There are many calls for open source voting software now that the U.S. wants to replace manual ballots. There are such systems out there. Here are pointers. Read the code just so you can tell your legislators that you have.
The US wants to replace manual ballots? When was this decided?
HAVA -- the Help America Vote Act. The legislation says that "states are not required to purchase computerized voting systems, they can still obtain mark-sense (optically scanned) products, but in order to receive certain of the equipment funds, the plan must indicate that the state will replace all of its lever and punch card machines by the first election for Federal office held after January 1, 2006." (From Rebecca Mercuri's site, http://www.notablesoftware.com/evote.html
The Australian Capital Territory's electronic voting system, which was first used at the October 2001 election, is the first of its kind to be used for parliamentary elections in Australia. The system uses standard personal computers as voting terminals, with voters using a barcode to authenticate their votes. Voting terminals are linked to a server in each polling location using a secure local area network. No votes are taken or transmitted over a public network like the Internet.
The software for the electronic voting and counting system was built using Linux open source software, which was chosen specifically for this electoral system to ensure that election software is open and transparent and could be made available to scrutineers, candidates and other participants in the electoral process.
Unfortunately, this stuff is still in C, which means no reverse decompile, no byte code security, etc. Java is still that universal answer to this. Maybe a direct translation to Java?
Why would anyone want to reverse decompile ? Why not just recompile the application (both its source and the compiler are open source, right ?) and then verify that this fresh version is byte-for-byte identical ? I agree that Java is preferable for other reasons.
Part of the problem with this approach is that the source must be compiled with exactly the same compiler using exactly the same switches, etc.
Since Sun controls the Java byte-code spec they also control the output of Java compilers. It is
really easy to compare the byte code output of two compilers against each other to see if they are the same; one can repeat that to compare two sources against each other. With Java you always end up with the same byte code if you have the same source code.
I'm a bit skeptical. Are you saying every Java compiler has zero switches ? Or that the switches have no effect ?
I think voting should require a paper-trail and an optional detailed receipt to the voter. One way to create a cheaper voting system is to use regular paper (but slightly thicker than normal to prevent back-reading). The voting machine produces a simple fixed-font ASCII printout. An OCR machine ran by a voting clerk is used to verify it before the voter leaves. The reading is compared to the computer-recorded results stored on the LAN. Thus, a match can be made between "screen" and paper before the voter walks out the door. The results sheet and optional receipt could resemble:
Location: 00000325 Voter-Sequence: 00000048
001[_] 002[X] 003[_] 004[_] 005[X] 006[X] 007[_] 008[X] 009[_] 010[_]
011[X] 012[_] 013[_] 014[_] 015[_] 016[_] 017[_] 018[X] 019[_] 020[_]
021[_] 022[X] 023[_] 024[X] 025[_] 026[X] 027[_] 028[_] 029[_] 030[X]
(The numbers correspond to numbered items on the ballot.)
One tricky issue is matching a vote sequence number against a voter for auditing. It is not prudent to put personal information on paper or even attach it to specific vote results. However, the quantities would possibly not match. Most voting places I've seen check off which voter came in. If somebody adds or subtracts votes, it should show up as a quantity mismatch.
Another potential stumper is getting OCR to recognize punctuation such as the square brackets. Most off-the-shelf OCR software is designed to translate words, not symbols, because that is their main market. Thus, perhaps this format can be used instead:
001: YES 002: NO 003: YES ...
011: NO 012: YES 013: NO ...
Some experimentation may be in order to find the best for OCR usage.
Some people claim that any software running in a voting machine must be open source. See VotingMachineDiscussion
(or should that text be moved here ?)
NY Times Endorses Open-Source Election Software