Vote Hacking Kenny Denmark - October 2010 - For an upcoming election, Washington D.C. was preparing a system to allow some voters to send in their ballots.

Slides:

Advertisements

Similar presentations

E-Commerce Drawbacks Although e-commerce is a tremendous opportunity for businesses, there are also downsides which need to be explored.

Advertisements

Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.

Student Academic Success Center Power Over Procrastination

 After the 7 transactions, the ledger looks like Page 105 Figure 4.5. (Show On the White board)  There are 10 accounts in the ledger.  How do you calculate.

INTERNET SAFETY FOR EVERYONE A QUICK AND EASY CRASH COURSE.

Safety On The Internet Illinois Attorney General’s Office Naperville Police Department.

Derive the Quadratic Formula In addition to level 3, students make connections to other content areas and/or contextual situations outside of math.

Evaluation of Electronic MCQ/EMQ Examinations 2008/9.

Can Data Stored on an SSD Be Secured? Computerworld (02/28/11) Lucas Mearian By: James Sutherland.

The Threat of Cyber War The Issue of Cyber Security.

The Ethicality of Altering Google Traffic in China Kayley Paris CSCE 390 April 17, 2011.

Article: The Cyberweapon that could take down the Internet By Jacob Aron February 11, 2011 Presentation by Jacob Russell CSCE390 April 18 th, 2011.

Computational Thinking William C. Ridgeway 4/17/2011 CSCE 390 Professional Issues in Computer Science and Engineering.

By: Amanda Stephenson. RFID RFID – Radio Frequency Identification tags Hold 128 characters Normally placed in livestock and pets for identification Chips.

Virtual War a Real Threat Will Galloway 4/18/2011 CSCE 390 Article: Virtual War a Real Threat By Ken Dilanian, Washington Bureau March 28, 2011

How Egypt Shutdown the Internet Drew Steptoe April 18th, 2011 CSCE 390 Professor Valtorta References: - JAMES GLANZ. “Egypt Leaders Found ‘Off’ Switch.

“Ethics Online” Shaping social behavior online takes more than new laws and modified edicts. Deborah G. Johnson Communications of the ACM Vol. 40, No.

Internet Voting. What is Internet Voting? Internet voting is: an election process whereby people can cast their votes over the Internet, most likely through.

Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.

The Philosophy of Exotischism Ignorance Is No Excuse 1 Most of us have heard the old expression "ignorance is no excuse for breaking the law". If courts.

SAMPLE PRESENTATION ON NEW STANDARDS To present to families.

Safety On The Internet  Usage time  Locations that may be accessed  Parental controls  What information may be shared with others Online rules should.

BY TERESA CHATEL ESSENTIAL QUESTIONS 3.1 AND 3.2.

Module 1 Your Inner Being. Beliefs. Your Story Lesson 2

Introduction Our Topic: Mobile Security Why is mobile security important?

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

Copyright, Designs and Patents Act 1988

E-Safety Challenge College. Learning Objectives Understanding the definition of ‘cyber’ bullying and the affect it can have on the victim.

Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.

Frequently Asked Questions about Strikes and Job Security If the union gets in here I can’t ever lose my job because the union will get it back for me.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.

Ethics, Technology, and Qualitative Research: Thinking through the Implications of New Technology Sandra Spickard Prettyman Kristi Jackson.

Chloe Miles IMPROVING PRODUCTIVITY USING IT. Menu Using Word Advantages Disadvantages Conclusion E-Safety Social Media Dangers of Social Media Sites Staying.

Multi-digit Numerical Long Division 1 © 2013 Meredith S. Moody.

Password Security Everything (well… a lot, anyway) you didn’t know, or want to, but really actually need to.

By: Raymond Morris. What is it? The “Internet of Things” Network of communication between devices i.e. electronics, computers, and power grids Bots –

During Circle Work One Person speaks at a time Right to Pass No Put-downs.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.

Curly Questions By Clarissa Suchanek. Do you think you can ever lie to yourself? I don’t think I could ever lie to myself because even if I was capable.

Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.

Teigh Berg ACM tech news: 12/30/11 Source: Reuters (12/28/11) URL: trains-security-idUSTRE7BR0C

Unit 1 – Improving Productivity

Why you can’t always have what you want Simon Hutchinson – Reckon Product Management.

Breaking the law. The danger Either knowingly or otherwise, children and young people can fall foul of the law or get into trouble with other Internet.

Computers in Society Electronic Voting. Team Projects What is your name? Application? Presentation? Copyright The software industry The open source business.

E-voting Bringing the voting process to the technology age.

Vitor Giesteira, 9E. The Nine Elements of Digital Citizenship 1. Access 2. Communication 3. Literacy 4. Security and Safety 5. Etiquette 6. Rights and.

6 Steps for Resolving Conflicts STEP 1. Begin the Process Calmly approach the person you are having the conflict with, and explain to them that you have.

