|
|
|
E-Voting: Its Security, Stupid
By: Ben Rothke
2004-08-23
Article Rating: / 0
There are 0 user comments on this Government IT story.
Secure e-voting is possible but not without a sizable effort.Last month, Harris Miller, president of the Information Technology Association of America, reportedly stated that the open-source movement is using the issue of e-voting security to wage a "religious war" that pits open-source software against proprietary software. The only thing more absurd would be for Miller to blame the woes of e-voting on a vast right-wing conspiracy. As a citizen and voter, Miller should applaud, not disparage, the whistle-blowers who have demonstrated the security flaws of e-voting systems.
Leading security professionals say they are against e-voting because of its intrinsic security weaknesses. Indeed, if e-voting were a drug, the FDA would never let it out of the lab.
Miller also stated that a recent ITAA survey showed that 77 percent of registered voters are unconcerned about the security of e-voting systems. Such a figure demonstrates how little those polled know about information security. Could any of that 77 percent find insecure code in the voting software or explain, for example, how blind signature voting systems are supposed to work? Democracy is magnificent, but the optimism of 77 percent of the populace cannot make insecure and buggy code workable. If the 77 percent truly understood the many security problems, their enthusiasm for e-voting would be quickly extinguished.
In fact, e-voting creates the largest and most unique set of challenges to information security today—greater than the security challenges of e-commerce or electronic tax filing systems. When the ITAA points a finger at the open-source movement, it is only in a futile attempt to deflect criticism of the inherent security flaws of e-voting systems.
Paper voting is not without its problems, as the presidential election in 2000 made clear. What traditional voting systems offer, however, are audit trails. Although far from perfect, paper audit trails are the best we have. While fraudulent repeat voting has long been a problem, the most fraudulent votes a single person could place in a single day might be 20. Move that election online, and theres theoretically no limit to the number of hacked votes that could be placed.
 Click here to read about the growing opposition to e-voting.
Electronic audit trails, if implemented effectively, could provide an ideal solution. The only problem is that there are no vendors that are developing auditability levels that would permit secure e-voting.
