info
An excellent talk by Ron Deibert, walking through some of the daily risks associated with Internet usage
IP geek humour at its best.
People in Azerbaijan live in fear. We fear for our lives, we fear for our jobs, we fear for the lives and jobs of our fathers and mothers, brothers and sisters, we fear for our friends. We fear every time when someone close to us dares to disagree with you. We also pay a high price when we dare not to fear.
Before 2009 I had criticized you mostly online. Then I was attacked in the centre of Baku. I was arrested and later sentenced in a show trial on fake charges of hooliganism. My father died while I was in jail, his health was deteriorating since the day of my arrest. I could not be there when he was placed in hospital and I was not there the day I lost him. Some of my relatives and friends lost their jobs. They were told that they are too close to “the enemy of the state”. Now, many people I knew are afraid to communicate with me online and offline and I can understand them.
In our interconnected world, civil society, states and businesses from across the world must work together to thrive in our global information society. This is the meaning and the spirit of this Internet Governance Forum. Internet governance can’t properly serve sustainable human, economic and social development without freedom of expression, the rule of law and efficient democratic governance.
Emin Milli, writing as Azerbaijan hosts the Internet Governance Forum
Could Email Undermine the 2012 American Election?
In the aftermath of Hurricane Sandy, some of the polling stations that would have been used by Americans to cast ballots are gone. Moreover, some citizens in New Jersey are unlikely to either find their new polling station or take the time to find a station and vote. Quite simply, they’re rebuilding their lives: presidential politics aren’t necessarily centre of mind at the moment.
In the wake of the disaster, New Jersey will let some voters cast their ballots by fax and email. One American expert has identified a range of possible attack vectors that could be used to compromise people’s votes. He’s quoted as saying,
Those are just some of the more obvious and potentially catastrophic ways a direct security failure could affect this election … The email voting scheme has so many ways it can fail or that doubt can be cast on the integrity of the results, that if a race somewhere in New Jersey is decided by email ballots, it seems almost guaranteed that we’re going to have a bunch of mini-2000-in-Floridas all over the state.
In addition to basic security concerns around voting, it’s critical to understand that voting by email (effectively) removes secrecy provisions. Messages will not have to be encrypted, meaning that if employees cast their ballots at work then their employer(s) could ascertain how their employees are voting. This is an incredibly serious issue.
In the best of worlds, the New Jersey elections won’t rely or depend on the emailed votes to determine a winner. This said, even if the votes don’t change the local results - if individuals win seats by sufficient margins that the emailed ‘ballots’ wouldn’t affect who won - the national vote could the endangered if the New Jersey voting system is connected to the national system. The risk, here, is that if an attacker could compromise the New Jersey voting infrastructure (perhaps by sending an infected attachment to an email message) then the rest of the infrastructure could also be compromised. Such an attack, were it to occur, could compromise not just the New Jersey results but, potentially, races across the United States.
While it’s evident why the government decided to let people vote by email - to ensure that Americans could cast their ballot despite the horrific natural disaster - these good intentions could result in very, very bad results. Worse, it could encourage trust and confidence in online voting systems more generally, systems that simply cannot be adequately secured (for more as to why, see this and this). While paper ballets are infuriating for many they remain an ideal means of confidently expressing voting intentions. While alternate approaches certainly need to be considered to let people vote, especially in times of crisis, voting by email is not an idea that should have been contemplated, let alone adopted, as a solution to the Sandy-related voting problems.
Origin Stories and the Internet
There are a large list of origin stories and myths surrounding the ‘net. Some are far better than others. Given a recent (significantly misguided) piece by WSJ a quick couple of responses have gone up at Ars (not bad, not great) and by Robert Graham (pretty good). I’m not going to write an origin myth - though I’ve got one that I’m writing for future publication, and have been ‘teaching the myth’ to students of late - but in no particular order is a list of good/interesting books on the topic.
