Religions > Atheism > OT: "Electronic voting machines scare the bejesus out of IT security experts"
| Topic: |
Religions > Atheism |
| User: |
"Fear gan dia" |
| Date: |
13 Aug 2004 05:56:22 PM |
| Object: |
OT: "Electronic voting machines scare the bejesus out of IT security experts" |
http://www.nwfusion.com/columnists/2004/080904buzz.html
* 75% of the public has confidence or significant confidence
in e-voting, while 81% of the experts have none or little.
* 79% of the public believes e-voting is as likely or more
likely to accurately record and report their votes as paper
ballots, while half of the experts see e-voting as less likely
to be accurate.
* Half of the public respondents consider e-voting to be more
or much more secure than paper, whereas 83% of the experts say
it's less or much less so.
* More than half of the experts expressed concern about system
and programming errors and/or attempts to rig an election that's
conducted via e-voting, while less than one-quarter of the public
registered similar concerns.
--
The Very Irrev. Fear gan dia # http://goddamliberal.port5.com
"If you're a Democrat, you win when people think." - Bill Clinton
.
|
|
| User: "Fred Stone" |
|
| Title: Re: OT: "Electronic voting machines scare the bejesus out of IT security experts" |
13 Aug 2004 07:38:54 PM |
|
|
"Fear gan dia" <nddlqbtthhsn@dxnhhlqqhxxq.com> wrote in
news:411d4716.004@dxnhhlqqhxxq.com:
http://www.nwfusion.com/columnists/2004/080904buzz.html
* 75% of the public has confidence or significant confidence
in e-voting, while 81% of the experts have none or little.
It was nice of the authors of that article to note that the public
survey was conducted scientifically while the expert was not. Also nice
of them to note their own bias throughout the article by such comments
as "What we have here is a failure to communicate; specifically, a
failure on the part of those who know better to communicate their fears
to those who don't."
* 79% of the public believes e-voting is as likely or more
likely to accurately record and report their votes as paper
ballots, while half of the experts see e-voting as less likely
to be accurate.
* Half of the public respondents consider e-voting to be more
or much more secure than paper, whereas 83% of the experts say
it's less or much less so.
* More than half of the experts expressed concern about system
and programming errors and/or attempts to rig an election that's
conducted via e-voting, while less than one-quarter of the public
registered similar concerns.
--
Fred Stone
aa# 1369
Cthulhu for President! Why vote for a lesser evil?
.
|
|
|
| User: "Fear gan dia" |
|
| Title: Re: OT: "Electronic voting machines scare the bejesus out of IT security experts" |
14 Aug 2004 07:05:56 PM |
|
|
Verily verily I say unto you, it is written by Fred Stone
in <Xns9544D21061B16fstone69@207.69.154.202>:
"Fear gan dia" <nddlqbtthhsn@dxnhhlqqhxxq.com> wrote in
news:411d4716.004@dxnhhlqqhxxq.com:
http://www.nwfusion.com/columnists/2004/080904buzz.html
* 75% of the public has confidence or significant confidence
in e-voting, while 81% of the experts have none or little.
It was nice of the authors of that article to note that the public
survey was conducted scientifically while the expert was not.
In other words, they showed infinitely more intellectual
honesty than you are capable of. (See below.) Anyway, to
get reliable answers on a technical question, any intelligent
person would give more weight to an "unscientific" sampling
of experts in the relevant subject area than a scientific
sampling of the general population. But I don't know, maybe
you take a poll when you have a medical problem instead of
going to the doctor.
Also nice
of them to note their own bias throughout the article by such comments
as "What we have here is a failure to communicate; specifically, a
failure on the part of those who know better to communicate their fears
to those who don't."
They said nothing of the sort. You are attributing remarks
made by the columnist commenting on the report, to the authors
of the original report. Typical of your dishonest weasel tactics.
* 79% of the public believes e-voting is as likely or more
likely to accurately record and report their votes as paper
ballots, while half of the experts see e-voting as less likely
to be accurate.
* Half of the public respondents consider e-voting to be more
or much more secure than paper, whereas 83% of the experts say
it's less or much less so.
* More than half of the experts expressed concern about system
and programming errors and/or attempts to rig an election that's
conducted via e-voting, while less than one-quarter of the public
registered similar concerns.
--
The Very Irrev. Fear gan dia # http://goddamliberal.port5.com
"If you're a Democrat, you win when people think." - Bill Clinton
.
|
|
|
| User: "Fred Stone" |
|
| Title: Re: OT: "Electronic voting machines scare the bejesus out of IT security experts" |
14 Aug 2004 07:25:46 PM |
|
|
"Fear gan dia" <sxlrdhhhrnqh@rhssxnnxssxq.com> wrote in
news:411ea8e4.001@rhssxnnxssxq.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9544D21061B16fstone69@207.69.154.202>:
"Fear gan dia" <nddlqbtthhsn@dxnhhlqqhxxq.com> wrote in
news:411d4716.004@dxnhhlqqhxxq.com:
http://www.nwfusion.com/columnists/2004/080904buzz.html
* 75% of the public has confidence or significant confidence
in e-voting, while 81% of the experts have none or little.
It was nice of the authors of that article to note that the public
survey was conducted scientifically while the expert was not.
In other words, they showed infinitely more intellectual
honesty than you are capable of. (See below.) Anyway, to
get reliable answers on a technical question, any intelligent
person would give more weight to an "unscientific" sampling
of experts in the relevant subject area than a scientific
sampling of the general population. But I don't know, maybe
you take a poll when you have a medical problem instead of
going to the doctor.
Also nice
of them to note their own bias throughout the article by such
comments as "What we have here is a failure to communicate;
specifically, a failure on the part of those who know better to
communicate their fears to those who don't."
They said nothing of the sort. You are attributing remarks
made by the columnist commenting on the report,
So the author of the article at the URL you cited *did* write that.
to the authors
of the original report. Typical of your dishonest weasel tactics.
So, let's see, a columnist who displays his obvious bias writes an
obviously slanted editorial on the results of an admittedly unscientific
poll, and you compare this to "taking a poll when you have a medical
problem instead of going to a doctor?"
And you accuse *me* of weasel tactics?
* 79% of the public believes e-voting is as likely or more
likely to accurately record and report their votes as paper
ballots, while half of the experts see e-voting as less likely
to be accurate.
* Half of the public respondents consider e-voting to be more
or much more secure than paper, whereas 83% of the experts say
it's less or much less so.
* More than half of the experts expressed concern about system
and programming errors and/or attempts to rig an election that's
conducted via e-voting, while less than one-quarter of the public
registered similar concerns.
--
The Very Irrev. Fear gan dia # http://goddamliberal.port5.com
"If you're a Democrat, you win when people think." - Bill Clinton
--
Fred Stone
aa# 1369
Cthulhu for President! Why vote for a lesser evil?
.
|
|
|
| User: "Fear gan dia" |
|
| Title: Re: OT: "Electronic voting machines scare the bejesus out of IT security experts" |
14 Aug 2004 09:02:56 PM |
|
|
Verily verily I say unto you, it is written by Fred Stone
in <Xns9545CFD2E9FC6fstone69@207.69.154.201>:
"Fear gan dia" <sxlrdhhhrnqh@rhssxnnxssxq.com> wrote in
news:411ea8e4.001@rhssxnnxssxq.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9544D21061B16fstone69@207.69.154.202>:
"Fear gan dia" <nddlqbtthhsn@dxnhhlqqhxxq.com> wrote in
news:411d4716.004@dxnhhlqqhxxq.com:
http://www.nwfusion.com/columnists/2004/080904buzz.html
* 75% of the public has confidence or significant confidence
in e-voting, while 81% of the experts have none or little.
It was nice of the authors of that article to note that the public
survey was conducted scientifically while the expert was not.
In other words, they showed infinitely more intellectual
honesty than you are capable of. (See below.) Anyway, to
get reliable answers on a technical question, any intelligent
person would give more weight to an "unscientific" sampling
of experts in the relevant subject area than a scientific
sampling of the general population. But I don't know, maybe
you take a poll when you have a medical problem instead of
going to the doctor.
Also nice
of them to note their own bias throughout the article by such
comments as "What we have here is a failure to communicate;
specifically, a failure on the part of those who know better to
communicate their fears to those who don't."
They said nothing of the sort. You are attributing remarks
made by the columnist commenting on the report,
So the author of the article at the URL you cited *did* write that.
to the authors
of the original report. Typical of your dishonest weasel tactics.
So, let's see, a columnist who displays his obvious bias writes an
obviously slanted editorial on the results of an admittedly unscientific
poll, and you compare this to "taking a poll when you have a medical
problem instead of going to a doctor?"
Well, do you take a poll instead of going to the doctor?
That would explain a lot.
And you accuse *me* of weasel tactics?
