more on Report Says Internet Voting System Is Too Insecure to Use (fwd)

[Dave Farber <dave () farber net>]

Delivered-To: dfarber+ () ux13 sp cs cmu edu
Date: Thu, 22 Jan 2004 09:44:25 -0800
From: Brad Templeton <btm () templetons com>
Subject: Re: [IP] Report Says Internet Voting System Is Too Insecure to Use
 (fwd)
To: Dave Farber <dave () farber net>
Cc: gep2 () terabites com

On Thu, Jan 22, 2004 at 11:40:45AM -0500, Dave Farber wrote:
>  1)  The system would have to meet suitable standards regarding privacy and
> integrity, specifically regarding the registering, communication, and
> collection
> of voter responses, and I believe that it is at least CONCEIVABLE that
> suitable
> technology can resolve those issues (note that I am NOT confident at this
> point

What is perhaps not clear is that this report is not saying it's
impossible to build a secure computer, or have auditing etc.

There are very specific issues with the SERVE program.  In particular,
the voter votes on an ordinary Microsoft Windows PC, using MSIE or
Netscape.

That should be enough for most of us here, but it seems the designers of
the voting system are not aware how easy it is to place a trojan horse
program on a Windows PC, to intercept its keyboard, screen and other
operations to make the user think it is doing one thing while it is
actually doing something else (like voting for another candidate.)

That the PC's communication with the server is secure and encrypted is
pleasant but unfortunately not any assurance of security when the PC
is so open.  Note that while Windows is particularly ripe, I would not
feel much safer with linux or other systems.   You would need a dedicated
voting terminal with no connection to the outside world except the ability
to talk to the voting server, and no ablility to use or store anything but
trusted voting programs on it.   Even that has concerns, but voting from
the ordinary user's home Windows PC is crazy.

This is even though the thing we are comparing it to -- mail in ballot --
is also highly troublesome.  With mail in ballot you give up secret ballot,
since you can sign your ballot and give it to the vote buyer to fill out
and mail.

So while there are a number of contentious issues on internet voting
that are worthy of discussion, the SERVE story is much simpler.  Internet
voting from a home Windows PC should be a non-starter on its own. 

-------------------------------------
You are subscribed as interesting-people () lists elistx com
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/