How to Maintain your computer. For many individuals a computer is a fairly significant purchase, and something they wish to find last. The easiest method.

What’s Cyberbullying?. Today’s Objective: To be able to empathize with the targets of cyberbullying, recognize some of the key similarities and differences.

UNLOCKING SUCCESS BY DHRUV S. Invent-It Challenge.

ICT and the Law Mr Conti. Did you see anything wrong with that? Most people wouldn’t want that sort of information posted in a public place. Why? Because.

Computer Laws Data Protection Act 1998 Computer Misuse Act 1990.

What Would You Do? An Ethics Case Study.

System Monitoring of Federal Agents Stephen Cevallos.

Computer and Network Security Brendan Duncombe Bahein Maung.

Rules of Procedure Treaty of Lausanne : Take II Hist 402A.

PART II INCEPTION Chapter 4 Inception is Not The Requirements Phase.

THE NUCLEAR ENERGY SURVEY : Nuray ÖZDEMİR Prepared by : Nuray ÖZDEMİR EDIRNE SULEYMAN DEMIREL SCIENCE HIGH SCHOOL APRIL 2009 EDIRNE / TURKEY The use of.

CLINTON DOMINATES DEMOCRATIC DEBATE BY SOFIA MOTTURA AND CIARA FAY.

How to Fix Problem Sentences Fragments Run-ons Comma Splices.

You must do better: The Need for Professionalism in Computing Blay Whitby Lecturer in Computer Science and AI School of Science and Technology University.

Goal Setting: Strategic Planning

Ethics Case Studies What would you do?.

Deer Park Family Medical Practice Questionnaire

Introduction to Configuration Management

O.S Lecture 13 Virtual Memory.

6 Steps for Resolving Conflicts

Political Parties and the United States

Presentation transcript:

Vote Hacking Kenny Denmark - October For an upcoming election, Washington D.C. was preparing a system to allow some voters to send in their ballots over the Internet. - However, two days after this was released for public use, it was hacked by a group from the University of Michigan to prove that it was unsafe. - They had managed to take complete control of the system, and was also able to extract the names of everybody who had registered of this service. Article: d=522635

- If it had been a real election, they could have changed what people had voted and/or posted that information online. - As a reaction, the elections board deemed this plan to be dangerous, and decided to shelve the system rather than try to improve it. This was partially due to other attacks coming in originating from China and Iran. - This incident also spurred a large debate over what type of software should be used for the security in a system such as this: proprietary or open-source (since open source was used for this)

8-step decision process Step 1: Issues: releasing software that contains important information or something that is used to decide needs to have adequate security and be adequately tested. However, people living over seas and soldiers also need to be able to vote easily, so it is important that this not be shelved. Step 2: Stakeholders: Voters: would like it to be easy to vote The people who hacked it: want it to be properly secure and have it still be in existence The election board: want it to be secure at any costs, even scrapping the project Step 3: Potential solutions: a: The project being permanently shelved b: The project being constantly monitored and improved c: An attempt is made to completely replace the system with something new

8-Step Decision Process(cotd.) Step 3(cotd.): Outcomes: a: best: nobody's records are stolen, worst: people outside the country have a hard time voting b: best: the new system works like it should, worst: it is attacked again, but improves with each one c: best: the new system works, worst: it is attacked again, and the cycle continues unless it is shelved or improved I personally think that the best of these is b, although it does involve some risk, if the system is improved enough, it should not matter as much. Step 4: Ethically speaking, this decision might not be the best, as it is slightly risky for those who want to use this service until it has been sufficiently improved. However, at a later point, the system will have been broken and repaired enough for it to be extremely difficult to impossible to break in to. Step 5: I believe that this solution is balanced because it provides a solution to the problem instead of simply ignoring it and shelving the project.

8-Step Process(cotd.) Step 6: I think that this would be the most efficient process, as it would produce a good result for a majority of people, especially after it has been around awhile and sufficiently been tested, even though it may not be the best for a while, the finished product will have been worth it. Step 7: Yes, nobody influenced me, and I don't believe that this would influence would influence me. A system such as this would have to tell the users of a potential risk, and to use at their own risk, but it is the same for any such system, they have to be constantly monitored and improved. Step 8: I would say that the most influential philosophy in this decision was pragmatism, because I feel that the end result of this project would be worth having to constantly tweak a security system for a long amount of time. However, it does put users at some degree of risk, so they would have to be fully aware of this before they could use it.

Applying the ACM Code I personally believe that what actually happened decision-wise adhered fairly well to the ACM code, except for the lack of complete testing by the people who developed the system. In any system such as this, especially in something like this, where people's personal information is stored. By not testing properly or enough, they would go against quite a few rules in the code, mainly the ones dealing with harm to a person, as this sort of information could be used for identity theft.