You are smearing the authors of a perfectly valid study for
partisan political reasons. Yes, those are weasel tactics.
* 79% of the public believes e-voting is as likely or more
likely to accurately record and report their votes as paper
ballots, while half of the experts see e-voting as less likely
to be accurate.
* Half of the public respondents consider e-voting to be more
or much more secure than paper, whereas 83% of the experts say
it's less or much less so.
* More than half of the experts expressed concern about system
and programming errors and/or attempts to rig an election that's
conducted via e-voting, while less than one-quarter of the public
registered similar concerns.
--
The Very Irrev. Fear gan dia # http://goddamliberal.port5.com
"If you're a Democrat, you win when people think." - Bill Clinton
--
Fred Stone
aa# 1369
Cthulhu for President! Why vote for a lesser evil?
--
The Very Irrev. Fear gan dia # http://goddamliberal.port5.com
"If you're a Democrat, you win when people think." - Bill Clinton
.
|
|
|
| User: "Fred Stone" |
|
| Title: Re: OT: "Electronic voting machines scare the bejesus out of IT security experts" |
14 Aug 2004 09:30:09 PM |
|
|
"Fear gan dia" <qrdnnndqtbns@ddrxntbqthll.com> wrote in
news:411ec450.001@ddrxntbqthll.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9545CFD2E9FC6fstone69@207.69.154.201>:
"Fear gan dia" <sxlrdhhhrnqh@rhssxnnxssxq.com> wrote in
news:411ea8e4.001@rhssxnnxssxq.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9544D21061B16fstone69@207.69.154.202>:
"Fear gan dia" <nddlqbtthhsn@dxnhhlqqhxxq.com> wrote in
news:411d4716.004@dxnhhlqqhxxq.com:
http://www.nwfusion.com/columnists/2004/080904buzz.html
* 75% of the public has confidence or significant confidence
in e-voting, while 81% of the experts have none or little.
It was nice of the authors of that article to note that the public
survey was conducted scientifically while the expert was not.
In other words, they showed infinitely more intellectual
honesty than you are capable of. (See below.) Anyway, to
get reliable answers on a technical question, any intelligent
person would give more weight to an "unscientific" sampling
of experts in the relevant subject area than a scientific
sampling of the general population. But I don't know, maybe
you take a poll when you have a medical problem instead of
going to the doctor.
Also nice
of them to note their own bias throughout the article by such
comments as "What we have here is a failure to communicate;
specifically, a failure on the part of those who know better to
communicate their fears to those who don't."
They said nothing of the sort. You are attributing remarks
made by the columnist commenting on the report,
So the author of the article at the URL you cited *did* write that.
to the authors
of the original report. Typical of your dishonest weasel tactics.
So, let's see, a columnist who displays his obvious bias writes an
obviously slanted editorial on the results of an admittedly
unscientific poll, and you compare this to "taking a poll when you
have a medical problem instead of going to a doctor?"
Well, do you take a poll instead of going to the doctor?
That would explain a lot.
You're distorting the point even more than you accuse me of doing. We
don't know that these "experts" polled know the first thing about the
systems they're being polled about. Would you poll a group of Windows
programmers about a Linux configuration question?
And you accuse *me* of weasel tactics?
You are smearing the authors of a perfectly valid study for
partisan political reasons. Yes, those are weasel tactics.
Pshaw, "perfectly valid study" my *****.
--
Fred Stone
aa# 1369
Cthulhu for President! Why vote for a lesser evil?
.
|
|
|
| User: "Fear gan dia" |
|
| Title: Re: OT: "Electronic voting machines scare the bejesus out of IT security experts" |
15 Aug 2004 10:27:45 PM |
|
|
Verily verily I say unto you, it is written by Fred Stone
in <Xns9545E4EA5ACF4fstone69@207.69.154.205>:
"Fear gan dia" <qrdnnndqtbns@ddrxntbqthll.com> wrote in
news:411ec450.001@ddrxntbqthll.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9545CFD2E9FC6fstone69@207.69.154.201>:
"Fear gan dia" <sxlrdhhhrnqh@rhssxnnxssxq.com> wrote in
news:411ea8e4.001@rhssxnnxssxq.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9544D21061B16fstone69@207.69.154.202>:
"Fear gan dia" <nddlqbtthhsn@dxnhhlqqhxxq.com> wrote in
news:411d4716.004@dxnhhlqqhxxq.com:
http://www.nwfusion.com/columnists/2004/080904buzz.html
* 75% of the public has confidence or significant confidence
in e-voting, while 81% of the experts have none or little.
It was nice of the authors of that article to note that the public
survey was conducted scientifically while the expert was not.
In other words, they showed infinitely more intellectual
honesty than you are capable of. (See below.) Anyway, to
get reliable answers on a technical question, any intelligent
person would give more weight to an "unscientific" sampling
of experts in the relevant subject area than a scientific
sampling of the general population. But I don't know, maybe
you take a poll when you have a medical problem instead of
going to the doctor.
Also nice
of them to note their own bias throughout the article by such
comments as "What we have here is a failure to communicate;
specifically, a failure on the part of those who know better to
communicate their fears to those who don't."
They said nothing of the sort. You are attributing remarks
made by the columnist commenting on the report,
So the author of the article at the URL you cited *did* write that.
to the authors
of the original report. Typical of your dishonest weasel tactics.
So, let's see, a columnist who displays his obvious bias writes an
obviously slanted editorial on the results of an admittedly
unscientific poll, and you compare this to "taking a poll when you
have a medical problem instead of going to a doctor?"
Well, do you take a poll instead of going to the doctor?
That would explain a lot.
You're distorting the point even more than you accuse me of doing. We
don't know that these "experts" polled know the first thing about the
systems they're being polled about. Would you poll a group of Windows
programmers about a Linux configuration question?
Oh for christ's sake. First they were biased, now the don't know
the first thing about IT security. You can't even keep your lies
straight while lying your ***** off about an area you know nothing
about. Read the article, fuckhead! They were IT security experts!
http://www.blackhat.com/
http://www.defcon.org/
And you accuse *me* of weasel tactics?
On second thoughts, I apologise - to weasels.
You are smearing the authors of a perfectly valid study for
partisan political reasons. Yes, those are weasel tactics.
Pshaw, "perfectly valid study" my *****.
What a brilliant refutation. Well up to your usual standard.
--
The Very Irrev. Fear gan dia # http://goddamliberal.port5.com
"If you're a Democrat, you win when people think." - Bill Clinton
.
|
|
|
| User: "Fred Stone" |
|
| Title: Re: OT: "Electronic voting machines scare the bejesus out of IT security experts" |
16 Aug 2004 07:38:52 AM |
|
|
"Fear gan dia" <brqxbrlrqxsx@txxtdsttqbqbq.com> wrote in
news:412029b1.002@txxtdsttqbqbq.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9545E4EA5ACF4fstone69@207.69.154.205>:
"Fear gan dia" <qrdnnndqtbns@ddrxntbqthll.com> wrote in
news:411ec450.001@ddrxntbqthll.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9545CFD2E9FC6fstone69@207.69.154.201>:
"Fear gan dia" <sxlrdhhhrnqh@rhssxnnxssxq.com> wrote in
news:411ea8e4.001@rhssxnnxssxq.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9544D21061B16fstone69@207.69.154.202>:
"Fear gan dia" <nddlqbtthhsn@dxnhhlqqhxxq.com> wrote in
news:411d4716.004@dxnhhlqqhxxq.com:
http://www.nwfusion.com/columnists/2004/080904buzz.html
* 75% of the public has confidence or significant confidence
in e-voting, while 81% of the experts have none or little.
It was nice of the authors of that article to note that the
public survey was conducted scientifically while the expert was
not.
In other words, they showed infinitely more intellectual
honesty than you are capable of. (See below.) Anyway, to
get reliable answers on a technical question, any intelligent
person would give more weight to an "unscientific" sampling
of experts in the relevant subject area than a scientific
sampling of the general population. But I don't know, maybe
you take a poll when you have a medical problem instead of
going to the doctor.
Also nice
of them to note their own bias throughout the article by such
comments as "What we have here is a failure to communicate;
specifically, a failure on the part of those who know better to
communicate their fears to those who don't."
They said nothing of the sort. You are attributing remarks
made by the columnist commenting on the report,
So the author of the article at the URL you cited *did* write
that.
to the authors
of the original report. Typical of your dishonest weasel
tactics.
So, let's see, a columnist who displays his obvious bias writes an
obviously slanted editorial on the results of an admittedly
unscientific poll, and you compare this to "taking a poll when you
have a medical problem instead of going to a doctor?"
Well, do you take a poll instead of going to the doctor?
That would explain a lot.
You're distorting the point even more than you accuse me of doing. We
don't know that these "experts" polled know the first thing about the
systems they're being polled about. Would you poll a group of Windows
programmers about a Linux configuration question?
