[CAVO] [VVSG-interoperability] [VVSG-election] Single Point of Failure - the Scan Head - RE: By November, Russian hackers could target voting machines

Brent Turner turnerbrentm at gmail.com
Sat Jul 30 22:36:40 UTC 2016


1. Mr. Turner is unfortunately not apprised of who Dr. Kiniry is or his
years of experience in this sector.  A quick lookup in Google, Bing, or
search engine of one's choice will remedy that.

I said I don't know him --*personally -  *I am familiar with his work.. or
lack thereof - in the community.. We are not afraid of nor impressed by
Dill or Kiniry --  next--

2.  Dr. Kiniry was actually at the November S.F. Hearing mentioned; one can
find his testimony on that audio record as well.

and ?

3. A resolution of the S.F. government created the S.F. Task Force, for
which I was selected as a seated member, holding one of the two positions
representing computer science; Dr. Ka Ping Yee was the other.  No single
individual created the Voting Systems Task Force (And could not legally do
so), although several had pushed for it with the City

..  -  Check the record to see my effort ( with Alan Dechert ) to block SF'
's voting system purchase--  At that time John Arnst promised the creation
of the task force  but did not implement.  It is known I was the catalyst
for it's creation by my advocacy that was embraced by Supes Ammiano and
Daly-   next


 including folks like Roger Donaldson, long time SF activist and Oracle
executive, who deserves a bunch of credit for navigating the politics to do
so.

Roger Donaldson did nothing and this  is a prime example of my point.  We
are opponents. He works for Oracle and his associates work for Microsoft.
next-



4. The Voting Systems Task Force had absolutely nothing to do with any kind
of open source development effort, licenses aside.  The Report did discuss
the potential of OSS.

The task force concluded the best method was open source. Though you fought
for disclosed code..  you lost

5. I could be mistaken, but I do not believe NH Election Director Anthony
Stevens is prepared to say NH has "adopted" for production anything for
public elections but is in pilot, evaluation, and testing of several
technologies, the Prime III included. One should not get ahead of their
skis on that.

It is my understanding half of the Prime 3 system ( the front end )  is in
use. Anthony is an extreme OS and CAVO advocate. Anthony  publicly thanks
CAVO for our groundbreaking efforts- next-

6. It is also incredibly difficult to believe that the EAC's Bryan Newby
could be on anyone's Board or serve as an Advisor thereof of any
organization within this same domain space as the EAC, this would be a
violation of government regulations on participating by a government
official as an Advisor in an organization whose work is a direct benefit,
consequence of, or impacted by the regulatory agency for which the
individual is employed.  That's basic Administrative law.  Exceptions can
be made, but I doubt it here.  During the time Mr. Newby was in employed in
Johnson County, KS as its Election Chief, that may have been the case, but
not after he joined the U.S. EAC.

We have enjoyed Brian's association for many years as a pioneer of this
effort.  Maybe you should speak with him and see if you can get him to
resign.  We have endured all sorts of Black-op folks attempts to
dis-assemble CAVO-  and we will endure yours..

7. The OSET Foundation is not "peddling" anything; we're a nonprofit
research institute backed by philanthropists and Foundations.  Our history
in open source is deep; its roots are in the Mozilla Foundation and
Netscape, including licensing counsel. The OSS world is a broad and diverse
community.  It is incorrect to suggest that one's standing in the OSS world
is predicated on which groups, sub-groups or sections of that community
they participate or "reach out" to engage.  That would be like suggesting
that if you're from NY and you do not consort with those from CA, then
you're not American.   And we welcome scrutiny.

i am providing that scrutiny per the direction of the OSI community.  You
fail.

8. I don't believe anyone here considers this industry to offer a "money
grab" opportunity.  Election products and services is a stagnant industry
with a dysfunctional market.  As the forthcoming Wharton Industry Study
will show it is at best a $300M annual market in the U.S., a backwater of
government I.T. hardly worthy of any characterization as a growth
opportunity.

