[CAVO] [VVSG-interoperability] [VVSG-election] Single Point of Failure - the Scan Head - RE: By November, Russian hackers could target voting machines

Gregory Miller gmiller at osetfoundation.org
Sat Jul 30 21:37:58 UTC 2016

As I suggested yesterday (my posts are being delayed, see PS at bottom),
this thread is wandering away from the intended focus, perhaps
unintentionally hijacked by a (for the time being), irrelevant discussion.

One is entitled to their own opinions, but not their own facts. As my last
contribution on this thread (as I  am much more interested in the VVSG and
work towards new certification process and model), let me offer these
incontrovertible points:

1. Mr. Turner is unfortunately not apprised of who Dr. Kiniry is or his
years of experience in this sector.  A quick lookup in Google, Bing, or
search engine of one's choice will remedy that.

2.  Dr. Kiniry was actually at the November S.F. Hearing mentioned; one can
find his testimony on that audio record as well.

3. A resolution of the S.F. government created the S.F. Task Force, for
which I was selected as a seated member, holding one of the two positions
representing computer science; Dr. Ka Ping Yee was the other.  No single
individual created the Voting Systems Task Force (And could not legally do
so), although several had pushed for it with the City including folks like
Roger Donaldson, long time SF activist and Oracle executive, who deserves a
bunch of credit for navigating the politics to do so.

4. The Voting Systems Task Force had absolutely nothing to do with any kind
of open source development effort, licenses aside.  The Report did discuss
the potential of OSS.

5. I could be mistaken, but I do not believe NH Election Director Anthony
Stevens is prepared to say NH has "adopted" for production anything for
public elections but is in pilot, evaluation, and testing of several
technologies, the Prime III included. One should not get ahead of their
skis on that.

6. It is also incredibly difficult to believe that the EAC's Bryan Newby
could be on anyone's Board or serve as an Advisor thereof of any
organization within this same domain space as the EAC, this would be a
violation of government regulations on participating by a government
official as an Advisor in an organization whose work is a direct benefit,
consequence of, or impacted by the regulatory agency for which the
individual is employed.  That's basic Administrative law.  Exceptions can
be made, but I doubt it here.  During the time Mr. Newby was in employed in
Johnson County, KS as its Election Chief, that may have been the case, but
not after he joined the U.S. EAC.

7. The OSET Foundation is not "peddling" anything; we're a nonprofit
research institute backed by philanthropists and Foundations.  Our history
in open source is deep; its roots are in the Mozilla Foundation and
Netscape, including licensing counsel. The OSS world is a broad and diverse
community.  It is incorrect to suggest that one's standing in the OSS world
is predicated on which groups, sub-groups or sections of that community
they participate or "reach out" to engage.  That would be like suggesting
that if you're from NY and you do not consort with those from CA, then
you're not American.   And we welcome scrutiny.

8. I don't believe anyone here considers this industry to offer a "money
grab" opportunity.  Election products and services is a stagnant industry
with a dysfunctional market.  As the forthcoming Wharton Industry Study
will show it is at best a $300M annual market in the U.S., a backwater of
government I.T. hardly worthy of any characterization as a growth

9. The OSET OPL license (designed for those counties procuring a system
that has contained in that purchase an OSS license), required only one (1)
change in order to be approved by the OSI -- a change that made sense and
which was done. So, I'm not sure whose eyebrows are being raised by what.
The OPL is an open source license as determined by the OSI, and I believe
it deserves to be acknowledged as such, and not ridiculed by innuendo or
claims unsubstantiated by the facts.  It was approved.  It may not be one
preferred by some, but the license is not meant for everyone.  It offers
nothing less than the GPL in terms of an open source, weak copyleft license
and offers some terms that help adoption in those jurisdictions who would
otherwise use the GPL as a legal excuse to not adopt.  And in any event,
the terms of the OPL allow any licensee who is "not in the ordinary course
of commercial business to deliver elections systems or services" to accept
the source code under the GPL.  We encourage people to read the license
information, it is all explained there.
http://www.osetfoundation.org/public-license  The license was only
developed to ensure certain perceived barriers to adoption could be removed
in the purchase of voting systems that one day might contain OSS.  We have
been, and continue to be perplexed as to why this non-issue remains an
issue for some.

Finally, I'm not sure whose moderating here, but I submit that ad-hominem
attacks are not productive.

My two cents and some fact to go with it.
OSET Institute

PS: For those receiving this, for some reason my posts are being held-up in
a moderator queue and I'm listed as unsubscribed which is weird, unless
something changed with my subscription.  I've asked John Wack for some
direction to the Admin to fix that.

On Sat, Jul 30, 2016 at 12:47 PM, Brent Turner <turnerbrentm at gmail.com>

> Hello Joe--
> As you are relatively  new to the election reform space-- and I don't know
> you-- let me preface the conversation with some harsh truth for you.  I am
> not, nor are my associated groups ( specifically CAVO) , VENDORS.  CAVO is
> a 501 ( c ) 6 public benefit corp created to facilitate the pooling of
> jurisdiction resources and to provide education regarding open source
> elections.
> I started the SF effort in 2004 and later created the SF Voting Systems
> Task Force.  The work then was GPL - as the work now is GPL. The OVC
> Linuxworld demo of 2008 was GPL   see
> https://www.youtube.com/watch?v=q8CSKdMTARY   The  OVC " Dechert Design '
>  was originally released in 2004--  FYI
> If you have an issue with GPL.. or specifically GPL v3 , I would suggest
> you hash that out with other licensing experts. Admittedly I am not an
> expert on this particular point, but rather a communications fellow and
> activist.  I believe Lawrence Rosen may have time to educate you.. but that
> is up to him as he works pro bono as well. Here is a prime example from
> last year. Here is the audio from the NOV 2015  SF Elections Commission
> meeting
> https://www.youtube.com/watch?v=PnrHKXmbS74
> Our associate, Dr. Juan Gilbert, had brought this up at the previous
> Commission meeting: NH is starting to use his Prime 3 system. Before he
> joined up with CAVO, Prime 3 was not GPL. I urged Gilbert to go with GPL.
> However, he had already released his code to NH.
> Problem: it's not shareable because it wasn't GPL at the time he gave it
> to them.
> The discussion goes from about 30:50 to about 41:20 in the recording.
> 32:50 -- modifications not available (Jerdonek).
> 36:45 -- question about sharing modifications
> 38:30 -- are they happy to share it? (commissioner)
> 40:00 -- only concerned for making it work for themselves (Jerdonek)
> Furthermore, all members of CAVO are good hearted supporters of our
> mission. If you know of someone that is not please apprise. Your
> McCarthy-esque innuendo does not hold water or influence. Allegations
> that CAVO directors and/or advisory board members are not real are simply
> ridiculous. : You are lying. The board of CAVO are " do-gooders " that
> have worked , many since 2000, pro bono at great personal burden to
> themselves.   We are self funded.. and beholden to no one.  Brian Newby (
> EAC )- Dr Juan Gilbert ( UOF ) Brian Fox ( FSF ) Lawrence Rosen  and many
> other esteemed CAVO  board members can attest to our pioneering efforts.
> it is my studied opinion that a candid, truthful assessment of the
> community from an internal affairs perspective is valuable toward future
> decision making.  When people that are proprietary shills attempt to color
> the the voting system arena it must be noted. Thanks for assisting that
> effort.
> BT
> On Sat, Jul 30, 2016 at 11:38 AM, Joe Kiniry <kiniry at freeandfair.us>
> wrote:
>> Brent,
>> It is clear that you do not understand Open Source licensing, despite
>> your trolling on the topic for years.
>> Your implicit claims that San Francisco has both chosen GPL as a license
>> and somehow chosen your pseudo-organization as a vendor are an invention.
>> Finally, your public behavior and continued slandering of OSET and
>> similar organizations bears witness to this community of your nature.  I
>> hope that those listed as being associated with CAVO
>> <http://www.cavo-us.org/staff.html>—as I know in the past that
>> individuals listed on your website were unaware and disavowed any
>> connection to CAVO—realize the potential impact to their reputations.
>> Now let’s get back to discussing substantial issues with future
>> certification of election systems.
>> Joe Kiniry
>> On Jul 30, 2016, at 09:38, Brent Turner <turnerbrentm at gmail.com> wrote:
>> Arthur--
>> No.
>> Disclosed code is a ruse.  E S & S was busted and fined in CA but I'm
>> sure you don't need that example.  This is elementary so I am curious as to
