How to Hack the Vote and Steal the Election
divisionbyzero writes "Many people have asked for it so that the government will have to deal with it. So here it is: a guide to stealing an election that uses electronic voting machines written by Jon Stokes over at Arstechnica.
From the article:
"In all this time, I've yet to find a good way to convey to the non-technical public how well and truly screwed up we presently are, six years after the Florida recount. So now it's time to hit the panic button: In this article, I'm going to show you how to steal an election.""
Or is it more unethical to have access to information that threatens us all and not say anything for fear that some "bad guy" might use it against us? The truth is that some "bad guy" is already sitting around thinking up ways to to use the information or writing the information down for himself from scratch. Security through obscurity never works for long.
You're correct in saying that Security through obscurity never works but the question is what is the correct way to approach a security problem?
Personally, I think that broadcasting the information is a highly risky approach and should only be done after you've exausted most private channels; for example, if you knew of a factoring method that made 1 in 16 RSA keys insecure it would make more sense to contact RSA and inform them of this weeks/months before you publish the method because it will take time for them to adapt their system.
The reality is that it will take less time for a hacker to take advantage of a potential exploit then it will for a company to fix an exploit so you should give a company the opportunity to fix the problem before you announce it to the world.