[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CA Voting System Review notes

To: CVV Voting <cvv-discuss@xxxxxxxxxxxxxxxxx>
Subject: CA Voting System Review notes
From: Joe Pezzillo <jpezzillo@xxxxxxxxx>
Date: Fri, 3 Aug 2007 09:18:16 -0600
Delivered-to: mailing list cvv-discuss@xxxxxxxxxxxxxxxxx
List-help: <mailto:cvv-discuss-help@coloradovoter.net>
List-post: <mailto:cvv-discuss@coloradovoter.net>
List-subscribe: <mailto:cvv-discuss-subscribe@coloradovoter.net>
List-unsubscribe: <mailto:cvv-discuss-unsubscribe@coloradovoter.net>
Mailing-list: contact cvv-discuss-help@xxxxxxxxxxxxxxxxx; run by ezmlm

"I was especially struck by the utter banality of most of the flaws.Exploitable vulnerabilities arose not so much from esotericweaknesses that taxed our ingenuity, but rather from the garden-variety design and implementation blunders that plague any system notbuilt with security as a central requirement. There was a pervasivelack of good security engineering across all three systems, and I'mat a loss to explain how any of them survived whatever processcertified them as secure in the first place. Our hard worknotwithstanding, unearthing exploitable deficiencies was surprisingly-- and disturbingly -- easy."


http://www.crypto.com/blog/ca_voting_report/

Follow-Ups:
- Re: CA Voting System Review notes
  - From: BruceLiz

Prev by Date: poll rage in PA
Next by Date: Re: CA Voting System Review notes
Previous by thread: poll rage in PA
Next by thread: Re: CA Voting System Review notes
Index(es):
- Date
- Thread