posted on May, 11 2008 @ 09:14 PM
This thread is too important to have such a poorly crafted title!
What amazed me is that the votes are tabulated in an unsecured MS Access database. They did not even bother to turn on the built in encryption
function.
There was nothing like computer security implemented.
The data should be encrypted to prevent manipulation.
You can date stamp and MD5 Hash every transaction with a digital signature. This along with a hash signed date/time stamp ordered log prevents
manipulation of the record.
A hash is a tiny crypto snapshot which if one bit of the original is changed would look extemely different. The possability of a successful false
document matching the hash is statistically extremely implausable.
The hash sent from the voting machine with the vote would not match the data value, so you would know it is modified. The hash would include the vote,
time, date machine identifier, location, and any other data requiring consistancy.
Digital signatures are legally binding in this country. So you cannot say that the law makers are unaware of the technology required for security.
We could easily go to an Email voting system where each voter has an Email Certificate which is independantly provided by one of many currently
accepted certificate authoritys.
It would provide a non-repudiateable legal and secure communication. Then the only issue is the secure final tabulation.
The Email flow could not be falsified, only blocking email flows could affect it, but that would be problematic, since the Email could be resent from
a different address or delivered via an official channel if the private channel is blocked. It could also be resent if a receipt is not returned
confirming delivery.
The validity of the vote would be based on the certificate registered to the voter.
A vote count could be generated at local jurisdiction by CCing to the local designated voting place, and to the central tabulation center. Ensuring
consistancy, and automating the abilty to crosscheck the results instantly.
You could litterally see the vote counts diverge during a fraud.
The most secure areas of our nation are protected using these technologys. The technology exists today, and the voting booth is built into your Email
today.
MS Office included a vote button function in the software!
It will tabulate a vote for you TODAY!
The only part missing from off the shelf software would be a database with the registered voter list in it, to be checked as each Email comes in. To
give one vote to each and only registered voters.
How long do you think it would take to setup some Email Servers!
For crying out loud this is pathetic!