Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Diebold Global Election Management System (GEMS) Backdoor Acc ount

from [Hugo van der Kooij] Network Security [Permanent Link]
Subject: RE: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes
Date: Tue, 28 Sep 2004 07:32:09 +0200 (CEST) 
On Mon, 27 Sep 2004, David Brodbeck wrote:


-----Original Message-----
From: Claudius Li [mailto:aprentic@sectae.net]



So my question is, given that this seems to be a solved
problem why is there so much debate on finding the solution?
Surely I am missing something obvious.


You're missing the social dynamics around it.  There are several parties
involved:

- State officials who actually pick the voting equipment.  They generally
are politicians, with a background in law or business.  They don't
understand the complicated technical issues behind electronic voting.

- Companies who build the voting equipment.  Their motive is profit.  They
want to get a marketable product out quickly and cheaply.  They perceive
(correctly) that the audience they're selling to does not understand or care
about complicated security issues, and can be easily impressed by trivial
but sophisticated-looking features.

- The public.  They don't understand these issues either, and they have a
short attention span.

- The news media.  They don't push security issues because they lack good
visuals and don't fit into a 15-second news spot.  Anything longer and
they'll lose their audience (see above.)

- Computer scientists and voting activists.  They *do* understand the
issues, but are unable to explain them in a way the news media, the public,
and state officials find compelling and understandable.  The companies who
build the equipment can easily label them as alarmists or conspiracy
theorists.


Any country where the average attention span is only 15 seconds is not fit
to be a democracy. So who cares wether or not elections are fake or
staged for them?

But beyond that sad observation I think we can discuss this issue here
untill untill the end of times but it will have very little impact.

If you care about it go about and find where the decision makers are and
point it out to them in a way they understand. If a device can be made to
work in their favor it may just as well be used to remove them if the
minds of those who control it are changing opinions. (Provided that is the
case.)

I guess we should return to the more technical stuff here and let the
political debate be held on more public places.

Hugo.

-- 
 All email sent to me is bound to the rules described on my homepage.
    hvdkooij@vanderkooij.org            http://hvdkooij.xs4all.nl/
            Don't meddle in the affairs of sysadmins,
            for they are subtle and quick to anger.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Samba Security Announcement -- Potential Arbitrary File Access, Gerald (Jerry) Carter
Next by Date:  Re:[4] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue, advisories
Previous by Thread:  Re: Diebold Global Election Management System (GEMS) Backdoor Acc ount Allows Authenticated Users to Modify Votes, Aleksandar Milivojevic
Next by Thread:  Yahoo! Store Security Advisory, Stuart Moore
Indexes:  [Date] [Thread] [Top] [All Lists]