Free as in Vote
Welcome
I get this familiar feeling whenever an election year rolls around. I guess it is kind of like despair mixed with something more proactive, like maybe annoyance. I'm not talking about politics exactly, although I will admit that politics get pretty annoying. What really concerns me now is the backward nature of voting technology and the sense that nothing ever gets done about it.
Dear Reader,
I get this familiar feeling whenever an election year rolls around. I guess it is kind of like despair mixed with something more proactive, like maybe annoyance. I'm not talking about politics exactly, although I will admit that politics get pretty annoying. What really concerns me now is the backward nature of voting technology and the sense that nothing ever gets done about it.
The vote-counting fiasco of the US 2000 election was 18 years ago. Since then, numerous studies have shown that our voting machines are insecure, and we have uncovered evidence of foreign powers attempting to hack our voting systems. If you're wondering "why isn't this problem fixed yet?" you're not alone.
It is fair to say that some (though not all) of the very worst machines have been retired in recent years, but other systems that have some pretty severe problems are still in active use. Many voting machines use software from the 1990s – including obsolete OpenSSL implementations and unpatched versions of Windows XP. And because these systems are all proprietary and closed source, the world has no way to audit them and see how broken they really are. At the recent DEF CON conference in Las Vegas [1], testers revealed numerous security issues with voting machines in use today. One had an SSL certificate that was five years old. Another had an easily accessible memory card, which an attacker with physical access could swap out, exploiting software vulnerabilities to get control and change vote totals. These stories come back every year, typically before an election, and everyone gets shocked; then after the election, the problem floats back down to the end of the priority queue.
In the midst of all this grim news, one very interesting and hopeful development is the ongoing work of the TrustTheVote project [2] and its parent organization, the Open Source Election Technology (OSET) Institute [3]. TrustTheVote is an effort to design a complete framework for the voting process, including registration, voting, and counting, that is logical, unified, sensible, and secure. OSET's Election Technology Framework will be based on open standards, so everyone in the world will know how it works, and the powerful crowd-sourcing capabilities of the open source development model will provide universal auditing and feedback to ensure that the system remains secure and up-to-date.
OSET and TrustTheVote are interested in the engineering. Instead of serving as just another voice in the room, they want to build the system that the other voices are talking about. As they state on their website:
- No lofty academic research papers
- No congressional testimony
- No reliance on bureaucracy
- No endless public debates
- No TV news talking heads
Their focus is on "designing, developing, testing, and making available real production-ready and more trustworthy election administration software."
OSET and TrustTheVote have no intention of acting as vendors or distributors of voting machines. Their mission is to build a software framework that is then available to any vendor who wants to use it.
The voting machine industry in the US is mostly controlled by three companies, and those companies have changed very little over the years. In spite of all the negative publicity, no market forces have actually caused them to stop selling their cryptic, invisible systems to non-technical election officials. But open source software has great potential for disruption.
If the TrustTheVote project succeeds in bringing their framework into the discussion, voting machine vendors will have to make a choice. They can cooperate with TrustTheVote, integrating the universal election platform into their systems, and probably achieve vast savings in development costs, but they will need to give up some of their capacity for secrecy and competitive obfuscation.
On the other hand, if they insist on continuing to market their archaic, black-box systems, they will risk losing business to mainstream vendors such as HP, Oracle, and IBM, who will be perfectly happy to integrate TrustTheVote's framework rather than having to develop their own.
The Election Technology Framework is still a work in progress. According to the website, the current timeline calls for TrustTheVote to deliver "… production candidate election management systems plus ballot casting and counting devices for test and evaluation with the goal of being ready for deployment in the 2020 election cycle." Much has already been accomplished, but much work remains.
The TrustTheVote project could use more volunteers, especially volunteers who understand the importance of open standards and open source software. Of course, they also welcome donations, but another gift you can give to the TrustTheVote project is your awareness. Visit their website, send the link to your friends, and let the world know that we really do have a chance for better election security if concerned citizens tune in.
Joe Casad, Editor in Chief
Infos
- US Voting Systems: Full of Holes, Loaded with Pop Music, and Hacked by an 11-Year-Old: https://www.theregister.co.uk/2018/08/13/defcon_election_vote_hacking/
- TrustTheVote: https://trustthevote.org/
- Open Source Election Technology Institute: http://www.osetfoundation.org/
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
New Slimbook EVO with Raw AMD Ryzen Power
If you're looking for serious power in a 14" ultrabook that is powered by Linux, Slimbook has just the thing for you.
-
The Gnome Foundation Struggling to Stay Afloat
The foundation behind the Gnome desktop environment is having to go through some serious belt-tightening due to continued financial problems.
-
Thousands of Linux Servers Infected with Stealth Malware Since 2021
Perfctl is capable of remaining undetected, which makes it dangerous and hard to mitigate.
-
Halcyon Creates Anti-Ransomware Protection for Linux
As more Linux systems are targeted by ransomware, Halcyon is stepping up its protection.
-
Valve and Arch Linux Announce Collaboration
Valve and Arch have come together for two projects that will have a serious impact on the Linux distribution.
-
Hacker Successfully Runs Linux on a CPU from the Early ‘70s
From the office of "Look what I can do," Dmitry Grinberg was able to get Linux running on a processor that was created in 1971.
-
OSI and LPI Form Strategic Alliance
With a goal of strengthening Linux and open source communities, this new alliance aims to nurture the growth of more highly skilled professionals.
-
Fedora 41 Beta Available with Some Interesting Additions
If you're a Fedora fan, you'll be excited to hear the beta version of the latest release is now available for testing and includes plenty of updates.
-
AlmaLinux Unveils New Hardware Certification Process
The AlmaLinux Hardware Certification Program run by the Certification Special Interest Group (SIG) aims to ensure seamless compatibility between AlmaLinux and a wide range of hardware configurations.
-
Wind River Introduces eLxr Pro Linux Solution
eLxr Pro offers an end-to-end Linux solution backed by expert commercial support.