Framing the internet voting security debate
The consensus of computer technologists, election officials, and other experts in voting technology holds that internet voting is very, very, hard. While I certainly agree with that assessment, it’s worth noting that the term “hard” is rather ambiguous. Indeed, one of the biggest issues with the internet voting debate right now is that we’re missing the implication of how this word should guide our research. This difficulty shouldn’t motivate us to give up, but rather to re-think our approach to solving the problem. --->>>
Showing posts with label Voting Security. Show all posts
Showing posts with label Voting Security. Show all posts
Tuesday, May 15, 2012
Monday, April 30, 2012
Switzerland: Security questions hang over e-voting plans
Security questions hang over e-voting plans
Swiss e-voting systems lack transparency and are vulnerable to attack by malevolent software, a study has found.
The authorities are looking for solutions but officials point out that there is no such thing as absolute security, even with the traditional ballot paper vote. --->>>
Swiss e-voting systems lack transparency and are vulnerable to attack by malevolent software, a study has found.
The authorities are looking for solutions but officials point out that there is no such thing as absolute security, even with the traditional ballot paper vote. --->>>
Wednesday, March 28, 2012
Cyber attack on NDP leadership vote involved more than 10,000 computers
Cyber attack on NDP leadership vote involved more than 10,000 computers
A massive cyber attack involving more than 10,000 computers was behind the online voting chaos during Saturday’s NDP leadership vote, it was revealed today.
According to Scytl Canada, the company contracted by the party to conduct the vote, a deliberate large scale “distributed denial of service” (DDoS) attempted to deny NDP members access to the online balloting system. --->>>
Also see:
NDP Leadership: Online voting company blames delays on “orchestrated attempt to thwart democracy”
A massive cyber attack involving more than 10,000 computers was behind the online voting chaos during Saturday’s NDP leadership vote, it was revealed today.
According to Scytl Canada, the company contracted by the party to conduct the vote, a deliberate large scale “distributed denial of service” (DDoS) attempted to deny NDP members access to the online balloting system. --->>>
Also see:
NDP Leadership: Online voting company blames delays on “orchestrated attempt to thwart democracy”
Monday, March 26, 2012
NDP Leadership Internet Vote Issues - Commentary by Jesse Hirst
Working out the kinks in on-line voting
Tech troubles slowed down the NDP leadership convention, and the same technology is coming to our Nova Scotia municipal elections. Jesse Hirst says, its important that we get this right.
Link to audio --->>>
Tech troubles slowed down the NDP leadership convention, and the same technology is coming to our Nova Scotia municipal elections. Jesse Hirst says, its important that we get this right.
Link to audio --->>>
NDP leadership vote fiasco
NDP hunts for source of cyber-attack on electronic voting system
Party president Rebecca Blaikie said Sunday that party officials, vote auditors and Scytl – the high-tech Spanish company hired to secure the electronic voting system – are still working to determine who was responsible. --->>>
NDP leadership: Officials mum about source of cyber-attack meant to disrupt online voting
New Democrats remained tight-lipped Sunday about the cyber-attack that kept the country waiting for hours at Saturday’s leadership convention.
Party brass refused to disclose the source of two Internet Protocol addresses that they say perpetrated an attack meant to disrupt its online voting system ...
Barbara Simons, a former advisory board member on the U.S. Election Assistance Commission and co-author of the forthcoming book, Broken Ballots: Will Your Vote Count?, called on the NDP to conduct a public review of the fiasco.
“They really should have an investigation by an independent group of computer security experts, and they should make the results of the investigation public,” Simons said on the phone from California. --->>>
Party president Rebecca Blaikie said Sunday that party officials, vote auditors and Scytl – the high-tech Spanish company hired to secure the electronic voting system – are still working to determine who was responsible. --->>>
NDP leadership: Officials mum about source of cyber-attack meant to disrupt online voting
New Democrats remained tight-lipped Sunday about the cyber-attack that kept the country waiting for hours at Saturday’s leadership convention.
Party brass refused to disclose the source of two Internet Protocol addresses that they say perpetrated an attack meant to disrupt its online voting system ...
