[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Public Comment
Comment from: david@drrw.info Time/Date Stamps, Sequencing and Proximity as risk to anonymous voting. Great care has to be taken with the pervasive use of date/time stamps in computers, and also sequentially allocated stamps and tokens (such as internal database storage foreign keys), or disk file allocations. Notice if one has a digital electoral roll system that is checking off voters attendence, and then even if the electronic votes are being recorded by a separate system, you can compromise anonymous voting by comparing date/time stamp sequences, or foreign key, or O/S level file allocations between the systems. E.g. If five voters cast ballots in a ten minute window - and 4 voted for candidate A and the last one for candidate B, by comparing the same time window on the sign-in, a pattern can be discerned. While this is obviously a very subtle threat, careful implementation design should avoid this. Also care should be taken in the EML schemas to only retain date/times when completely necessary, not as a matter of routine, so as to not inadvertently expose this risk. Another example is printed paper ballots. If ballots cast are printed on a continuous roll of paper, instead of individually separated sheets, then the same risk applies. Thanks, DW
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]