Correct-- Minor money grab--  max power grab--  Billionaires don't need
more money-- they crave more power-  next-

9. The OSET OPL license (designed for those counties procuring a system
that has contained in that purchase an OSS license), required only one (1)
change in order to be approved by the OSI -- a change that made sense and
which was done. So, I'm not sure whose eyebrows are being raised by what.
The OPL is an open source license as determined by the OSI, and I believe
it deserves to be acknowledged as such, and not ridiculed by innuendo or
claims unsubstantiated by the facts.  It was approved.  It may not be one
preferred by some, but the license is not meant for everyone.  It offers
nothing less than the GPL in terms of an open source, weak copyleft license
and offers some terms that help adoption in those jurisdictions who would
otherwise use the GPL as a legal excuse to not adopt.  And in any event,
the terms of the OPL allow any licensee who is "not in the ordinary course
of commercial business to deliver elections systems or services" to accept
the source code under the GPL.  We encourage people to read the license
information, it is all explained there.
http://www.osetfoundation.org/public-license

If we weren't on duty to clip your wings.. you may have gotten away with
OSI approving your scheme.. and Heather Meeks would rule the day.
Fortunately-- we were made aware and responded.  You lost.  Now your
license is in conformity but your background is not.  As an analogy, some
people are obviously disqualified from being privy to the nuclear codes, no
matter how spiffy their suit or presentation. You sir, are no protector of
democracy, but rather an opportunist to be protected against.

The license was only developed to ensure certain perceived barriers to
adoption could be removed in the purchase of voting systems that one day
might contain OSS.  We have been, and continue to be perplexed as to why
this non-issue remains an issue for some.

 " Perceived barriers '  being the catch phrase-    You purport to have a
secret list of government procurement people demanding your nouveau
licence..  but that is a lie.



I think everyone is getting the gist of this now. It is Davey vs Goliath.
The little general public vs the Billionaires seeking control. i do not
enjoy doing this defensive task , but I must stand up for the dignity of
the real scientific community that should not be soiled as they do the real
work.

I predict we shall overcome. Thanks for your patience

BT

On Sat, Jul 30, 2016 at 2:37 PM, Gregory Miller <gmiller at osetfoundation.org>
wrote:

