[CTRL] Fwd: [Politech] Report critiques federal government's Internet voting scheme [priv]

[RoadsEnd]

-Caveat Lector- Begin forwarded message: From: Declan McCullagh <[EMAIL PROTECTED]> Date: October 25, 2006 12:03:14 PM PDT To: Politech <politech@politechbot.com> Subject: [Politech] Report critiques federal government's Internet voting scheme [priv] -------- Original Message -------- Subject:     the new Internet voting scheme Date:     Wed, 25 Oct 2006 10:26:53 -0700 From:     Barbara Simons <[EMAIL PROTECTED]> To:     Declan McCullagh CC:     [EMAIL PROTECTED] Dear Declan, PLEASE CIRCULATE: My colleagues David Jefferson, Avi Rubin, David Wagner and I have just released a short paper about the government's IVAS system that involves absentee voting using email and fax and ballot distribution over the Internet. See http://servesecurityreport.org/ivas.pdf We wanted to bring this to your attention because we believe this system poses significant risks, as described in this excerpt from our article: In summary, we see three main risks: 1. Tool One exposes soldiers to risks of identity theft.  Sending personally identifiable information via unencrypted email is considered poor practice.  No bank would ask their customers to send SSNs over unencrypted email, yet Tool One does exactly that.  This problem is exacerbated by potential phishing attacks. 2. Returning voted ballots by email or fax creates an opportunity for hackers, foreign governments, or other parties to tamper with those ballots while they are in transit.  FVAP's system does not include any meaningful protection against the risk of ballot modification. 3. Ballots returned by email or fax may be handled by the DoD in some cases.  Those overseas voters using the system sign a waiver of their right to a secret ballot.  However, it is one thing for a voter's ballot to be sent directly to their local election official; it is another for a soldier's ballot to be sent to and handled by the DoD – who is, after all, the soldier's employer. Regards, Barbara Simons _______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/) = www.ctrl.org DECLARATION & DISCLAIMER ========== CTRL is a discussion & informational exchange list. Proselytizing propagandic screeds are unwelcomed. Substance—not soap-boxing—please! These are sordid matters and 'conspiracy theory'—with its many half-truths, mis- directions and outright frauds—is used politically by different groups with major and minor effects spread throughout the spectrum of time and thought. That being said, CTRLgives no endorsement to the validity of posts, and always suggests to readers; be wary of what you read. CTRL gives no credence to Holocaust denial and nazi's need not apply. Let us please be civil and as always, Caveat Lector. ======================================================================== Archives Available at: http://www.mail-archive.com/ctrl@listserv.aol.com/ <A HREF="">ctrl</A> ======================================================================== To subscribe to Conspiracy Theory Research List[CTRL] send email: SUBSCRIBE CTRL [to:] [EMAIL PROTECTED] To UNsubscribe to Conspiracy Theory Research List[CTRL] send email: SIGNOFF CTRL [to:] [EMAIL PROTECTED] Om