Mercurial Mercurial > hg > sen-material / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | gz | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
updated
authorChristian Urban <christian dot urban at kcl dot ac dot uk>
Mon, 28 Sep 2015 00:00:45 +0100
changeset 386 3c69029f4a1c
parent 385 b7d055cf16e8
child 387 03d5c3df745e
updated
handouts/ho02.pdf file | annotate | diff | comparison | revisions
handouts/ho02.tex file | annotate | diff | comparison | revisions 
Binary file handouts/ho02.pdf has changed
--- a/handouts/ho02.tex	Fri Sep 25 17:37:07 2015 +0100
+++ b/handouts/ho02.tex	Mon Sep 28 00:00:45 2015 +0100
@@ -44,7 +44,8 @@
 \item The Netherlands between 1997--2006 had electronic voting
       machines, but ``hacktivists'' had found they can be
       hacked to change votes and also emitted radio signals
-      revealing how you voted.
+      revealing how you voted. Now e-voting has been abandoned
+      in the Netherlands.
 
 \item Germany conducted pilot studies with e-voting, but in
       2007 a law suit has reached the highest court and it
@@ -76,7 +77,10 @@
 
 \item India uses e-voting devices since at least 2003. They
       use ``keep-it-simple'' machines produced by a
-      government owned company.
+      government owned company. There was some trouble for
+      an Indian researcher after he and an international 
+      team of hackers showed that the devices are not 
+      as secure as the government claimed.
 
 \item South Africa used software for its tallying in the 1993
       elections (when Nelson Mandela was elected) and found
@@ -184,7 +188,7 @@
 for sure that elections were held in Athens as early as 600
 BC, but might even date to the time of Mesopotamia and also in
 India some kind of republics might have existed before the
-Alexander the Great invaded it. Have a look at Wikipedia about
+Alexander the Great invaded them. Have a look at Wikipedia about
 the history of democracy for more information. These elections
 were mainly based on voting by show of hands. While this
 method of voting satisfies many of the requirements stipulated
@@ -226,7 +230,9 @@
 voter. The voter uses this prefilled ballot to cast the vote,
 and then returns the empty ballot paper back to the attacker who now
 compensates the voter. The blank ballot can be reused for the
-next voter. 
+next voter. I let you ponder why it is important for this
+attack that the voter returns the empty ballot to the 
+attacker.
 
 To sum up, the point is that paper ballots have evolved over some time 
 and no single best method has emerged for preventing fraud.
@@ -311,7 +317,13 @@
 by the central government to obtain new voting equipment and
 in the process fell prey to pariahs which sold them a
 substandard product. Diebold was not the only pariah in this
-area, but one of the more notorious ones.
+area, but one of the more notorious ones.\footnote{An e-voting 
+researcher recently made a connection between the VW-exhaust
+scandal and e-voting: His argument is that it is very hard
+to test whether a program works correctly in a hostile
+environment. The program can often recognise when it is
+tested and behave correctly, but in the ``real test'' can 
+behave maliciously, just like the VW diesel engines.}
 
 Optical scan machines are slightly better from a security
 point of view but by no means good enough. Their main idea
@@ -366,7 +378,7 @@
 
 However, the weak spots in any Internet voting system are the
 voters' computers and the central server. Unfortunately, their
-system is designed such that they needs to trust the integrity
+system is designed such that they need to trust the integrity
 of voters’ computers, central server components and also the
 election staff. In 2014, a group of independent observers around
 Alex Halderman were able to scrutinise the election process in
@@ -444,21 +456,22 @@
 secrecy. This is different from online banking where the whole
 process is designed around authentication. If fraud occurs,
 you try to identify who did what (somebody’s account got zero;
-somewhere the money went). Even if there might be more 
-gigantic sums at stake in online banking than with voting,
-it can be solved. That does not mean there are no problems
-with online banking. But with enough thought, they can
-usually be overcome with technology we have currently. This
-is different with e-voting: even the best have not come
-up with something workable yet.
+somewhere the money went). Even if there might be more
+gigantic sums at stake in online banking than with voting, it
+can be made reasonably secure and fraud-safe. That does not
+mean there are no problems with online banking. But with
+enough thought, they can usually be overcome with technology
+we have currently. This is different with e-voting: even the
+best have not come up with something workable yet.
 
 
-This conclusion does not imply that in some special cases
-of Internet voting cannot be made to work securely. Just in a
+This conclusion does not imply that some special cases of
+Internet voting cannot be made to work securely. Just in a
 general election where stakes are very high, it does not work.
 For example a good-enough and workable in-lecture online
 voting system where students' votes are anonymous and students
-cannot tamper with the outcome, I am sure, can be implemented. 
+cannot tamper with the outcome, I am sure, can be implemented
+(see some of my MSc projects). 
 
 
 \subsubsection*{Further Reading}
sen-material