Slashdot videos: Now with more Slashdot!
OK, all good points and truthful, for that side of the debate.
The reasons to go IP are: (1) flexibility for the future; (2) more sophisticated, integrated, and remote management; (3) lower cost cabling, particularly for future changes; and (4) more secure.
(1) The world is going IP, like it or not. You don't really know what the access control hardware of the future will look like. If you ever want to add biometric devices, cameras, or who knows what, that stuff will almost certainly be IP only.
(2) IP systems permit hardware and software to sold and upgraded separately. It is common to use existing security, identification, authorization, and logging of access control and physical security system using the IT departments existing infrastructure (RADIUS, TACACS+). You can't do this closed access control systems. Management can be done remotely, for example, in one central location to manage dozens of buildings, or using cloud-based services for smaller companies (like his). If you outsource HR (many people do), you might as well have them control the card-keys, too.
(3) Everybody we work for ends up having to run more cable AFTER the building is finished. Boy, is that expensive, using 'home runs' on special cable. (4) I will put modern, redundant switches up against any current door hardware for reliability -- but I get your point. IP connections are often very securely encrypted. Not true for the RS-485 cables. Either you or I could break into anywhere, if we had access to even one of those cables.
Anyway, its a good debate. I will also give your side credit for having more choices of hardware, currently.
I design IT for buildings.
Be sure to put in enough access points for wireless. If you can't afford a lot, at least pull the cat6.
If you want to use any kind of access control (card keys for doors) make that IP-based, not the ancient 6-wire proprietary cable.
If you want security cameras, those should all be Ethernet, too. Again, at least pull the cable and terminate it in a J-box.
Put in a small server room (size of an office) with extra air-conditioning, no window, and a heavy-gauge door.
As far a servers go, everything is going VMware now.
I agree that this is a hard problem and that there are many exposed 'weak links.'
But I don't think it is insolvable.
If someone were to offer $1 million to the best proposed solution, and a handful of $100,000 runner up prizes, the zillion smart people who read
There are some tricks that can be borrowed from current election checking. For example, look carefully at all of the user statistics -- compare to prior elections, registration stats, time of day, IP addresses, user PK certificates, comparison to other, "similar," voting domains, etc. This type of non-privacy-invading audit is good at identifying problems down to about 1% - 3% of the voting population. A hacker, trying something for the first time, has a good chance of getting located this way.
Another trick is sample audits -- a bit like "exit polls," where a fraction of voters are asked how the voted. This can be viewed as privacy invasion, but it happens all the time, now, so there is really no policy change. Again, this can find anomalies down to about 3%.
Another trick is post-election audits of PK certificates. Better late than never.
Another tool is to carefully monitor internet traffic to look for anomalies, particularly DOS attempts.
Another tool is to provide "hardened" computers that voters can use, at places smilar to today's polling locations -- senior centers, gov't offices. These machines have had some type of security audit. And yes -- this approach has its own risks, I know. I would suggest mixing this approach with user's own computers.
I know people want to use web browsers, but I would not do that. Voters have to download a totally dedicated app (see open source, below), and each app has PK signature.
Another trick is give some users hardware keys, like paypal and RSA use. Even if only 1% of voters have a hardware key this provides a very high degree of polling information and that can spot fraud down to a small fraction of a percent.
And finally, all software should be open source. Period. As pointed out repeatedly, relying on secrecy is pretty much a guarantee of breech.
I am not offering a solution here. I am merely pointing out that there are methods and tools that can be used as a starting point for a real solution.
Don't say a problem is insolvable until you have tried seriously to solve it.
And finally, no voting system is 100.000% perfect. Get over it. For example, no system prevents buying votes. No system prevents voters from lying. Build the best system you can.
Standards are never "owned." Except that the text is copyrighted to avoid corruption. Compliance with any Standard is strictly voluntary.
Standards are ABSOLUTELY too important for any one or two companies to control. A typical Standards committee (IEEE, ANSI, CCITT, etc) requires a minimum of 40 industry representatives and 75 to 80% positive vote from those members to pass. 100 members is more typical.
If you want Standards totally unencumbered, great! Volunteer. Most of the other people on the committee will agree with your intent.
Like or not, patents foster innovation. They have done so since the time of the Greeks, and the founding fathers built patent protection into the US Constitution.
A society that does not reward work in an investment with any way to protect the work will still be painting on cave walls.
And, by the way, Standards that people don't like, ARE ignored. Happens every day.