Archive

Archive for the ‘News’ Category

Windows Store App Security Updates

March 12th, 2013 No comments

We are committed to adapting our policies as the world evolves and with the new Windows Store, we evaluated how to best release security updates for Windows Store apps. Our goal is to have a quick, transparent and painless security update process. With this in mind, we will deliver high quality security updates for Windows Store apps as they become available. This applies to Microsoft apps that are installed using the Windows Store and to apps like Mail, which are preinstalled with Windows 8 but updated using the Windows Store. Providing security updates to these apps more frequently will allow us to add new functionality, fix issues and improve security. This will also help developers to avoid introducing new issues during the update process.

To ensure transparency, we will document all security updates for Microsoft apps in the Windows Store in a security advisory, which we will revise with each new security update release. The security update process itself will be identical to that of any other Windows Store app update—customers will simply click on the store tile and select the update.

You can read the full description of the new Windows Store App Updates Policy over on TechNet.

Thanks,
Mike Reavey
Senior Director, MSRC
Microsoft Trustworthy Computing

 

Categories: Announcements, News, Security Update Tags:

BlueHat Prize Q&A with Katie Moussouris

August 10th, 2011 No comments

Hi everyone,

Black Hat this year was really great. We spent a lot of time talking to people and getting new perspectives on the security landscape and of course, we announced the BlueHat Prize contest. The reaction to the contest was outstanding. In fact, within the first 24 hours, we had already received a few submissions and a bunch of questions indicating a lot of interest in winning the $200,000 grand prize.

Based on the questions, it was clear there were a couple of areas where we needed to provide more clarity. For example, who owns the technology, Microsoft or the inventor? The answer is the inventor. You can find answers to most of your questions in the official rules at www.bluehatprize.com but we also held a webcast today to go over some of the common questions. In the video below, Katie Moussouris sat down with me to address questions like “Can I make more than one submission?” and “What if my idea requires a compiler change?”

Get Microsoft Silverlight



 

The deadline to enter the contest is 12 a.m. PDT April 1, 2012 at which time our internal panel of judges will pick the top three entries. We’ll fly all three to Black Hat USA 2012, where we will announce the grand prize winner. We will provide periodic updates along the way both on this blog and via our Twitter handle, @MSFTSecResponse.

Thanks!

Jerry Bryant

Group Manager, Response Communications

Trustworthy Computing Group

Categories: News, Responsible Disclosure, security, video Tags:

ACS’ first bug from being too performant

July 16th, 2008 Comments off

We got several reports recently of a bug in ACS that certain DS Access events, primarily for dnsNode and dnsZone objects, don’t properly get looked up.


Some background: the event log in Windows prefers to log invariants such as message IDs, parameter message IDs, SIDs (security IDs which represent users and groups, etc.), and GUIDs (globally unique IDs which represent objects in Active Directory), rather than the actual names of the objects.  At view time the viewing application is expected to look up the name associated with the invariant and display it to the user.


The reasons that Windows does this are (1) that it enables localization, so that English speakers can see “Administrator” and French speakers can see “Administrateur”, and (2) that it provides rename safefy- many objects are rename-able, such as domain accounts and other AD objects.


Anyway in ACS we had to solve the problem of how to store mountains of log data in a database, make it queryable in meaningful ways, preserve original format, present to users in a recognizable/understandable format, etc.


The way we chose to solve our several problems was to take strings that contained an invariant and append the translated name or string.


For example:
%{e0fa1e8c-9b45-11d0-afdd-00c04fd930c9}
would be translated to:
%{e0fa1e8c-9b45-11d0-afdd-00c04fd930c9}=”dnsNode”


and
%%7685
becomes:
%%7685=”Write Property”


As I mentioned, though, we ran into a problem recently.  Some of our customers were monitoring AD objects with ACS and noticed that ACS was not translating the GUIDs for certain objects.  When they manually looked up the GUIDs they noticed that they were for AD-integrated DNS objects.


After investigation, we found that AD was logging certain audit events for the objects, before all the attributes of the objects had been populated- DNS was populating the objects in multiple operations per object and each operation causes a separate event.  So ACS, which operates as close to real-time as we could get, was actually noticing the first event and asking AD “what’s this?” before DNS had finished updating AD with things like the object’s name.  The difference in time was literally only milliseconds.

Anyway I didn’t really feel it was an ACS bug and wanted to file a bug against Windows DNS Server.  However the Operations Manager team has prototyped a configurable behavior for the ACS agent that lets it wait a very short time (configurable number of ms) and retry, when it fails to look up an AD object because the object doesn’t exist.  This might be released as a public patch and/or in a future Service Pack.


I thought you might appreciate stories of the kinds of weirdness we run into.

Categories: ACS, News Tags:

ACS’ first bug from being too performant

July 16th, 2008 No comments

We got several reports recently of a bug in ACS that certain DS Access events, primarily for dnsNode and dnsZone objects, don’t properly get looked up.


Some background: the event log in Windows prefers to log invariants such as message IDs, parameter message IDs, SIDs (security IDs which represent users and groups, etc.), and GUIDs (globally unique IDs which represent objects in Active Directory), rather than the actual names of the objects.  At view time the viewing application is expected to look up the name associated with the invariant and display it to the user.


The reasons that Windows does this are (1) that it enables localization, so that English speakers can see “Administrator” and French speakers can see “Administrateur”, and (2) that it provides rename safefy- many objects are rename-able, such as domain accounts and other AD objects.


Anyway in ACS we had to solve the problem of how to store mountains of log data in a database, make it queryable in meaningful ways, preserve original format, present to users in a recognizable/understandable format, etc.


The way we chose to solve our several problems was to take strings that contained an invariant and append the translated name or string.


For example:
%{e0fa1e8c-9b45-11d0-afdd-00c04fd930c9}
would be translated to:
%{e0fa1e8c-9b45-11d0-afdd-00c04fd930c9}=”dnsNode”


and
%%7685
becomes:
%%7685=”Write Property”


As I mentioned, though, we ran into a problem recently.  Some of our customers were monitoring AD objects with ACS and noticed that ACS was not translating the GUIDs for certain objects.  When they manually looked up the GUIDs they noticed that they were for AD-integrated DNS objects.


After investigation, we found that AD was logging certain audit events for the objects, before all the attributes of the objects had been populated- DNS was populating the objects in multiple operations per object and each operation causes a separate event.  So ACS, which operates as close to real-time as we could get, was actually noticing the first event and asking AD “what’s this?” before DNS had finished updating AD with things like the object’s name.  The difference in time was literally only milliseconds.

Anyway I didn’t really feel it was an ACS bug and wanted to file a bug against Windows DNS Server.  However the Operations Manager team has prototyped a configurable behavior for the ACS agent that lets it wait a very short time (configurable number of ms) and retry, when it fails to look up an AD object because the object doesn’t exist.  This might be released as a public patch and/or in a future Service Pack.


I thought you might appreciate stories of the kinds of weirdness we run into.

Categories: ACS, News Tags:

ACS’ first bug from being too performant

July 16th, 2008 No comments

We got several reports recently of a bug in ACS that certain DS Access events, primarily for dnsNode and dnsZone objects, don’t properly get looked up.


Some background: the event log in Windows prefers to log invariants such as message IDs, parameter message IDs, SIDs (security IDs which represent users and groups, etc.), and GUIDs (globally unique IDs which represent objects in Active Directory), rather than the actual names of the objects.  At view time the viewing application is expected to look up the name associated with the invariant and display it to the user.


The reasons that Windows does this are (1) that it enables localization, so that English speakers can see “Administrator” and French speakers can see “Administrateur”, and (2) that it provides rename safefy- many objects are rename-able, such as domain accounts and other AD objects.


Anyway in ACS we had to solve the problem of how to store mountains of log data in a database, make it queryable in meaningful ways, preserve original format, present to users in a recognizable/understandable format, etc.


The way we chose to solve our several problems was to take strings that contained an invariant and append the translated name or string.


For example:
%{e0fa1e8c-9b45-11d0-afdd-00c04fd930c9}
would be translated to:
%{e0fa1e8c-9b45-11d0-afdd-00c04fd930c9}=”dnsNode”


and
%%7685
becomes:
%%7685=”Write Property”


As I mentioned, though, we ran into a problem recently.  Some of our customers were monitoring AD objects with ACS and noticed that ACS was not translating the GUIDs for certain objects.  When they manually looked up the GUIDs they noticed that they were for AD-integrated DNS objects.


After investigation, we found that AD was logging certain audit events for the objects, before all the attributes of the objects had been populated- DNS was populating the objects in multiple operations per object and each operation causes a separate event.  So ACS, which operates as close to real-time as we could get, was actually noticing the first event and asking AD “what’s this?” before DNS had finished updating AD with things like the object’s name.  The difference in time was literally only milliseconds.

