A lengthy October 22nd posting by Gregory Miller at the OSDV's TrustTheVote Project blog (at <http://www.trustthevote.org/d-c-reality-check---the-opportunities-and-challenges-of-transparency/comment-page-1#comment-9463>) underscores this "head in the sand" attitude by lauding the fact that "the District owns 100% of the source code, which is fully transparent and open source" as somehow a good thing. Actually this "ownership" means that the DC Election Officials had the freedom to deploy it, and they apparently did do so, despite knowing that it was vulnerable to international attack.
Does the DCBOEE really think that their website admonishment about the paltry $10,000 fine and possible imprisonment is going to stop anyone, especially foreign hackers (who may not be subject to US laws), from using proxy servers to avoid detection? Does the OSDV truly believe that the DCBOEE has the ability to detect tampering if it occurs? And if they discover that the system was hacked during the election, do they have a plan to allow the affected voters to recast their ballots in a secure way? Heck, when consumer electronics or automobiles are discovered to have systemic problems, they are RECALLED! Shouldn't the OSDV folks be ashamed of themselves for not including a clause in their distribution that IMMEDIATELY RECALLS THIS PRODUCT and ENSURES IT WOULD NOT BE USED IN ANY ACTUAL GOVERNMENT ELECTION, if any vulnerabilities test or subsequent data exposes it as insecure and/or unreliable?
Even more disconcerting is the cavalier attitude by the DCBOEE, in deciding to go ahead with this moronic experiment, knowing that the system was so massively flawed. This proves EXACTLY WHAT I (and others) HAVE ALWAYS SAID ABOUT OPEN SOURCE VOTING -- even if OSDV had been able to provide an update to remedy all of the KNOWN problems, there would be no time to adequately test it, and there would be no way for the voters to ensure that the CORRECTED version (and not a flawed or hacked one) is being used at the time of the election.
Open source voting thus provides a false sense of security about electronic elections, which this sad experience has vividly demonstrated. As Ken Thompson said in 1984: "You can't trust code that you did not totally create yourself. No amount of source-level verification or scrutiny will protect you from using untrusted code." This is still true, whether the election community, seemingly well-intentioned developers, and security experts want to believe it or not. Transparency is NOT equivalent to Trust, especially in voting systems.
Don't get me wrong, of course I believe that open source is a good thing for many types of applications -- voting (especially over the Internet or in fully electronic systems) just is NOT one of these. Sure, all aspects of voting systems must be open to thorough review. But the voting problem CANNOT BE SOLVED using open source. (If this sounds like a contradiction, it is, as I described in my doctoral dissertation, downlodable at <www.notablesoftware.com/evote.html>, because there is an inherent conflict in the ability to create a trusted system that also provides full anonymity.) Our election integrity colleagues must ensure that these points are made whenever they demonstrate vulnerabilities. Anyone who allows voters, election officials, and members of the press to think otherwise is contributing to this outright fraud. Perhaps if the VENDORS are fined $10,000 and threatened with jail sentences, this charade will finally end.