lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: koxenrider at sol-biotech.com (Keith Oxenrider)
Subject: Re: Evidence Mounts that the Vote Was Hacked

I would like to suggest that the core problem with elections in the US 
(electronic, opscan, hanging chad, etc.) is that the system is NOT in the 
hands of the electorate, rather in the hands of partisan political 
appointees who have no interest in any system designed in an open, 
verifiable way.  I like what I read in Prakash's paper, but I have read 
many such proposals and many alternatives many of which have mathematical 
proofs (some better than others) and all open.  Instead of our government 
(I am a US citizen) asking experts in secure communications to 
design/validate an open system (take DES and AES for example) we have 
political backroom pandering being done obscuring (indeed attempting to 
make illegal to even study) the system implemented.  Until (and if) this 
changes there is no hope that any open, independently verifiable system can 
be put in place.  No one in the security biz would accept the use of a 
closed-source cryptography system, why the heck are we using a closed 
source election system?



At 08:40 AM 11/10/2004 +0200, Jei wrote:
>On Tue, 9 Nov 2004, Jay D. Dyson wrote:
>
>>-----BEGIN PGP SIGNED MESSAGE-----
>>Hash: SHA1
>>
>>On Mon, 8 Nov 2004, Atom 'Smasher' wrote:
>>
>>>Evidence Mounts that the Vote Was Hacked
>>
>>         Read the whole thing and didn't see any evidence.  Just wild
>>speculation and baseless conjecture.  Hell, there were countless counties
>>across the nation in which more people were registered to vote than were
>>eligible residents, but -- for some reason -- that ain't news.
>
>It would be _major_ news, were it not America where it happened.
>Even India managed to hold a secure digital election recently,
>without any such major exit poll or other discrepancies happening.
>
>Also note that Americans aren't the only people in the world with
>capable intelligence agencies. Teenage kid hackers aren't the only
>people who might influence US elections' outcomes, given a viable chance. 
>You need to consider all the factors.
>
>Digital voting needs to be as secure and reliable as bank accounts
>are from an independent (democratic) nation's national security point
>of view. A digital vote discrepancy == national bank account discrepancy, 
>in it's importance, in this regard.
>
>Arguing that vote discrepancies don't really matter, is like a system 
>admin arguing that system binary checksum discrepancies do not matter.
>
>In any case, it means you're royally f*cked, and although you may wish
>to fantasize otherwise, it doesn't change the reality.
>
>You need to know that you're secure, or your security people aren't
>doing their job.
>
>// Jei
>
>http://www.infosecwriters.com/hhworld/hh9/voting.txt
>
>                 Hitchhiker's World (Issue #9)
>              http://www.infosecwriters.com/hhworld/
>
>                     Observable Elections
>                     --------------------
>
>     Vipul Ved Prakash <mail@...ul.net>
>     November 2004

....

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