[LINK] E-voting fears run high as election day looms

Richard Chirgwin rchirgwin at ozemail.com.au
Thu Oct 30 07:42:43 EST 2008


Karl,

Where requirements preclude IP routing, network builders use some other
layer 3 technology and choose layers 1 and 2 to suit their needs. Examples:
- When AARNET built a network to interconnect radio telescopes in six
countries, it didn't just use "fast Internet connections". It ran STM-1s
to all sites in a star configuration.
- Air traffic control doesn't like jitter - "QF 12 is somewhere in this
10 km radius, sorry the latency just went through the roof". So airports
don't use the Internet for transmitting radar data.

I agree that the Internet and other comms both use the same layer one
links. It's the public shared resource at layer three that, in my
opinion, renders the public Internet unsuitable for electoral purposes.
While there is no discernable difference at layer one and two, if you
need verifiable, explicable demonstration of non-interference,
non-interception, and absolute privacy of the votes, then I would prefer
a private network.

Karl Auer wrote:
> On Wed, 2008-10-29 at 18:06 +1100, Richard Chirgwin wrote:
>   
>> OK, I'll be more specific and design the network. It would look like a
>> defense network; clear-channel tails to secured NTUs, with no interface
>> to any public network. No, the risks are not greater, because the public
>> has no access - no dial-in, no Internet-accessible routers, and so on.
>>     
>
> My point is just that all the connectivity runs, physically, *right
> beside* the fibres and copper wires carrying the Internet's traffic.
> Just as breachable, in other words. Interrupting it is easy; modifying
> it in transit is harder but doable. Unless the traffic is encrypted of
> course. And here we are back where we started.
>   
Not quite. If we eliminate vulnerabilities at layer three, we still have
to ensure the integrity of the lower layers; there I agree. Layer one
versus layer three...
>   
>> No, it's not. If I say "there is a direct link between the poll
>> collection centre in Broken Hill and Canberra", that is comprehensible.
>>     
>
> It's a lot of money to spend on making the ignorant feel more
> comfortable without actually being any better off. 
Let's leave aside "without being better off" and concentrate on spending
money making the ignorant feel comfortable.

Not understanding how telecommunications networks and the Internet
function is not a serious form of ignorance. It's possible to be
intelligent and well-informed, without understanding that a
mis-programmed route advertisement in another country can seriously
affect the handling of your data packets (as happened earlier this year,
when such a mistake sent lots of data down a black hole in - I think -
Pakistan).

As to "making people feel comfortable": That comfort is integral to the
electoral system. If the punters are uncomfortable - if, for example,
they're confronted with an incomprehensible and opaque technology as a
proposed "improvement" to paper-and-pencil, then democracy is
compromised. That's at the heart of my dislike for the e-voting cargo
cult: too many parts of it are not transparent. Too many people are
blithe about turning over the machinery of democracy to the small circle
of those who understand technology.

Which leaves me, personally, where I started: paper votes meet the
requirements of the application; electronic votes do not; therefore
paper votes are the right solution.

RC
> If people ask how the
> data going over the Internet is secured, let's just say say "it's
> transmitted, encrypted for security, straight from the polling booth to
> the tally room".
>
> Data integrity lies in encryption. The integrity of the communications
> medium itself is, in this country as in the US, largely unaddressed.
>
> In fact, satellite comms would probably be a better choice for an
> election - expensive, but briefly so, so not very pricey at all in
> absolute terms. All encrypted of course :-)
>
> Regards, K.
>
>   



More information about the Link mailing list