Re: The case for open-source software in elections

From: Ron Crane <voting_at_lastland_dot_net>
Date: Thu Feb 08 2007 - 00:24:02 CST

I agree with most of what you've written, and especially the Thompson
cite. But ballot printers are susceptible to more than just DoS attacks.
There are also presentation attacks (e.g., dropping candidates from the
ballot, rearranging the ballot, modulating the sensitivity of the
touch-screen depending upon the candidate being selected...), plain-old
misprinting attacks (depends on the voter not verifying her ballot, like
lots of voters won't), and ballot spoofing attacks, where the machine
produces a ballot that looks correct to humans, but that is printed so
that the scanner reads something other than what the voter intended (can
be detected by hand audits, but who does those?).

And VVPAT machines are susceptible to worse attacks, like
http://vote.nist.gov/threats/PaperTrailManipulationIII1.pdf .

-R
_______________________________________________
OVC-discuss mailing list
OVC-discuss@listman.sonic.net
http://lists.sonic.net/mailman/listinfo/ovc-discuss
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Wed Feb 28 23:17:13 2007

This archive was generated by hypermail 2.1.8 : Wed Feb 28 2007 - 23:17:27 CST