Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

One bourbon, one scotch, one election

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread
This topic is archived.
Home » Discuss » Archives » General Discussion (1/22-2007 thru 12/14/2010) Donate to DU
 
helderheid Donating Member (1000+ posts) Send PM | Profile | Ignore Sat Jan-27-07 10:55 AM
Original message
One bourbon, one scotch, one election

I'm not sure which is more imbecilic -- posting a photo of the key to
your electronic voting system to the Web, or making that key a
universal one designed to access any machine you manufacture and the
hotel mini-bar to boot (see "One bourbon, one scotch, one election").

In the end, it doesn't really matter because our doltish friends at
Diebold have done both. Until yesterday, when Diebold slammed the barn
door shut on a horse that's by now halfway to Katherine Harris' summer
home, the voting machine manufacturer offered for sale on its Web site
replacement keys to its AccuVote-TS.

On the product page sat a photo of the key so detailed it could be
used to create a working copy.

Which is precisely what Ross Kinard of SploitCast did. "I bought three
blank keys from Ace," Kinard told J. Alex Halderman at Princeton's
Center for Information Technology Policy. "Then a drill vise and three
cabinet locks that used a different type of key from Lowes. I hoped
that the spacing and depths on the cabinet locks' keys would be
similar to those on the voting machine key. With some files I had I
then made three keys to look like the key in the picture." Kinard sent
those keys to Halderman, who found that two could be used to open
Diebold machines. Nice, eh? As Halderman notes, the shape of a key is
like a password -- only a fool, or Diebold, would post it to the Web
(see "AccuVote -- that's an oxymoron, right?").

"Security experts advocate designing systems with 'defense in depth,'
multiple layers of barriers against attack," Halderman writes. "The
Diebold electronic voting systems, unfortunately, seem to exhibit
'weakness in depth.' If one mode of attack is blocked or simply too
inconvenient, there always seems to be another waiting to be exposed."

Posted by John Paczkowski on 08:08 AM
Permalink

http://blogs.siliconvalley.com/gmsv/2007/01/im_not_sure_whi.html#comments
Printer Friendly | Permalink |  | Top

Home » Discuss » Archives » General Discussion (1/22-2007 thru 12/14/2010) Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators


Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC