Re: Representative Holt's OWN WORDS [Re: OVC-discuss Digest, Vol 36, Issue 9]

From: Barbara Simons <simons_at_acm_dot_org>
Date: Wed Oct 31 2007 - 13:27:46 CDT

An "oath of secrecy" is not the description I would use. I urge people
to read the bill. However, I have transcribed the relevant portion
below for those of you who don't have the time to scroll through the

Holt had always called for no secret software. The change in the
legislation was forced by Microsoft. I believe that no federal
legislation could pass that prohibited secret software, at least not
while MS has the power and influence that it currently has.

That said, I believe that the pro-HR811 negotiators did a remarkable
job, given the pressure they were under. The bill requires that all
"election-dedicated voting system technology" be certified and escrowed
with an accredited laboratory. The disclosure restrictions apply only
to the accredited laboratories. The labs are required to disclose
"technology and information regarding the technology" to a "qualified"
person who has signed an NDA OR (not AND) "is required to disclose the
technology to the person under State law."

A "qualified" person is (quoting from the text of the legislation):

1. a government entity with responsibility for the administration of
voting an election-related matters for purposes of reviewing, analyzing,
or reporting on the technology;
2. A party to pre- or post-election litigation challenging the results
of an election or the administration or use of the technology used in an
election, including but not limited to election contests or challenges
to the certification of the technology, or an expert for a party to such
litigation, for purposes of reviewing or analyzing the technology to
support or oppose the litigation, and all parties to the litigation
shall have access to the technology for such purposes;
3. A person not described in the above clauses who reviews, analyzes,
or reports on the technology solely for an academic, scientific,
technological, or other investigation or inquiry concerning the accuracy
or integrity of the technology.

Perhaps even more important, there are crucial limitations on what the
NDA can require. In particular, the NDA MUST allow:
1. "disclosure of evidence of crime, including in response to a
subpoena or warrant;"
2. "the signatory to perform analyses on the technology (including by
executing the technology), disclose reports and analyses that describe
operational issues pertaining to the technology (including
vulnerabilities to tampering, errors, risks associated with use,
failures as a result of use, and other problems), and describe or
explain why or how a voting system failed or otherwise did not perform
as intended."

Had the Holt bill been law during the Sarasota court case, it seems to
me that Florida would have been required to provide Jennings' expert
witness with the code. That is a huge improvement over the status quo,
even if it's not as much as many of us would like.


