Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

ICANN Election Begins. Issues?

By Arkady in Internet
Sun Oct 01, 2000 at 11:05:43 PM EST
Tags: Politics (all tags)

ICANN has sent out their announcement that the actual voting system for the Board of Directors election is now available. Their elections, it seems, will be run by election.com, a startup .com aiming to build themselves into a position of control over "e-voting" worldwide. Let's look at some of the implications of this, shall we?

Firstly, I find it troubling that ICANN, who claimed that the registration and nomination phases of this election were as broken as they were because they had insufficient funding (through there are definitely questions about the validity of this claim), has obviously forked over the cash for an outside company. Not only that, but election.com does not (as far as I can tell) publish even an estimate of election cost on their site.

Next, the election.com Privacy Policy is, while fairly progressive for the .com market, still fairly disturbing. It's not even linked off their front page, for one thing; the only page from which I could find it referenced was their "Order an Election" link in the nav-bar. Nothing like going out of their way to make sure you see it, eh?

The privacy policy has a lot of flexibility for how they can use information they gather, and does not prohibit them from collected any information they choose (except in the case of people under 17 years). To give credit, however, though they do allow themselves to change the policy without notice, they do specifically require themselves to use any data collected under the terms of whatever version of the policy was posted when the data was collected. This is sort of silly, of course, since some court cases have drifted towards saying that this is an obvious implication of a posted policy, but it does make it seem that they're at least aware of the issue.

Next, there's no evidence or mention of a neutral election monitor's involvement, as ICANN has promised repeatedly that there would be. I personally consider it likely that ICANN intends to claim election.com as their monitor, though I'm sure we call all see how absurd a claim that would be. As the contractor in the election, they obviously cannot be considered to be a neutral party.

Most importantly, however, is the question of election security. Pointing NetCraft at the ICANN election server reveals that the ICANN election is running on a Microsoft IIS server. I'm not going to belabor the Microsoft-bashing here, but IIS is clearly the least secure SSL web server available. To give an example, a simple search on Rootshell for IIS exploits gives 61 results (totalling locally hosted and remote results). The same search for Apache gives 34 total and for WebStar returns 0.

Obviously, these numbers are a mere gloss over the potential security issues, but they do point in the right direction. IIS is well known to be the least secure server available and Apache to be the most secure common server. Even the U.S. Army has recognized that Macintosh servers are the most secure available, as most security experts are well aware.

So, ICANN has at least these four serious issues in their construction of the election, and I'm sure that many more will come to light in the following two weeks, just as they have done in the previous phases of their process. With that background, I'd like to ask you to consider the following questions about this:

  • How important are these issues and are there others I've missed which would overshadow them? I, obviously, think these are the most important to show up so far, but I'm certainly open to new suggestions.
  • Without a monitor, can ICANN's results stand up to a legal challenge? They're bound by their Bylaws and procedures to hold these elections; demonstrable fraud would likely force a rerun, but without a monitor, there's no way to demonstrate it. The likelihood of fraud is much more difficult to demonstrate.
  • How legitimate can the election be is their server gets cracked? My personal opinion, though there are no ICANN procedures for it, is that any irregularity on the election servers would require a recasting of all ballots. ICANN, naturally, doesn't even have a provision for recount demands, much less for questioning the entire polling process.
  • What data about you will election.com be collecting and how will they be able to use it? How would a cracker be able to use it? Consider that they have your number, password and PIN; a cracker could easily extract this information (once the server is compromised). With that information compromised, it would be necessary to rerun the entire registration process before holding the final election over, since the cracker could vote as every "member" whose authentication info they've intercepted.

As a closing note, for those of you who are following the elections, there will be two events involving candidates in North America taking place this week. Harvard and MIT will be hosting debates among the candidates on Monday and Wednesday and the Electronic Frontier Foundation will be hosting a panel discussion between the three non-Board nominated candidates on Thursday.


Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure


Are you participating in the ICANN election?
o Yes, I'm a candidate 2%
o Yes, I was a nominee 2%
o Yes, I'm voting 18%
o Yes, I'm cracking their server 20%
o No, I wasn't able to register 11%
o No, I heard about it too late 9%
o No, it just helps them 2%
o No, I couldn't care less 32%

Votes: 43
Results | Other Polls

Related Links
o election.c om
o Privacy Policy
o Pointing NetCraft at the ICANN election server
o search on Rootshell for IIS
o The same search for Apache
o for WebStar
o hosting debates
o a panel discussion
o Also by Arkady

Display: Sort:
ICANN Election Begins. Issues? | 10 comments (10 topical, editorial, 0 hidden)
Issues (3.00 / 1) (#1)
by fvw on Sun Oct 01, 2000 at 07:40:51 PM EST

My main issue with this mess is that I can't even vote! After having to hit reload 20x to be able to log in, when It finally came to verifying my choices, the #$@^($* thing wouldn't accept my username/password/pin.

BTW, what's the current situation with all those people who didn't receive a PIN? Has that been sorted out yet?

Re: Issues (none / 0) (#2)
by Arkady on Sun Oct 01, 2000 at 07:46:23 PM EST

ICANN's official statement is, to paraphrase, "e;tough luck, bucko!". See their announcement at http://www.icann.org/announcements/icann-pr31jul00.htm:

This is regrettable; ICANN believes that At-Large membership should be open to all who are interested in joining. Unfortunately, any postponement of the registration deadline would have made it impossible to complete the elections this year, and the Board concluded that the continued implementation of the ICANN structure -- including the addition of At-Large representatives to ICANN's Board of Directors -- should move forward on schedule.

This disregard for minimal considerations of public participation and approval is, in my opinion, fairly typical of the ICANN Board's actions in general.

Turning and turning in the widening gyre
The falcon cannot hear the falconer;
Things fall apart; the centre cannot hold;
Mere Anarchy is loosed upon the world.

[ Parent ]
Re: Issues (none / 0) (#4)
by Eloquence on Mon Oct 02, 2000 at 12:48:51 AM EST

FWIW, I had the same problem. By now they should be able to handle the traffic. The fact that they're using Microsoft IIS is also a scary precedent. Imagine this would ever be done in case of real elections.. "I'm sorry, we cannot accept your vote at this time. Please contact technical support."

Also, has has been pointed out in this TP article (German), the "Single Transferable Vote" (you choose the candidates according to preferences) system is fundamentally flawed because the candidate who would beat any other candidate in a direct comparison can lose through the redistribution of votes if a 50% majority is not reached for a single candidate.

This seems to be especially tailored for the European elections where two unfavorable candidates (Andy Mueller-Maguhn of the CCC hacker club and Jeanette Hoffmann, an anti-censorship sociologist) have been endorsed and stand against 5 (!) ICANN-nominated candidates, all industry lobbyists. Now with some number playing, it is well possible that the candidate with the overall "highest preference" is not the one with the most votes but one of the higher ranked ICANN-nominees.

Esther Dyson has already expressed her disdain at the possibility that an unfavorable ("objectively stupid", in her own words) candidate might be elected in Europe. With the voting system they have done their best to prevent this from happening. A truly open, democratic institution.
Copyright law is bad: infoAnarchy Pleasure is good: Origins of Violence
spread the word!
[ Parent ]

Re: Issues (none / 0) (#5)
by fvw on Mon Oct 02, 2000 at 05:59:21 AM EST

It's not a traffic problem as far as I can see, since a) the pages get served up quite quickly, and b) I can log in without probs now (not an overloaded SQL server). However, as soon as I try to confirm my votes the thing acts like it's never met me. So rude....

[ Parent ]
Re: Issues (none / 0) (#6)
by fvw on Mon Oct 02, 2000 at 11:23:24 AM EST

Yay, I voted. In case anyone cares, here's my list:
  1. Andy Mueller-Maguhn
  2. Jeanette Hofmann
  3. Winfried Schueller
  4. Oliver Popov
  5. Alf Hansen
  6. Olivier Muron
  7. Maria Livanos Cattaui

[ Parent ]
Lessons learned... (none / 0) (#3)
by data4000cr on Mon Oct 02, 2000 at 12:31:28 AM EST

Having received my pin, I can say they performed some part of the expectations that were expected.
Like the original poster, I share a strong dislike of almost everything else they have done and especially how they have continued to pull further away from a truly open organization.

My review of the articles and discussion on the election so far have really opened my eyes to the problems with the idea that the internet (in its present state) could support an user group as vast as the interest level which follows ICANN. I see the whole organization has a first test of such institutions and hope everyone involved or who wished that they could have been involved will learn just how easy it is for organizations to go bad...

