Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Diebold Global Election Management System (GEMS) Backdoor Account

from [Chris Paget] Network Security [Permanent Link]
Subject: Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes
Date: Mon, 27 Sep 2004 18:43:09 +0100 
On Sun, 26 Sep 2004 11:26:04 +0200, Yoav Nir wrote:

Voter verification has many pitfalls, as I can't think of anything that will
allow a voter to verify his vote was correctly counted without allowing him
to prove how he voted to an evil vote-buyer.


Relatively simple, actually.  When the vote is cast, it is printed out
and scrolled past a clear window before being stored (presumably on a
roll somewhere).  The voter can see the recorded vote, but doesn't get
a copy of it so they can't prove how they voted (and hence sell their
vote).  Admittedly, you could take a digital photo, but that same
method could be used to prove how you voted using any system.

There are solutions to the problems of electronic voting, see
http://everyonecounts.com/downloads/May2003Pilots.pdf for moderately
technical info of the solutions trialled by the UK in the 2003 local
government elections.  AFAIK there has been no controversy over the
accuracy or reliability of these systems (other than the usual
scare-mongering FUD); if anyone knows of any resources which dispute
that I'd be interested to hear of them.

Chris

-- 
Chris Paget
ivegotta@tombom.co.uk
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  iDEFENSE Security Advisory 09.29.04 - Macromedia JRun 4 mod_jrun Apache Module Buffer Overflow Vulnerability, customer service mailbox
Previous by Thread:  RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes, Yoav Nir
Next by Thread:  RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes, Reed, Phillip C. (LNG-DAY)
Indexes:  [Date] [Thread] [Top] [All Lists]