Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Oscars vote vulnerable to cyber attack under new online system, experts warn

From: InfoSec News <alerts () infosecnews org>
Date: Fri, 3 Feb 2012 03:15:02 -0600 (CST)
http://www.guardian.co.uk/film/2012/feb/02/oscars-vulnerable-cyber-attack-experts-warn

By Andrew Gumbel
guardian.co.uk
2 February 2012
Computer security experts have warned that the 2013 Oscars ballot may be vulnerable to a variety of cyber attacks that could falsify the outcome but remain undetected, if the Academy of Motion Picture Arts and Sciences follows through on its decision to switch to internet voting for its members.
The Academy announced last week that it would be ditching its current vote-by-mail system and allowing its members to fill out electronic ballots from their home or office computers to make their choices for best picture and the other big Hollywood prizes, starting in 2013.
It announced a partnership with Everyone Counts, a California-based company which has developed software for internet elections from Australia to Florida, and which boasted it would incorporate "multiple layers of security" and "military-grade encryption techniques" to maintain its reputation for scrupulous honesty in respecting its members' voting preferences.
The ballot change will be a culture shock for an Academy voting community that tends to be older and more conservative: indeed, concerns are already surfacing as to whether all of the Academy voters even have email addresses.
But Everyone Counts' security claims have been met with deep scepticism by a computer scientist community which has grappled for years with the problem of making online elections fully verifiable while maintaining ballot secrecy – in other words, being rigorous about auditing the voting process, but still making sure nobody knows who voted for what. So far, nobody has demonstrated that such a thing is possible. 

[...]


_____________________________________________________
Did a friend send you this article? Make it your
New Year's Resolution to subscribe to InfoSec News!
http://www.infosecnews.org/mailman/listinfo/isn
Previous By Date Next
Previous By Thread Next

Current thread: