My understanding is that “Open Source” software is publicly available. That anyone interested can access the code.
This is no doubt a naive and fuzzy view of the concept, because Commissioner Jim Howell has responded as follows:
Please know, Henry Adkins equipment is based on an open source platform (linux) but all their software is proprietary. If the vendor represented their software as open source, then they were highly misleading. Their software for counting votes is exactly as proprietary as ES&S. If open source software were truly being used, then it could be argued that someone in Sedgwick County could potentially make changes to the software that could change the way the machines operate. I see this as a vulnerability as much as you and Ms. Clarkson see it as a preference. When the ability to change the software is totally out of our control, then we cannot be accused of making changes that might affect the outcome of the election and would also be difficult to defend or verify. Having this out of our control is a good thing in my opinion. Auditing the processes end-to-end (every election, randomly selected 1% of precincts) will give us confidence and assurance that everything is as it should be. Open source SW creates more questions and opens doors for distrust on the election systems. For the record, Sedgwick County does support HB2543 and we look forward to doing the audits as prescribed by law when this bill passes the legislative process.
If the vendor was misleading me and I fell for it, it wouldn’t be the first time. If I misunderstood the technical details and made a few false assumptions, it wouldn’t be the first time for that either. I’ve meant to go their website and check it out, but I’ve been rather busy at work this week and haven’t managed it yet. I’m just going to give my opinion without looking up definitions first and specifications first. It can be a very detail oriented task and it’s a bit late in the day for me to attempt it.
I disagree with Commissioner Howell that open source software implies that anyone can change it. Open source only allows people to see the code, check for backdoors, hardcoded passwords and other security breaches. It does not allow the software to be changed unless the evildoer also has physical or wireless access to the computing equipment. Access to the equipment is supposed to be rigorously controlled and without any wireless connections.
It’s arguable that open source grants more people the knowledge necessary to undermine the voting system if they can also get access. I find the additional transparency provided by open source software a worthwhile trade off for that increase in risk, but I can understand if others disagree on that point.
If the Henry Adkins software is actually proprietary, not open source, that fact would curb my enthusiasm for them quite a bit. I still consider their system superior to the ES&S for the other reasons I listed, but the difference is considerably less.
I want to give kudos to commissioner Howell for supporting routine audits of the electronic voting results. I think that’s great!
9 thoughts on “What exactly does “Open Source” mean?”
Are you comfortable with only 1% being audited? It seems like a very small sampling…
Yes, if the 1% is set as minimum and the sample is randomly selected. If the sample isn’t random, then the percentage doesn’t matter. The data from a non-random sample cannot verify the accuracy of the whole set.
Open Source can be thought of as peer reviewed. It actually strengthens the code base because everyone has access to the code base. Look no further than Drupa.org or Joomla.org for shining examples of open source/peer reviewed software. Both are Content Management Systems for websites. You can’t get any more exposed to potential ‘evil doers’ than a website where hackers do their best to takeover your site. By the process of so many people understanding the way the software works, it becomes very difficult to hack. One would think the Election Commissioner would understand that difference.
The real reason the software is proprietary is simply money. Open Source is free and support is the business plan whereas the proprietary business model is strictly about maximizing profit over security, convenience, or support. Think of it as social engineering versus privatized extraction of government services.
I agree with the previous comment, I just want to clarify that it isn’t just because “so many people [understand] the way the software works [that] it becomes very difficult to hack”. It’s because a certain group of developers with access to change the code keep responding to feedback about security holes from friendly outsiders, who can only read the code. The developers plug the holes — as again confirmed by the community that’s familiar with the product.
Sounds to me like the software vendor tried to ride on the coattails of “open source” by using that term without actually using that model at all.
……”30 Full Voting Rights”……
We need to first and foremost look at the over arching
raw fact that our country is 239 years old and to this
day no voter in any of our 50 states has their “30 Full
Yes, there are about 4 of these 30 full voting rights that
most voters are aware of:
(1) Register to vote.
(2) Get ballot on election day.
(3) Mark ballot in secret.
(4) Place ballot into ballot box or machine.
Many of our election laws might say “we shall have
pure elections”. And many of our election laws, also,
might say “our ‘elective franchise’ shall not be abridged”.
But the full list of the ‘elective franchise’ (or more
succinctly “our 30 Full Voting Rights”) is not spelled
out in our constitutions (fed, states) nor in our election
laws (fed, states, local).
We need to write these “30 Full Voting Rights” into our
constitutions and election laws.
Thanks and Good Luck,
Full Voting Rights Advocate
I think 1% is way too small a random sample to use for an election. Five percent is a minimum sample to get a good idea about whether the vote has been tampered with. In addition, IT’S NOT GOOD ENOUGH JUST TO HAVE AN AUDIT; there has to be a requirement that, if the audit is suggestive of tampering, there will automatically be a complete recount where the paper is counted BY HAND. That has to be part of the law; otherwise, there is no reason for an audit. What difference does it make if, after you locate a fire, you don’t put it out? An audit is small consolation for an election that is lying there smoldering on the ground along with the democracy it is supposed to represent.
HB2543 has a hearing on Monday. In the bill, there is a provision that states: “If a discrepancy is reported between the audit
and the unofficial returns and cannot be resolved, the county election officer or the secretary of state may require audits of additional precincts.”
One of my degrees is in Industrial Technology which focuses on developing improved quality efficient manufacturing processes. In my job over the last 25 years, I have been in a flight and ground test world developing ways to test aircraft for product improvement and certification. In this field of testing and evaluation, we always want to verify the measurement system end to end. We never check 100% of the potential range or function but we do check a sample large enough to give confidence that the measurement tool is accurate within a stated certainty. For example, a pressure transducer is designed to measure media pressure and we’d compare it’s measurement capability against a pressure standard. The standard itself is also tested against a primary or physical standard. We might check several standard input pressures to ensure the system is accurately measuring across the entire pressure range. This gives confidence that the transducer has worked and will work as designed across the pressure range per the specifications needed. We never check every possible pressure but a reasonable sample to give confidence. If the transducer fails one of these checks, then corrections must be implemented of course. The standard that the transducer is checked against is a primary standard and is certified traceable to NIST. This gives assurance that when we measure something, the measurement is verified all the way to a primary or physical standard. The input must match the output. Internally, it does not matter ‘how’ the equipment functions internally as long as it does it’s job accurately, and consistently, and the output matches the input.
In the case of voting, if we check 1% and it matches exactly, then why check another 1%. If you say we should check 2% then why not 3% or 4% or more percent? What is the right number? This is a subjective question knowing that we will have approximately 185,000 ballots cast just in Sedgwick County. 1% is almost 2000 ballots that must match machine totals exactly. Unless there is evidence that results are not cross checking accurately, then there is not a reason to enlarge the sample size If however, the results don’t match up, then enlarging the sample size will be necessary of course. Remember audit will be done on a random sample and after the election itself. This will confirm the election that just happened was accurately totaling the votes properly within some reasonable certainty. We don’t need to reverse engineer the internal workings of the system but we must verify that the input and the output match exactly in order to verify the overall system works.
One of the pernicious issues with electronic voting machines is that, open source or not, the software can be changed (indeed, it’s designed to allow flash updates). There is a requirement (I think I’m correct on this) that the source be made available to election officials. Theoretically, they can examine it for bugs/malicious behavior, compile it themselves, and then compare their known complied program, bit-for-bit, with the one residing in the machine. If that isn’t a) possible, and b) actually done, then authorities really don’t know what’s going on inside the machine.
My reseach indicates that the software is never seen by officials. A copy is placed in escrow in case the company fails, someone else can take over.