Slashdot Mirror

← Back to Stories (view on slashdot.org)

Florida County Asks Students To Crack Elections

Posted by ryuzaki0 on from the redesigning-the-design-phase dept.

imAck writes: "After the election fiasco last year in Florida, many have discussed the possibilities of using a computerized voting system to replace the old punch-card ballot system. Florida's Broward county is considering buying a $20 million dollar computerized touchscreen system to handle future elections. What makes the story interesting is how they are planning to test the system for security holes. The county plans on holding mock elections in high schools and at senior citizen communities. They are actually asking the students to try and hack into the system during the mock elections to learn of possible security issues." I wonder if Broward County would look into spending their money on hardware and supporting development of the GNU Project's existing electronic voting software.

5 of 370 comments (clear)

  1. Re:This could still work by uebernewby · · Score: 3, Informative

    Maybe, but I still think that voting software is the one example of software that would probably benefit from being closed source and taking the "security through obscurity" approach. Face it: this kind of software will only be used once every two or four years (I don't know how often you Americans vote, it sometimes seems as if there's someone to be voted into some office or other every year, if not more), no one, not malicious script kiddies, not dedicated hackers will get anywhere near the software, so provided the people in charge of it are trustworthy, there will never (almost, anyways) be a problem with security, as all people see is the buttons you push, not the underlying code.

    Of course you could also argue that since it's really hard to actually get to the software and fuck with it, it doesn't matter that the source code is open for public scrutiny (malicious or not). So either way, it doesn't make much difference.

    Maybe a better approach would be to actually "prove" that the software is faultless. A guy I know took a course in university where they were taught to prove the correctness and bug-free-ness of certain algorithms - wouldn't voting software be simple enough for it to be possible to do this? I don't know, maybe someone who does could shed some light on whether or not this is possible ...

    --

    News and bla for computer musicians: http://lomechanik.net/
  2. Re:Good to see that college education working for by diablovision · · Score: 5, Informative
    I thought I sensed a hint of sarcasm in your first sentence, but I guess you really believe what you are saying. Do you really think that this is such a wonderful security measure? A hacker challenge? How about a provably secure system, based on formal methods?

    Let's review why black-box testing is a weak form of testing:
    1. Just because no one finds an exploit doesn't mean the system is secure.
    2. If someone discovers a flaw, it may in fact be more lucrative for them to keep it a secret and exploit it later.

    If you were a malicious group wanting to cause havoc in America, do you think you would enter a "hacker challenge" to demonstrate flaws in a system, then reveal the flaws for a moderate compensation, or do you think you would wait quietly until the system was deployed, at which point you could massively influence the elections through the flaw you discovered?
    --
    120 characters isn't enough to explain it.
  3. Electronic Direct Democracy by smagruder · · Score: 3, Informative

    Also note the EDD initiatives forming here and here.

    --
    Steve Magruder, Metro Foodist
  4. Re:Some people love to make things complicated by RelliK · · Score: 3, Informative
    You obviously didn't pay attention to our last election.

    I did. Canadian election happened on November 27 (several weeks after US) and we knew the results the next morning (several weeks before US). The entire country used paper ballots which you mark with pencil and drop in the box. No pregnant chads. No butterfly ballots. No punchcards. No nonsense.

    --
    ___
    If you think big enough, you'll never have to do it.
  5. Re:Some people love to make things complicated by Platinum+Dragon · · Score: 5, Informative

    You obviously didn't pay attention to our last election.

    No, but he might have paid attention to the Canadian election that took place in a single night, Nov. 27, while the US was still trying to decide what a dimpled chad signified, and whether a full recount was really worth it.

    In my opinion (you didn't ask, but you're getting it anyway:), every vote should have been counted, and if there was any ambiguity in the vote, toss it. Lesson learned; don't use overly complicated voting systems. Seriously, what's the problem with having the names lined up on one side, and the marking points on the other? Who the drizzling shit came up with those 50 000 different voting systems, anyway? Doesn't anyone take that shit seriously enough to think that maybe, just maybe, voting systems should be consistent?

    Sorry for the rant; I just can't figure out how the country that's supposed to be a model of democracy gets itself in such a stupid mess in the first place.

    *walks away shaking head*

    --

    Someday, you're going to die. Get over it.