Since government is the people's business, citizens are entitled to expect that their government is behaving at least as responsibly as other businesses. Indeed citizens should be able to expect that their government is acting above the standards set by regular businesses.7 Particularly when it comes to elections, ensuring safeguards against fraud is the sole basis upon which the Legislature is permitted and expected to legislate. Who is going to tell the Legislature? Why doesn't anyone in a position of responsibility understand that computerized systems should be presumed insecure and the burden of overcoming that presumption to be on the one offering or creating the voting system? How can so many representatives of the people be so unaware of the rich precedence in New York respecting the essential requirement for safeguards in our elections? How can those charged with the responsibility for determining New York's next electoral system in a century possibly believe they're doing their job when the current means of arriving at the next generation of an electoral system looks solely to these publicly discredited vendor options?
New York's Election Law Safeguards, While Better than Other States, Are No Match for Computerized Voting Systems
Having the Source Code in Escrow with the SBOE Is No Panacea for the Problems of DREs and Optical Scanners
With regard to the hundreds of thousands of lines of source code (a Diebold system for voting contains roughly 285,000 lines of source code) David Dill, a professor of Computer Science at Stanford, explained:
It is practically impossible for someone to review software of any length at all – even 10,000 or maybe even 1500 lines of code– to make sure that's 100% error-free.
Dan Wallach, Associate Professor of Computer Science at Rice University, in reference to Avi Rubin's statement that undetected code could be inserted in a large code package and the chance of its remaining undetected was 99.9% said,
I don't know about that other tenth of a percent. This is a classic computer security problem. Whoever gets into the machine first wins. So if the Trojan horse software8 is in there first, you ask it to test itself – it will always lie to you and tell you everything is fine. And no matter what testing code you try to add after the fact, it's too late. It can now create a world where the testing software can't tell that the machine has been compromised, even though it has.The article's author summarizes the problem with the limitations of security even if one has access to the source code:
Even if a person could check hundreds of thousands of lines of software code and find hidden malicious code,
and even if software could be written bug-free,
and even if the hardware works properly and interfaces perfectly with the software and peripherals,
and even if the binary and source code match identically,
and even if each electronic voting machine were physically guarded every minute to prevent insertion of malicious code (including by insider vendors or subcontractors or election personnel or anyone with a key including the janitor),
and even if every software change has been clean and legitimate,
and even if unexamined ballot definition files are accurate and trustworthy,
and even if there were reasonable ways to make sure that the software previously checked is now the software running on each machine on the morning of election day
Next Page 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9
(Note: You can view every article as one long page if you sign up as an Advocate Member, or higher).
