[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <q9jgl01sqfer9s5or3vdadaojj0ekbrrpi@4ax.com>
Date: Mon, 27 Sep 2004 18:43:09 +0100
From: Chris Paget <ivegotta@...bom.co.uk>
To: "Yoav Nir" <ynir@...ckpoint.com>
Cc: <bugtraq@...urityfocus.com>
Subject: Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes
On Sun, 26 Sep 2004 11:26:04 +0200, Yoav Nir wrote:
>Voter verification has many pitfalls, as I can't think of anything that will
>allow a voter to verify his vote was correctly counted without allowing him
>to prove how he voted to an evil vote-buyer.
Relatively simple, actually. When the vote is cast, it is printed out
and scrolled past a clear window before being stored (presumably on a
roll somewhere). The voter can see the recorded vote, but doesn't get
a copy of it so they can't prove how they voted (and hence sell their
vote). Admittedly, you could take a digital photo, but that same
method could be used to prove how you voted using any system.
There are solutions to the problems of electronic voting, see
http://everyonecounts.com/downloads/May2003Pilots.pdf for moderately
technical info of the solutions trialled by the UK in the 2003 local
government elections. AFAIK there has been no controversy over the
accuracy or reliability of these systems (other than the usual
scare-mongering FUD); if anyone knows of any resources which dispute
that I'd be interested to hear of them.
Chris
--
Chris Paget
ivegotta@...bom.co.uk
Powered by blists - more mailing lists