Oh for christ's sake. First they were biased, now the don't know
the first thing about IT security.
Pay attention, dopey. The author of that article is obviously biased. Ee
don't know whether the alleged "experts" know anything about *those
particular systems*.
You can't even keep your lies
straight while lying your ***** off about an area you know nothing
about. Read the article, fuckhead! They were IT security experts!
http://www.blackhat.com/
http://www.defcon.org/
Big deal. I'm an IT security expert myself. I know all about IBM
mainframe and RACF security.
And you accuse *me* of weasel tactics?
On second thoughts, I apologise - to weasels.
You are smearing the authors of a perfectly valid study for
partisan political reasons. Yes, those are weasel tactics.
Pshaw, "perfectly valid study" my *****.
What a brilliant refutation. Well up to your usual standard.
Pfeh, you'd take a poll of Volkswagen mechanics to fix your Ferrari.
--
Fred Stone
aa# 1369
Cthulhu for President! Why vote for a lesser evil?
.
|
|
|
| User: "Fear gan dia" |
|
| Title: Re: OT: "Electronic voting machines scare the bejesus out of IT security experts" |
16 Aug 2004 01:16:30 PM |
|
|
Verily verily I say unto you, it is written by Fred Stone
in <Xns954757FA8346fstone69@207.69.154.201>:
"Fear gan dia" <brqxbrlrqxsx@txxtdsttqbqbq.com> wrote in
news:412029b1.002@txxtdsttqbqbq.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9545E4EA5ACF4fstone69@207.69.154.205>:
"Fear gan dia" <qrdnnndqtbns@ddrxntbqthll.com> wrote in
news:411ec450.001@ddrxntbqthll.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9545CFD2E9FC6fstone69@207.69.154.201>:
"Fear gan dia" <sxlrdhhhrnqh@rhssxnnxssxq.com> wrote in
news:411ea8e4.001@rhssxnnxssxq.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9544D21061B16fstone69@207.69.154.202>:
"Fear gan dia" <nddlqbtthhsn@dxnhhlqqhxxq.com> wrote in
news:411d4716.004@dxnhhlqqhxxq.com:
http://www.nwfusion.com/columnists/2004/080904buzz.html
* 75% of the public has confidence or significant confidence
in e-voting, while 81% of the experts have none or little.
It was nice of the authors of that article to note that the
public survey was conducted scientifically while the expert was
not.
In other words, they showed infinitely more intellectual
honesty than you are capable of. (See below.) Anyway, to
get reliable answers on a technical question, any intelligent
person would give more weight to an "unscientific" sampling
of experts in the relevant subject area than a scientific
sampling of the general population. But I don't know, maybe
you take a poll when you have a medical problem instead of
going to the doctor.
Also nice
of them to note their own bias throughout the article by such
comments as "What we have here is a failure to communicate;
specifically, a failure on the part of those who know better to
communicate their fears to those who don't."
They said nothing of the sort. You are attributing remarks
made by the columnist commenting on the report,
So the author of the article at the URL you cited *did* write
that.
to the authors
of the original report. Typical of your dishonest weasel
tactics.
So, let's see, a columnist who displays his obvious bias writes an
obviously slanted editorial on the results of an admittedly
unscientific poll, and you compare this to "taking a poll when you
have a medical problem instead of going to a doctor?"
Well, do you take a poll instead of going to the doctor?
That would explain a lot.
You're distorting the point even more than you accuse me of doing. We
don't know that these "experts" polled know the first thing about the
systems they're being polled about. Would you poll a group of Windows
programmers about a Linux configuration question?
Oh for christ's sake. First they were biased, now the don't know
the first thing about IT security.
Pay attention, dopey. The author of that article is obviously biased.
Scroll up a few lines, numbnuts. You wrote: "Also nice of them to
note their own bias throughout the article."
Ee [sic]
don't know whether the alleged "experts" know anything about *those
particular systems*.
Thanks to Diebold's stupidity in posting its production code
on a public FTP server, we know that it is based on Windows CE.
That in itself raises serious questions about Diebold's grasp
of security issues. Plus there were problems with passwords
being hardwired in the code, back doors and numerous other
insecurities. Sequoia and ES&S also use Windows.
You can't even keep your lies
straight while lying your ***** off about an area you know nothing
about. Read the article, fuckhead! They were IT security experts!
http://www.blackhat.com/
http://www.defcon.org/
Big deal. I'm an IT security expert myself. I know all about IBM
mainframe and RACF security.
Yeah, right. :-)
And you accuse *me* of weasel tactics?
On second thoughts, I apologise - to weasels.
You are smearing the authors of a perfectly valid study for
partisan political reasons. Yes, those are weasel tactics.
Pshaw, "perfectly valid study" my *****.
What a brilliant refutation. Well up to your usual standard.
Pfeh, you'd take a poll of Volkswagen mechanics to fix your Ferrari.
LOL! You're really losing it.
--
The Very Irrev. Fear gan dia # http://goddamliberal.port5.com
"If you're a Democrat, you win when people think." - Bill Clinton
.
|
|
|
| User: "Fred Stone" |
|
| Title: Re: OT: "Electronic voting machines scare the bejesus out of IT security experts" |
16 Aug 2004 01:50:06 PM |
|
|
"Fear gan dia" <tnrbllhbdhxdr@shnlhhqdrqb.com> wrote in
news:4120f9fe.001@shnlhhqdrqb.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns954757FA8346fstone69@207.69.154.201>:
"Fear gan dia" <brqxbrlrqxsx@txxtdsttqbqbq.com> wrote in
news:412029b1.002@txxtdsttqbqbq.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9545E4EA5ACF4fstone69@207.69.154.205>:
"Fear gan dia" <qrdnnndqtbns@ddrxntbqthll.com> wrote in
news:411ec450.001@ddrxntbqthll.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9545CFD2E9FC6fstone69@207.69.154.201>:
"Fear gan dia" <sxlrdhhhrnqh@rhssxnnxssxq.com> wrote in
news:411ea8e4.001@rhssxnnxssxq.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9544D21061B16fstone69@207.69.154.202>:
"Fear gan dia" <nddlqbtthhsn@dxnhhlqqhxxq.com> wrote in
news:411d4716.004@dxnhhlqqhxxq.com:
http://www.nwfusion.com/columnists/2004/080904buzz.html
* 75% of the public has confidence or significant
confidence in e-voting, while 81% of the experts have none
or little.
It was nice of the authors of that article to note that the
public survey was conducted scientifically while the expert
was not.
In other words, they showed infinitely more intellectual
honesty than you are capable of. (See below.) Anyway, to
get reliable answers on a technical question, any intelligent
person would give more weight to an "unscientific" sampling
of experts in the relevant subject area than a scientific
sampling of the general population. But I don't know, maybe
you take a poll when you have a medical problem instead of
going to the doctor.
Also nice
of them to note their own bias throughout the article by
such comments as "What we have here is a failure to
communicate; specifically, a failure on the part of those
who know better to communicate their fears to those who
don't."
They said nothing of the sort. You are attributing remarks
made by the columnist commenting on the report,
So the author of the article at the URL you cited *did* write
that.
to the authors
of the original report. Typical of your dishonest weasel
tactics.
So, let's see, a columnist who displays his obvious bias writes
an obviously slanted editorial on the results of an admittedly
unscientific poll, and you compare this to "taking a poll when
you have a medical problem instead of going to a doctor?"
Well, do you take a poll instead of going to the doctor?
That would explain a lot.
You're distorting the point even more than you accuse me of doing.
We don't know that these "experts" polled know the first thing
about the systems they're being polled about. Would you poll a
group of Windows programmers about a Linux configuration question?
Oh for christ's sake. First they were biased, now the don't know
the first thing about IT security.
Pay attention, dopey. The author of that article is obviously biased.
Scroll up a few lines, numbnuts. You wrote: "Also nice of them to
note their own bias throughout the article."
Referring to the author of the article.
Ee [sic]
don't know whether the alleged "experts" know anything about *those
particular systems*.
Thanks to Diebold's stupidity in posting its production code
on a public FTP server, we know that it is based on Windows CE.
Years old code.
That in itself raises serious questions about Diebold's grasp
of security issues. Plus there were problems with passwords
being hardwired in the code, back doors and numerous other
insecurities. Sequoia and ES&S also use Windows.
None of which addresses the physical arrangement of the devices. If you
can't get to the machine console, you can't hack into it. The voting
machines aren't even networked. They use CD-R's to record the ballots
for counting.
You can't even keep your lies
straight while lying your ***** off about an area you know nothing
about. Read the article, fuckhead! They were IT security experts!
http://www.blackhat.com/
http://www.defcon.org/
Big deal. I'm an IT security expert myself. I know all about IBM
mainframe and RACF security.
Yeah, right. :-)
I see you get my point. :-)
And you accuse *me* of weasel tactics?
