A Free Software Odyssey

I stared at the email in disbelief, I really couldn't believe it. I'd merely been chasing some copyright assignment papers that had gone AWOL in the Free Software Foundation, and now here was an email from RMS - Richard Stallman himself. My heart was leaping as I realised that RMS was asking me if I wanted my software to become part of the GNU (GNU's Not Unix) Project, the ultimate free software umbrella project. At this point I had no inkling of how hands-on RMS was, nor how much work it would take for my software to become fully GNU compliant.

I was just thrilled by the glamour and recognition it brought to my efforts.

GNU.FREE started merely as an idea which needed an acronym when I was studying a joint degree in computer science and management science at the University of Warwick. My interests had led me to do a final year project which addressed the impact of the information revolution on political life.

One area that I had flagged up in my initial reading was the continual trend, backed up by the obligatory predictions of pundits, towards the voting process being technologised with the help of phones, computers and the Internet. However, when I looked into the details of the existing systems I was extremely disappointed by their poor security, lack of usability and exclusively proprietary nature. Let me rephrase: I was shocked and really angry. How could these commercial outfits with smooth-talking websites so easily gain the blind trust of governments?

I won't give a lecture on all the issues surrounding electronic democracy, as I could easily fill this whole website with my thoughts on the matter. But I did find it surprising that nobody was actually pointing out the risks of using closed systems in voting, and few people are discussing the problems even today. I strongly felt that the free software paradigm (free as in freedom) was the best, and more importantly, the right way to develop a voting system for several reasons.

Free software was a better use of taxpayer's money, would improve security and trust in the voting process, and prevent the government from being locked into proprietary offerings for decades to come - a nation should have control of its technological destiny.

Solitary confinement

Thus, as well as writing a huge dissertation, I very ambitiously, and naively, set about creating a free software internet voting system that I would come to call FREE (Free Referenda & Elections Electronically), a name which I was quite pleased with, having struggled with more letter combinations than I care to admit.

After seven months of solitary development on my small home network (two Macs and a PC), I had created a working system and in the process learnt a huge amount about Java and security. There was still much to be done, but the project was submitted, and to my delight I was given an extremely high mark and a joint prize for best project for the year.

Before I'd even received a mark I had begun to package the software up and put it online. I'd had to wait until the code had been submitted for marking before I could share it, otherwise there could be complications with regards to plagiarism. From 20 March 2000, FREE was available online, and as I continued to develop it new releases were pumped online. In all, by my count, 13 production releases have been published since that first day. In the course of those releases I've surmounted a huge variety of technical problems, added a wide variety of technical features which required skills ranging from XML to SQL to Blowfish encryption. I've wrestled with bizarre network bugs which have had me leafing through screens and screens of encrypted packet dumps trying to figure out the problems and I've spent a huge amount on Java-related books dealing with threading, performance tuning, security, AWT graphics and God knows what else...

The coding has at times been frustrating and mind numbing but in the end it has always been extremely satisfying. But the reality is that the proportion of time I've spent on programming has gone down as the project has progressed. Let me explain why.

Free the vote
Initially, I had focused primarily on the software but, as the odd email began to trickle in, and as I looked at other projects to gain from their experience, I realised the need to concentrate on other aspects of the project – a successful free software development needed more than good code. At the same time electronic voting was becoming a hot topic, especially after Florida 2000. Several companies were creating a lot of noise over their products, governments were squawking wildly, and I was trying to keep the free software agenda in the debate. I contributed and networked as much as I could, while also killing myself trying to start a small internet consultancy with two other partners.

I met some great people both on- and off-line. RMS was always extremely precise but helpful, and a lot of friends were very supportive of the project. I managed to get onto the editorial board of The Bell, a small newsletter dedicated to electronic voting, and later onto the OASIS standards committee for Internet voting which was being chaired by the UK government's Office of the e-Envoy. I had already made some contacts in the e-Envoy's office due to the little debacle of the Government Gateway's unfriendliness to non-Microsoft users. The information I gleaned during that episode was splashed in LinuxUser and The Register. They knew me, and so I could make some trouble, and contribute my experience to the standard, where previously commercial interests and well-meaning but inexperienced (as far as electronic voting was concerned) civil servants were the only ones working on what I felt to be a key, but flawed, development.

