Firm invites experts to punch holes in ballot software

    Date08 Apr 2004
    CategoryHacks/Cracks
    3209
    Posted ByAnthony Pell
    Not only does this look like a good trend, it looks like a good time can be had by all! Here is a perfectly legitimite target for those who want to sharpen their computer hacking skills. The payoff? A potentially secure electronic voting platform. We believe that the fact that VoteHere has opened their source could ultimately result in a bulletproof ballot integrity system. . . . VoteHere, a maker of security software for voting machines, published the source code for its product online in hopes of garnering additional analysis of its method for verifying the integrity of electronic votes.

    The company, which has patented its VHTi technology, wants comments, not competition, so it released the code and several documents to its Web site under a license that restricts use of the code to analysis for a period of 60 days.

    "We pride ourselves on being good students of cryptography," said Jim Adler, founder and CEO of the Bellevue, Wash.-based company. "We know there is no security through obscurity, so we want to be open."

    Revealing encryption algorithms for peer review is a standard practice in encryption circles and allows experts to poke holes in other people's technology. VoteHere hopes the additional scrutiny will prove that its technology is sound, Adler said.

    The company's software is designed to let voters verify that their ballots were properly handled. It assigns random identification numbers to ballots and candidates. After people vote, they get a receipt that shows which candidates they chose--listed as numbers, not names. Voters can then use the Internet and their ballot identification number to check that their votes were correctly counted.

    "It doesn't protect the system from compromise, but it detects when compromises happen," Adler said. "We are the barking dogs: If anything touches the ballots, it can be detected."

    You are not authorised to post comments.

    LinuxSecurity Poll

    Has your email account ever been pwned in a data breach?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    12
    radio
    [{"id":"53","title":"Yes","votes":"8","type":"x","order":"1","pct":88.89,"resources":[]},{"id":"54","title":"No","votes":"1","type":"x","order":"2","pct":11.11,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.