|
|
 | | From: | Tomasso vs noise | | Subject: | Re: Boycott a.c.t-b | | Date: | Sun, 19 Dec 2004 04:51:45 GMT |
|
|
 |
"Ned Latham" wrote=20
>...
> An electronic voting system would add to that the additional security
> resulting from the meagre reward available to anyone who wanted to
> corrupt the system.
Maybe. There are degrees of corruption, and degrees of reward. Faking
an individual vote, where margins are the order of 1000 to 100000 is
irrelevant, BUT hacking block votes, or corrupting the link between the
"candidate chosen" vs "the candidate the vote was counted for" are real =
issues.
Likewise, abusing the process of marking the roll (ie, leakage of =
multiple
votes, and marking off the wrong person) can have real rewards. =
[Conventional=20
voting deals with this ONLY because the number of polling stations is =
fairly=20
small].
> Add to that an open source system with integrity checks to ensure
> that the published code is the code being run and some integrity
> checks on the voting process itself, and you've got a pretty good
> system.=20
Good point (sadly overlooked in the US). Risk of compromise over
there in November was unfathomable. "Secrecy" of code (and general
architecture) was argued as a security measure. It isn't. Open source
=3D=3D More trust.
Tomasso.
|
|
| | From: | Mark Addinall | | Subject: | Re: Boycott a.c.t-b | | Date: | Sat, 01 Jan 2005 00:24:05 GMT |
|
|
|
"Tomasso vs noise" wrote in message
news:BN7xd.78472$K7.9276@news-server.bigpond.net.au...
"Ned Latham" wrote
>...
> An electronic voting system would add to that the additional security
> resulting from the meagre reward available to anyone who wanted to
> corrupt the system.
Maybe. There are degrees of corruption, and degrees of reward. Faking
an individual vote, where margins are the order of 1000 to 100000 is
irrelevant, BUT hacking block votes, or corrupting the link between the
"candidate chosen" vs "the candidate the vote was counted for" are real
issues.
Likewise, abusing the process of marking the roll (ie, leakage of multiple
votes, and marking off the wrong person) can have real rewards.
[Conventional
voting deals with this ONLY because the number of polling stations is fairly
small].
> Add to that an open source system with integrity checks to ensure
> that the published code is the code being run and some integrity
> checks on the voting process itself, and you've got a pretty good
> system.
Good point (sadly overlooked in the US). Risk of compromise over
there in November was unfathomable. "Secrecy" of code (and general
architecture) was argued as a security measure. It isn't. Open source
== More trust.
-----------------
Having a little look at the computational numbers from the last election
shows about a 5%
error rate, just from machine errors. This would seem to be unacceptable
if'n
it was my money.
The VicTab and QLDTab seem to have a much better transaction security
profile than that.....
----------------------
Marky.
Tomasso.
|
|
| | From: | Ned Latham | | Subject: | Re: Boycott a.c.t-b | | Date: | 21 Dec 2004 10:43:49 +1050 |
|
|
| "Tomasso vs noise" wrote
in :
> "Ned Latham" wrote=20
> > ...
> > An electronic voting system would add to that the additional security
> > resulting from the meagre reward available to anyone who wanted to
> > corrupt the system.
>
> Maybe. There are degrees of corruption, and degrees of reward. Faking
> an individual vote, where margins are the order of 1000 to 100000 is
> irrelevant, BUT hacking block votes, or corrupting the link between the
> "candidate chosen" vs "the candidate the vote was counted for" are real
> issues.
"Block votes" are something beyond my ken. I don't even know what you
mean by them. As I see it, all voting is (has to be) individual.
Once a vote is delivered, it gets counted. Hacking the delivery system
means intercepting individual votes. Much effort for extremely meagre
gain. Hacking the identity checks, the count and so on means hacking
the running code.
> Likewise, abusing the process of marking the roll (ie, leakage of
> multiple votes,
But of course there's no reason to allow *anyone* access to running
totals.
> and marking off the wrong person) can have real
> rewards.
But that would require hacking the running code.
> [Conventional
> voting deals with this ONLY because the number of polling stations is
> fairly small].
How does "just one" sound?
> > Add to that an open source system with integrity checks to ensure
> > that the published code is the code being run and some integrity
> > checks on the voting process itself, and you've got a pretty good
> > system.
>
> Good point (sadly overlooked in the US). Risk of compromise over
> there in November was unfathomable. "Secrecy" of code (and general
> architecture) was argued as a security measure. It isn't.
> Open source == More trust.
King oath.
Ned
--
True Blue FAQ:
Public key: http://pgp.mit.edu/ http://www.keyserver.net/en/
Fingerprint: D17C FDD5 BBA8 8687 42E3 C8F2 C9FB 0314 E17A 0CD7
|
|
|
