[E-voting] more revelations from the USA

Catherine Ansbro cansbro at eircom.net
Mon Jul 4 09:22:35 IST 2005


Colm,

No.  The code was available on an insecure Diebold ftp site which Bev 
Harris came accross by accident--so I don't think any of the independent 
computer scientists who had access to it were working under a 
non-confidentiality agreement with Diebold. :-)           Definitely 
not.  These were computer scientists who made a lot of noise about being 
part of the voting integrity movement.  In one case, one of the experts 
told Bev Harris about one or more security flaws well before the 
election.  She asked this person when they were going to go public with 
the information.  They said, "After the election."

As to any supposedly independent computer scientists involved in the 
so-called "certification" process--the vulnerabilities should have been 
obvious to them, too (if they even looked at all, that is).  In their 
situation I wouldn't have expected them to make public statements--but 
they shouldn't have certified /any/ of these products.

It is just plain wrong for our whole democracy to be delegated to a 
handful of experts with no possibility for public scrutiny.

These things have been in use in the USA since the 1980s.  Who knows 
when the last "real" election was held there in districts where they 
were used?

Catherine

Colm MacCarthaigh wrote:

>On Sun, Jul 03, 2005 at 11:31:28PM +0100, Catherine Ansbro wrote:
>  
>
>>1) Highly respected computer scientists (in the Bay Area, Georgia and 
>>North Carolina) who had access to Diebold code apparently knew about the 
>>massive vulnerabilities of the Diebold optical scanner many months 
>>before the election and did nothing to alert anyone.  They knew--or 
>>should have known (because very obvious)--about the vulnerabilities from 
>>remote access, possibility to easily manipulate the counting computer, 
>>and the memory card executable--all of which could easily change 
>>election results on a large scale and not leave a trace.  Yet they said 
>>/nothing/ prior to the election.
>>    
>>
>
>Were they under any kind of non-disclosure agreement do you know? It's
>entirely possible that many respected Comptuer Scientists here know of
>additional problems with the Irish system but are bound to secrecy by
>the commission.
>
>  
>
>>7) This BBV Technical Report will be released on Monday 4th of July.  
>>(Keep your eyes out for this one.  The beginning of the abstract has 
>>been posted at BBV.)
>>    
>>
>
>The perfect day for it :)
>
>  
>




More information about the E-voting mailing list