Electoral Subtext
Whether you're monitoring the voting process or the status of your most valued server, you better have a Plan B
No worries... This isn't another article about voting machines or Internet voting. I have strong feelings about those issues, and since I vote absentee in nearly every election, Internet voting (properly implemented) would cut down on the paperwork and planning that my wife and I do. But as I said, this isn't about either of those topics. This is about the election that was held April 1 here in Cambodia.
Democracy in Cambodia is very young, and like most young democracies with one extremely strong party and a few minor ones, there is always a significant question about fairness. Everybody knows that before the election some votes are purchased, some people are intimidated, and myriad other dirty tricks are perpetrated. But for every election, a big chunk of the expatriate community in Cambodia spends the day going around to polling places, getting hotter, sweatier, and dustier than they otherwise would have, watching the extremely dull process of people standing in lines, voting, and getting their fingers marked with ink.
Like many places, Cambodia has regulations about when and where parties can campaign. For example, no campaigning is allowed starting the day before the election. The nominal reason for this is to give people a chance to think about their vote without disruption for at least 24 hours. This strikes me as a decent idea, and although I've been here long enough to suspect other motives as well, it could even be true.
What does all this have to do with technology? Well, in this last election there was a bit of a controversy surrounding a rule put in place by the National Electoral Commission. They ordered all mobile phone companies in the country to turn off SMS (text messaging) starting the day before the election going until the closing of the last polls. The reason given was that they were hoping to avoid SMS spam campaigns, which have been used in the past.
The problem with this is that it also interfered with the ability of the monitors to report back to their central sites the results from polling places. They were able to use voice to report in, but as we all know there is a reason that the children's game is called "telephone." That of course was compounded by problems of different languages spoken by people on each end of the phone.
Was this some nefarious plot by the ruling party to interfere with the election observers? Probably not. I suspect this was one of those situations where the NEC would have been criticized for either allowing the inevitable SMS spam, or for interfering with observers.
The problem it highlights is not exactly novel, but it is interesting. In a place like this, where you are lucky to have one form of communications technology available, people tend to rely entirely too much on that one form. This is one case where I really think the observers made a common mistake -- no backup plans. The SMS system was innovative, really a good idea.
But not having a plan to fall back on when SMS failed (as it has been known to do even without government interference) was just boneheaded. The reaction of blaming the government and coming up with a political motive is easy to understand, particularly here where stated motives are almost never the only ones. That, however, just makes the backup system more critical.
All too many times we fail to think about what's going to happen when what seems like our only option fails. Graceful degradation of service (in this case it could have amounted to guys on motorcycles carrying notebooks, a radio system, or some other form of wireless communication) is an important characteristic of any critical system, be it an e-commerce site or an election. Yet another example of how increasing reliance on technology has impaired many people's ability to see solutions that in previous decades would have been obvious.
— Nathan Spande has implemented security in medical systems during the dotcom boom and bust, and suffered through federal government security implementations. Special to Dark Reading.
About the Author
You May Also Like
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024