>> your message.
>>  The OVC ( Alan Dechert )  position has been strictly GPL since at least
>> 2008. I know your association with that group started fading around that
>> time.  Brian Fox( first employee of Free Software Foundation / Bash shell
>> creator ) '   did the OVC 2008 Linuxworld demo with GPL-- and Kai Ping Yee
>> followed suit with his  GPL based OVC work..
>> CAVO now recommends -- per Larry Rosen and a host of others.. GPL v3
>> Best-
>> BT
>> On Sat, Jul 30, 2016 at 9:12 AM, Arthur Keller <ark at soe.ucsc.edu> wrote:
>>> No, the key is to have a license where the software is disclosed and
>>> people are free to experiment with it. Those were the principles of the OVC
>>> Disclosed license we created years ago.
>>> Best regards,
>>> Arthur
>>> On Jul 30, 2016, at 1:19 AM, Brent Turner <turnerbrentm at gmail.com>
>>> wrote:
>>> All--   My apologies for not realizing Kapor had backed away from his
>>> association with OSET.  Through the succession of name changes it is hard
>>> to track principals.  The main thing to recognize here is that even though
>>> an " open source " group may technically obtain Open Source Initiative
>>> licensing..  OSI recommends the group attempting to peddle services or
>>> products under the open source flag should be scrutinized for open source
>>> history and their participation with the open source community.  A group
>>> that does not reach out to the said open source community - is founded by
>>> proprietary purveyors- and invents new licenses and licensing schemes is
>>> obviously going to raise eyebrows. The open source community is very
>>> protective of reputation  as it is now understood the proprietary code
>>>  businessmen are discovering the traction of open source.. and the traction
>>> coming available in the election system arena. Obviously there is not only
>>> a money grab issue inherent .. but also a power grab issue due to the
>>> outflow of elections
>>> Groups that do not advocate the ubiquitous General Public License
>>> continue to raise hackles  (even though we have managed to curtail most
>>> efforts to pass through offending aspects of ill conceived license
>>> attempts.) Furthermore,  misdirection statements  such as " The government
>>> purchasers say they want a new open source license " are flags as well.
>>> The idea is to utilize a license that will encourage participation from the
>>> community.
>>> Billionaires like Kelly - Kapor and Paul Allen are coming into the space
>>> of elections with a fury, but this issue is not simply solved by throwing
>>> money toward politicians or large designs. The best design is so simple
>>> it's almost evasive. By keeping it simple with GPL and COTS  .. the
>>> jurisdictions will be economically empowered.. and removed from the current
>>> " vendor trap "
>>> BT
>>> On Fri, Jul 29, 2016 at 7:52 PM, Gregory Miller <
>>> gmiller at osetfoundation.org> wrote:
>>>> Apologies folks,
>>>> But my Legal Department has me under an obligation whenever this comes
>>>> up, to clarify that Mitch Kapor is no longer involved with the OSET
>>>> Institute (Foundation) or its TrustTheVote Project, and has not been since
>>>> 2011.
>>>> The OSET Institute is funded by several private philanthropists, led by
>>>> former Facebook general counsel Chris Kelly, the Democracy Fund, and the
>>>> Knight Foundation.  Moreover, we receive no funding whatsoever from
>>>> Microsoft Corporation nor any commercial vendor of election technology.
>>>> Sorry, but I am obligated by agreement to make this clarification due
>>>> to continued misstatements by others.
>>>> Thank you and respectfully,
>>>> Gregory Miller
>>>> OSET Institute
>>>> On Thu, Jul 28, 2016 at 9:49 AM, Brent Turner <turnerbrentm at gmail.com>
>>>> wrote in relevant part
>>>>> ..... we need to watchdog anything that has Microsoft's involvement as
>>>>> it might in fact be an in-road for Mitch Kapor's OSET effort to nuance the
>>>>> open source voting effort--

*Gregory Miller*
Co-Executive Director & Chief Development Officer
*OSET* *Foundation* | *TrustTheVote* *Project*
www.OSETFoundation.org <http://www.osetfoundation.org/> |
*Twitter*: @TrustTheVote | @OSET
*Mobile*: 503.703.5150 | *Skype*: 503.608.7550
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/cavo_lists.opensource.org/attachments/20160730/64c9e7d3/attachment.html>

More information about the CAVO mailing list