Open source: How e-voting should be done
- — 28 October, 2008 09:43
The open source community has already gotten involved in reshaping our approach to e-voting systems. The Open Voting Consortium, for example, is pushing for simple, standard touchscreen voting systems that do not directly interface with any system, or record votes. These systems would simply print paper voting receipts with bar codes that would then be scanned and dropped into a ballot box, officially casting the vote.
This method removes the need for any polling station to be held responsible for counting votes, thus eliminating any effect tampering with machines might have on results. It also ensures a paper trail for potential recounts. Moreover, by relying on paper in printers rather than official ballots, no voter can be turned away for lack of ballots at a polling place.
This solution is cheap and straightforward, yet isn't widely used. Instead, we have spent billions of dollars on commercial solutions that offer no paper trail -- just a poor security history.
One recent example involved a Republican at-large election in Washington, D.C., in which thousands of votes appeared and then disappeared during the day. Sequoia Voting Systems equipment was used for that election. Not surprisingly, Sequoia has laid the blame for those phantom votes on human error, perhaps a corrupt memory cartridge. Retailers wouldn't accept cash registers that were this error-prone. In many cases, brand-new e-voting systems have been shelved due to such issues, at a fantastic cost to taxpayers.
Network integrity: Ensuring all votes count
Leveraging existing network infrastructures to completely remove the polling place from the vote-counting equation is another essential step to ensuring secure elections.
In many cases, public polling is conducted in government buildings, schools, community centers, and other facilities equipped with some form of broadband Internet access. Devices running open source software could be made to create an instant, encrypted link to transmit all votes to a centralized server, while still providing a paper trail at the polling place in the form of a printout.
In this way, votes from a significant number of precincts could be counted as they are entered, rather than after the fact. Communication with the central server would be secured using existing encryption methods such as AES (Advanced Encryption Standard) and certificate-based authentication. Even when voting in someone's garage, your vote would be more secure than it would be using a pile of flash cards in a box.