Open Source, Transparency and Electronic Voting
"Everyone who is not paid by a vendor who has looked at existing electronic voting machinery has found significant flaws," said software engineer John Washburn. "Moreover, they've never found the same flaw twice. That tells me that that must be some defect-dense code. Not only do you find something every time someone looks at it, you find something new every time someone looks at it."
Apr 18, 2007 4:00 AM PT
Transparency has become a rallying cry for critics of existing electronic voting systems made by secretive corporations jealously guarding the software code inside their products. One way to assure transparency in voting systems, those critics maintain, is to require the disclosure of any code used in a voting system or use open source software for those systems.
Using open source software for voting can add credibility to the electronic process, according to Joseph Kiniry, a computer science lecturer with University College Dublin in Ireland and a researcher in open source software for voting.
With open source software, he told LinuxInsider, "not only can experts evaluate the software and make sure it does what it says it does, but it also increases the level of trust that normal, non-expert users can have in that software system."
The Electronic Frontier Foundation (EFF) has been frustrated by the clandestine nature of the electronic voting systems it has encountered, according to Staff Attorney Matt Zimmerman.
Speaking before a congressional subcommittee on elections last month, Zimmerman testified, "EFF has served, among other roles, as both election observers and as legal counsel for voters who felt compelled to challenge the use of results of apparently malfunctioning voting equipment.
"In both capacities, we and others have been severely hampered by the lack of transparency inherent in the current closed technological regime.
"For both of these purposes, the use of open or disclosed source voting technology as a component of a more open election process would immediately and demonstrably lead to a more competent electorate," he stated.
What an open source process does is allow a piece of software to be vetted by many trained eyes in a public environment as opposed to a few eyes in obscurity, explained John Washburn, a software quality engineer and member of the Voting Technology Task Force of VoteTrustUSA, an election integrity organization.
"Everyone who is not paid by a vendor who has looked at existing electronic voting machinery has found significant flaws," he told LinuxInsider.
"Moreover," Washburn added, "they've never found the same flaw twice."
"That tells me that that must be some defect-dense code," he continued. "Not only do you find something every time someone looks at it, you find something new every time someone looks at it."
Open Door to Hackers?
Nevertheless, detractors of using open source software in elections argue it will open the process not only to legitimate observers but also to hackers bent on fouling up the process.
"That argument is predicated on the security through obscurity model, which nobody who takes security seriously believes," Washburn asserted.
"Some claim that open source systems are fundamentally less secure, but computer science experts ... can confirm that open source systems are fully capable of handling the important security requirements demanded of our election systems, as evidenced by the wide range of secure, commercially viable systems on the market today," added EFF's Zimmerman.
No Software Foolproof
Even if open source software were to gain traction in the elections arena, it alone shouldn't be relied on to insure the integrity of voting systems, according to Edward W. Felten, a professor of computer science and public affairs at Princeton University.
"Thus far, computer scientists have not found a way to ensure the correctness of useful software programs," Felten told Congress last month. "It is unclear in general whether this is even possible.
"Instead of pretending we are able to ensure correctness of software, we must have a system that records and counts the votes accurately even if the software malfunctions," he stated.
Governments do not have to choose between all-electronic and all-paper voting systems, Felten contended. Computers and paper can be used together so that each can do what it does best, so that each can compensate for the drawbacks of the other.
More Skepticism Needed
When incorporating technology into voting systems, governments need to exercise more skepticism than they've shown in the past, added University College's Kiniry.
"Governments the world over believe that they can trust electronic voting systems today," he maintained. "I believe they are wrong about that.
"I believe we have a number of years of research to do before you will see experts the world over tell governments that this is something wise to do," Kiniry predicted.
"Unfortunately," he continued, "most governments with whom I've worked or that I'm aware of are quite willing to take on new technology solutions before gathering all the important information."