Mercurial Mercurial > hg > sen-material / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | gz | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
updated
authorChristian Urban <christian dot urban at kcl dot ac dot uk>
Sun, 23 Nov 2014 15:34:32 +0000
changeset 328 7ae9a893b76f
parent 327 03da67991ff0
child 329 b124fe3b0e39
updated
handouts/ho02.pdf file | annotate | diff | comparison | revisions
handouts/ho02.tex file | annotate | diff | comparison | revisions
hws/hw01.pdf file | annotate | diff | comparison | revisions
hws/hw01.tex file | annotate | diff | comparison | revisions 
Binary file handouts/ho02.pdf has changed
--- a/handouts/ho02.tex	Sat Nov 22 00:46:18 2014 +0000
+++ b/handouts/ho02.tex	Sun Nov 23 15:34:32 2014 +0000
@@ -58,12 +58,19 @@
       punch cards, now DREs and optical scan voting machines.
       But there is a lot of evidence that DREs and optical 
       scan voting machines are not as secure as they should
-      be.
+      be. Some states experiment with Internet voting, but
+      all experiments have been security failures.
 
 \item Estonia used since 2007 the Internet for national
       elections. There were earlier pilot studies for voting
       via Internet in other countries.
 
+\item The Australian parliament ruled in 2014 that e-voting is
+      highly vulnerable to hacking and will not use it any time
+      soon. That is because it is still not as secret and 
+      secure as paper ballots, the parliamentary committee 
+      in charge concluded.
+
 \item India uses e-voting devices since at least 2003. They
       use ``keep-it-simple'' machines produced by a
       government owned company.
@@ -470,13 +477,23 @@
 
 \noindent At the beginning she describes the complete break-in
 by the group of Alex Halderman at the try-out voting at
-Washington D.C. Halderman's amusing paper including pictures
-is at
+Washington D.C. Halderman's amusing paper about this break in 
+including pictures is at
 
 \begin{center}
 \url{https://jhalderm.com/pub/papers/dcvoting-fc12.pdf}
 \end{center}
 
+\noindent
+Two researchers from Galois, Inc., present an interesting 
+attack against home routers which silently alters pdf-based
+voting ballots. This shows that the vote submission via
+an unencrypted pdf-file is highly unsafe.
+
+\begin{center}
+\url{http://galois.com/wp-content/uploads/2014/11/technical-hack-a-pdf.pdf}
+\end{center}
+
 \end{document}
 
 %%% Local Variables: 
Binary file hws/hw01.pdf has changed
--- a/hws/hw01.tex	Sat Nov 22 00:46:18 2014 +0000
+++ b/hws/hw01.tex	Sun Nov 23 15:34:32 2014 +0000
@@ -32,6 +32,14 @@
 Think of ways how you can cheat in this exam? How would you defend
 against such cheats.
 
+\item Here is another puzzle where you can practice thinking like an
+  attacker: Consider modern car keys. They wirelessly open and close
+  the central locking system of the car. Whenever you lock the car,
+  the car ``responds'' by flashing the indicator lights. Can you think
+  of a security relevant purpose for that? (Hint: Imagine you are in
+  the business of stealing cars. What attack would be easier to
+  perform if the lights do not flash?)
+
 \item Explain what hashes and salts are. Describe how they can be used
   for ensuring data integrity and storing password information.
sen-material