Re: Diebold Global Election Management System (GEMS) Backdoor Account Allows Authenticated Users to Modify Votes

From: Colm MacCarthaigh (colmmacc_at_redbrick.dcu.ie)
Date: 09/28/04

  • Next message: Dominic Hargreaves: "[FLSA-2004:1552] Updated cadaver packages that fix security vulnerabilities" 
    Date: Tue, 28 Sep 2004 01:15:12 +0100
To: Nicholas Knight <nknight@runawaynet.com>

    On Sun, Sep 26, 2004 at 10:16:09AM -0700, Nicholas Knight wrote:
    > Paper trails are a safeguard to be used in the event the system doesn't
    > work, but they're *less accurate* than a *working* electronic voting
    > system would be.

    Firstly, I'm not certain there is basis for this claim. Most human
    counting problems are caused by a lack of clarity on the original
    record, be it pencil-marks or chads. Since any useful voter-verified
    audit-trail is likely to consist of simple clearly-printed preferences,
    which have been verified by a voter before being cast, there is every
    reason to believe that accurate counting with good transparent human
    counting procedures are implementable.

    Secondly, how does one determine if the system has or has not worked
    without checking the audit trail? If the electronic result says
    candidate A beat candidate B, how do you know if that is accurate without
    performing a comparison?

    Since this comparison is the key to any successful integrity check, it
    seems that we still need a transparent, human-auditable counting system
    anyway - to verify the veracity of any electronic results.

    There is, as yet, no credible mechanism by which an auditor can decide
    - merely on the numbers - whether an electronic result is likely to be
    erroneous or not. Opinion and exit polls are frequently wrong, and an
    electronic system may be as likely to mis-count one vote as a thousand.
    What mechanism can be proposed?

    > We have an unprecedented opportunity here to count every vote with
    > perfect precision through electronic voting systems. Unless every
    > aspect of those systems is open to public review, we're throwing that
    > opportunity away.

    Electronic systems are not open to non-destructive or unassisted review,
    their implementation is sub-microscopic. 

    -- 
Colm
  • Next message: Dominic Hargreaves: "[FLSA-2004:1552] Updated cadaver packages that fix security vulnerabilities"