Those of us who live in IT every day know better. We know exactly how poorly designed some software frameworks are. We see the security challenges presented by Web servers, mail servers, remote access, and so on, but when it comes to the foundation of our democracy, we just shake our heads and move on.
Maybe it's time for us geeks to come to the rescue, with a little help from Congress. We've built the Internet, designed staggeringly complex technologies for conducting lightning-speed financial transactions, securing sensitive patient data, even our own entertainment. After all, you'd be hard-pressed to say that there's more complexity in an e-voting machine than in, say, your TiVo or even your cell phone.
But the key to securing e-voting resides in making its systems open source.
Opening the polls to open source
If you look around the open source community, you will find a wide variety of projects that are not only widely used but extremely well designed and very secure. Apache, Perl, PHP, OpenBSD, FreeBSD, and the Linux kernel are just a few examples. Coders who contribute to these projects generally do so without remuneration, producing some of the best code available.
It's time for us to make good on the promise of open elections and open our e-voting systems as well -- no black boxes, no intellectual property protections, no obfuscation, and certainly no backdoors. Doing so would require a federal mandate, one that would eliminate the use of closed source devices.
This being a free-market economy, vendors should certainly be able to participate in the construction of truly secure e-voting systems. But to ensure the integrity of our elections, the code they run on their products must be open. Moreover, it should be the same across all e-voting platforms. Just as the PC industry produces multiple PC brands that all run Windows, e-voting vendors should produce systems that run the same open source voting software.
The open source community has already gotten involved in reshaping our approach to e-voting systems. The Open Voting Consortium, for example, is pushing for simple, standard touchscreen voting systems that do not directly interface with any system, or record votes. These systems would simply print paper voting receipts with bar codes that would then be scanned and dropped into a ballot box, officially casting the vote.
This method removes the need for any polling station to be held responsible for counting votes, thus eliminating any effect tampering with machines might have on results. It also ensures a paper trail for potential recounts. Moreover, by relying on paper in printers rather than official ballots, no voter can be turned away for lack of ballots at a polling place.
This solution is cheap and straightforward, yet isn't widely used. Instead, we have spent billions of dollars on commercial solutions that offer no paper trail -- just a poor security history.
One recent example involved a Republican at-large election in Washington, D.C., in which thousands of votes appeared and then disappeared during the day. Sequoia Voting Systems equipment was used for that election. Not surprisingly, Sequoia has laid the blame for those phantom votes on human error, perhaps a corrupt memory cartridge. Retailers wouldn't accept cash registers that were this error-prone. In many cases, brand-new e-voting systems have been shelved due to such issues, at a fantastic cost to taxpayers.