.
>The educational materials have quite a few chapters, while security by
>obscurity seems to be the most important. It's a difficult concept for
>people. They think opening the system means no security. For every Rush
>Holt, there are thousands of decision makers like our NYS Board commissioner
>that lack comprehension of the technical issues involved. A lot of experts
>don't have the patience to deal with people like this. But it is absolutely
>necessary, since these are the people running the world.
>BTW, I just found a nice letter that includes a section on "Why Security
>Through Obscurity is Not Appropriate for Voting Systems."
>I'm not so sure our 77 yr old florist would follow it. Given the source,
>she would probably dismiss it.

If your 77-year-old florist doesn't buy the arguments for open source
based on security, good for her.

Might she be more receptive to sounder arguments in its favor?

1. Open source is generally better, because more eyes have
scrutinized it (would she appreciate an analogy between closed source
and certain secret Justice Department memos currently in the news?),
and the scrutiny --with resulting improvements--continues throughout
its lifetime.

2. Open-source election systems should be far cheaper, because
individual vendors could not lock out the competition (what would car
repairs cost if Brand-X cars could be serviced only by Brand-X

Arguments like these are easily understood by non-technical people,
and they have the added advantage of being true*.

With best wishes,


* to the best of my knowledge. If someone knows otherwise, I'm sure
they'll set me straight. ;-)

Hamilton Richards, PhD           Department of Computer Sciences
Senior Lecturer (retired)        The University of Texas at Austin      
OVC-discuss mailing list
By sending email to the OVC-discuss  list, you thereby agree to release the content of your posts to the Public Domain--with the exception of copyrighted material quoted according to fair use, including publicly archiving at
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
Received on Fri Nov 30 23:17:09 2007

This archive was generated by hypermail 2.1.8 : Fri Nov 30 2007 - 23:17:31 CST