On second thoughts, I apologise - to weasels.
You are smearing the authors of a perfectly valid study for
partisan political reasons. Yes, those are weasel tactics.
Pshaw, "perfectly valid study" my *****.
What a brilliant refutation. Well up to your usual standard.
Pfeh, you'd take a poll of Volkswagen mechanics to fix your Ferrari.
LOL! You're really losing it.
You already lost it, now you're just flopping on the beach.
--
Fred Stone
aa# 1369
Cthulhu for President! Why vote for a lesser evil?
.
|
|
|
| User: "Fear gan dia" |
|
| Title: Re: OT: "Electronic voting machines scare the bejesus out of IT security experts" |
16 Aug 2004 01:58:09 PM |
|
|
Verily verily I say unto you, it is written by Fred Stone
in <Xns954796EC52EFBfstone69@207.69.154.204>:
"Fear gan dia" <tnrbllhbdhxdr@shnlhhqdrqb.com> wrote in
news:4120f9fe.001@shnlhhqdrqb.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns954757FA8346fstone69@207.69.154.201>:
"Fear gan dia" <brqxbrlrqxsx@txxtdsttqbqbq.com> wrote in
news:412029b1.002@txxtdsttqbqbq.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9545E4EA5ACF4fstone69@207.69.154.205>:
"Fear gan dia" <qrdnnndqtbns@ddrxntbqthll.com> wrote in
news:411ec450.001@ddrxntbqthll.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9545CFD2E9FC6fstone69@207.69.154.201>:
"Fear gan dia" <sxlrdhhhrnqh@rhssxnnxssxq.com> wrote in
news:411ea8e4.001@rhssxnnxssxq.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9544D21061B16fstone69@207.69.154.202>:
"Fear gan dia" <nddlqbtthhsn@dxnhhlqqhxxq.com> wrote in
news:411d4716.004@dxnhhlqqhxxq.com:
http://www.nwfusion.com/columnists/2004/080904buzz.html
* 75% of the public has confidence or significant
confidence in e-voting, while 81% of the experts have none
or little.
It was nice of the authors of that article to note that the
public survey was conducted scientifically while the expert
was not.
In other words, they showed infinitely more intellectual
honesty than you are capable of. (See below.) Anyway, to
get reliable answers on a technical question, any intelligent
person would give more weight to an "unscientific" sampling
of experts in the relevant subject area than a scientific
sampling of the general population. But I don't know, maybe
you take a poll when you have a medical problem instead of
going to the doctor.
Also nice
of them to note their own bias throughout the article by
such comments as "What we have here is a failure to
communicate; specifically, a failure on the part of those
who know better to communicate their fears to those who
don't."
They said nothing of the sort. You are attributing remarks
made by the columnist commenting on the report,
So the author of the article at the URL you cited *did* write
that.
to the authors
of the original report. Typical of your dishonest weasel
tactics.
So, let's see, a columnist who displays his obvious bias writes
an obviously slanted editorial on the results of an admittedly
unscientific poll, and you compare this to "taking a poll when
you have a medical problem instead of going to a doctor?"
Well, do you take a poll instead of going to the doctor?
That would explain a lot.
You're distorting the point even more than you accuse me of doing.
We don't know that these "experts" polled know the first thing
about the systems they're being polled about. Would you poll a
group of Windows programmers about a Linux configuration question?
Oh for christ's sake. First they were biased, now the don't know
the first thing about IT security.
Pay attention, dopey. The author of that article is obviously biased.
Scroll up a few lines, numbnuts. You wrote: "Also nice of them to
note their own bias throughout the article."
Referring to the author of the article.
In that case you should write "he" and "his". I suggest remedial
English classes.
Ee [sic]
don't know whether the alleged "experts" know anything about *those
particular systems*.
Thanks to Diebold's stupidity in posting its production code
on a public FTP server, we know that it is based on Windows CE.
Years old code.
No more than two years old. Have they switched to Linux since then?
That in itself raises serious questions about Diebold's grasp
of security issues. Plus there were problems with passwords
being hardwired in the code, back doors and numerous other
insecurities. Sequoia and ES&S also use Windows.
None of which addresses the physical arrangement of the devices. If you
can't get to the machine console, you can't hack into it. The voting
machines aren't even networked. They use CD-R's to record the ballots
for counting.
http://www.verifiedvoting.org/article.asp?id=2609
Myth: E-voting machines cannot be hacked because they are not
connected to the Internet.
Fact: Computer systems can be hacked in many ways without using
the Internet. Making systems secure against outsiders, such as
voters and poll workers, is very hard, and, as multiple studies
have shown, the current e-voting systems fail miserably. However,
making them secure against INSIDERS, possibly even the programmers
themselves, is close to impossible.
The way we make systems honest is to enable truly independent
audits. Each voter should be able to check that his or her vote
is recorded correctly, and it should be possible to count the
paper ballots manually to double-check any machine counts.
Some e-voting machines are believed to have wireless connectivity
that might enable Internet access with or without the knowledge
of poll workers and election officials.
http://www.computerworld.com/governmenttopics/government/story/0,10801,94667p3,00.html
http://snipurl.com/8gqz
JULY 21, 2004 (COMPUTERWORLD) - WASHINGTON -- The computer
science professor at the center of the controversy over
electronic voting system security told members of Congress
yesterday that policymakers made "a mistake" by not conferring
with security experts about voting system technologies. And he
said that using the systems in November without first fixing
the security flaws would be "irresponsible."
Aviel Rubin, a computer science professor at Johns Hopkins
University in Baltimore, defended a series of recent studies
that outlined significant security vulnerabilities in the
current generation of e-voting systems -- and he criticized
policymakers for not requiring security audits sooner. Rubin
testified before the House Subcommittee on Technology,
Information Policy, Intergovernmental Relations and the Census.
"I have been disappointed that the policy community did not
reach out to the computer security community when making
decisions about voting technology, and when my community
came to the table, they said it was too late," said Rubin.
In February, Rubin co-authored a controversial paper that
outlined major security vulnerabilities in the software
powering e-voting systems developed by Diebold Inc. In
addition to Rubin's research, three other independent
studies have uncovered similar problems and a host of other
issues related to the reliability of most electronic voting
systems now in use.
"At this point, the failures of current [direct recording
equipment voting systems] have been documented in four major
studies by leading computer security experts," said Rubin.
"Yet computer security experts, myself included, find ourselves
routinely referred to as Luddites and conspiracy theorists."
You can't even keep your lies
straight while lying your ***** off about an area you know nothing
about. Read the article, fuckhead! They were IT security experts!
http://www.blackhat.com/
http://www.defcon.org/
Big deal. I'm an IT security expert myself. I know all about IBM
mainframe and RACF security.
Yeah, right. :-)
I see you get my point. :-)
I see that you haven't the first clue about computer security,
or else you are being deliberately obtuse for partisan reasons.
And you accuse *me* of weasel tactics?
On second thoughts, I apologise - to weasels.
You are smearing the authors of a perfectly valid study for
partisan political reasons. Yes, those are weasel tactics.
Pshaw, "perfectly valid study" my *****.
What a brilliant refutation. Well up to your usual standard.
Pfeh, you'd take a poll of Volkswagen mechanics to fix your Ferrari.
LOL! You're really losing it.
You already lost it, now you're just flopping on the beach.
As always, you respond with pathetic and childish insults
when caught in a lie.
--
The Very Irrev. Fear gan dia # http://goddamliberal.port5.com
"If you're a Democrat, you win when people think." - Bill Clinton
.
|
|
|
| User: "Fred Stone" |
|
| Title: Re: OT: "Electronic voting machines scare the bejesus out of IT security experts" |
16 Aug 2004 04:00:00 PM |
|
|
"Fear gan dia" <blqbqhdqbhdn@hdbtnrlsblbq.com> wrote in
news:412103c1.003@hdbtnrlsblbq.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns954796EC52EFBfstone69@207.69.154.204>:
"Fear gan dia" <tnrbllhbdhxdr@shnlhhqdrqb.com> wrote in
news:4120f9fe.001@shnlhhqdrqb.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns954757FA8346fstone69@207.69.154.201>:
"Fear gan dia" <brqxbrlrqxsx@txxtdsttqbqbq.com> wrote in
news:412029b1.002@txxtdsttqbqbq.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9545E4EA5ACF4fstone69@207.69.154.205>:
"Fear gan dia" <qrdnnndqtbns@ddrxntbqthll.com> wrote in
news:411ec450.001@ddrxntbqthll.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9545CFD2E9FC6fstone69@207.69.154.201>:
"Fear gan dia" <sxlrdhhhrnqh@rhssxnnxssxq.com> wrote in
news:411ea8e4.001@rhssxnnxssxq.com:
Verily verily I say unto you, it is written by Fred Stone
in <Xns9544D21061B16fstone69@207.69.154.202>:
"Fear gan dia" <nddlqbtthhsn@dxnhhlqqhxxq.com> wrote in
news:411d4716.004@dxnhhlqqhxxq.com:
http://www.nwfusion.com/columnists/2004/080904buzz.html
* 75% of the public has confidence or significant
confidence in e-voting, while 81% of the experts have
none or little.
It was nice of the authors of that article to note that
the public survey was conducted scientifically while the
expert was not.
In other words, they showed infinitely more intellectual
honesty than you are capable of. (See below.) Anyway, to
get reliable answers on a technical question, any
intelligent person would give more weight to an
"unscientific" sampling of experts in the relevant subject
area than a scientific sampling of the general population.
But I don't know, maybe you take a poll when you have a
medical problem instead of going to the doctor.
Also nice
of them to note their own bias throughout the article by
such comments as "What we have here is a failure to
communicate; specifically, a failure on the part of those
who know better to communicate their fears to those who
don't."
They said nothing of the sort. You are attributing remarks
made by the columnist commenting on the report,
So the author of the article at the URL you cited *did*
write that.
to the authors
of the original report. Typical of your dishonest weasel
tactics.
So, let's see, a columnist who displays his obvious bias
writes an obviously slanted editorial on the results of an
admittedly unscientific poll, and you compare this to
"taking a poll when you have a medical problem instead of
going to a doctor?"
Well, do you take a poll instead of going to the doctor?
That would explain a lot.
You're distorting the point even more than you accuse me of
doing. We don't know that these "experts" polled know the first
thing about the systems they're being polled about. Would you
poll a group of Windows programmers about a Linux configuration
question?
Oh for christ's sake. First they were biased, now the don't know
the first thing about IT security.
Pay attention, dopey. The author of that article is obviously
biased.
Scroll up a few lines, numbnuts. You wrote: "Also nice of them to
note their own bias throughout the article."
Referring to the author of the article.
In that case you should write "he" and "his". I suggest remedial
English classes.
Ee [sic]
don't know whether the alleged "experts" know anything about
*those particular systems*.
Thanks to Diebold's stupidity in posting its production code
on a public FTP server, we know that it is based on Windows CE.
Years old code.
No more than two years old. Have they switched to Linux since then?
That in itself raises serious questions about Diebold's grasp
of security issues. Plus there were problems with passwords
being hardwired in the code, back doors and numerous other
insecurities. Sequoia and ES&S also use Windows.
None of which addresses the physical arrangement of the devices. If
you can't get to the machine console, you can't hack into it. The
voting machines aren't even networked. They use CD-R's to record the
ballots for counting.
http://www.verifiedvoting.org/article.asp?id=2609
Myth: E-voting machines cannot be hacked because they are not
connected to the Internet.
Fact: Computer systems can be hacked in many ways without using
the Internet. Making systems secure against outsiders, such as
voters and poll workers, is very hard, and, as multiple studies
have shown, the current e-voting systems fail miserably. However,
making them secure against INSIDERS, possibly even the programmers
themselves, is close to impossible.
No *****, sherlock. Making paper ballots secure against INSIDERS is even
harder, duh.
The way we make systems honest is to enable truly independent
audits. Each voter should be able to check that his or her vote
is recorded correctly, and it should be possible to count the
paper ballots manually to double-check any machine counts.
CD-R audit trails have been shown to be just as secure against
tampering.
Some e-voting machines are believed to have wireless connectivity
that might enable Internet access with or without the knowledge
of poll workers and election officials.
"believed to be"???
In other words, they're guessing.
http://www.computerworld.com/governmenttopics/government/story/0,10801
,
94667p3,00.html http://snipurl.com/8gqz
JULY 21, 2004 (COMPUTERWORLD) - WASHINGTON -- The computer
science professor at the center of the controversy over
electronic voting system security told members of Congress
yesterday that policymakers made "a mistake" by not conferring
with security experts about voting system technologies. And he
said that using the systems in November without first fixing
the security flaws would be "irresponsible."
Aviel Rubin, a computer science professor at Johns Hopkins
University in Baltimore, defended a series of recent studies
that outlined significant security vulnerabilities in the
current generation of e-voting systems -- and he criticized
policymakers for not requiring security audits sooner. Rubin
testified before the House Subcommittee on Technology,
Information Policy, Intergovernmental Relations and the Census.
"I have been disappointed that the policy community did not
reach out to the computer security community when making
decisions about voting technology, and when my community
came to the table, they said it was too late," said Rubin.
In February, Rubin co-authored a controversial paper that
outlined major security vulnerabilities in the software
powering e-voting systems developed by Diebold Inc. In
addition to Rubin's research, three other independent
studies have uncovered similar problems and a host of other
issues related to the reliability of most electronic voting
systems now in use.
"At this point, the failures of current [direct recording
equipment voting systems] have been documented in four major
studies by leading computer security experts," said Rubin.
"Yet computer security experts, myself included, find ourselves
routinely referred to as Luddites and conspiracy theorists."
Whoops, changing the subject from fancy unscientific polls in a big
hurry, aren't we?
You can't even keep your lies
straight while lying your ***** off about an area you know nothing
about. Read the article, fuckhead! They were IT security
experts!
http://www.blackhat.com/
http://www.defcon.org/
Big deal. I'm an IT security expert myself. I know all about IBM
mainframe and RACF security.
Yeah, right. :-)
I see you get my point. :-)
I see that you haven't the first clue about computer security,
or else you are being deliberately obtuse for partisan reasons.
I see you've decided to abandon your "unscientific poll of experts".
And you accuse *me* of weasel tactics?
On second thoughts, I apologise - to weasels.
You are smearing the authors of a perfectly valid study for
partisan political reasons. Yes, those are weasel tactics.
Pshaw, "perfectly valid study" my *****.
What a brilliant refutation. Well up to your usual standard.
Pfeh, you'd take a poll of Volkswagen mechanics to fix your
Ferrari.
LOL! You're really losing it.
You already lost it, now you're just flopping on the beach.
As always, you respond with pathetic and childish insults
when caught in a lie.
ROFL, you're the one trying to duck away from the unscientific poll now
that it's shot full of holes.
--
Fred Stone
aa# 1369
Cthulhu for President! Why vote for a lesser evil?
.
|
|
|
| User: "Kevin Anthoney" |
|
| Title: Re: OT: "Electronic voting machines scare the bejesus out of IT security experts" |
16 Aug 2004 05:10:50 PM |
|
|
Fred Stone wrote:
"Fear gan dia" <blqbqhdqbhdn@hdbtnrlsblbq.com> wrote in
news:412103c1.003@hdbtnrlsblbq.com:
Fact: Computer systems can be hacked in many ways without using
the Internet. Making systems secure against outsiders, such as
voters and poll workers, is very hard, and, as multiple studies
have shown, the current e-voting systems fail miserably. However,
making them secure against INSIDERS, possibly even the programmers
themselves, is close to impossible.
No *****, sherlock. Making paper ballots secure against INSIDERS is even
harder, duh.
Nah. "Insiders", in this context, means the company building the machines.
The equivalent in a paper ballot would be the printers, and the only way
they could cheat is by pre-marking the papers. Somebody would notice.
Election officials could in theory cheat, by stuffing the ballot box or
whatever. But that's why you have loads of them, all keeping an eye on
each other.
The way we make systems honest is to enable truly independent
audits. Each voter should be able to check that his or her vote
is recorded correctly, and it should be possible to count the
paper ballots manually to double-check any machine counts.
CD-R audit trails have been shown to be just as secure against
tampering.
Assuming that you trust the machine to produce correct CD-R's in the first
place. The whole point about voting machines is that you can't be sure
that they will.
--
Kevin Anthoney
kanthoney[a]dsl.pipex.com
.
|
|
|
| User: "Fred Stone" |
|
| Title: Re: OT: "Electronic voting machines scare the bejesus out of IT security experts" |
16 Aug 2004 05:59:19 PM |
|
|
Kevin Anthoney <kevin_anthoney@hotmail.com> wrote in
news:7fa57$412130eb$51569c09$23960@nf1.news-service-com:
Fred Stone wrote:
"Fear gan dia" <blqbqhdqbhdn@hdbtnrlsblbq.com> wrote in
news:412103c1.003@hdbtnrlsblbq.com:
Fact: Computer systems can be hacked in many ways without using
the Internet. Making systems secure against outsiders, such as
voters and poll workers, is very hard, and, as multiple studies
have shown, the current e-voting systems fail miserably. However,
making them secure against INSIDERS, possibly even the programmers
themselves, is close to impossible.
No *****, sherlock. Making paper ballots secure against INSIDERS is
even harder, duh.
Nah. "Insiders", in this context, means the company building the
machines. The equivalent in a paper ballot would be the printers, and
the only way they could cheat is by pre-marking the papers. Somebody
would notice.
Election officials could in theory cheat, by stuffing the ballot box
or whatever. But that's why you have loads of them, all keeping an
eye on each other.
And where are these same election officials when the companies deliver
their e-voting machines? Any company that tried to bias an election at
the machine-coding level would get caught by the first acceptance test.
The way we make systems honest is to enable truly independent
audits. Each voter should be able to check that his or her vote
is recorded correctly, and it should be possible to count the
paper ballots manually to double-check any machine counts.
CD-R audit trails have been shown to be just as secure against
tampering.
Assuming that you trust the machine to produce correct CD-R's in the
first place. The whole point about voting machines is that you can't
be sure that they will.
That's just one of the many reasons why you test the system before you
put it live. A certain election supervisor in Florida learned that one
the hard way, not the the machines were deliberately set to fudge the
election but they just Weren't Ready for Prime Time.
And yes, that means having the election supervisors spend LOTS of time
on things like upgrades and system testing and proper procedures have to
be established for all that. Yes, it's a ***** to keep everything in
sync, as California has learned, and now their experience is being used
to blacken the whole concept of evoting.
I've managed PC hardware and software version upgrades and rollouts and
system testing and all that crapola, not on evoting but the principles
are the same.
--
Fred Stone
aa# 1369
Cthulhu for President! Why vote for a lesser evil?
.
|
|
|
| User: "Kevin Anthoney" |
|
| Title: Re: OT: "Electronic voting machines scare the bejesus out of IT security experts" |
17 Aug 2004 01:40:10 PM |
|
|
Fred Stone wrote:
Kevin Anthoney <kevin_anthoney@hotmail.com> wrote in
news:7fa57$412130eb$51569c09$23960@nf1.news-service-com:
Fred Stone wrote:
"Fear gan dia" <blqbqhdqbhdn@hdbtnrlsblbq.com> wrote in
news:412103c1.003@hdbtnrlsblbq.com:
Fact: Computer systems can be hacked in many ways without using
the Internet. Making systems secure against outsiders, such as
voters and poll workers, is very hard, and, as multiple studies
have shown, the current e-voting systems fail miserably. However,
making them secure against INSIDERS, possibly even the programmers
themselves, is close to impossible.
No *****, sherlock. Making paper ballots secure against INSIDERS is
even harder, duh.
Nah. "Insiders", in this context, means the company building the
machines. The equivalent in a paper ballot would be the printers, and
the only way they could cheat is by pre-marking the papers. Somebody
would notice.
Election officials could in theory cheat, by stuffing the ballot box
or whatever. But that's why you have loads of them, all keeping an
eye on each other.
And where are these same election officials when the companies deliver
their e-voting machines? Any company that tried to bias an election at
the machine-coding level would get caught by the first acceptance test.
if( strcmp( date, "2004-11-02" ) == 0 ) {
candidate[ 0 ] += 5000;
candidate[ 1 ] -= 5000;
}
The code above would work fine in tests prior to the election. On election
day, it'd skew the results. There's an infinite number of different ways
to hide election-skewing code in a computer, and no way to test for all of
them.
Yes, it's paranoid. But you're *supposed* to be paranoid if you're trying
to design a secure system. You have to assume that Diebold really *are*
out to fix the election. (The fact that Walden O'Dell actually said he'd
deliver the election to Bush does nothing except underline the point.) If
you've got no reliable way of telling whether the have fudged the numbers,
then you've not got a secure system.
The way we make systems honest is to enable truly independent
audits. Each voter should be able to check that his or her vote
is recorded correctly, and it should be possible to count the
paper ballots manually to double-check any machine counts.
CD-R audit trails have been shown to be just as secure against
tampering.
Assuming that you trust the machine to produce correct CD-R's in the
first place. The whole point about voting machines is that you can't
be sure that they will.
That's just one of the many reasons why you test the system before you
put it live. A certain election supervisor in Florida learned that one
the hard way, not the the machines were deliberately set to fudge the
election but they just Weren't Ready for Prime Time.
And yes, that means having the election supervisors spend LOTS of time
on things like upgrades and system testing and proper procedures have to
be established for all that. Yes, it's a ***** to keep everything in
sync, as California has learned, and now their experience is being used
to blacken the whole concept of evoting.
I've managed PC hardware and software version upgrades and rollouts and
system testing and all that crapola, not on evoting but the principles
are the same.
So why bother? Pencil and paper works fine, and the security problems of
that approach are well understood and easily countered.
--
Kevin Anthoney
kanthoney[a]dsl.pipex.com
.
|
|
|
| User: "Fred Stone" |
|
| Title: Re: OT: "Electronic voting machines scare the bejesus out of IT security experts" |
17 Aug 2004 02:36:32 PM |
|
|
Kevin Anthoney <kevin_anthoney@hotmail.com> wrote in
news:207d2$4122510b$51569c09$3283@nf1.news-service-com:
Fred Stone wrote:
Kevin Anthoney <kevin_anthoney@hotmail.com> wrote in
news:7fa57$412130eb$51569c09$23960@nf1.news-service-com:
Fred Stone wrote:
"Fear gan dia" <blqbqhdqbhdn@hdbtnrlsblbq.com> wrote in
news:412103c1.003@hdbtnrlsblbq.com:
Fact: Computer systems can be hacked in many ways without using
the Internet. Making systems secure against outsiders, such as
voters and poll workers, is very hard, and, as multiple studies
have shown, the current e-voting systems fail miserably. However,
making them secure against INSIDERS, possibly even the programmers
themselves, is close to impossible.
No *****, sherlock. Making paper ballots secure against INSIDERS is
even harder, duh.
Nah. "Insiders", in this context, means the company building the
machines. The equivalent in a paper ballot would be the printers,
and the only way they could cheat is by pre-marking the papers.
Somebody would notice.
Election officials could in theory cheat, by stuffing the ballot box
or whatever. But that's why you have loads of them, all keeping an
eye on each other.
And where are these same election officials when the companies
deliver their e-voting machines? Any company that tried to bias an
election at the machine-coding level would get caught by the first
acceptance test.
if( strcmp( date, "2004-11-02" ) == 0 ) {
candidate[ 0 ] += 5000;
candidate[ 1 ] -= 5000;
}
The code above would work fine in tests prior to the election. On
election day, it'd skew the results.
The test would naturally set the date to election day.
There's an infinite number of
different ways to hide election-skewing code in a computer, and no way
to test for all of them.
How do people find the easter eggs in any commercial program? They *do*
find them though.
Naturally we're just speculating about the possible scenarios. I find it
hard to imagine that the programmer would even know who candidate[0] is
since that would depend on the ballot template. If I were the election
commissioner I would certainly have one of my own people doing the
template setup, not somebody outside my control.
Yes, it's paranoid. But you're *supposed* to be paranoid if you're
trying to design a secure system. You have to assume that Diebold
really *are* out to fix the election.
Why not just assume that your whole election commission is in on the
scheme to to fix the election while you're at it? Then you're screwed
anyway. In the Real World any conspiracy of that magnitude would be
bound to fall apart. "Two people can keep a secret if one of them is
dead."
(The fact that Walden O'Dell
actually said he'd deliver the election to Bush does nothing except
underline the point.)
That's not quite exactly what he said. IIRC, he said something like
"delivering all the votes for the President in 2004."
The fact that he'd have to be *insane* to admit to conspiracy like that
in public doesn't seem to make any impression though.
If you've got no reliable way of telling
whether the have fudged the numbers, then you've not got a secure
system.
Of course you don't have a perfectly reliable way of telling whether
they stuffed paper ballots either.
The way we make systems honest is to enable truly independent
audits. Each voter should be able to check that his or her vote
is recorded correctly, and it should be possible to count the
paper ballots manually to double-check any machine counts.
CD-R audit trails have been shown to be just as secure against
tampering.
Assuming that you trust the machine to produce correct CD-R's in the
first place. The whole point about voting machines is that you
can't be sure that they will.
That's just one of the many reasons why you test the system before
you put it live. A certain election supervisor in Florida learned
that one the hard way, not the the machines were deliberately set to
fudge the election but they just Weren't Ready for Prime Time.
And yes, that means having the election supervisors spend LOTS of
time on things like upgrades and system testing and proper procedures
have to be established for all that. Yes, it's a ***** to keep
everything in sync, as California has learned, and now their
experience is being used to blacken the whole concept of evoting.
I've managed PC hardware and software version upgrades and rollouts
and system testing and all that crapola, not on evoting but the
principles are the same.
So why bother? Pencil and paper works fine, and the security problems
of that approach are well understood and easily countered.
Because paper and pencil *don't* work fine and have serious security
problems which is why they invented mechanical voting machines and punch
cards and OCR systems and all the others.
--
Fred Stone
aa# 1369
Cthulhu for President! Why vote for a lesser evil?
.
|
|
|
| User: "Kevin Anthoney" |
|
| Title: Re: OT: "Electronic voting machines scare the bejesus out of IT security experts" |
17 Aug 2004 03:28:48 PM |
|
|
Fred Stone wrote:
Kevin Anthoney <kevin_anthoney@hotmail.com> wrote in
news:207d2$4122510b$51569c09$3283@nf1.news-service-com:
Fred Stone wrote:
Kevin Anthoney <kevin_anthoney@hotmail.com> wrote in
news:7fa57$412130eb$51569c09$23960@nf1.news-service-com:
Fred Stone wrote:
"Fear gan dia" <blqbqhdqbhdn@hdbtnrlsblbq.com> wrote in
news:412103c1.003@hdbtnrlsblbq.com:
Fact: Computer systems can be hacked in many ways without using
the Internet. Making systems secure against outsiders, such as
voters and poll workers, is very hard, and, as multiple studies
have shown, the current e-voting systems fail miserably. However,
making them secure against INSIDERS, possibly even the programmers
themselves, is close to impossible.
No *****, sherlock. Making paper ballots secure against INSIDERS is
even harder, duh.
Nah. "Insiders", in this context, means the company building the
machines. The equivalent in a paper ballot would be the printers,
and the only way they could cheat is by pre-marking the papers.
Somebody would notice.
Election officials could in theory cheat, by stuffing the ballot box
or whatever. But that's why you have loads of them, all keeping an
eye on each other.
And where are these same election officials when the companies
deliver their e-voting machines? Any company that tried to bias an
election at the machine-coding level would get caught by the first
acceptance test.
if( strcmp( date, "2004-11-02" ) == 0 ) {
candidate[ 0 ] += 5000;
candidate[ 1 ] -= 5000;
}
The code above would work fine in tests prior to the election. On
election day, it'd skew the results.
The test would naturally set the date to election day.
Naturally, my first attempt at an example would be rather crude. Somebody
seriously attempting such a thing would be far more subtle.
There's an infinite number of
different ways to hide election-skewing code in a computer, and no way
to test for all of them.
How do people find the easter eggs in any commercial program? They *do*
find them though.
a) The programmers who put them in tell their mates, who tell their
mates... ; or
b) Millions of people buy Excel (or whatever) and extensively use it day
after day. Somebody is bound to hit on the right keystroke eventually.
This doesn't apply as much to voting machines - there aren't that many
election officials, and the voters only get to click on their candidate.
Naturally we're just speculating about the possible scenarios. I find it
hard to imagine that the programmer would even know who candidate[0] is
since that would depend on the ballot template. If I were the election
commissioner I would certainly have one of my own people doing the
template setup, not somebody outside my control.
Of course, there must be something linking candidate[ 0 ] to one of the
candidate's names.
Yes, it's paranoid. But you're *supposed* to be paranoid if you're
trying to design a secure system. You have to assume that Diebold
really *are* out to fix the election.
Why not just assume that your whole election commission is in on the
scheme to to fix the election while you're at it? Then you're screwed
anyway. In the Real World any conspiracy of that magnitude would be
bound to fall apart. "Two people can keep a secret if one of them is
dead."
Yes, you should keep a close eye on the election commission, too. Just in
case.
(The fact that Walden O'Dell
actually said he'd deliver the election to Bush does nothing except
underline the point.)
That's not quite exactly what he said. IIRC, he said something like
"delivering all the votes for the President in 2004."
The fact that he'd have to be *insane* to admit to conspiracy like that
in public doesn't seem to make any impression though.
If you've got no reliable way of telling
whether the have fudged the numbers, then you've not got a secure
system.
Of course you don't have a perfectly reliable way of telling whether
they stuffed paper ballots either.
Count the ballots. If they don't match the number of voters, there's a
problem somewhere.
Of course there are problems. The point is, the problems are an order of
magnitude simpler than the ones thrown up by using computers.
The way we make systems honest is to enable truly independent
audits. Each voter should be able to check that his or her vote
is recorded correctly, and it should be possible to count the
paper ballots manually to double-check any machine counts.
CD-R audit trails have been shown to be just as secure against
tampering.
Assuming that you trust the machine to produce correct CD-R's in the
first place. The whole point about voting machines is that you
can't be sure that they will.
That's just one of the many reasons why you test the system before
you put it live. A certain election supervisor in Florida learned
that one the hard way, not the the machines were deliberately set to
fudge the election but they just Weren't Ready for Prime Time.
And yes, that means having the election supervisors spend LOTS of
time on things like upgrades and system testing and proper procedures
have to be established for all that. Yes, it's a ***** to keep
everything in sync, as California has learned, and now their
experience is being used to blacken the whole concept of evoting.
I've managed PC hardware and software version upgrades and rollouts
and system testing and all that crapola, not on evoting but the
principles are the same.
So why bother? Pencil and paper works fine, and the security problems
of that approach are well understood and easily countered.
Because paper and pencil *don't* work fine and have serious security
problems which is why they invented mechanical voting machines and punch
cards and OCR systems and all the others.
Really? The last UK general election used a paper ballot. The last US
presidential election used voting machines. Guess which one generated the
most controversy?
What problems with a pencil-and-paper ballot are solved by using voting
machines?
--
Kevin Anthoney
kanthoney[a]dsl.pipex.com
.
|
|
|
| User: "Fred Stone" |
|
| Title: Re: OT: "Electronic voting machines scare the bejesus out of IT security experts" |
17 Aug 2004 04:08:06 PM |
|
|
Kevin Anthoney <kevin_anthoney@hotmail.com> wrote in
news:74c4e$41226a81$51569c09$13210@nf1.news-service-com:
Fred Stone wrote:
Kevin Anthoney <kevin_anthoney@hotmail.com> wrote in
news:207d2$4122510b$51569c09$3283@nf1.news-service-com:
Fred Stone wrote:
Kevin Anthoney <kevin_anthoney@hotmail.com> wrote in
news:7fa57$412130eb$51569c09$23960@nf1.news-service-com:
Fred Stone wrote:
"Fear gan dia" <blqbqhdqbhdn@hdbtnrlsblbq.com> wrote in
news:412103c1.003@hdbtnrlsblbq.com:
Fact: Computer systems can be hacked in many ways without using
the Internet. Making systems secure against outsiders, such as
voters and poll workers, is very hard, and, as multiple studies
have shown, the current e-voting systems fail miserably.
However, making them secure against INSIDERS, possibly even the
programmers themselves, is close to impossible.
No *****, sherlock. Making paper ballots secure against INSIDERS
is even harder, duh.
Nah. "Insiders", in this context, means the company building the
machines. The equivalent in a paper ballot would be the printers,
and the only way they could cheat is by pre-marking the papers.
Somebody would notice.
Election officials could in theory cheat, by stuffing the ballot
box or whatever. But that's why you have loads of them, all
keeping an eye on each other.
And where are these same election officials when the companies
deliver their e-voting machines? Any company that tried to bias an
election at the machine-coding level would get caught by the first
acceptance test.
if( strcmp( date, "2004-11-02" ) == 0 ) {
candidate[ 0 ] += 5000;
candidate[ 1 ] -= 5000;
}
The code above would work fine in tests prior to the election. On
election day, it'd skew the results.
The test would naturally set the date to election day.
Naturally, my first attempt at an example would be rather crude.
Somebody seriously attempting such a thing would be far more subtle.
Naturally. The point is that rigorous testing would probably uncover
anything that didn't involve hands-on cheating.
There's an infinite number of
different ways to hide election-skewing code in a computer, and no
way to test for all of them.
How do people find the easter eggs in any commercial program? They
*do* find them though.
a) The programmers who put them in tell their mates, who tell their
mates... ; or
Which is how any voting conspiracy would probably fail.
b) Millions of people buy Excel (or whatever) and extensively use it
day after day. Somebody is bound to hit on the right keystroke
eventually. This doesn't apply as much to voting machines - there
aren't that many election officials, and the voters only get to click
on their candidate.
Naturally we're just speculating about the possible scenarios. I find
it hard to imagine that the programmer would even know who
candidate[0] is since that would depend on the ballot template. If I
were the election commissioner I would certainly have one of my own
people doing the template setup, not somebody outside my control.
Of course, there must be something linking candidate[ 0 ] to one of
the candidate's names.
Still too obvious of a way of cheating. I'm not saying it would be
impossible, but then it's possible to cheat *any* system, electronic or
not.
Yes, it's paranoid. But you're *supposed* to be paranoid if you're
trying to design a secure system. You have to assume that Diebold
really *are* out to fix the election.
Why not just assume that your whole election commission is in on the
scheme to to fix the election while you're at it? Then you're screwed
anyway. In the Real World any conspiracy of that magnitude would be
bound to fall apart. "Two people can keep a secret if one of them is
dead."
Yes, you should keep a close eye on the election commission, too.
Just in case.
(The fact that Walden O'Dell
actually said he'd deliver the election to Bush does nothing except
underline the point.)
That's not quite exactly what he said. IIRC, he said something like
"delivering all the votes for the President in 2004."
The fact that he'd have to be *insane* to admit to conspiracy like
that in public doesn't seem to make any impression though.
If you've got no reliable way of telling
whether the have fudged the numbers, then you've not got a secure
system.
Of course you don't have a perfectly reliable way of telling whether
they stuffed paper ballots either.
Count the ballots. If they don't match the number of voters, there's
a problem somewhere.
Too simple.
Of course there are problems. The point is, the problems are an order
of magnitude simpler than the ones thrown up by using computers.
The way we make systems honest is to enable truly independent
audits. Each voter should be able to check that his or her vote
is recorded correctly, and it should be possible to count the
paper ballots manually to double-check any machine counts.
CD-R audit trails have been shown to be just as secure against
tampering.
Assuming that you trust the machine to produce correct CD-R's in
the first place. The whole point about voting machines is that
you can't be sure that they will.
That's just one of the many reasons why you test the system before
you put it live. A certain election supervisor in Florida learned
that one the hard way, not the the machines were deliberately set
to fudge the election but they just Weren't Ready for Prime Time.
And yes, that means having the election supervisors spend LOTS of
time on things like upgrades and system testing and proper
procedures have to be established for all that. Yes, it's a *****
to keep everything in sync, as California has learned, and now
their experience is being used to blacken the whole concept of
evoting.
I've managed PC hardware and software version upgrades and rollouts
and system testing and all that crapola, not on evoting but the
principles are the same.
So why bother? Pencil and paper works fine, and the security
problems of that approach are well understood and easily countered.
Because paper and pencil *don't* work fine and have serious security
problems which is why they invented mechanical voting machines and
punch cards and OCR systems and all the others.
Really? The last UK general election used a paper ballot. The last
US presidential election used voting machines. Guess which one
generated the most controversy?
The one that was most closely contested?
What problems with a pencil-and-paper ballot are solved by using
voting machines?
Smudged/unreadable squiggles, bent/folded/spindled/mutilated/sweaty
hands paper, human error in counting, storage of ballots for later
audit, space to keep them, getting enough of the *right* ballots to each
precinct/district/canton/whatever you call them.
Whatever mistakes humans can possibly make in marking up a ballot they
*will* make. I've done mark/sense systems (not e-voting but a scanned
mark-in-the-box form) and you'd be AMAZED at the kind of things you have
to allow for. Cigarette burns. AMAZED, I tell you.
--
Fred Stone
aa# 1369
Cthulhu for President! Why vote for a lesser evil?
.
|
|
|
| User: "Kevin Anthoney" |
|
| Title: Re: OT: "Electronic voting machines scare the bejesus out of IT security experts" |
17 Aug 2004 05:41:01 PM |
|
|
Fred Stone wrote:
Kevin Anthoney <kevin_anthoney@hotmail.com> wrote in
news:74c4e$41226a81$51569c09$13210@nf1.news-service-com:
Fred Stone wrote:
Kevin Anthoney <kevin_anthoney@hotmail.com> wrote in
news:207d2$4122510b$51569c09$3283@nf1.news-service-com:
Fred Stone wrote:
Kevin Anthoney <kevin_anthoney@hotmail.com> wrote in
news:7fa57$412130eb$51569c09$23960@nf1.news-service-com:
Fred Stone wrote:
"Fear gan dia" <blqbqhdqbhdn@hdbtnrlsblbq.com> wrote in
news:412103c1.003@hdbtnrlsblbq.com:
Fact: Computer systems can be hacked in many ways without using
the Internet. Making systems secure against outsiders, such as
voters and poll workers, is very hard, and, as multiple studies
have shown, the current e-voting systems fail miserably.
However, making them secure against INSIDERS, possibly even the
programmers themselves, is close to impossible.
No *****, sherlock. Making paper ballots secure against INSIDERS
is even harder, duh.
Nah. "Insiders", in this context, means the company building the
machines. The equivalent in a paper ballot would be the printers,
and the only way they could cheat is by pre-marking the papers.
Somebody would notice.
Election officials could in theory cheat, by stuffing the ballot
box or whatever. But that's why you have loads of them, all
keeping an eye on each other.
And where are these same election officials when the companies
deliver their e-voting machines? Any company that tried to bias an
election at the machine-coding level would get caught by the first
acceptance test.
if( strcmp( date, "2004-11-02" ) == 0 ) {
candidate[ 0 ] += 5000;
candidate[ 1 ] -= 5000;
}
The code above would work fine in tests prior to the election. On
election day, it'd skew the results.
The test would naturally set the date to election day.
Naturally, my first attempt at an example would be rather crude.
Somebody seriously attempting such a thing would be far more subtle.
Naturally. The point is that rigorous testing would probably uncover
anything that didn't involve hands-on cheating.
There's an infinite number of
different ways to hide election-skewing code in a computer, and no
way to test for all of them.
How do people find the easter eggs in any commercial program? They
*do* find them though.
a) The programmers who put them in tell their mates, who tell their
mates... ; or
Which is how any voting conspiracy would probably fail.
No security professional worth his salt would be satisfied with "Oh, it
probably wouldn't happen anyway." He'd want to know how to stop it (or at
least detect it) if it *did* happen. Computers are a major headache in
this regard, because there are so many nooks and crannies to hide stuff.
The blindingly obvious solution to this problem is to not use a computer.
Use something that's *real* simple. Like a pencil. Nobody has yet managed
to upload malicious code into one of those.
b) Millions of people buy Excel (or whatever) and extensively use it
day after day. Somebody is bound to hit on the right keystroke
eventually. This doesn't apply as much to voting machines - there
aren't that many election officials, and the voters only get to click
on their candidate.
Naturally we're just speculating about the possible scenarios. I find
it hard to imagine that the programmer would even know who
candidate[0] is since that would depend on the ballot template. If I
were the election commissioner I would certainly have one of my own
people doing the template setup, not somebody outside my control.
Of course, there must be something linking candidate[ 0 ] to one of
the candidate's names.
Still too obvious of a way of cheating. I'm not saying it would be
impossible, but then it's possible to cheat *any* system, electronic or
not.
Yes, but electronic systems offer a much greater opportunity for subtle,
difficult-to-detect ways of cheating.
Yes, it's paranoid. But you're *supposed* to be paranoid if you're
trying to design a secure system. You have to assume that Diebold
really *are* out to fix the election.
Why not just assume that your whole election commission is in on the
scheme to to fix the election while you're at it? Then you're screwed
anyway. In the Real World any conspiracy of that magnitude would be
bound to fall apart. "Two people can keep a secret if one of them is
dead."
Yes, you should keep a close eye on the election commission, too.
Just in case.
(The fact that Walden O'Dell
actually said he'd deliver the election to Bush does nothing except
underline the point.)
That's not quite exactly what he said. IIRC, he said something like
"delivering all the votes for the President in 2004."
The fact that he'd have to be *insane* to admit to conspiracy like
that in public doesn't seem to make any impression though.
If you've got no reliable way of telling
whether the have fudged the numbers, then you've not got a secure
system.
Of course you don't have a perfectly reliable way of telling whether
they stuffed paper ballots either.
Count the ballots. If they don't match the number of voters, there's
a problem somewhere.
Too simple.
Not by much. The general solution is to have lots of people of all
political persuasions standing around the ballot boxes, watching over them.
We've been doing paper ballots for long enough to have ironed out all the
major wrinkles. The problems are simple and well understood. More
importantly, so are the solutions.
Of course there are problems. The point is, the problems are an order
of magnitude simpler than the ones thrown up by using computers.
The way we make systems honest is to enable truly independent
audits. Each voter should be able to check that his or her vote
is recorded correctly, and it should be possible to count the
paper ballots manually to double-check any machine counts.
CD-R audit trails have been shown to be just as secure against
tampering.
Assuming that you trust the machine to produce correct CD-R's in
the first place. The whole point about voting machines is that
you can't be sure that they will.
That's just one of the many reasons why you test the system before
you put it live. A certain election supervisor in Florida learned
that one the hard way, not the the machines were deliberately set
to fudge the election but they just Weren't Ready for Prime Time.
And yes, that means having the election supervisors spend LOTS of
time on things like upgrades and system testing and proper
procedures have to be established for all that. Yes, it's a *****
to keep everything in sync, as California has learned, and now
their experience is being used to blacken the whole concept of
evoting.
I've managed PC hardware and software version upgrades and rollouts
and system testing and all that crapola, not on evoting but the
principles are the same.
So why bother? Pencil and paper works fine, and the security
problems of that approach are well understood and easily countered.
| | | | | | | | | | | | | | | | | | |
