-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 1 Mar 2004 at 10:51, Fergal Daly wrote:
Unless you take out the bit that actually cares about the signature. Maybe not possible in a single chip custom listening device but quite possible in a machine built from off the shelf chips and building voting machines from anything except off the shelf chips is not going to change any time soon.
Why? You can get a military hardened CPU from Atmel or even Intel for less than a x86 CPU. It just won't run Windows.
Something(s) on the board must be the key to the trust system, usually the processor but maybe there are multiple chips that check the signatures. You only need to replace these with look-a-likes that will also trust your switched image. No one can discover this without examining the chip layout under an electron microscope, rather impractical.
You're wrong on this. There are these key generating boxes which spit out encryption keys for use in X509 certs and such and they usually live inside a fire proof safe. They're very very tamper proof, you can't even let them get too hot or cold or else they reset themselves and you lose the key sequence. You could have something similar for voting machines.
I know them from having to go through the rigmarole of accessing one. You had to sign this log book and two people had to be present at all times to make sure you didn't drop it etc.
I don't think technological security is the issue here, personal security is much more important. Mobile phone voting in the North would be a good laugh, where the bloke looking over your shoulder, watching you vote, wears a balaclava for a bit of petrol bombing fun at the weekend. Even taking threats and violence out of the mix, remote voting allows vote selling.
No more so than a fellow paying you a tenner to vote a certain way. Of course you could vote differently anyway - however under a mobile phone voting system, I see no problem with being able to change your vote later.
Cheers, Niall