[TriLUG] OT: www.hexblog.com - a fix for the WMF vulernability.

Tanner Lovelace clubjuggler at gmail.com
Wed Jan 4 13:57:20 EST 2006 

On 1/4/06, Rick DeNatale <rick.denatale at gmail.com> wrote:
> Well, they probably got around this because it depends on the meaning
> of interpreted.  AccuBasic is compiled in the same sense that Java is
> compiled.  I'm not sure that interpretation is really that much less
> secure anyway. Sure you can hide stuff in the interpreter, but as Ken
> Thompson pointed out in his Turing Award lecture
> http://www.acm.org/classics/sep95/ you can hide stuff in the compiler
> as well.

Actually, they got around it by not submitting the code for review!
(Or, at least that's what the state of CA is saying, since they're
asking Diebold to submit it to the Independent Testing Authority,
or ITA, for certification.)

> And as far as I know, the federal government doesn't actually certify
> voting machines, this is done by the state and local governments under
> federal guidelines.  The recent lawsuit over the illegal certification
> of Diebold DRE machines was against the state of North Carolina.

State Board of Elections do certify voting machines for each state
but if they wish to receive federal money to help with the cost
then those voting machines must also met federal certifications.
However, the state of NC did no testing at all (contrary, btw, to
the recently passed NC law that specifies that they are to do so)
and instead said, well the ITA tested everything, so that's good
enough for us.

> There's seems to be quite a bit of decertification activity lately,
> and some jurisdictions are already looking for new money to buy
> replacements for the machines they purchased under the Help America
> Vote Act.

That's because there's a January 20 deadline to have contracts in
place to receive federal money.

> And I'm surprised and concerned that the test last month in Leon
> county FL, shows that the optical scan machines might not be as good a
> solution to verifiable voting as many open voting advocates, including
> me, thought they were.

What happened here was that the accubasic interpreter was programmed
with 5 positive and 5 negative votes and so when they ran the test to
make sure there were 0 votes before starting the test, it did, indeed, say
that there were zero votes.  They then voted on whether the machine
could be hacked or not.  6 people voted no and 2 people voted yes.
When they read back the results, they said:

No: 1
Yes: 7

Thereby proving the point of those that voted yes.[1]  Yes, this could have
been caught with a manual recount, but the chance of that happening is
fairly slim.  The problem here was that all the calculation was done using
the accubasic code and by simply switching the flash card, which could easily
be done by a poll worker or a random BOE person beforehand, the election
was changed.  If you think something like this couldn't effect a
national election,
think again and read this article entitled "President Nader or How I Learned to
Stop Worrying and Love DREs" [2].

Cheers,
Tanner

[1] http://www.schneier.com/blog/archives/2005/12/leon_county_fl.html
[2] http://www.cs.duke.edu/~justin/voting/PrezNader.html
--
Tanner Lovelace
clubjuggler at gmail dot com
http://wtl.wayfarer.org/
(fieldless) In fess two roundels in pale, a billet fesswise and an
increscent, all sable.

More information about the TriLUG mailing list