Wednesday, October 06, 2010

Votewashing

I'm kind of a pessimist about these things so I think e-voting is coming sooner or later regardless of whether it can be demonstrated to be secure or not. So far not is winning. But unsecure technologies are implemented anyway.
Halderman also notes what many of us have been trying to tell Internet Voting proponents for so many years: it's incredibly difficult, if not impossible, to make the system secure...
The specific vulnerability that we exploited is simple to fix, but it will be vastly more difficult to make the system secure. We've found a number of other problems in the system, and everything we've seen suggests that the design is brittle: one small mistake can completely compromise its security. I described above how a small error in file-extension handling left the system open to exploitation. If this particular problem had not existed, I'm confident that we would have found another way to attack the system.

Sounds like this Internet Voting thing for overseas and military voters, which has now been called off in D.C. as of last week's hack, is as brilliantly thought out and executed as the electronic voting and concealed vote counting that nearly the entirety of the nation is currently saddled with at local polling places.

No comments:

Post a Comment