Security through Obscurity in Voting
Bruce Schneier’s security blog alerted me to this seemingly funny, but ultimately tragic quote from an election official on their voting system:
The software developed for InkaVote is proprietary software. All the software developed by vendors is proprietary. I think it’s odd that some people don’t want it to be proprietary. If you give people the open source code, they would have the directions on how to hack into it. We think the proprietary nature of the software is good for security.
I think the lesson for those of us who work in security is this: just because a security principle is well documented, debated, and understood, does not mean that it is common knowledge. Now please excuse me while I go cry myself to sleep.
Technorati Tags: voting