Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

more on a new DoD Internet voting scheme

From: David Farber <dave () farber net>
Date: Thu, 26 Oct 2006 09:29:33 -0400


Begin forwarded message:

From: gep2 () terabites com
Date: October 26, 2006 1:36:17 AM EDT
To: dave () farber net
Subject: Re: [IP] a new DoD Internet voting scheme
The bigger problem (and one for which there is ABSOLUTELY no technical solution whatsoever, and which by itself ought to be a deal- breaker) is very simply that there is NO conceivable way to make sure that the voter is not voting under duress.
There is NO way to ensure that the voter is not voting with a gun held to their head (figuratively, or even LITERALLY).
Their voting could be being "watched" over their shoulder by an employer, a health care giver, a welfare case worker, a parent, a child, a college professor, a landlord, a spouse, a union shop steward, or indeed almost anybody in a position of power and influence over the voter. There is no way to be sure that the voter is not "selling" their vote (for drugs, sex, alcohol, money, or whatever).
While the same argument can be made about mailin ballots in general, those in most places represent a small percentage of the total vote; if Internet voting were to become widespread, it could easily become 60% or more of the total vote, and with an inherent and uncontrollable risk of fraud... in fact, it would be an irresistable target for it.
One of the key things that happens in a poll location is that the election workers ENSURE that the voting is anonymous and private, and that when the voter leaves the polling place, NOBODY can find out how that individual voter voted.
It is EXTREMELY important that people understand the significance of this problem... that is why we MUST not allow Internet voting...! 



On Wed, 25 Oct 2006 13:25:54 -0400
 David Farber <dave () farber net> wrote:

Begin forwarded message:
From: Barbara Simons <simons () acm org>
Date: October 25, 2006 1:23:21 PM EDT
To: Dave Farber <dave () farber net>
Cc: info () servesecurityreport org
Subject: a new DoD Internet voting scheme
Dear Dave,
PLEASE CIRCULATE:
My colleagues David Jefferson, Avi Rubin, David Wagner and I have just released a short paper about the government's IVAS system that involves absentee voting using email and fax and ballot distribution over the Internet. See 
http://servesecurityreport.org/ivas.pdf
We wanted to bring this to your attention because we believe this system poses significant risks, as described in this excerpt from our article: 
In summary, we see three main risks:
1. Tool One exposes soldiers to risks of identity theft. Sending personally identifiable information via unencrypted email is considered poor practice. No bank would ask their customers to send SSNs over unencrypted email, yet Tool One does exactly that. This problem is exacerbated by potential phishing attacks. 2. Returning voted ballots by email or fax creates an opportunity for hackers, foreign governments, or other parties to tamper with those ballots while they are in transit. FVAP's system does not include any meaningful protection against the risk of ballot modification. 3. Ballots returned by email or fax may be handled by the DoD in some cases. Those overseas voters using the system sign a waiver of their right to a secret ballot. However, it is one thing for a voter's ballot to be sent directly to their local election official; it is another for a soldier's ballot to be sent to and handled by the DoD – who is, after all, the soldier's employer. 
Regards,
Barbara Simons



-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/
Previous By Date Next
Previous By Thread Next

Current thread: