Re: E-voting Triad Objects to Voting Machine Criticisms

From: Jim Soper <somethoughts_at_aol_dot_com>
Date: Wed Aug 01 2007 - 18:36:15 CDT

My response?to the following type of statement:

Neil McCleur, Hart Intercivic: "The Red Team was provided all technical information including source code of the system."
( http://abclocal.go.com/kfsn/story?section=politics&id=5525627 )

o This is not a game of gotcha. These were serious, professional studies designed to find out fully and exactly what we are dealing with. To plug as many holes as possible, you have to know everything you can about the machines. This is what the team is trying to do, which is why they needed the source code. What is lacking was enough time to complete their professional work.

o The Sequoia red team report stated at the end : "All the attacks described in this report can be carried out without any knowledge of the source code." (pg 12).

o Diebold's source code is already out on the Internet. So the source code is available to anybody who wants it. The default encryption code has not changed for 10 years.

o The most dangerous type of attack is that of an insider on the central tabulator databases. This is relatively simple to do, and can take less than 90 seconds ( www.countedascast.com/issues/security.php#tabulator ). Sequoia and Diebold use standard Microsoft databases running on MS Windows. The Red Team had no access to the Microsoft source code, yet was able to change the databases anyway. Please note that a former Monterey County registrar is now sitting in jail for being dishonest, so insider threats are not just theoretical.

o Screwdrivers and minibar keys have no source code, yet the red team was able to work their way around security tapes and locks and break into the machines, at which point they had full access to do whatever they wanted. It would take at most a few minutes to plant a virus that could be carried back to the central tabulator. Since thousands of machines "sleepover" at polling stations at least one night before the election, that gives people with access to the garage or church where they are stored more than enough time. To do real damage to democracy, you do not need a PhD in computer science to slip a card into a slot, only access to 1 machine.
About tamper-evident tapes : The red teams, as well as Bev Harris, have demonstrated that it is possible to replace tamper-evident tapes with new ones. With the proper resources (money), it should also be possible to obtain duplicates of tapes with serial numbers on them and replace the previous ones after opening the machine up.

Debra Bowen is carrying out the mandate of the people of California who elected her to protect our sacred right to vote, and to have those votes counted as cast. She deserves everybody's full support.

Jim Soper

(510) 258 4857
www.CountedAsCast.com

________________________________________________________________________
AOL now offers free email to everyone. Find out more about what's free from AOL at AOL.com.

_______________________________________________
OVC-discuss mailing list
OVC-discuss@listman.sonic.net
http://lists.sonic.net/mailman/listinfo/ovc-discuss
By sending email to the OVC-discuss list, you thereby agree to release the content of your posts to the Public Domain--with the exception of copyrighted material quoted according to fair use, including publicly archiving at http://gnosis.python-hosting.com/voting-project/
==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Fri Aug 31 23:17:03 2007

This archive was generated by hypermail 2.1.8 : Fri Aug 31 2007 - 23:17:07 CDT