[wplug] [wplug-announce] The Open Pitt, Issue 19
Brian A. Seklecki
lavalamp at spiritual-machines.org
Sun Dec 18 01:36:06 EST 2005
>
> The most impressive to me was the following: when a voting station (the
> booth with a touch screen where the voter actually votes) comes on line,
> the base station (which tabulates and stores the votes) initially assumes
> that the voting station has been compromised. It begins by getting an MD5
> checksum of all of the files on the voting station, and if anything fails
> to match, the machine is flagged as compromised.
Most likely Samhain. Maybe Tripwire or Osiris, but hopefully Samhain.
This type of security precaution is the *very least* of security
measures that should be occurring.
The voter registration card should be some standards-based "Smartcard"
and should contain a PKCS#12 of the X.509 certificate issued to the
resident by the state, the resident's private RSA/DSA key (1024bit+),
encrypted with at least an 8 character passphrase (3DES/AES), and the
the signing CA.
Before voting, the user should have to unlock their private key.
The paper copy should also be signed with either cert, or both.
Now if only we could find a way to knock Fox News / News Corporation off
of the airwaves on Election night.
~BAS
"Well shit on me." - 'Zero Cool'
> If it passes, the base
> station says "great" and proceeds to completely overwrite all the existing
> files on the voting station with its own files (contained on a read-only
> CD), assuring that all files on the voting station are valid and current.
More information about the wplug
mailing list