On Thu, 2004-04-08 at 16:04, Cathal Mc Ginley wrote:
Thanks for your feedback & suggestions, Éibhear; I've incorporated most of it into a new draft, which I've uploaded to the same page: http://homepage.eircom.net/~cathalmcginley/e-voting/draft-letter.html
Well, I know it isn't a popular opinion on this list, but I think that making the e-voting source code public is a distant second to voter verified audit trails and I am concerned that advocating the "nice-to-have" will only reduce our chances of getting the "need-to-have". In effect, we are prioritising the narrow goals of advocating free software over the wider goal of protecting democracy.
Opening the source code gives a false sense of security, if your compiler, or BIOS has been compromised, you can review the source all you want and you won't know that someone has stolen your election.
Voter verified audit trails are secure because their operation is obvious and transparent. I would only have marginally more trust in an election which used open software over one which did not (which isn't much), but I would have almost total trust if there was a V.V.A.T.
Ian.