|
Statement from John Sokol
Public confidence in the integrity and accuracy of the
voting process and elections is vitally important in any free society. Anyone can cook up an electronic voting
system, this is a first year computer programming homework assignment, but to
make a system that can be not only be secure but also gain the trust of the general
pubic is a much more difficult task.
So far the systems that are out there, like Diebold,
Hart InterCivic and others don’t seem to do either. In spite of these companies
receiving disgustingly profitable contracts; there is a continuous stream of
reports about their systems being hacked. These systems are closed Black Boxes
and cannot be independently verified. These companies think that by sprinkling
a little DES encryption around they have a solution. By being close they only
assist the hacker and others who have even more sinister motivations in
defrauding the public.
Bruce Schneier
author of “Practical Cryptography” and one of the foremost experts on
cryptography makes it quite clear the problem of security is almost always in
the details of the rest of the system. Where a secure system is only as
strong as it’s weakest link. These companies largest weakness is the need
to keep the source code secure in order to keep the system secure. It’s almost impossible to protect source
code from a motivated engineer, 30 seconds access to a voting machine and few
weeks of work and only the wrong parties will have access.
The source code
should not be expected to keep the system secure!
People in the Open
Source Linux/BSD Unix community have been dealing with electronic security
issues for over a decade and appreciate the problems involved in this much more
then anyone else in the industry. Security is actually improved by public
scrutiny, it is maintained through networks of Trust, and the careful use of
secret passwords and cryptography.
Methods and algorithms are established through open debate,
and the rigors of scientific testing and trial and error on the open Internet.
These allow the design to evolve in to a truly functional system.
E-voting needs the
same open debate to its design. Its hardware should be make of COTS (common off
the shelf) parts like consumer PC’s. Its software should be freely available
over the Internet for all to study and experiment with and offer improvements.
Many vendors should be able to supply the hardware and software, and any one
should be able to verify its integrity and results.
This is a problem that affects much more then a few States,
or even the United States of America, but every free country on Earth. The Open
Source movement has been effective as harnessing the intellectual power of
every nation on Earth in it effort. I feel that the methods they have developed would also apply to E-Voting.
With MailClad I am proposing an architecture, but more
importantly encourage debate on overall system design and to offer working
source code and a suggested system hardware design. Based on PC’s the system
should be OS agnostic so as to operate on Microsoft Windows, Mac OS, Linux, and
BSD UNIX or anything else out there. Source will probably be C or C++ and be
relatively straightforward since the algorithm and physical measures ensures
the security and not the code or hardware itself.
MailClad should be an open E-voting architecture and an
open voting initiative. I am looking for team members to help form a non-profit
and other contributors for any and all areas of this project.
3/12/04
John L. Sokol
916-704-7676
|
