lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 28 Sep 2004 21:15:12 +0200
From: Casper Dik <casper@...land.sun.com>
To: Tracy Bost <tbost@...raisalforum.com>
Cc: Mike Healan <mike@...wareinfo.com>,
	Jeremy Epstein <jeremy.epstein@...methods.com>,
	bugtraq@...urityfocus.com
Subject: Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes



>Running voting machines on OSS software seems obvious its the only way 
>to do it correctly, since its true noone trusts each other.

It is not sufficient; there really is no other way
than a paper trail.

Currently, many voting systems operate by storing the
vote in memory of some kind and it is really hard
to verify that this is done correctly; more importantly,
it is *not* possible to verify the voting was done
correctly after the fact.

It's not just a simple matter of verifying the software;
you do need to verify:

	System's BIOS
	Keyboard
	Display hardware
	OS
	Window system
	Voting software.

	The vote tabulation process
	(communication, more computer systems)

That's just too much to verify correct.  Seems the
readers here are thinking of just voting software.

But there is a solution which does not require any
verified software at all: a paper trail verified by the
voter self.

After each vote, the voting machine prints a receipt;
the voter verifies the receipt and then deposits it in
a ballot box.

When there's a dispute; the paper trail which was verified
by each individual voter can then be counted.


Note that the paper ballots can be machine readable for
quite counting but they should not contain barcodes; the
human readable bits must be the "legal" bits.

Open source, closed source; it's all really moot.
Voter verification is what counts.

They don't do it correctly in my country; but they apparently
did it correctly in Venezuela where voter confidence is always
very low.

Casper

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