Feeds

Irish e-voting emerges from the crypt

On government life support

Top three mobile application threats

After spending €52m on a computerised voting scheme that doesn't work reliably, and warehousing the kit at a cost of about €800,000 per year, the Irish government would like to revive the technology so that the country's reputation doesn't suffer.

Ireland will be embarrassed without computerised balloting, Taoiseach Bertie Ahern claimed during a Dáil session last week.

"We have to correct the software, which will cost €500,000 and try to move forward. Otherwise, this country will move into the 21st century being a laughing stock with our stupid old pencils," the Taoiseach explained.

(The Times Online quoted him as saying "stupid aul pencils", but we can assure readers that the Taoiseach does not, in fact, talk like animated Lucky Charms cereal pitchman Lucky the Leprechaun.)

According to government reports on the system's various flaws, the hardware is acceptable. The software, not so much.

Labour Party leader Pat Rabbitte was strident in his criticism of the whole scheme, and repeatedly suggested that there is no way forward. He was at a loss to suggest any positive step, however, and even declined to advocate scrapping the scheme once and for all - which makes sense, as it would remove from his use a fair bit of ammunition with which to ridicule the government. Which he does rather nicely.

Rabbitte had supported e-voting, although when confronted with this fact insisted that he'd supported "a working system". Which Ireland clearly does not have.

The fact is, the whole debate is academic. It makes no difference whether one uses electronic gadgets, paper ballots, or a combination. All that matters are the security protocols in effect. A strictly paper system can be quite secure if it's designed right. Similarly, an electronic system can be quite secure - again, if it's designed right.

The combination of electronic machines with a paper record has become an obsession among a number of "activists", but it, too, can only be useful if the design is secure. Still, it's the least desirable alternative because it introduces needless complexity, and tremendous uncertainty when results are in dispute. How do you know which record, the electronic or the paper, is valid? Either component can be attacked, can fail, or can simply be designed badly.

The Irish system is now so mistrusted that there is nothing anyone can do to fix it (including actually fixing it). Ahern is in a terrible position. His government squandered the €52m, and everything he says sounds like spin, even on those occasions when it isn't.

For example, when confronted by news that a voting machine had been compromised, Ahern noted that "the anti-electronic voting campaign group in the Netherlands physically hacked into a machine to demonstrate security flaws. If one hacked into a ballot box one could do that too".

It's a sensible observation, but it doesn't help. The public perception is that machines are easier to hack, and that it's easier to conceal the fact. Meanwhile, the opposition likes having the e-voting debacle to hang around Ahern's neck when it suits them.

At this point, the only sensible thing to do is start over. A well-designed paper system would be a perfectly good place to start. But if Ireland has got to have electronic voting to boost the government's self esteem, then fine.

For secure, trustworthy e-voting, one needs hardware validated by an independent (and competent) testing agency, and a system to ensure that only validated hardware is used (ie, no post-validation equipment changes of any sort, and fragile seals to indicate tampering visibly).

Next, one needs software validated by an independent testing agency, and a mechanism to ensure that only validated software can be installed. This would involve the compiler, all source code, libraries, encryption software, etc. It doesn't have to be open source, but the validating agency has got to have access to every single bit. It would then build all of the software and issue approved copies. This can be verified cryptographically, cheaply, and easily.

Of course, there must not be any mechanism for remote IP access or switched telephone access to the machines or the database. Leased lines only.

There also needs to be a validated auditing mechanism to show every instance of access to the machines and the database.

Finally, one needs redundancy in the database and in each machine, so that when one fails, its contents cannot be lost. And there must be a mechanism to ensure that when it fails, it will cease to function (ie, it will fail safe), with its contents up to that point preserved. That's basically it, although there are numerous details which The Register has covered at length previously, here and here.

It appears, however, that the government will make some improvements and try to call the system fixed. But patching isn't good enough; the system is not trusted and it needs to be re-worked with a comprehensive set of security and trustworthiness protocols. Otherwise, important weaknesses will undoubtedly be overlooked and the debate will go on, pretty much for eternity. ®

Top three mobile application threats

More from The Register

next story
Sorry London, Europe's top tech city is Munich
New 'Atlas of ICT Activity' finds innovation isn't happening at Silicon Roundabout
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.