Kudos to Sequoia Voting Systems for making good on a promise to publish ("disclose") new source code for a future release of their Frontier voting system. We applaud their recognition of the importance of transparency in voting technology. That is, after all the hallmark of our work and the mission of the Open Source Digital Voting Foundation. Rather than regurgitate the details of this (and the important implications) I want to point you to a tour de force treatment of this topic by one of our esteemed advisers, Joe Hall and his post about this today.
But there is one point we do want to make. Inasmuch as we applaud Sequoia's move today, there is an important distinction (and value proposition) to the work of the TrustTheVote Project. The foundation of our project is a principle of "integrity assurance through open source."
And we believe that publication of code alone will not achieve integrity assurance. The reason is that although code may be disclosed for inspection, there is no assurance whatsoever that any input from an observer, whether suggestions for improvement or error discovery will ever be heeded.
On the other hand, a truly open source effort means that the source code can be far more than simply visually inspected. It means that anyone is free (and encouraged) to offer corrections, modifications and actually submit them for integration into the TrustTheVote Project source tree. This is truly an open, transparent process of public engagement and collaboration. And this is markedly different from a commercial vendor simply publishing their source code for arm's length inspection.
Admittedly, it appears that Sequoia is going somewhat beyond mere publication and making their code available to compile and run (as per their terms). But again, to what extent anything uncovered, discovered, or recommended will actually see its way back into production versions of their code remains to be seen.
As our development work produces code to engage public advice, comment, and modification, rest assured that TrustTheVote Project will empower public participation in making sure that publicly owned voting technology is achieving accuracy, transparency, trustworthiness, and security.
Bear in mind that our objective is to assemble an entire system that is qualified for a federal certification process (something we still need to start a conversation about separate from this thread). And to do so, there will need to be a publicly vetted process for including contributions, modifications, and error corrections. We promise this "integration qualification" process should not be as intensive as obtaining Apple's certification for an iPhone app, but there will need to be a process that ensures that integrity assurance mandate.
Bear with us as our Core Team begins publishing component prototypes and Beta versions as per specifications driven by our Stakeholder Community. We already have stuff for your perusal. Check out our Project Wiki to stay abreast of the work.
We'll see how far Sequoia is willing to go; after all, this is the same company that threatened computer science professors just last year for daring to reverse engineer their code for purposes of supporting State's legitimate requests to audit voting systems. What an about face they've made, but again, we think their decision is an important move.
So again, kudos to Sequoia for making an effort towards transparency albeit commercially constrained. Let's see where it goes.
What do you think? -GAM|out