Digital Edition

SYS-CON.TV
E-Voting Companies Ordered To Submit Source Code
E-Voting Companies Ordered To Submit Source Code

Expecting worries and auditing concerns that Election Day e-voting machines may cause, companies that develop the machines have provided the National Software Reference Library with copies of their software. This is a federally mandated security measure that has been added to verify that auditors are working with the same code the manufacturers state resides in their machines.

The software code was filed at the request of the Election Assistance Commission. This federal body was created in 2002 as part of the Help America Vote Act set up the same year. Commission members say they want reference copies of the code so that if any dispute arises over the validity of tabulated e-votes, officials can compare the software to see if any changes were made.

The library stores the individual voting programs as object code, so it can be viewed the way computers read this machine language. Unlike most software, voting systems have to meet state and federal laws to gain certification. Once the software is in the library's possession, no fixes at all - no matter how small - can be made. Even innocuous changes to source code to fix bugs invalidates the machine.

Companies whose code is now in the Software Library's hands include Diebold Election Systems, Election Systems and Software, Inc., Sequoia Voting Systems, and Hart InterCivic. The submissions include both hardware, the voting machine itself, and back-end tabulators.

Two other companies, that provide various e-vote auditing services, have already, or intend to, follow suit.

VoteHere presented their code, creating a second verification layer that can be authenticated. The VoteHere system offers auditing capabilities to all the machines that have filed source code with the National Software Reference Library.

Avante Technology, according to Barbara Guttman, manger of an interoperability group at the information technology lab at the National Institute of Standards and Technology, will be filing code for their VoteTrakker system.

While in theory the idea seems sound, some prominent figures have openly criticized e-voting technology. Harvard University computer scientist Rebecca Mercuri, said the code library does not take into account other elements that can also swing ballot counts, such as whether the electronic ballot is laid out correctly.

Will Doherty, executive director for e-voting watchdog group Verified Voting, offered a more moderate view. He said the software stored by the Reference Library, "is not all we would ask, but it is a step in the right direction."

About Jeremy Geelan
Jeremy Geelan is Chairman & CEO of the 21st Century Internet Group, Inc. and an Executive Academy Member of the International Academy of Digital Arts & Sciences. Formerly he was President & COO at Cloud Expo, Inc. and Conference Chair of the worldwide Cloud Expo series. He appears regularly at conferences and trade shows, speaking to technology audiences across six continents. You can follow him on twitter: @jg21.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

Because 90 percent of the evoting process is hidden from view, I have very little confidence in data quality without some form of hardcopy. This is based on 30 years of programming, not whether I like either of the leading candidates. There are just too many ways to horse around with the numbers to allow a black-box, paperless, open server system to drive the course of history.

This article is incorrect in it's reporting that source code was provided to the library. None of the vendors of voting machines gave any proprietary code, patches, software updates or software upgrades. There was also no order from the EAC that the vendors comply. The EAC cannot order anyone to do anything. They are only an oversite group.

The title says the source was submitted, but the body of the article first says the software was submitted, but later refers to it as "software code". Which was it? The source code and the software are not the same thing at all.

The real enemy is not so much the terrorist but complacency. People need to stop new attacks and there are new systems that bypass traditional technology to give a more secure system. The primary thing to guard against is the attack to our e-commerce systems.

As soon as someone uses the term e-terrorism they begin to lose credibility with me. The whole idea of terrorism is to do something that creates terror. You need the physical realization of violence, and there is very little terror inspired by bits and bytes.

How long before we have e-terrorism aimed at the new e-lectoral system I wonder? We have 4 more years now to prepare for such a contingency, doubtless Homeland Security has a group working on it. Sad times we live in.




ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

Artifex Software began 25-years ago with Ghostscript, a page description language (PDL) interpreter ...
In an age of borderless networks, security for the cloud and security for the corporate network can ...
Isomorphic Software is the global leader in high-end, web-based business applications. We develop, m...
Cloud Storage 2.0 has brought many innovations, including the availability of cloud storage services...
In very short order, the term "Blockchain" has lost an incredible amount of meaning. With too many j...
For enterprises to maintain business competitiveness in the digital economy, IT modernization is req...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with exp...
Cloud-Native thinking and Serverless Computing are now the norm in financial services, manufacturing...
Most modern computer languages embed a lot of metadata in their application. We show how this goldmi...
On-premise or off, you have powerful tools available to maximize the value of your infrastructure an...
Public clouds dominate IT conversations but the next phase of cloud evolutions are "multi" hybrid cl...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with exp...
Every organization is facing their own Digital Transformation as they attempt to stay ahead of the c...
Data center, on-premise, public-cloud, private-cloud, multi-cloud, hybrid-cloud, IoT, AI, edge, SaaS...
DevOps has long focused on reinventing the SDLC (e.g. with CI/CD, ARA, pipeline automation etc.), wh...
Now is the time for a truly global DX event, to bring together the leading minds from the technology...
In a recent survey, Sumo Logic surveyed 1,500 customers who employ cloud services such as Amazon Web...
In today's always-on world, customer expectations have changed. Competitive differentiation is deliv...
Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures....
Moving to Azure is the path to digital transformation, but not every journey is effective. Organizat...