[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: updates to the position statement

To: cmalley@xxxxxxxxxxxxx
Subject: Re: updates to the position statement
From: Evan Daniel Ravitz <evan@xxxxxxxx>
Date: Thu, 20 Nov 2003 09:29:26 -0700 (MST)
Cc: bcv@xxxxxxxxxxx
Delivered-to: mailing list bcv@booyaka.com
In-reply-to: <3F615C4A0002B8D8@mta8.wss.scd.yahoo.com>
Mailing-list: contact bcv-help@booyaka.com; run by ezmlm
References: <3F615C4A0002B8D8@mta8.wss.scd.yahoo.com>

Chris points out important weaknesses in our position. Windows is a
buggy, crash-prone, virus-susceptible operating system which is
proprietary -a business secret. It and other proprietary operating
systems have no business determining who runs our country, etc.

Linux -a public operating system- would be far better, but this still
leaves the firmware in Intel and other chips a secret.

I could live with a system like that in Australia. See the Wired
magazine article at:

http://www.wired.com/news/ebiz/0,1272,61045,00.html?tw=wn_tophead_1

One important point is that their software is viewable by EVERYONE:

"Although a private Australian company designed the system, it was
based on specifications set by independent election officials, who
posted the code on the Internet for all to see and evaluate. What's
more, it was accomplished from concept to product in six months. It
went through a trial run in a state election in 2001."

This also means that lots of programmers co-operate in finding and
fixing "bugs" which are found in most software.

Evan

----------------------------------------------
Evan Ravitz     303 440 6838     evan@xxxxxxxx
Vote for the National Initiative! www.vote.org
Photo Adventures:          www.vote.org/photos

Kucinich: the ONLY candidate to vote against the
"Patriot" Act and the Iraq war:  www.kucinich.us
------------------------------------------------

On Thu, 20 Nov 2003 cmalley@xxxxxxxxxxxxx wrote:

> A few comments regarding Paul's proposed rewording of #3, since
> I was the person who griped about "proprietary"...
>
> I think you mean "Insist on public disclosure of all source
> code FOR SOFTWARE used in voting machines or vote counting machines."
> The machines themselves will contain binaries, not the actual source.
>
> The statement is a little too "all encompassing".  Voting
> machines use software in their operating systems (eg, Windows)
> and firmware.  You will never get Microsoft to
> disclose source for Windows, nor will Intel give you source for
> their firmware. The scope needs to be limited to software related
> to the voting application, as provided by the vendor.  (And,
> yes,I am paranoid about Diebold working with Microsoft
> to install some hack in Windows, but I don't think we can
> deal with that.)
>
> The statement doesn't address who the software is disclosed to.
> I don't think vendors will be willing to disclose to an open-ended
> audience like "the general public".  Such a disclosure would likely
> make their trade secrets visible to competitors, and I don't think
> lawyers will go for this.  Perhaps the software should be disclosed
> to a group of reviewers to be selected by the County or some other
> neutral party. I'm comfortable with ignoring this in the position
> statement, let the lawyers work out the specifics.
>
> Finally, I'm skeptical about this whole "disclosure" issue.
> I think it's worth having in the statement to weed out vendors
> who are unwilling to cooperate with public review. But...
> Reviewing the source code for a complex system is a daunting
> task, and there is no way to be certain that what you are
> reviewing matches what is on the machines.  The reviewers would
> need to compile the sources themselves, and then use checksums
> or other means to compare binaries.  Sounds like a huge mess
> to me, and I think it would be better to put our energy behind
> either (a) sticking with manual counts, or (b) changing the laws
> to allow electronic voting with paper ballot recounts.
>
> So... how about something simple like this? :
>
>  - require disclosure of software that is specific to the
>    voting application
>
> -Chris
>
>
> Paul Walmsley <paul@xxxxxxxxxxx>
> >
> > I've made the changes to the position statement that we agreed to during
>  the last meeting.  They are:
> > 1. changing 'trail' to 'ballot' in the third paragraph
> > 2. adding a mention of HR 2239 into the last bullet point
> > 3. removed "proprietary" from the second bullet point, pending a rewrite
> > of the point.
>
> > ...
> >
> > Speaking of #3, at the last meeting, we put off consideration of
> > replacement language until this evening's meeting.  Several worthy
> > alternatives were discussed last week.  The one that I recall went like,
> >
> > "Insist on public disclosure of all source code used in voting machines
> or
> > vote counting machines."  If people perceive problems with this
> > formulation, or one similar to it, it might be nice to get some of the
>
> > preliminary discussion started on the mailing list before tonight's
> > meeting.  Thoughts?
>
>
>
>

References:
- Re: updates to the position statement
  - From: cmalley

Prev by Date: Re: updates to the position statement
Next by Date: CFVI Backgrounder Sheet
Previous by thread: Re: updates to the position statement
Next by thread: Re: updates to the position statement
Index(es):
- Date
- Thread