US Voting Machines Standards Open To Public 115
Online Voting writes "The U.S. Election Assistance Commission has published new voting systems testing and certification standards for 190 days of public comment. For all the critics of electronic voting, this is your opportunity to improve the process. This will be the second version of the federal voting system standards (the first version is the VVSG 05). To learn more about these Voluntary Voting System Standards see this FAQ."
Counterfeiting voting receipt (Score:4, Interesting)
Why the continued paranoia? (Score:4, Interesting)
The only answer I can see is that the machines are badly programmed or they have been rigged in some way.
Re:Sweet (Score:5, Interesting)
But when it comes to voting machines, the only thing that separates the voting machines from their other products is strong bias. Tamper with an ATM at the factory, sure some FDIC bank will lose a few thousand dollars but the one doing the tampering gains nothing. Tampering with a voting machine, the perpetrator stands to influence an election in ways they see fit.
My opinion on "software independence." (Score:2, Interesting)
My problem with the term "software independence" is that it is misnamed. The guidelines give a definition of "software independence" that does not actually mean the election's correctness will be independent of software. Their definition is much narrower -- to achieve what they call "software independence," all that is necessary is a software-free way to audit the count of recorded votes. This has two big weaknesses:
Its not that freaking hard people (Score:2, Interesting)
So how freaking hard is it to burn one PROM with the questions/canadates names to be displayed on the screen and a second PROM to contain the "Voting Control Keys"?
1) Certify the serial numbered PROMs
2) Seal the machines
3) Have the election
4) Certify the machine, print the summary sheet.
5) recover and process the machines results.
6) verify automated results vs summary sheets totals.
7) Certify the election
8) Wait whatever time needed for recount appeals
9) Break seals and pull PROMs and put in sealed storage.
Copyright (c) by the human race.
Still no access to source code (Score:4, Interesting)
Re:big problem (Score:5, Interesting)
To supervise the whole thing, we require people from multiple parties to be present at the polling station. It's hard to fiddle with something when it has to be verified by two (or more) opposing people at the same time.
I don't understand your references to multiple ballots. Is each party on a separate ballot or something? Why in the world would it be done like that?
Re:I certainly much better now! (Score:3, Interesting)
How would they do that?
Access to the source of the code running on your own PC is an excellent thing. It lets you modify it, confirm that it does only what it claims to do, find and fix bugs, and so on.
Access to the source of the code running on a machine that you have no control over is useless. You cannot confirm that it is the source of the running code. You cannot confirm that there are no hardware issues - intentional or otherwise - that are affecting the correct operation of the code.
Your swipe at MS, while predictable, is entirely irrelevant to this discussion. To continue your analogy, you want the source to the code running on your XBox or Playstation because you don't trust it. You don't trust the company providing the code, but they also provide the hardware and yet you do trust that?
You don't trust the system. You need to be able to verify the correct operation of the system. Access to the source to one part of that system does not give you anything but a false sense of security.
Re:How about (Score:2, Interesting)
Re:I certainly much better now! (Score:4, Interesting)
Amen to that. I worked for a temp firm for a contractor to ES&S when they were prepping the code for audit by a 3rd party under the previous version of the voting machine audit standards. The code needed major cleanup to comply with the coding standards (for readability), and we were in a time crunch, so everyone dropped what he was doing and worked on sanitizing the iVotronic code. After it was done, we had beautiful code. All variables were declared at the top of functions and names that made sense. No more globals. Functions had meaningful names and headers describing purpose, input, output, method, etc., etc., etc. We sent that software off to be audited for use in US elections. Of course, that code was never compiled. And it never made it back into the production s/w vault.