Bugtraq mailing list archives
RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes
From: "David Querin" <david () securityage com>
Date: Wed, 22 Sep 2004 15:18:41 -0400
It seems these devices are illegally deployed, regardless. They're not upheld to the same Information Assurance requirements necessitated for other governmental information technologies, including FIPS140-2 and Common Criteria. Instead, these electronic voting systems have been "approved" by unnamed, unsupervised third parties with vested interests in these systems being deployed. It's absurd. -----Original Message----- From: Jaeson Schultz [mailto:jaeson () jaeson net] Sent: Wednesday, September 22, 2004 12:33 PM To: pressinfo () diebold com; bugtraq () securityfocus com Subject: RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes How about providing the source code so we can see for ourselves? Shouln't the machines used for elections in a democracy such as The United States of America be open to such review? Just because you refute the existence, doesn't mean that the "back doors" or "hidden codes" aren't there. Only the source code can prove that. Why should we just take your word for it? ~Jaeson Schultz -----Original Message----- From: pressinfo () diebold com [mailto:pressinfo () diebold com] Sent: Tuesday, September 21, 2004 8:05 AM To: bugtraq () securityfocus com Subject: Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes In-Reply-To: <20040831203815.13871.qmail () www securityfocus com> Diebold strongly refutes the existence of any "back doors" or "hidden codes" in its GEMS software. These inaccurate allegations appear to stem from those not familiar with the product, misunderstanding the purpose of legitimate structures in the database. These structures are well documented and have been reviewed (including at a source code level) by independent testing authorities as required by federal election regulations. In addition to the facts stated above, a paper and an electronic record of all cast ballots are retrieved from each individual voting machine following an election. The results from each individual machine are then tabulated, and thoroughly audited during the standard election canvass process. Once the audit is complete, the official winners are announced. Any alleged changes to a vote count in the election management software would be immediately discovered during this audit process, as this total would not match the true official total tabulated from each machine.
Current thread:
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes pressinfo (Sep 22)
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Craig Paterson (Sep 22)
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Jaeson Schultz (Sep 22)
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Lorne J. Leitman (Sep 22)
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes David Querin (Sep 23)
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Jay Hennigan (Sep 22)
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Homer (Sep 22)
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Rainer Duffner (Sep 22)
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Mike Ely (Sep 22)
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Claudius Li (Sep 25)
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Seth Breidbart (Sep 27)
- RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes David Schwartz (Sep 28)
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Adam Shostack (Sep 29)
- Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes Claudius Li (Sep 25)