As for the questions about: I think, in the unlikely event, that the servers were compromised, it would show even more just how much these types of organizations need to learn... The points about a monitor are valid and should have been addressed when the election process was first proposed, too late now but atleast it has been noted by the many who will read these postings.

I still view the whole thing as rather low key do to the fact the domain system is already showing an increasing level of problems (IP, etc.) and really just doesn't solve all the problems, it seems to create more than it should at the very least.

Perhaps, the experiment has already shown people how much we need to monitor those who we allow to control us or anything we care about... I'll vote after I've seen the debates.
Hey Sig, where are you?

Don't vote for board nominess... (none / 0) (#7)
by inti on Mon Oct 02, 2000 at 03:29:11 PM EST

Well, as for myself I had no problems logging in or voting. I'll be forced to miss the debate in Palo Alto,due to conflicting events, so I figured I might as well vote now.

My first criterion in voting was that the candidate not be a board nominee. That is, I placed the three self-nominated candidates as numbers 1-3, then ranked the board nominees after that. My personal vote (I'm in the North American region) was

  • 1: Karl Auerbach. Self-nominated. He seems a bit pompous and technocratic. But at least he's on our side when it comes to intellectual property issues. Also, he supports alternative DNS proects like OpenNIC.
  • 2: Emerson Tiller. Self-nominated. He's a lawyer, but let's not hold that against him. He seems to advocate keeping corporate interests in check, at least.
  • 3: Barbara Simons. Also seems to support alternatives to ICANN. Self-nominated.
  • 4: Donald Langenberg. Board-nominated. Tool.
  • 5: Larry Lessig. Board-nominated. Tool. Another lawyer. Not a bad guy, and his politics seem allright, but I will not vote for a board nominee. Sorry, Larry.
  • 6: Harris Miller. Board-nominated. Tool.
  • 7: Lyman Chapin. Board-nominated. Tool.

    You may not agree on my choice of Auerbach as the best of the three, but please do rank the three self-nominated candidates first. Send a message to Ms. Dyson et. al. that heavy-handed ballot-stacking is not acceptable behaviour.

    Claim your namespace.
    Support the OpenNIC

  • Re: Don't vote for board nominess... (none / 0) (#8)
    by Arkady on Mon Oct 02, 2000 at 05:47:01 PM EST

    I've voted now, since I managed to find that damn PIN letter. My selection are:

    Karl Auerbach
    Barbara Simons
    Emmerson Tiller

    I refuse to vote for a Board-nominee, despite the fact that Lessig would (in my humble) probably be preferable to Tiller.

    Turning and turning in the widening gyre
    The falcon cannot hear the falconer;
    Things fall apart; the centre cannot hold;
    Mere Anarchy is loosed upon the world.

    [ Parent ]
    Another Problem with election.com (none / 0) (#9)
    by Arkady on Mon Oct 02, 2000 at 05:56:15 PM EST

    I had originally though that it was just because the system was flooded that I couldn't get into it when I wrote the article yesterday. But nooooo. It turns out that elections.com's voting systems cannot be accessed from my main web browser (NetPositive), despite the fact that Net+ does have SSL support. I just get a generic error. But I can get in with Opera.

    Now, what sort of boneheadedness would cause this? Usually, in my experience, this is caused by some web monkey trying to produce Explorer and Navigator optimized sites and not bothering to include a default for folks who don't use either. My Opera is configured to identify itself as Navigator "compatible", but my Net+ identifies itself as itself. That's just a guess, of course, but it seems very likely.

    While this is _probably_ not a deliberate slight to users of non-mainstream software, it's certainly an insult.

    Turning and turning in the widening gyre
    The falcon cannot hear the falconer;
    Things fall apart; the centre cannot hold;
    Mere Anarchy is loosed upon the world.

    In case you're still deciding (none / 0) (#10)
    by rainbowfyre on Tue Oct 03, 2000 at 02:40:48 AM EST

    I attended a great debate tonight with 6 of the 7 ICANN candidates at the Harvard Law School. The event was webcast live, and is archived at this link. I might be worth you're while if you were lucky enough to register. <g>
    Vericon is coming!
    ICANN Election Begins. Issues? | 10 comments (10 topical, 0 editorial, 0 hidden)
    Display: Sort:


    All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
    See our legalese page for copyright policies. Please also read our Privacy Policy.
    Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
    Need some help? Email help@kuro5hin.org.
    My heart's the long stairs.

    Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!