Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Presidential Candidates' Websites Vulnerable
From: Barry Fitzgerald <bkfsec () sdf lonestar org>
Date: Thu, 01 Jul 2004 17:17:21 -0400

Frank Knobbe wrote:

On Thu, 2004-07-01 at 10:48, Jordan Klein wrote:
Oh yes, and there should be a checksum of the unique number assigned to each
vote to ensure that someone couldn't just reverse engineer the barcode and
make up a bunch of bogus votes.  I'm not sure exactly how that part would
work, but I'm sure there's a way.

There needs to be mechanism to block "a bunch of made-up votes". Someone
could also make up fake punch-cards. Same issue, same solution.

More important is the issue of *disappearing* votes. Voter gets a
receipt, yes, but how can you guarantee that her vote (bar code or
otherwise) has actually been counted?

Well, one thing missing (that isn't technological) is UN auditing of our election results. We demand it of other countries... if it's good for them, it should be good for us, right?

I mean, ultimately, we need to refine the technical solution - but in the end of the day it's going to have to be people who actually count, recount, and verify the votes. Having a series of outside vote regulation groups outside of the poles to take their own count with said barcode-labelled paper would be a good start.


p.s. I don't care which side of the political fence a person is on. What events we *know* happened in 2000 should freak you out.

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]