mrben linked to the HBO documentary Hacking Democracy in a recent comment… honestly, I’ve never followed much of the kerfuffle around Diebold, etc, and I pretty much dismissed the whole thing as FUD.
I’ve been reflecting on it a bit since then, and I have to admit it’s certainly more complicated than that. I’d even say that I was wrong.
Now, I’m not one for conspiracy theories, and I personally don’t think there’s anything sinister going on.
However, at the same time, it’s clear that we need some method to ensure that there isn’t anything sinister going on… heck, forget sinister, we need to make sure there isn’t some garden-variety coding error that’s miscounting votes, in any direction.
I made a joke in my reply about putting Theo de Raadt in charge — but putting some sort of security fanatic in charge would actually be a pretty good idea.
I also said something about making the software open source — I’m sure I’m not the first one to have said that, either. Off the top of my head, I can’t think of another way to ensure that the software was fair and reliable.
Of course, there is another way — have consultants to sign a Non-Disclosure Agreement, and then allow them to view and test the code and machines. This is a little more realistic (unfortunately, I don’t think most people would understand that making code open source doesn’t make it insecure) — but I think you’d have to not just allow a “non-partisan third party” to review it — to be fair, you’d have to allow some raving partisans from each side review the software. They could each have their own experts review the software, and when both sides (or more than just 2 sides, where necessary) agree that the software is solid, it’s green-lighted.
Would that work? Would it take too long for everyone to review and approve the software? What if one side or the other remained unsatisfied — what then?
I don’t have an answer, but it is something to be concerned about. Unfortunately, we’re divided enough that many from either political persuasion are willing to believe that the “other side” is capable of trying something underhanded — and sooner or later, it’s inevitable that someone could/would, even it’s just some Turkish hackers trying to cause an uproar.
So it’s certainly too important to just dismiss as FUD, which I did — I think that was wrong. Again, I don’t personally subscribe to the conspiracy theories around this, but as long as problems with the security of voting machines and software remain, the conspiracy theories will remain. As long as there is reason enough to make the theories plausible, the system has problems.
I’m completely in favor of eliminating problems.
So, thanks for the link, mrben.
Heh - no problem. And I agree - I’m not entirely sure about conspiracy theories either, and I think the documentary did it’s best to avoid them as much as possible.
But the very concept of closed-source, trade secreted systems that could very well do anything they liked is bad enough. Add to that the fact that they were so easily hacked just compounds the issue.