Anyway I didn’t really feel it was an ACS bug and wanted to file a bug against Windows DNS Server.  However the Operations Manager team has prototyped a configurable behavior for the ACS agent that lets it wait a very short time (configurable number of ms) and retry, when it fails to look up an AD object because the object doesn’t exist.  This might be released as a public patch and/or in a future Service Pack.


I thought you might appreciate stories of the kinds of weirdness we run into.

Categories: ACS, News Tags:

Shameless Self-Promotion

March 5th, 2008 Comments off

There’s one topic that I know is on everyone’s mind- no, not American Idol– it’s “What’s new in Auditing in Windows Server 2008?”


Well, funny that you brought that up.  My friend Jesper Johanssen just wrote a new book, the Windows Server 2008 Security Resource Kit, and he invited me to write a chapter about auditing for it, which I did.  So you, dear reader, are getting information straight from the horse’s mouth, so to speak.


Anyway I think the book hits store shelves on March the 10th.  A number of distinguished individuals contributed to the book: Susan Bradley, Darren Canavor, Kurt Dillard, Roger Grimes, Brian Komar, Alun Jones and others.


I’d also like to send out special props to my auditing posse: Raghu (who was the primary developer for auditing for Vista & WS08) and Ned (who is the resident guru for auditing in Microsoft Customer Support Services), both of whom made significant contributions.  Raghu introduces the new “special group logon tracking” feature, and Ned contributed a spreadsheet mapping all the events (360-ish) to the policy category and subcategory and giving other key information about each event; this is included on the CD bundled with the book, along with an XML file defining the schema for all the events and event messages.  Ned’s also working on getting a version of the spreadsheet available for download from the Microsoft download site.


In other news, the Windows Server 2008 Security Guide is also out, and yes, yours truly contributed in small part to the auditing guidance in there too, although I seem to have been overlooked in the credits (in all fairness my work delta from the Vista Security Guide was really small so maybe it did not meet their “credits bar”).


Anyway, download the security guide and buy a copy of the book.  Buy more than one copy of the book, and give copies to your friends and loved ones.  Nothing says “Happy Anniversary, Honey” quite like a book or white paper about computer security.  OK, so maybe I should stick to computer security and stay away from relationship advice.  Flowers work well in my experience.

Categories: News, Tools Tags:

Shameless Self-Promotion

March 5th, 2008 No comments

There’s one topic that I know is on everyone’s mind- no, not American Idol– it’s “What’s new in Auditing in Windows Server 2008?”


Well, funny that you brought that up.  My friend Jesper Johanssen just wrote a new book, the Windows Server 2008 Security Resource Kit, and he invited me to write a chapter about auditing for it, which I did.  So you, dear reader, are getting information straight from the horse’s mouth, so to speak.


Anyway I think the book hits store shelves on March the 10th.  A number of distinguished individuals contributed to the book: Susan Bradley, Darren Canavor, Kurt Dillard, Roger Grimes, Brian Komar, Alun Jones and others.


I’d also like to send out special props to my auditing posse: Raghu (who was the primary developer for auditing for Vista & WS08) and Ned (who is the resident guru for auditing in Microsoft Customer Support Services), both of whom made significant contributions.  Raghu introduces the new “special group logon tracking” feature, and Ned contributed a spreadsheet mapping all the events (360-ish) to the policy category and subcategory and giving other key information about each event; this is included on the CD bundled with the book, along with an XML file defining the schema for all the events and event messages.  Ned’s also working on getting a version of the spreadsheet available for download from the Microsoft download site.


In other news, the Windows Server 2008 Security Guide is also out, and yes, yours truly contributed in small part to the auditing guidance in there too, although I seem to have been overlooked in the credits (in all fairness my work delta from the Vista Security Guide was really small so maybe it did not meet their “credits bar”).


Anyway, download the security guide and buy a copy of the book.  Buy more than one copy of the book, and give copies to your friends and loved ones.  Nothing says “Happy Anniversary, Honey” quite like a book or white paper about computer security.  OK, so maybe I should stick to computer security and stay away from relationship advice.  Flowers work well in my experience.

Categories: News, Tools Tags:

Shameless Self-Promotion

March 5th, 2008 No comments

There’s one topic that I know is on everyone’s mind- no, not American Idol– it’s “What’s new in Auditing in Windows Server 2008?”


Well, funny that you brought that up.  My friend Jesper Johanssen just wrote a new book, the Windows Server 2008 Security Resource Kit, and he invited me to write a chapter about auditing for it, which I did.  So you, dear reader, are getting information straight from the horse’s mouth, so to speak.


