David M Williams
Monday, 18 May 2009 15:37
Opinion and Analysis
Page 1 of 2
A remarkable court case in New Jersey saw the source code for the Alcotest 7110 MKIII-C reviewed by an independent software firm. The findings showed terrible bugs and technical deficiencies raising serious questions about the reliability of the devices and previous judgments issued. This is why open source is a must for accountability.
This is an astounding event and provides a genuine real-world example of why the philosophy behind open source software has strong merits.
Previously I spoke about a
closed source Diebold electronic voting system which was proven to be faulty. An open source solution in matters of such importance does much more than merely provide something presumed to be cost-effective or “free” but rather establishes trust and confidence.
A manual ballot counting system is trustworthy as any person is entitled to view the counting of the votes and to observe the ballot box is not tampered with in any way.
By contrast, a closed source ballot counting system is a mysterious black box. Can the ordinary person on the street be confident it does not fudge the count? That it does not introduce errors?
In Diebold’s case, an open source Python program proved specific voting systems they sold were miscounting votes and the company even knew about the bug but never disclosed it to its customers.
This last week another closed source software program hit the news because of its failures. This time around it is the software powering a breathalyser, as used by police officers around the world.
The fact software powers such a device is news to me; I always just figured it was a chemical reaction going on, but thankfully my experience with breathalysers is fairly limited.
The case in particular is
State v. Chun where defense counsel spent two years trying to obtain the source code for the Alcotest device. They succeeded and submitted the code to Base One Technologies who performed a
thorough code review.
The review found a stunning 19,400 potential errors.
Base One Technologies even went so far as to state the program showed “ample evidence of incomplete design, incomplete verification of design, and incomplete ‘white box’ and ‘black box’ testing. Therefore,” they state, “the software has to be considered unreliable and untested, and in several cases it does not meet stated requirements.”
That’s barely the tip of it!