Secure e-voting is not beyond our reach. It could be developed, but it might amount to the application equivalent of the Manhattan Project. Until such a commitment is made, e-voting is one technology that we would be well-advised to do without.
Ben Rothke, CISSP, is a New York-based security consultant with ThruPoint Inc. McGraw-Hill has just published his book, "Computer Security: 20 Things Every Employee Should Know." Rothke can be reached at brothke@thrupoint.net. Free Spectrum is a forum for the IT community. Send submissions to free_spectrum@ziffdavis.com.
Check out eWEEK.coms Government Center at http://government.eweek.com for the latest news, views and analysis of technologys impact on government and politics.
|
|
�������x}mw��BH�smn58=�P,$$!'sOoܪ� �2$Aw?H�t4ô'��c�=ޤ�>w߽��??mBo92r\\!GtjY\�R}�F]̉k���mو|N�x � tjOt0.Rs2�j9��9&ԓoO~e0c�-ڶAq6)RzJ �~5{K6r�"%�IaH.X(�:L<2#�oqر}3{}g&�4wb�Q�!)��X^�P~�D:ǎkd;�0k~��BAUw0vK斶<$# |'3h
ֱb��1F΅; {G}A%˙8�'M
jj'R#fx��Hx#@PWw,DžT*+Tja3cmfZ�55x-y5@ܱ=ǥ�>B�c�3E5�O_FBf�ŭ0�~r�b=�'A/ ۱mB ¿{kYoAבM\ga�dZo?_�b�6�j�ۆ@ظ�70>K��WM�"S�9ˡ,kFp�0閩m˺uw*r]�
GjR/G{Q!`چYlT3{7ڷ?ڿ,T�U-�U:G|�,;�ڎRh[#ijQPt;'7~l@z�ۗQ\b'H
H7&�LT-�JR,�LAa|Omd:A�XsEF l�|%R/ՋjA=R�dڑ��f1]ӣ0#ƌ_8(Jri��NgsKjоd>8ϐ}1�fPUU�~ 32ؕΆgxo۬:nNo9n;W>9ݐIYF0pg�Z�L`Kk'^3S�&�ںa#j庤#3p;�|n�?�_vNHN,�N/�%�0djg,Yn_H..żN�a)XY|Xͼ�94�g�o 3NE ;-�uj�vf{
P:o4}G_x0FD0��f4�M�5r,e��g05@�M)��41r%k
�3!RBZ(�q��_{@@�j\~nV �>Χ˅B�!B^3ˌ"ȅ�Q.%M�>�Ć�>�쥒U1\ni�U<<>�YoV͉&]X]uUjZmpWE?ĴT:yn
>ܴOIwnoaD�f�",V$��Mm{QVJ�,ՎJPPW
G�UL �F�̶-a[9S��k�k?�z`�贁�;mFݟ�Ϩa.ff۱9z��4$�AC62^lK5}j���>3 ä��p;p6(Z�׃�`j�˦-Mf@B9���ǽ�ޚA�<�Q
ݻ#iy`y1�&���բw�A�-@X4�꺎�][x�
�XsP��am^3-mdZ`1 .5�:%ڀ�;r#Ea1
C.K))�$C[��]HPw9��J�
B�!\��0��V0(䎄r)n�l�ry Kg�rsvn4�K {T�Kh!+�K@fsf`(4{~u}bB�+|#'d�Xr`Y
�\`+|�i)lc
jԭe�RpJ
>�Ѹ7=� K%b�i]y�e�,`b�T��D%\Ew,O�f�u�p=7Zc@Cyw{J`00ӊYsS
s����qa$SM�93mX0NM}JB+H5L6�´Lh@�,io<`KYm>Ljɹ�SF`ߑ^86̜�07ÚL >u"�Vg�虉m>`�4fs)wdm˴��roBoڅRT眺_dA�_fMlj�lȌu>IVB17O1w^W pIʅM.F��*T�
1�8�FL�qO]('SgFFJ�V�>zh'>ug�HtXknڏR5{_�No6�y6+mm��g�@x#� dlk
�Ԡ�ecLGyk-Rk��
ò
=4Pr2��x
EO=nMCTC��Ss�
>�
*\TB?[�Ȕe0jAFsXbcܱ��&���P
���}�*w`b\0^`N�g�Au,KsW{�T\|'?`�˟Q,C*8E480T�]2�agRJMa&s(1wA'�ı``�{�s3rl�_�:r675{uq8\[�tՒ�үxM泛vp��t��9Je!6�c�{ji-�jiF+eu�&-JJPT8'���i/#Y���X�Tر,!0}65{IP|>-L�K.44"#n�'ѠT�#�8vܙiW���&<�Z
��u;Fc��'zpg�ItѾ&hʰe�h8`Z8wE% y��g4�-c٧B}Ho)��ڿ�`3�\xkm`�ש�XTe���1/0֩� i�X/q+ #5ߘv�*'�L)`.�3�M\PvS�lf��
��"8&�S��jSq�o8Z?͑v�3�Ho�a7X[�RkE}���,]hD1(dyDFG/�q8bk
�N40�8�ڳ"ZJŔ8�k*YC÷YT^gf7s-_O��%Xȓ3w�&F��ش\.K!yo�
*Ֆ�r)ƝQ3�旁1/hy2抪cb�L4Ω,6v'�ȮiϼVO�\1OwžV/H1�\�Ac>\>�y-�۠9Tb5�J9��~Nq3`93"豥mBt��c#AAzE��-g}X#2���OR4S9��7=�BR�ӳ�$RQ�d
{4wl8nH#whk�_R��<@,5Y*
%
=EZЋ1u)&&j|dǶ�$o�y݊5�g@Rf2U-U�"m\�,�jJH��L�
<�E���?�^�nȍC~{�$<@|)@U�%mX�J�S?YTAtUﴨcEZ`�ЯhLl�\%\���i0(QJ�3[,X>DД�5Ϩ��x3�Rb�
kxG�tm&7
u�,?"X7S�wg�5c�̇)
/FR%*m\䎾ߓNtM��qC`IR�R�"Yr�r�ZR�U+d��K<� �J�;!(|{W
!i*6ǷWXM��yxK�Oܯ%EDOC�VnF�gX&���bj?3 �c��Cs7��j(6@ E D@�;nCϱ?%
?�S-l8.F::~�ݕDw�{vN��}@:ku;����?i�ٿ;N00�vb���k5.��J/|D`Mթlb0+=�L�@IP
��4p="I�k#Ջ�uzڹ:nx�m}6�"8�-o�d��G4r��z]�ۺ9\/~.{7(�\x#x`n&��u9:dIN&�ax�ݺ N8>m48�`�xѤȢO1Ok7�tE�xW()s��z8~&�0Z9.N:|$�B2�Ndp
j_veSr�>F�$/�%/p�ǻ�o�E
p!AS��9kթ-xOӖO|�B�[a�DwJx$�zbeafIl�x8c�RJ蔀'�Op��|N)˓8/+qYO(Uqhd*ꒀ~*~(i&'ءH
Pق[W�
$
k|wisq�^]6V"��G�X ;[
ViH0_Ӹ\b�tNZD XY�+o�x�'t�a}Xɫq-�jw!ͫ�؉��C.�6�OY-=` !+|){~T�۾l_tl=O$ ��ۑqD�t2Ti\'�X6r}hrrӅ[do�Ц��z$sm�CgڒLرDM�~�zo蚳��o.� �}g-{oC�Ć'HАݛ�wܼ6䌜71n7~wojO�0�6oV<��i?{ʾ*CWq��[:i)`*98�Dh�H^ݍd[EVd.t�wt62�ӂ���@7YM��d3D?�ymТ1>Q3-�4|#x �^cI�.�~�(�{_fO�,J馇\W%��(�]Z^�|WW%0*5_��2�6,eM��}6eV(�X%+*?7�nt
�'`�
<ꋌT�SjP@�!kqC{JA1nS�B~D
��SJ.�kI]ʹ�3hS8i7/��)�H]�|f+2�+R�s�`����{vg�d-�E13k�E3�"!�\j� 9��Hl,:��iu�|;]2���S�7�l�7_��$wW7�6y�DbZF�
Ⱦ�RchV�~V&r��eP�51|���C;�S;f>SϪb`0{,L^;n6)R5X,y�X"xIJ]y�$b7hJ!!ڃP9VS�>R�J�I5�!ʓ H=uHֲ,cʓ%Ǔ-dK�lKɽ"�n��2�|�E=�f
�=����
�e�j!�z��\Tˏ�W�XpY�IP?}Ja1ꗙWA�[b-9A}eN8\w)�_uxa z>^@᰻�9#�D��"x<ըsSH9OJUg��hXRכ,`���#פc~{%P\~L0�@UOwz�ƙc< >o�j�9I��Q,ʴ�Ȑ~3tKv(�� 0�hKAtczw0:�߹4zd �Ȣ0�$���I�1/B��4^wKz�30��,n{O�Hk`g�>��Q`�"*�V!'\V�i�e L/r*/�B&}�V�Ԑn�2RF-Cvh�a{*�0N~ҭIݥ1&U`ɨTR�0���. Vy6X �in~.|\|\|\|\_ZԯǵaKp mf*
���S_�0ab*R�`dvh��f(Ҿ/�-Kg��e|*?w}L�g�{4�C?b5/yCz�闺UІ9voQ^0x<�v\�l@{�U2�I3mq?"�!Z�z8R[�xv1A1
/��54u؆�w/Fx�~SY�!cT�<k_AG-'W IΞëB_b%��b�'QIHጸ�:-BRﯕ!W>�)�3�0.$o,S�l;aG)�0�;�0}P�C�u&.x㏱{QT9 ?
Kɧ
�9S�}�\�|
j~d�<:%dT�?:����O�/z[��$ ��P�x!�Fv{�Kb+n|I6w�$Qhk�TW6��AX�D+BBV+��Y�"�'"���H�*l]^|�bv|l?��.
dP���m���_R6`;LP��m�͂�͢E� 41�ܦV�ueb?]CttEkc"]N1xy��[?LMεֈ1p*B G9-�9�j,+��hX:�-X�i1|y
�� 6-�y^Šx!��y<�f|DZGao=!v7cK;7�\g4c]8_q�=&o7`�J8sWJ,Ehn84nӶI>2��n�:YO-n,؇c��[kx6_b���~��R.gI* ]Z ��0!,2��l�0W+V+H-�JR;�w(k1�Iݛ�Py)~�rY-�k�m͵4� �K�RaɄ~�\],txZډ�bD�k'�Q�%qT ���0gˡW�qU#\�Z�W!9c��&6j�S8F-eXC�@W�ݥDDm+i�mMw6[)90ڑ��]s�t�7�>^&�Pt��ׯ0OļT^sn'0�FܑYڡ�Z`3+n{lˊRɶ8�خ�NR�)q2�.Ʌfk���t)"4�?R)&o%j��.9`VGMZ�8sX>�y,�WeB,�
�|)W'���n�JYVmI| .�kp�>aȕ�
)V>ۣV7>B2<�uWC�W|�I
-C͢��\�a25�+�
Sp���;�)��*�E-%=hx|8l�@ "6r?"�q:N]�~�^P6��p�Z��;$ΐEoX�{+$ɽO��g-ĝ*uFf.$��R��;%�1v}n\m=�oa/�|P_���擄iwK�MmI9
f�->��!'vỢ�
2ÛR�u}::�q#��C[�"嘥�
բ s�;!�۟ozaHU� �Ft8Z��3�*�I⊌F��2*mM]_o}&> %��
�5"��|qM�n#b�xL1fxaں`3bwښϽ�r�6^eA1A�{~@>:LQXj��*�!b3wإ4ϓ/ 쮿�IS*b�y�vq]�@��y+��LL�͂zĂ�G�(�~lJ x�I8��Wp-,0C(��-Ō��C�5Z(�O�VB�BveX
z(Y�z�o�͊g2Rq:JR!
