Re: readable source code [Re: OVC-discuss Digest, Vol 37, Issue 10]

From: Nancy Tobi <nancy_dot_tobi_at_gmail_dot_com>
Date: Mon Nov 05 2007 - 07:13:59 CST

"I realize some people find these comments "unhelpful" to the cause -
sorry, folks. I think it's better to advocate for policies that are
highly defensible, like public funding for certification of open source
systems, rather than mandates to reveal source to systems."

Why would anyone find it unhelpful to advocate for rigorous hand count
checks and balances on an open source system? Anyone advocating for the use
of technology in our elections ought to be including this piece of the
process as a MUST DO.

We can't have a voting system with no checks and balances - most
particularly those that are observable and accessible to citizen oversight.
Period.

I think this is the only sane road for an open source advocacy to be on.

Nancy T

On 11/4/07, Brian Behlendorf <brian@behlendorf.com> wrote:
>
> On Sun, 4 Nov 2007, Hamilton Richards wrote:
> > No doubt you can, Fred, but the issue was whether it could be read by
> > a significant fraction of the voting public. And the real issue is
> > not how many people can read it, but how many could reason about it,
> > well enough to construct a sound argument that it's correct.
>
> In a properly run open source project, it's not only the code that is
> publicly revealed - the methods of development are also public, as well as
> all other artifacts such as requirements, test cases, architecture
> documents, anything else essential to development. Furthermore, questions
> by new users, asked publicly and answered publicly, form a knowlege base
> that help grow the ecosystem and ensure the project can survive no matter
> which developers move onto other endeavors, and no matter which companies
> drop their involvement. I personally place much more trust in code around
> which a healthy community exists, than even supposedly superior code built
> in isolation.
>
> Given this, whether the public can read or make judgements on the code by
> itself matters far, far less than whether the public (or people they
> trust) can see that the project involves a broad number of participants,
> representing multiple interests, engaged at multiple levels, comprehending
> the code and stewarding it onwards to new features and greater
> reliability.
>
> Mere publishing of source code, however, does not create this kind of
> community. It can even lead to confusion, as we've seen in this thread.
> Faced with a mandate to reveal their source code, any existing voting
> system vendor could simply release the end result of their development
> efforts, and the public would not, IMHO, be that much better off in terms
> of transparency, auditability, or giving precincts the freedom of choice
> that open source software is supposed to bring.
>
> > So I ask all of my fellow proponents of open-source election
> > software: What would you do with it if you had it? Would you be able
> > to construct such a convincing argument for its correctness that
> > ballot printers could be dispensed with?
>
> Heck no! The software should never be trusted to do the job correctly
> without failsafes and auditing. There's no way any citizen can ensure
> that the software running on the system is the software whose code they
> know to be trustable, let alone the potential for missed bugs or hardware
> issues. That shouldn't even be the goal of open source voting systems;
> instead, it's about creating a flatter and more competitive environment
> for the vendors, mitigating one source of distrust in the system, and
> giving precincts more options to run the systems themselves.
>
> Trust should come from designing a voting and counting process that uses
> software to make it faster and easier to (optionally) mark and count paper
> ballots, with mandated hand-checking of results and retaining all paper to
> count in the event of a dispute later. Trust should not come from
> thinking the computer stored and tallied the results correctly, with no
> means to validate that result.
>
> This is also why public disclosure of source code to voting systems is
> *not* comparable to public disclosure of legal code. Legal code does not
> implement a system, it is the definition of the system, for which the
> concept of independent auditing doesn't apply.
>
> > Because some readers of this list may misinterpret what I've just
> > written as an attack on open source, let me reiterate that I am
> > entirely in favor of making election software open-source. What I
> > don't accept is the purported connection between open source and
> > security, correctness, and validity.
>
> We agree, and I doubt people would think I am likely to attack open
> source, either. :)
>
> I realize some people find these comments "unhelpful" to the cause -
> sorry, folks. I think it's better to advocate for policies that are
> highly defensible, like public funding for certification of open source
> systems, rather than mandates to reveal source to systems.
>
> Brian
>
> _______________________________________________
> OVC-discuss mailing list
> OVC-discuss@listman.sonic.net
> http://lists.sonic.net/mailman/listinfo/ovc-discuss
> By sending email to the OVC-discuss list, you thereby agree to release
> the content of your posts to the Public Domain--with the exception of
> copyrighted material quoted according to fair use, including publicly
> archiving at http://gnosis.python-hosting.com/voting-project/
>

_______________________________________________
OVC-discuss mailing list
OVC-discuss@listman.sonic.net
http://lists.sonic.net/mailman/listinfo/ovc-discuss
By sending email to the OVC-discuss list, you thereby agree to release the content of your posts to the Public Domain--with the exception of copyrighted material quoted according to fair use, including publicly archiving at http://gnosis.python-hosting.com/voting-project/
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Fri Nov 30 23:17:10 2007

This archive was generated by hypermail 2.1.8 : Fri Nov 30 2007 - 23:17:31 CST