Anyway I think the book hits store shelves on March the 10th.  A number of distinguished individuals contributed to the book: Susan Bradley, Darren Canavor, Kurt Dillard, Roger Grimes, Brian Komar, Alun Jones and others.


I’d also like to send out special props to my auditing posse: Raghu (who was the primary developer for auditing for Vista & WS08) and Ned (who is the resident guru for auditing in Microsoft Customer Support Services), both of whom made significant contributions.  Raghu introduces the new “special group logon tracking” feature, and Ned contributed a spreadsheet mapping all the events (360-ish) to the policy category and subcategory and giving other key information about each event; this is included on the CD bundled with the book, along with an XML file defining the schema for all the events and event messages.  Ned’s also working on getting a version of the spreadsheet available for download from the Microsoft download site.


In other news, the Windows Server 2008 Security Guide is also out, and yes, yours truly contributed in small part to the auditing guidance in there too, although I seem to have been overlooked in the credits (in all fairness my work delta from the Vista Security Guide was really small so maybe it did not meet their “credits bar”).


Anyway, download the security guide and buy a copy of the book.  Buy more than one copy of the book, and give copies to your friends and loved ones.  Nothing says “Happy Anniversary, Honey” quite like a book or white paper about computer security.  OK, so maybe I should stick to computer security and stay away from relationship advice.  Flowers work well in my experience.

Categories: News, Tools Tags:

ACS Tidbits

February 2nd, 2008 No comments

Well there has been a lot happening on my old project, ACS (Audit Collection Services, a feature of SystemCenter Operations Manager 2007).


Two more of our partners, Enterprise Certified and NetPro, have released compliance solutions on top of ACS.


Another of our partners with ACS-based compliance solutions, SecureVantage, has started a new blog where ACS is a frequent topic.


Anyway I’m pleased to see that ACS is becoming a successful platform and I’m happy to answer ACS questions!  To you ISV’s out there, Joseph and I welcome your questions as well (if we aren’t already talking to you).  Let us know who you are so we can stay in touch with you!

Categories: News, Tools Tags:

ACS Tidbits

February 2nd, 2008 Comments off

Well there has been a lot happening on my old project, ACS (Audit Collection Services, a feature of SystemCenter Operations Manager 2007).


Two more of our partners, Enterprise Certified and NetPro, have released compliance solutions on top of ACS.


Another of our partners with ACS-based compliance solutions, SecureVantage, has started a new blog where ACS is a frequent topic.


Anyway I’m pleased to see that ACS is becoming a successful platform and I’m happy to answer ACS questions!  To you ISV’s out there, Joseph and I welcome your questions as well (if we aren’t already talking to you).  Let us know who you are so we can stay in touch with you!

Categories: News, Tools Tags:

ACS Tidbits

February 2nd, 2008 No comments

Well there has been a lot happening on my old project, ACS (Audit Collection Services, a feature of SystemCenter Operations Manager 2007).


Two more of our partners, Enterprise Certified and NetPro, have released compliance solutions on top of ACS.


Another of our partners with ACS-based compliance solutions, SecureVantage, has started a new blog where ACS is a frequent topic.


Anyway I’m pleased to see that ACS is becoming a successful platform and I’m happy to answer ACS questions!  To you ISV’s out there, Joseph and I welcome your questions as well (if we aren’t already talking to you).  Let us know who you are so we can stay in touch with you!

Categories: News, Tools Tags:

German court bans retention of logged IP addresses

October 3rd, 2007 No comments

A German court has ruled that a government web site may not retain IP addresses and other personally identifiable information (PII) in their logs for any longer than the user is actually using the site.


The judges pointed out that in many cases it was simple to map an IP address to an identity with the help of 3rd parties, and declared that logging IP addresses was a “violation of the right to informational self-determination.”


OK whatever.


Germany does not seem to be of one mind regarding logging.  On the one hand their draconian privacy laws (how’s that for an oxymoron?) are pretty much in opposition to any meaningful user activity logging.  On the other hand, their law enforcement folks at least seem to know the value of logs, even if they are a little draconian in the other direction.  Finally the article above notes that even the Bundestag, the lower house of the German Parliament, doesn’t comply with with the privacy laws that body created- the web site logs and retains PII.