Fred McLain wrote:
> Aha, now I see why there is such strong opposition to HR-811 as
> currently worded. By forcing those that would inspect the code to
> somehow prove that they are qualified to do so and forcing an "oath of
> secrecy" upon them the vast majority of those that would inspect the
> code, the OSS community, to exclude themselves from the inspection
> process. That is completely unacceptable.
> I write complex software for a living and have lead open voting
> software development projects. I my experience there is no need for
> closed source, secrecy or anything of the sort.
> I would also assert based on my 25+ years of active software
> development and my 4 years in voting software development that there
> is *no need for an operating system* in voting equipment. In fact, it
> would be best to write this without an OS since the inspection becomes
> far simpler and more reliable.
> -Fred-
> On Oct 30, 2007, at 2:49 PM, Hamilton Richards wrote:
>> A few thoughts after watching the YouTube video of Rush Holt, which
>> is actually at <>.
>> Code inspection is a sideshow
>> -------------------------
>> Rush Holt is quite right--the integrity of elections can be assured
>> not by inspecting source code but by auditing paper records. Auditing
>> amounts to an end run around any possible shenanigans in the software.
>> If the video's unsourced claim that "up to 10% of the
>> electronically-generated paper records allowed by HR811 are damaged,
>> unreadable, and unusable for audits" is based on anything, it's based
>> on early implementations produced by manufacturers who have an
>> interest in seeing them rejected. Electronically generated
>> voter-verified paper ballots can be far more reliable than
>> hand-marked ones, and far less vulnerable to ballot-box stuffing and
>> spurious rejection by crooked election officials.
>> Concerning code inspection, it's universally accepted in computing
>> science that code cannot be validated by inspection. You can inspect
>> a piece of software all you like, and when you finally quit, you
>> cannot know whether there's a flaw--innocent or deliberate--that you
>> missed. Therefore the arguments about "full disclosure" of election
>> software are at best a sideshow. Requiring inspectors of proprietary
>> software to sign NDAs is no more than one would expect from
>> commercial software vendors, who habitually commit the accounting
>> error of booking lines of code under Investment, rather than Expense.
>> The video's contention that "The committee changed the bill when they
>> heard from Microsoft ... so ordinary American citizens can never know
>> how their votes are being counted" is disingenuous. Microsoft could
>> publish its entire inventory of software on the web, and "ordinary
>> Americans" would still never know how their votes were being counted.
>> Open source is a good thing
>> -----------------------
>> Discounting the importance of software disclosure is not to say that
>> open-source software for elections wouldn't be a great step forward,
>> but the reason is not that it would guarantee election integrity.
>> One reason in favor of open source is that truly open software would
>> be of higher quality initially than proprietary software (there's
>> nothing quite like knowing that your work will be viewed critically
>> by hundreds of your peers), and it could be expected to continue to
>> improve in response to scrutiny and contributions from the
>> open-software community.
>> Another reason is that election officials choosing open-source
>> software would be free from enslavement to a particular vendor. A
>> vendor that charged too much or failed to perform could be replaced
>> by another vendor, since all would have access to the same software.
>> Some proponents of open source, always looking for more arguments in
>> its favor, claim that open source is less insecure than undisclosed
>> source. That claim may have some merit, but it's of no practical use
>> ("less insecure" is like "less pregnant")--unless the software is
>> known to be completely secure, other security measures such as
>> voter-verified paper ballots are still essential.
>> The mythical golden age
>> --------------------
>> The video makes the claim that "we already have 'verifiable'
>> elections. They're called hand counted, paper ballot elections. We
>> don't need a federal bill...". The colorful history of election fraud
>> in the days before computers is so widely known that this can only be
>> another disingenuous claim. Its author's antipathy to the use of
>> computers in elections is evident, but since it is unsupported by any
>> logical arguments, it's far from persuasive.
>> Profits are evil?
>> ------------
>> The video ends by asserting that no one should make a profit from
>> elections. Does that mean that election officials should not be paid?
>> That the suppliers of printed paper ballots should provide them at
>> cost? How about the printers' suppliers of paper and ink? This smells
>> like a religious argument more than a logical one, and the thing
>> about religion is that you either get it or you don't. Brandishing
>> religious arguments at nonbelievers is famously counterproductive.
>> The bottom line
>> -------------
>> Your mileage may differ, but for me HR811, imperfect as it is,
>> represents a worthwhile step forward, and I'm grateful to Rep. Holt
>> for introducing it and for putting up with all the flak.
>> Cheers,
>> --Ham
>> At 12:00 PM -0700 2007/10/30,
>> wrote:
>>> [...]
>>> ----------------------------------------------------------------------
>>> Message: 1
>>> Date: Tue, 30 Oct 2007 10:34:35 -0400
>>> From: "Nancy Tobi" <>
>>> Subject: Re: [OVC-discuss] [FWD: RE: [vote-technology] Booted out of
>>> the Hotel at the 2007 Post-Election Auditing Summit]
>>> To: "Open Voting Consortium discussion list"
>>> <>
>>> [...]
>>> But most interesting to you may be Representative Holt's OWN WORDS
>>> on the
>>> subject. You can see those here:
>>> Best,
>>> Nancy Tobi
>> --
>> ------------------------------------------------------------------
>> Hamilton Richards, PhD Department of Computer Sciences
>> Senior Lecturer (retired) The University of Texas at Austin
>> ------------------------------------------------------------------
>> _______________________________________________
>> OVC-discuss mailing list
>> By sending email to the OVC-discuss list, you thereby agree to
>> release the content of your posts to the Public Domain--with the
>> exception of copyrighted material quoted according to fair use,
>> including publicly archiving at
> Instant Messaging (IM) Addresses:
> Jabber:
> Yahoo: appworx_fred, schemalogic_fred
> MSN:,
> AIM: mclain98021
> ICQ: 6947005
> GTalk (Jabber):
> Skype: fmclain
> _______________________________________________
> OVC-discuss mailing list
> By sending email to the OVC-discuss list, you thereby agree to release the content of your posts to the Public Domain--with the exception of copyrighted material quoted according to fair use, including publicly archiving at
OVC-discuss mailing list
By sending email to the OVC-discuss list, you thereby agree to release the content of your posts to the Public Domain--with the exception of copyrighted material quoted according to fair use, including publicly archiving at
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Wed Oct 31 23:17:04 2007

This archive was generated by hypermail 2.1.8 : Wed Oct 31 2007 - 23:17:04 CDT