Submission + - The city of Edmonton invite hackers to crack their voting system (edmonton.ca) 6
AchilleTalon writes: "2012 Jellybean Internet Voting Election
Offering Edmonton electors an Internet voting option will depend on the results of the 2012 Jellybean Internet Voting Election (Jellybean Election), a mock election being conducted by the City this fall. The purpose of the Jellybean Election is two-fold:
1 To gauge the readiness of Edmontonians to use internet voting as a valid alternative in the 2013 General Election
2 To test the technology and ensure the internet voting system meets the City’s expectations for voter privacy, security, auditability and usability."
Offering Edmonton electors an Internet voting option will depend on the results of the 2012 Jellybean Internet Voting Election (Jellybean Election), a mock election being conducted by the City this fall. The purpose of the Jellybean Election is two-fold:
1 To gauge the readiness of Edmontonians to use internet voting as a valid alternative in the 2013 General Election
2 To test the technology and ensure the internet voting system meets the City’s expectations for voter privacy, security, auditability and usability."
Anyone in Canada can "vote" (Score:2)
I've gone & closed the Edmonton voting web site so don't have a direct copy/paste quote handy, but it's open to anyone in Canada that wants to vote.
The refer to the attack on the Washington, DC voting system that finalized by playing the Michigan State "fighting song" in the linked-to page too.
I'm normally dead-set against online voting, but in this instance they seem to have most all the bases covered (document retention vs privacy legislation, etc.). Except hacking the centralized voting storage once
Re: (Score:2)
I don't see it like that.
Re: (Score:2)
I don't see it like that.
Good points - that's how I feel too - count them by hand under supervision - works just fine.
Plus if someone can't be bothered to travel the short distance to the polling station, I don't feel their vote is worth much. The elderly seem to never miss an opportunity to vote.
However, I feel people like us won't be winning this battle, so Edmonton appears to be handling it well.
Except the central vote repository -- how safe is that?
Re: (Score:2)
What about a DDOS that may deny the right to vote to thousands eligibles voters?
What about the custom security (cryptographic) system? Who can examine the code to make sure privacy is ensured. To make sure it is really secure? It is notorious and well documented that most people trying to write their own crypto-security protocols lamentably failed and inevitably missed some exploit in their code, system, implementation.
What about a client-side attacks? Virii?
What about security of authentication procedure
Re: (Score:2)
What about a DDOS that may deny the right to vote to thousands eligibles voters?
What about the custom security (cryptographic) system? Who can examine the code to make sure privacy is ensured. To make sure it is really secure? It is notorious and well documented that most people trying to write their own crypto-security protocols lamentably failed and inevitably missed some exploit in their code, system, implementation.
What about a client-side attacks? Virii?
What about security of authentication procedure? Can someone forge himself a valid identity? Steal his neigbhor's identity?
What about stealed vote by other family members? Spouse, relative, parent, even an employer forcing you to vote front of them?
I agree with your points and add vote buying to them.
But, I think we're going to lose this battle in a few years when a significant number of older people can be expected to have internet connections (and I also expect polling stations to run concurrently for the first few elections).
Keeping in mind that I fear internet voting is inevitable, it appears that Edmonton is doing a better job than Diebold voting machines or a hefty contract going to Microsoft, although source code auditing and central repo hacki
Re: (Score:2)