Attention Germany: the privacy horse has left the barn.  Technology has far outpaced the capability of an individual to control where his or her information flows.  Expecting to both receive service from an online provider, and to remain “private” (whatever that means) from the provider, is unreasonable- and in fact denying the provider the right to log prevents the provider from systematically improving service to you.  Logging is a best practice for administrative activity, including maintenance-related activities, marketing & service planning, and security-related activities such as forensics.  Everything generates logs nowadays.  It would probably be better to write laws restricting what can be done with logs rather than to outlaw logging.  In this manner you could mitigate abuses such as those by the ambulance chasers but still provide organizations of all sorts, including the government itself, the information they need to do their jobs.


 

Categories: Laws, News, privacy, Rants Tags:

German court bans retention of logged IP addresses

October 3rd, 2007 Comments off

A German court has ruled that a government web site may not retain IP addresses and other personally identifiable information (PII) in their logs for any longer than the user is actually using the site.


The judges pointed out that in many cases it was simple to map an IP address to an identity with the help of 3rd parties, and declared that logging IP addresses was a “violation of the right to informational self-determination.”


OK whatever.


Germany does not seem to be of one mind regarding logging.  On the one hand their draconian privacy laws (how’s that for an oxymoron?) are pretty much in opposition to any meaningful user activity logging.  On the other hand, their law enforcement folks at least seem to know the value of logs, even if they are a little draconian in the other direction.  Finally the article above notes that even the Bundestag, the lower house of the German Parliament, doesn’t comply with with the privacy laws that body created- the web site logs and retains PII.


Attention Germany: the privacy horse has left the barn.  Technology has far outpaced the capability of an individual to control where his or her information flows.  Expecting to both receive service from an online provider, and to remain “private” (whatever that means) from the provider, is unreasonable- and in fact denying the provider the right to log prevents the provider from systematically improving service to you.  Logging is a best practice for administrative activity, including maintenance-related activities, marketing & service planning, and security-related activities such as forensics.  Everything generates logs nowadays.  It would probably be better to write laws restricting what can be done with logs rather than to outlaw logging.  In this manner you could mitigate abuses such as those by the ambulance chasers but still provide organizations of all sorts, including the government itself, the information they need to do their jobs.


 

Categories: Laws, News, privacy, Rants Tags:

German court bans retention of logged IP addresses

October 3rd, 2007 No comments

A German court has ruled that a government web site may not retain IP addresses and other personally identifiable information (PII) in their logs for any longer than the user is actually using the site.


The judges pointed out that in many cases it was simple to map an IP address to an identity with the help of 3rd parties, and declared that logging IP addresses was a “violation of the right to informational self-determination.”


OK whatever.


Germany does not seem to be of one mind regarding logging.  On the one hand their draconian privacy laws (how’s that for an oxymoron?) are pretty much in opposition to any meaningful user activity logging.  On the other hand, their law enforcement folks at least seem to know the value of logs, even if they are a little draconian in the other direction.  Finally the article above notes that even the Bundestag, the lower house of the German Parliament, doesn’t comply with with the privacy laws that body created- the web site logs and retains PII.


Attention Germany: the privacy horse has left the barn.  Technology has far outpaced the capability of an individual to control where his or her information flows.  Expecting to both receive service from an online provider, and to remain “private” (whatever that means) from the provider, is unreasonable- and in fact denying the provider the right to log prevents the provider from systematically improving service to you.  Logging is a best practice for administrative activity, including maintenance-related activities, marketing & service planning, and security-related activities such as forensics.  Everything generates logs nowadays.  It would probably be better to write laws restricting what can be done with logs rather than to outlaw logging.  In this manner you could mitigate abuses such as those by the ambulance chasers but still provide organizations of all sorts, including the government itself, the information they need to do their jobs.


 

Categories: Laws, News, privacy, Rants Tags:

Ensuring that there’s no useful data in your logs…

September 1st, 2007 No comments

As I wrote about earlier, TorrentSpy, a file-sharing search engine, was ordered by a U.S. magistrate to enable logging on its servers and to subsequently make those logs available to the MPAA, the plaintiff in an illegal file-sharing lawsuit against TorrentSpy.  They have lost their appeals and as a result have decided to block US IP addresses from their web servers (which will effectively ensure that no information interesting to the MPAA will reach their logs).  This ruling also puts copyright law squarely at odds with privacy rights, as pointed out by the Electronic Frontier Foundation.  The whole case seems to hinge on the fact that the judge interpreted the fact that information such as IP addresses temporarily reside in a computer’s RAM as meaning that information is “stored” by the computer and therefore discoverable; many computer experts reject that argument.  More analysis of the implications of the ruling are found here.

