On my end, I was a self-taught programmer at 11 years old, and my entire professional career has been in software - and my avocation is security (hardware, software, and social). I'm also a lifelong fan of
James Burke.
The promise of technological progress isn't enough to convince me that a bad system is necessarily improved simply by adding technology, but nor do I require a working physical prototype to be convinced. A feasible process model with a billion and one technological hurdles to overcome certainly would convince me though. Every e-voting proposal I've come across leaves me wanting in this regard.
In this case the technological process is already in existence and it has been adapted to information access and processing, financial processes, business processes, etc. Within these are I see elements suitable for use in voting processes.
By voting processes I mean any sequence of practices that leads to an agreed to decision by a group. Such as perceptions can be left to be adjusted after working systems are in place. So taking Helios as a starting point let me suggest several adjustments to elements deemed either shaky or fatal'
Ballot Secrecy is not usually required unless after the fact coercion are anticipated. Secondly a continuous monitoring of encryption security with concomitant encryption updates should, as it does with malware protection, keep ahead of the game with minimum losses. Additionally breaking access to voting computers using routers and other buffers should be included in specifications.
Coercion resistance should be the responsibility jointly of the user and the provider. Agreements and SW suited to re-establishing anonymity and remediation of breaches should be part of the system.
Availability As with https and provider agreements systems are in place that can be employed to assure and minimize loss of access by users.
So its not a single pass through system responsible for all. Its a set of systems working together to recover, maintain, facilitate, and remediate.
Obviously I'm not prepared to detail these items beyond what I see and use. But, I find it hopeful.
Finally I don't advocate just adding technology. I won't say I want computer expert to decide how we vote. I do want them deeply involved using all the range of tools they can to cobble together a voting system to rival our communication and business systems. I sure as hell don't believe any stand alone approach will work. Whatever is produced must integrate into our overall computer usage regimen hopefully as open system as possible. I am a fan of whatever follows XML and GXML. Yeah I trained people on that back in 1984 during my workstation days. Hell I even remember some of those who guided my thinking in distributed program design and implementation as designer, tester, and manager.
Most of them will be found in this article up to agile design of which I am only minimally influenced
A short History of Software Methods
http://ww.davidfrico.com/rico04e.pdf
The point of this last bit is to share a broad sweep of my involvement in program design and test primarily of real time systems, and of those, areas involving human interaction. Probably of no use but I found this stuff so I thought I'd share it.
