Bugtraq: RE: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes

[gandalf () digital net]

Greetings and Salutations:

From: David Brodbeck
> You're missing the social dynamics around it.  There are 
> several parties
> involved:
<snip>
> - The public.  They don't understand these issues either, and 
> they have a short attention span.
Let me add one more social dynamic.  The public will want to see instantaneous vote results, so eventually these 
computers will be networked to send the results back to a central voting computer ... And we are all familiar with how 
easily networked computer can be compromised if they aren't locked down.  Now we are also discussing Man In The Middle 
attacks, etc.

(Which to me adds yet another social dynamic, if people see one person is winning that might change or sway their vote)

The OSes had *better* be locked down and secure.  The only way to verify that is to either blindly attacked the box or 
have a open box that is inspected by real independent observers.

Ken
------------------------------------------------------------------
Do not meddle in the affairs of wizards for they are subtle and 
quick to anger.
Ken Hollis - Gandalf The White - gandalf () digital net - O- TINLC
WWW Page - http://gandalf.home.digital.net/
Trace E-Mail forgery - http://gandalf.home.digital.net/spamfaq.html
Trolls crossposts  - http://gandalf.home.digital.net/trollfaq.html