> Folks-
> As I suggested yesterday (my posts are being delayed, see PS at bottom),
> this thread is wandering away from the intended focus, perhaps
> unintentionally hijacked by a (for the time being), irrelevant discussion.
>
> One is entitled to their own opinions, but not their own facts. As my last
> contribution on this thread (as I  am much more interested in the VVSG and
> work towards new certification process and model), let me offer these
> incontrovertible points:
>
> 1. Mr. Turner is unfortunately not apprised of who Dr. Kiniry is or his
> years of experience in this sector.  A quick lookup in Google, Bing, or
> search engine of one's choice will remedy that.
>
> 2.  Dr. Kiniry was actually at the November S.F. Hearing mentioned; one
> can find his testimony on that audio record as well.
>
> 3. A resolution of the S.F. government created the S.F. Task Force, for
> which I was selected as a seated member, holding one of the two positions
> representing computer science; Dr. Ka Ping Yee was the other.  No single
> individual created the Voting Systems Task Force (And could not legally do
> so), although several had pushed for it with the City including folks like
> Roger Donaldson, long time SF activist and Oracle executive, who deserves a
> bunch of credit for navigating the politics to do so.
>
> 4. The Voting Systems Task Force had absolutely nothing to do with any
> kind of open source development effort, licenses aside.  The Report did
> discuss the potential of OSS.
>
> 5. I could be mistaken, but I do not believe NH Election Director Anthony
> Stevens is prepared to say NH has "adopted" for production anything for
> public elections but is in pilot, evaluation, and testing of several
> technologies, the Prime III included. One should not get ahead of their
> skis on that.
>
> 6. It is also incredibly difficult to believe that the EAC's Bryan Newby
> could be on anyone's Board or serve as an Advisor thereof of any
> organization within this same domain space as the EAC, this would be a
> violation of government regulations on participating by a government
> official as an Advisor in an organization whose work is a direct benefit,
> consequence of, or impacted by the regulatory agency for which the
> individual is employed.  That's basic Administrative law.  Exceptions can
> be made, but I doubt it here.  During the time Mr. Newby was in employed in
> Johnson County, KS as its Election Chief, that may have been the case, but
> not after he joined the U.S. EAC.
>
> 7. The OSET Foundation is not "peddling" anything; we're a nonprofit
> research institute backed by philanthropists and Foundations.  Our history
> in open source is deep; its roots are in the Mozilla Foundation and
> Netscape, including licensing counsel. The OSS world is a broad and diverse
> community.  It is incorrect to suggest that one's standing in the OSS world
> is predicated on which groups, sub-groups or sections of that community
> they participate or "reach out" to engage.  That would be like suggesting
> that if you're from NY and you do not consort with those from CA, then
> you're not American.   And we welcome scrutiny.
>
> 8. I don't believe anyone here considers this industry to offer a "money
> grab" opportunity.  Election products and services is a stagnant industry
> with a dysfunctional market.  As the forthcoming Wharton Industry Study
> will show it is at best a $300M annual market in the U.S., a backwater of
> government I.T. hardly worthy of any characterization as a growth
> opportunity.
>
> 9. The OSET OPL license (designed for those counties procuring a system
> that has contained in that purchase an OSS license), required only one (1)
> change in order to be approved by the OSI -- a change that made sense and
> which was done. So, I'm not sure whose eyebrows are being raised by what.
> The OPL is an open source license as determined by the OSI, and I believe
> it deserves to be acknowledged as such, and not ridiculed by innuendo or
> claims unsubstantiated by the facts.  It was approved.  It may not be one
> preferred by some, but the license is not meant for everyone.  It offers
> nothing less than the GPL in terms of an open source, weak copyleft license
> and offers some terms that help adoption in those jurisdictions who would
> otherwise use the GPL as a legal excuse to not adopt.  And in any event,
> the terms of the OPL allow any licensee who is "not in the ordinary course
> of commercial business to deliver elections systems or services" to accept
> the source code under the GPL.  We encourage people to read the license
> information, it is all explained there.
> http://www.osetfoundation.org/public-license  The license was only
> developed to ensure certain perceived barriers to adoption could be removed
