This paper presents a fully independent security study of a Diebold AccuVote-TS voting machine, including its hardware and software. We obtained the machine from a private party. Analysis of the machine, in light of real election procedures, shows that it is vulnerable to extremely serious attacks. For example, an attacker who gets physical access to a machine or its removable memory card for as little as one minute could install malicious code; malicious code on a machine could steal votes undetectably, modifying all records, logs, and counters to be consistent with the fraudulent vote count it creates. An attacker could also create malicious code that spreads automatically and silently from machine to machine during normal election activities — a voting-machine virus. We have constructed working demonstrations of these attacks in our lab. Mitigating these threats will require changes to the voting machine's hardware and software and the adoption of more rigorous election procedures.
sporadically produced odds, ends, and essaylets on any number of topics from programming to politics, paramecia to puff pastries.
Saturday, September 16, 2006
Speaking of Bad Voting Systems
Security Analysis of the Diebold AccuVote-TS Voting Machine
The Definition of a Hacker
Bruce Schneier wrote:
I'd say, for INTJ hackers, at least, this definition is incomplete. An INTJ must understand the system, it's our nature to do so, and the only way to understand a system is to watch it flex, to get down underneath it, around it, surround it, and know its every aspect. Because only then do you see the true boundaries -- where it cannot shift, and where it can. Only then do you achieve true understanding of how, and quite frequently, why, the system is the way it is.
The vague definition Schneier provides encompasses this quite well: "Understanding how the...system worked -- that was the true prize."
A hacker is someone who experiments with the limitations of systems for intellectual curiosity.
I'd say, for INTJ hackers, at least, this definition is incomplete. An INTJ must understand the system, it's our nature to do so, and the only way to understand a system is to watch it flex, to get down underneath it, around it, surround it, and know its every aspect. Because only then do you see the true boundaries -- where it cannot shift, and where it can. Only then do you achieve true understanding of how, and quite frequently, why, the system is the way it is.
The vague definition Schneier provides encompasses this quite well: "Understanding how the...system worked -- that was the true prize."
"I can't imagine basing the success of an election on something so fragile as these terrible, buggy machines."
And that's Avi Rubin's report of the Maryland primary, 2006, in a nutshell.
I hope that we got it right in my precinct, but I know that there is no way to know for sure. We cannot do recounts.
Sunday, September 10, 2006
Feeding that fear is a true crime
And the media and the Bush Administration are guilty as hell.
I Remember Townsend... -- on VJ Day, Pearl Harbor, Sept 11th, and reporting the truth.
We know it. And it's time to show it. Boycott ABC and Disney, and vote the bums out of office.
We have a duty to the truth, neighbors. Don't back down.
I Remember Townsend... -- on VJ Day, Pearl Harbor, Sept 11th, and reporting the truth.
FDR was right. Fear itself is the enemy. It makes you do stupid things. It makes you close your eyes because you think it'll make the monsters in the closet disappear, too. Wallowing in fear does nothing. Feeding that fear is a true crime. Lying about it to entertain the masses or make a political point, however...well...that's just a sin.
We know it. And it's time to show it. Boycott ABC and Disney, and vote the bums out of office.
It's incumbant [sic] upon us as citizens to get it right, and you can't get it right if you're selective with the facts. The only way to get the facts is to listen and investigate. We as a nation have yet to do either in any satisfactory way.
We have a duty to the truth, neighbors. Don't back down.
Subscribe to:
Posts (Atom)