more on comments on NIST "Draft Report on Voting System Vulnerability"

[David Farber <dave () farber net>]

Begin forwarded message:

From: L Jean Camp <ljean () ljean com>
Date: December 4, 2006 6:17:35 PM EST
To: dave () farber net
Subject: Re: [IP] comments on NIST "Draft Report on Voting System  
Vulnerability"


We have a process and a history. We can no more dump that process  
than can we dump english and select a superior language.  I know many  
many people advocate movement towards a professional civil service  
for voting oversight. Others believe that this is impossible, and  
embrace the hackery so often common now as better than smooth  
professional subversion. Whatever the case, we certainly should not  
adopt a technology that fails to fit the process.

We also should not adopt a single mechanism for voting that is,  
excuse me, patented by the person advocating it.

Here are some basic recommendations, none of which require major  
reconfiguration of the process.

•       Open Technology
The acquisition and evaluation of election and voting technology  
should be subject to public participation. Further, symposium  
participants advocate the use of open code in electronic systems to  
facilitate transparency. EAC and NIST voting standards should be open  
and  implemented freely.

•       The Power of Hybrid Electronic-Paper Voting Systems
Paper and electronic systems each have unique and potentially  
complementary strengths. Electronic systems can provide fast counts,  
suitable ballots, and ease the vast logistics problems of voting.  
Paper provides auditable counts, ease of use, and voter confidence.  
Emphasis on accurate vote counting must be balanced with speed – a  
tally can be quick or rigorous, but not both.

•       Rigorous Testing
Rigorous testing and certification of electronic voting technologies  
is needed, for security, reliability, and usability.  Such testing  
should be led by NIST and the EAC and should be implemented quickly.

•       Focus on The Human Element
With improved technologies, the people who administer elections  
matter more, not less. More training, additional incentives and  
improved remuneration for poll workers is needed immediately.

•       Technically Appropriate Processes
Processes should be designed to address the unique strengths and  
weaknesses of particular voting systems. Process design should assume  
that failure will occur and address the possibility of failure before  
an election. There should  be agreed-upon rules for resolution of  
uncertainty before the conflict occurs.

•       Auditing
There should be extensive random auditing of election outcomes as  
well as a binding reconciliation process. Ballots should be tracked  
through a custody chain.




http://www.ljean.com
Net Trust  http://code.google.com/p/nettrust/
Economics of Security  http://www.infosecon.net/





-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/