The tipoff line is suggesting that there is an easy way to hack the overseas voting option on the Government’s website…
There is an online submission option and the form uses QR codes to authenticate each individual vote. It would be very easy to write a web service (small software / web application) which would generate every possible QR code configuration and submit it from individual IP addresses to the online form. Of course, this would render the referendum invalid. In security terms, this would be deemed similar to a DDOS attack.
If you submit every combination to the online form there would be no way to tell which were real vs fake
…perhaps this needs investigating before the results are declared on Thursday?
UPDATE: We have received this response …
No, because there are 4 billion public IPv4 addresses in the world, and
(at least) 99 billion permutations of the QR code on the Voting Paper.
Each attack would have a 1 mil/99 bil (0.00101%) chance of guessing the
“correct” QR code. An attacker would run out of IP address well before
being able to spoof 1 million votes (~the number of NZers living
overseas).If you used all 4 billion IP addresses, you would successfully fake
around 40,000 votes. As well over 1.7 million voting papers have been
returned
(http://www.elections.org.nz/events/referendums-new-zealand-flag-0/voting-second-referendum/voting-statistics), the effect of such an attack on the outcome would probably be
negligible.
one thing is for sure John Key will be desperate for a win for his flag despite all the polls saying New Zealanders want to keep their existing flag
…really if the referendum can be sabotaged then it is null and void and heads should roll
There is no way I would entrust my vote to an on-line, electronic system.
The possibility of hacking and scrutiny by our Respected & Trusted spy agencies is just too great.
Paranoia?
Let’s ask Kim Dotcom, Keith Locke, Phil Goff, or the 88 other New Zealanders who’ve been illegally spied on by the GCSB.
yes who are they?…these enemies of the state?…I expect it would be a huge embarrassment if they were named
really the Labour Party has betrayed New Zealanders by not asking for the exposure for all to see of those named….and allowing and legitimising and extending the illegal spying on New Zealanders…
Is the online Flag Referendum easy to hack? Yes, dead easy.
Comments are closed.