| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <41589F99.8040702@broadtime.com> Date: Mon, 27 Sep 2004 18:17:45 -0500 From: Brian Kirkbride <brian@...adtime.com> To: bugtraq@...urityfocus.com Subject: Re: Diebold Global Election Management System (GEMS) Backdoor Account I'm a lurker myself but am keenly interested in the problem. I have to agree 100% with Ryan's statement. This is a point that few people make in this argument, because the discussion has been spun to focus on _proving_ some sort of malicious intent on Diebold's part. I disagree with that fundamental statement of the argument. These people have demonstrated that they are ignoring all of the "right" ways to perform their task (both technically and ethically) and have repeatedly used press releases and legal maneuver to avoid addressing the issues people have with their software. This sort of behaviour is commonplace when it comes to corporations because it is usually less painful financially than doing what is right. But I cannot agree more strongly with the point that this particular service is one that should be performed without profit as the highest motive. For those at Diebold that cry foul at those of us that feel the election is more important than their quarterly statement, I humbly suggest that they should choose a less vital service to bring to market. Imagine a company complaining that reliable medical systems would be too costly to implement and would affect their bottom line. There is a greater standard to uphold. - Brian Kirkbride Ryan_Ward@...l.com wrote: > I usually lurk as well, but wanted to respond to your question. > > There's so much debate for one simple reason. All the known solutions > have been ignored. This is why everyone is getting so upset on this > issue. Companies like Diebold have ignored all the previous work on > this subject, work done by people like Bruce Schneier. They've ignored > all the problems with their system, up to and including their complete > lack of verifiability. They're already, in a rather short history in > this field, shown a complete lack of accountability (think the various > unapproved revisions that got them sued in California). > That they've been so determined to weasel around the _known_ solutions > to these issues casts a great deal of suspicion on them. Their > continued resistance to even the simplest fixes, combined with their > repeated denials of any problems, is only making things worse. > > Unfortunately, I don't see any major changes to this happening until > some state's electoral votes go to CowboyNeal or Bill the Cat... > > Ryan (Not speaking for Dell in any way, shape or form) > "Every election is a sort of advance auction sale of stolen goods." > -- H. L. Mencken >
Powered by blists - more mailing lists