| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 27 Sep 2004 18:43:09 +0100 From: Chris Paget <ivegotta@...bom.co.uk> To: "Yoav Nir" <ynir@...ckpoint.com> Cc: <bugtraq@...urityfocus.com> Subject: Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes On Sun, 26 Sep 2004 11:26:04 +0200, Yoav Nir wrote: >Voter verification has many pitfalls, as I can't think of anything that will >allow a voter to verify his vote was correctly counted without allowing him >to prove how he voted to an evil vote-buyer. Relatively simple, actually. When the vote is cast, it is printed out and scrolled past a clear window before being stored (presumably on a roll somewhere). The voter can see the recorded vote, but doesn't get a copy of it so they can't prove how they voted (and hence sell their vote). Admittedly, you could take a digital photo, but that same method could be used to prove how you voted using any system. There are solutions to the problems of electronic voting, see http://everyonecounts.com/downloads/May2003Pilots.pdf for moderately technical info of the solutions trialled by the UK in the 2003 local government elections. AFAIK there has been no controversy over the accuracy or reliability of these systems (other than the usual scare-mongering FUD); if anyone knows of any resources which dispute that I'd be interested to hear of them. Chris -- Chris Paget ivegotta@...bom.co.uk
Powered by blists - more mailing lists