July 13, 2005

E-voting: paper trail versus transparency

Author: Jay Lyman

In the heat of major political campaigns and elections, we hear a lot about electronic voting and the fight over their accuracy and trustworthiness. However, it is now -- between elections -- that the real work gets done. While experts have placed transparency through open source systems and software high on the list of requirements for trustworthy elections, the debate over a verifiable voter paper receipt has recently overshadowed all other issues. Experts indicated while both printed paper backups and open code are key components to reliable and trustworthy electronic voting, openness may be suffering from lack of attention and support.

When asked about the state of e-voting and significance of openness, two leading experts -- VerifiedVoting's David Dill, who testified last month before the U.S. Senate Rules Committee, and Avi Rubin, Johns Hopkins University computer science professor and critic of current e-voting solutions -- offered their thoughts via e-mail.

NF: What's the status of the idea of making e-voting technologies transparent, meaning open source software and systems?

David Dill: Open source means different things to different people. I favor full public disclose of voting machine software (and the rest of the designs, including the hardware). It might be appropriate to let companies clean up their programs before releasing them, to avoid exposing security holes, though. "Disclosed source" is not the same as an "open source development model" such as that used in Linux. Open source development might be a good thing for voting machines, too, but I'll wait and see whether someone can do it successfully. No one has yet required that voting machine designs be publicly disclosed. The Holt bill in the U.S. House would require it if it were to pass in its current form.

Avi Rubin: Morbid. I don't see anybody making an effort to do that. In general, vendors prefer to hide behind a "proprietary" argument, and I don't see legislators forcing them to release the source code. By the way, that could be a disaster. Software that is written under the assumption of secrecy (regardless of how ludicrous that assumption is) and is then disclosed could introduce problems. Software should be designed to be publicly available from the start of a project.

NF: Where does publicly available code rank on the list of things required for reliable, trustworthy e-voting?

David Dill: Maybe second place, after: 1.) Voter verified paper ballots and 1.) Liberalized recount laws (or better, random audits) to check that the paper ballots match any electronic counts. (The second "1" is not a typo. I regard both of these as absolutely essential). My reason for putting disclosure as a lower priority is that it doesn't solve the problem. There can still be dishonest voting machines with disclosed designs. For example, the machines could be running different software from that which was disclosed. So we need effective auditing whether we have disclosed source or not.

Avi Rubin: I would say it's a necessary but not sufficient component of reliable, trustworthy e-voting.

NF: Is it being overshadowed by other issues, such as VVPR?

Avi Rubin: No, I think that both are important.

NF: Where does the U.S. government stand on open source in these systems and software?

David Dill: It is not currently required, but could be if certain bills passed.

Avi Rubin: They haven't taken a stand, with a few notable exceptions, such as [U.S. Congressional] Representative Rush Holt [D-NJ].

NF: Are the large, proprietary vendors fighting the idea of open source, attacking it, or otherwise resisting it?

David Dill: Absolutely. Some have volunteered to let people review it under non-disclosure agreements. VoteHere has supposedly released their code for public review (under restrictive conditions), but I'm not sure it is the software that will actually run in any products.

Avi Rubin: Yes, they are mostly ignoring the calls for open source.

NF: How much work gets done on e-voting when we are in between major elections?

David Dill: Things have calmed down after Nov. 2004, but there is a lot going on, especially at the state level. At least one state seems to pass a paper ballot/election auditing bill every week (see the map at verifiedvoting.org). Now is the time to fix the system, when people are less worried about getting through the next election.

Avi Rubin: A lot. I'm spending most of my time on it. I'm finishing up a book on it, "Brave New Ballot," - Random House, April, 2006, and I'm testifying at hearings (next week's EAC in NYC), and pretty much spend a good portion of my time educating people, raising awareness, and trying to design better systems.


  • Open Source
Click Here!