Open source: How e-voting should be done

An open source approach to open voting systems is essential to the integrity of our electoral process. Here's a technical blueprint for securing the vote

"It is enough that the people know there was an election. The people who cast the votes decide nothing. The people who count the votes decide everything." -- Joseph Stalin

In the past eight years, elections in the United States have taken on the guise of a TV game show, with the elections themselves not quite as compelling as watching voting mechanisms fail across the country, especially in key battleground states such as Florida and Ohio. Pols and pundits from both sides of the aisle are quick to place most of the blame on faulty electronic voting systems. But until we set a technical policy that favors open voting systems, as Australia did in 2001 with its open source eVACS (Electronic Voting and Counting System), we have only ourselves to blame.

[ Formore on how technology is reshaping the race for the U.S. presidency, see InfoWorld's special report. ]

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

"It is enough that the people know there was an election. The people who cast the votes decide nothing. The people who count the votes decide everything." -- Joseph Stalin

In the past eight years, elections in the United States have taken on the guise of a TV game show, with the elections themselves not quite as compelling as watching voting mechanisms fail across the country, especially in key battleground states such as Florida and Ohio. Pols and pundits from both sides of the aisle are quick to place most of the blame on faulty electronic voting systems. But until we set a technical policy that favors open voting systems, as Australia did in 2001 with its open source eVACS (Electronic Voting and Counting System), we have only ourselves to blame.

[ Formore on how technology is reshaping the race for the U.S. presidency, see InfoWorld's special report. ]

The closed source approach to disenfranchisement Current U.S. policy ensures that e-voting remains in the hands of very few proprietary vendors, including the much-maligned Diebold, which has received so much bad press that it has renamed its voting machine division Premier Election Solutions.

Don't let the new name fool you. Little has changed about e-voting systems, which take on several forms, including the two most common: touchscreen devices and optical-scan readers. What they have in common, however, is that they all use closed source code. In many cases, even the manufacturers don't have the source code to software running on their own systems. Premier Election Solutions recently advised that its machines lost votes in Ohio primaries due to an incompatibility with McAfee's anti-virus software. In the words of XKCD, someone is clearly doing their job horribly wrong. Later, Premier claimed that its own software was at fault.

More often than not, however, blame for e-voting failure is placed on the storage media of these devices, either due to their relative fragility or their apparent ease of tampering.

When results from elections conducted on e-voting systems are called into question, manufacturers point the finger at defective "memory cartridges." Those of us in IT know that if all flash storage were this error-prone, digital cameras and iPods wouldn't exist. Worse, we know it's far simpler to pocket or swap out a small flash card containing a few thousand votes than it would be if those votes were recorded on paper ballots.

Another problem of current e-voting systems is that many still in operation provide no paper trail. Americans can't fill up their cars or access their bank accounts from an ATM without being prompted to print a receipt, but in many voting precincts, we can vote with nothing tangible to show for it.

Most voters already know these systems are flawed. It's the relative lack of outrage that is troubling. Perhaps trust in the electoral process is still sufficient to assuage fears of stolen elections, or the issue of flawed voting technology itself has become a running joke, like cracks about an honest politician. Even The Simpsons parodied the situation recently.

Those of us who live in IT every day know better. We know exactly how poorly designed some software frameworks are. We see the security challenges presented by Web servers, mail servers, remote access, and so on, but when it comes to the foundation of our democracy, we just shake our heads and move on.

Maybe it's time for us geeks to come to the rescue, with a little help from Congress. We've built the Internet, designed staggeringly complex technologies for conducting lightning-speed financial transactions, securing sensitive patient data, even our own entertainment. After all, you'd be hard-pressed to say that there's more complexity in an e-voting machine than in, say, your TiVo or even your cell phone.

But the key to securing e-voting resides in making its systems open source.

Opening the polls to open source If you look around the open source community, you will find a wide variety of projects that are not only widely used but extremely well designed and very secure. Apache, Perl, PHP, OpenBSD, FreeBSD, and the Linux kernel are just a few examples. Coders who contribute to these projects generally do so without remuneration, producing some of the best code available.

It's time for us to make good on the promise of open elections and open our e-voting systems as well -- no black boxes, no intellectual property protections, no obfuscation, and certainly no backdoors. Doing so would require a federal mandate, one that would eliminate the use of closed source devices.

This being a free-market economy, vendors should certainly be able to participate in the construction of truly secure e-voting systems. But to ensure the integrity of our elections, the code they run on their products must be open. Moreover, it should be the same across all e-voting platforms. Just as the PC industry produces multiple PC brands that all run Windows, e-voting vendors should produce systems that run the same open source voting software.

The open source community has already gotten involved in reshaping our approach to e-voting systems. The Open Voting Consortium, for example, is pushing for simple, standard touchscreen voting systems that do not directly interface with any system, or record votes. These systems would simply print paper voting receipts with bar codes that would then be scanned and dropped into a ballot box, officially casting the vote.

This method removes the need for any polling station to be held responsible for counting votes, thus eliminating any effect tampering with machines might have on results. It also ensures a paper trail for potential recounts. Moreover, by relying on paper in printers rather than official ballots, no voter can be turned away for lack of ballots at a polling place.

This solution is cheap and straightforward, yet isn't widely used. Instead, we have spent billions of dollars on commercial solutions that offer no paper trail -- just a poor security history.

One recent example involved a Republican at-large election in Washington, D.C., in which thousands of votes appeared and then disappeared during the day. Sequoia Voting Systems equipment was used for that election. Not surprisingly, Sequoia has laid the blame for those phantom votes on human error, perhaps a corrupt memory cartridge. Retailers wouldn't accept cash registers that were this error-prone. In many cases, brand-new e-voting systems have been shelved due to such issues, at a fantastic cost to taxpayers.

For more enterprise computing news, visit InfoWorld. Story copyright InfoWorld Media Group, Inc.