| ??? 11/07/06 18:52 Read: times |
#127502 - automated voting |
Having gone through the process on the latest, greatest voting machines we've had, I have to say there's room for improvement, particularly in the tamper-resistance/security/verification areas.
From the discussions I've heard and seen, on radio and TV, I have to say that it seems to me that the biggest problem is the lack of sophistication of the people writing the contracts. The code for these systems is all proprietary. That's the first problem, because it allows the vendors, e.g. Pitney Bowes, not that they deserve any more scrutiny than their competitors, to hide behind "trade secrets" to prevent thorough testing of their product. The result is frequent breakdowns and lots of stuff we never learn of because it's secret. I'm thinking it would be easy enough to build a totally tamper-proof, and that's the most important aspect of voting-machine-security, system by using three totally off-the-shelf PC's. That would be cheap, easy, and verifiable because it could be coded in the open. Each step of the process would be open-sourced, so their downstream elements could be designed to and verified against simple, straightforward specifications. If you used one PC to present the ballots and collect the votes against them, and generate a scannable paper record that the voter could see, that would be fine. The system would have only one additional task and that would be to print a readable summary of the voting on that scannable paper record. Since the code is open-sourced, anyone could verify that it has no features to prevent it from misrepresenting the printed vote in the barcoded (or whatever) representation of the vote. The first machine would not have to be networked. The second step would be the scanning and recording of the printed paper record. This would record the paper ballot's data and add it to a running tally of votes. That machine would also be off the net. The third PC would do whatever the second does, with the exception that it not only records the votes, but sends them via internet, to the central data collection center. At the end of the polling day, the totals from the second and third machines are compared. The totals recorded on the third-stage machine are compared with the record of that precinct's voter tallies that's stored at the central collection point. Any discepancies are readily detected and rectified. The hard disks from the second and third machines can be removed from the PC's, appropriately labelled and dispatched for safekeeping for whatever the requisite period is. At the end of the day, the PC's can be dispatched to wherever they came from, with their previous hard disks reinstalled, so they can do useful work instead of taking up space in some warehouse. Competition would keep 'em honest, since everybody can see everybody else's code, and it runs on a non-proprietary platform. What do you think? RE |
| Topic | Author | Date |
| automated voting | 01/01/70 00:00 | |
| I think you fell off the rocker | 01/01/70 00:00 | |
| Huh? | 01/01/70 00:00 | |
| tamper and audit | 01/01/70 00:00 | |
| Backwards | 01/01/70 00:00 | |
| lack of relevance | 01/01/70 00:00 | |
| Not a problem for the real "bad guys" ... | 01/01/70 00:00 | |
| reversed argtument | 01/01/70 00:00 | |
| electronic voting, a very very very bad idea. | 01/01/70 00:00 | |
| you can read Schneier on security here | 01/01/70 00:00 | |
| Automated voting - a good idea. | 01/01/70 00:00 | |
| a paper trail and lots of sunlight ... | 01/01/70 00:00 | |
| Did you accidentally vote for Pat Buchannan? | 01/01/70 00:00 | |
| If that were the case ... | 01/01/70 00:00 | |
| Cute! | 01/01/70 00:00 | |
| Often thought that | 01/01/70 00:00 | |
| Sadly, there's ample reason to agree ... | 01/01/70 00:00 | |
| I think you are entirely missing the point | 01/01/70 00:00 | |
I don't think that's necessary | 01/01/70 00:00 |