Tuesday, November 29, 2005

North Carolina & Diebold: less here than meets the eye

Upon first seeing the decision by a N.C. judge that he would deny liabilty protection to Diebold if they refused to provide voter machine source code, one might be inclined to think this was a bold move toward refactoring the broken electoral system. And North Carolina's new law, which requires disclosure of software in voting machines, certainly appeared designed to do that. Lawmakers, perhaps necessarily, overreached or were not specific enough in the legislation and this has given Diebold an out.

Because of the wording of voting maching law, which states that vendors must make available
all software that is relevant to functionality, setup, configuration, and operation of the voting system.
Diebold is now able to claim that compliance with that law would put them in violation of IP rights; they have no legal right to make available the Windows source code on which the Diebold system operates. And this is true. But it is an easy out for Diebold and a very convenient excuse they can use to keep from having to give up their own proprietary code, much of which may prove to be rather embarrassing, if not downright criminal, in its content and function. One of the reasons no one can prove the Diebold machines don't hack the vote is because no one has seen the guts of the software, only it's well-documented, flaky and statistically improbable behaviour.

So, instead of a great boon to the restoration of a transparent electoral system, it winds up giving Diebold a way to weasle out of the requirement and look like upstanding, responsible corporate citizens while doing it. Ugh.

But this loophole is not entirely N.C. lawmakers fault. By requiring exposure of all software systems on the voting machines, lawmakers seem to understand that Diebold could easily have installed rootkits on the Windows machines. And if the OS were not required to be exposed, rootkits could and would provide back doors into the Windows OS and still leave the voting machines vulnerable and insecure. Do I distrust Diebold enough to believe they would do this? Uh, yeah.

What this situation really demonstrates is that, if the US continues on the path toward full electronic voting, open source software is what should and must be used in the future.* It still boggles my mind that the voting machines in the country are provided by a strongly partisan third party vendor. It is an utterly absurd situation, a situation of which too few Americans are likely even aware.

See my blurb on the latest Ohio election nonsense.

*Massechusetts is currently embroiled in a fight with Microsoft over requiring state documents to conform to XML Open Document standards. This meant that Microsoft Office was out the door. Microsoft initially seethed about this, then came up with some half-assed "Open XML," which is not really open at all. But MS is still fighting it. With a raft of lobbyists in Boston, MS fully intends to try and veto the move. Wankers. We have a ugly show here of corporate America telling the government what to do and it is a disgraceful display indeed.


Post a Comment

<< Home