Je hebt een klacht over de onderstaande posting:
Pretty amateurish blog post about the 20 issues. If I just focus on a few of the so called 'high risks': 4 High: The voting software-application can be installed on any computer. “The Dutch Electoral Council has not set up any security baseline for this”. No baseline is high risk, seriously? Using this thought e.g. all internet banking websites are also insecure because you can use it on any PC. Google is also a high risk website, you can use it on every PC. 8 High: The insecure, old and deprecated SHA1 hash algorithm is used everywhere in the software. I agree that is deprecated. But high risk? If I give you a sha1sum, can you calculate collision for me? 9 High: The voting software stores voting results in an unencrypted XML file. What’s the issue of using unencrypted files for public data? Non-issue if integrity is adequately verified. 13 High: Non encrypted USB sticks are used. What’s the issue of using unencrypted USB thumb drives? Non-issue if e.g. digital signatures over hash for integrity ...
Beschrijf je klacht (Optioneel):