Wired: Kim Zetter: In Industry First, Voting Machine Company to Publish Source Code

From: Arthur Keller <voting_at_kellers_dot_org>
Date: Tue Oct 27 2009 - 20:30:03 CDT


In Industry First, Voting Machine Company to Publish Source Code

     * By Kim Zetter Email Author
     * October 27, 2009 |
     * 4:53 pm |
     * Categories: E-Voting, Elections


Sequoia Voting Systems plans to publicly release the source code for
its new optical scan voting system, the company announced Tuesday - a
remarkable reversal for a voting machine maker long criticized for
resisting public examination of its proprietary systems.

The company's new public source optical-scan voting system, called
Frontier Election System, will be submitted for federal certification
and testing in the first quarter of next year. The code will be
released for public review in November, the company said, on its web
site. Sequoia's proprietary, closed systems are currently used in 16
states and the District of Columbia.

The announcement comes five days after a non-profit foundation
announced the release of its open-source election software for public
review. Sequoia spokeswoman Michelle Shafer says the timing of its
release is unrelated to the foundation's announcement.

Open-source software allows the public to participate in the actual
development of the software. Whereas Sequoia's public source, or
disclosed-source, software only allows the public to see software
that its developers have already created.

In the press release announcing the public-source system, a Sequoia
vice president is quoted saying that "Security through obfuscation
and secrecy is not security."

"Fully disclosed source code is the path to true transparency and
confidence in the voting process for all involved," said Eric Coomer,
vice president of research and product development for Sequoia, in
the press release. "Sequoia is proud to be the leader in providing
the first publicly disclosed source code for a complete end-to-end
election system from a leading supplier of voting systems and

Sequoia in fact has been a champion of security through obscurity
since it's been selling voting systems.

The company has long had a reputation for vigorously fighting any
efforts by academics, voting activists and others to examine the
source code in its proprietary systems, and even threatened to sue
Princeton University computer scientists if they disclosed anything
learned from a court-ordered review of its software.

Princeton University computer scientist Ed Felten, one of the targets
of Sequoia's legal threats, said he was pleasantly surprised to see
the company opening its new system to examination after vehemently
resisting it in the past.

"I think Sequoia is recognizing that it won't do anymore to just urge
people to trust them," Felten said, "and that people want to know
that the code that controls these machines is open and that experts
have had a full chance to look at it."

Given that Sequoia is now acknowledging the value of code disclosure
as something that can lead to better security rather than worse
security, as it has claimed in the past, Felten said "it seems that
it should follow that they would now be willing to release code for
all of their other products as well."

Last year, a judge ordered New Jersey election officials to give
source code for the state's Sequoia AVC Advantage touch-screen
machines to Princeton University computer scientist Andrew Appel and
others for a lawsuit that challenged the integrity of Sequoia's
paperless machines. Voting activists had sued the state to
decommission the units out of security and reliability concerns.
Appel's team found several vulnerabilities with the system, but
wasn't able to discuss them publicly.

Appel, in a separate issue, also found a discrepancy between summary
tapes printed from Sequoia touch-screen machines during New Jersey's
primary election and totals that were recorded on the machine's
memory cards. Summary tapes from machines in one district showed a
phantom vote for then-presidential-candidate Barack Obama that didn't
appear in the memory card totals.

The Sequoia machines deployed to Union County, New Jersey, also
showed that Republican presidential candidates received 61 votes when
only 60 ballots had been cast in the Republican primary. About 60
machines showed such discrepancies. When Union County election
officials announced that they planned to have Princeton academics
examine the machines to determine what went wrong, Sequoia threatened
a lawsuit.

Sequoia initially blamed the problem on election officials for
pushing the wrong buttons, but later claimed it uncovered a problem
in its software that was creating the vote errors and announced that
it had fixed the issue.

Earlier this year, in a separate case, Sequoia agreed, after a
concerted battle, to hand over its source code to election officials
in Washington, DC, to investigate why, during the city's September
2008 primary election, Sequoia's optical-scan machines added about
1,500 "phantom" votes to races on ballots cast in one precinct.

Sequoia blamed the problem on "static discharge" or human error.

After the city demanded to look at the source code to determine the
problem, Sequoia in turn demanded a $20 million bond from officials
guaranteeing they wouldn't disclose information about the system.
Sequoia finally relented to provide the code without a bond, though
only after the city agreed to keep the company's trade secrets

The election integrity group Voters Unite has compiled a partial list
of reported problems (.pdf) with Sequoia voting machines.

Spokeswoman Michelle Shafer said Sequoia's public source system has
been in the works for months, and that the announcement this week was
timed for a National Institute of Standards and Technology workshop
discussing a common data format for voting systems.

She said the firmware on the company's new Frontier optical-scan
machines is written in C# programming language and runs on Linux. The
election management software - which sits on a computer at the
election office and is used to create ballots and tabulate votes -
runs on Microsoft Windows XP and uses a Microsoft SQL database.

Pamela Smith, president of Verified Voting, a group that has long
lobbied for fully auditable voting systems, applauded Sequoia's

"It's good to know the vendors are developing a new transparent
optical-scan system," she said. "That is probably the biggest
recognition of the direction that the voting public wants to see the
market going."

Asked if Sequoia's history of hiding behind its proprietary code
taints the sincerity of its public source effort, Smith said, "It's
never too late. If you're making a step toward a more transparent
system, good for you. That's a good thing."

See also:

     * Nation's First Open Source Election Software Released
     * NY: 50 Percent of Sequoia Voting Machines Flawed
     * Phantom Obama Vote Appears on NJ Voting Machine
     * Sequoia Voting Systems Responsible for 2000 Presidential Debacle?

Experienced advisor to leading edge startups and
accomplished expert witness on patent infringement cases.
Arthur M. Keller, Ph.D., 3881 Corina Way, Palo Alto, CA  94303-4507
tel +1(650)424-0202, fax +1(650)424-0424
OVC-discuss mailing list
By sending email to the OVC-discuss  list, you thereby agree to release the content of your posts to the Public Domain--with the exception of copyrighted material quoted according to fair use, including publicly archiving at  http://gnosis.python-hosting.com/voting-project/
= The content of this message, with the exception of any external 
= quotations under fair use, are released to the Public Domain    
Received on Mon Nov 30 23:17:12 2009

This archive was generated by hypermail 2.1.8 : Mon Nov 30 2009 - 23:17:17 CST