[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040924192055.GF19540@kapsi.fi>
Date: Fri, 24 Sep 2004 22:20:55 +0300
From: Heikki Korpela <heko@....fi>
To: bugtraq@...urityfocus.com
Subject: Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes
Lorne J. Leitman wrote on "RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes":
> What's to stop them from giving you source code for one executable,
> and then installing something totally different on the machines, come
> election day?
This is, of course, a valid question -- and it sure ought to be raised.
Bringing up conspiracy theories (and the potential for simple human
mistakes) is actually a good thing, since that in part has the potential
to show us where it is possible for us to actually go wrong. Sadly,
often this potential is not used.
It does not simply follow from the fact that juries or parliaments or
electoral committees may be bribed or that they may make mistakes that
any arbitrary organization of such a group (or, more extensively, of a
system) is as good as another. Clearly, a bureau whose administrative
action is restricted by a constitution and other legislation is _less_
free to act stupidly or immorally than another that is not restricted
in such a way. Clearly, a bureau that includes a large, diverse group
of people is _less_ easily subject to bribery than another that
more clearly only represents a single "interest group". Clearly, a
bureau whose meetings are open to reporting by the mass media and are
documented in a way accessible to the public is _less_ easily subject to
take action that would seem condemnable in our eyes.
Such transparency and means of control make it _less_ probable that
careless, stupid or immoral acts are performed. It also makes our trust
in our government _less_ blind and _more_ justifiable (and, supposedly,
this in turn motivates us to act more prosocially). Ultimately, these
things have some intrinsic value in a democracy (in an open society).
Similarly, it is conceivable that a voting system is _less_ susceptible
to manipulation and errors if it is more transparent, better monitored
by several independent parties and better regulated by legislation.
We must first make it clear to ourselves that we wish to at least
_consider_ any conceivable risk of something going wrong and what are
the possible means to make it less probable that the risk actualizes.
Further, part of this evaluation involves considering "risk" in another
way: how does a person about to act carelessly, stupidly or immorally
conceive hir personal risk of doing so, and how may we influence hir
perception of that risk, to stop the person from acting in a condemnable
way? For example, even if we cannot fully ascertain that the correct
executable in this case is installed, we can set up a framework of
control that audits the build system and the process of installing the
software. Even if circumventing this system, too, in one way or another
is conceivable, any remotely rational person will at this point realize
that s/he is taking a rather great risk in trying to do so.
Yet another point is that it would only be logical to subject this
system of control to public surveillance and transparency itself.
It is rather worrying if an institution lacks the transparency and
framework of control to prove that the theories about conspiracies
and potential mistakes are obviously false, or at least that their
probability and potential effects are sufficiently minuscule. The kind
of trust required in those kinds of situations is definitely essential
in our personal relationships; however, it is not only stupid, but
ultimately immoral, to have such a blind faith in a government that has
no personal relation with us. Trusting something implies we have at
least some limited responsibility for that trust. Trusting a child with
a gun implies that we may somehow justify our conception that the child
will not harm hirself or others with the gun; trusting a president with
a military force implies that we have a defensible belief that s/he
will not wage an immoral war; trusting an administration to arrange an
election in a certain way implies that we can argue that the basic human
rights (to participate in decision-making by voting) are not violated in
the election.
--
Heikki - heko@....fi ; http://iki.fi/heko/
Powered by blists - more mailing lists