July 16, 2004 (Computerworld) -- WASHINGTON -- The president of one of the most influential IT vendor associations is accusing electronic voting system critics, many of whom are IT security researchers, of using the issue of e-voting security to wage a "religious war" that pits open-source software against proprietary software.
A recent survey by the Arlington, Va.-based Information Technology Association of America (ITAA) showed that 77% of registered voters aren't concerned about the security of e-voting systems, and ITAA President Harris Miller said critics who claim to be concerned about the issue are really pushing a political agenda on behalf of the open-source software community.
"It's not about voting machines. It's a religious war about open-source software vs. proprietary software," Miller said in an interview with Computerworld. "If you're a computer scientist and you think that open-source software is the solution to everything because you're a computer scientist and you can spot all flaws, then you hate electronic voting machines. But if you're a person who believes that proprietary software and open-source software can both be reliable, then you don't hate electronic voting machines."
Kim Alexander, president of the California Voter Foundation, called Miller's characterization "nonsense."
"Every technologist that I have worked with believes that even if we had open-source software, we would still need a paper [audit] trail," said Alexander. "There would be no guarantee that the software that was inspected by the public would be the same software that is running on every machine in every jurisdiction in the country."
Eric Raymond, president of the Open Source Initiative (OSI), a nonprofit organization that promotes standards and criteria for open-source software, said Miller has the issue wrong. "Most [e-voting] critics, including me, aren't focusing on open-source vs. closed-source at all, but rather on the lack of any decent audit trail of votes -- one that can't be corrupted by software. Open-source would be nice for all the real reasons but is less important than the audit trail."
Other supporters of voter-verifiable paper audit trails, including Avi Rubin, a professor at the Johns Hopkins University Information Security Institute, questioned the ITAA's decision to survey average voters about a technical security question.
"Would they ask questions about the safety of a medical procedure of patients or of doctors?" asked Rubin. "They should ask computer security experts about computer security questions, not end users, who may like the look and feel of the machines but have no way of knowing if they are really secure."
Miller acknowledged that security has to be a top priority but stopped short of saying that the IT security community is in agreement about the security vulnerabilities. "There's never been a demonstrated case of fraud other than an occasional mechanical problem," said Miller. Asking proponents of open-source software to comment on the security of electronic voting systems "is like asking a bunch of clergymen what they think of premarital sex," he said.
Jim Adler, CEO of VoteHere, a Bellevue, Wash.-based developer of secure voting technology, agreed that to date the biggest issue facing election security and accuracy hasn't been the security of the software used in the machines.
"The reality is that 2 million votes were lost in the 2000 election because of machine malfunctions or machine-user interface problems. So the long pole in the tent hasn't been security," said Adler.
However, Jeff Zaino, vice president of elections at the American Arbitration Association in New York, the largest provider of private election administration services in the country, said paper audit trails for electronic systems are critical -- not only to voter confidence but to preventing an endless number of legal challenges if the election is close.
Only two states, Florida and California, have a manual recount law -- and in Florida, the law doesn't apply to paperless touch-screen systems. "In principle, it's outrageous that we have secret, proprietary voting systems," said Alexander. "We have outsourced our elections to private companies and handed over the keys to the kingdom to a handful of vendors. And all they have said since this debate started is 'Trust us.'"
For more about this topic, see our special coverage page on E-voting.
Specialists have retrieved about 99% of the data on a disk drive on board the crashed space shuttle Columbia. Don't miss the photographs of the recovered drive.
Nearly 20 years after the first Internet worm, Steven J. Vaughan-Nichols takes stock of the malware/anti-malware landscape and spotlights how the two sides are approaching the battle.
Download this Computerworld Report, free, compliments of HP. (Source: Computerworld) Data Storage has emerged from the back room to become a key part of regulatory compliance, disaster recovery and strategic tecnhology plans. Learn more in this new this Computerworld report, a $49.95 value, available free for a limited time, compliments of HP.
Download this executive briefing
Web Security SaaS: The Next Generation of Web Security
Download this whitepaper, free for a limited time, compliments of Webroot Software. (Source: Webroot Software) The Web is the new threat vector of choice for hackers and cybercriminals to distribute malware and perpetrate identity theft, financial fraud, and corporate espionage. This paper outlines the challenges facing many SMBs and provides solutions for overall security effectiveness and reducing the burden on IT departments.
Download this white paper
Why SaaS is Vital to Email and Web Security
Why SaaS is Vital to Email and Web Security
Download this webcast, free, compilments of Webroot Software
Go to the webcast
White Papers
Read up on the latest ideas and technologies from companies that sell hardware, software and services.
Eliminate SPAM, Gain Productivity Learn all about the dangers and the costs of spam in all its forms – from stock-touting to spreadsheet. Also, understand the drawbacks of traditional hardware- and software-based defenses – and the unique benefits of MessageLabs multi-layered, managed Anti-Spam solution; as illustrated by a real-world case study where MessageLabs stopped spam cold.
Download this white paper now! See more Whitepapers
Planning Virtualization for Production Environments The overwhelming complexity of the modern data center compounds the problem of how to safely virtualize IT environments. This paper provides an in-depth guide to analyzing complex environments for virtualization opportunities, particularly within production environments where stability, service levels and performance are of the upmost performance. Download this
white paper now