Regarding tape security

From: Keith Copenhagen <k_at_copetech_dot_com>
Date: Fri Nov 12 2004 - 12:02:30 CST

Physical security is an arms race, We'll lose.

We shouldn't spend our design $$ for a system that can survive a meteor
hit (or perhaps closer to home, a suicide bomber or congressional
staffers). Nor should we be careless and allow just any chipanzee to
hack the record.

I've seen many safety systems defeated, procedures circumvented. The
thing that works is traceability and accountability.

What I think OVC can do for voting security is analyze the current
voting workflows, identify risky procedures and augment them with
alternative redundancy, and traceability via digital signing.

In the end it's the sunshine of open systems and open discussion that
will make us trust the results.

Think of the explosives storage at Al-Qaqaa military base is a good
example of best practices, You build a strong bunker that requires
intent to get into, and you put a hard to fake seal on it to detect

OVC is best served by avoiding money / security trade-offs, like the
truck tool boxes (or EVM enclosure) that lets you select and use any
after-market lock. Or archival materials, purchase low-end clay paper
rolls or last year's bargain CDs, they can't be used to recount this
election 204 years from now.

Sorry this turned into a bit of a ramble.
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Tue Nov 30 23:17:29 2004

This archive was generated by hypermail 2.1.8 : Tue Nov 30 2004 - 23:17:44 CST