Siguranta votarii prin Internet
Vroiam sa scriu o insemnare mai lunga pe o cu totul alta tema, dar pentru ca deja e tirziu, ma multumesc sa comentez un pic un articol despre e-voting scris pentru EDRi-gram.
O discutie mai putin existenta in Romania, dar foarte spinoasa in strainatate este implicarea masinilor in procesul electoral. Si nu sunt masini de curse, ci de calcul.
Din pacate, exact cind se ajunge ca ele sa fie folosite in 90% dintre circumscriptii, se descopera niste lacune de securitate de niste oamenii care nu au altceva mai bun de facut decit sa le gaseasca bug-uri.
Un grup numit chiar " Nu avem incredere in votul electronic " a aratat live la Televiziunea Nationala Olandeza cum se poate sparge softul acestora.
Mai mult, au descoperit si cum o astfel de masina permite emiterea unor radiatii care iti pot spune cine cu cine a votat. (nu stiu de ce, dar imi aduc aminte de povestile cu votarea in perioada interbelica, cind - daca nu-i votai pe cei care ti-au dat bani - iti presara un binevoitor faina pe spate si te asteaptau haldamacii afara sa te intrebe de sanatate) :)
Vezi si un filmulet cu captarea radiatiilor
http://www.youtube.com/watch?v=B05wPomCjEY
Vezi si analiza de securitate a sistemelor facuta de olandezi ( e in engleza)
http://www.wijvertrouwenstemcomputersniet.nl/images/9/91/Es3b-en.pdf
Mai jos - daca va intereseaza gasiti tot articolul.
European e-voting machines cracked by Dutch group
11 October, 2006
ยป
Electronic voting
The voting computers used to cast 90% of the votes in Netherlands were cracked by a Dutch Group called "Wij vertrouwen stemcomputers niet" (We do not trust voting computers).
In a live public show on 4 October 2006 on the Dutch television channel Nederland 1, the group proved how the control program of such a voting machine - called Nedap/Groenendaal ES3B - could be replaced by exchanging 2 EPROMS on the board. The entire demonstration lasted less than 5 minutes.
The demonstration was followed by a public report released on 6 October that explains how the program works, how the software was created and how they can gain complete control over the election results. It is almost impossible for election monitors or voters to detect any change. Moreover, it also shows how the group discovered that radio emanations from an unmodified ES3B can be received at several meters distance and be used to tell who votes what.
The report comes at a delicate moment, with just one month and a half before the Parliamentary elections in Netherlands where the e-voting machines should be extensively used. The same computer voting is also being used in parts of Germany and France, with minor modifications.
Use of this machine in Ireland is now on hold after significant doubts were raised. Colm MacCarthaigh from Irish Citizens for Trustworthy E-voting, after looking at the compromised Nedap machines, said that : "The attack presented by the Dutch group would not need significant modification to run on the Irish systems".
Maurice Wessling, of Wij vertrouwen stemcomputers niet, underlined: "Compromising the system requires replacing only a single component, roughly the size of a stamp, and is impossible to detect just by looking at the machine".
After the Irish reaction, the German NGO Computer Chaos Club has also asked for a ban on this e-voting machine, considering that it does not meet the basic standard of the German law.
The Dutch report showed flaws similar to those discovered in Diebold Election Systems Inc.'s touch-screen voting machine, by Edward Felten, director of Princeton University's Center for Information Technology Policy. The flaws were presented in a public report released in September 2006 - Security Analysis of the Diebold AccuVote-TS Voting Machine.
"We do not trust voting computers" Foundation
http://www.wijvertrouwenstemcomputersniet.nl/Nedap-en
Nedap/Groenendaal ES3B - voting computer a security analysis (6.10.2006)
http://www.wijvertrouwenstemcomputersniet.nl/images/9/91/Es3b-en.pdf
Dutch citizens group cracks Nedap's voting computer (7.10.2006)
http://www.webwereld.nl/articles/43217/flaws-found-in-european-voting-...
E-voting machines successfully hacked (5.10.2006)
http://www.siliconrepublic.com/news/news.nv?storyid=single7158
Dutch citizens group cracks Nedap's voting computer (6.10.2006)
http://www.heise.de/english/newsticker/news/79106
Computer Chaos Club demands prohibition of voting computers in Germany (5.10.2006)
http://www.ccc.de/updates/2006/wahlcomputer
Security Analysis of the Diebold AccuVote-TS Voting Machine(13.09.2006)
http://itpolicy.princeton.edu/voting/