Categories: Laws, News, privacy Tags:

Ensuring that there’s no useful data in your logs…

September 1st, 2007 Comments off

As I wrote about earlier, TorrentSpy, a file-sharing search engine, was ordered by a U.S. magistrate to enable logging on its servers and to subsequently make those logs available to the MPAA, the plaintiff in an illegal file-sharing lawsuit against TorrentSpy.  They have lost their appeals and as a result have decided to block US IP addresses from their web servers (which will effectively ensure that no information interesting to the MPAA will reach their logs).  This ruling also puts copyright law squarely at odds with privacy rights, as pointed out by the Electronic Frontier Foundation.  The whole case seems to hinge on the fact that the judge interpreted the fact that information such as IP addresses temporarily reside in a computer’s RAM as meaning that information is “stored” by the computer and therefore discoverable; many computer experts reject that argument.  More analysis of the implications of the ruling are found here.

Categories: Laws, News, privacy Tags:

Ensuring that there’s no useful data in your logs…

September 1st, 2007 No comments

As I wrote about earlier, TorrentSpy, a file-sharing search engine, was ordered by a U.S. magistrate to enable logging on its servers and to subsequently make those logs available to the MPAA, the plaintiff in an illegal file-sharing lawsuit against TorrentSpy.  They have lost their appeals and as a result have decided to block US IP addresses from their web servers (which will effectively ensure that no information interesting to the MPAA will reach their logs).  This ruling also puts copyright law squarely at odds with privacy rights, as pointed out by the Electronic Frontier Foundation.  The whole case seems to hinge on the fact that the judge interpreted the fact that information such as IP addresses temporarily reside in a computer’s RAM as meaning that information is “stored” by the computer and therefore discoverable; many computer experts reject that argument.  More analysis of the implications of the ruling are found here.

Categories: Laws, News, privacy Tags:

Voting Machine Logs + e-Government Laws = No Secrets When Voting

August 23rd, 2007 Comments off

Researchers in the state of Ohio in the United States have discovered that by analyzing the logs produced (by law) from e-voting machines used in certain counties, they can determine the vote(s) each voter made.  Further, the logs, by law, must be produced on demand, as part of our open elections process.


I haven’t read the in-depth reports and analysis.  It appears to me that the manufacturers of the voting machine anticipated the risk of vote correlation with voters and tried to mitigate it by separating the vote log from the voter log.  However they mitigated this very poorly as (1) only one voter can apparently use the machine at a time and (2) every thing the machine does is logged and (3) every log entry is timestamped.  So simply separating the “Voter X logged on” records into one log, and the “Vote cast for candidate Y” records into another log seems to be a pretty naive solution.


I normally try to stay away from politics and commentary on my blog, because I don’t want to alienate anyone.  But this is not a political issue.  Here in the United States we have problems with elections.  It doesn’t matter which party you are in, there are things to be unhappy about.  The machines we have built to make elections easier seem to have made things much harder- from the “hanging chads” we had in the 2000 elections to the current pain we’re having with voting machine certification.


The audit trail problem with voting machines is daunting.  How do you simultaneously accomplish the goals of (1) allowing only authorized individuals to vote (2) exactly once per election, regardless of location (4) the votes cannot be tampered with after being cast (or at least tampering is evident), (5) the votes can be tallied quickly (in a matter of only a few hours, (6) all of these steps can be accomplished in such a way that even if he voter wishes it, the vote cannot be correlated with the voter, and (5) a recount can reproduce all the same results with these same election characteristics (maybe we can relax the time window) without the voters physically being present.


Punch card and optical scan systems opt for auditing the voter before handing them the ballot, and the ballots themselves are the audit trail of the votes (and are not numerically linked with the voter).  These systems would seem to be pretty foolproof but there are systemic problems with both: the hanging chads and butterfly ballot problems were with punch card systems, and optical scan systems in general have a fairly high error rate, and all of these problems are largely due to users who fail to follow instructions which are critical to accurate operation of the machines which tally the votes.


Coupled with the fact that many e-voting systems are getting poor reviews from security researchers, I would be much more comfortable as a voter slowing down on e-voting until we work out the kinks.

Categories: News, Rants Tags:

AT&T Team Up With Apple to Create Large-Scale Log Forwarding System Using Paper & US Postal Service

August 12th, 2007 Comments off
Categories: News, SEM Tags:

EZ-Pass Logs Used in Divorce Cases

August 11th, 2007 Comments off
Categories: News, privacy Tags: