Re: Draft OpEd

From: Alan Dechert <dechert_at_gmail_dot_com>
Date: Tue Oct 24 2006 - 18:48:20 CDT

Draft OpEd
Excellent! Thanks for doing this, Arthur.

Small suggestions.....

The title is a little vague. "Openness in voting" may be confused with an old idea of open voting (non-secret ballot as opposed to a secret ballot). Something like "Open Vote Tabulation Processes Needed." Maybe those aren't the words, but something like that.

Typo 2nd para ... "even through every line of the Apache" should be even though

  ----- Original Message -----
  From: Arthur Keller
  To: Open Voting Consortium discussion list
  Sent: Tuesday, October 24, 2006 3:45 PM
  Subject: [OVC-discuss] Draft OpEd

  This is the draft of an OpEd piece I'm writing for the Palo Alto Weekly. Comments welcome. Please send them by Wednesday afternoon.

  Best regards,

  The Importance of Openness in Voting

  The principle of voting in the United States is that votes are cast in secret but tallied in public. This principle is incompatible with the current practice of using voting systems whose inner workings are trade secrets owned by the voting machine vendors. Those same vendors pay for their systems to be tested, and the results of those tests are also trade secrets - you guessed it - owned by the vendors. Something is wrong with this picture.

  The usual claims for secrecy are that it somehow enhances security. The evidence for security through obscurity is quite limited. For example, the Apache web server compares favorably with Microsoft's web server even through every line of the Apache source code is publicly available. While the source code for Microsoft's web server is not publicly available, it is available to large customers in source code under license, but the source code of voting systems is not even available for inspection by counties that purchase these systems (but may be in escrow by limited third parties) and certainly not for inspection by you or me.

  We're all familiar with how the excuse of military security is often used to cover up embarrassing information that has little security value. Why wouldn't vendors use trade secrets as an excuse to cover up flaws in their systems or merely shoddy workmanship? In fact, the exposed Diebold source code has shown embarrassing details. We do not know what lurks in the programming of the other vendors. Fortunately, ES&S and Sequoia have promised San Francisco and Alameda counties, respectively, that they will cooperate with source code disclosure rules if the State requires it. However, the California legislature and the California Secretary of State have not yet promulgated disclosure rules.

  The Open Voting Consortium ( is creating a registry where vendors can publish voting systems. This registry will include requirements for what must be disclosed, such as software source code, specifications, documentation, and hardware designs. While vendors may retain proprietary rights to the software, vendors must allow testing, experimentation, analyses, and publication by anyone. While anyone will be allowed to inspect the software, of course not everyone has the skills to do so effectively. But individuals or groups will be able to hire the expert of their own choosing and to publish their analyses. Today the experts are chosen by the vendors themselves or by election officials, and those analyses are usually kept secret, and when released, are heavily redacted (censored).
  This secrecy makes voting systems vulnerable to inaccuracy, or worse, fraud. In turn, voters lose confidence that their votes are counted as cast and cast as intended.

  The Help America Vote Act (HAVA) was enacted in 2002 in the aftermath of the 2000 Presidential election, when it became clear that our current voting systems were inconsistent, unreliable and unfair. The mandated updated Federal standards were not even created until late 2005, standards that are voluntary and do not require auditing or adequate testing. No wonder most computer scientists have concerns about existing voting systems and want paper ballots, or at least a voter-verified paper trail, to enable recounts and auditing. Are the newly purchased systems themselves inconsistent, unreliable, and unfair?

  While there may be some risk in publishing software developed in secret that was not designed to be published. Continued secrecy is not the solution. Rather the solution is replacement of the secret software too fragile or embarrassing to publish with a more robust open source voting system. Just as the security of Apache is enhanced by its publication, the publication of an open source voting system will help ensure that the system is secure and reliable.

  It is a myth that anyone can make changes to open source software like Apache. Certainly anyone can download Apache, make changes to it, and run the changed version. But changing the official version of Apache can be done only by a small number of people in a carefully controlled process. Anyone can report a bug or a suggested improvement. But any suggested improvement will go through levels of analysis and scrutiny before it is adopted. And that scrutiny is far higher than voting system vendors, testers, or inspectors can muster.

  In a variety of industries, the government has sponsored research and development work that has produced systems adopted by industry. Military-funded research leads to the creation of products and services that the military can buy. It is time for the government to fund the creating of an open source voting system that vendors can adopt to provide more choices to election officials to buy on behalf of the voters. Those additional choices should not only be at the initial procurement of the voting systems, but also for ongoing maintenance and support, and for auditing and reporting systems. It is reported than years ago an IBM salesman said to a prospective customer, "Be careful not to get locked into open systems." Now IBM is one of the biggest proponents of open systems. It is time for our election officials to become proponents of open systems too.

  (845 words)

  Arthur Keller is a founder and board secretary of the Open Voting Consortium and a precinct inspector in Santa Clara County. He can be reached at

  Arthur M. Keller, Ph.D., 3881 Corina Way, Palo Alto, CA  94303-4507
  tel +1(650)424-0202, fax +1(650)424-0424
  OVC-discuss mailing list

OVC-discuss mailing list

= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Tue Oct 31 23:17:06 2006

This archive was generated by hypermail 2.1.8 : Tue Oct 31 2006 - 23:17:10 CST