“Security though obscurity” is a concept that has been thoroughly discredited for decades. It means basing your security on the idea that “nobody will ever think of that”. It’s the computer equivalent of putting your front door key under the flower pot on your step.
Being discredited is no proof against its use, of course, and security though obscurity continues to be employed widely. One example is encryption. It may be counter-intuitive, but encryption is more secure if all of its internal workings are known, because flaws and shortcomings can be detected and eliminated by analysis. Yet, unpublished encryption schemes are still often used, and often, the company doing it learns the hard way.
One of the applications of computers where you might expect the very best in security is in electronic voting machines. Well, you might expect it, but you’d be disappointed. In the US, where electronic voting is common, including in Presidential elections, Premier Election Systems (formerly Diebold Election Systems Inc.) is by far the market leader, said to have captured 80% of electronically cast votes in the USA. Avi Rubin, Professor of Computer Science at Johns Hopkins University and Technical Director of the Information Security Institute has analyzed the source code used in these voting machines and reports “this voting system is far below even the most minimal security standards applicable in other contexts.”
Because the software is not available to others to analyze, PES continues to argue that the machines’ operation is “secure”. Campaigner Bev Harris has published a book, ‘Black Box Voting’, (http://www.blackboxvoting.org/) with details of how PES and other machines have been hacked by researchers and persuaded to lose or change votes.
(As an interesting aside, some of the original voting software which Diebold acquired when it bought Global Election Systems was written by one Jeff Dean, who was previously convicted of putting deliberate security trapdoors into ATM software.)
If you were going to design a voting machine, you wouldn’t base it on a normal desktop computer, because that would be far too complicated and would be impossible to make secure. Surely. But probably the last thing you’d do would be to let people load memory cards into it, right? I mean, there could be any kind of viruses or malware on them.
That’s why I love this cartoon on http://xkcd.com/463/
(Some background at http://www.informationweek.com/news/global-cio/legal/210000402 )