Is Open Source the Answer to Voting Woes?


I think most of us are as tired of campaign commmercials as we are of stories about how horrible our economy seems to be. So a story about election technology might not be what you want to see today, but like the economic climate, the election is our reality for the time being.


In Monday's New York Times, IDG's Paul Venezia wrote about voting machines and how watching them fail in state after state has been more entertaining over the past eight years than the election returns themselves. He argues, however, that voting machines running on closed source software result in disenfranchisement because they are so insecure. For instance:

Premier Election Solutions recently advised that its machines lost votes in Ohio primaries due to an incompatibility with McAfee's antivirus software. .... When results from elections conducted on e-voting systems are called into question, manufacturers point the finger at defective "memory cartridges." Those of us in IT know that if all flash storage were this error-prone, digital cameras and iPods wouldn't exist. Worse, we know it's far simpler to pocket or swap out a small flash card containing a few thousand votes than it would be if those votes were recorded on paper ballots.

Another problem with today's electronic voting machines is that few of them provide a paper trail. And the stranger thing, it seems, is that everyone knows voting machines are a problem, but they seem to take it in stride -- shrug their shoulders and move on. (Kind of like the way we laugh at the "honest politician" jokes, Venezia suggests.)



He says open source voting machines are the only way to improve security and prevent disenfranchisement. Australia moved to open source voting in 2001, and California Secretary of State Deborah Bowen has pushed for open source voting -- at least in her state -- for some time now. Venezia says simply, "The key to securing e-voting resides in making its systems open source." Here's why:

With all the covers off, it becomes extremely difficult to embed backdoors or commit cloak-and-dagger fraud. The ability to view the code that records our votes should be a basic right -- if only to ensure that the conditions leading to a successfully recorded vote do not set success as a default.

And to those who say opening the code will only give hackers more opportunity to mess with the vote, Venezia says:

The ever-growing adoption of open source software in businesses large and small, as well as the Internet's reliance on open source solutions, provides evidence to the contrary. For example, open cryptography solutions are no less secure than their closed counterparts. In fact, one could argue that they're more secure, given that complete code visibility greatly reduces the potential for backdoors.

The kicker, though -- and I think Venezia hits the nail squarely on the head here -- is that until enough people get fed up with the mess that current e-voting machines have created to actually say something or to develop said open source voting machines, we won't get anywhere. The Open Voting Consortium has a leg up on everyone in that regard.