Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Diebold Global Election Management System (GEMS) Backdoor Account

from [Kurt Seifried] Network Security [Permanent Link]
Subject: Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes
Date: Sat, 25 Sep 2004 20:41:28 -0600
Why can't this all be done the same way Nevada handles modern slot machines? For example if you are playing a slot in Nevada and feel it's not behaving there is a 24 hour toll free number you can call and the Nevada Gaming Commission and they will send someone out to tear the machine apart and verify (among other things) that the software image in the machine corresponds to an approved one that is on file with the Nevada Gaming Commission. Slot machines undergo a torture test that involves 20,000 volt tasers to the outer case, lights (to try and confuse the pay out mechanism) and so on. The source code is reviewed and approved, kept on file with approved binary images, etc.

Seriously folks, if it can be done right for a nickel slot machine you think it could be done right for an electronic voting machine.


Kurt Seifried, kurt@seifried.org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/


[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [CLA-2004:870] Conectiva Security Announcement - imlib, Conectiva Updates
Next by Date:  Possible GDI Exploit Vector, james_love
Previous by Thread:  Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes, trh
Next by Thread:  Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes, Mike Healan
Indexes:  [Date] [Thread] [Top] [All Lists]