Tuesday, November 28, 2006
let's have a discussion
Adam asserts that I have
But Adam, you haven't responded to a single issue that I raised.
I welcome all perspectives, provided they are fact-based.
In particular, I invite realistic threat-risk assessments, cost assessments, and cultural assessments.
Let us take Internet voting.
1. Is the code open-source?
2. Has the code been audited by neutral computer security experts?
3. Where are the servers?
4. How are the servers protected?
5. Has the server security been audited by neutral computer security experts?
6. Who pays to protect the servers and the code for the thousands of days during which they are not being used for municipal elections?
7. Who wrote the code?
8. Have they all passed an independent security certification?
9. Do they have ties to any particular political party or other organization that might have an interest in the outcome of the election?
10. How do you mitigate the risk of paying or forcing someone to vote in the way you want, as you watch them on the Internet?
11. How do you mitigate the risk of the massively insecure home computers that are used for Internet voting?
12. When the full costs of security audits and thousands of days of security protection are taken into account, in order to provide a single day of municipal voting, how do you justify the expense?
There's a dozen questions. I have way more where those came from.
I challenge anyone to answer.
a very disturbing and one sided perspective
But Adam, you haven't responded to a single issue that I raised.
I welcome all perspectives, provided they are fact-based.
In particular, I invite realistic threat-risk assessments, cost assessments, and cultural assessments.
Let us take Internet voting.
1. Is the code open-source?
2. Has the code been audited by neutral computer security experts?
3. Where are the servers?
4. How are the servers protected?
5. Has the server security been audited by neutral computer security experts?
6. Who pays to protect the servers and the code for the thousands of days during which they are not being used for municipal elections?
7. Who wrote the code?
8. Have they all passed an independent security certification?
9. Do they have ties to any particular political party or other organization that might have an interest in the outcome of the election?
10. How do you mitigate the risk of paying or forcing someone to vote in the way you want, as you watch them on the Internet?
11. How do you mitigate the risk of the massively insecure home computers that are used for Internet voting?
12. When the full costs of security audits and thousands of days of security protection are taken into account, in order to provide a single day of municipal voting, how do you justify the expense?
There's a dozen questions. I have way more where those came from.
I challenge anyone to answer.
Comments:
Post a Comment