Information Security News
mailing list archives
Oscars vote vulnerable to cyber attack under new online system, experts warn
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 3 Feb 2012 03:15:02 -0600 (CST)
By Andrew Gumbel
2 February 2012
Computer security experts have warned that the 2013 Oscars ballot may be
vulnerable to a variety of cyber attacks that could falsify the outcome
but remain undetected, if the Academy of Motion Picture Arts and
Sciences follows through on its decision to switch to internet voting
for its members.
The Academy announced last week that it would be ditching its current
vote-by-mail system and allowing its members to fill out electronic
ballots from their home or office computers to make their choices for
best picture and the other big Hollywood prizes, starting in 2013.
It announced a partnership with Everyone Counts, a California-based
company which has developed software for internet elections from
Australia to Florida, and which boasted it would incorporate "multiple
layers of security" and "military-grade encryption techniques" to
maintain its reputation for scrupulous honesty in respecting its
members' voting preferences.
The ballot change will be a culture shock for an Academy voting
community that tends to be older and more conservative: indeed, concerns
are already surfacing as to whether all of the Academy voters even have
But Everyone Counts' security claims have been met with deep scepticism
by a computer scientist community which has grappled for years with the
problem of making online elections fully verifiable while maintaining
ballot secrecy – in other words, being rigorous about auditing the
voting process, but still making sure nobody knows who voted for what.
So far, nobody has demonstrated that such a thing is possible.
Did a friend send you this article? Make it your
New Year's Resolution to subscribe to InfoSec News!
- Oscars vote vulnerable to cyber attack under new online system, experts warn InfoSec News (Feb 03)