You are viewing an obsolete version of the DU website which is no longer supported by the Administrators. Visit The New DU.
Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

Reply #36: more clarification [View All]

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread		 This topic is archived.
Home » Discuss » Topic Forums » Election Reform Donate to DU
Neil B Forzod Donating Member (64 posts) Send PM | Profile | Ignore Thu Dec-01-05 01:53 AM
Response to Reply #33
36. more clarification
Unless the source code is digitally signed, you can't tell if it's running on a given machine on election day(s) anyway.


Actually you need the compiled stuff digitally signed to do that. Signing the source code doesn't help. Ideally you'd have the ITAs review the source code, hash and/or sign it, build the target executables and libraries and what-have-you, and then hash and/or sign those. You could check the signature of the installed applications against the signatures/hashes published by the ITAs, so you'd at least know that it's the version the ITA built from the source code they actually reviewed. (Whether you think the ITAs are otherwise useful as reviewers is a separate discussion.)


I don't think it would be that hard to do using public/private key encryption. A web browser could authenticate the stuff, but of course you'd need an Internet connection to the certificate authority and that might be a no-no. Authenticate the code via dial-up maybe? But you'd have to train poll workers to do it.


The voting machines don't have a web browser or an internet connection. (Although you don't need an internet connection to verify a certificate's authenticity, you just need the certificate authority's own certificate.) I think many people would object to any kind of dial-up model -- I'm not sure I want poll workers to call up some remote computer using the modem in the voting machine, it sounds like a pretty serious security risk.


At the moment it's kind of a free for all. I don't think anyone has reviewed all the source code. RABA said there were 285,000 lines of Diebold and only a fraction was carefully studied.


That may in fact be true (I don't have any of the numbers at my disposal right now). But -- and it's a pretty big "but", really -- the observation that "they haven't reviewed all the source code" is a much different statement from "nobody's had the opportunity to review all the source code" or "Diebold refuses to let anyone look at it". Clearly they do and have let people look at it, and there's no credible reason to think they'd object to releasing their source code to an NC-designated escrow agency... something they pretty much do all the time in other states.


That said, there are enough ways to rig this junk without having access to the source code anyway and this is the real threat.


Totally agreed on the alternate rigging opportunities. That's why I personally don't understand the general obsession people have over source code.

