Create an Account
username: password:
 
  MemeStreams Logo

The Diebold FTP Story

search

Hijexx
Picture of Hijexx
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Hijexx's topics
Arts
  Movies
   Documentary
  Electronic Music
Business
  Finance & Accounting
  Telecom Industry
Games
Health and Wellness
Home and Garden
Miscellaneous
  Humor
Current Events
Recreation
Local Information
Science
  Biology
Society
  Politics and Law
   Civil Liberties
    Internet Civil Liberties
  Media
Sports
Technology
  Computer Security
  Linux
  High Tech Developments

support us

Get MemeStreams Stuff!


 
The Diebold FTP Story
Topic: Miscellaneous 12:59 pm EDT, Sep  9, 2003

Good analysis of Scoop's allegations and Diebold's rebuttal:

------

Allegation #53 (p. 16):
"Physical access to the voting results may not even be necessary to acquire the voting records if they are transmitted across the Internet."
Diebold Response:
... Results are not transmitted over the Internet.
My Added Comment:
But we know that result transmission uses telephone, PPP, and a username and password, from Page 14 of the Hopkins report, quoted in Allegation #40. Therefore, it is quite possible that election central will have a LAN connected using Internet protocol, perhaps used to connect a modem bank with a single PC. This LAN may not be as vulnerable as the public Internet, but it is vulnerable to packet snooping and several other attacks, and must therefore be carefully secured. Furthermore, if an adversary can dial into the PPP host and await connections, Trojan horse applications on the voting system could communicate with the adversary using PPP without talking to the GEMS system at all.

Allegation #54 (p. 16):
"The Diebold voting machines cannot work in isolation ..."
Diebold Response:
This is false. ... The primary form of output for the Ballot Station is the result tape ...
My Added Comment:
Diebold is wrong. Just because communication is accomplished using hand carried media such as the PCMCIA cards used to program the machine before the election and the printout used as the official election record does not mean that the machine is isolated. See my response to allegation #16! Hand carried PCMCIA cards need just as much protection as network communications. Furthermore, the printout from the machine is not necessarily the final result unless we make this printout before we make any modem connection that could admit an intruder; here, the Diebold system, because of its weak security, relies unnecessarily on strict adherence to correct polling place procedures. Not only that, but we are under increasing pressure to use the electronic record for canvassing, generally the one in the hand-carried PCMCIA card taken from the voting machine, but in the not-too-distant future, we may be pressured into using the result from the modem! That paper record wasn't even an option with Global's system when it was offered for sale to Iowa in 1997, and today, I gather that many jurisdictions don't look at it unless there's a call for a recount.

The Diebold FTP Story



 
 
Powered By Industrial Memetics
RSS2.0