Pages: pp. 5-6
Editor's note: The following is representative of several letters we received regarding the urban myth referred to in the The Profession column in Computer's February 2008 issue.
I was disappointed to see that Computer printed an urban myth as a fact in the The Profession column in its February issue (R. Natarajan, "On Attending Conferences," pp. 108, 107). It is ironic that this inaccurate statement is printed right after the author states that "there is a great danger of becoming shallow if we abstain from research." Although it might not have been the author's intent, this unfortunate occurrence serves only to fuel a false perception of NASA's incompetence as well as an inflammatory indication of the agency's carelessness at US taxpayer's expense.
Here are the facts:
The problem with pencils is that they are hazardous items in weightless conditions and pure oxygen atmosphere. It took only a few minutes of "research" to obtain reliable facts. They are available from http://history.nasa.gov/spacepen.html as well as from www.spacepen.com/Public/History/index.cfm. It took about the same amount of time to track down the myth sources ( www.snopes.com/business/genius/spacepen.asp).
The author responds:
Thanks to Aleksandar Fabijanic and the other correspondents who pointed out that the NASA pen and pencil story is not to be taken as a real historical episode. This could be helpful to readers who might have failed to see that it was just an anecdote narrated in a lighter vein with the purpose of setting the mood before describing more true-to-life examples of innovations brought about by outsiders to various disciplines. In fact, a search for the keyword phrase "space pencil" on Google immediately reveals that this is a well-known joke, and the top hit http://www.thespacereview.com/article/613/1 provides a clear explanation of the real facts.
I read "Secure and Easy Internet Voting" by Giampiero E.G. Beroggi (Feb. 2008, pp. 52–56) with interest. It's great to see a system that encourages greater participation through convenience while ensuring the integrity of the election. The only concern that I did not see fully addressed was the point that "no one can intercept, change, or reroute electronically cast votes." This requirement might not be met for votes cast on a computer with malware present at time of voting.
The "Silent Banker" trojan is an example of this danger; it places itself between the browser and the SSL layer and does not need to break an SSL session to steal money from the victim. Similar trojan malware would have full control over a voting session by modifying the vote results as they are submitted and faking confirmation response screens to make the voter believe the vote was cast as intended. Even if the voting system uses a secure applet, a trojan having full control over the screen, mouse, and keyboard could tamper with the vote.
Antivirus researchers commonly place the number of infected computers worldwide at around 11 percent. If a foreign government or organization were to control a large percentage of these computers, the corrupted votes would have a significant effect on the election results.
I read with interest the February article on Swiss "Secure and Easy Internet Voting." I was hoping that someone had solved the problems, but sadly, that is not the case. Easy, perhaps, but secure?
Nothing in this system prevents man-in-the-middle attacks, and recent discussions of malware that modifies a cracked system' DNS server settings shows this is critical. Nothing prevents one person from being registered multiple times or one person from voting for all the registered voters in one household. The sale of votes is not prevented. It is trivial to monitor the voter's display to make sure he's voting the way he is supposed to, and he can't change his vote later. These all seem to violate at least three of the four Federal Chancellery rules.
Further, recounts are meaningless since the same software will do the recount that did the first, and a modified database of votes will count the same twice, thrice, or more no matter whose software counts things.
The author claims that the "e-voting hardware itself is in a steel cage," but surely none of the home systems that connect to it and are part of the system as a whole are. The system's security relies on tens or eventually hundreds of thousands of home computers.
The most serious statement comes just prior to that, referring to the decision to keep the code from the public. Attackers "with such access could modify voting and auditingrecords." Security through obscurity is a dangerous way to operate, since clearly someone does have access to the code and thus could find the means to modify voting records.
And yet, this system has received an award for its "remarkably high security standard." If this is true, then I have an encryption routine I'd like to sell you. You can't see the code for it, but I promise it's very secure. In fact, I've used it to encrypt this e-mail, not just once, but twice. I call it "ROT13."
"Secure and Easy Internet Voting" contains a glaring contradiction. The author concedes that the Swiss e-voting system he describes falls short of the ACM's recommendations in that it "does not lend itself to a reproducible recording of each voter's actions." He purports to excuse this shortcoming on the grounds that "a paper trail is … dangerous in that it provides a visible receipt [which] could subject voters to bribery from those seeking to buy and sell votes." Yet he overlooks the obvious fact that when a Swiss e-voter uses a computer or a mobile phone, there's no way to know who might be looking over the e-voter's shoulder, buying or coercing his vote.
What Mr. Beroggi doesn't understand about the ACM's recommendations is that the "visible receipt" can't be taken away from the polling place, and it is in fact treated by the voting authorities like a paper ballot. It thus poses far less risk of vote buying or coercion than the Swiss e-voting system, which might be easy but is far from secure.
Catching up on my reading, I found "The Profession as a Culture Killer" (Sept. 2007, pp. 112, 110–111) of particular interest in its remarks on typographical poverty in personal computing and its development.
This poverty was not universal in the early days of personal computing. The Amstrad PCW 8256 word processing computer of two decades ago ( www.old-computers.com/museum/computer.asp?c=189) used a special keyboard with a program called LocoScript that allowed applying all accents to any character by simple and obvious keying. It was very popular at the time.
What a pity we can no longer do this.