Monday, April 28, 2008

Swatted Down

After a long delay, and then missing their own extended deadline the people in charge of the Conference Workshop I submitted a paper finally got back to me. Sadly, my paper was not accepted. Oh well, less work for me since now I don't have to put together a presentation. Plus, the paper served as a good starting place for my thesis proposal, of which I have a draft written now. So it wasn't all bad.

In other news:

In one week I will be on a plane to London. Sweet. This week will be rather tedious as attempting to concentrate on anything is short lived.

Wednesday, April 23, 2008

Voting Systems

I just had a fascinating conversation with one of my co-workers. We were discussing what it would take to convince the government and the populace that an Open-Source electronic voting system is the only acceptable solution for electronic voting.

Here were the main points of discussion:

1. Software Security:
Who knows the most about security? Cryptographers. Cryptographers are the most paranoid people you will ever meet, they worry about every possible thing that might go wrong with a security protocol. You know how they design good protocols? They get as many people as possible to submit ideas, then pick a few of the best, and get as many people as possible to review these to look for any problems (This is how the NSA does it). The worst possible thing you could do, and the cardinal sin of Cryptography is to try to build a secret protocol.
Therefore, in order to build a secure voting system, it should be as open to review as possible. The best way to make it open to review is to allow the populace to write it-- Open-Source. You get the work done for free, and with thousands of people reviewing the code you have a very strong assurance that the final product will be secure.
Everyone that works on the code will be afraid of leaving a vulnerability because then someone they don't like might exploit it, so they'll be very careful to make sure it's safe. This design structure coupled with the use of NSA approved, strong cryptographic protocols for information exchange provides a very high level of trust in the system. Much higher than the current garbage being sold by companies like Diebold.

2. Hardware Security:
The hardware itself needs to be secure and trusted. The design of the hardware should be open to review by the populace just as the software is. Once the leading experts in the field are satisfied with the hardware design we can move forward.

3. Operating System Security:
The voting application and the physical machine need to be secure, and so does the operating system mediating between the two. Luckily for us there are Open-Source builds of Linux distributions called SELinux (Security-Enhanced). The NSA has created these distributions and recommends them for people needing the highest possible level of security. The code is still open-source and can be reviewed by anyone using the system.

4. Accounting for Paranoia:
Now, the paranoids of the software security world will bring up the Ken Thompson Compiler Hack. If you have no idea what that is, just ignore this section. To mitigate the possibility of a compiler-inserted backdoor the people creating the software could first use standard compilers that can be expected to be safe. And if that's not enough to satisfy them, they can write their own compiler in some exotic language (to prevent the self-propagation), and use the newly compiled compiler.


5. Paper Backup:
When a person places a vote the system should display their vote on the screen in a simple, unambiguous manner. Then a cash register type tape printer (within a enclosed system) prints off the ballot and the user verifies that the screen matches the printout. The printout is then mechanically detached and dropped into a secured bucket/box. This allows the user to be sure that their ballot was correctly cast both electronically and on paper. If there is ever a question of the validity of the election the paper ballots can be manually counted, and the user has already verified that the ink on the paper showed their vote (No more hanging chad problems). For the uber-paranoid the register tape can print an ink receipt and a pressure paper (canary colored "carbon-copy") which are stapled together and dropped in. This way no tricky disappearing ink thing could work without also tampering with the pressure paper.

When you take all of these things into account you will have an electronic voting system which is extremely secure. Elections could occur more quickly and easily with tallies that are verified by trusted cryptographic protocols, as well as unambiguous, dual paper backups.

This, of course, is not a fully detailed description of a secure voting system. But it is the start of what should be done to move on from the terrible systems currently being used.

Monday, April 14, 2008

Something to write about

I haven't updated in a while, so I've been trying to come up with something to write about. So far I have been unsuccessful, so I'll just write about being unable to come up with anything to write about.

I'm not really in the mood to rant about anything-- I'm trying to avoid getting riled up about the nonsense that's going on.

I'm feeling pretty good about today's weather though. I even decided to wear shorts today. Too bad it will be cold again tomorrow, lamers.

In one more week I will learn if my paper was accepted to the Conference Workshop I submitted to.

I discovered over the past week that my savings are disappearing much more quickly than I can sustain, so I'm making a vow to cut down spending as much as possible. Which will be difficult since I'll be going to Europe in [checks] 3 weeks. In anticipation of which I applied for a Capital One credit card, which has no interest until September, and charges no foreign transaction fee. Which is important because the majority of other credit card companies will charge you 3% on each foreign transaction you make, but you should use a credit card because the giant companies get a much better exchange rate than you ever could alone.


After I take a test in an hour and a half I will only have two finals standing between me and freedom; I'm excited.

Wednesday, April 02, 2008

The Olympics - A Rant

I've had this post sitting in my drafts for a while now, but have been busy and other things kept coming up to write about. But now I have a CNN article to reference to make me all the more annoyed.

I grew up with the naive, idealistic view that the Olympic Games were about countries setting aside their differences to meet in friendly competition every 4 years. It just seemed like such a nice idea, "We don't like you, but let's have a little fun anyways." I was annoyed to grow up to discover that, like everything else, even the Olympics were tainted with whiny, lying, corrupt politicians and their political nonsense.

CNN is running an article which talks about how 15 members of the House of Representatives are "urging" President Bush to not attend the Olympic games as a protest against their human rights violations involving Tibet. First, such an action would be one of the most blatant international episodes of the pot calling the kettle black that I've seen in a long time. Aside from that it just seems so childish: "I'm not going to talk to you unless you do what I say."

I hate how whenever I read about something involving politics and politicians I feel like I'm right back in 7th grade and my classmates are fighting about who gets to be President of Student Council. It's a big, pointless, waste-of-life popularity contest, where all the contestants have resorted to digging up as much dirt about the others as possible. They greet you with a smile and shake your hand while selling you out to the corporation that writes the biggest checks.

I am a huge advocate of transparent government. Guess what elected officials, you're there to serve me. That's what the term "civil servant" is referring to, not that we serve you. As an elected or aspiring elected official you should give up certain rights in order to protect ours. You should be required to disclose all of your assets to the public. Maybe you should have all of your phones wiretapped by the same invasive laws you pass, and all of your conversations should be made public. Perhaps then you'll begin to understand why we don't like these laws. Maybe if your kid was dying in some hole of a country because of the lies you told you wouldn't be so quick to start a war by spouting those lies. Perhaps if we had a system like those of old where the leader led the army in conflict you wouldn't be so willing to invade foreign nations.

Sit up and listen America. The government exists to serve you. They should be doing what you want, not what some big company that knows how to bribe wants them to do. They shouldn't be exempted from the very laws they pass, they should be the first ones affected by them, so that they know what it is they're doing to this country.

If they're going to change the food-stamp program, they should try to live off of it for a month and see how the feel about it first. If they're going to start a war, they should go fight in it. If they're going to increase the length of patents for medical drug companies, they should see what that does to the people that can't afford the price of the prescription drugs they need for a drug that was created 12 years ago.

Stop being whiny, teenagers and start being adults. I'm sick and tired of politicians acting like they're in middle school.

Go to the Olympics and have fun, that's the whole point.