Barbara Simons, a former advisory board member on the U.S. Election Assistance Commission and co-author of the forthcoming book, Broken Ballots: Will Your Vote Count?, called on the NDP to conduct a public review of the fiasco.
“They really should have an investigation by an independent group of computer security experts, and they should make the results of the investigation public,” Simons said on the phone from California. --->>>
Sunday, March 25, 2012
E-vote delays snarl leadership vote; firm under scrutiny
E-vote delays snarl leadership vote; firm under scrutiny
The Spanish company hired to oversee online voting in the NDP leadership contest Saturday found itself under scrutiny when its system failed dramatically, causing hours of delay for e-voters across the country. --->>>
Also: NDP says it knows IP addresses it has linked to cyber-attack
The Spanish company hired to oversee online voting in the NDP leadership contest Saturday found itself under scrutiny when its system failed dramatically, causing hours of delay for e-voters across the country. --->>>
Also: NDP says it knows IP addresses it has linked to cyber-attack
Wednesday, December 21, 2011
Internet Identity Releases Its Top 5 Enterprise IT Security Predictions for the Coming Year (Press Release)
Online Voting, London Olympics and Infrastructure Cyber Attacks Top IID Internet Security Threats for 2012
IID (Internet Identity), a provider of technology and services that help organizations secure their Internet presence, today released its predictions of the top Internet security trends for 2011. Highlighted areas of concern surround online voting, the London Summer Olympics and exploits of enterprise infrastructure.
"Cyber criminals have gotten much smarter about capitalizing on current events to swindle victims. In this sense, cyber criminals are acting just as much like psychologists and pollsters as thieves," said IID president and CTO Rod Rasmussen. "In 2012, there are several events that cybercriminals have had years to prepare for." --->>>
IID (Internet Identity), a provider of technology and services that help organizations secure their Internet presence, today released its predictions of the top Internet security trends for 2011. Highlighted areas of concern surround online voting, the London Summer Olympics and exploits of enterprise infrastructure.
"Cyber criminals have gotten much smarter about capitalizing on current events to swindle victims. In this sense, cyber criminals are acting just as much like psychologists and pollsters as thieves," said IID president and CTO Rod Rasmussen. "In 2012, there are several events that cybercriminals have had years to prepare for." --->>>
Friday, November 11, 2011
Internet voting: Exactly what the 99% needs
Internet voting: Exactly what the 99% needs
Why is internet voting so slow to take off? Security is one aspect — after 100 years of refining the paper-and-pen approach, it’s understandable that some states would be apprehensive about switching to that terrifying, publicly-owned entity that is the internet — but as Estonia has shown, with ID cards that also act as public key encryption smart cards, it’s possible to create a secure internet voting platform. --->>>
Why is internet voting so slow to take off? Security is one aspect — after 100 years of refining the paper-and-pen approach, it’s understandable that some states would be apprehensive about switching to that terrifying, publicly-owned entity that is the internet — but as Estonia has shown, with ID cards that also act as public key encryption smart cards, it’s possible to create a secure internet voting platform. --->>>
Thursday, November 10, 2011
Can internet voting boost turnout without risk?
Can internet voting boost turnout without risk?
Since various appeals to democratic principles have failed to move people off their couches to vote, some governments are considering internet voting to try and increase voter turnout. --->>>
Since various appeals to democratic principles have failed to move people off their couches to vote, some governments are considering internet voting to try and increase voter turnout. --->>>
Wednesday, November 2, 2011
Researchers propose simple fix to thwart e-voting attack
Researchers propose simple fix to thwart e-voting attack
Researchers have devised a simple procedure that can be added to many electronic voting machine routines to reduce the success of insider attacks that attempt to alter results.
The approach, laid out in a short research paper (PDF), augments the effectiveness of end-to-end verifiable election systems, such as the Scantegrity and the MarkPledge. They're designed to generate results that can be checked by anyone, by giving each voter a receipt that contains a cryptographic hash of the ballot contents. --->>>
See also: E-voting remains insecure, despite paper trail
Microsoft Research has revealed a potential flaw in verifiable e-voting machines through which fraudsters could easily use discarded ballot receipts as a guide for altering votes. Fortunately, the researchers also offered a solution -- linking new receipts to previous ones with cryptographic hashes -- but that alone won't make e-voting entirely secure, they cautioned. --->>>
Researchers have devised a simple procedure that can be added to many electronic voting machine routines to reduce the success of insider attacks that attempt to alter results.
