[prev in list] [next in list] [prev in thread] [next in thread] 

List:       isn
Subject:    Re: [ISN] E-Vote Software Leaked Online
From:       InfoSec News <isn () c4i ! org>
Date:       2003-10-31 9:08:25
[Download RAW message or body]

Forwarded from: Max Gastone <banangling@yahoo.com>

When there is a perfect coding system and perfect coders to use it,
only then could we ever trust a program with votes. Basically these
companies are relying too much on daft security through obscurity.

Part of the success of PGP in becoming an essentially unbreakable
encyption program and standard is due to it's code being made open.

If e-voting software is to ever attain the same level of trust then it
needs to go down the same route. Giving that they cant even keep their
own code secure, it is highly unlikely that methods such as checksums
are sufficient to guarentee integrity from outside attacks. Though
there still is the issue of internal threats and deliberate backdoors.

I really cannot see how a secretive culture around e-voting software
is ever going to lead to it being trusted enough to be adopted.

Max
info@privacybasics.info

--- InfoSec News <isn@c4i.org> wrote:

> http://www.wired.com/news/privacy/0,1848,61014,00.html
> 
> By Kim Zetter
> Oct. 29, 2003
> 
> Software used by an electronic voting system manufactured by Sequoia
> Voting Systems has been left unprotected on a publicly available
> server, raising concerns about the possibility of vote tampering in
> future elections.




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo@attrition.org with 'unsubscribe isn'
in the BODY of the mail.
[prev in list] [next in list] [prev in thread] [next in thread]