Slashdot Mirror

Doc Ruby writes to tell us about an article in the Baltimore (MD) Sun, reporting that someone sent a package to a former legislator containing what appears to be Diebold source code. From the article: "Diebold Election Systems Inc. expressed alarm and state election officials contacted the FBI yesterday after a former legislator received an anonymous package containing what appears to be the computer code that ran Maryland's polls in 2004... The availability of the code — the written instructions that tell the machines what to do — is important because some computer scientists worry that the machines are vulnerable to malicious and virtually undetectable vote-switching software. An examination of the instructions would enable technology experts to identify flaws, but Diebold says the code is proprietary and does not allow public scrutiny of it." Read on for more of Doc Ruby's comments and questions.
Maryland's primary elections last month were ruined by procedural and tech problems. Maryland used Diebold machines, even though its Republican governor "lost faith" in them as early as February this year, with months to do something about it before Maryland relied on them in their elections.

The Diebold code was secret, and was used in 2002 even though illegally uncertified — even by private analysts under nondisclosure. Now that it's being "opened by force," the first concern from Diebold, the government, and the media is that it could be further exploited by crackers. What if the voting software were open from the beginning, so its security relied only on hard secrets (like passwords and keys), not mere obscurity, which can be destroyed by "leaks" like the one reported by the Sun? The system's reliability would be known, and probably more secure after thorough public review. How much damage does secret source code employed in public service have to cause before we require it to be opened before we buy it, before we base our government on it?

An anonymous reader writes "The AJC is reporting on the current state of electronic voting in Georgia. The article discusses both sides of the debate and mentions Bev Harris and her work at Black Box Voting. Is touch screen voting the best solution available or is a conspiracy afoot?"

Slashback brings you updates tonight on Diebold's attempts to bring undisclosed-source, unauditable black-box voting to a ballot box near you, John Carmack's search for (rocket-fuel, not hair) peroxide, AT&T's (withdrawn) request for its customers' mail server addresses, open source goings on at Comdex, and more -- read on for the details.

Diebold Election Systems Round 2 in MD zznate writes "Looks like Diebold is not going to get off the hook so easily in Maryland after all. For anyone local, feel free to contact delegates Hixson or Hollinger to express your support. Perhaps they could even receive a copy or two (or fifty ;-) of the documents listed here."

Diebold is having an easier time at Swarthmore. yoshi_mon writes "Previously reported on /. was the Swarthmore Students Effort to keep the Diebold leaked memo's online. However that effort has been quashed by one Dean Bob Gross. To quote the dean, "We can?t get out in front in this fight against Diebold." BlackBoxVoting.com reports that '[Swarthmore College] is not willing to take a strong stand against Diebold, and is systematically disabling the network access of any student who hosts the files.'"

AT&T says Ha, just kidding! An anonymous reader writes "In an update to an earlier Slashdot article, Telco giant AT&T rushed to withdraw two notices sent to business partners and customers asking for the IP addresses of all outbound SMTP servers because of a 'human error' gaffe."

All this and cheap shrimp cocktail. blackbearnh writes "While the topic has been raised, I thought I'd mention a few other things going on at COMDEX Open-Source wise.

First off, the Open Source and Linux track has been expanded from a half-dozen sessions last year to nearly twenty this year. These will cover everything from the basics of Open Source (taught by folks like Ken Coar of Apache) to an intro to PHP led by Rasmus Lerdorf.

On the show floor, a massive 2500 sq foot Open Source Innovation Center will serve as the site for hourly talks by Open Source evangelists on business-related topics such as case studios proving the benefits of Open Source. There will also be a staffed "clinic" area where attendees can get advice on what Open Source technologies would work well in their business. There will also be install parties held at noon each day, where attendees can bring their laptops to get help installing MySQL or Debian. And lastly, a .ORG village inside the center will host representitives from more than a dozen prominent Open Source organizations, including OpenOffice and Mozilla.

