Feeds

Irish e-voting emerges from the crypt

On government life support

New hybrid storage solutions

After spending €52m on a computerised voting scheme that doesn't work reliably, and warehousing the kit at a cost of about €800,000 per year, the Irish government would like to revive the technology so that the country's reputation doesn't suffer.

Ireland will be embarrassed without computerised balloting, Taoiseach Bertie Ahern claimed during a Dáil session last week.

"We have to correct the software, which will cost €500,000 and try to move forward. Otherwise, this country will move into the 21st century being a laughing stock with our stupid old pencils," the Taoiseach explained.

(The Times Online quoted him as saying "stupid aul pencils", but we can assure readers that the Taoiseach does not, in fact, talk like animated Lucky Charms cereal pitchman Lucky the Leprechaun.)

According to government reports on the system's various flaws, the hardware is acceptable. The software, not so much.

Labour Party leader Pat Rabbitte was strident in his criticism of the whole scheme, and repeatedly suggested that there is no way forward. He was at a loss to suggest any positive step, however, and even declined to advocate scrapping the scheme once and for all - which makes sense, as it would remove from his use a fair bit of ammunition with which to ridicule the government. Which he does rather nicely.

Rabbitte had supported e-voting, although when confronted with this fact insisted that he'd supported "a working system". Which Ireland clearly does not have.

The fact is, the whole debate is academic. It makes no difference whether one uses electronic gadgets, paper ballots, or a combination. All that matters are the security protocols in effect. A strictly paper system can be quite secure if it's designed right. Similarly, an electronic system can be quite secure - again, if it's designed right.

The combination of electronic machines with a paper record has become an obsession among a number of "activists", but it, too, can only be useful if the design is secure. Still, it's the least desirable alternative because it introduces needless complexity, and tremendous uncertainty when results are in dispute. How do you know which record, the electronic or the paper, is valid? Either component can be attacked, can fail, or can simply be designed badly.

The Irish system is now so mistrusted that there is nothing anyone can do to fix it (including actually fixing it). Ahern is in a terrible position. His government squandered the €52m, and everything he says sounds like spin, even on those occasions when it isn't.

For example, when confronted by news that a voting machine had been compromised, Ahern noted that "the anti-electronic voting campaign group in the Netherlands physically hacked into a machine to demonstrate security flaws. If one hacked into a ballot box one could do that too".

It's a sensible observation, but it doesn't help. The public perception is that machines are easier to hack, and that it's easier to conceal the fact. Meanwhile, the opposition likes having the e-voting debacle to hang around Ahern's neck when it suits them.

At this point, the only sensible thing to do is start over. A well-designed paper system would be a perfectly good place to start. But if Ireland has got to have electronic voting to boost the government's self esteem, then fine.

For secure, trustworthy e-voting, one needs hardware validated by an independent (and competent) testing agency, and a system to ensure that only validated hardware is used (ie, no post-validation equipment changes of any sort, and fragile seals to indicate tampering visibly).

Next, one needs software validated by an independent testing agency, and a mechanism to ensure that only validated software can be installed. This would involve the compiler, all source code, libraries, encryption software, etc. It doesn't have to be open source, but the validating agency has got to have access to every single bit. It would then build all of the software and issue approved copies. This can be verified cryptographically, cheaply, and easily.

Of course, there must not be any mechanism for remote IP access or switched telephone access to the machines or the database. Leased lines only.

There also needs to be a validated auditing mechanism to show every instance of access to the machines and the database.

Finally, one needs redundancy in the database and in each machine, so that when one fails, its contents cannot be lost. And there must be a mechanism to ensure that when it fails, it will cease to function (ie, it will fail safe), with its contents up to that point preserved. That's basically it, although there are numerous details which The Register has covered at length previously, here and here.

It appears, however, that the government will make some improvements and try to call the system fixed. But patching isn't good enough; the system is not trusted and it needs to be re-worked with a comprehensive set of security and trustworthiness protocols. Otherwise, important weaknesses will undoubtedly be overlooked and the debate will go on, pretty much for eternity. ®

Security for virtualized datacentres

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Special pleading against mass surveillance won't help anyone
Protecting journalists alone won't protect their sources
Big Content Australia just blew a big hole in its credibility
AHEDA's research on average content prices did not expose methodology, so appears less than rigourous
Bono: Apple will sort out monetising music where the labels failed
Remastered so hard it would be difficult or impossible to master it again
Vodafone to buy 140 Phones 4u stores from stricken retailer
887 jobs 'preserved' in the process, says administrator PwC
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.