So of course, inevitably, priorities altered. From trying to just formulate a summary of my final year dissertation online, I began writing articles for our website and various magazines to publicise my views on free software, electronic voting and democracy as a whole. I refocused and called the 'entity' dealing with all this the FREE e-democracy Project, and gave it a set of goals and business cards.

Waiting for the war
I was armed and ready to go into battle, a battle which bizarrely still hasn't come. I'd based my activities on the assumption that there would be a large public debate on 'electrifying' the voting process. Disturbingly the debate hasn't really happened in the US, so I have tried to provoke a response with my limited resources here in the UK, but it's a tough call. I felt strongly that the position I voiced was bolstered by having developed a viable alternative for voting in national elections, that happened to run on free software. So I was keen to ensure that development of the project maintained momentum to ensure my credibility in any debate that could be prodded into life.

I continued working incredibly hard pumping out releases. I responded to all emails as fully as possible as soon as possible. But volunteers and helpers weren't rolling in. Why not? I'd setup all the SourceForge tools. I had discussion forums and mailing lists where regular updates were mailed. I was even seeing thousands upon thousands of downloads in the logs. But nothing.

Meanwhile, I got involved in FreeDevelopers, which was an ambitious idea for a co-operative free software company.

They had a need for an e-voting system, but the project became very complicated and political very quickly, so I kept my distance. (I'm still in discussion with a spin-off called GNU Herds). But RMS had informed me that to become dubbed a GNU package I would need not only improve my documentation but also to convert all the user-interface code from Swing to AWT, as Swing had no free software support. I didn't have the skills to do this and didn't think I would acquire the skills soon. GUI programming in Java is, in my opinion, one of the hardest aspects of the language. I put word out on various lists, including the FreeDevelopers lists, and was overjoyed to get a FreeDevelopers volunteer from India (a Mr CV Rajagopal) to perform all the conversion work with a minimum of fuss.

It was a very weird experience. I didn't know Mr Rajagopal. He was very business-like and matter-of-fact, but after the code was submitted and worked, I never heard from him again.

Without him, FREE would never have become the GNU.FREE package it is now. In the meantime I was slaving on making the software as accessible as possible. I wrote swathes of documentation and installation notes, and ensured that the automated JavaDoc files stayed current.

I'd always been keen on good code readability, but now I was taking it very seriously, trying to stick to the GNU and Sun guidelines while adding very copious comments.

Since those efforts I've had no major code contributions. Oh, the irony.

A hot-ticket bid
The site was up-to-date, the code was humming. It was by now a suite of several programs, installers and optional bits and pieces, and a huge wodge of documentation files. I was keeping as much profile as possible in news sources and mailing lists. But code contributions were minimal, I got the occasional very helpful and serious analysis of various issues which did help develop the software but a large proportion of the emails were rants – "You shouldn't be doing this", they would say, or "Don't support the current powers, we need a revolution" and so on. It wasn't so much the opinions themselves as the fact that people would email me out of the blue with their extremely strongly worded views, often based on, at best, a cursory examination of the project's website.

Somehow I felt obliged to respond to these emails with as much care as those from people having trouble using the system. But it ground me down. Although the download statistics were encouraging, nobody was actually contacting me to let me know that they were using the software successfully. All I got were the rants, the problems, the pleas for help on school projects (which I replied to and got no thanks for), and attempts to co-opt my efforts into other people's causes and interests.

I'd somehow imagined at first that the whole collaborative development mojo would happen if the right tools were there. As my own experience of developing online communities grew, through work done for clients, I realised that I needed to be more proactive. But the apathy and the negativity really wore me down. Especially because I was working so damned hard on the code.

But now, with the benefit of hindsight, I can pinpoint several errors on my part. Professor Ed Steinmueller, from SPRU (the Science and Technology Policy Research Unit) at the University of Sussex, has pointed out the importance of the initial 'bid' in the open source world – he classifies most 'projects' on SourceForge as bids for collaboration. But my bid was non-existent, as I'd been developing for seven months in isolation.

And when I did go public, I hadn't really made an effective attempt to pull others in because I wasn't really hooked into the right places, or even aware how hard you needed to work to pull others in.

I think I needed to come to terms with the truth that most free software is developed to 'scratch an itch', and the reality is that heavy-duty internet voting isn't going to scratch many people's itches. It's also a tough area to get into – a lot of the development is very far from being sexy or hot when compared to file-sharing, multimedia or web tools. No, I didn't have a hot ticket bid on my hands.

