Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Canada

+ - The city of Edmonton invite hackers to crack their voting system-> 6

Submitted by
AchilleTalon
AchilleTalon writes "2012 Jellybean Internet Voting Election

Offering Edmonton electors an Internet voting option will depend on the results of the 2012 Jellybean Internet Voting Election (Jellybean Election), a mock election being conducted by the City this fall. The purpose of the Jellybean Election is two-fold:

1 To gauge the readiness of Edmontonians to use internet voting as a valid alternative in the 2013 General Election
2 To test the technology and ensure the internet voting system meets the City’s expectations for voter privacy, security, auditability and usability."

Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

The city of Edmonton invite hackers to crack their voting system

Comments Filter:
  • I've gone & closed the Edmonton voting web site so don't have a direct copy/paste quote handy, but it's open to anyone in Canada that wants to vote.

    The refer to the attack on the Washington, DC voting system that finalized by playing the Michigan State "fighting song" in the linked-to page too.

    I'm normally dead-set against online voting, but in this instance they seem to have most all the bases covered (document retention vs privacy legislation, etc.). Except hacking the centralized voting storage once

    • by ptaff (165113)

      they seem to have most all the bases covered

      I don't see it like that.

      • Where's the source code?
      • Even with this current cracking test and source code, how can we be sure the systems we use are the same now and in 2013?
      • What's so hard about counting votes by hand?
      • by Maow (620678)

        they seem to have most all the bases covered

        I don't see it like that.

        • Where's the source code?
        • Even with this current cracking test and source code, how can we be sure the systems we use are the same now and in 2013?
        • What's so hard about counting votes by hand?

        Good points - that's how I feel too - count them by hand under supervision - works just fine.

        Plus if someone can't be bothered to travel the short distance to the polling station, I don't feel their vote is worth much. The elderly seem to never miss an opportunity to vote.

        However, I feel people like us won't be winning this battle, so Edmonton appears to be handling it well.

        Except the central vote repository -- how safe is that?

        • What about a DDOS that may deny the right to vote to thousands eligibles voters?

          What about the custom security (cryptographic) system? Who can examine the code to make sure privacy is ensured. To make sure it is really secure? It is notorious and well documented that most people trying to write their own crypto-security protocols lamentably failed and inevitably missed some exploit in their code, system, implementation.

          What about a client-side attacks? Virii?

          What about security of authentication procedure

          • by Maow (620678)

            What about a DDOS that may deny the right to vote to thousands eligibles voters?

            What about the custom security (cryptographic) system? Who can examine the code to make sure privacy is ensured. To make sure it is really secure? It is notorious and well documented that most people trying to write their own crypto-security protocols lamentably failed and inevitably missed some exploit in their code, system, implementation.

            What about a client-side attacks? Virii?

            What about security of authentication procedure? Can someone forge himself a valid identity? Steal his neigbhor's identity?

            What about stealed vote by other family members? Spouse, relative, parent, even an employer forcing you to vote front of them?

            I agree with your points and add vote buying to them.

            But, I think we're going to lose this battle in a few years when a significant number of older people can be expected to have internet connections (and I also expect polling stations to run concurrently for the first few elections).

            Keeping in mind that I fear internet voting is inevitable, it appears that Edmonton is doing a better job than Diebold voting machines or a hefty contract going to Microsoft, although source code auditing and central repo hacki

            • I don't think auditing by CS&Math students is an acceptable deal. An election must be an open process, questionable and understandable by everyone elligible to vote. And I don't think there is actually a battle for internet voting out there. Very few people are asking for this to happen and many of them just don't trust the internet.

The only problem with being a man of leisure is that you can never stop and take a rest.

Working...