% fortune -ae paul murphy

Resurrecting E-voting

The biggest, most visible, compliance issue in the world involves certifying the integrity of vote counting processes

As I noted yesterday, an expert dragged into court to testify and asked point blank whether it is theoretically possible that a voting process built around voting machines running local applications could be corrupted has to say Yes - and that reality, no matter what caveats you put on it, dooms the current client-server architecture for e-voting.

If, however, votes were collected on Sun Rays running centralized applications, that same expert would have to say No - the fact that there's no local program running, means there's nothing there to corrupt.

You can't replace the device without getting caught either - the end to end cryptology depends on device recognition; a physical replacement can't masquerade as the real machine without setting off alarms; and, booting the real Sun Ray from a local flashdrive in order to have it interact with, rather than just show, the remote application might be possible but would certainly require extensive hardware modification first.

So in the U.S. context if you had local governments managing system deployment, machines connecting to state wide data collectors for the voting application, and the state level machines feeding data to a national reporting application, you'd still have opportunities for both voting and vote counting fraud, but they wouldn't pertain to the voting machines.

Instead they'd be all the usual ones outside the booth - from fake registrations to miraculous after the count discoveries of boxes stuffed with ballots overwhelmingly favorable to the suing candidate - and a few pertaining to overall systems operation and reporting.

E-voting has nothing to say about most of the cheats that take place outside the ballot processing arena - although an integrated program aimed at making e-voting a reality would undoubtedly start with a focus on voter list maintenance support. The other issues, however, have generally obvious and proven solutions: for example feeding results concurrently to two separately managed sets of servers at the state and national levels creates audit opportunities that will deter most cheats and allow for after the fact recognition and prosecution of those who try anyway.

The bottom line on using something like a Sun Ray in the voting booth with standard Solaris hardware and software on the backend is that this isn't hard to do, reduces the number of machines for which strong audit controls are needed by a factor of a thousand, and wouldn't cost, nationwide, what individual states like Ohio paid for systems they now have to throw out.


Paul Murphy wrote and published The Unix Guide to Defenestration. Murphy is a 25-year veteran of the I.T. consulting industry, specializing in Unix and Unix-related management issues. As I noted