[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: updates to the position statement

To: cmalley@xxxxxxxxxxxxx
Subject: Re: updates to the position statement
From: Paul Walmsley <paul@xxxxxxxxxxx>
Date: Thu, 20 Nov 2003 13:44:16 -0700 (MST)
Cc: bcv@xxxxxxxxxxx
Delivered-to: mailing list bcv@booyaka.com
In-reply-to: <3F615C4A0002B8D8@mta8.wss.scd.yahoo.com>
Mailing-list: contact bcv-help@booyaka.com; run by ezmlm

On Thu, 20 Nov 2003 cmalley@xxxxxxxxxxxxx wrote:

> Finally, I'm skeptical about this whole "disclosure" issue.

I agree that it is much less important than the general issue of
voter-verifiable paper ballots.  With voter-verifiable paper ballots, 
no special technical skills are required to evaluate that the machine 
is voting the way that the citizen wants it to: the voter can just review 
the paper ballot to confirm that the machine marked the choices the way 
he or she wished.

However, I still believe that it is important to have public disclosure of
voting machine source code to any interested citizen.  I think that it 
will ultimately force higher-quality software in the voting systems, as 
well as provide an opportunity for others to find bugs before they cause 
problems on election night.

> So... how about something simple like this? :
> 
>  - require disclosure of software that is specific to the
>    voting application

As your statement stands, it is no different than the status quo.  As part 
of the certification process, the vendors are required to deposit a copy 
of their software in escrow with the certification lab.

The statement should explicitly specify who the disclosure would be to --
i.e., any member of the public.  The language in HR 2239 covers this issue
well, and looks something like this:  "Any voting system containing or
using software shall disclose the source code of that software to the
Commission, and the Commission shall make that source code available for
inspection upon request to any citizen." 

The statement should also explicitly specify "source code."  There are few
people who are qualified to review source code for bugs, but there are
even fewer who can review object code for bugs.  So I think it's important
that we explicitly specify "source code", or even, "source and object
code."

- Paul

> -Chris
> 
> 
> Paul Walmsley <paul@xxxxxxxxxxx>
> >
> > I've made the changes to the position statement that we agreed to during
>  the last meeting.  They are:
> > 1. changing 'trail' to 'ballot' in the third paragraph
> > 2. adding a mention of HR 2239 into the last bullet point
> > 3. removed "proprietary" from the second bullet point, pending a rewrite
> > of the point.
> 
> > ...
> >
> > Speaking of #3, at the last meeting, we put off consideration of
> > replacement language until this evening's meeting.  Several worthy
> > alternatives were discussed last week.  The one that I recall went like,
> >
> > "Insist on public disclosure of all source code used in voting machines
> or
> > vote counting machines."  If people perceive problems with this
> > formulation, or one similar to it, it might be nice to get some of the
> 
> > preliminary discussion started on the mailing list before tonight's
> > meeting.  Thoughts?
> 
> 
> 

- Paul

References:
- Re: updates to the position statement
  - From: cmalley

Prev by Date: RE: C.V.V. Statement
Next by Date: HR 2239 status
Previous by thread: Re: updates to the position statement
Next by thread: agenda item: "We demand" vs. "we (insist, submit, etc.)"
Index(es):
- Date
- Thread