, SecurityFocus 2005-10-03
A federally funded group of voting system experts called on the United States' Election Assistance Commission, which oversees the nation's state-run elections, to revamp its recommended process for evaluating the security of electronic voting devices.
Expand all |
Post comment
E-voting experts call for revised security guidelines
2005-10-03
Todd Knarr (1 replies)
Todd Knarr (1 replies)
Re: E-voting experts call for revised security guidelines
2005-10-06
Phil Karn, Sr. (1 replies)
Phil Karn, Sr. (1 replies)
Of course, "every party" means everyone; anything short of that leaves it open to claims of bias. So you have a conundrum.
But closed-source software only offers one security advantage, and it's a flimsy one: malicious parties outside the circle of trust, who can't obtain the sources lawfully or unlawfully, are forced to use disassembly or reverse-engineering to discover exploitable weaknesses. For a sufficiently motivated person (and where the stakes are high, sufficient motivation is easily obtained), this is a very low obstacle.
Weigh that one highly questionable advantage against the assurance afforded by the ability to inspect all the code, including by people highly motivated to find weaknesses to expose them (yes, they will also look to find ways to exploit them, but remember it's much easier to exploit a weakness if you're in control of the machine, which most attackers aren't), and it's plain that the apparent leap of faith involved in using open source code is actually a pretty solid step.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/11336/32578#32578