Election Machine Conflict of Interests

From EPIC:

EPIC FOIA Notes #11: No-Bid Contracts Go to Vendors with Close Ties to Election Advisory Group

Documents obtained by EPIC from the Election Assistance Commission describe two no-bid contracts for work on voting system standards given to vendors with ties to the Commission's technical advisory committee.

From a security perspective, this seems like a really bad idea.

Posted on January 26, 2006 at 7:35 AM • 13 Comments

Comments

Brian ThomasJanuary 26, 2006 8:38 AM

Your gift for understatement is showing...

"a security perspective" > "many perspectives";

"seems like" > "is"...

Good morning.

wwgJanuary 26, 2006 9:27 AM

It's my understanding that a consortium of voting machine vendors has been defining their own technical standards forever. I don't have references for this on hand though.

DanJanuary 26, 2006 9:31 AM

This is a very bad idea. Without an impartial, independent technical advisory board, who is watching the watchers?

MitchJanuary 26, 2006 9:33 AM

Quick search of SourceForge didn't show anything up... is there any attempt at building an Open Source Electronic Voting Booth?

What would be the "perfect" requirements spec for this? e.g. receipts versus no reciepts, user interface for "multiple election days", hardware, software hashes to detect tampering, anti-stuffing, etc...

Even if it was rubbish implementation, it might give Election Commissions a stick to beat the current corporations with, in the same way that UK councils threaten to go Open Source to get Microsoft price/contract conditions changed.

(PS I know I spelt receiepts wrong. Pick whichever spelling you prefer :)

RoyJanuary 26, 2006 9:35 AM

Is this an example of semantic shift? Are they now called 'voting machines' because they do the voting rather than the electorate?

Pat CahalanJanuary 26, 2006 12:32 PM

@ Mitch

> is there any attempt at building an Open Source Electronic Voting Booth?

Well, before starting a project, we should first define what the problem is, right?

So, what's the point of EVBs? There's multiple threads on this blog discussing EVBs, and people here haven't decided how they want them to work. We should probably have a standard for that before going any farther.

(P.S. -> if you read those other threads, you'll find that I'm fairly strongly against the idea of EVBs entirely...)

Ed T.January 27, 2006 6:31 AM

@Davi Ottenhaimer,

"Maybe they should be renamed 'voting robots'."

Or, in current lingo, 'vBot'. It would sure give the bot-net operators something to use all those zombified PCs for ;-|

-EdT.

Ed T.January 27, 2006 6:32 AM

BTW,

I don't see any problem with the vendors working on the standards, so long as those standards are subject to an independent peer review. If they are kept secret, however, there would *definitely* be a problem.

-EdT.

madmikeJanuary 31, 2006 12:41 PM

@Rich
Open source, open standards, no no-bid contracts. When will they ever learn?

Here are three things they have learned:

They can't make money if it is open source.

The can't control the product using open standards.

They can cozy up to the decision makers and be selected based on that relationship instead of an evaluation of their product.

madmike

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..