Neil
Printer Friendly | Permalink |  | Top
 
  -Diebold Threatens to Pull Out of North Carolina iconoclastNYC  Nov-29-05 09:44 PM   #0 
  - oh that would be such a tragedy!!!  skooooo   Nov-29-05 09:45 PM   #1 
  - I know, aren't you sad?  ih8thegop   Nov-29-05 09:48 PM   #5 
  - OK, this is the wedge  Canuckistanian   Nov-29-05 09:47 PM   #2 
  - Explain, please?  aquart   Nov-29-05 09:48 PM   #4 
     - If they can be that threatened, they'll back off  Canuckistanian   Nov-29-05 09:58 PM   #10 
        - minor clarification  Neil B Forzod   Nov-30-05 03:29 AM   #20 
           - OK, thanks for the explanation  Canuckistanian   Nov-30-05 09:16 AM   #22 
           - rocket science  Neil B Forzod   Nov-30-05 11:04 PM   #29 
           - You raise some good points but  Bill Bored   Nov-30-05 05:56 PM   #24 
              - sure  Neil B Forzod   Nov-30-05 10:22 PM   #27 
              - Well, I think the whole issue is a bit of a white elephant anyway.  Bill Bored   Dec-01-05 12:40 AM   #33 
                 - more clarification  Neil B Forzod   Dec-01-05 01:53 AM   #36 
                    - Dial up and source code.  Bill Bored   Dec-01-05 10:52 PM   #42 
                       - more on dial-up and source code  Neil B Forzod   Dec-02-05 01:06 AM   #43 
                          - Ethernet + Router = Internet! That's all I meant. It is a sequitur.  Bill Bored   Dec-02-05 11:14 PM   #44 
                             - no, you are incorrect  Neil B Forzod   Dec-03-05 03:30 PM   #46 
                                - Take it easy!  Bill Bored   Dec-03-05 09:12 PM   #48 
              - "Source Code" is, by definition, uncompiled  Canuckistanian   Dec-01-05 07:44 AM   #39 
  - They're threatening to NOT sell equipment there? It's not like they're  merwin   Nov-29-05 09:47 PM   #3 
  - Who is in NC who can offer to count paper ballots  sfexpat2000   Nov-29-05 09:49 PM   #6 
  - I think they are hiding something.  Skink   Nov-29-05 09:51 PM   #7 
  - Diebold? Hiding something? Nah.  sfexpat2000   Nov-29-05 10:54 PM   #14 
  - Me! (n/t)  TWriterD   Nov-29-05 09:55 PM   #9 
     - Better get cracking! Be Free had a good idea over the weekend  sfexpat2000   Nov-29-05 10:56 PM   #16 
        - Hey, sfexat2000, how ya doin? What's the paper ballot idea?  Peace Patriot   Nov-30-05 07:09 PM   #25 
           - Nice to see you! Here's the link to the thread  emlev   Dec-01-05 12:37 AM   #32 
  - Here's your hat, what's your hurry...  swimmernsecretsea   Nov-29-05 09:54 PM   #8 
  - How about: Asta la vista, baby! Oh, sorry, wrong state. nt  Bill Bored   Nov-30-05 12:10 AM   #17 
     - Oh, no, it's fine! Really!  swimmernsecretsea   Nov-30-05 07:32 AM   #21 
  - That's the tactic.  longship   Nov-29-05 10:02 PM   #11 
  - ES&S trying to implement, read buy off, NY State right now...  feelthebreeze   Nov-29-05 10:16 PM   #12 
  - Yeah. I can hear the green rustling in CA TONIGHT.  sfexpat2000   Nov-29-05 10:55 PM   #15 
  - NY State has a s/w escrow law too. nt  Bill Bored   Nov-30-05 12:15 AM   #18 
     - hey there BillBored...  feelthebreeze   Nov-30-05 12:22 AM   #19 
        - Nothing to connect really.  Bill Bored   Nov-30-05 05:15 PM   #23 
  - BYE~BYE !!!  discerning christian   Nov-29-05 10:25 PM   #13 
  - Privatized elections, run by corporations, with secret source code.  Peace Patriot   Nov-30-05 07:17 PM   #26 
  - What is Dieblod afraid of?  farmboxer   Nov-30-05 10:48 PM   #28 
  - Something tells me they would not reveal it, ever, even if..  Festivito   Nov-30-05 11:21 PM   #30 
  - something tells me you didn't read reply #27 (nt)  Neil B Forzod   Dec-01-05 01:34 AM   #35 
     - Doesn't matter.  Festivito   Dec-01-05 02:20 AM   #37 
        - ok  Neil B Forzod   Dec-01-05 03:07 AM   #38 
           - Indeed, that Diebold avoids even escrow is telling. /nt  Festivito   Dec-01-05 09:18 AM   #41 
           - I've heard that Diebold's hash changes whenever a vote is cast!  Bill Bored   Dec-03-05 12:34 PM   #45 
              - I think you just made that up  Neil B Forzod   Dec-03-05 03:55 PM   #47 
              - Come on, who's going to know how to do that?  Bill Bored   Dec-03-05 09:53 PM   #49 
              - Specify, please  Boredtodeath   Dec-03-05 10:10 PM   #50 
              - DRE changes at several intervals - including at load up  Boredtodeath   Dec-03-05 10:12 PM   #51 
  - from slashdot  slosteve   Nov-30-05 11:51 PM   #31 
  - good old Jim March and BBV  Neil B Forzod   Dec-01-05 01:34 AM   #34 
  - Don't let the door hit you on the ass, Diebold  tavalon   Dec-01-05 08:36 AM   #40 
 

Home » Discuss » Topic Forums » Election Reform Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators

Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC