Thursday, August 09, 2007

Schneier on Assurance

Bruce Schneier uses voting machines as an example of how backwards (software) security can be and how Assurance is used when more security is required, at greater expense.

California has conducted a security review of all electronic voting machines used and found serious flaws in each of them. They've been decertified and yet "California Secretary of State Debra Bowen has conditionally recertified the machines for use, as long as the makers fix the discovered vulnerabilities and adhere to a lengthy list of security requirements designed to limit future security breaches and failures." The problem is, it's pretty probable that these aren't the only vulnerabilities, merely the only ones found.

Read the whole article, it's short.

No comments: