Evote2010 – Day 2

After a hailstorm, the official reception in downtown Bregenz (hosted by the Regional Government of Vorarlberg) and spending a good time in probably one of the smallest pubs in Bregenz the second day of the evote2010 started with the topic operation and evaluation of e-voting systems.

Carl Markus Piswanger: Operational Issues of a High Security Computation Centre

E-voting has been one of the most challenging projects ever within the Austrian Federal Computer Centre, basically due to security reasons and new dynamic processes. Some key figures of the BRZ-Operations were over 800 servers, over 320 implementations and over 1500 network devices. Throughout the project 7 % of the total stuff were involved.

As for operational security, the majority of processes had to be built up especially for the project. For the online election administration system, more than 230.000 „sector specific PINs“ were created (between 90 and 97 % automatically). Test procedures have been based on the security requirements and risk analysis (partly based on the organisation and partly on the technical handbooks. The most critical risk scenarios were data security risks or risks in the field of communiation). Piswanger explained the monitoring and emergency plan from the organisational and technical point of view. The election observation system contained infrarot cameras and 24 hour observation. There was a continuous support for students and election commissions. However, about a third of the questions was on the citizen card and there were not too many technical questions. Overally (and apart from the beautiful act of destroying the data in the end alone :)), the project was a huge lessons learned process.

Upcoming events taken from the talk of Melanie Volkhamer:

In the afternoon I listened to the track „e-voting experiences“*.

Thad Hall, Leontine Loeber: Electronic Elections in a Politicized Polity

Hall and Loeber were examining data from the Nederlands and the U.S. The experiences in these two countries with e-voting are different. In the U.S. voting technology has become politicised (after Obama became president, voting technology was all fine). In the Netherlands there is a „hacking“ problem started with machines in the 1960s. But issues were raised around the question of trust (although in 2006 80 % of the people claimed to trust the voting machine).

One of the measured attitutes of people I found pretty interesting was voter confidence. In the U.S. it turned out that democrats think e-voting is more fraud prone while liberals are less confident than others. In the Nederlands, people simply like to vote and the method of voting does not seem to affect their trust. Blank ballot voting has a lover level of trust though. In the Netherlands, as opposed to the U.S., there is no winner’s effect. Winning party and trust in voting are not related, and the social party has a lower voting trust, whereas the Liberals have more voting trust.

Andreas Ehringfeld, Larissa Naber, Thomas Grechenig, Robert Krimmer, Markus Traxl, Gerald Fischer: Experiences of specific attacks against the first legally binding implementation of evoting in Austria

E-voting is a very emotional topic. From the beginning, there were many oppoents and activists. The timeframe and highest requirements on security (buying hardware in 6 months etc.) were the most difficult tasks and made the project a very tough one. Different attacks happened. A few days before the elections a website was published where you only have to click on a button and your personal pc started to attack the e-voting system. There were also different attacks of distractign voters from the voting channels. Attack does not have to be successful on the technial side and the system has never been broken. But what was reached was that in the heads of the people the e-voting system was cracked. There is much evidence and press articles on the issue to be found on the internet.

Thank you to all people involved for making this conference a very well organised, diverse and friendly one!

—–
*) after getting soaked in another heavy rain fall

2 Kommentare

Schreibe einen Kommentar

Trage deine Daten unten ein oder klicke ein Icon um dich einzuloggen:

WordPress.com-Logo

Du kommentierst mit Deinem WordPress.com-Konto. Abmelden / Ändern )

Twitter-Bild

Du kommentierst mit Deinem Twitter-Konto. Abmelden / Ändern )

Facebook-Foto

Du kommentierst mit Deinem Facebook-Konto. Abmelden / Ändern )

Google+ Foto

Du kommentierst mit Deinem Google+-Konto. Abmelden / Ändern )

Verbinde mit %s