The best democracy money can buy
The grind was getting to me, but I gritted my teeth and kept developing the software. It had been dubbed a GNU project on 8 February 2001 and I was pushing on with GNU.FREE no matter what others did. I believed it was an important project to do, and a few others shared this common belief even if they couldn't directly contribute.

What was most shocking was how disorganised the GNU project actually was. They had some great resources on the Web but when something needed doing they were so dependent on volunteers that many things got dropped or delayed. So, while I got increased legitimacy, wider distribution and some useful contacts from GNU, I didn't get any significant support in the actual business of building the code.

Saturday 26 January 2002 marked the last release of GNU.FREE, though I didn't know it at the time. It was a mammoth release which dealt with some very complex problems by using an XML configuration system.

The key issue had been supporting various voting and counting systems such as Single Transferable Vote or First Past the Post. Looking at the next version filled me with dread, as implementing many of these voting systems was proving extremely difficult, so astounding was the number of variations. So were some security issues that I wanted to nail down.

Consequently, while I discussed the issues with some people and did some research into potential solutions, I was also getting more embroiled in other areas of electronic voting. The standards work with the Office of the e-Envoy was highlighting the massive complexity of maintaining voting security and anonymity, as were reports coming out of trials in the UK and US. Experts such as Bruce Schneier and Rebecca Mercuri were saying some very thought-provoking things. These issues were all rolling around in my brain along with the remaining development issues I had difficulty solving for GNU.FREE. Even with the best intentions in the world, some simple installation mistakes could fundamentally compromise our system.

How hard would it be for something to go wrong? Was it realistic to find a way to prevent all these potential screw-ups with code?

The final straw was a book by Greg Palast, The Best Democracy Money Can Buy, which in one chapter explained how the Republicans had stolen tens of thousands of votes in Florida. The details are arduous but, in essence, a subcontractor used to clean the electoral roll was the cover for the illegitimate removal of a large number of Democrat voters. This was shocking enough, but the fact the Palast had to come all the way to the UK to get the story published, by the Guardian newspaper, and the independently funded BBC, truly drove me crazy.

Crypto for breakfast
The reality is that technology is a fantastic smokescreen behind which fraudulent plans can be hatched.

Technology can't solve the inherent problem that most people aren't comfortable with computers, and have trouble enough upgrading to the next version of Internet Explorer. Yet such inexperienced users – as election administrators – were buying and advocating computerised voting systems. Who knew what tricks politicians, suppliers and consultants could be pulling? The potential for fraud is huge, and that's before you look at the actual technical failings of the systems. I realised that I couldn't go on building a system that was going to be open to abuse, no matter what I did. Making electronic voting sufficiently secure would be nigh on impossible, especially when you had to keep it anonymous and auditable. It's a very, very hard technical proposition. Get rid of the requirement for anonymity, and it becomes tricky but not outrageous. But that we can't do, not if we want to keep a healthy and trusted voting process. So the very development activity I thought might help my credibility in the anticipated debate, I now regarded as a liability.

Despite all this I was still emotionally tied to the continued 'life' of the software's development, so it took quite some time before I actually crystallised my thoughts into a formal announcement. Finally, after much thought and many long walks, I felt secure and confident in my decision.

So I sat down, loaded BBEdit and posted the following to the project's website:

FREE project policy change...
From my experience of designing and developing GNU.FREE over the past three years it has become clear that creating an internet voting system sufficiently secure, reliable and anonymous is extremely difficult, if not impossible. As Bruce Schneier points out, "a secure internet voting system is theoretically possible, but it would be the first secure networked application ever created in the history of computers."

I've spent much of my limited time and energy trying to persuade people (and the UK government in particular) that a free software voting system is the only realistic way a trustworthy voting system could be created. But they are culturally set in their ways and always need to deal with companies, no matter how fragile their security actually is. Governments don't even have the skills to assess the reliability of the people let alone the technologies these companies sell.

However the more I have coded, researched, discussed and read the more I've realised that rather than encourage, in a way, the use of electronic voting techniques (even if I only advocate the use of free software) I'm much better off focussing on the dangers all such technologies present to processes such as voting. The US have a bold voice on this issue in Rebecca Mercuri. The UK has no voice on these issues and certainly the world as a whole needs more educated (if I may say so) voices on the use of technology in democratic processes. Thus I have halted development of GNU.FREE but it remains online and I still support the concept of free software in e-government. If organisations want to use GNU.FREE I'm happy to advise on the issues but I'll be focusing elsewhere because, as Schneier points out, "building a secure internet-based voting system is a very hard problem, harder than all the other computer security problems we've attempted and failed at. I believe that the risks to democracy are too great to attempt it." And this guy eats crypto for breakfast.