The approach, laid out in a short research paper (PDF), augments the effectiveness of end-to-end verifiable election systems, such as the Scantegrity and the MarkPledge. They're designed to generate results that can be checked by anyone, by giving each voter a receipt that contains a cryptographic hash of the ballot contents. --->>>
See also: E-voting remains insecure, despite paper trail
Microsoft Research has revealed a potential flaw in verifiable e-voting machines through which fraudsters could easily use discarded ballot receipts as a guide for altering votes. Fortunately, the researchers also offered a solution -- linking new receipts to previous ones with cryptographic hashes -- but that alone won't make e-voting entirely secure, they cautioned. --->>>
Friday, October 28, 2011
Online Voting: Security Issues Remain A Major Hurdle - The Hartford Courant
Online Voting: Security Issues Remain A Major Hurdle
Allowing citizens to cast ballots online would increase participation in elections and make democracy more accessible.
But don't expect to vote on your iPhone in Connecticut anytime soon; the technology just isn't there to ensure secure elections, said several experts who participated in a panel discussion at Central Connecticut State University Thursday night hosted by Secretary of the State Denise Merrill. --->>>
Allowing citizens to cast ballots online would increase participation in elections and make democracy more accessible.
But don't expect to vote on your iPhone in Connecticut anytime soon; the technology just isn't there to ensure secure elections, said several experts who participated in a panel discussion at Central Connecticut State University Thursday night hosted by Secretary of the State Denise Merrill. --->>>
Wednesday, September 28, 2011
Argonne researchers 'hack' Diebold e-voting system
Argonne researchers 'hack' Diebold e-voting system
Computerworld - Researchers at the Argonne National Laboratory this week showed how an electronic voting machine model that's expected to be widely used to tally votes in the 2012 elections can be easily hacked using inexpensive, widely-available electronic components. --->>>
Computerworld - Researchers at the Argonne National Laboratory this week showed how an electronic voting machine model that's expected to be widely used to tally votes in the 2012 elections can be easily hacked using inexpensive, widely-available electronic components. --->>>
Friday, July 8, 2011
Lessons From Estonia: Preparing for a Major Cyberattack
Lessons From Estonia: Preparing for a Major Cyberattack
In the spring of 2007, Estonia became the first nation to face a coordinated, nationwide cyberattack when a series of electronic bombardments struck down media, telecommunications, government, and banking websites. Digital traffic from servers as far away as Peru, Vietnam, and the United States flooded Estonian websites, drowning them in superfluous data. --->>>
In the spring of 2007, Estonia became the first nation to face a coordinated, nationwide cyberattack when a series of electronic bombardments struck down media, telecommunications, government, and banking websites. Digital traffic from servers as far away as Peru, Vietnam, and the United States flooded Estonian websites, drowning them in superfluous data. --->>>
Thursday, December 2, 2010
eVOTZ: Mobilizing Voters | Inside GNSS
eVOTZ: Mobilizing Voters | Inside GNSS:
According to eVOTZ founder Elliot Klein, the winning application in the North American portion of the European Satellite Navigation Competition (ESNC) is designed to solve the problems of authentication and verification that have stalled previous attempts to create a secure and trustworthy e-voting solution.
By combining GNSS, cell-ID triangulation and social-media integration, eVOTZ brings business opportunities while promoting the common good by putting elections technology literally into the palms of voters. --->>>
eVOTZ Website
According to eVOTZ founder Elliot Klein, the winning application in the North American portion of the European Satellite Navigation Competition (ESNC) is designed to solve the problems of authentication and verification that have stalled previous attempts to create a secure and trustworthy e-voting solution.
By combining GNSS, cell-ID triangulation and social-media integration, eVOTZ brings business opportunities while promoting the common good by putting elections technology literally into the palms of voters. --->>>
eVOTZ Website
Friday, October 15, 2010
Online Voting Is Becoming More Common, But Is It Safe? - TIME
Online Voting Is Becoming More Common, But Is It Safe? - TIME:
Will Online Voting Turn Into an Election Day Debacle?
