[LINK] E-voting fears run high as election day looms
rchirgwin at ozemail.com.au
Wed Oct 29 18:06:59 EST 2008
Karl Auer wrote:
> On Wed, 2008-10-29 at 17:14 +1100, Richard Chirgwin wrote:
>> Exposing electoral machines to the Internet is also a risk; what if that
>> overlooked-but-important buffer overrun gets its zero-day exploit on
>> election day?
> The same is true of any network you care to use. In fact, the chances
> are far, far greater that a purpose-built network would fail in such a
> way than that the Internet would, because there are millions of people
> testing the Internet all the time.
OK, I'll be more specific and design the network. It would look like a
defense network; clear-channel tails to secured NTUs, with no interface
to any public network. No, the risks are not greater, because the public
has no access - no dial-in, no Internet-accessible routers, and so on.
There's this assumption abroad that such networks no longer exist, only
because they're low-awareness.
>> And finally, there's the matter of transparency (again). Citizens need
>> to be able to understand what's going on, and (frankly) the world of
>> Internet security models can even glaze-over experts.
> This is, again, just as true for any purpose-built network.
No, it's not. If I say "there is a direct link between the poll
collection centre in Broken Hill and Canberra", that is comprehensible.
If I say "I have a secured Internet connection using an IPsec VPN client
at the polling centre, with access managed in a Radius server in
Canberra", then I've gone far beyond ordinary peoples' grasp.
>> The Internet is a wonderful creature, but that doesn't mean it's the
>> best tool for all possible applications.
> True. But in this particular case, it probably *is* the best tool. And
> quite apart from that, are you going to re-network the entire
> continental US (or wherever) just to allow safe voting? Nup; won't
I'm not proposing re-networking anything, Karl. The private network
technologies still exist, always did. They're still in the carriers'
product sheets; pay the price, and get the private network. For example,
to name such technologies in Telstra:
DDS - the Digital Data Service - is still on the tariff sheet.
X.163 - still on the tariff sheet.
Frame Relay - ditto.
The same stuff still lives in America. The network people are most aware
of is "the Internet", but it's not the only network and (gasp) probably
never will be (even if all the traffic on the private networks is
IP-based, it doesn't need a gateway to the public Internet).
> Regards, K.
More information about the Link