Text 24014, 167 rader
Skriven 2006-10-27 06:41:20 av John Hull (1:123/789.0)
Kommentar till en text av Alan Hess
Ärende: more on machines
========================
Gee, this sounds an awful lot like what I was advocating in 2000 and 2004, and
was roundly and summarily torn apart by certain people in this echo because of
it. Imagine that.
Alan Hess -> all wrote:
AH>
http://www.baltimoresun.com/technology/bal-bz.pl.himowitz26oct26,0,5352371.col
AH> umn?coll=bal-home-columnists
AH> From the Baltimore Sun
AH> Diebold's secret code keeps voters in the dark
AH> Mike Himowitz
AH> October 26, 2006
AH> In episode after episode, computer scientists have demonstrated the
AH> weaknesses of Maryland's electronic voting system. And time after time,
AH> officials from the State Board of Elections and Diebold Election Systems
AH> have circled the wagons - ignoring the real issues and branding their
AH> critics as kooks.
AH> We have now learned that Diebold quietly replaced the main circuit
AH> boards in all its terminals last year because of a fatal flaw that it
AH> knew about for years.
AH> Last week, someone who doesn't like Diebold dropped a couple of disks
AH> containing old company source code at the office of a longtime critic of
AH> electronic voting. Given the reaction of everyone involved in that
AH> incident - including the FBI - you might have thought that someone had
AH> stolen the crown jewels.
AH> Far from it. Instead of criticizing this breach of security, we should
AH> give the miscreants a medal. Thievery and exposure may be the only ways
AH> we'll ever know if we're getting an honest count on Election Day.
AH> There are lots of flaws in Maryland's system (including the hardware, as
AH> we have now learned). But the worst is that the source code for the
AH> software that records your vote and mine is secret. You and I can't see
AH> it even though we paid for it. And paid and paid and paid. The total is
AH> up to $106 million so far.
AH> When the nerds among us try to explain why secret source code is so bad,
AH> people's eyes start to glaze over. Well, it's time to grow up, citizens.
AH> It's worth learning about if an honest election is even marginally
AH> important to you.
AH> First: Underneath the rhetoric, our Diebold electronic voting terminals
AH> are just personal computers, and not very fancy ones at that. True, they
AH> have touch-sensitive screens, which are more expensive than the average
AH> laptop display, but not a whole lot. Bottom line: There's not much
AH> profit in the hardware.
AH> Diebold and other vendors make their real money on the software that
AH> turns them into voting machines. This isn't rocket science, either.
AH> Voting software doesn't have to calculate trajectories between planets,
AH> or sequence the human genome, or predict hurricanes. It waits for you to
AH> push a faux button on the touch screen and then adds that vote to
AH> somebody's total.
AH> Yes, there are complications. You may want the software to make sure you
AH> don't cast votes for more than one candidate in a race. Likewise, you
AH> may want a warning that that you didn't cast a vote in a particular
AH> contest.
AH> In a General Assembly race, you may have to vote for as many as three
AH> candidates from a field of six or more - or if it's a primary election,
AH> choose 14 candidates from 25 running for a party central committee.
AH> There are also yes/no votes for bonds and ballot issues. In some places
AH> (thankfully, not here), citizens get to vote for at-large city council
AH> candidates and rank them in order of preference.
AH> But these all boil down to a series of logical instructions, which
AH> programmers develop into the so-called source code for their software.
AH> The source code is typically written in a high-level computer
AH> programming language that bears some relationship to English. Other
AH> programmers can follow it and understand it - particularly if the author
AH> leaves comments in the code to explain what he's doing.
AH> Later, the program may be compiled into the computer's native machine
AH> language, or some hybrid that's harder to tamper with.
AH> Maryland election officials, to their credit, run a mathematical test on
AH> their software files before and after the election to prove they haven't
AH> been changed.
AH> But in the end, that doesn't matter, because we don't know what that
AH> source code is to start with. Diebold says its software is proprietary,
AH> and won't be shown to anyone except a few mysterious companies whose job
AH> it is to certify this stuff. I don't know much about them and neither do
AH> many other people. I certainly have no reason to trust them.
AH> That source code is the computer equivalent of the rules that election
AH> officials use when they count paper ballots. In the real world, those
AH> rules are clear and public, and when ballots are tallied by hand, it's
AH> done with representatives of both parties on hand to keep everybody
AH> honest and deal with disputes.
AH> In proprietary systems such as Diebold's, the vote counting is done
AH> behind closed doors - which is why critics call it "black box voting."
AH> We don't know what the rules are, because we can't see the original
AH> source code, or hire someone to inspect it.
AH> Is there a logic error that results in Smith's votes going to Johnson?
AH> Is there a line buried deep in the maze of code that takes every 50th
AH> vote for Smith and puts it in Johnson's column? We'll never know.
AH> Back when counties bought their manual voting machines and ballot
AH> scanners from different vendors, fixing a statewide election was
AH> virtually impossible. Now, with every county tied to Diebold, a single
AH> line of malicious code could throw a statewide contest and be virtually
AH> undetectable.
AH> That's why computer scientists pushing for verifiable systems demand
AH> so-called "open source" software. You and I (or programmers we hire)
AH> should be able to view that source code, look for bugs, and even test it
AH> out on our own computers. We should be able to hire hackers to attack
AH> the program's security elements.
AH> This is how many open source programs are developed. Why is the Mozilla
AH> Firefox Web browser more secure than Microsoft's Internet Explorer?
AH> Because it was developed in the open by a team of programmers and
AH> pounded by thousands of test users and would-be hackers until most of
AH> its flaws were eliminated.
AH> The same goes for the secure, open source Apache server software that
AH> runs more than half of the world's large Web sites.
AH> Diebold and other proprietary software vendors argue that open source
AH> software stifles innovation. What they mean is that there's no profit in
AH> developing code that everyone else can emulate.
AH> But here's my bottom line: I don't want "innovative" software to protect
AH> the integrity of my elections. I want reliable, verifiable software.
AH> Want to see how this might work? For years a group of California-based
AH> computer scientists and political activists called the Open Voting
AH> Consortium has been pushing for an open source election system that can
AH> run on a variety of computers, including Diebold's touch-screen terminals.
AH> Its key components are open source software and electronic terminals
AH> whose only job is to produce printed ballots that voters can verify
AH> before they're submitted to scanners for recording. In case of
AH> malfunction or disputes, the verified ballots are always available for
AH> rescanning or even counting by hand.
AH> You can try out the group's amusing sample ballot online at
AH> openvotingconsortium.org.
AH> A system like this is something we can develop here - and should - as
AH> soon as this crazy election is over.
AH> mike.himowitz@baltsun.com
AH> Subscribe to Mike Himowitz's podcast
AH> Copyright + 2006, The Baltimore Sun | Get Sun home delivery
AH> --- Msged/2 6.0.1
AH> * Origin: tncbbs.no-ip.com - Try the CROSSFIRE echo - all welcome
AH> (1:261/1000)
--- Thunderbird 1.5.0.7 (Windows/20060909)
* Origin: (1:123/789.0)
|