funsec mailing list archives
Re: John McAfee running for US pres
From: Rich Kulawiec <rsk () gsp org>
Date: Mon, 14 Sep 2015 12:21:05 -0400
On Thu, Sep 10, 2015 at 10:48:54AM -0700, Steve Pirk wrote:
We have batshit candidates, and then we have batshit crazy voting systems to make sure that the batshit endowed end up in office. Maybe these republican presidential wannabees act batshit crazy because they know that they can get away with it, because the game is rigged...
You and I may be in agreement on this. I've opined loud and long (on the IP list, at TechDirt, elsewhere) that it is not presently possible to construct a secure electronic voting system for a variety of reasons. I could delve into the myriad technical issues involved, but that's been done and it's tedious, so I will simply put the non-technical trump card on the table first: economics. As I'm sure everyone here is aware, the asymmetric nature of security attack and defense means that competent attackers can often be wonderfully successful even when utilizing a budget that's only a tiny fraction of that available to defenders. So when we ask ourselves "what budget is available to those attacking voting systems?" we start finding highly disturbing estimates, including this back-of-the-envelope calculation from Bruce Schneier: Stealing an Election https://www.schneier.com/crypto-gram/archives/2004/0415.html#4 That's alarming on its face, despite being quite conservative. But it's also 11 years old, which means that it is now a massive underestimate. Pick the multiplier you want but do keep in mind that there are quite clearly people in the US willing to spend $1B in pursuit of the electoral outcome they want. [1] If told that they could *guarantee* it for a mere $500M, they could and would write that check in a heartbeat. And with a $500M budget, any of us reading this could rig any election. That attack budget would necessitate a defender budget well into the tens of billions, and that is never going to happen. ---rsk [1] Koch Brothers' Budget of $889 Million for 2016 Is on Par With Both Parties' Spending http://www.nytimes.com/2015/01/27/us/politics/kochs-plan-to-spend-900-million-on-2016-campaign.html?_r=0 _______________________________________________ NOTE: As of July 10, the mailing list address HAS CHANGED from @linuxbox.org TO @lists.linuxbox.org. Please use the new address in all mail to the list. _______________________________________________ Fun and Misc security discussion for OT posts. http://lists.linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- John McAfee running for US pres Rob, grandpa of Ryan, Trevor, Devon & Hannah (Sep 09)
- Re: John McAfee running for US pres Blanchard, Michael (InfoSec) (Sep 10)
- Re: John McAfee running for US pres Kain, Rebecca (.) (Sep 10)
- Re: John McAfee running for US pres Blanchard, Michael (InfoSec) (Sep 10)
- Re: John McAfee running for US pres Kain, Rebecca (.) (Sep 10)
- Re: John McAfee running for US pres Valdis . Kletnieks (Sep 10)
- Re: John McAfee running for US pres Steve Pirk (Sep 10)
- Re: John McAfee running for US pres Kain, Rebecca (.) (Sep 10)
- Re: John McAfee running for US pres Blanchard, Michael (InfoSec) (Sep 10)
- Re: John McAfee running for US pres Steve Pirk (Sep 10)
- Re: John McAfee running for US pres Rich Kulawiec (Sep 14)
- Re: John McAfee running for US pres Blanchard, Michael (InfoSec) (Sep 10)
- Re: John McAfee running for US pres Rich Kulawiec (Sep 16)
- Re: John McAfee running for US pres Jeffrey Walton (Sep 10)
- <Possible follow-ups>
- Re: John McAfee running for US pres Rob, grandpa of Ryan, Trevor, Devon & Hannah (Sep 11)
- Re: John McAfee running for US pres Ned Fleming (Sep 11)
- Re: John McAfee running for US pres Aryeh Goretsky (home) (Sep 28)