By Alex Altman
Will Online Voting Turn Into an Election Day Debacle?
By Alex Altman
Wednesday, October 13, 2010
Hacking Into Washington’s Online Voting Experiment - NYTimes.com
Hacking Into Washington’s Online Voting Experiment - NYTimes.com:
Hackers infiltrated the District of Columbia’s online voting system last week. They changed all votes for mayor to Master Control Pro and elected HAL 9000 the council chairman. The blaring University of Michigan fight song played whenever a new ballot was successfully cast. --->>>
Hackers infiltrated the District of Columbia’s online voting system last week. They changed all votes for mayor to Master Control Pro and elected HAL 9000 the council chairman. The blaring University of Michigan fight song played whenever a new ballot was successfully cast. --->>>
Online vote safe from hackers, city says - Peterborough Examiner - Ontario, CA
Online vote safe from hackers, city says - Peterborough Examiner - Ontario, CA:
Nancy Wright-Laking, also the city clerk, said the online voting system was put to the test, with professional 'hackers' called in to try to penetrate its defences.
'This firm was invited to 'break' the system,' she said. 'They couldn't do it.' --->>>
Nancy Wright-Laking, also the city clerk, said the online voting system was put to the test, with professional 'hackers' called in to try to penetrate its defences.
'This firm was invited to 'break' the system,' she said. 'They couldn't do it.' --->>>
Wednesday, May 26, 2010
Cracked: the problem of sharing encrypted databases | Security | News | PC Pro
Cracked: the problem of sharing encrypted databases | Security | News | PC Pro
Data handlers could soon collaborate on encrypted databases without revealing their secrets, following a homomorphic cryptography breakthrough by scientists at the University of Bristol. ...
... The work makes practical a theory put forward by IBM last year. The researchers claim potential applications for the technology are wide-ranging, involving any aspect of technology where privacy and collaboration are equally important.
Data handlers could soon collaborate on encrypted databases without revealing their secrets, following a homomorphic cryptography breakthrough by scientists at the University of Bristol. ...
... The work makes practical a theory put forward by IBM last year. The researchers claim potential applications for the technology are wide-ranging, involving any aspect of technology where privacy and collaboration are equally important.
They say the system could be used in medical research, with hospitals or drug companies performing statistical calculations on shared databases without revealing information about individual patients.
Alternatively, the homomorphic cryptology could improve security in electronic voting. Constituents would encrypt their votes and the returning officer could compute the outcome while maintaining voter privacy.
Wednesday, May 19, 2010
BBC News - US scientists 'hack' India electronic voting machines
BBC News - US scientists 'hack' India electronic voting machines
Scientists at a US university say they have developed a technique to hack into Indian electronic voting machines. --->>>
Scientists at a US university say they have developed a technique to hack into Indian electronic voting machines. --->>>
Wednesday, April 21, 2010
Safer Swiping While Voting And Globetrotting
Safer Swiping While Voting And Globetrotting:
A new study from Prof. Avishai Wool of Tel Aviv University's School of Electrical Engineering finds serious security drawbacks in chips that are being embedded in credit, debit and 'smart' cards. The vulnerabilities of this electronic approach — and the vulnerability of the private information contained in the chips — are becoming more acute. Using simple devices constructed from $20 disposable cameras and copper cooking-gas pipes, Prof. Wool and his students Yossi Oren and Dvir Schirman have demonstrated how easily the cards' radio frequency (RF) signals can be disrupted. The work will be presented at the IEEE RFID conference in Orlando, FL, this month.
full article ...
A new study from Prof. Avishai Wool of Tel Aviv University's School of Electrical Engineering finds serious security drawbacks in chips that are being embedded in credit, debit and 'smart' cards. The vulnerabilities of this electronic approach — and the vulnerability of the private information contained in the chips — are becoming more acute. Using simple devices constructed from $20 disposable cameras and copper cooking-gas pipes, Prof. Wool and his students Yossi Oren and Dvir Schirman have demonstrated how easily the cards' radio frequency (RF) signals can be disrupted. The work will be presented at the IEEE RFID conference in Orlando, FL, this month.
full article ...
Subscribe to:
Posts (Atom)
Posts
