Create an Account
username: password:
 
  MemeStreams Logo

MemeStreams Discussion
search
Home Agent Weblogs Social Network Post Help About


This page contains all of the posts and discussion on MemeStreams referencing the following web page: The Diebold FTP Story. You can find discussions on MemeStreams as you surf the web, even if you aren't a MemeStreams member, using the Threads Bookmarklet.

The Diebold FTP Story
by Hijexx at 12:59 pm EDT, Sep 9, 2003

Good analysis of Scoop's allegations and Diebold's rebuttal:

------

Allegation #53 (p. 16):
"Physical access to the voting results may not even be necessary to acquire the voting records if they are transmitted across the Internet."
Diebold Response:
... Results are not transmitted over the Internet.
My Added Comment:
But we know that result transmission uses telephone, PPP, and a username and password, from Page 14 of the Hopkins report, quoted in Allegation #40. Therefore, it is quite possible that election central will have a LAN connected using Internet protocol, perhaps used to connect a modem bank with a single PC. This LAN may not be as vulnerable as the public Internet, but it is vulnerable to packet snooping and several other attacks, and must therefore be carefully secured. Furthermore, if an adversary can dial into the PPP host and await connections, Trojan horse applications on the voting system could communicate with the adversary using PPP without talking to the GEMS system at all.

Allegation #54 (p. 16):
"The Diebold voting machines cannot work in isolation ..."
Diebold Response:
This is false. ... The primary form of output for the Ballot Station is the result tape ...
My Added Comment:
Diebold is wrong. Just because communication is accomplished using hand carried media such as the PCMCIA cards used to program the machine before the election and the printout used as the official election record does not mean that the machine is isolated. See my response to allegation #16! Hand carried PCMCIA cards need just as much protection as network communications. Furthermore, the printout from the machine is not necessarily the final result unless we make this printout before we make any modem connection that could admit an intruder; here, the Diebold system, because of its weak security, relies unnecessarily on strict adherence to correct polling place procedures. Not only that, but we are under increasing pressure to use the electronic record for canvassing, generally the one in the hand-carried PCMCIA card taken from the voting machine, but in the not-too-distant future, we may be pressured into using the result from the modem! That paper record wasn't even an option with Global's system when it was offered for sale to Iowa in 1997, and today, I gather that many jurisdictions don't look at it unless there's a call for a recount.

Link - Reply

There is a redundant post from Dr. Nanochick not displayed in this view. 		 
 
Powered By Industrial Memetics