+ Slide 26
Part of
a talk delivered to the ITU Workshop on ... issues in E-Government, June 6, 2003, Geneva
|
Voting system integrity is a matter of national security
Why do we ignore the Common Criteria?
a widely accepted standard for information securityVoting systems are accounting systems
Votes should be counted as carefully as dollars
Elections should be subject to audit
Mechanical voting machines are not auditable!
Neither are direct recording electronic machines!Voting systems should not be based on trust
We must assume all participants are partisan
election officials
equipment vendors
suppliers of voting system components"Industry standard components" are not inspected!
Microsoft Windows is exempt
Disk drive firmware is exempt
Modem firmware is exemptTesting is incomplete!
Only black-box testing plus code inspection
No feedback from code inspectors to testers
No provision to re-open testing after trouble reported