Aussies Do It Right: E-Voting
Excerpts from the article follow:
While critics in the United States grow more concerned each day about the insecurity of electronic voting machines, Australians designed a system two years ago that addressed and eased most of those concerns: They chose to make the software running their system completely open to public scrutiny.
Although a private Australian company designed the system, it was based on specifications set by independent election officials, who posted the code on the Internet for all to see and evaluate. What's more, it was accomplished from concept to product in six months. It went through a trial run in a state election in 2001...
Called eVACS, or Electronic Voting and Counting System, the system was created by a company called Software Improvements to run on Linux, an open-source operating system available on the Internet...
Software Improvement's Matt Quinn, the lead engineer on the product, said the commission called all the shots....
The commission posted drafts as well as the finished software code on the Internet for the public to review....
"The fact that the source code had been published really deflected criticism," Quinn said....
In addition to the public review, the commission hired an independent verification and validation company to audit the code, "specifically to prevent us, as a developer, from having any election-subverting code in there," Quinn said....
The state tested 80 machines in the election, distributed among eight polling places throughout Canberra (the country's capital). A comparative manual count after the election showed that the system operated accurately.
The plan is to use the 80 machines again next year, but Quinn said the difficulty in deploying the system nationwide is that it would have to be adapted for use over larger geographic areas.
The machines are not what Quinn would call high-tech. The voting terminal consists of a PC and offers ballots in 12 languages, including Serbian and Farsi. The system includes English audio for vision-impaired and illiterate voters.
The voter swipes a bar code over a reader that resets the machine for a new vote and calls up a ballot. Once a selection is made and reviewed, the voter swipes the bar code again to cast the vote. The bar code doesn't identify the voter; it simply authorizes the voter to cast one ballot.
The terminals link to a server in each polling place through a secure local-area network so no votes are transmitted over the Internet or phone lines.
Quinn said the server writes two copies of the votes onto separate discs that are digitally signed and delivered independently to a central counting place. The digital signature is a 128-bit unique identifier generated from the voting data. If the data were changed in transit, the identifier would change too, raising red flags that something went wrong.
The machine does not include a voter-verifiable receipt, something critics of U.S. systems want added to machines and voting machine makers have resisted [in part due to cost]...
The issues of voter-verifiable receipts and secret voting systems could be resolved in the United States by a bill introduced to the House of Representatives last May by Rep. Rush Holt (D-New Jersey). The bill would force voting-machine makers nationwide to provide receipts and make the source code for voting machines open to the public. The bill has 50 co-sponsors so far, all of them Democrats.
"If a voting system precludes any notion of a meaningful recount, is cloaked in secrecy and controlled by individuals with conflicts of interest, why would anyone buy it?," Quinn said. "At the very least give citizens the right to choose whether they want to use paper ballots ... thus allowing each elector to be personally satisfied as to the integrity of the process in which they are participating."
Click here for the full article on the Wired site.
Source
Article forwarded to the bytesforall_readers list server on November 4 2003 (click here to access the archives).
- Log in to post comments