[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [atlarge-discuss] Security of elections Re: [atlarge-discuss] WHAT MOST MEMBERS WANT
espresso@e-scape.net wrote:
> >
...
> I can't speak to that issue (not having ever looked at the current
> membership list) but there are several kinds of security issues
> involved, whether the voting is on a Web site or by e-mail.
>
> 1. Membership status
>
> >From what has been said by Vittorio and others, we are indeed at
> a disadvantage when it comes to ensuring that no individual
> registers under multiple identities. We simply don't have the
> means and manpower to verify each registration, and the database
> in fact does not seem to provide enough information for us to
> do it if we had.
>
There is a tension here between our ideals - which for me, as I have stated
previously, include borderless Internet democracy - and our practicalities,
which include the fact that we are a budgetless organization in a world in
which security comes with a price. The more security we demand, the more it
costs. The higher our membership dues, the fewer people can afford to
belong.
> 2. Confirmation of information supplied
>
...
You have identified the concerns, and there is no perfect solution, no matter
how much we are willing to pay. No organization could prevent me from
registering with all of my three valid e-mail addresses. At this stage of
our existence, it is adequate to rely on good will: I don't *want* to vote
three times. Over the longer term, I think one solution to prevention of
multiple voting is to incorporate into the voting process itself some
mechanism which would prevent it from being automated. Force the human
element to emerge each time. I am not speaking simply of those schemes which
allow someone who wants access to his account, but has forgotten his
password, to substitute an item of personal information (mother's maiden name
for example) instead. I have had to use that sort of entry means myself at
times, and it works. Something along that line could be elaborated on.
...
>
> One of the deepest ironies within ICANNATLARGE.ORG is that
> probably nobody outside it thinks it's worth sabotaging but
> some of its members may be here for exactly that purpose and
> have the technical ability to do it.
>
I concur.
...
Demanding perfection at this stage is to force us out of existence. "The
best is the enemy of the good." The means of security should grow
organically as the organization grows.
---------------------------------------------------------------------
To unsubscribe, e-mail: atlarge-discuss-unsubscribe@lists.fitug.de
For additional commands, e-mail: atlarge-discuss-help@lists.fitug.de