- By Grant Gross -
The team working on GNU.FREE, a project to give nations a Free Software option of conducting elections using the Internet, has released an improved version of the software, version 1.6.
Just as several countries are expressing interest in using GNU.FREE, according to the project leader, the new version of GNU.FREE boasts several new features, including "out-of-the-box" support for PostgeSQL and MySQL, the ability for users to create test ballots, and an updated testing suite. Main download sites are at http://www.free-project.org/download/ and ftp://ftp.gnu.org/gnu/free/.
"The system is beginning to mature," says Jason Kitcat, project leader and an Internet consultant in the United Kingdom. "So instead of adding features to make sure the system actually works we're looking at how to make the administrator's job easier, improving usability and so on."
The first release of GNU.FREE was in March 2000, and since then organizations or government officials from several countries, including Canada, Mexico, Sweden, and the Philippines, have shown interest in the project, Kitcat says. In the United States, a couple of groups, including OpenElection.org, are advocating the use of the GNU.FREE software.
GNU.FREE is, in the words of Kitcat, "a Java-based voting system which is secure, private and very scalable." How it works: A voter logs in and is authorized by the Electoral Roll server. After the voter casts the ballot, the vote is
sent to the Regional Server. "The vote is sent without any identifying information, just a single use encrypted key from the Electoral Roll server to prove to the Regional server that you are a valid voter," Kitcat says. "It's highly scalable because you could have infinite pairs of Regional and ER servers, and then at the end of the vote the results get pushed up to a Totaller server or servers."
Kitcat's project is separate from the eVote project that's been hosted by FreeDevelopers.net, although Kitcat has communicated with that project's leaders through the FD-Democracy email list. Traffic on the FreeDevelopers.net list has been quiet this spring after a dispute over when to release the eVote code under the GPL. (Update: FreeDevelopers.net is now supporting the GNU.FREE project instead of the eVote project, and people from the mailing list have worked on GNU.FREE.)
Organizations such as the Voting Integrity Project question whether Internet voting will be safe enough to trust national elections with. The group also suggests that Internet voting will give an unfair advantage to voters who have computers.
But Kitcat argues that a multiple security feature approach can provide a secure environment for elections, and the open code means more people can find and fix errors.
"You have to realise that in any organisation or process complete security is an unattainable state of perfection," he writes in an email. "Safes are rated for how long they will last with certain tools (e.g. 20 minutes for an attacker with an acetylene torch) and that kind of culture needs to appear in the computing world, where currently people say a computer is secure or it isn't -- a ridiculously binary and simplistic way of
He adds: "As far as crackers go, we have a whole raft of audit trails, intrusion detection systems and tamper checks. During an election we have 24/7 monitoring so that not only can we track attempts, but we can catch and prosecute the perpetrators. This is the same as for current elections, it's illegal to defraud a ballot and there are processes in place for catching the offenders."
The GNU.FREE team of about 15 developers is next working on improving the GUI, dealing with multiple voting systems, and creating a program to manage the polling
officials' tasks, Kitcat says. "That last point is particularly important; we need
to build a program so that we can manage the process of voting in a mixed media ballot," he says. "It's likely that many votes will have polling station, postal and Internet aspects so we need to empower the administrators to manage how [people] can vote, how and when. I see this as key to improving the adoption of our software."