Bugtraq mailing list archives
Re: Diebold Global Election Management System (GEMS) Backdoor Account
From: Brian Kirkbride <brian () broadtime com>
Date: Mon, 27 Sep 2004 18:17:45 -0500
I'm a lurker myself but am keenly interested in the problem. I have to agree 100% with Ryan's statement. This is a point that few people make in this argument, because the discussion has been spun to focus on _proving_ some sort of malicious intent on Diebold's part. I disagree with that fundamental statement of the argument. These people have demonstrated that they are ignoring all of the "right" ways to perform their task (both technically and ethically) and have repeatedly used press releases and legal maneuver to avoid addressing the issues people have with their software.
This sort of behaviour is commonplace when it comes to corporations because it is usually less painful financially than doing what is right. But I cannot agree more strongly with the point that this particular service is one that should be performed without profit as the highest motive. For those at Diebold that cry foul at those of us that feel the election is more important than their quarterly statement, I humbly suggest that they should choose a less vital service to bring to market. Imagine a company complaining that reliable medical systems would be too costly to implement and would affect their bottom line. There is a greater standard to uphold. - Brian Kirkbride Ryan_Ward () Dell com wrote:
I usually lurk as well, but wanted to respond to your question. There's so much debate for one simple reason. All the known solutions have been ignored. This is why everyone is getting so upset on this issue. Companies like Diebold have ignored all the previous work on this subject, work done by people like Bruce Schneier. They've ignored all the problems with their system, up to and including their complete lack of verifiability. They're already, in a rather short history in this field, shown a complete lack of accountability (think the various unapproved revisions that got them sued in California). That they've been so determined to weasel around the _known_ solutions to these issues casts a great deal of suspicion on them. Their continued resistance to even the simplest fixes, combined with their repeated denials of any problems, is only making things worse. Unfortunately, I don't see any major changes to this happening until some state's electoral votes go to CowboyNeal or Bill the Cat... Ryan (Not speaking for Dell in any way, shape or form) "Every election is a sort of advance auction sale of stolen goods." -- H. L. Mencken
Current thread:
- Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Jérôme (Aug 31)
- <Possible follow-ups>
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Ryan_Ward (Sep 27)
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Brian Kirkbride (Sep 29)
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes gandalf (Sep 28)
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Bruce Barnett (Sep 29)