Home / News & Blogs

Firm invites experts to punch holes in ballot software

Robert Lemos | April 6, 2004 11:23 PM PDT

Summary

VoteHere, a maker of security software for voting machines, publishes the source code for its product online in hopes that peer review will reveal any weaknesses.

Topics

Robert Lemos
VoteHere, a maker of security software for voting machines, publishedthe source code for its product online in hopes of garnering additional analysis of its method for verifying the integrity of electronic votes.

The company, which has patented its VHTi technology, wants comments, not competition, so it released the code and several documents to its Web site under a license that restricts use of the code to analysis for a period of 60 days.

"We pride ourselves on being good students of cryptography," said Jim Adler, founder and CEO of the Bellevue, Wash.-based company. "We know thereis no security through obscurity, so we want to be open."

Revealing encryption algorithms for peer review is a standard practicein encryption circles and allows experts to poke holes in other people's technology. VoteHere hopes the additional scrutiny will prove that itstechnology is sound, Adler said.

The company's software is designed to let voters verify that their ballots were properly handled. It assigns random identification numbers to ballots and candidates. After people vote, they get a receipt that shows which candidates they chose--listed as numbers, not names. Voters can then use the Internet and their ballot identification number to check that their votes were correctly counted.

"It doesn't protect the system from compromise, but it detects whencompromises happen," Adler said. "We are the barking dogs: If anythingtouches the ballots, it can be detected."

The move comes as questions arise about the security of electronic and Internet voting.

Though few problems with electronic votingmachines arose on March 1, Super Tuesday, many problems have cropped up during other elections.

Some states, Michigan among them, are going full bore to ballots cast on the Internet, despite some computer scientists' concerns that the Net is not secure enough to prevent election tampering. About 28 percent of Michigan voters cast their ballot online in February during that state's Democratic caucus. In the same month, the Department of Defense backed away from plans to conduct a trial that could have let the 6 million Americans abroad cast their vote online.

VoteHere has had its own security issues to deal with as well. InDecember, the company called in the FBI to investigate a breach in the company's network.Adler said the investigation was ongoing and stressed that VoteHere's plans to release source code had been in the works since last summer.

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
Click Here

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity