Archive for August 21, 2012
As you may recall, my day job involves computer security. A significant element in security is threat modeling, where one lays out the overall structure of the system, identifies areas of threats (defined as theoretical means of attack), finds corresponding vulnerabilities (defined as practical implementations of threats), and rates them based on their overall risk to the system.
In the case of voting, I’ve worked out threat models based on the architecture of voting systems common to the United States. I did this several years ago, in fact, because the topic has been discussed frequently at various security conferences. Unsurprisingly, the focus at computer security conferences has been on electronic voting machines, but I was prompted to look outside the obvious. After all, to the man with a hammer, the world is made of nails; to the computer security conference attendee, the security vulnerabilities of interest are in computers. I wanted to go further, so I looked at the entire system.
Where are some of the threats? What vulnerabilities arise from them? How bad are they? And what can and should be done about them? (more…)