Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Diebold Global Election Management System (GEMS) Backdoor Account

from [David Querin] Network Security [Permanent Link]
Subject: RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes
Date: Wed, 22 Sep 2004 15:18:41 -0400 
It seems these devices are illegally deployed, regardless.  They're not
upheld to the same Information Assurance requirements necessitated for other
governmental information technologies, including FIPS140-2 and Common
Criteria.  Instead, these electronic voting systems have been "approved" by
unnamed, unsupervised third parties with vested interests in these systems
being deployed.  It's absurd.

-----Original Message-----
From: Jaeson Schultz [mailto:jaeson@jaeson.net] 
Sent: Wednesday, September 22, 2004 12:33 PM
To: pressinfo@diebold.com; bugtraq@securityfocus.com
Subject: RE: Diebold Global Election Management System (GEMS) Backdoor
Account Allows Authenticated Users to Modify Votes


How about providing the source code so we can see for ourselves?  Shouln't
the machines used for elections in a democracy such as The United States of
America be open to such review?  Just because you refute the existence,
doesn't mean that the "back doors" or "hidden codes" aren't there.  Only the
source code can prove that.  Why should we just take your word for it?

~Jaeson Schultz


-----Original Message-----
From: pressinfo@diebold.com [mailto:pressinfo@diebold.com] 
Sent: Tuesday, September 21, 2004 8:05 AM
To: bugtraq@securityfocus.com
Subject: Re: Diebold Global Election Management System (GEMS) Backdoor
Account Allows Authenticated Users to Modify Votes


In-Reply-To: <20040831203815.13871.qmail@www.securityfocus.com>

Diebold strongly refutes the existence of any "back doors" or "hidden codes"
in its GEMS software.  These inaccurate allegations appear to stem from
those not familiar with the product, misunderstanding the purpose of
legitimate structures in the database.  These structures are well documented
and have been reviewed (including at a source code level) by independent
testing authorities as required by federal election regulations.

 

In addition to the facts stated above, a paper and an electronic record of
all cast ballots are retrieved from each individual voting machine following
an election. The results from each individual machine are then tabulated,
and thoroughly audited during the standard election canvass process. Once
the audit is complete, the official winners are announced.  Any alleged
changes to a vote count in the election management software would be
immediately discovered during this audit process, as this total would not
match the true official total tabulated from each machine.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  MDKSA-2004:100 - Updated mpg123 packages fix vulnerabilities, Mandrake Linux Security Team
Next by Date:  Re: ICMP spoofed source tunneling, sin
Previous by Thread:  Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes, Heikki Korpela
Next by Thread:  Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes, Jay Hennigan
Indexes:  [Date] [Thread] [Top] [All Lists]