Democracy's last gasp
So, that was that. Now I had to dig in and try to catalyse the debate. As far as I'm concerned that marked the end of my career running a free software project. But there was one more thing: I'd failed to inform my copyright protectors and arch-supporters, the Free Software Foundation. It took less than a month before I was once again staring at an email in disbelief and wonder. The bleach white of the screen pixelated into a blur as I leaned back and appreciated RMS's typically concise email.

From: Richard Stallman
To: Jason Kitcat
Subject: Ceasing work on GNU.FREE
Date Sent: Sun, Nov 10, 2002 06:07pm
I support your decision to stop, and I think that your history in the project should give you a powerful platform for opposing the use of risky online voting.

Nonetheless, you ought to have discussed it with the GNU Project before making a public announcement.

Oops. Well I'd messed up, but it seemed like a good omen that RMS agreed with my views. Now I just had to get everyone else to agree with my arguments, I switched applications and began to plan a new article: 'Why electronic voting could be democracy's last gasp.'

Jason Kitcat


Fundamental problems with e-voting

The article is unclear about what e-voting is, but if we assume it to mean "using unsupervised personal computers to vote over the Internet", then there are at least two insuperable problems, which persist even if the e-voting software is perfect.:

  • "Unsupervised" means no-one can know with certainty what software is actually being run. It is in principle trivial to present an interface to the user identical to the "official" software, but at the same time steal or alter his vote. Even with an independent system for the user to verify that his vote is correctly registered (if this can even be done practically) there is no way he can know if his voting decision has been leaked to a third party.Thus voter secrecy goes out the window.
  • "Personal computers" means leaving the system open to bribery or coercion. In some jurisdictions, this is a real problem. The voter can be obliged to vote with a (metaphorical or real) gun to his head. This is impossible to prevent unless a) the voter is physically isolated while voting, and b) he cannot carry anything away to demonstrate to a third party how he voted.

I am convinced that e-voting in the sense described is a dangerous chimera and should be resisted.

what about standalone system? (and a bizzarre coincidence)

On the night of the 2006 Elections in the US and having seen the movie where Robin Williams is elected president (which, actually isn't so much a comedy as a movie about Diebold), I was on IRC; specifically #emacs on irc.freenode.net. There were one or two other people there with me and we half-joked that the FSF should create a voting system because it would be open. People could examine the source code for flaws (instead of being sent DMCA ceast and desist letters). It would only be best for democracy. We then joked about using emacs-like syntax to cast the votes.

So, what about turning your product into a standalone - like the Diebold machines? Internet voting is ridiculous - how do you know who's sitting at the cpu? (I guess you could say the same about voting in person - how to prove that you are you.....) Still, I think we need a libre voting system by 2010 or 2012, if it's not too late by then.

Positive response

I'm sorry you got only negative feedback.
That is probably the norm.
Don't forget, negative feedback makes some things work better (amplifiers.)

There was a guy interviewed on "Digital Planet" (yeah!) on BBC World Service radio.
He had a system which involved a 2 part ballot with holes punched.
What he didn't mention was scanning the thing into a LOTTERY machine!
That bit is my idea (prior to the hole thingy, I just didn't have a way to do it.)

In UK the Lotto m/c scans a slip with 7 slates of 49 numbers.
I assume it checks for 6 (no more nor fewer) numbers.
Still, new software would be needed BUT probably only at the mainframe end.
Whether that could be free and open might be a problem.

Of course it could never happen.
It would be cheap, no new infrastructure, no ballot clerks nor tellers working through the night.
Totally traceable, with a reciept for the voter ( the unscanned top part) and the scanned bottom part retained.
And quick - what!

Keep up the good work

Pete Woods

Trustworthy (non-internet) electronic voting system

Are you aware of SAVIOC? (www.savioc.com) It's a PC-based voting system that I created in December of 2000 and have been demonstrating, testing and refining ever since. It is so uniquely different that I can reasonably claim that it is more trustworthy, more accurate and less expensive than any other system in existence.

From your experience, do you have any tips on getting someone to actually use it?

Back to top