E-Voting Firms Recognize That Open Source Software Exists... But Seem Confused About What It Means
from the not-too-surprising dept
We've never quite understood why e-voting software shouldn't be required to be public information. For the sake of actually allowing an open and transparent voting system, it's hard to understand how any governing body would allow proprietary software to be used. There's simply no way you can prove that the system is fair and transparent if the counting mechanism is totally hidden away. For years, the big e-voting firms have simply shrugged this off, but it looks like they're at least open to discussing it. A trade group representing the big e-voting firms has put out a whitepaper discussing open source voting systems, where all they really do is show that they don't actually understand much about open source technologies.First, they claim that, even though they understand that "security through obscurity" isn't effective, "there remains some underlying truths to the idea that software does maintain a level of security through the lack of available public knowledge of the inner workings of a software program." Computer Science professor Dan Wallach does a nice job responding to that claim:
Really? No. Disclosing the source code only results in a complete forfeiture of the software's security if there was never any security there in the first place. If the product is well-engineered, then disclosing the software will cause no additional security problems. If the product is poorly-engineered, then the lack of disclosure only serves the purpose of delaying the inevitable.The next oddity, is the claim that if a problem is found in open source software, then it won't get fixed as quickly, because you have to wait for "the community" to fix it. That completely mistakes how open source software works. Again, Wallach points out how silly that is, noting that plenty of commercially-focused companies run open source projects, including maintaining and contributing code to the project. If these companies were to open source their code, there's nothing stopping them from continuing to improve the security of the code. There's no need to wait around... The paper has other problems as well, which Wallach discusses at the link above. To be honest, though, it's quite telling that these firms don't even seem to understand some of the basics of how open source software works.
What we learned from the California Top-to-Bottom Review and the Ohio EVEREST study was that, indeed, these systems are unquestionably and unconscionably insecure. The authors of those reports (including yours truly) read the source code, which certainly made it easier to identify just how bad these systems were, but it's fallacious to assume that a prospective attacker, lacking the source code and even lacking our reports, is somehow any less able to identify and exploit the flaws. The wide diversity of security flaws exploited on a regular basis in Microsoft Windows completely undercuts the ETC paper's argument. The bad guys who build these attacks have no access to Windows's source code, but they don't need it. With common debugging tools (as well as customized attacking tools), they can tease apart the operation of the compiled, executable binary applications and engineer all sorts of malware.
Voting systems, in this regard, are just like Microsoft Windows. We have to assume, since voting machines are widely dispersed around the country, that attackers will have the opportunity to tear them apart and extract the machine code. Therefore, it's fair to argue that source disclosure, or the lack thereof, has no meaningful impact on the operational security of our electronic voting machines. They're broken. They need to be repaired.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: e-voting, open source
Reader Comments
Subscribe: RSS
View by: Time | Thread
"If I take a letter, lock it in a safe, hide the safe somewhere in New York, and then tell you to read the letter, that's not security. That's obscurity. On the other hand, if I take a letter and lock it in a safe, and then give you the safe along with the design specifications of the safe and a hundred identical safes with their combinations so that you and the world's best safecrackers can study the locking mechanism--and you still can't open the safe and read the letter, that's security. "
[ link to this | view in chronology ]
If voting machines went open source, that software is solidly secure in no time. You have techies in all parties and all of them want to make sure no one else gets anything.
I don't know why governments don't require open source for everything that is ultimately needed for the public.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Available for public scrutiny != FOSS
The source code can be made available for public scrutiny without it being GNU or other open source software. There is nothing that prevents a company from publishing their code under traditional copyright. This would allow them to retain their rights to the code and still demonstrate the integrity of their software. If another company used their code in competing voting machines, then that would become apparent very quickly when the copying company published their source code.
The one essential element in a requirement to publish would be that public entities would be allowed to (in fact they should be required to) compile the published source using an open source compiler and load it onto the machines.
[ link to this | view in chronology ]
Re: Available for public scrutiny != FOSS
But, the sad thing is the Election Assistance Commission (EAC) HAD the chance last year to prevent this dilemma.
When the the EAC created the Certification and Testing Program, the refuse to incorporate into this new process the requirement that certification under the EAC requires source code disclosure.
[ link to this | view in chronology ]
Open Source Software
You can read about it here : http://humtp.com/
and here: wwwTEVSystems.com
[ link to this | view in chronology ]
e-voting
As to the comment: "The next oddity, is the claim that if a problem is found in open source software, then it won't get fixed as quickly, because you have to wait for "the community" to fix it." What I am reading is they are really saying "if it were open source software, people would see the defects, and we would have to fix them".
[ link to this | view in chronology ]
OSS is used for e-voting
http://www.elections.act.gov.au/elections/electronicvoting.html
[ link to this | view in chronology ]