Archive for March, 2010

Meeting the California Secretary of State

March 18th, 2010

Last week at an Open Source Digital Voting Foundation event I had the chance to meet Debra Bowen, the California Secretary of State. The Secretary of State is the elected official responsible for the integrity of the electoral process — making sure that our voting system is accurate and honest and counts every vote correctly.

After talking to Secretary Bowen I ended up quite happy that she was elected to this role. Secretary Bowen is deeply interested in transparency, openness, and privacy. She is also a strong advocate for using open source software as the basis for digital voting equipment. Not long after she was elected she commissioned an independent review of the reliability of voting equipment and the auditing process, and found some disturbing facts. She’s been active in trying to fix these to bring more accuracy and trustworthiness to our system.

It was really fun to meet an elected official who understands implicitly that software code can effect our lives in much the same way as legal codes can.

I also learned that one of the big surprises I had at my local polling place recently is due to Secretary Bowen. The average age of the people who donate their time to run the polls in California is — again according to Secretary Bowen — 77 years old. But last time I went to vote there was a young woman there. We talked to her a bit — she was a high school student. It turns out that Secretary Bowen has a program to encourage high school and college students to participate in making the voting process possible. It seems a giant step forward from how I grew up, which was simply taking the whole process for granted.

Updating the Mozilla Public License

March 10th, 2010

Twelve years ago I spent the month of March frantically drafting version 1.0 of the Mozilla Public License. That was a public process, a part of the launch of the Mozilla project. Approximately a year later we created the 1.1 version.

Since then a decade has gone by without any further revisions of the MPL. This is in part a great success story. At the same time, a decade is a long time not to look at something as basic as the license. Ways of working that were “best practices” a decade ago may not make sense today. FLOSS (Free Libre Open Source Software) is far better understood today. When I wrote the MPL we drew upon the GPL v2 for many ideas, and on the MIT and BSD and early Apache license. Since then, both the Apache license and the GPL have been updated.

It’s time to look at updating the MPL. It’s time to see if we can make the MPL easier to use and incorporate a decade’s worth of experience. In particular I’m hoping to modernize and simplify the license while still keeping the things that have made it and the Mozilla project such a success.

We’ll do this through a public process of course. Here are the tools available, as of today:

Over the years we’ve received feedback about the license, and we’ll use some of that, plus early comments here, to produce an early “alpha” version of what a new license might look like. Once we have published an alpha draft, we will have time for commentary, discussion, and further drafting, followed by beta and release candidate drafts. We hope to complete the process by the end of 2010.

The organizers of this effort to date are below. We expect this group to grow.

  • Gerv Markham (who has been working with Mozilla licensing issues for almost a decade himself)
  • Luis Villa (long time open source contributor, recent law school graduate)
  • Harvey Anderson (assisted with MPL 1.0 and 1.1);
  • me; and
  • possibly you!

Trusting the Voting Machines

March 8th, 2010

Hundreds of millions of people rely on the accuracy of voting machines and the polling process to form our government. New voting machines are being developed, moving from paper-based ballots to electronic voting.

How accurate are those digital voting machines? How unbiased? Do they count every vote? Do they count every vote accurately and completely? How do they work? How tamper-proof are they? Is there a way to audit results? How good is the audit process? How would we know?

Right now it’s hard to tell. It turns out that how digital voting machines work is a secret. Voters are not allowed to know, to see or to test those machines or how they work. (I’ll speak of California here, as a result of talking to the California Secretary of State, but this is only an example of the problem.) We’re asked to “trust.”

The OSDV Foundation exists to change this. OSDV is a non-profit organization building open source voting machinery. This is important for several reasons:

  • This allows voters to verify what our voting machines are doing. Like other open source projects, those of us with enough technical expertise can serve as consumer advocates and validate that our voting machines operate as they should.
  • In voting, 1 or 2 percent is a giant amount. Many elections — at least in the US where I’m most familiar — are very, very close. A 1% to 2% margin of error may be acceptable in many business settings, but it is not acceptable in a critical election where it can change results. With open source products we can see and test and improve the quality, rather than simply trust that all is well.
  • Casting and counting votes should not be a for-profit enterprise; it is the foundation of elected governments.
  • Proprietary ownership of the means of voting IS a conflict of interest. According to the OSDV Foundation, right now something like 88% of the US voting infrastructure is owned by two companies, which will soon be one company.
  • Good open source alternatives are likely to cause an improvement in the quality of the dominant (close to 90% market share) product offering.

OSDV is just reaching the point where its first products are just about ready for use. Having a viable alternative in the market is critical. Having a viable alternative that is open source and public-benefit is even better. OSDV is building a system that citizens can actually verify — a system we trust based on that ability to verify what is actually happening.

You can find out more about OSDV Foundation’s Trust the Vote project at

Skip past the sidebar