«
»

OVC: Use chain of custody to fix chain of custody!?

July 31st, 2008 by Aleks Essex and Richard Carback in : Concepts in E2E,Voting Goals

Open Voting Consortium and Okori Group offered a new open source voting system solution at LinuxWorld 08. According to the CNET interview:

Dechert says his system is better because it doesn’t use fancy cryptography, it uses a simple chain of custody.

This statement right here is the deal breaker. Why? I would hope it’s obvious:

Chain of custody to solve a faulty chain of custody?

A solution requiring the non-existence of the very fault-condition it attempts to solve is not a solution.

Folks, accept no substitutes. End-to-end verification: often imitated, never duplicated.

This entry was posted on Thursday, July 31st, 2008 at 12:29 pm and is filed under Concepts in E2E, Voting Goals. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

5 Responses to “OVC: Use chain of custody to fix chain of custody!?”

  1. Rick Says:
    July 31st, 2008 at 1:30 pm

    I’m an open source enthusiast, but this statement makes me question if they have a plan for anything viable.

    You have to wonder what he was talking about with that statement, and he wasn’t misquoted because he repeated it in the videos. The early results of the election are incredibly important, and those results are generated by the computer. This creates a big problem if you have no authentication and no cryptography to protect at least the early count.

    Even if you plan to do a full recount each time, every time, (which I doubt is what they are proposing) it is easy to see that this approach is going to be problematic.

  2. Rick Says:
    July 31st, 2008 at 1:39 pm

    Apparently, this isn’t going over so well. We aren’t the only one’s who noticed this was problematic. Take a look at the comments:

    “touch the screen, get a barcode you can’t verify, feed it into another machine” nonsense.

    As has been suggested before, a means by which the voter can confirm that his vote was tallied accurately is likely the best course. That is, when looking at the tallied voting results, if the voter can search for a vote with a particular code number printed on the voter’s receipt, then the voter can confirm that his intended votes were tallied correctly.

    Having worked as a polling place official, I agree that this proposal is too complicated and prone to errors. There will be too many people bypassing the scanning step and just dropping the unscanned uncounted ballot in the box. That is why the local paper ballot and scanning system has the ballot scanner on the ballot box itself, the ballot is scanned to deposit it in the box.

    That second one sounds eerily similar to scantegrity, but doesn’t go nearly as far as we do.

  3. sfpearce Says:
    August 8th, 2008 at 12:05 am

    Here is a two-minute video about the open source voting event at the Linux convention:

    http://www.youtube.com/watch?v=4E2eTg_LQ4E

  4. Aleks Essex Says:
    August 8th, 2008 at 3:28 pm

    Ok, its an open-source automark device.

    The fact is, the voter is verifying the piece of paper, NOT the software that prints it, so its open-sourceness is entirely irrelevant to the transparency of this—the collected-as-cast—verification process.

    It seems like OVC is confusing trustworthiness with correctness to push an OSS agenda. They’re not equivalent, and OSS is neither necessary nor sufficient as a proof of correctness.

  5. Glass Box Voting » Blog Archive » Open Source does not equal secure, chapter 437 Says:
    August 22nd, 2008 at 9:20 am

    [...] My friend at Punchscan flowcharted it thus: [...]

Leave a Reply