THE OPEN PITT What's cooking in Linux and Open Source in Western Pennsylvania =========================================================================== Issue 19 December 2005 www.wplug.org =========================================================================== In this issue: Voting on Open Source November Roundup From the Editors: Support Your Local LinuxFest --------------------------------------------------------------------------- Coming Events Dec. 17: Tutorial, Topic: Intro to Objective C. 10am to 3pm, 1507 Newell- Simon Hall, CMU Jan. 7: Installfest. 10am to 5pm, 1507 Newell-Simon Hall, CMU Jan. 21: General User Meeting. 10am to 2pm, 1507 Newell-Simon Hall, CMU (date tentative) The public is welcome at all events --------------------------------------------------------------------------- Voting on Open Source by Chris Teodorski Because of the federal Help America Vote Act, Allegheny County is replacing its decades-old mechanical lever voting machines. On November 17, the county held a demonstration at the Westin Convention Center Hotel with the potential voting machine vendors showing off their equipment. The systems fell into two categories: touch screen and optical scan (similar to a standardized test). Both types rely to some degree on computers to interpret and tally votes. Let me start with a confession: I am a card-carrying Free Software bigot. So when I went to see the dog-and-pony show being offered by the vendors, I admit, I went to pick fights. I went with the intent of blasting all of them for marketing closed-source applications and challenging them to justify keeping something as important as the source code that runs our elections locked away as a proprietary trade secret. They didn't disappoint and neither did I. I will spare you the details of the arguments with Diebold. Suffice it to say the salesperson that I spoke with implied that people who thought that source code should be publicly accessible were just short of kook status. I hope I opened his mind a little, although I'm quite sure that my argument was simply more crazy talk from another kook. By the time I had made my rounds around the room, I was convinced that Allegheny County's elections were doomed to take place on closed-source machines, little secret black boxes, likely running Windows. The last place I visited was the Unisys/Accupoll station. I started with my usual question, "Can you tell me a little about the technology this thing runs?" The salesman kind of looked at me as if waiting for some additional clarification, so I explained, "I'm looking for someone who can answer technical questions for me." The reply: "You should talk to that guy over there. He can answer all of your questions. You can't out-geek him." And that was how I met Dennis Vadura, Chairman and Chief Technology Officer of Accupoll. After short introductions, I asked him what operating system ran his applications (this is where I load the argument gun). "Red Hat Linux," he explained. I stopped, perplexed. I didn't have a canned response for that answer. He continued, "I've been on my feet all day. If you'd like to talk some more, think we could sit down? I'd be happy to answer any questions you have." So we did. It turns out that Mr. Vadura wrote almost 60 percent of the codebase that makes up Accupoll's election software. The technology underlying this application will be familiar to any user of Open Source-- Red Hat Linux, Perl, Java, Apache--and they are in the process of migrating to PostgreSQL for their database technology. Not only was Accupoll serious about their utilization of Open Source software, they are serious about security. Mr. Vadura was more than happy to explain some of the security measures implemented in Accupoll's election system. The most impressive to me was the following: when a voting station (the booth with a touch screen where the voter actually votes) comes on line, the base station (which tabulates and stores the votes) initially assumes that the voting station has been compromised. It begins by getting an MD5 checksum of all of the files on the voting station, and if anything fails to match, the machine is flagged as compromised. If it passes, the base station says "great" and proceeds to completely overwrite all the existing files on the voting station with its own files (contained on a read-only CD), assuring that all files on the voting station are valid and current. In all fairness, I must disclose that the Accupoll software itself is _not_ Open Source. As is required for certification, Accupoll and the other vendors have shared their code with the State of Pennsylvania, but it is not available to the public. However, Mr. Vadura said he has no opposition whatsoever to opening his code, with one caveat. His concern is that some untrained eyes may go to news outlets suggesting that they found a security hole or a bug in Accupoll's software (whether or not such a bug or hole actually exists). If the news story runs before Accupoll has a chance to respond, their reputation could be destroyed. So for now the Accupoll code remains closed. I hope that one day soon Accupoll decides to open their code and allow the community to verify, validate, and potentially improve their software. For now, I'm happy knowing that there is a chance that our votes will be cast on a system that uses some Open Source software instead of black-box code running on a black-box operating system. To read more about Accupoll and its system you can visit their web site at . To learn more about the initiative to deliver open voting systems for public elections, check out the Open Voting Consortium at . --------------------------------------------------------------------------- November Roundup Nov. 5 General User Meeting: To go along with WPLUG's annual election meeting (see last issue for the results), a series of lightning talks on various topics was held. Beth Lynn Eicher spoke about the history of WPLUG. Patrick Wagstrom discussed virtualization using VMware, and followed that up with a presentation on the Linksys WRT54G, a wireless router that runs on Linux. _The Open Pitt_ itself was featured in Vance Kochenderfer's discussion of how the newsletter is put together and what types of contributions would be welcome. David Ostroske covered SQL, the nearly-universal database language standard. Returning to the subject of wireless networking, Rick Farina explored some of the legal issues involved in finding and connecting to wireless hotspots out in public. --------------------------------------------------------------------------- From the Editors: Support Your Local LinuxFest If you're among the dozen or so people from WPLUG who attended this year's Ohio LinuxFest, you know about the interesting presentations and discussions (the rest of you can read the articles that are linked from ). It may not be one of the "big-name" events, but on the other hand you don't have to travel to Boston or San Francisco to participate. Ohio LinuxFest has seen a doubling in attendance each year, with the third annual event bringing in 726 visitors. It's tempting to make a comparison with the LinuxTag conference , started in Germany in 1996. Like its Ohio counterpart, LinuxTag is a community-organized event and (until this year, when LinuxTag instituted a registration fee) completely free of charge to participants. The table below shows the growth in LinuxTag's popularity. Part of this is likely a result of the dot-com boom that hit in the late 90's, but attendance has held up well even after the bubble burst. Although few, if any, readers of this column have ever been there, chances are good it's affected you--the Knoppix live CD is a LinuxTag project. -------------------------------- Table: LinuxTag Visitors by Year -------------------------------- 1996: 70 1997: 620 1998: 3,000 1999: 7,000 2000: 15,000 2001: 15,000 2002: 13,000 2003: 19,500 2004: 16,175 2005: 12,000 (est.) -------------------------------- Source: LinuxTag, Linux Magazine Can Ohio LinuxFest ever hope to duplicate this achievement? Well, only if people like you get involved and help out. As Woody Allen famously quipped, "Eighty percent of success is showing up." Just by attending, you send a message to major Open Source projects that it's worthwhile for them to provide speakers, which in turn attracts more visitors. KDE and Ubuntu were both represented this year. A larger attendance will surely pull in other popular projects. The next level is to promote LinuxFest. Tell your friends and colleagues with an interest in Open Source (or even if they only _might_ be interested) about it. Get the word out among the on-line forums and web logs you visit. To make the greatest difference, you'll need to pitch in some sweat equity. It took about $15,000 in sponsorship, donation, and raffle money to hold this year's event. That works out to around $20 per attendee--a tiny sum in the conference world. Clearly, volunteer labor is a major contributor toward pulling off an event like this. You don't necessarily need any special skills; job descriptions include selling raffle tickets, working registration tables, or even just carting hardware around. And you're likely to get a free t-shirt out of the deal! So mark October 7, 2006 on your calendar, and contact the organizers at to volunteer. See you there. =========================================================================== The Open Pitt is published by the Western Pennsylvania Linux Users Group Editors: Elwin Green, Vance Kochenderfer Copyright 2005 Western Pennsylvania Linux Users Group. Any article in this newsletter may be reprinted elsewhere in any medium, provided it is not changed and attribution is given to the author and WPLUG.