Also, the COMDEX/ApacheCon exchange program continues this year. COMDEX members can get access to the ApacheCon expo floor and BOF sessions, while ApacheCon member can visit the COMDEX show floor and the Open Source keynotes. Shuttle service will link the two conventions.

James Turner
Co-Chair, Open Source, Fall 2003 COMDEX"

It's a crapshoot, eh. Dick Faze writes " Royal Bank of Canada is part of a $50 Million investment in SCO: Has our communist neighbor to the north finally flipped completely?" (We know Mr. Faze is being facetious, here ... don't we?) This is the same $50,000,000 investment deal in which some people suspected Microsoft's involvment.

Patent Office Cancels Swing Patent An anonymous reader writes "Remember the swing patent issued last year covering the method of swinging a swing? Well, the Patent Office must've taken offense at the amount of criticism it received over this patent. It initiated a reexam proceeding and after a year's worth of reexamination, they cancelled the patent on July 1, 2003."

But all the other patents are up to snuff, don't worry.

Carmack's Peroxide Troubles Over? Rob Jellinghaus writes "John Carmack's aerospace company has had problems getting enough concentrated 90% peroxide for their engines. So they have been working on mixed monoprop engines that would need only 50% peroxide, which would pretty much end their fuel troubles for good. They have had many failures, but they may have just succeeded. In his words: 'This is Very Good.'"

Remember, most of the world is still dial-up, at best. Anothermouse Cowered writes "It's a router, it's a firewall, it's a home gateway it's a... In another giant leap for the Open Source community, you can now hack on your own embedded Linux system for under $70. The source code for the ActionTEC Dual modem previously mentioned on Slashdot ('Hacking the Actiontec 56k Modem/Gateway') in September has now been released under the GPL. Downloads available here."

Slashback brings you updates tonight on Diebold's attempts to bring undisclosed-source, unauditable black-box voting to a ballot box near you, John Carmack's search for (rocket-fuel, not hair) peroxide, AT&T's (withdrawn) request for its customers' mail server addresses, open source goings on at Comdex, and more -- read on for the details.

Diebold Election Systems Round 2 in MD zznate writes "Looks like Diebold is not going to get off the hook so easily in Maryland after all. For anyone local, feel free to contact delegates Hixson or Hollinger to express your support. Perhaps they could even receive a copy or two (or fifty ;-) of the documents listed here."

Diebold is having an easier time at Swarthmore. yoshi_mon writes "Previously reported on /. was the Swarthmore Students Effort to keep the Diebold leaked memo's online. However that effort has been quashed by one Dean Bob Gross. To quote the dean, "We can?t get out in front in this fight against Diebold." BlackBoxVoting.com reports that '[Swarthmore College] is not willing to take a strong stand against Diebold, and is systematically disabling the network access of any student who hosts the files.'"

AT&T says Ha, just kidding! An anonymous reader writes "In an update to an earlier Slashdot article, Telco giant AT&T rushed to withdraw two notices sent to business partners and customers asking for the IP addresses of all outbound SMTP servers because of a 'human error' gaffe."

All this and cheap shrimp cocktail. blackbearnh writes "While the topic has been raised, I thought I'd mention a few other things going on at COMDEX Open-Source wise.

First off, the Open Source and Linux track has been expanded from a half-dozen sessions last year to nearly twenty this year. These will cover everything from the basics of Open Source (taught by folks like Ken Coar of Apache) to an intro to PHP led by Rasmus Lerdorf.

On the show floor, a massive 2500 sq foot Open Source Innovation Center will serve as the site for hourly talks by Open Source evangelists on business-related topics such as case studios proving the benefits of Open Source. There will also be a staffed "clinic" area where attendees can get advice on what Open Source technologies would work well in their business. There will also be install parties held at noon each day, where attendees can bring their laptops to get help installing MySQL or Debian. And lastly, a .ORG village inside the center will host representitives from more than a dozen prominent Open Source organizations, including OpenOffice and Mozilla.