> in the purchase of voting systems that one day might contain OSS.  We have
> been, and continue to be perplexed as to why this non-issue remains an
> issue for some.
>
> Finally, I'm not sure whose moderating here, but I submit that ad-hominem
> attacks are not productive.
>
> My two cents and some fact to go with it.
> Best
> Greg
> OSET Institute
>
>
> PS: For those receiving this, for some reason my posts are being held-up
> in a moderator queue and I'm listed as unsubscribed which is weird, unless
> something changed with my subscription.  I've asked John Wack for some
> direction to the Admin to fix that.
>
> On Sat, Jul 30, 2016 at 12:47 PM, Brent Turner <turnerbrentm at gmail.com>
> wrote:
>
>>
>> Hello Joe--
>>
>> As you are relatively  new to the election reform space-- and I don't
>> know you-- let me preface the conversation with some harsh truth for you.
>> I am not, nor are my associated groups ( specifically CAVO) , VENDORS.
>> CAVO is a 501 ( c ) 6 public benefit corp created to facilitate the pooling
>> of jurisdiction resources and to provide education regarding open source
>> elections.
>>
>> I started the SF effort in 2004 and later created the SF Voting Systems
>> Task Force.  The work then was GPL - as the work now is GPL. The OVC
>> Linuxworld demo of 2008 was GPL   see
>> https://www.youtube.com/watch?v=q8CSKdMTARY   The  OVC " Dechert Design
>> '  was originally released in 2004--  FYI
>>
>> If you have an issue with GPL.. or specifically GPL v3 , I would suggest
>> you hash that out with other licensing experts. Admittedly I am not an
>> expert on this particular point, but rather a communications fellow and
>> activist.  I believe Lawrence Rosen may have time to educate you.. but that
>> is up to him as he works pro bono as well. Here is a prime example from
>> last year. Here is the audio from the NOV 2015  SF Elections Commission
>> meeting
>>
>> https://www.youtube.com/watch?v=PnrHKXmbS74
>>
>> Our associate, Dr. Juan Gilbert, had brought this up at the previous
>> Commission meeting: NH is starting to use his Prime 3 system. Before he
>> joined up with CAVO, Prime 3 was not GPL. I urged Gilbert to go with GPL.
>> However, he had already released his code to NH.
>>
>> Problem: it's not shareable because it wasn't GPL at the time he gave it
>> to them.
>>
>> The discussion goes from about 30:50 to about 41:20 in the recording.
>>
>> 32:50 -- modifications not available (Jerdonek).
>>
>> 36:45 -- question about sharing modifications
>>
>> 38:30 -- are they happy to share it? (commissioner)
>>
>> 40:00 -- only concerned for making it work for themselves (Jerdonek)
>>
>>
>>
>> Furthermore, all members of CAVO are good hearted supporters of our
>> mission. If you know of someone that is not please apprise. Your
>> McCarthy-esque innuendo does not hold water or influence. Allegations
>> that CAVO directors and/or advisory board members are not real are simply
>> ridiculous. : You are lying. The board of CAVO are " do-gooders " that
>> have worked , many since 2000, pro bono at great personal burden to
>> themselves.   We are self funded.. and beholden to no one.  Brian Newby (
>> EAC )- Dr Juan Gilbert ( UOF ) Brian Fox ( FSF ) Lawrence Rosen  and many
>> other esteemed CAVO  board members can attest to our pioneering efforts.
>>
>> it is my studied opinion that a candid, truthful assessment of the
>> community from an internal affairs perspective is valuable toward future
>> decision making.  When people that are proprietary shills attempt to color
>> the the voting system arena it must be noted. Thanks for assisting that
>> effort.
>>
>> BT
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> On Sat, Jul 30, 2016 at 11:38 AM, Joe Kiniry <kiniry at freeandfair.us>
>> wrote:
>>
>>> Brent,
>>>
>>> It is clear that you do not understand Open Source licensing, despite
>>> your trolling on the topic for years.
>>>
>>> Your implicit claims that San Francisco has both chosen GPL as a license
>>> and somehow chosen your pseudo-organization as a vendor are an invention.
>>>
>>> Finally, your public behavior and continued slandering of OSET and
>>> similar organizations bears witness to this community of your nature.  I
>>> hope that those listed as being associated with CAVO
>>> <http://www.cavo-us.org/staff.html>—as I know in the past that
>>> individuals listed on your website were unaware and disavowed any
>>> connection to CAVO—realize the potential impact to their reputations.
>>>
>>> Now let’s get back to discussing substantial issues with future
>>> certification of election systems.
>>>
>>> Joe Kiniry
>>>
>>> On Jul 30, 2016, at 09:38, Brent Turner <turnerbrentm at gmail.com> wrote:
>>>
>>> Arthur--
>>>
>>> No.
>>>
>>> Disclosed code is a ruse.  E S & S was busted and fined in CA but I'm
>>> sure you don't need that example.  This is elementary so I am curious as to
>>> your message.
>>>
>>>  The OVC ( Alan Dechert )  position has been strictly GPL since at least
>>> 2008. I know your association with that group started fading around that
>>> time.  Brian Fox( first employee of Free Software Foundation / Bash shell
>>> creator ) '   did the OVC 2008 Linuxworld demo with GPL-- and Kai Ping Yee
>>> followed suit with his  GPL based OVC work..
>>>
>>> CAVO now recommends -- per Larry Rosen and a host of others.. GPL v3
>>>
>>> Best-
>>>
>>> BT
>>>
>>>
>>> On Sat, Jul 30, 2016 at 9:12 AM, Arthur Keller <ark at soe.ucsc.edu> wrote:
>>>
>>>> No, the key is to have a license where the software is disclosed and
>>>> people are free to experiment with it. Those were the principles of the OVC
>>>> Disclosed license we created years ago.
>>>>
>>>> Best regards,
>>>> Arthur
>>>>
>>>> On Jul 30, 2016, at 1:19 AM, Brent Turner <turnerbrentm at gmail.com>
>>>> wrote:
>>>>
>>>> All--   My apologies for not realizing Kapor had backed away from his
>>>> association with OSET.  Through the succession of name changes it is hard
>>>> to track principals.  The main thing to recognize here is that even though
>>>> an " open source " group may technically obtain Open Source Initiative
>>>> licensing..  OSI recommends the group attempting to peddle services or
>>>> products under the open source flag should be scrutinized for open source
>>>> history and their participation with the open source community.  A group
>>>> that does not reach out to the said open source community - is founded by
>>>> proprietary purveyors- and invents new licenses and licensing schemes is
>>>> obviously going to raise eyebrows. The open source community is very
>>>> protective of reputation  as it is now understood the proprietary code
>>>>  businessmen are discovering the traction of open source.. and the traction
>>>> coming available in the election system arena. Obviously there is not only
>>>> a money grab issue inherent .. but also a power grab issue due to the
>>>> outflow of elections
>>>>
>>>> Groups that do not advocate the ubiquitous General Public License
>>>> continue to raise hackles  (even though we have managed to curtail most
>>>> efforts to pass through offending aspects of ill conceived license
>>>> attempts.) Furthermore,  misdirection statements  such as " The government
>>>> purchasers say they want a new open source license " are flags as well.
>>>> The idea is to utilize a license that will encourage participation from the
>>>> community.
>>>>
>>>> Billionaires like Kelly - Kapor and Paul Allen are coming into the
>>>> space of elections with a fury, but this issue is not simply solved by
>>>> throwing money toward politicians or large designs. The best design is so
>>>> simple it's almost evasive. By keeping it simple with GPL and COTS  .. the
>>>> jurisdictions will be economically empowered.. and removed from the current
>>>> " vendor trap "
>>>>
>>>> BT
>>>>
>>>> On Fri, Jul 29, 2016 at 7:52 PM, Gregory Miller <
>>>> gmiller at osetfoundation.org> wrote:
>>>>
>>>>> Apologies folks,
>>>>>
>>>>> But my Legal Department has me under an obligation whenever this comes
>>>>> up, to clarify that Mitch Kapor is no longer involved with the OSET
>>>>> Institute (Foundation) or its TrustTheVote Project, and has not been since
>>>>> 2011.
>>>>>
>>>>> The OSET Institute is funded by several private philanthropists, led
>>>>> by former Facebook general counsel Chris Kelly, the Democracy Fund, and the
>>>>> Knight Foundation.  Moreover, we receive no funding whatsoever from
>>>>> Microsoft Corporation nor any commercial vendor of election technology.
>>>>>
>>>>> Sorry, but I am obligated by agreement to make this clarification due
>>>>> to continued misstatements by others.
>>>>> Thank you and respectfully,
>>>>> Gregory Miller
>>>>> OSET Institute
>>>>>
>>>>> On Thu, Jul 28, 2016 at 9:49 AM, Brent Turner <turnerbrentm at gmail.com>
>>>>> wrote in relevant part
>>>>>
>>>>>
>>>>>> ..... we need to watchdog anything that has Microsoft's involvement
>>>>>> as it might in fact be an in-road for Mitch Kapor's OSET effort to nuance
>>>>>> the open source voting effort--
>>>>>>
>>>>>
>>>>>
>>>>
>>>
>>>
>>
>
>
> --
> *Gregory Miller*
> Co-Executive Director & Chief Development Officer
> *OSET* *Foundation* | *TrustTheVote* *Project*
> www.OSETFoundation.org <http://www.osetfoundation.org/> |
> www.trustthevote.org
> *Twitter*: @TrustTheVote | @OSET
> *Mobile*: 503.703.5150 | *Skype*: 503.608.7550
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/cavo_lists.opensource.org/attachments/20160730/051c2910/attachment.html>


More information about the CAVO mailing list