Interesting People mailing list archives
24 hours!!! review of elections-computers' source-code completed in 24 hours!
From: David Farber <dave () farber net>
Date: Thu, 1 Dec 2005 17:36:22 -0500
Begin forwarded message: From: Jim Warren <jwarren () well com> Date: December 1, 2005 4:36:08 PM EST To: Dave Farber <dave () farber net>, Declan McCullagh <declan () well com>Subject: review of elections-computers' source-code completed in 24 hours!
Sheesh! Hope EVERY computer-literate citizen of North Carolina learns about this -- and screams bloody-hell to their legislators. What a amazing SHAM!
--jim From: Justin Moore <justin () cs duke edu> Organization: Duke University Department of Computer Science Date: Thu, 01 Dec 2005 13:31:05 -0500 Subject: [NCVI] Diebold back in NC It seems that Diebold didn't cut and run from North Carolina after all. Less than 24 hours after Diebold finally placed all of their source code into escrow -- OS and all, they claim -- the State Board claims that their source code audit confirms that Diebold system meets necessary security and reliability standards. The portion of relevant state law is === c) Prior to certifying a voting system, the State Board of Elections shall review, or designate an independent expert to review, all source code made available by the vendor pursuant to this section and certify only those voting systems compliant with State and federal law. At a minimum, the State Board's review shall include a review of security, application vulnerability, application code, wireless security, security policy and processes, security/privacy program management, technology infrastructure and security controls, security organization and governance, and operational effectiveness, as applicable to that voting system. === By certifying Diebold's system, the SBOE claims (implicitly) that they have conducted this review within the last 24 hours on all code placed in escrow. Perhaps the NC SBOE could publish their audit methods in the next top- tier software engineering conference. This is the most amazing code audit -- in terms of speed, breadth, and depth -- that I have ever seen. -jdm -- Duke University Department of Computer Science, Durham, NC 27708-0129 Email: justin () cs duke edu Web: http://www.cs.duke.edu/~justin/ ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- 24 hours!!! review of elections-computers' source-code completed in 24 hours! David Farber (Dec 01)