Also, the COMDEX/ApacheCon exchange program continues this year. COMDEX members can get access to the ApacheCon expo floor and BOF sessions, while ApacheCon member can visit the COMDEX show floor and the Open Source keynotes. Shuttle service will link the two conventions.

James Turner
Co-Chair, Open Source, Fall 2003 COMDEX"

It's a crapshoot, eh. Dick Faze writes " Royal Bank of Canada is part of a $50 Million investment in SCO: Has our communist neighbor to the north finally flipped completely?" (We know Mr. Faze is being facetious, here ... don't we?) This is the same $50,000,000 investment deal in which some people suspected Microsoft's involvment.

Patent Office Cancels Swing Patent An anonymous reader writes "Remember the swing patent issued last year covering the method of swinging a swing? Well, the Patent Office must've taken offense at the amount of criticism it received over this patent. It initiated a reexam proceeding and after a year's worth of reexamination, they cancelled the patent on July 1, 2003."

But all the other patents are up to snuff, don't worry.

Carmack's Peroxide Troubles Over? Rob Jellinghaus writes "John Carmack's aerospace company has had problems getting enough concentrated 90% peroxide for their engines. So they have been working on mixed monoprop engines that would need only 50% peroxide, which would pretty much end their fuel troubles for good. They have had many failures, but they may have just succeeded. In his words: 'This is Very Good.'"

Remember, most of the world is still dial-up, at best. Anothermouse Cowered writes "It's a router, it's a firewall, it's a home gateway it's a... In another giant leap for the Open Source community, you can now hack on your own embedded Linux system for under $70. The source code for the ActionTEC Dual modem previously mentioned on Slashdot ('Hacking the Actiontec 56k Modem/Gateway') in September has now been released under the GPL. Downloads available here."

Chris Soghoian writes "The State of Maryland requested an audit of the Diebold electronic voting system by SAIC, after a report released by Johns Hopkins University and Rice Researchers (disclaimer: I'm one of Dr Rubin's students) noted several security issues. A condensed, from 200 to 40 pages, and censored version of the report has been released online (PDF link). The report notes that 'SAIC has identified several high-risk vulnerabilities that, if exploited, could have significant impact upon the AccuVote-TS voting system operation.'" However, Diebold says Maryland are moving forward with installation with "new security features" included, and elsewhere, Badgerman points out "Diebold has shut down blackboxvoting.org, apparently with copyright claims made to their ISP. But you can still go to the blackboxvoting.com site."

jfreon writes "On Democracy Now Bev Harris of BlackBoxVoting fame, disclosed (near the end of the transcript) that in the compromised 1.8Gigs off Diebold's FTP site they uncovered "an actual election file containing actual votes on election day from San Luis Obispo County, California". Problem is, the date stamp was 3:31pm - during voting hours! The Diebold system uses a wireless network card. Worse: "So that means if they can pull the information in, they can also send information back into those machines. ""

laupsavid writes "Here's an interesting interview with government and industry reps on the Black_Box_Voting site. I think it's funny (yet terrifying), almost like an extended Shark-Tank Unclear on the Concept item. They interview Paul Miller, Registration and Systems Manager of the Office of the Secretary of State. Black Box Voting is dedicated to informing people of reasons to reject electronic voting systems. I believe Bev Harris runs the site, and she claims to be an expert on accounting fraud. Also, see this area of the a site called Ecotalk for a list of instances of purported fraud by electronic voting."

laupsavid writes "Here's an interesting interview with government and industry reps on the Black_Box_Voting site. I think it's funny (yet terrifying), almost like an extended Shark-Tank Unclear on the Concept item. They interview Paul Miller, Registration and Systems Manager of the Office of the Secretary of State. Black Box Voting is dedicated to informing people of reasons to reject electronic voting systems. I believe Bev Harris runs the site, and she claims to be an expert on accounting fraud. Also, see this area of the a site called Ecotalk for a list of instances of purported fraud by electronic voting."