Thursday, February 26, 2004

A brief news item in Information Security magazine: Data Assurance: E-Voting Still Up for Grabs

With the presidential primaries underway, the security of electronic voting still hangs like a chad in the political air.

For months now, computer security experts have butted heads with state and federal elections officials over how best to assure tamperproof e-ballots without creating voting chaos, as was the case with paper-and-punch-hole votes during the 2000 presidential election that led to the reforms.

But just as more citizens anticipate voting booths with touch screens, rather than tilting levers, much remains uncertain about the security of e-voting data and whether cash-strapped municipalities can meet recommended, potentially costly security standards.

Diluting confidence was last month's admission from VoteHere Inc., a Washington-based company that develops security technology for election voting, that sensitive software blueprints were stolen during an attack last fall. That intrusion may be linked to the March 2003 theft of source code from Diebold Election Systems of Ohio, which was broadcast on the Internet and found to contain serious security vulnerabilities.

At a recent symposium sponsored by the National Institute of Standards and Technology, security experts advocated better products -- not just procedures -- to ensure accurate and auditable e-votes.

"Good procedures are no excuse for deploying machines that are grossly insecure," says Avi Rubin, technical director for Johns Hopkins University's Information Security Institute.
Comments: Post a Comment

<- Older Posts - Newer Posts ->

This page is powered by Blogger. Isn't yours?