You are viewing an obsolete version of the DU website which is no longer supported by the Administrators. Visit The New DU.
Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

Reply #28: Avi Rubin on software vs. lever machines: [View All]

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread
Home » Discuss » Topic Forums » Election Reform Donate to DU
Bill Bored Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Feb-24-09 03:14 AM
Response to Reply #23
28. Avi Rubin on software vs. lever machines:
http://avi-rubin.blogspot.com/2007/08/secretary-bowens-...

The current certification process may have been appropriate when a 900 lb lever voting machine was deployed. The machine could be tested every which way, and if it met the criteria, it could be certified because it was not likely to change. But software is different. The software lifecycle is dynamic. As an example, look at the way Apple distributes releases of the iPhone software. The first release was 1.0.0. Two minor version numbers. When the first serious flaw was discovered, they issued a patch and called it version 1.0.1. Apple knew that there would be many minor and some major releases because that is the nature of software. It's how the entire software industry operates.

So, you cannot certify an electronic voting machine the way you certify a lever machine. Once the voting machine goes through a lengthy and expensive certification process, any change to the software requires that it be certified all over again. What if a vulnerability is discovered a week before an election? What about a month before the election, or a week after it passes certification? Now the point is that we absolutely expect that vulnerabilities will be discovered all the time. That would be the case even if the vendors had a clue about security. Microsoft, which arguably has some of the best security specialists, processes and development techniques issues security patches all the time.

Software is designed to be upgraded, and patch management systems are the norm. A certification system that requires freezing a version in stone is doomed to failure because of the inherent nature of software. Since we cannot change the nature of software, the certification process for voting machines needs to be radically revamped. The dependence on software needs to be eliminated.


Well, we don't depend on it in New York now, so our job is a lot easier -- if everyone would just leave us alone!
Printer Friendly | Permalink | Reply | Top
 
