[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040922033349.Q344@willy_wonka>
Date: Wed, 22 Sep 2004 03:43:11 -0400 (EDT)
From: Atom 'Smasher' <atom@...picious.org>
To: bugtraq@...urityfocus.com
Subject: Re: Diebold Global Election Management System (GEMS) Backdoor
Account Allows Authenticated Users to Modify Votes
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Tue, 21 Sep 2004 pressinfo@...bold.com wrote:
> Diebold strongly refutes the existence of any "back doors" or "hidden codes" in its GEMS software. These inaccurate allegations appear to stem from those not familiar with the product, misunderstanding the purpose of legitimate structures in the database. These structures are well documented and have been reviewed (including at a source code level) by independent testing authorities as required by federal election regulations.
>
> In addition to the facts stated above, a paper and an electronic record of all cast ballots are retrieved from each individual voting machine following an election. The results from each individual machine are then tabulated, and thoroughly audited during the standard election canvass process. Once the audit is complete, the official winners are announced. Any alleged changes to a vote count in the election management software would be immediately discovered during this audit process, as this total would not match the true official total tabulated from each machine.
==================
oops, looks like no one told you that this is a forum of computer security
professionals who understand the difference between a insecure machine and
a press release. you can "strongly refute" all you want: until the code is
available for public scrutiny it will remain suspect. but if it's written
as poorly as is rumored, exposing it to public scrutiny would only confirm
that it's insecure either through carelessness or intent.
...atom
_________________________________________
PGP key - http://atom.smasher.org/pgp.txt
762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
-------------------------------------------------
"I am committed to helping Ohio deliver its electoral
votes to the president [Bush] next year"
-- Walden O'Dell, CEO of Diebold
August 2003
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.3.6 (FreeBSD)
Comment: What is this gibberish?
Comment: http://atom.smasher.org/links/#digital_signatures
iQEcBAEBCAAGBQJBUS0VAAoJEAx/d+cTpVcippgIAI8Ska514i55Gc2qUp5ohOlD
AB98+5njJg6dEkNiCw3B6jQSm3WHSWxX45KMlvJypa+na1wNaloNZ6IsrMpqwwRq
O64blBv6s54uexIHw0oZcPqf/LTyg3CV4BtClZl+DZ7VjC/lWRl8PMTGj5tUTfD+
oXB8h7UdrycqsWubrG8UJ0JJeFWbVy98cvw3rjdTFSZXykai5PC8hFkwEHcqc848
7i93d4Qya3DdAAOFqaLWQt2wyegCDv8+r/qJa9VzDq9m7WNVshPyPfSiedh87gwo
81YzVqglhEdjE+gfjKFYXQub5TM3CppV99bsyd1oTLK3l86Jdtbz7ks/Uyn0Vs0=
=Dfkb
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists