The Open Voting Consortium is a voting system vendor that promotes itself as a voting integrity advocacy group. Their “About OVC” link states:
The Open Voting Consortium is a not-for-profit organization dedicated to the development, maintenance, and delivery of trustable and open voting systems for use in public elections.
OVC is actively seeking “members” (people to send them money) to fund the development and promotion of an open source voting system. Their product is currently a software prototype. What catches my eye is the text at the end of their product brochure:
mail a check made payable to the Open Voting Consortium to
No, not that. This text:
ALL MACHINES USE OPEN SOURCE SOFTWARE (Everyone can see how all machines are programmed.)
There are so many things wrong with that statement. Believe me, I’ve worked in the area of information assurance for years, in cases where the inner details of the products are made fully available for inspection, and just being able to look is not the same as being convinced that what you see works properly, does not have any logic flaws that subvert its security objectives.
Their May 2008 Demo Disk (550 MB) is online, go download it, examine it, and decide whether it’s secure or not. Think about what “secure” really means in this context. I’m not talking about whether the evil vendor put malicious code in there to change your vote for Blueberries into a vote for Onions. Instead consider the voting machine that very scrupulously records everything you say, but does nothing to protect the voting records at rest on the system. Or a system that can’t tell if it’s got good or bad code running on it.
The assertion “everyone can see how all machines are programmed” bugs me. Yes, I can download the code from online, but how do I know, when I come in to vote, that the code I reviewed online is what is running on the machine before me? What testing has been done on the system and what were the results?
More importantly, is my grandmother going to learn Linux and Python in order to perform a code review, and check the BIOS version of the machine when they boot it on election day? Even if I had a living grandmother, the idea would be ludicrous. The right to look at the code does not equal the skills to look at the code.
Many voting integrity advocates call for voter verifiable paper trails as the solution to concerns about software security and quality, but printers and optical scanners are tools, not a panacea. Remember that electoral fraud has been committed with paper for far longer than it has been possible to commit it with computers.
Okay, with all this in mind, please go read this interview with Alan Dechert of OVC and someone of the Okori Group.
Dechert said that the Open Voting Consortium system would allow for unique read-only discs to be burned for each machine within each precinct and ward. The local poll worker would load the bootable disc into a special computer and printer hybrid that is yet to be designed.
A lot of future tense, it’s worth noting. But that’s not my point.
Dechert says his system is better because it doesn’t use fancy cryptography, it uses a simple chain of custody.
Chain of custody. That means “the machines and all election data is handled by a series of people that we trust.” If the assumption that all of those people are trustworthy turns out to be incorrect, all bets are unfortunately off. Software can be replaced with malicious images, viruses that alter vote totals can be deployed on the system, vote totals can be modified or (even easier) destroyed.
My friend at Punchscan flowcharted it thus:

Without a hardware platform as a secure platform OVC’s model does not satisfy me as being sufficiently robust or secure to safely use in the administration of a major public election. These are my gut feelings as a security consultant and dabbler in voting system security, but take them with a grain of salt since I am also a competitor.
Like I said - analyse it yourself, who knows what you might find.