Online voting is a serious issue that Canadians need to remain aware of and/or become educated about. I’ve previously written about issues surrounding Internet-based voting, and was recently interviewed about online elections in light of problems that the National Democratic Party (NDP) had during their 2012 leadership convention. While I’m generally happy with how the interview played out – and thankful to colleagues for linking me up with the radio station I spoke on – there were a few items that didn’t get covered in the interview because of time limitations. This post is meant to take up those missed items, as well as let you go and listen to the interview for yourself.
Public Dialogue Concerning the NDP Leadership ‘Attack’
There are claims that the attacks against the NDP’s online voting system were “sophisticated” and that “the required organization and the demonstrated orchestration of the attack indicates that this was a deliberate effort to disrupt or negate the election by a knowledgeable person or group.” Neither of these statements are entirely fair or particularly accurate. Publicly disclosed information indicates that around 10,000 IP addresses were used to launch a small Distributed Denial of Service (DDoS) attack against the voting system used during the NDP’s convention. To be clear: this is a relatively tiny botnet.
While such a botnet might justifiably overwhelm some small business networks, or other organizations that haven’t seen the need to establish protections against DDoS scenarios, it absolutely should not be capable of compromising an electoral process. Such a process should be significantly hardened: scalable infrastructure ought to have been adopted, and all services ought to be sitting behind a defensible security perimeter. To give you an understanding of just how cheap a botnet (of a much larger size) can be: in 2009, a 80,000-120,000 machine botnet would run around $200/day. You even got a 3-minute trial window! In 2010, VeriSign’s iDefence Intelligence Operations Team reported that a comparable botnet would run around $9/hr or $67/day.
If a few Google searches and a couple hundred dollars from a Paypal account can get you a small botnet (and give you access to technical support to help launch the attack, depending on who you rent your bots from) then we’re not dealing with a particularly sophisticated individual or group, or an individual or group that necessarily possesses very much knowledge about this kinds of attacks. Certainly the action of hiring a botnet demonstrates intent but it’s an incredibly amateurish attempt, and one that should have been easily stopped by the vendor in question.
Elections Canada recently stated that sometime after 2013 it intends to trial online voting, a system that lets citizens vote over the Internet. Fortunately, they are just committing to a trial but if the trial is conducted improperly then Elections Canada, politicians, and the Canadian public may mistakenly come to think that online voting is secure. Worse, they might see it as a valid ‘complement’ to traditional voting processes. If Canadians en masse vote using the Internet, with all of its existing and persistent infrastructural and security deficiencies, then the election is simply begging to be stolen.
While quick comparisons between the United States’ electronic voting system and the to-be-trialed Canadian online voting system would be easy to make, I want to focus exclusively on the Canadian proposition. As a result, I discuss just a small handful of the challenges in deploying critical systems into known hostile deployment environments and, more specifically, the difficulties in securing the vote in such an environment. I won’t be writing about any particular code that could be used to disrupt an election but instead about some attacks that could be used, and attackers motivated to use them, to modify or simply disrupt the Canadian electoral process. I’ll conclude by arguing that Elections Canada should set notions of online voting aside; paper voting requires a small time investment that is well worth its cost in electoral security.
I’ve previously talked about the horrors of the native document format in the Office 2007 (and now 2008 for Mac as well), OOXML. I’m not going to go through an extended talk about the nonsense that Microsoft has done to essentially bankrupt the legitimacy of ISO bodies around the world. I’ll let you head over to Bob Sutor’s blog if you want to do that (disclaimer: Bob is a VP at IBM. He’s super smart, but IBM is an ardent supported of ODF, and opposed to OOXML. That position comes through in the blog.).
Now, I just want to note something that you might have missed in some of the FUD that has been swirling about OOXML receiving ISO certification. While it’s true that OOXML may indeed receive such certification (which will be a sad, sad day), the current office suites that Microsoft has on the market (i.e. 2007 and 2008) do not support ISO 29500 – the OOXML standard. That’s right: if you’re saving your documents in OOXML right now, you are NOT saving it as the default standard that Microsoft is championing. Instead, you’re just saving in the ‘transitionary’ format. This means that you could potentially be stranded with a lot of OOXML documents in the future, especially if you decide to move to a non-Microsoft office package. At the very least, it’s looking as though only Microsoft will be able to be ‘backwards compatible’ with 2007 and 2008 when and if the ISO 29500 is approved – no Open Office, Neo Office, Abiword, Google Docs, or anything else for you!
I’m so impressed that ‘open standards’ are translating to ‘closed, proprietary based standards’. It seems in accordance with the thousands of pages that go into the OOXML so-called ‘standard’.
That stack of papers is the documentation for ISO 29500, prior to its being revised.
All hail Balmer?