[ale] Its over. Maybe
Michael D. Hirsch
mhirsch at nubridges.com
Thu Nov 4 16:25:23 EST 2004
On Thursday 04 November 2004 09:17 am, Geoffrey wrote:
> George Carless wrote:
> > If there *are* situations where FOSS is not the solution, this is
> > absolutely not one of them. What possible legitimate reason is there
> > for keeping the voting system secret and proprietary?
>
> I can easily suggest a solution where we can all vote in confidence.
Boy, we're different. I think I disagree with most of these points.
> First, voting devices should not be monopolized, in the case of the
> Diebold systems, they are.
Ordinarily, I agree. In this case, however, I don't think I do. We are
talking about defense from attack. With multiple suppliers there are more
opportunity for attack. Of course, that would mean any single attack would
be less pernicious, but I'm not sure where I'd want to fall on that one.
> Second, the systems should be reviewed by non-partisan technically
> capable people.
Obviously correct.
> Third, voting devices such as these should be randomly seized and a
> complete verification of the system be completed, again by a
> non-partisan group. That's to say, they could walk into a polling
> place, anywhere in this country, select a machine and after protecting
> the existing votes on that device, proceed to validate and verify that
> it is functioning correctly.
That's crazy. Even just considering the technical aspects, how does one
"validate and verify". If we knew how to do that we wouldn't have security
problems any more. I believe there is a meta-theorem which says you cannot
validate a sufficiently complex system--and these are more than sufficently
complex.
The whole point of a paper trail is that it protects against unknown attacks.
Even if the bad guys come up with a diabolically clever attack which avoids
detection by looking at the system, the electronic and paper ballots will not
agree. The attackers would have to subvert the hard copies, too, which we
have a lot of experience preventing. Furthermore, electronic fraud is done
wholesale and paper fraud is retail--it would be extremely difficult to get
them to agree.
Michael
More information about the Ale
mailing list