lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <2147483647.1100978204@[192.168.2.100]>
Date: Sat, 20 Nov 2004 19:16:44 -0600
From: Paul Schmehl <pauls@...allas.edu>
To: Bart.Lansing@...ls.com
Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com
Subject: Re: University Researchers Challenge Bush Win
 	InFlorida


--On Friday, November 19, 2004 1:15 PM -0600 Bart.Lansing@...ls.com wrote:
>
> Paul, do you really feel that as long as the (potentially) fraudulent
> votes did not change the outcome (as far as we know...knowing absolutely
> nothing for certain at this point) it's perfectly ok that a method for
> fixing the e-votes exists and is in use...hypothetically?

Absolutely not.  In fact I think that voting systems should be checked 
*routinely* rather than waiting until just before (or after) an election to 
suddenly think about it.  (And by systems I mean not just the "boxes" but 
the people and the methodology involved.)

I *hope* that the work being done to determine the security of e-voting 
systems will continue and result in improvements in both awareness and 
security of the sytems.

> I'm just
> trying to understand where you are coming from on this...does it only
> stop becoming an acedemic excersize if the shoe is on the other foot?
>
It's *always* an academic exercise if it doesn't change the outcome.

What I object to is "studies" that purport to be scientific, but in fact 
are not.  For example, the "study" by Berzerley "scientists" that "proves" 
somewhere between 130,000 to 260,000 "excess" votes for Bush is seriously 
flawed.

"The conclusion that President Bush was more likely to improve his vote in 
counties with e-voting is laughable on its face. Using the Excel 
spreadsheet provided by the authors, I totaled the votes for counties with 
and without e-voting, and came up with this:

 Percentage Change for Bush in Counties WITH E-Voting: 2.25%
 Percentage Change for Bush in Counties WITHOUT E-Voting: 2.54%

 It looks like e-voting suppressed the President's vote by about 0.29% -- 
or 7,800 votes!

 Taking each of these counties as data points, was the President 
"significantly more likely" to have increased his support in counties with 
e-voting? Again, no.

 E-Voting Counties with Increased Bush Vote: 13/15 (86.7%)
 Non-E-Voting Counties with Increased Bush Vote: 46/52 (88.5%)"

<http://www.patrickruffini.com/archives/2004/11/fisking_berkele.php>

Just because someone or some institution has a credible name does not mean 
that you accept what they say without even bothering to think about it. 
Their "study" just invigorates the conspiracy theorist element of society 
without contributing anything substantive to the debate.

Paul Schmehl (pauls@...allas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists