Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Diebold Global Election Management System (GEMS) Backdoor

from [Geoff Vass] Network Security [Permanent Link]
Subject: RE: Diebold Global Election Management System (GEMS) Backdoor
Date: Tue, 28 Sep 2004 11:00:16 +0930 
I don't think Jeremy was arguing that "killing free enterprise" is a
reason not to do something; it's the reason given by the people who oppose
scrutiny in this area.

This is a common political tactic, if you oppose something, you pick
something in the argument that's off-topic or even irrelevant and then
thrash it. So in this case if people are asking for open source voting
software, the rebuttal that comes back is: "you're killing free
enterprise" and the argument stops dead. You can't win an argument like
this because they can't and won't address the underlying reason for the
call for open source (ie. integrity in voting systems).

If you ask for VVPATs, you can't rebutt it with an argument that
misdirects into an esoteric debate about open source. You can only rebutt
by speaking to the issue. So they have to come up with a reason why they
don't want VVPATs and it might be a good reason or a lame reason. And this
is what you want: proper debate.

When you are dealing with something political you need to go right to the
heart of the matter and not get emotional or try to load up the issue with
other things. In this case, it seems to me that open source is one way to
achieve a certain result, but the "way" is not the issue, the "result" is.
You have to argue about the "result".

Geoff Vass

-----Original Message-----
From: Paul Wouters [mailto:paul@xtdnet.nl]
Sent: Monday, 27 September 2004 20:56
To: Jeremy Epstein
Cc: bugtraq@securityfocus.com
Subject: RE: Diebold Global Election Management System (GEMS) Backdoor


On Thu, 23 Sep 2004, Jeremy Epstein wrote:


(1) I agree that source code should be inspected by someone truly
independent and competent, and that the standards for approving voting
machines should be stronger.  However, that's NOT the same as open

source.

And I'd strongly discourage folks from calling for open source, as it

plays

directly into the hands of folks like Diebold, who claim that the people
(like me) who want Voter Verified Paper Audit Trails (VVPATs) are really
trying to kill free enterprise.


Free enterprise is not the issue here. Audit trails are. If it means that
somewhere someone cannot make a profit, then so be it. Unless you declare
democracy dead, and instate the Corporate Republic. The 'free market'
should not be a main consideration in voting security. If you cannot relay
that message to your government, then either you or your government is not
the right one for its task.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • RE: Diebold Global Election Management System (GEMS) Backdoor, Geoff Vass <=
Previous by Date:  Re:[4] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue, advisories
Next by Date:  Re: New whitepaper "The Phishing Guide", Aleksandar Milivojevic
Previous by Thread:  Re:[4] Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue, advisories
Next by Thread:  iDEFENSE Security Advisory 09.29.04 - Macromedia JRun 4 mod_jrun Apache Module Buffer Overflow Vulnerability, customer service mailbox
Indexes:  [Date] [Thread] [Top] [All Lists]