Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Evidence Mounts that the Vote Was Hacked
From: Keith Oxenrider <koxenrider () sol-biotech com>
Date: Wed, 10 Nov 2004 17:28:33 -0600

I would like to suggest that the core problem with elections in the US (electronic, opscan, hanging chad, etc.) is that the system is NOT in the hands of the electorate, rather in the hands of partisan political appointees who have no interest in any system designed in an open, verifiable way. I like what I read in Prakash's paper, but I have read many such proposals and many alternatives many of which have mathematical proofs (some better than others) and all open. Instead of our government (I am a US citizen) asking experts in secure communications to design/validate an open system (take DES and AES for example) we have political backroom pandering being done obscuring (indeed attempting to make illegal to even study) the system implemented. Until (and if) this changes there is no hope that any open, independently verifiable system can be put in place. No one in the security biz would accept the use of a closed-source cryptography system, why the heck are we using a closed source election system?



At 08:40 AM 11/10/2004 +0200, Jei wrote:
On Tue, 9 Nov 2004, Jay D. Dyson wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 8 Nov 2004, Atom 'Smasher' wrote:

Evidence Mounts that the Vote Was Hacked

        Read the whole thing and didn't see any evidence.  Just wild
speculation and baseless conjecture.  Hell, there were countless counties
across the nation in which more people were registered to vote than were
eligible residents, but -- for some reason -- that ain't news.

It would be _major_ news, were it not America where it happened.
Even India managed to hold a secure digital election recently,
without any such major exit poll or other discrepancies happening.

Also note that Americans aren't the only people in the world with
capable intelligence agencies. Teenage kid hackers aren't the only
people who might influence US elections' outcomes, given a viable chance. You need to consider all the factors.

Digital voting needs to be as secure and reliable as bank accounts
are from an independent (democratic) nation's national security point
of view. A digital vote discrepancy == national bank account discrepancy, in it's importance, in this regard.

Arguing that vote discrepancies don't really matter, is like a system admin arguing that system binary checksum discrepancies do not matter.

In any case, it means you're royally f*cked, and although you may wish
to fantasize otherwise, it doesn't change the reality.

You need to know that you're secure, or your security people aren't
doing their job.

// Jei

http://www.infosecwriters.com/hhworld/hh9/voting.txt

                Hitchhiker's World (Issue #9)
             http://www.infosecwriters.com/hhworld/

                    Observable Elections
                    --------------------

    Vipul Ved Prakash <mail () vipul net>
    November 2004

....

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]