Free as in Vote
Welcome
I get this familiar feeling whenever an election year rolls around. I guess it is kind of like despair mixed with something more proactive, like maybe annoyance. I'm not talking about politics exactly, although I will admit that politics get pretty annoying. What really concerns me now is the backward nature of voting technology and the sense that nothing ever gets done about it.
Dear Reader,
I get this familiar feeling whenever an election year rolls around. I guess it is kind of like despair mixed with something more proactive, like maybe annoyance. I'm not talking about politics exactly, although I will admit that politics get pretty annoying. What really concerns me now is the backward nature of voting technology and the sense that nothing ever gets done about it.
The vote-counting fiasco of the US 2000 election was 18 years ago. Since then, numerous studies have shown that our voting machines are insecure, and we have uncovered evidence of foreign powers attempting to hack our voting systems. If you're wondering "why isn't this problem fixed yet?" you're not alone.
It is fair to say that some (though not all) of the very worst machines have been retired in recent years, but other systems that have some pretty severe problems are still in active use. Many voting machines use software from the 1990s – including obsolete OpenSSL implementations and unpatched versions of Windows XP. And because these systems are all proprietary and closed source, the world has no way to audit them and see how broken they really are. At the recent DEF CON conference in Las Vegas [1], testers revealed numerous security issues with voting machines in use today. One had an SSL certificate that was five years old. Another had an easily accessible memory card, which an attacker with physical access could swap out, exploiting software vulnerabilities to get control and change vote totals. These stories come back every year, typically before an election, and everyone gets shocked; then after the election, the problem floats back down to the end of the priority queue.
In the midst of all this grim news, one very interesting and hopeful development is the ongoing work of the TrustTheVote project [2] and its parent organization, the Open Source Election Technology (OSET) Institute [3]. TrustTheVote is an effort to design a complete framework for the voting process, including registration, voting, and counting, that is logical, unified, sensible, and secure. OSET's Election Technology Framework will be based on open standards, so everyone in the world will know how it works, and the powerful crowd-sourcing capabilities of the open source development model will provide universal auditing and feedback to ensure that the system remains secure and up-to-date.
OSET and TrustTheVote are interested in the engineering. Instead of serving as just another voice in the room, they want to build the system that the other voices are talking about. As they state on their website:
- No lofty academic research papers
- No congressional testimony
- No reliance on bureaucracy
- No endless public debates
- No TV news talking heads
Their focus is on "designing, developing, testing, and making available real production-ready and more trustworthy election administration software."
OSET and TrustTheVote have no intention of acting as vendors or distributors of voting machines. Their mission is to build a software framework that is then available to any vendor who wants to use it.
The voting machine industry in the US is mostly controlled by three companies, and those companies have changed very little over the years. In spite of all the negative publicity, no market forces have actually caused them to stop selling their cryptic, invisible systems to non-technical election officials. But open source software has great potential for disruption.
If the TrustTheVote project succeeds in bringing their framework into the discussion, voting machine vendors will have to make a choice. They can cooperate with TrustTheVote, integrating the universal election platform into their systems, and probably achieve vast savings in development costs, but they will need to give up some of their capacity for secrecy and competitive obfuscation.
On the other hand, if they insist on continuing to market their archaic, black-box systems, they will risk losing business to mainstream vendors such as HP, Oracle, and IBM, who will be perfectly happy to integrate TrustTheVote's framework rather than having to develop their own.
The Election Technology Framework is still a work in progress. According to the website, the current timeline calls for TrustTheVote to deliver "… production candidate election management systems plus ballot casting and counting devices for test and evaluation with the goal of being ready for deployment in the 2020 election cycle." Much has already been accomplished, but much work remains.
The TrustTheVote project could use more volunteers, especially volunteers who understand the importance of open standards and open source software. Of course, they also welcome donations, but another gift you can give to the TrustTheVote project is your awareness. Visit their website, send the link to your friends, and let the world know that we really do have a chance for better election security if concerned citizens tune in.
Joe Casad, Editor in Chief
Infos
- US Voting Systems: Full of Holes, Loaded with Pop Music, and Hacked by an 11-Year-Old: https://www.theregister.co.uk/2018/08/13/defcon_election_vote_hacking/
- TrustTheVote: https://trustthevote.org/
- Open Source Election Technology Institute: http://www.osetfoundation.org/
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Direct Download
Read full article as PDF:
Price $2.95
News
-
Deepin 23 Preview Release is Available For Testing
The developers of Deepin have made a preview release of their latest offering available with three exciting new features.
-
The First Point Release For Ubuntu 22.04 is Now Available
Canonical has released the first point upgrade for Jammy Jellyfish which includes important new toolchains and fixes.
-
Kali Linux 2022.3 Released
From the creators of the most popular penetration testing distributions on the planet, comes a new release with some new tools and a community, real-time chat option.
-
The 14" Pinebook Pro Linux Laptop is Shipping
After a considerable delay, the 14" version of the Pinebook Pro laptop is, once again, available for purchase.
-
OpenMandriva Lx ROME Technical Preview Released
OpenMandriva’s rolling release distribution technical preview has been released for testing purposes and adds some of the latest/greatest software into the mix.
-
Linux Mint 21 is Now Available
The latest iteration of Linux Mint, codenamed Vanessa, has been released with a new upgrade tool and other fantastic features.
-
Firefox Adds Long-Anticipated Feature
Firefox 103 has arrived and it now includes a feature users have long awaited…sort of.
-
System76 Refreshes Their Popular Oryx Pro Laptop with a New CPU
The System76 Oryx Pro laptop has been relaunched with a 12th Gen CPU and more powerful graphics options.
-
Elive Has Released a New Beta
The Elive team is proud to announce the latest beta version (3.8.30) of its Enlightenment-centric Linux distribution.
-
Rocky Linux 9 Has Arrived
The latest iteration of Rocky Linux is now available and includes a host of new features and support for new architecture.