Suppose, hypothetically, that I knew of a vulnerability that would allow someone to corrupt vote counts or interfere with voting on some e-voting system being used in tomorrow’s election. And suppose further that it was too late to get the vulnerability fixed. What should I do?
This is a special case of a more general issue that arises in computer security, regarding when it is proper to disclose vulnerability information. Most independent experts tend to be pro-disclosure, having learned by experience that vendors behave more responsibly when disclosure is the norm. But every situation is different, and it is often possible to withhold a little information while still getting the advantages (for the public) of disclosure.
In our hypothetical case, I think I would publish the vulnerability information once it could no longer do harm in this election. Depending on the nature of the vulnerability, that might be after the polls close in affected states, or it might be at some other time. Doing this would ensure that public officials and vendors have as long as possible to fix the problem before the next election, but that the information would be withheld during the brief window when it would help the bad guys more than the good guys.
I might want (still speaking hypothetically) to put a stake in the ground so I could prove later that I knew the vulnerability information before the election. One way to do that would be to write a short file or document describing the vulnerability, to compute the cryptographic hash of that file, which is a unique number that can be verified later but that conveys no useful information about the contents of the file, and then to publish the hash.
Perhaps I, or one of my colleagues, will publish the hash of a vulnerability report here, before the election is over.
3 Comments »
The URI to TrackBack this entry is: http://evoting-experts.com/wp-trackback.php/16
Leave a comment
Line and paragraph breaks automatic, e-mail address never displayed, HTML allowed:
<a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>