security for a voting system

[Jakebert]

I figured this should go here: feel free to move it if it's in the wrong place.

 

I wanted to discuss potential security issues and features that should be in an online voting platform (to be used for student council elections and such). Apart from hashing passwords, how would one go about reducing the possibility of fraud (either via MySQL injection, or some other nefarious device)? I'm afraid I'm not very experienced with security.

 

I know some of the paid softwares give every voter a special ID for each ballot they fill out, and that the numbers aren't actually stored in a database, but I have NO clue how to do that.

 

Does anyone have any experience with this?

[requinix]

Can you ensure that every person can have one and only one account somewhere? Then you can track who's voted that way.

Do you care about the possibility of knowing whether a specific person has voted or not?

[Jakebert]

Well I'm the only person registering people (i.e. I get the list of potential voters and add them all manually), so yeah, I think we can make it that everyone only votes once. I actually think it would be unethical for me to be able to see who voted what (I run the elections)- is there a way to get the total results but keep me from seeing the individual votes?

[requinix]

It's easy to make sure you don't know who voted for what. I mean knowing who has voted at all. If there shouldn't be a way for you to know that then it's still possible but exactly how depends on what kind of data you have available.

 

But if that's fine then all you need is a record of who has voted. Like a table of which user and which election. If they've voted on the election already then don't let them do it again.

[Jakebert]

Oh, I get what you mean. Well, yes, that part is easy and I imagine would be fairly simple to control. I guess what I'm asking is: are there any obvious or easy ways to break into a database or do a MySQL injection if all you have is a website with no textboxes? (since they only get radio buttons). As long as I make the database admin username and password complicated, is there any way for someone with some technical experience (e.g. annoying first-year computer science students) to break in?

[requinix]

Oh, I get what you mean. Well, yes, that part is easy and I imagine would be fairly simple to control. I guess what I'm asking is: are there any obvious or easy ways to break into a database or do a MySQL injection if all you have is a website with no textboxes?

Don't even ask the question. Always protect yourself against it, regardless of how easy you think it could be. Regardless of whether you think it's even possible.

Unless you're serving a static website then there will be user input somewhere.

 

(since they only get radio buttons)

Radio buttons qualify as user input.

 

As long as I make the database admin username and password complicated, is there any way for someone with some technical experience (e.g. annoying first-year computer science students) to break in?

Assume someone very smart will try.

 

 

Rule of thumb: users are malicious, smart, and have plenty of time and patience. You can never trust them.