| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 22 Sep 2004 03:43:11 -0400 (EDT) From: Atom 'Smasher' <atom@...picious.org> To: bugtraq@...urityfocus.com Subject: Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Tue, 21 Sep 2004 pressinfo@...bold.com wrote: > Diebold strongly refutes the existence of any "back doors" or "hidden codes" in its GEMS software. These inaccurate allegations appear to stem from those not familiar with the product, misunderstanding the purpose of legitimate structures in the database. These structures are well documented and have been reviewed (including at a source code level) by independent testing authorities as required by federal election regulations. > > In addition to the facts stated above, a paper and an electronic record of all cast ballots are retrieved from each individual voting machine following an election. The results from each individual machine are then tabulated, and thoroughly audited during the standard election canvass process. Once the audit is complete, the official winners are announced. Any alleged changes to a vote count in the election management software would be immediately discovered during this audit process, as this total would not match the true official total tabulated from each machine. ================== oops, looks like no one told you that this is a forum of computer security professionals who understand the difference between a insecure machine and a press release. you can "strongly refute" all you want: until the code is available for public scrutiny it will remain suspect. but if it's written as poorly as is rumored, exposing it to public scrutiny would only confirm that it's insecure either through carelessness or intent. ...atom _________________________________________ PGP key - http://atom.smasher.org/pgp.txt 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808 ------------------------------------------------- "I am committed to helping Ohio deliver its electoral votes to the president [Bush] next year" -- Walden O'Dell, CEO of Diebold August 2003 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.3.6 (FreeBSD) Comment: What is this gibberish? Comment: http://atom.smasher.org/links/#digital_signatures iQEcBAEBCAAGBQJBUS0VAAoJEAx/d+cTpVcippgIAI8Ska514i55Gc2qUp5ohOlD AB98+5njJg6dEkNiCw3B6jQSm3WHSWxX45KMlvJypa+na1wNaloNZ6IsrMpqwwRq O64blBv6s54uexIHw0oZcPqf/LTyg3CV4BtClZl+DZ7VjC/lWRl8PMTGj5tUTfD+ oXB8h7UdrycqsWubrG8UJ0JJeFWbVy98cvw3rjdTFSZXykai5PC8hFkwEHcqc848 7i93d4Qya3DdAAOFqaLWQt2wyegCDv8+r/qJa9VzDq9m7WNVshPyPfSiedh87gwo 81YzVqglhEdjE+gfjKFYXQub5TM3CppV99bsyd1oTLK3l86Jdtbz7ks/Uyn0Vs0= =Dfkb -----END PGP SIGNATURE-----
Powered by blists - more mailing lists