Feeds

Irish e-voting emerges from the crypt

On government life support

Choosing a cloud hosting partner with confidence

After spending €52m on a computerised voting scheme that doesn't work reliably, and warehousing the kit at a cost of about €800,000 per year, the Irish government would like to revive the technology so that the country's reputation doesn't suffer.

Ireland will be embarrassed without computerised balloting, Taoiseach Bertie Ahern claimed during a Dáil session last week.

"We have to correct the software, which will cost €500,000 and try to move forward. Otherwise, this country will move into the 21st century being a laughing stock with our stupid old pencils," the Taoiseach explained.

(The Times Online quoted him as saying "stupid aul pencils", but we can assure readers that the Taoiseach does not, in fact, talk like animated Lucky Charms cereal pitchman Lucky the Leprechaun.)

According to government reports on the system's various flaws, the hardware is acceptable. The software, not so much.

Labour Party leader Pat Rabbitte was strident in his criticism of the whole scheme, and repeatedly suggested that there is no way forward. He was at a loss to suggest any positive step, however, and even declined to advocate scrapping the scheme once and for all - which makes sense, as it would remove from his use a fair bit of ammunition with which to ridicule the government. Which he does rather nicely.

Rabbitte had supported e-voting, although when confronted with this fact insisted that he'd supported "a working system". Which Ireland clearly does not have.

The fact is, the whole debate is academic. It makes no difference whether one uses electronic gadgets, paper ballots, or a combination. All that matters are the security protocols in effect. A strictly paper system can be quite secure if it's designed right. Similarly, an electronic system can be quite secure - again, if it's designed right.

The combination of electronic machines with a paper record has become an obsession among a number of "activists", but it, too, can only be useful if the design is secure. Still, it's the least desirable alternative because it introduces needless complexity, and tremendous uncertainty when results are in dispute. How do you know which record, the electronic or the paper, is valid? Either component can be attacked, can fail, or can simply be designed badly.

The Irish system is now so mistrusted that there is nothing anyone can do to fix it (including actually fixing it). Ahern is in a terrible position. His government squandered the €52m, and everything he says sounds like spin, even on those occasions when it isn't.

For example, when confronted by news that a voting machine had been compromised, Ahern noted that "the anti-electronic voting campaign group in the Netherlands physically hacked into a machine to demonstrate security flaws. If one hacked into a ballot box one could do that too".

It's a sensible observation, but it doesn't help. The public perception is that machines are easier to hack, and that it's easier to conceal the fact. Meanwhile, the opposition likes having the e-voting debacle to hang around Ahern's neck when it suits them.

At this point, the only sensible thing to do is start over. A well-designed paper system would be a perfectly good place to start. But if Ireland has got to have electronic voting to boost the government's self esteem, then fine.

For secure, trustworthy e-voting, one needs hardware validated by an independent (and competent) testing agency, and a system to ensure that only validated hardware is used (ie, no post-validation equipment changes of any sort, and fragile seals to indicate tampering visibly).

Next, one needs software validated by an independent testing agency, and a mechanism to ensure that only validated software can be installed. This would involve the compiler, all source code, libraries, encryption software, etc. It doesn't have to be open source, but the validating agency has got to have access to every single bit. It would then build all of the software and issue approved copies. This can be verified cryptographically, cheaply, and easily.

Of course, there must not be any mechanism for remote IP access or switched telephone access to the machines or the database. Leased lines only.

There also needs to be a validated auditing mechanism to show every instance of access to the machines and the database.

Finally, one needs redundancy in the database and in each machine, so that when one fails, its contents cannot be lost. And there must be a mechanism to ensure that when it fails, it will cease to function (ie, it will fail safe), with its contents up to that point preserved. That's basically it, although there are numerous details which The Register has covered at length previously, here and here.

It appears, however, that the government will make some improvements and try to call the system fixed. But patching isn't good enough; the system is not trusted and it needs to be re-worked with a comprehensive set of security and trustworthiness protocols. Otherwise, important weaknesses will undoubtedly be overlooked and the debate will go on, pretty much for eternity. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
WHY did Sunday Mirror stoop to slurping selfies for smut sting?
Tabloid splashes, MP resigns - but there's a BIG copyright issue here
Spies, avert eyes! Tim Berners-Lee demands a UK digital bill of rights
Lobbies tetchy MPs 'to end indiscriminate online surveillance'
How the FLAC do I tell MP3s from lossless audio?
Can you hear the difference? Can anyone?
Inequality increasing? BOLLOCKS! You heard me: 'Screw the 1%'
There's morality and then there's economics ...
Google hits back at 'Dear Rupert' over search dominance claims
Choc Factory sniffs: 'We're not pirate-lovers - also, you publish The Sun'
EU to accuse Ireland of giving Apple an overly peachy tax deal – report
Probe expected to say single-digit rate was unlawful
While you queued for an iPhone 6, Apple's Cook sold shares worth $35m
Right before the stock took a 3.8% dive amid bent and broken mobe drama
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.