Re: E-Vote Software Leaked Online

[InfoSec News <isn () c4i org>]

Forwarded from: Max Gastone <banangling () yahoo com>

When there is a perfect coding system and perfect coders to use it,
only then could we ever trust a program with votes. Basically these
companies are relying too much on daft security through obscurity.

Part of the success of PGP in becoming an essentially unbreakable
encyption program and standard is due to it's code being made open.

If e-voting software is to ever attain the same level of trust then it
needs to go down the same route. Giving that they cant even keep their
own code secure, it is highly unlikely that methods such as checksums
are sufficient to guarentee integrity from outside attacks. Though
there still is the issue of internal threats and deliberate backdoors.

I really cannot see how a secretive culture around e-voting software
is ever going to lead to it being trusted enough to be adopted.

Max
info () privacybasics info

--- InfoSec News <isn () c4i org> wrote:

> http://www.wired.com/news/privacy/0,1848,61014,00.html
>
> By Kim Zetter
> Oct. 29, 2003
>
> Software used by an electronic voting system manufactured by Sequoia
> Voting Systems has been left unprotected on a publicly available
> server, raising concerns about the possibility of vote tampering in
> future elections.




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.