[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fwd: Weak Security of Voting Machines



---------- Forwarded message ----------
From: Roland Blasini <profecon@xxxxxxxxx>
Date: Sep 24, 2006 8:02 PM
Subject: Weak Security of Voting Machines
To: Margit Johansson <margitjo@xxxxxxxxx>, CFVI Announcement List < cfvi_announce@xxxxxxxxxxxxxxxxxxxxxxxx>




Avi Rubin's Blog
http://avi-rubin.blogspot.com/


Welcome to my blog. Here, I will post items of
interest to me most likely focusing on:
  Electronic Voting Security
  Computer and Network Security
  Independent Security Evaluators
  Sports: Soccer, tennis, golf, football, Michigan
sports






Friday, September 22, 2006Rivest on audit size
estimation

Ron Rivest has a draft of an excellent paper on
estimating the number of items (e.g. voting machines)
that need to be audited to discover whether or not the
machines are cheating. The paper assumes that there is
a reliable way to manually check whether a machine is
cheating. For example, if every machine had a
corresponding paper trail that had been verified by
voters, then one could count the papers by hand and
check them against the machine.

Rivest has once again dazzled us with his creativity.
He presents a simple rule of thumb that can be
calculated with a calculator or in one's head for
determining how many machines to audit, using what he
terms the "rule of 3". Appendix A is especially useful
for people who do not follow the technical details. It
shows the number of machines to audit based on the
number of bad ones that exist and based on the
confidence level one wants to achieve. So, for
example, in appendix A, you can see that if you have
1,000 machines, and there are 50 "bad" ones, then to
have 95% confidence that you have discovered at least
one of the bad ones, you must audit at least 57
machines. This, as compared to the rule of thumb which
produces the number 59. Amazingly, the rule of thumb
is so elegant, and yet it always comes close, and
always errs on the side of being a little
conservative, meaning that it will never recommend
auditing too few.

Rivest has not published this draft, and he is still
seeking comments, so if you have any suggestions after
reading his paper, he would appreciate it if you could
send them.

I now quote from the last section of the paper, where
I think this work can have tremendous impact:

"We hope that the rules presented here will provide
useful guidance for those designing sampling
procedures for audits...it would probably be best to
merely mandate a sample size sufficient to detect,
with a specified level of confidence, any election
fraud sufficient to have changed the outcome."



I often meet with legislators at the state and federal
level to discuss voting issues, and I will be pointing
them to this work from now on. Thank you Ron Rivest
for once again contributing something elegant,
practical and long needed!












------------------------------------------------------





DIGITAL DOMAIN
The Big Gamble on Electronic VotingBy RANDALL STROSS
Published: September 24, 2006
Diebold declines to let Princeton researchers test the
latest voting machine, which uses a standard
industrial part to protect the door to its memory card
slot.






---------------------------------
Add fun gadgets and colorful themes to express
yourself on Windows Live Spaces