The Ministry of Shadows

Last Five Entries

Gone, But Not Forgotten?
Friday, Jan. 20, 2012

What The Internet Will Look Like Under SOPA
Wednesday, Jan. 18, 2012

Fearsgiving Week
Monday, Nov. 21, 2011

Jesus Approves of Waterboarding
Monday, Nov. 14, 2011

Beware of Asteroids
Wednesday, Nov. 09, 2011


FirstGov Portal

Legislative Database

Recommended Reading


Bruce Schneier

James Hudnall

Glenn Greenwald


You Are Dumb

All links are current as of the date of publication. All content created by the author is copyrighted 2005-2010, except where held by the owners/publishers of parent works and/or subject materials. Any infringement of another's work is wholly unintentional. If you see something here that is yours, a polite request for removal or credit will be honored.

Stealing Democracy?

Wednesday, Dec. 14, 2005 11:26 PM

An interesting bit of news carries some serious implications for democracy in America.

A Finnish security expert, Harri Hursti, successfully hacked a Diebold voting machine, not only submitting a falsified vote count, but getting those same numbers past the central tabulating computer.

In the end, the vote was what Hursti had determined it would be, not what the ballots actually read.

Consequently, the supervisor of elections in Leon County, Florida has stated he will never again use Diebold machines in an election, and has asked for funds to replace the current system.

Instead of Diebold addressing the error, they chose to threaten the supervisor. Note that the letter says Diebold welcomes, "authorized testing and examination of our products by qualified professionals;" the implication is that Hursti is neither qualified or professional. It basically means Diebold will only accept tests made by their hand-picked experts - kind of like letting Uri Geller pick the scientists who are to examine his spoon-bending powers. (And we're all amazed, of course, when those hand-picked scientists affirm Geller's amazing feats, right?)

The letter then goes on to suggest that the test voids the warranty, licensing agreement, and is tantamount to damaging the system.

Has it occurred to the Diebold folks that someone willing to falsify election results doesn't exactly care about licensing, the warranty, or damage to the software insofar as their attempts remain undetectable? Fraud is not an accidental event; it is an act of deliberate malice. The system must be able to differentiate between valid and fraudulent operations. (A general example of this is when a system denies access after several failed login attempts.)

Additionally, predicating a system's security on the presence of non-related physical security is a fallacy. Claiming the system is secure only as long as it is inside a locked room says nothing about the integrity of your system. It ignores the problem of an unauthorized person gaining access and/or posing as an authorized user when, in fact, this is essential to system security.

While this incident is not conclusive proof that fraud has been perpetrated in any given election, the fact that Diebold continues to ignore their failings and threaten election officials who are practicing due diligence does not elevate their reputation.

And though it may be unrelated, Diebold's CEO, Wally O'Dell announced his resignation earlier this week.

(Bruce Schneier's blog also mentions Hursti's test.)

The Ministry has received 1 comment(s) on this topic.

Pink - 2005-12-15 16:41:53
Oh wow! I love your banner, and your template!