Would Diebold/Premier Actually Open Source Its E-Voting Software?

from the how-far-we've-come dept

Clive Thompson has a fairly thorough NY Times Magazine piece on the problems with e-voting. For those who read our regular coverage on the topic, there may not be much new, but a key point that comes across is just how mainstream this issue has become. Not just the fact that it's being covered by the NY Times Magazine, but throughout the piece you recognize that the concerns that the e-voting companies could brush off just a few years ago as "fringe" are now pretty widely felt by the populace. In fact, it's actually reached the point that a Diebold (er... Premier) representative actually admits that the company is considering open sourcing its next generation of e-voting software to make people feel more comfortable. That wouldn't just be a huge step forward (though not enough to calm all concerns), it would be a complete about face for the company, which has a long history of both stonewalling and ridiculing any critics. Dan Wallach, who works with Ed Felten, points out that the article seems to give a pass to optical scan e-voting systems, even those have also been shown to have serious security problems. However, on the whole, it's good to see that this issue has become a truly mainstream one.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Steve, Jan 7th, 2008 @ 6:16am

    Open Source

    I am amazed that any Board of Elections would not mandate open source. As a technologist for a new voting product, it took almost 3 seconds to conclude that our XP and Vista products must be made available as open source.

    Steve

    Note to editor: We will be a participate at Ohio's Board of Elections Winter event next week in Columbus, Ohio. Attendees will be able to register to vote, sign a pool book and vote using a pen and paper based system. ES&S, “Diebold (er...Premier”, Sequoia and Hart should all be there. This will be fun.

    Below is a web response will use to identify who we are. A pilot project in the last election went well enough that a verbal commitment was given for a PO to expand the scope to include a “Super Center” in the Primary. Now if the Postal carrier could remember our address!!!

    PenVote is our flagship voting product. It is a paper based voting system where voters make their selections with INK on paper. Unlike most optical scan system, we show voters how their marks were interpreted before they cast their vote, even allowing them to see a complete image of their ballot. All this is done with a flexible ballot system (we can do full ballot display, or even ballot books), and a robust and secure tabulation system.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Iron Chef, Jan 7th, 2008 @ 6:40am

    Thoughts...

    This makes a lot of sense. There's always been a good case for the peer review process incorporated in the lifeblood of Open Source. This would be a good move for Diebold/Premier, and could help to drive adoption if the code was made public...

    However, if the goal is to drive adoption for 2008 election, I remain pessemestic-- Don’t know for sure if there's enough time for peer review process, and to get the code ready for production. Point is, November 2008 may be an aggressive timeline. A lot of things will have to be in place and firing on all cylinders for that to work!

     

    reply to this | link to this | view in thread ]

  3.  
    icon
    Steve R. (profile), Jan 7th, 2008 @ 6:40am

    Into the Public Domain

    Whenever a public agency buys a product, such as voting machines and red light cameras, the software to run such systems must be made public. PERIOD.

    If Diebold does not want to divulge this information, Diebold should not bid on government contracts.

    As I have followed the Diebold saga, the story is strait out of the Dilbert comic strip. What is unfortunate about the Diebold saga is that it appears that governments (in their ignorance) are paying premium prices for what is essentially an off-the-shelf commodity product, your standard computer.

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Rich Kulawiec, Jan 7th, 2008 @ 8:35am

    But...your products aren't open-source, Steve

    If they're running on Vista/XP, then they're not open-source, because the operating system environment isn't open-source. The entire stack -- down to and including the firmware -- has to be open-source. (Otherwise [some] attackers will simply bypass the open-source portions and focus their efforts elsewhere. For instance, given a $50M budget -- and see Schneier's analysis for why that's a actually a low number -- I'd spend a chunk of it trying to subvert your code at the OS level. I have little doubt I'd succeed, as fresh evidence of the insecurity of Vista/XP arrives all day, every day.)

    If it was your goal to build an open-source, secure voting system, then why in the world would you pick a closed-source OS which is well-known to be a miserable failure where security is concerned?

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    4-80-sicks, Jan 7th, 2008 @ 9:11am

    Re: But...your products aren't open-source, Steve

    Are you saying that Firefox (for example) is not open source if it's running on Windows? I'm a bit confused...it may be running on an insecure platform, but that doesn't make the software package itself closed source.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Rich Kulawiec, Jan 7th, 2008 @ 11:22am

    Re: But your products aren't open-source

    I'm saying that the entire product, that is, "the voting system" (or "the personal video recorder" or "the wireless router") isn't open-source if it's running on a closed-source operating system.

    Sure, your code may be open-source, but once you integrate that with someone else's closed-source code, the entire system is no longer open for independent peer review.

    Does this clarify?

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Anonymous Coward, Jan 8th, 2008 @ 7:58am

    Well, the concern about the optical scans is a little misleading. Yeah, they can be hacked, but worse case, those little bubble sheets are always there.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This