Wednesday, October 10, 2007

A different aspect of election security

An interesting new report was released yesterday on a different aspect of elections security. Unlike the area I’ve been working (security of the voting systems), this report focuses on what an attacker could do to influence voters prior to their going to the polls, including creating web sites with confusingly similar names to the official site, sending messages that appear to come from the legitimate candidate site (but don’t), creating fake (but realistic-looking) sites to collect donations, etc.

Nothing really new in the report, but points out how reliant we’ve become on the Internet as a source of information about elections.

Perhaps the most important thing to me is the implications of such a report to Internet voting. Yes, that’s a topic that just won’t go away. Would voters click on a link that says “click here to vote for Jane Doe”? If they do, are they actually voting for Jane Doe or her competitor? And there’s obviously motivation, although hopefully not by legitimate candidates, to create malware (keystroke loggers, or even software that modifies your traffic) to cause unsuspecting voters to cast votes in ways they don’t intend.

Worth a read.


Post a Comment

Subscribe to Post Comments [Atom]

<< Home