-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 29 Feb 2004 at 14:01, Fergal Daly wrote:
Personally I can't see much use for a paper trail if the source is fully open. However since it's unlikely the source would be made open (breach of contract or an expensive renegotiation), a paper trail is better than nothing.
The problem is that you don't know that the source code you saw is actually running on the machine and now matter how much you study it, you'll never really know that it's actually 100% bug free.
Data signing techniques could fix this and all software has bugs. Also, you don't need a perfect voting system, just one which is better (more accurate) than the current system - and I'm personally not too bothered about a flawed system which has in place an active method of improvement over time.
BTW when I said "open", I meant it being able to be altered by volunteers a bit like a sourceforge project - not just publishing the source. This brings the formidable security & debuggability advantages of free software to bear. By far and away free software is *ideal* for these kinds of software as they don't need to be innovative.
The worst thing in my mind is to make these boxes and use them unchanged - this gives time for special interests to discover how to compromsie them with no opportunity for the holes to be found and sealed. A paper trail is only useful if what is printed out is identical to the vote recorded electronically and if humans continue to manually count the paper copies (and the latter is precisely what the government is trying to save costs upon).
Cheers, Niall