  -Voter's Unite Responds to NYVV's Innaccurate and Incomplete "Fact (sic) Sheet" Wilms  Feb-20-09 11:24 PM   #0 
  - Are they all sleeping? Or are they just not doing their job  kster   Feb-21-09 01:11 AM   #1 
  - hey, do you have hand counted paper ballots in your home town, county or state?  WillYourVoteBCounted   Feb-21-09 12:31 PM   #3 
  - Hand Count  a777pilot   Feb-21-09 12:37 PM   #4 
     - Welcome to DU, 777.  troubleinwinter   Feb-21-09 07:49 PM   #5 
     - Hand Count E'm if you Got Em  kster   Feb-22-09 01:12 AM   #8 
  - We in NC deliberately chose the term "voting system" to ensure  WillYourVoteBCounted   Feb-21-09 12:29 PM   #2 
  - They are not working against each other. NYVV has mistated some facts and VU has corrected them.  Bill Bored   Feb-21-09 10:46 PM   #7 
  - yeesh  OnTheOtherHand   Feb-22-09 07:28 AM   #9 
     - Wrong.  Wilms   Feb-22-09 10:53 AM   #10 
        - huh?  OnTheOtherHand   Feb-22-09 01:17 PM   #11 
           - I'll put a lever up against a DRE, any day, in a transparency competition.  Wilms   Feb-22-09 04:14 PM   #12 
              - is that the choice?  OnTheOtherHand   Feb-22-09 07:41 PM   #13 
                 - The difference is...  Bill Bored   Feb-22-09 08:38 PM   #14 
                 - Pencil lead will wear away as gears rub against it over the course of election day...  demodonkey   Feb-22-09 09:26 PM   #15 
                    - Well, that's why the machine should be tested before each election and LOCKED.  Bill Bored   Feb-23-09 01:42 PM   #20 
                       - The old-time reasoning was that the person doing the locking was the person inserting the lead.  demodonkey   Feb-23-09 06:17 PM   #22 
                          - One problem with this scenario in NY:  Bill Bored   Feb-23-09 08:56 PM   #25 
                 - You brought up DREs. I didn't.  Wilms   Feb-22-09 10:40 PM   #16 
                 - but so far you haven't addressed my central point  OnTheOtherHand   Feb-23-09 05:44 AM   #17 
                    - I did address your point.  Wilms   Feb-23-09 09:25 AM   #18 
                       - it's my vote, not yours  OnTheOtherHand   Feb-23-09 12:51 PM   #19 
                          - Wilms' point about the "Me Generation" is intertesting.  Bill Bored   Feb-23-09 02:25 PM   #21 
                          - I just don't think this is correct  OnTheOtherHand   Feb-24-09 08:02 AM   #30 
                             - This isn't about Novick...or Jones.  Wilms   Feb-24-09 09:29 AM   #31 
                             - I'll tell you who's really in deep denial:  Bill Bored   Feb-26-09 02:36 AM   #34 
                             - Can I quote you?!?  Wilms   Feb-26-09 09:13 AM   #35 
                                - Wilms, WTF?  OnTheOtherHand   Feb-27-09 04:09 PM   #36 
                                   - I'm just appreciating it.  Wilms   Feb-27-09 09:07 PM   #37 
                                   - Now boys, boys...please let's try to keep the discussion CIVIL!  Bill Bored   Mar-02-09 02:23 PM   #51 
                          - How's those ballot security bills going in the NYS Legislature?  Wilms   Feb-23-09 09:34 PM   #26 
                             - no, I'm totally frustrated about the matter at hand  OnTheOtherHand   Feb-24-09 07:57 AM   #29 
                                - It's bizarre to you.  Wilms   Feb-24-09 09:34 AM   #32 
                 - Levers are NOT transparent, their plus is the limited risk compared to risk with computerized voting  WillYourVoteBCounted   Feb-23-09 07:17 PM   #23 
                 - Avi Rubin on software vs. lever machines:  Bill Bored   Feb-24-09 03:14 AM   #28 
                 - Levers are NOT transparent, their plus is the limited risk compared to risk with computerized voting  WillYourVoteBCounted   Feb-23-09 07:17 PM   #24 
                    - See Post #21. Transparency is in the eye of the beholder, but with software,  Bill Bored   Feb-24-09 03:07 AM   #27 
  - self delete  Cookie wookie   Mar-06-09 07:14 AM   #52 
  - K&R!  Stevepol   Feb-21-09 08:28 PM   #6 
  - NYVV's interpretation re permanent paper records is reasonable  payin attention   Feb-26-09 12:48 AM   #33 
  - well...  OnTheOtherHand   Feb-28-09 10:10 AM   #38 
  - GIven the EAC Advisory, NYVV is reasonable  payin attention   Feb-28-09 10:29 PM   #39 
     - the ground is getting a bit boggy  OnTheOtherHand   Mar-01-09 09:24 AM   #40 
     - Professor Blur, do you still defend Lipari being disingenuous and misleading?  Wilms   Mar-01-09 10:19 AM   #41 
        - dude, you are flatly misquoting him  OnTheOtherHand   Mar-01-09 12:40 PM   #42 
           - I have not misquoted him.  Wilms   Mar-01-09 01:41 PM   #43 
              - look, you can't win this  OnTheOtherHand   Mar-01-09 06:05 PM   #46 
                 - Hey. I already "won".  Wilms   Mar-01-09 07:14 PM   #47 
                    - I welcome anyone to listen to the MP3  OnTheOtherHand   Mar-01-09 09:00 PM   #48 
                       - Forget my "line". It's Lipari's at issue.  Wilms   Mar-01-09 10:48 PM   #49 
     - That advisory is NOT reasonable!  Bill Bored   Mar-01-09 05:11 PM   #45 
  - You are wrong. Here's why:  Bill Bored   Mar-01-09 05:00 PM   #44 
  - Oh, and BTW, you're wrong about this too:  Bill Bored   Mar-02-09 02:01 PM   #50 
  - kick! nt  Bill Bored   May-20-09 10:58 AM   #53 
 

Home » Discuss » Topic Forums » Election Reform Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators


Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC