Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

Re: BOUND TO CAUSE COMMENTS djf 50 Percent of Sequoia VotingMachines Flawed

From: David Farber <dave () farber net>
Date: Thu, 17 Jul 2008 08:02:11 -0700

________________________________________
From: Adam Fields [ip20398470293845 () aquick org]
Sent: Thursday, July 17, 2008 10:52 AM
To: David Farber
Cc: ip
Subject: Re: [IP] Re:     BOUND TO CAUSE COMMENTS djf 50 Percent of Sequoia VotingMachines Flawed

For IP, if you wish:

On Thu, Jul 17, 2008 at 04:56:08AM -0700, David Farber wrote:
[...]

There certainly is expertise in the old US of A to design, build and
deploy secure systems for electronic voting.  You need only travel
to Las Vegas or Atlantic City and see how the gaming commissions
there ensure that the electronic gaming machines are certified for
use.  I'll bet there are all manner of safeguards to prevent
tampering that have been figured out, and might be repurposed to a
more pedestrian voting application.  And I'm sure they're all over
the human-factors aspect of this, too.


As they say, you can be sure all you like and still be wrong.

Gaming systems are not voting systems. ATMs are not voting
systems. [insert your favorite technology here] are not voting
systems.

Designing a capable and effective large-scale electronic voting system
is simply not the same problem as just about anything else, no matter
how similar they may seem from the outside.

The combination of features required - authentication, anonymization,
replayability, verifiability, etc... - is simply unlike any simple
e-commerce or gaming transaction. Most importantly, the motivations of
the interested parties are vastly different.

I would posit that anyone who thinks they've built a secure and
reliable e-voting system simply hasn't had the problems pointed out to
them yet.

Here's a good overview of what the difficulties are:

http://www.openrightsgroup.org/e-voting-main/e-voting-briefing-pack/e-voting-briefing-pack-html/

It's worth noting that while the Indian technology is considered a
success, that seems to be because no one's really closely examined how
it works and any complaints about its level of security have simply
been ignored by the Indian government. Not completely reassuring. The
system also has significant limitations that make it implausible for
use in the US.

Some discussion here:

http://www.slate.com/id/2107388/

The systems in use (or increasingly, not in use) in the US are
laughably flawed, but that doesn't mean that other simpler systems
that don't suffer from those glaring faults don't still have problems
of their own.

The fact is - reliable and trustworthy e-voting is extremely hard, and
it's hard to say that the effort and cost to get there is even worth
the eventual benefit.

--
                                - Adam

** Expert Technical Project and Business Management
**** System Performance Analysis and Architecture
****** [ http://www.adamfields.com ]

[ http://www.morningside-analytics.com ] .. Latest Venture
[ http://www.confabb.com ] ................ Founder
[ http://www.aquick.org/blog ] ............ Blog
[ http://www.adamfields.com/resume.html ].. Experience
[ http://www.flickr.com/photos/fields ] ... Photos
[ http://www.aquicki.com/wiki ].............Wiki



-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com
Previous By Date Next
Previous By Thread Next

Current thread: