Text 3002, 148 rader
Skriven 2006-10-26 17:05:42 av Alan Hess
Ärende: more on machines
========================
http://www.baltimoresun.com/technology/bal-bz.pl.himowitz26oct26,0,5352371.col
umn?coll=bal-home-columnists

From the Baltimore Sun
Diebold's secret code keeps voters in the dark
Mike Himowitz



October 26, 2006

In episode after episode, computer scientists have demonstrated the weaknesses
of Maryland's electronic voting system. And time after time, officials from the
State Board of Elections and Diebold Election Systems have circled the wagons -
ignoring the real issues and branding their critics as kooks.

We have now learned that Diebold quietly replaced the main circuit boards in
all its terminals last year because of a fatal flaw that it knew about for
years.

Last week, someone who doesn't like Diebold dropped a couple of disks
containing old company source code at the office of a longtime critic of
electronic voting. Given the reaction of everyone involved in that incident -
including the FBI - you might have thought that someone had stolen the crown
jewels.

Far from it. Instead of criticizing this breach of security, we should give the
miscreants a medal. Thievery and exposure may be the only ways we'll ever know
if we're getting an honest count on Election Day.

There are lots of flaws in Maryland's system (including the hardware, as we
have now learned). But the worst is that the source code for the software that
records your vote and mine is secret. You and I can't see it even though we
paid for it. And paid and paid and paid. The total is up to $106 million so
far.

When the nerds among us try to explain why secret source code is so bad,
people's eyes start to glaze over. Well, it's time to grow up, citizens. It's
worth learning about if an honest election is even marginally important to you.

First: Underneath the rhetoric, our Diebold electronic voting terminals are
just personal computers, and not very fancy ones at that. True, they have
touch-sensitive screens, which are more expensive than the average laptop
display, but not a whole lot. Bottom line: There's not much profit in the
hardware.

Diebold and other vendors make their real money on the software that turns them
into voting machines. This isn't rocket science, either. Voting software
doesn't have to calculate trajectories between planets, or sequence the human
genome, or predict hurricanes. It waits for you to push a faux button on the
touch screen and then adds that vote to somebody's total.

Yes, there are complications. You may want the software to make sure you don't
cast votes for more than one candidate in a race. Likewise, you may want a
warning that that you didn't cast a vote in a particular contest.

In a General Assembly race, you may have to vote for as many as three
candidates from a field of six or more - or if it's a primary election, choose
14 candidates from 25 running for a party central committee. There are also
yes/no votes for bonds and ballot issues. In some places (thankfully, not
here), citizens get to vote for at-large city council candidates and rank them
in order of preference.

But these all boil down to a series of logical instructions, which programmers
develop into the so-called source code for their software. The source code is
typically written in a high-level computer programming language that bears some
relationship to English. Other programmers can follow it and understand it -
particularly if the author leaves comments in the code to explain what he's
doing.

Later, the program may be compiled into the computer's native machine language,
or some hybrid that's harder to tamper with.

Maryland election officials, to their credit, run a mathematical test on their
software files before and after the election to prove they haven't been
changed.

But in the end, that doesn't matter, because we don't know what that source
code is to start with. Diebold says its software is proprietary, and won't be
shown to anyone except a few mysterious companies whose job it is to certify
this stuff. I don't know much about them and neither do many other people. I
certainly have no reason to trust them.

That source code is the computer equivalent of the rules that election
officials use when they count paper ballots. In the real world, those rules are
clear and public, and when ballots are tallied by hand, it's done with
representatives of both parties on hand to keep everybody honest and deal with
disputes.

In proprietary systems such as Diebold's, the vote counting is done behind
closed doors - which is why critics call it "black box voting." We don't know
what the rules are, because we can't see the original source code, or hire
someone to inspect it.

Is there a logic error that results in Smith's votes going to Johnson? Is there
a line buried deep in the maze of code that takes every 50th vote for Smith and
puts it in Johnson's column? We'll never know.

Back when counties bought their manual voting machines and ballot scanners from
different vendors, fixing a statewide election was virtually impossible. Now,
with every county tied to Diebold, a single line of malicious code could throw
a statewide contest and be virtually undetectable.

That's why computer scientists pushing for verifiable systems demand so-called
"open source" software. You and I (or programmers we hire) should be able to
view that source code, look for bugs, and even test it out on our own
computers. We should be able to hire hackers to attack the program's security
elements.

This is how many open source programs are developed. Why is the Mozilla Firefox
Web browser more secure than Microsoft's Internet Explorer? Because it was
developed in the open by a team of programmers and pounded by thousands of test
users and would-be hackers until most of its flaws were eliminated.

The same goes for the secure, open source Apache server software that runs more
than half of the world's large Web sites.

Diebold and other proprietary software vendors argue that open source software
stifles innovation. What they mean is that there's no profit in developing code
that everyone else can emulate.

But here's my bottom line: I don't want "innovative" software to protect the
integrity of my elections. I want reliable, verifiable software.

Want to see how this might work? For years a group of California-based computer
scientists and political activists called the Open Voting Consortium has been
pushing for an open source election system that can run on a variety of
computers, including Diebold's touch-screen terminals.

Its key components are open source software and electronic terminals whose only
job is to produce printed ballots that voters can verify before they're
submitted to scanners for recording. In case of malfunction or disputes, the
verified ballots are always available for rescanning or even counting by hand.

You can try out the group's amusing sample ballot online at
openvotingconsortium.org.

A system like this is something we can develop here - and should - as soon as
this crazy election is over.

mike.himowitz@baltsun.com

Subscribe to Mike Himowitz's podcast

Copyright + 2006, The Baltimore Sun | Get Sun home delivery

--- Msged/2 6.0.1
 * Origin: tncbbs.no-ip.com - Try the CROSSFIRE echo - all welcome (1:261/1000)