flwyd: (glowing grad macky auditorium)
flwyd ([personal profile] flwyd) wrote2006-09-13 06:17 pm
  • Add Memory
  • Share This Entry
  • Current Mood: suspicious
  • Current Location: America... a precarious place
  • Current Music: Dark Side of the Moon
Entry tags:

Democracy's Weakest Link

As many people suspected, Princeton has shown that it's really easy to hack a Diebold voting machine. Like many corporations, Diebold prefers to deal with technical problems (faulty design) with non-technical tools. One tool is ignoring the problem. Another tool is attacking critics. A third tool is keeping the design secret so that nobody knows how bad the system is. An example of the first two tools follows.

"[Our critics are] throwing out a 'what if' that's premised on a basis of an evil, nefarious person breaking the law," Bear told Newsweek after the March Emery County study. "For there to be a problem here," he further explained to the New York Times, "you're basically assuming a premise where you have some evil and nefarious election officials who would sneak in and introduce a piece of software … I don't believe these evil elections people exist." -- Hack the Vote? No Problem on Salon.com

A fundamental technique of secure system design involves playing a malicious party. At point of entry in the system, this party gets to say "What if this happens here?" I'll bet companies that make slot machines don't answer that question "Surely there's nobody so evil to do that!" That's right. Your gambling rights are better protected and enforced than your voting rights.
Threaded | Top-Level Comments Only

[identity profile] ihatepavel.livejournal.com 2006-09-14 01:42 am (UTC)(link)
Ugh. Thanks for posting this. Disappointing, but, as you say, not surprising.

[identity profile] hattrickflyer.livejournal.com 2006-09-14 03:41 am (UTC)(link)
Need to bring back the butterfly ballots. At least those elections are stolen by honest to God mayors of Chicago and governors of Florida, not by random geeks.

[identity profile] murasaki-suki.livejournal.com 2006-09-14 04:35 am (UTC)(link)
Geez. Makes me wonder if it's even WORTH voting anymore. Even in hicksville we're getting them. Got an informational pamflet on them and everything.

Or maybe the hackability and/or them ignoring it IS part of the design!

[identity profile] iamcompufrog.livejournal.com 2006-09-14 05:37 am (UTC)(link)
Back in the days I DESIGNED "security" and "system" software, I would do everything to break it before it left shop.
This included doing both stupid and malicious things.
Pressing timing problems.
Name it.

Not today.
The "ass"umption is that "everyone is honest and no one will EVER make a mistake, especially and 'honest' mistake."

Yeah.
Right.

[identity profile] mythicsagecat.livejournal.com 2006-09-14 02:25 pm (UTC)(link)
Why wouldn't they fix this?
Either they're in denial,
or
they're in on the fixing.

Pondering on meanings

[identity profile] mythicsagecat.livejournal.com 2006-09-14 05:01 pm (UTC)(link)
Funny, I just realized I used "fix" in two different senses in the same post.
Threaded | Top-Level Comments Only