Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Diebold Global Election Management System (GEMS) Backdoor Account

from [Atom 'Smasher'] Network Security [Permanent Link]
Subject: Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes
Date: Wed, 22 Sep 2004 03:43:11 -0400 (EDT) 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Tue, 21 Sep 2004 pressinfo@diebold.com wrote:

Diebold strongly refutes the existence of any "back doors" or "hidden codes" in 
its GEMS software.  These inaccurate allegations appear to stem from those not familiar with the 
product, misunderstanding the purpose of legitimate structures in the database.  These structures 
are well documented and have been reviewed (including at a source code level) by independent 
testing authorities as required by federal election regulations.

In addition to the facts stated above, a paper and an electronic record of all cast ballots are retrieved from each individual voting machine following an election. The results from each individual machine are then tabulated, and thoroughly audited during the standard election canvass process. Once the audit is complete, the official winners are announced. Any alleged changes to a vote count in the election management software would be immediately discovered during this audit process, as this total would not match the true official total tabulated from each machine. 
==================

oops, looks like no one told you that this is a forum of computer security professionals who understand the difference between a insecure machine and a press release. you can "strongly refute" all you want: until the code is available for public scrutiny it will remain suspect. but if it's written as poorly as is rumored, exposing it to public scrutiny would only confirm that it's insecure either through carelessness or intent.


    ...atom

 _________________________________________
 PGP key - http://atom.smasher.org/pgp.txt
 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
 -------------------------------------------------

        "I am committed to helping Ohio deliver its electoral
         votes to the president [Bush] next year"
                -- Walden O'Dell, CEO of Diebold
                August 2003
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.6 (FreeBSD)
Comment: What is this gibberish?
Comment: http://atom.smasher.org/links/#digital_signatures

iQEcBAEBCAAGBQJBUS0VAAoJEAx/d+cTpVcippgIAI8Ska514i55Gc2qUp5ohOlD
AB98+5njJg6dEkNiCw3B6jQSm3WHSWxX45KMlvJypa+na1wNaloNZ6IsrMpqwwRq
O64blBv6s54uexIHw0oZcPqf/LTyg3CV4BtClZl+DZ7VjC/lWRl8PMTGj5tUTfD+
oXB8h7UdrycqsWubrG8UJ0JJeFWbVy98cvw3rjdTFSZXykai5PC8hFkwEHcqc848
7i93d4Qya3DdAAOFqaLWQt2wyegCDv8+r/qJa9VzDq9m7WNVshPyPfSiedh87gwo
81YzVqglhEdjE+gfjKFYXQub5TM3CppV99bsyd1oTLK3l86Jdtbz7ks/Uyn0Vs0=
=Dfkb
-----END PGP SIGNATURE-----

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Example of JPG Exploit & Shellcode, javier falbo
Next by Date:  aspWebCalendar /aspWebAlbum: SQL injection, Pedro Sanches
Previous by Thread:  Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes, Marvin Bellamy
Next by Thread:  RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes, Polazzo Justin
Indexes:  [Date] [Thread] [Top] [All Lists]