`x�FNRsdhhz?J=M]; �&G]lFLf
u}}nHݴۤrӹ�tzW}ٻųOֆ��_%ԝ駓Us55L�fbv>L4m^j�JxeAήZ6S��r}=\h���2�^ûLwE 3@cqu�^ LP'Q~�\>B)v�}�Q��×^-À{ec�uzzljEom9�Gxu3�K_99q�Σx
M��/��U9imn쩄��!>/'�һj皁Ikw[�?C�B�7P~^~�NmeQ>H/?��3O$�sAsyF?@NyI/暝ӌr_'\eC;�k(�/�e�|�����͠o�͠O�f�fg�(W�_}��P~Q�(GFy�ʻ�0W�{�s!?W0~W�׃2�?=/�r
q�P:
M��~�}�o_�_�2#*�>f�1~P~U�{mF��$)c�Vqv%sQ^53\�}U
U�K:gJ�3�V^�V`�{AJ1g��_?C+@OQ�s};+ť$W�
7׳KL3T1jt�d}אG{1Ri� V�{HyH�Ja�b^>c����˼X{�}tE��q>p�+iBL�w%<_[nNJ>s\ȜHǣ�W0'Y iM�%�|,y�M`p2�1'KY�wT/3yK_x>{3+7 @9οr m�v3~\�ć�^|#]m�}�.LU+zu՞;K.8��*,U�`I[`���Z�7Lj1dPU**�ur$5{H,�|����˹f>rF��Y�D�`�BWЋgEf,0z."����z[YO�x�nҸz\�I�Wa5}*<|6c�bZ��DɁ֠=Q�S�Y�B-'c@ԯI`Xkt(J67B��'��3Σ/vݝ6�_ǿr_8�F<'.M�dtbL/�aRjx��|3B�Lcr(�pىeh��).MLx1?� u60H-��},.Q"�*kH�*s�{B�|%w�{fBZa N?){%�B��?y�[D=$z5|o,Cge]ikE?H3軉d<{K6o7j[��(&\`ጔJqiAG�=$nD�{1ߠ�6+yJ>?��Tzks\6$DRg��}F�0zN:]�j?eq� n�nwfښ�ˎƌQYp'#8�4���<غlQE|I��qmx�W}İ�҂!^Q,T6y�K*>�% �-� �ixE xu��A]�>�v{[?/Dz_�Ba2�X��x
k�͜GԋGg0eӍh_X�mwbdt#k^FzJn5�C]R>Ŕk�
]'ا3�й?-{bז���e;�
/C��{
�QAb�VA#q삢M���nD*�;Ѝ�A4gX3'��ya1 g�{y�{~kt��3l�vnwx}z!�}ođ��YX&�7DI6�/ktm�(Ѱ0K{,l}E�E%%���XrNCa
�0A���:hɒ 19.f@�xI1%h3l䃈mAb�?�kڱL}aG?�ę/Y)��zWN~LʅcaP^٢�#�^"%hw2bo�_��KO{�|I>"�:Ÿ 3�V\r*��`wڝX{ysB(zW�\~:!#u
�*`'.gGQ~v>!�X!6�{xvbpwٻ⿑wuMթ�h,-)Z�i; Aec]NO;W�P7w r�F˳?s7*Ѡ~oM���z'�4mEg,3l�W'BV>۽w�E^0�ŦܖmJHQ&s)C+Mm�7bR8.fr0:_v�>mM.2a-d8�Hk#k�jc&��
|
Government IT 
